last executing test programs: 28m55.085633051s ago: executing program 0 (id=38): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r4, 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r6 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000140)={0x1ff, 0xdddc1000, 0x0, r6, 0x4}) r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0x80000002, [0x0, 0x1, 0x2, 0x3, 0x4]}}], 0x40}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000200)={0x0, &(0x7f0000000500)=[@mrs={0xbe, 0x18, {0x6030000000138056}}], 0x18}, 0x0, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r12, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105}) ioctl$KVM_GET_API_VERSION(r9, 0xae00, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, &(0x7f0000000240)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x90, 0x5, 0x2}}, @hvc={0x32, 0x40, {0x86000001, [0x4, 0x1, 0x7fffffffffffffff, 0x3a32179b, 0x91]}}, @smc={0x1e, 0x40, {0x5000000, [0x0, 0x4, 0x6, 0x4f2e, 0x37]}}, @uexit={0x0, 0x18, 0x6}, @hvc={0x32, 0x40, {0x8400000a, [0xa, 0x0, 0x7, 0x8000000000000001, 0x3]}}, @hvc={0x32, 0x40, {0x84000053, [0x1, 0x8ed, 0x7b0, 0x100000000, 0xfffffffffffffff8]}}, @eret={0xe6, 0x18, 0x1}, @hvc={0x32, 0x40, {0x400, [0x0, 0x8001, 0x100, 0x0, 0xb91]}}, @code={0xa, 0x84, {"008000c80020006f0064007f00bd98d20020b0f2810080d2620080d2e30080d2a40080d2020000d4200b9cd20060b8f2e10080d2820080d2030080d2c40080d2020000d400b8a15e008008d540b08fd20020b8f2810080d2220180d2c30180d2c40180d2020000d4000400380070000f"}}, @msr={0x14, 0x20, {0x603000000013de82, 0x9}}, @mrs={0xbe, 0x18, {0x603000000013e663}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x18, 0xfffffffffffffffd, 0x3}}], 0x28c}, &(0x7f00000000c0)=[@featur1={0x1, 0x81}], 0x1) r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r13, 0xae04) mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r14, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, r14, 0x3000000, 0x4098033, r12, 0x0) 28m40.494362458s ago: executing program 0 (id=41): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x40000, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="be00000000000000180000000000000001c8"], 0x18}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x8}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x5, 0xfffffffb, 0x0, 0x2, 0x9}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000280)=@x86={0xff, 0xf, 0xd, 0x0, 0x3db, 0xf7, 0xf, 0x9, 0x79, 0x6, 0x2, 0x2, 0x0, 0x3, 0xffff4a77, 0x9, 0x9, 0xb2, 0xa, '\x00', 0xbe, 0x6}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = eventfd2(0xeffffffd, 0x801) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000000)={0x200, 0x4000, 0x4, r9, 0x1}) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r9, 0x3}) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f00000000c0)={0x3, 0x0, 0x2, r9, 0xf}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) r11 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2b) ioctl$KVM_IRQFD(r11, 0x4020ae76, &(0x7f0000000240)={r9, 0x200, 0x2, r9}) r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r12, 0xae04) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r13, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r15 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r14, 0xae04) mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r15, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 28m34.0424828s ago: executing program 1 (id=42): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x28) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r3, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000}) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r3, 0x4010aeb5, &(0x7f0000000080)={0x8000000000000001, 0x2}) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r7, 0x4018aee2, &(0x7f0000000140)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0}) ioctl$KVM_RESET_DIRTY_RINGS(r3, 0xaec7) ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r1, 0x4068aea3, 0xfffffffffffffffe) 28m29.185981869s ago: executing program 0 (id=43): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x2, 0x6}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x145541, 0x0) syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x100) r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x8200, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x3b) r9 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x8001}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r10, 0xae80, 0x0) r11 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r12 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x3c) ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r12, 0x4068aea3, &(0x7f0000000240)={0xa8, 0x0, 0x3}) syz_kvm_assert_reg(r10, 0x603000000013dce8, 0x8000) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 28m25.870107709s ago: executing program 1 (id=44): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x0, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000080)={0xeeee8000, 0x2, 0x7, 0x1, 0x4b3}) 28m19.85434549s ago: executing program 1 (id=45): r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x2c01, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100018, &(0x7f0000000100)=0xffffffffffffffff}) (async) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100018, &(0x7f0000000100)=0xffffffffffffffff}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) munmap(&(0x7f0000584000/0x800000)=nil, 0x800000) (async) munmap(&(0x7f0000584000/0x800000)=nil, 0x800000) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f00000001c0)=@arm64_sve_vls={0x606000000015ffff, &(0x7f0000000080)=0x1}) (async) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f00000001c0)=@arm64_sve_vls={0x606000000015ffff, &(0x7f0000000080)=0x1}) ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x5d) (async) ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x5d) 28m13.671780888s ago: executing program 0 (id=46): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x8080, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r1, 0xc020660b, 0xe1) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000080)=[@featur1={0x1, 0x2}], 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x18) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x8080, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CHECK_EXTENSION(r1, 0xc020660b, 0xe1) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000080)=[@featur1={0x1, 0x2}], 0x1) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x18) (async) 28m10.762168529s ago: executing program 1 (id=47): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 32) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000040)=0xef0) (async, rerun: 32) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) close(r6) (async, rerun: 64) close(r7) (rerun: 64) syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000004000000000000000ad770081000000000800000000000000010000000000000002000000000000000300000000000000040000000000000032000000000000004000000000000000530000c400"], 0x80}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000000)={0x2710, 0x6, 0x4, 0x1000, &(0x7f0000ffe000/0x1000)=nil}) (async, rerun: 32) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000000000000000000002000005000000000000000023f1bd87ffffffff0001000000000000f90001000100000001000000000000007b000000000000000900000000000000000000000000000043040000080000000000000000000000000000000000000013ca9a408236e5a8659277e4759ef1805db496404e4741530bbedff03b3027f7de2f92e20de5b28daf39050d3167a5f5e572ee7c7188a671dc8013da723a082f035e2e54da8fbd89da23c7b27094f8bc3a3a0e3859373eb00ac10892c6c6572cac01873fbe39a4a36fc04a98d2b89b5c0ac5d6ca3e6c2a7dfc45f1c3965601abeff3284172532ab1574d5e89967d640c5f78da223293ff46cd974d25995c3724792e2a27657f877bbe9217c73e2ca190fb843fce11f53a69e9bfcc93391a8d8fe1763f0042db24e85e47758de253c620266a7d3568c0d03f9eff38c33302d112c5fa56e0819e3e61ad6b90d65a94e090eee67c0247533929e3240b9d10803f3f39"]) (rerun: 32) 28m4.701904075s ago: executing program 0 (id=48): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x100000000000032) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, 0x0) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x21) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) r8 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r7, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r7, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r9, 0x40086602, 0x110e227ffe) syz_kvm_assert_syzos_uexit$arm64(0x0, 0xffffffffffffffff) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0xc3) 28m3.686761213s ago: executing program 1 (id=49): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000200)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000100)=@arm64_bitmap={0x6030000000160000, &(0x7f00000000c0)=0x1}) r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000340)=0xfffffffffffffffc}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) r10 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f0000000200)=[@hvc={0x32, 0x40, {0x80000000, [0xfffffffffffffde8, 0x3ff, 0x1, 0x200000000f, 0x800000b]}}], 0x40}, 0x0, 0x0) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee2, &(0x7f00000000c0)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0}) syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_DEVICE(r12, 0xc018aec0, &(0x7f00000000c0)={0x1}) ioctl$KVM_RUN(r10, 0xae80, 0x0) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000380)=[{0x0, &(0x7f0000000200)=[@eret={0xe6, 0x18, 0x8}], 0x18}], 0x1, 0x0, 0x0, 0x0) 27m55.296025865s ago: executing program 0 (id=50): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20e0c0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async) r11 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0xffffffffffffffff}}], 0x20}, &(0x7f00000000c0)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000100)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000200)=0x18}) (async) ioctl$KVM_RUN(r14, 0xae80, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) (async) ioctl$KVM_RUN(r6, 0xae80, 0x0) r15 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r15, 0x4008ae6a, &(0x7f00000002c0)={0x2, 0x0, [{0x0, 0x2, 0x1, 0x0, @adapter={0xffffffff87bdf123, 0x100, 0xfffffffffffffff9, 0x4, 0x80000001}}, {0x10000, 0x1, 0x1, 0x0, @adapter={0x7b, 0x9, 0x0, 0x443, 0x8}}]}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x3fb, 0x2, 0x3000, 0x1000, &(0x7f0000ffe000/0x1000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0xa, 0x8080000, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) (async) r16 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r17 = ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0) r18 = syz_kvm_vgic_v3_setup(r17, 0x1, 0x100) ioctl$KVM_SET_DEVICE_ATTR(r18, 0x4018aee1, &(0x7f0000000300)=@attr_other={0x0, 0x9, 0x2, &(0x7f0000000240)=0xa}) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) 27m51.73178349s ago: executing program 1 (id=51): openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x8}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x5, 0xfffffffe, 0x0, 0x0, 0x79}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async) r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x7, 0x88000002}}) (async) ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x7, 0x88000002}}) syz_kvm_vgic_v3_setup(r1, 0x0, 0x400) 27m8.940454317s ago: executing program 32 (id=50): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20e0c0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async) r11 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0xffffffffffffffff}}], 0x20}, &(0x7f00000000c0)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000100)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000200)=0x18}) (async) ioctl$KVM_RUN(r14, 0xae80, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) (async) ioctl$KVM_RUN(r6, 0xae80, 0x0) r15 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r15, 0x4008ae6a, &(0x7f00000002c0)={0x2, 0x0, [{0x0, 0x2, 0x1, 0x0, @adapter={0xffffffff87bdf123, 0x100, 0xfffffffffffffff9, 0x4, 0x80000001}}, {0x10000, 0x1, 0x1, 0x0, @adapter={0x7b, 0x9, 0x0, 0x443, 0x8}}]}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x3fb, 0x2, 0x3000, 0x1000, &(0x7f0000ffe000/0x1000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0xa, 0x8080000, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) (async) r16 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r17 = ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0) r18 = syz_kvm_vgic_v3_setup(r17, 0x1, 0x100) ioctl$KVM_SET_DEVICE_ATTR(r18, 0x4018aee1, &(0x7f0000000300)=@attr_other={0x0, 0x9, 0x2, &(0x7f0000000240)=0xa}) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) 27m4.810215438s ago: executing program 33 (id=51): openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x8}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x5, 0xfffffffe, 0x0, 0x0, 0x79}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async) r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x7, 0x88000002}}) (async) ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x7, 0x88000002}}) syz_kvm_vgic_v3_setup(r1, 0x0, 0x400) 20m54.305484719s ago: executing program 2 (id=62): munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (async) r1 = openat$kvm(0x0, 0x0, 0x400402, 0x0) ioctl$KVM_CHECK_EXTENSION(r1, 0x40086602, 0x110e22ffff) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000040)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x5421, &(0x7f00000000c0)=@attr_arm64={0x0, 0x9, 0x1, &(0x7f0000000040)=0xab}) (async) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0) (async, rerun: 32) r6 = eventfd2(0xfffffffa, 0x80001) (rerun: 32) write$eventfd(r6, &(0x7f0000000200)=0x8, 0x8) syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="37d3116035d7513e9a000200018000", 0x0, 0x43) (async) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x20000000) (async, rerun: 32) ioctl$KVM_CHECK_EXTENSION(r2, 0x40086602, 0x110e227ffe) (rerun: 32) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x28) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur1={0x1, 0x8}], 0x1) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_RUN(r10, 0xae80, 0x0) syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) 20m45.87409731s ago: executing program 3 (id=63): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f00000003c0)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x0, 0xf, 0x2}}], 0x30}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 64) r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (rerun: 64) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x6}) (async) r9 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000002c0)={0x0, &(0x7f0000000200)=[@code={0xa, 0x84, {"0000004a00cf85d20040b0f2e10080d2420080d2830080d2840080d2020000d4007008d500004078007008d560548cd200c0b8f2410180d2220080d2a30080d2240180d2020000d4000028d5007008d5406584d200c0b8f2c10180d2c20180d2c30180d2a40080d2020000d400d8a12e"}}], 0x84}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r9, 0xae80, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) (async) r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) r13 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f00000001c0)=@arm64_fp_extra={0x60200000001000d4, &(0x7f0000000100)=0x7}) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r15, 0xae03, 0x24) r16 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r17 = ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r17, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) 20m42.150035718s ago: executing program 2 (id=64): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x4, 0x220) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 20m34.533061469s ago: executing program 3 (id=65): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x21) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000000)={0xb}) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1) syz_kvm_setup_cpu$arm64(r0, r1, &(0x7f0000bfd000/0x400000)=nil, &(0x7f00000001c0)=[{0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x2, [0x1e, 0x1000, 0x2, 0x6, 0x3]}}, @irq_setup={0x46, 0x18, {0x1, 0x162}}, @mrs={0xbe, 0x18, {0x603000000013e08a}}, @msr={0x14, 0x20, {0x603000000013c685, 0x7}}, @irq_setup={0x46, 0x18, {0x2, 0x179}}, @code={0xa, 0x84, {"007008d5c01b99d20000b0f2610080d2220180d2a30080d2c40180d2020000d40074200e007008d5007008d5803288d20040b0f2210180d2820180d2a30180d2c40080d2020000d400db90d20060b8f2810080d2e20080d2430080d2240180d2020000d4000028d5000008d5000028d5"}}, @msr={0x14, 0x20, {0x603000000013e4c8, 0x3}}, @mrs={0xbe, 0x18, {0x603000000013e08d}}], 0x164}], 0x1, 0x0, &(0x7f0000000200)=[@featur2], 0x1) ioctl$KVM_SET_SREGS(r1, 0x4000ae84, &(0x7f0000000240)={{0xf7f78000, 0x2000, 0xa, 0xc, 0x9, 0x3, 0x8, 0xf, 0x9, 0x5, 0x7, 0x4}, {0x1, 0x4, 0x672819b66043473c, 0xc, 0x9, 0x9, 0x5, 0x6, 0x80, 0x0, 0x9, 0x18}, {0x4, 0x2000, 0xc, 0x40, 0x3, 0xff, 0xd3, 0x9, 0x40, 0x91, 0x0, 0x2}, {0xd000, 0x1, 0xa, 0x4, 0x7, 0x6, 0x6a, 0x6, 0x14, 0xf7, 0x9, 0x9}, {0x3000, 0x10000, 0x0, 0x4, 0x3, 0x7, 0x7d, 0x4, 0x1, 0xfd, 0x2, 0x6}, {0xdddd0000, 0xeeee8000, 0xa, 0x9, 0x6, 0x34, 0x4, 0x5, 0xaa, 0x1, 0x0, 0x8}, {0x7157b7be370c9d85, 0xeeee0000, 0x4, 0x1c, 0xa, 0x5c, 0xd, 0x8, 0x4, 0xd, 0x2, 0x1}, {0xeeee8000, 0xdddd1000, 0xe, 0x0, 0x4, 0x1, 0x6, 0x0, 0x7, 0x4, 0xff, 0xfb}, {0xdddd1000, 0x8}, {0xeeee0000, 0xa1}, 0xd, 0x0, 0xdddd0000, 0x325c8, 0xb, 0x0, 0x10000, [0xe2, 0xb9f9, 0x528, 0x40]}) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r1, 0x4018aee2, &(0x7f0000000380)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0xa95}) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x23) syz_kvm_vgic_v3_setup(r2, 0x1, 0x380) r3 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r4 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000680)={0x0, &(0x7f00000003c0)=[@its_setup={0x82, 0x28, {0x2, 0x1, 0xd8}}, @eret={0xe6, 0x18}, @mrs={0xbe, 0x18, {0x603000000013e6c4}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0xfb}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x3, 0x3, 0x9, 0xc88, 0x3}}, @mrs={0xbe, 0x18}, @msr={0x14, 0x20, {0x603000000013df74, 0x400}}, @eret={0xe6, 0x18, 0x7}, @hvc={0x32, 0x40, {0x84000009, [0x3, 0xff, 0x1, 0x7, 0x8]}}, @code={0xa, 0x84, {"0000c079000008d5007008d5806b90d20000b8f2e10180d2e20180d2230080d2240080d2020000d40008285ea0858bd200e0b8f2410080d2820080d2c30080d2840080d2020000d4a01f82d200a0b8f2e10080d2020080d2430080d2e40080d2020000d4007008d5007008d5007008d5"}}, @uexit={0x0, 0x18, 0x1}, @code={0xa, 0xb4, {"c07786d20060b8f2810080d2020180d2e30080d2240180d2020000d4007008d5007008d5201c8bd20060b8f2210180d2620180d2030180d2640180d2020000d4406491d200c0b0f2e10080d2a20080d2230080d2840080d2020000d400e99cd20020b8f2410180d2420180d2230180d2c40180d2020000d4e0418fd20080b0f2810080d2020080d2630180d2e40080d2020000d40020206e000028d5000000d8"}}, @uexit={0x0, 0x18, 0x8000}], 0x2a0}, &(0x7f00000006c0)=[@featur2={0x1, 0x2}], 0x1) syz_kvm_setup_cpu$arm64(r0, r4, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000d00)=[{0x0, &(0x7f0000000700)=[@its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x0, 0x4, 0x64d, 0xfffffff7, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x2, 0xe, 0x52c3, 0x31da, 0x4}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x7fe8, 0xc, 0x9}}, @code={0xa, 0x9c, {"000020d4008008d50000005e007008d5c0b78bd200a0b0f2a10180d2a20180d2e30080d2640180d2020000d480c885d200e0b0f2010180d2c20180d2c30080d2a40180d2020000d4009183d20060b8f2a10080d2020180d2230080d2a40080d2020000d4007008d50004007ca0d586d20060b0f2010080d2c20080d2430180d2c40180d2020000d4"}}, @memwrite={0x6e, 0x30, @generic={0xeeee8000, 0x500, 0x8, 0x9}}, @code={0xa, 0x6c, {"008008d5000028d50020c09a80ae96d20040b8f2610180d2c20080d2630180d2240180d2020000d440b39dd20080b8f2610180d2a20080d2e30180d2240080d2020000d40080204e0028200e000008d5008040c8000c0038"}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x0, 0xf, 0x4, 0x3ff, 0x4}}, @irq_setup={0x46, 0x18, {0x3, 0xdc}}, @eret={0xe6, 0x18, 0x1}, @eret={0xe6, 0x18, 0x922}, @eret={0xe6, 0x18, 0xfa}, @svc={0x122, 0x40, {0x3000000, [0x2, 0x8, 0x4, 0x475, 0x6]}}, @irq_setup={0x46, 0x18, {0x3, 0xee}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x3, 0x9}}, @irq_setup={0x46, 0x18, {0x4, 0x207}}, @smc={0x1e, 0x40, {0x80000001, [0x8001, 0xffffffffffffffff, 0x10, 0x3, 0x1]}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0xc2}}, @mrs={0xbe, 0x18, {0x603000000013800e}}, @svc={0x122, 0x40, {0x40, [0x6, 0x8, 0x40, 0x8000000000000000, 0x3]}}, @smc={0x1e, 0x40, {0x2000, [0x80000000, 0xd, 0x7, 0xa3d3, 0x1000]}}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x2d1}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x96}}, @irq_setup={0x46, 0x18, {0x4, 0x1ca}}, @code={0xa, 0x9c, {"1f2003d5407e99d20020b8f2610180d2220180d2e30080d2640180d2020000d4608583d200e0b8f2210080d2a20180d2830180d2640180d2020000d4603b87d200e0b8f2410080d2420080d2e30180d2640080d2020000d4000028d50078201e000028d50004005e000008d500ef9ad200c0b8f2e10180d2820180d2030080d2840180d2020000d4"}}, @hvc={0x32, 0x40, {0xc5000021, [0xfff, 0x3ff, 0x3, 0x4, 0x1000]}}, @eret={0xe6, 0x18, 0x7}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x4, 0x3, 0x1ff, 0x3, 0x3}}, @eret={0xe6, 0x18, 0xa}, @uexit={0x0, 0x18, 0x1}, @smc={0x1e, 0x40, {0xc4000003, [0x3, 0x2, 0x2, 0x10, 0x3]}}], 0x5cc}], 0x1, 0x0, &(0x7f0000000d40), 0x1) r5 = eventfd2(0xff, 0x800) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) mmap$KVM_VCPU(&(0x7f0000ec0000/0x2000)=nil, r6, 0x1, 0x12, r3, 0x0) syz_kvm_setup_cpu$arm64(r2, r1, &(0x7f0000b54000/0x400000)=nil, &(0x7f0000000f00)=[{0x0, &(0x7f0000000d80)=[@smc={0x1e, 0x40, {0xc4000004, [0x80, 0xfffffffffffffff9, 0x783, 0x5, 0x1]}}, @smc={0x1e, 0x40, {0xc400000e, [0xfffffffffffffff8, 0x3ff, 0xa, 0x4, 0x7fffffff]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x1, 0x4, 0xfffff804, 0x5}}, @hvc={0x32, 0x40, {0x4000, [0x3ccc, 0x3, 0x8, 0x10001, 0x40]}}, @mrs={0xbe, 0x18, {0x603000000013e000}}, @eret={0xe6, 0x18, 0x1}, @msr={0x14, 0x20, {0x603000000013def5, 0x100}}], 0x168}], 0x1, 0x0, &(0x7f0000000f40)=[@featur1={0x1, 0x80}], 0x1) r7 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000fc0)=@arm64_core={0x6030000000100026, &(0x7f0000000f80)=0x80000001}) mmap$KVM_VCPU(&(0x7f0000b98000/0x4000)=nil, r6, 0x2000002, 0x30, r4, 0x0) ioctl$KVM_RESET_DIRTY_RINGS(r2, 0xaec7) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000001000)={r5, 0x8459, 0x2, r5}) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000a83000/0x400000)=nil) eventfd2(0x7, 0x800) r8 = ioctl$KVM_GET_STATS_FD_vm(r0, 0xaece) ioctl$KVM_SET_GSI_ROUTING(r8, 0x4008ae6a, &(0x7f0000001040)={0x6, 0x0, [{0x9, 0x5, 0x0, 0x0, @sint={0x3ff, 0x6}}, {0x8, 0x1, 0x0, 0x0, @sint={0x51, 0xd}}, {0x5ff25acd, 0x2, 0x1, 0x0, @irqchip={0x0, 0x3e59}}, {0x4, 0x1, 0x1, 0x0, @msi={0x9, 0x5, 0x4, 0x8}}, {0x8000, 0x5, 0x0, 0x0, @adapter={0xdbe9, 0x3, 0x7fffffff, 0x401, 0x4}}, {0x3, 0x3, 0x1, 0x0, @adapter={0x1, 0xa, 0x0, 0x4, 0x4000000}}]}) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r8, 0x4010aeb5, &(0x7f0000001180)={0x0, 0x6}) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000011c0)=0x2) write$eventfd(r8, &(0x7f0000001200)=0x4, 0x8) openat$kvm(0xffffffffffffff9c, &(0x7f0000001240), 0x4, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000001280)={0x10003, 0x4, 0x8000000, 0x1000, &(0x7f0000f3c000/0x1000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4360ae82, &(0x7f00000012c0)={[0x2, 0x8001, 0xf, 0x24000000000000, 0x3002da81, 0x8, 0x3, 0x6, 0x8c24, 0x0, 0x40, 0x200, 0x8, 0x3, 0x8, 0x8], 0x0, 0x200}) 20m27.963196397s ago: executing program 2 (id=66): openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x101840, 0x0) (async, rerun: 64) r0 = openat$kvm(0x0, &(0x7f0000000000), 0x4e86c0, 0x0) (rerun: 64) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) mmap$KVM_VCPU(&(0x7f0000c6a000/0x3000)=nil, 0x930, 0x1000003, 0x28031, r0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x28) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x101fd, 0x2, 0xdddd1000, 0x1000, &(0x7f0000ecd000/0x1000)=nil}) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x2, 0x9}}], 0x50}, 0x0, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) (async) ioctl$KVM_RUN(r8, 0xae80, 0x0) (async) ioctl$KVM_GET_VCPU_EVENTS(r8, 0x8040ae9f, &(0x7f0000000180)=@arm64) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x2}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) (async) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r10, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) (async, rerun: 64) munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) (async, rerun: 64) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) 20m26.832332149s ago: executing program 3 (id=67): r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r3 = openat$kvm(0x0, &(0x7f0000000100), 0x443400, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) (async, rerun: 64) r6 = openat$kvm(0x0, &(0x7f00000001c0), 0x80041, 0x0) (rerun: 64) ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000000)={0xdddd0000, 0x1000, 0xf3, 0x0, 0x7}) (async) r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) mmap$KVM_VCPU(&(0x7f0000007000/0x2000)=nil, r7, 0x3, 0x110, r5, 0x0) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x2000002, 0x11, r5, 0x0) (async) r8 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0) (async) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) r12 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r11, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r11, 0x0) r13 = eventfd2(0x0, 0x0) close(r13) (async, rerun: 32) openat$kvm(0xffffff9c, &(0x7f0000000140), 0x4807b2, 0x1f01) (async, rerun: 32) write$eventfd(r13, &(0x7f0000000180)=0x5, 0xfffffde3) (async) close(r3) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) (async) r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x2c) r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil) r17 = syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r17, 0x4010aeac, &(0x7f0000000040)=@arm64_bitmap={0x6030000000160000, &(0x7f0000000000)=0xe}) 20m18.262269355s ago: executing program 2 (id=68): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_RESET_DIRTY_RINGS(r1, 0xaec7) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0) 20m15.753537802s ago: executing program 3 (id=69): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x400000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x200, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x3}}], 0x68}, 0x0, 0x0) ioctl$KVM_GET_STATS_FD_cpu(r5, 0xaece) r6 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x6, 0x4, 0x0}) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve_vls={0x606000000015ffff, 0x0}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8521, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0x5452, 0x3a) r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04) r13 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000ffc000/0x3000)=nil, r12, 0x4, 0x10, r13, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x9) 20m7.577987049s ago: executing program 2 (id=70): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r0, 0x2, 0x0) ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1}) ioctl$KVM_RUN(r1, 0xae80, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) syz_kvm_setup_cpu$arm64(r5, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r3, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="4600000000000000180000000000000001000000a0"], 0x18}], 0x1, 0x0, 0x0, 0x0) r7 = ioctl$KVM_GET_STATS_FD_vm(r3, 0xaece) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x13) syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) r8 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x15) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r8, 0x4010ae68, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x82203, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, 0x0) ioctl$KVM_GET_STATS_FD_cpu(r6, 0xaece) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x2b) ioctl$KVM_REGISTER_COALESCED_MMIO(r10, 0x4010ae67, &(0x7f0000000240)={0x1, 0xe000, 0x1}) ioctl$KVM_REGISTER_COALESCED_MMIO(r10, 0x4010ae67, &(0x7f0000000080)={0x3000, 0x122000, 0x1}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r10, 0x4010ae68, &(0x7f0000001480)={0xfdfd, 0x13000, 0x1}) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) 20m1.023421536s ago: executing program 3 (id=71): openat$kvm(0x0, &(0x7f0000000140), 0x212102, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f0000000140), 0x212102, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) (async) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0) openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async) r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_IRQ_LINE(r5, 0x4008ae61, &(0x7f0000000000)={0x80, 0x7}) (async) ioctl$KVM_IRQ_LINE(r5, 0x4008ae61, &(0x7f0000000000)={0x80, 0x7}) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) (async) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r9, 0xae03, 0x42) (async) ioctl$KVM_CHECK_EXTENSION_VM(r9, 0xae03, 0x42) r10 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000180)={0x0, &(0x7f0000000040)=[@mrs={0xbe, 0x18, {0x603000000013dce0}}], 0x18}, &(0x7f0000000000)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r13, 0xae80, 0x0) (async) ioctl$KVM_RUN(r13, 0xae80, 0x0) r14 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil) (async) r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil) r17 = syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0xffffffffffffffff}}], 0x20}, &(0x7f00000000c0), 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r17, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r17, 0xae80, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 19m46.634885717s ago: executing program 3 (id=72): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r5, 0x4010aeb5, &(0x7f00000001c0)={0x53b, 0xffffffffffffffbd}) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x11) r7 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000000)={0x7}) r9 = eventfd2(0x0, 0x80800) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x0, r9}) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f00000000c0)={0x8}) mmap$KVM_VCPU(&(0x7f0000eb4000/0x1000)=nil, 0x930, 0x0, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_SIGNAL_MSI(r8, 0x4020aea5, &(0x7f0000000000)={0x6000}) r10 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r13, 0x2, 0x10000000000000) ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100010, &(0x7f0000000100)}) r14 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r14, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0xfffffffffffffffe}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x0, 0x0, 0x6, 0x0, 0x9}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) 19m42.447362491s ago: executing program 2 (id=73): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_GET_STATS_FD_vm(r2, 0xaece) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r3, &(0x7f0000447000/0x400000)=nil, &(0x7f0000000380)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000080)=[@featur1={0x1, 0x2}], 0x1) r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x34) r6 = eventfd2(0x8, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = eventfd2(0x8, 0x80800) r10 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000000000/0x400000)=nil) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f0000000000)=0xf4020000}) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000040)={0x9, 0x8000000, 0x1, r9}) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xdddd1000, 0x0, r9}) ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f00000000c0)={r6, 0x10, 0x1, r9}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 18m59.509585335s ago: executing program 34 (id=72): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r5, 0x4010aeb5, &(0x7f00000001c0)={0x53b, 0xffffffffffffffbd}) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x11) r7 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000000)={0x7}) r9 = eventfd2(0x0, 0x80800) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x0, r9}) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f00000000c0)={0x8}) mmap$KVM_VCPU(&(0x7f0000eb4000/0x1000)=nil, 0x930, 0x0, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_SIGNAL_MSI(r8, 0x4020aea5, &(0x7f0000000000)={0x6000}) r10 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r13, 0x2, 0x10000000000000) ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100010, &(0x7f0000000100)}) r14 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r14, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0xfffffffffffffffe}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x0, 0x0, 0x6, 0x0, 0x9}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) 18m52.735182125s ago: executing program 35 (id=73): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_GET_STATS_FD_vm(r2, 0xaece) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r3, &(0x7f0000447000/0x400000)=nil, &(0x7f0000000380)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000080)=[@featur1={0x1, 0x2}], 0x1) r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x34) r6 = eventfd2(0x8, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = eventfd2(0x8, 0x80800) r10 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000000000/0x400000)=nil) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f0000000000)=0xf4020000}) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000040)={0x9, 0x8000000, 0x1, r9}) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xdddd1000, 0x0, r9}) ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f00000000c0)={r6, 0x10, 0x1, r9}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 10m43.610181575s ago: executing program 5 (id=76): munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x80111500, 0x20000000) r0 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x12, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x4002, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f00000011c0)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f00000000c0)=0x8}) r5 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x16, 0x4, 0x1}}) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x149e42, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x21) r10 = eventfd2(0x0, 0x0) close(r10) r11 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2) r12 = mmap$KVM_VCPU(&(0x7f0000ce9000/0x3000)=nil, 0x0, 0x800002, 0x11, r11, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x5452, 0xa00000000000000) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r11, 0x0) r13 = openat$kvm(0x0, &(0x7f0000000040), 0x4c4882, 0x0) ioctl$KVM_CHECK_EXTENSION(r13, 0x40086602, 0x110e227ffe) r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x3) 10m41.514489704s ago: executing program 4 (id=77): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f0000000380)=[@smc={0x1e, 0x40, {0x32000000, [0x2, 0xfffffffffffffffc, 0x2, 0x2, 0xa0de]}}, @msr={0x14, 0x20, {0x603000000013c028, 0x1}}, @msr={0x14, 0x20, {0x603000000013c663, 0x80}}, @eret={0xe6, 0x18, 0xd4eb}, @msr={0x14, 0x20, {0x603000000013e66b, 0xcc}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x104, 0x5, 0xe}}, @code={0xa, 0x54, {"000028d500ec207e0000206a007008d50088202e00000091007008d50004809a007008d5a01097d200c0b8f2210180d2c20180d2830080d2e40080d2020000d4"}}, @code={0xa, 0xb4, {"c05886d20040b0f2610180d2c20180d2c30080d2e40080d2020000d40020206e008008d500b389d20000b0f2010080d2220180d2830180d2c40080d2020000d4403f9fd20040b0f2610180d2e20180d2a30180d2c40180d2020000d4007008d50008601ee08884d20060b8f2210180d2820080d2230180d2240180d2020000d4a01296d200c0b0f2010080d2620180d2a30080d2040080d2020000d4007008d5"}}, @msr={0x14, 0x20, {0x603000000013c006, 0x100000000}}, @mrs={0xbe, 0x18, {0x603000000013def5}}, @code={0xa, 0x54, {"007008d5001c202e008008d5c06d80d200c0b8f2a10080d2a20180d2630080d2e40080d2020000d40000719e007008d5000028d50000201e007008d5007008d5"}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x37f}}, @svc={0x122, 0x40, {0x2, [0x5e, 0xfffffffffffffff9, 0xc]}}, @msr={0x14, 0x20, {0x603000000013e289, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x0, 0x7, 0x6, 0xd304, 0x3}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x2, 0x6, 0xf97, 0x2}}, @code={0xa, 0x84, {"402691d200e0b8f2610080d2c20080d2a30080d2240080d2020000d4000028d50020bf0d008008d5007008d50028c01ac05d87d200e0b0f2a10080d2e20180d2c30080d2040180d2020000d4e0708bd200a0b0f2010080d2a20180d2830080d2440180d2020000d4008008d50038201e"}}, @code={0xa, 0x84, {"c0f09bd20000b8f2810080d2020080d2430180d2e40180d2020000d400a988d20060b0f2c10180d2e20180d2230180d2a40180d2020000d4008008d5000008d540e586d20000b8f2010080d2620180d2830080d2a40080d2020000d40004007f000800780000021e007008d50080a09b"}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x2, 0x0, 0x4, 0x7, 0x4}}, @uexit={0x0, 0x18, 0x1}, @hvc={0x32, 0x40, {0x84000004, [0x8ba3, 0xd, 0x31f2, 0x7]}}, @code={0xa, 0x9c, {"407b9fd20080b0f2210180d2a20180d2a30180d2a40080d2020000d4a08a8ed20080b0f2e10180d2820080d2e30080d2e40080d2020000d4e0079f1a000028d580c69ed200e0b8f2410180d2a20180d2c30080d2040080d2020000d4007008d50000802c00b698d20080b8f2810080d2820080d2a30080d2a40080d2020000d41f2003d50000200e"}}], 0x578}, &(0x7f0000000040)=[@featur1={0x1, 0x24}], 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION(r8, 0xae03, 0x10) r9 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000440)=@arm64_core={0x603000000010003c, &(0x7f0000000100)=0x1}) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x2) r10 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_other={0x0, 0x2, 0x287, 0x0}) r11 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f0000000900)=[@svc={0x122, 0x40, {0x84000008, [0x2, 0x0, 0x7, 0xec5, 0xb1]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x58, 0x7}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x2, 0x9, 0x80000000, 0x3}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff0, 0x200, 0x8}}, @eret={0xe6, 0x18, 0x5}, @smc={0x1e, 0x40, {0x30000000, [0x5, 0x3679, 0x7, 0x0, 0x2]}}, @smc={0x1e, 0x40, {0x80000001, [0x8001, 0x4, 0x9, 0x4, 0x7]}}, @code={0xa, 0xb4, {"008020c800d495d200a0b0f2e10180d2220180d2430180d2e40180d2020000d440be83d20080b0f2a10180d2e20180d2630180d2640180d2020000d4006c200e602e94d200e0b8f2810080d2e20180d2230080d2440080d2020000d4e05e98d20000b8f2e10180d2c20180d2630080d2040180d2020000d4000028d5e0fa85d20000b0f2810180d2820080d2030080d2240080d2020000d4007008d5004c205e"}}, @eret={0xe6, 0x18, 0x2}, @hvc={0x32, 0x40, {0x8600ff01, [0x6, 0x9, 0x7, 0xe54, 0x73]}}, @irq_setup={0x46, 0x18, {0x4, 0x31a}}, @msr={0x14, 0x20, {0x603000000013806d, 0x2bf4ee3}}], 0x2a4}, &(0x7f00000000c0)=[@featur1={0x1, 0x2}], 0x1) ioctl$KVM_SET_VCPU_EVENTS(r11, 0x4040aea0, &(0x7f0000000100)=@x86={0x7e, 0xc, 0x2, 0x0, 0x9, 0x12, 0xf8, 0xf0, 0xfb, 0x8, 0x0, 0x8, 0x0, 0x1, 0x16, 0xd, 0x9, 0x0, 0x71, '\x00', 0x6, 0x3}) 10m26.440300605s ago: executing program 4 (id=78): openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r0, 0x2, 0x0) ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1}) ioctl$KVM_RUN(r1, 0xae80, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3e) r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x105000, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_kvm_setup_cpu$arm64(r4, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r2, r5, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="4600000000000000180000000000000001000000a0"], 0x18}], 0x1, 0x0, 0x0, 0x0) r6 = ioctl$KVM_GET_STATS_FD_vm(r2, 0xaece) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x13) syz_kvm_vgic_v3_setup(r2, 0x1, 0x0) r7 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3b) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r7, 0x4010ae68, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2ce383, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, 0x0) ioctl$KVM_GET_STATS_FD_cpu(r5, 0xaece) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0x80811501, 0x20000000) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) 10m19.520315855s ago: executing program 5 (id=79): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) syz_kvm_vgic_v3_setup(r1, 0x1, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000040)=0x656}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000080)=0x30}) r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013df19, 0x8003}}], 0x20}, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) 10m16.602215465s ago: executing program 4 (id=80): r0 = openat$kvm(0x0, &(0x7f00000001c0), 0x1e3603, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1b) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r5, 0x0) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r5, &(0x7f0000009000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) mmap$KVM_VCPU(&(0x7f000029c000/0x3000)=nil, 0x0, 0x2, 0x4000010, r5, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x341302, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000200)={0x0, &(0x7f0000000500)=[@mrs={0xbe, 0x18, {0x6030000000138056}}], 0x18}, 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x22300, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x28) r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f00004e3000/0x2000)=nil, 0x930, 0xa, 0x2013, r15, 0x40000) ioctl$KVM_CREATE_VM(r12, 0x400454d9, 0x0) ioctl$KVM_RUN(r9, 0xae80, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105}) ioctl$KVM_SET_DEVICE_ATTR_vm(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9e, 0x80800000, 0x2}}) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x600000b, 0x4d832, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) syz_kvm_setup_cpu$arm64(r14, r15, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000180)=[{0x0, 0x0, 0xfffffffffffffe20}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100032, &(0x7f00000000c0)=0x3ff}) 10m5.095359252s ago: executing program 5 (id=81): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ARM_SET_DEVICE_ADDR(r1, 0x4010aeab, &(0x7f0000000000)={0x1, 0x8000001}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) syz_kvm_assert_reg(r6, 0x603000000013df1a, 0x8000) r7 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000040)={0x0, 0x0}, 0x0, 0x4b) syz_kvm_assert_reg(r11, 0x603000000013df02, 0x8000) (async) r12 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, &(0x7f0000000240)=[@memwrite={0x6e, 0x30, @generic={0xeeef0000, 0xebc, 0x6, 0x4}}], 0x30}, 0x0, 0x0) r14 = syz_kvm_vgic_v3_setup(r7, 0x4, 0x300) openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async) r15 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x3c) ioctl$KVM_IOEVENTFD(r15, 0x4040ae79, &(0x7f0000000080)={0xfffffffffffffffa, 0x2, 0x4, 0xffffffffffffffff, 0x8a4fa382f1515d0b}) (async) ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x0, 0x1, &(0x7f0000000180)=0x6ec}) (async) ioctl$KVM_RUN(r13, 0xae80, 0x0) (async, rerun: 64) r16 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) (rerun: 64) mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, r16, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0xb}) ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) 9m55.98032456s ago: executing program 4 (id=82): r0 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x9) ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r2, 0x4068aea3, 0xfffffffffffffffe) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x12}) ioctl$KVM_CREATE_VM(r0, 0x401c5820, 0x20000000) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f00000011c0)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f00000000c0)=0x8}) r9 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r9, 0x8030aeb4, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9e, 0x7fffffff, 0x2}}) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x2, 0x0}) 9m48.45040591s ago: executing program 5 (id=83): mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x200000a, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0xffffffffffffffff}}], 0x20}, &(0x7f00000000c0)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async) ioctl$KVM_RUN(r4, 0xae80, 0x0) (async) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async) r8 = syz_kvm_vgic_v3_setup(r5, 0x2, 0x100) (async) r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r9, 0x3, 0x11, 0xffffffffffffffff, 0x0) r11 = mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r9, 0x3, 0x11, r7, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000000)=0x3}) (async) ioctl$KVM_RUN(r7, 0xae80, 0x0) (async) syz_kvm_assert_syzos_uexit$arm64(r11, 0xffffffffffffffff) (async) ioctl$KVM_IRQ_LINE(r5, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1}) (async) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async) syz_kvm_assert_syzos_uexit$arm64(r10, 0xfffffffffffffffe) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) 9m37.370180894s ago: executing program 5 (id=84): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x1, 0xf000, 0x1, 0xffffffffffffffff, 0x20}) 9m32.863979743s ago: executing program 4 (id=85): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r2 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, r1, 0x3, 0x11, r2, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4c9f0fffff1ff7b41445c0854865801c3e2f53d7da546106124f10fbc0686bf6101000000d4913923b8364e00", 0x0, 0xfffffffffffffdd7) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async) openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, r1, 0x3, 0x11, r2, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) (async) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4c9f0fffff1ff7b41445c0854865801c3e2f53d7da546106124f10fbc0686bf6101000000d4913923b8364e00", 0x0, 0xfffffffffffffdd7) (async) 9m25.926784475s ago: executing program 5 (id=86): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8521, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x2710, 0x2, 0x8000000, 0x2000, &(0x7f0000ddc000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8521, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x2710, 0x2, 0x8000000, 0x2000, &(0x7f0000ddc000/0x2000)=nil}) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) 9m22.722038994s ago: executing program 4 (id=87): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x1a5004, 0x0) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r4, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) r5 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece) mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, r4, 0x2000005, 0x10010, r5, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x210040, 0x0) ioctl$KVM_GET_API_VERSION(r3, 0xae00, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000240)=0x1000008080000}) 8m38.042403887s ago: executing program 36 (id=86): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8521, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x2710, 0x2, 0x8000000, 0x2000, &(0x7f0000ddc000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8521, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x2710, 0x2, 0x8000000, 0x2000, &(0x7f0000ddc000/0x2000)=nil}) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) 8m33.122820178s ago: executing program 37 (id=87): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x1a5004, 0x0) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r4, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) r5 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece) mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, r4, 0x2000005, 0x10010, r5, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x210040, 0x0) ioctl$KVM_GET_API_VERSION(r3, 0xae00, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000240)=0x1000008080000}) 1m5.121165281s ago: executing program 6 (id=88): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x400000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000000000000000000002000000ff"]) (async, rerun: 64) r2 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 64) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = eventfd2(0xfffffffa, 0x80001) ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r5}) (async) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000000)={0x100000, 0x37d03030d7a92616}) (async, rerun: 32) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 32) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100004, &(0x7f0000000200)=0xc5c5}) (async, rerun: 64) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) (rerun: 64) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x28) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) (async) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000080)={0x101fd, 0x2, 0xdddd1000, 0x1000, &(0x7f0000ecd000/0x1000)=nil}) (async) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000180)={0x5000}) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async) r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r14, 0x4008ae6a, &(0x7f0000000080)={0x2, 0x0, [{0x3, 0x2, 0x0, 0x0, @adapter={0x2, 0x8000, 0x4003, 0x40, 0x5}}, {0x3, 0x2, 0x1, 0x0, @msi={0x404, 0xfdd, 0x9, 0x101}}]}) (async, rerun: 64) mmap$KVM_VCPU(&(0x7f0000001000/0x2000)=nil, 0x930, 0x2000003, 0x4120932, 0xffffffffffffffff, 0x0) (rerun: 64) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) 56.713545855s ago: executing program 7 (id=89): openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x88000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000280)={0x14, 0xff, 0x1}}) r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0xa, 0x4}}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r10, 0xae80, 0x0) r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG_arm64(r13, 0x4208ae9b, &(0x7f0000000300)={0x40000, 0x0, {[0x41, 0xffffffffffffffff, 0xa, 0x7, 0xfffffffffffffffb, 0x4ecaef11, 0x8000000000000000, 0x8, 0x6, 0x0, 0x4, 0xfffffffffffffffe, 0x9f45, 0x1, 0x0, 0x3], [0x1, 0x40, 0x9, 0x3400000000000000, 0x3, 0x1000, 0x4, 0x7fffffffffffffff, 0x4, 0xba78, 0x80000001, 0x2, 0x6, 0x1, 0x9, 0x8], [0x0, 0x4, 0x100000000, 0x284, 0x9, 0xffffffffffffffff, 0x8, 0xb9, 0x5, 0x1de, 0x3, 0x8, 0x1000, 0x3c9, 0x7, 0x38], [0x0, 0x9, 0x5, 0x4, 0xffffffffffffffff, 0x100000001, 0x3, 0xfffffffffffffff6, 0x1, 0x7, 0x9, 0x7ff, 0x1, 0x401, 0x1, 0x5]}}) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000200)=@arm64_fp_extra={0x60200000001000d5, &(0x7f00000001c0)=0x100}) r14 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0xc5000020, [0x0, 0x1, 0x2, 0x3, 0x4]}}], 0x40}, 0x0, 0x0) ioctl$KVM_RUN(r14, 0xae80, 0x0) 50.215026775s ago: executing program 6 (id=90): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r8, 0x4008ae6a, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000000000000000000001"]) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r4, 0x2000000, 0x12, r2, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x1800002, 0x11, r9, 0x0) 8.484029186s ago: executing program 38 (id=89): openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x88000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000280)={0x14, 0xff, 0x1}}) r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0xa, 0x4}}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r10, 0xae80, 0x0) r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG_arm64(r13, 0x4208ae9b, &(0x7f0000000300)={0x40000, 0x0, {[0x41, 0xffffffffffffffff, 0xa, 0x7, 0xfffffffffffffffb, 0x4ecaef11, 0x8000000000000000, 0x8, 0x6, 0x0, 0x4, 0xfffffffffffffffe, 0x9f45, 0x1, 0x0, 0x3], [0x1, 0x40, 0x9, 0x3400000000000000, 0x3, 0x1000, 0x4, 0x7fffffffffffffff, 0x4, 0xba78, 0x80000001, 0x2, 0x6, 0x1, 0x9, 0x8], [0x0, 0x4, 0x100000000, 0x284, 0x9, 0xffffffffffffffff, 0x8, 0xb9, 0x5, 0x1de, 0x3, 0x8, 0x1000, 0x3c9, 0x7, 0x38], [0x0, 0x9, 0x5, 0x4, 0xffffffffffffffff, 0x100000001, 0x3, 0xfffffffffffffff6, 0x1, 0x7, 0x9, 0x7ff, 0x1, 0x401, 0x1, 0x5]}}) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000200)=@arm64_fp_extra={0x60200000001000d5, &(0x7f00000001c0)=0x100}) r14 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0xc5000020, [0x0, 0x1, 0x2, 0x3, 0x4]}}], 0x40}, 0x0, 0x0) ioctl$KVM_RUN(r14, 0xae80, 0x0) 0s ago: executing program 39 (id=90): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r8, 0x4008ae6a, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000000000000000000001"]) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r4, 0x2000000, 0x12, r2, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x1800002, 0x11, r9, 0x0) kernel console output (not intermixed with test programs): [ 387.643242][ T3151] 8021q: adding VLAN 0 to HW filter on device bond0 [ 426.033424][ T3151] eql: remember to turn off Van-Jacobson compression on your slave devices Warning: Permanently added '[localhost]:63364' (ED25519) to the list of known hosts. [ 604.073526][ T25] audit: type=1400 audit(603.290:60): avc: denied { name_bind } for pid=3309 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 605.058247][ T25] audit: type=1400 audit(604.270:61): avc: denied { execute } for pid=3310 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 605.086583][ T25] audit: type=1400 audit(604.290:62): avc: denied { execute_no_trans } for pid=3310 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 627.553889][ T25] audit: type=1400 audit(626.770:63): avc: denied { mounton } for pid=3310 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 627.589591][ T25] audit: type=1400 audit(626.810:64): avc: denied { mount } for pid=3310 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 627.678373][ T3310] cgroup: Unknown subsys name 'net' [ 627.728141][ T25] audit: type=1400 audit(626.950:65): avc: denied { unmount } for pid=3310 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 628.127061][ T3310] cgroup: Unknown subsys name 'cpuset' [ 628.227970][ T3310] cgroup: Unknown subsys name 'rlimit' [ 629.138210][ T25] audit: type=1400 audit(628.350:66): avc: denied { setattr } for pid=3310 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 629.177991][ T25] audit: type=1400 audit(628.380:67): avc: denied { mounton } for pid=3310 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 629.186231][ T25] audit: type=1400 audit(628.390:68): avc: denied { mount } for pid=3310 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 630.781242][ T3313] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 630.801107][ T25] audit: type=1400 audit(630.020:69): avc: denied { relabelto } for pid=3313 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 630.823960][ T25] audit: type=1400 audit(630.040:70): avc: denied { write } for pid=3313 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 631.020088][ T25] audit: type=1400 audit(630.240:71): avc: denied { read } for pid=3310 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 631.036824][ T25] audit: type=1400 audit(630.250:72): avc: denied { open } for pid=3310 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 631.087094][ T3310] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 682.709937][ T25] audit: type=1400 audit(681.930:73): avc: denied { execmem } for pid=3314 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 687.075910][ T25] audit: type=1400 audit(686.290:74): avc: denied { read } for pid=3316 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 687.099692][ T25] audit: type=1400 audit(686.290:75): avc: denied { open } for pid=3316 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 687.179995][ T25] audit: type=1400 audit(686.400:76): avc: denied { mounton } for pid=3316 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 687.483551][ T25] audit: type=1400 audit(686.700:77): avc: denied { module_request } for pid=3316 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 688.676562][ T25] audit: type=1400 audit(687.890:78): avc: denied { sys_module } for pid=3316 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 717.069897][ T3317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 717.689563][ T3317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 718.571564][ T3316] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 718.728451][ T3316] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 730.579777][ T3317] hsr_slave_0: entered promiscuous mode [ 730.609170][ T3317] hsr_slave_1: entered promiscuous mode [ 731.643809][ T3316] hsr_slave_0: entered promiscuous mode [ 731.688271][ T3316] hsr_slave_1: entered promiscuous mode [ 731.724009][ T3316] debugfs: 'hsr0' already exists in 'hsr' [ 731.739783][ T3316] Cannot create hsr debugfs directory [ 737.152959][ T25] audit: type=1400 audit(736.370:79): avc: denied { create } for pid=3317 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 737.227149][ T25] audit: type=1400 audit(736.440:80): avc: denied { write } for pid=3317 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 737.236997][ T25] audit: type=1400 audit(736.440:81): avc: denied { read } for pid=3317 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 737.398552][ T3317] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 737.710929][ T3317] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 738.008820][ T3317] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 738.439301][ T3317] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 739.679722][ T3316] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 739.998055][ T3316] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 740.260716][ T3316] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 740.418687][ T3316] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 753.130074][ T3317] 8021q: adding VLAN 0 to HW filter on device bond0 [ 755.541946][ T3316] 8021q: adding VLAN 0 to HW filter on device bond0 [ 816.122914][ T3317] veth0_vlan: entered promiscuous mode [ 816.650772][ T3317] veth1_vlan: entered promiscuous mode [ 819.579017][ T3317] veth0_macvtap: entered promiscuous mode [ 819.717033][ T3316] veth0_vlan: entered promiscuous mode [ 820.185148][ T3317] veth1_macvtap: entered promiscuous mode [ 820.867320][ T3316] veth1_vlan: entered promiscuous mode [ 823.466870][ T3361] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 823.477065][ T3361] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 823.480740][ T3361] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 823.508064][ T3361] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 824.382702][ T3316] veth0_macvtap: entered promiscuous mode [ 825.147974][ T3316] veth1_macvtap: entered promiscuous mode [ 827.091276][ T25] audit: type=1400 audit(826.240:82): avc: denied { mount } for pid=3317 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 827.471847][ T25] audit: type=1400 audit(826.660:83): avc: denied { mounton } for pid=3317 comm="syz-executor" path="/syzkaller.sef4Y8/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 827.906067][ T25] audit: type=1400 audit(827.020:84): avc: denied { mount } for pid=3317 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 828.366507][ T25] audit: type=1400 audit(827.550:85): avc: denied { mounton } for pid=3317 comm="syz-executor" path="/syzkaller.sef4Y8/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 828.511761][ T25] audit: type=1400 audit(827.730:86): avc: denied { mounton } for pid=3317 comm="syz-executor" path="/syzkaller.sef4Y8/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3780 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 828.786559][ T35] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 828.787758][ T35] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 828.809205][ T35] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 828.869075][ T35] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 829.569895][ T25] audit: type=1400 audit(828.790:87): avc: denied { unmount } for pid=3317 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 829.862582][ T25] audit: type=1400 audit(829.080:88): avc: denied { mounton } for pid=3317 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 830.037664][ T25] audit: type=1400 audit(829.240:89): avc: denied { mount } for pid=3317 comm="syz-executor" name="/" dev="gadgetfs" ino=3789 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 830.530639][ T25] audit: type=1400 audit(829.750:90): avc: denied { mount } for pid=3317 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 830.603924][ T25] audit: type=1400 audit(829.820:91): avc: denied { mounton } for pid=3317 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 832.598914][ T3317] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 833.516006][ T25] kauditd_printk_skb: 1 callbacks suppressed [ 833.523028][ T25] audit: type=1400 audit(832.730:93): avc: denied { read write } for pid=3317 comm="syz-executor" name="loop0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 833.619511][ T25] audit: type=1400 audit(832.820:94): avc: denied { open } for pid=3317 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 833.677864][ T25] audit: type=1400 audit(832.870:95): avc: denied { ioctl } for pid=3317 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=637 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 842.812610][ T25] audit: type=1400 audit(842.030:96): avc: denied { execute } for pid=3474 comm="syz.0.1" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3832 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 844.981634][ T25] audit: type=1400 audit(844.180:97): avc: denied { read } for pid=3476 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 845.062922][ T25] audit: type=1400 audit(844.270:98): avc: denied { open } for pid=3476 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 845.246719][ T25] audit: type=1400 audit(844.460:99): avc: denied { ioctl } for pid=3476 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0x1500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 864.663566][ T25] audit: type=1400 audit(863.880:100): avc: denied { append } for pid=3491 comm="syz.1.6" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 901.298331][ T25] audit: type=1400 audit(900.450:101): avc: denied { write } for pid=3515 comm="syz.1.14" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 916.847529][ T25] audit: type=1400 audit(916.060:102): avc: denied { ioctl } for pid=3525 comm="syz.0.16" path="net:[4026532615]" dev="nsfs" ino=4026532615 ioctlcmd=0x5839 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 1036.810238][ T25] audit: type=1400 audit(1036.030:103): avc: denied { setattr } for pid=3600 comm="syz.1.40" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1196.347089][ T3643] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1196.597128][ T3643] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1201.939335][ T3646] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1202.222668][ T3646] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1221.723360][ T3643] hsr_slave_0: entered promiscuous mode [ 1221.839395][ T3643] hsr_slave_1: entered promiscuous mode [ 1221.863728][ T3643] debugfs: 'hsr0' already exists in 'hsr' [ 1221.926139][ T3643] Cannot create hsr debugfs directory [ 1226.072200][ T3646] hsr_slave_0: entered promiscuous mode [ 1226.131119][ T3646] hsr_slave_1: entered promiscuous mode [ 1226.162022][ T3646] debugfs: 'hsr0' already exists in 'hsr' [ 1226.176648][ T3646] Cannot create hsr debugfs directory [ 1237.647644][ T3643] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1238.332808][ T3643] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1238.763493][ T3643] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1239.531211][ T3643] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1247.713218][ T3646] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1248.362926][ T3646] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1249.142855][ T3646] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1249.717209][ T3646] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1268.817893][ T3685] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1270.753147][ T3685] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1272.332495][ T3685] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1273.853392][ T3685] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1288.398991][ T3685] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1288.540515][ T3685] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1288.648758][ T3685] bond0 (unregistering): Released all slaves [ 1290.289157][ T3685] hsr_slave_0: left promiscuous mode [ 1290.349615][ T3685] hsr_slave_1: left promiscuous mode [ 1290.840176][ T3685] veth1_macvtap: left promiscuous mode [ 1290.868934][ T3685] veth0_macvtap: left promiscuous mode [ 1290.883743][ T3685] veth1_vlan: left promiscuous mode [ 1290.897608][ T3685] veth0_vlan: left promiscuous mode [ 1310.929391][ T3643] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1312.218825][ T3685] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1313.442186][ T3685] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1314.561587][ T3685] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1316.262920][ T3685] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1317.791716][ T3646] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1335.990576][ T3685] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1336.071149][ T3685] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1336.167926][ T3685] bond0 (unregistering): Released all slaves [ 1338.297280][ T3685] hsr_slave_0: left promiscuous mode [ 1338.555206][ T3685] hsr_slave_1: left promiscuous mode [ 1339.177017][ T3685] veth1_macvtap: left promiscuous mode [ 1339.180250][ T3685] veth0_macvtap: left promiscuous mode [ 1339.207980][ T3685] veth1_vlan: left promiscuous mode [ 1339.218099][ T3685] veth0_vlan: left promiscuous mode [ 1423.764076][ T3643] veth0_vlan: entered promiscuous mode [ 1424.730733][ T3643] veth1_vlan: entered promiscuous mode [ 1427.717591][ T3643] veth0_macvtap: entered promiscuous mode [ 1428.131129][ T3643] veth1_macvtap: entered promiscuous mode [ 1432.146487][ T42] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1432.151060][ T42] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1432.339595][ T35] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1432.460449][ T3646] veth0_vlan: entered promiscuous mode [ 1432.488556][ T42] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1434.228109][ T3646] veth1_vlan: entered promiscuous mode [ 1438.627658][ T3646] veth0_macvtap: entered promiscuous mode [ 1439.501544][ T3646] veth1_macvtap: entered promiscuous mode [ 1442.906172][ T3412] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1442.929552][ T3685] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1442.947835][ T35] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1442.948989][ T35] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1732.075576][ T3969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1732.489904][ T3969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1737.800355][ T3974] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1738.242071][ T3974] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1771.938963][ T3969] hsr_slave_0: entered promiscuous mode [ 1772.013779][ T3969] hsr_slave_1: entered promiscuous mode [ 1777.133063][ T3974] hsr_slave_0: entered promiscuous mode [ 1777.262649][ T3974] hsr_slave_1: entered promiscuous mode [ 1777.326684][ T3974] debugfs: 'hsr0' already exists in 'hsr' [ 1777.330454][ T3974] Cannot create hsr debugfs directory [ 1801.818410][ T3969] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1802.733222][ T3969] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1803.393666][ T3969] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1804.273079][ T3969] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1812.648211][ T3974] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 1813.247045][ T3974] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 1813.948933][ T3974] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 1814.557152][ T3974] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 1847.440792][ T3969] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1854.570660][ T3974] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1945.338854][ T42] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1946.720203][ T42] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1947.917978][ T42] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1949.227577][ T42] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1967.316553][ T42] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1967.551415][ T42] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1967.777633][ T42] bond0 (unregistering): Released all slaves [ 1970.546636][ T42] hsr_slave_0: left promiscuous mode [ 1971.086229][ T42] hsr_slave_1: left promiscuous mode [ 1972.306409][ T42] veth1_macvtap: left promiscuous mode [ 1972.307702][ T42] veth0_macvtap: left promiscuous mode [ 1972.357820][ T42] veth1_vlan: left promiscuous mode [ 1972.377195][ T42] veth0_vlan: left promiscuous mode [ 2001.410009][ T42] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2003.148347][ T42] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2004.503756][ T42] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2005.632427][ T42] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2024.882199][ T42] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2025.599739][ T42] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2025.817367][ T42] bond0 (unregistering): Released all slaves [ 2028.500451][ T42] hsr_slave_0: left promiscuous mode [ 2028.625831][ T42] hsr_slave_1: left promiscuous mode [ 2029.216097][ T42] veth1_macvtap: left promiscuous mode [ 2029.219379][ T42] veth0_macvtap: left promiscuous mode [ 2029.233073][ T42] veth1_vlan: left promiscuous mode [ 2029.251208][ T42] veth0_vlan: left promiscuous mode [ 2071.999254][ T3969] veth0_vlan: entered promiscuous mode [ 2072.970912][ T3974] veth0_vlan: entered promiscuous mode [ 2073.498155][ T3969] veth1_vlan: entered promiscuous mode [ 2074.641680][ T3974] veth1_vlan: entered promiscuous mode [ 2077.709706][ T3969] veth0_macvtap: entered promiscuous mode [ 2078.589458][ T3974] veth0_macvtap: entered promiscuous mode [ 2078.758182][ T3969] veth1_macvtap: entered promiscuous mode [ 2079.522749][ T3974] veth1_macvtap: entered promiscuous mode [ 2083.502825][ T3688] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2083.517023][ T3688] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2083.522901][ T3688] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2083.693419][ T3412] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2084.217966][ T52] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2084.219279][ T52] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2084.238843][ T52] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2084.699830][ T52] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2189.537337][ T25] audit: type=1400 audit(2188.730:104): avc: denied { map } for pid=4274 comm="syz.4.85" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 2264.341802][ T4173] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2266.787911][ T4173] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2268.893120][ T4173] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2271.150236][ T4173] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2301.653891][ T4173] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2302.386041][ T4173] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2303.858686][ T4173] bond0 (unregistering): Released all slaves [ 2307.428674][ T4173] hsr_slave_0: left promiscuous mode [ 2307.616573][ T4173] hsr_slave_1: left promiscuous mode [ 2308.530317][ T4173] veth1_macvtap: left promiscuous mode [ 2308.553227][ T4173] veth0_macvtap: left promiscuous mode [ 2308.589259][ T4173] veth1_vlan: left promiscuous mode [ 2308.612784][ T4173] veth0_vlan: left promiscuous mode [ 2333.980683][ T4173] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2335.709352][ T4173] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2337.302621][ T4173] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2339.153798][ T4173] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2360.918510][ T4173] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2361.178823][ T4173] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2361.370123][ T4173] bond0 (unregistering): Released all slaves [ 2364.116994][ T4173] hsr_slave_0: left promiscuous mode [ 2364.163132][ T4173] hsr_slave_1: left promiscuous mode [ 2364.757372][ T4173] veth1_macvtap: left promiscuous mode [ 2364.783689][ T4173] veth0_macvtap: left promiscuous mode [ 2364.801219][ T4173] veth1_vlan: left promiscuous mode [ 2364.810032][ T4173] veth0_vlan: left promiscuous mode [ 2422.378934][ T4306] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2422.682373][ T4306] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2425.666853][ T4309] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2425.991992][ T4309] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2453.013671][ T4306] hsr_slave_0: entered promiscuous mode [ 2453.130303][ T4306] hsr_slave_1: entered promiscuous mode [ 2457.676846][ T4309] hsr_slave_0: entered promiscuous mode [ 2457.772268][ T4309] hsr_slave_1: entered promiscuous mode [ 2457.839754][ T4309] debugfs: 'hsr0' already exists in 'hsr' [ 2457.847357][ T4309] Cannot create hsr debugfs directory [ 2475.319043][ T4306] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 2476.012543][ T4306] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 2476.527636][ T4306] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 2477.097336][ T4306] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 2482.509635][ T4309] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 2482.967560][ T4309] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 2483.589823][ T4309] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 2484.054045][ T4309] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 2510.843195][ T4306] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2518.112425][ T4309] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2668.942810][ T4306] veth0_vlan: entered promiscuous mode [ 2670.032070][ T4306] veth1_vlan: entered promiscuous mode [ 2674.300323][ T4306] veth0_macvtap: entered promiscuous mode [ 2675.613690][ T4306] veth1_macvtap: entered promiscuous mode [ 2675.947144][ T4309] veth0_vlan: entered promiscuous mode [ 2677.898995][ T4309] veth1_vlan: entered promiscuous mode [ 2681.120005][ T3685] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2681.123913][ T3685] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2681.139534][ T3685] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2681.170922][ T4113] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2683.663885][ T4309] veth0_macvtap: entered promiscuous mode [ 2685.430032][ T4309] veth1_macvtap: entered promiscuous mode [ 2691.656863][ T3688] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2691.671303][ T3688] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2691.739349][ T3688] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2691.765565][ T3688] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2914.960723][ T4587] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2915.451376][ T4587] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2921.922639][ T4593] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2922.496905][ T4593] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2970.435915][ T4587] hsr_slave_0: entered promiscuous mode [ 2970.553280][ T4587] hsr_slave_1: entered promiscuous mode [ 2970.711017][ T4587] debugfs: 'hsr0' already exists in 'hsr' [ 2970.735499][ T4587] Cannot create hsr debugfs directory [ 2978.360805][ T4593] hsr_slave_0: entered promiscuous mode [ 2978.441223][ T4593] hsr_slave_1: entered promiscuous mode [ 2978.497140][ T4593] debugfs: 'hsr0' already exists in 'hsr' [ 2978.517251][ T4593] Cannot create hsr debugfs directory [ 3012.420726][ T4587] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 3013.797669][ T4587] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 3014.532789][ T4587] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 3015.868591][ T4587] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 3027.509696][ T4593] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 3028.181202][ T4593] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 3028.793608][ T4593] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 3029.722931][ T4593] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 3077.360956][ T4587] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3086.862493][ T4593] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3166.698940][ T27] INFO: task syz.6.90:4569 blocked for more than 430 seconds. [ 3166.739027][ T27] Not tainted syzkaller #0 [ 3166.793817][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 3166.818037][ T27] task:syz.6.90 state:D stack:0 pid:4569 tgid:4569 ppid:4306 task_flags:0x400040 flags:0x00000019 [ 3166.819701][ T27] Call trace: [ 3166.820237][ T27] __switch_to+0x584/0xb20 (T) [ 3166.822284][ T27] __schedule+0x1eec/0x33a4 [ 3166.822888][ T27] schedule+0xac/0x27c [ 3166.823384][ T27] schedule_timeout+0x5c/0x1e4 [ 3166.823838][ T27] do_wait_for_common+0x28c/0x444 [ 3167.021917][ T27] wait_for_completion+0x44/0x5c [ 3167.027277][ T27] __synchronize_srcu+0x2a4/0x320 [ 3167.027949][ T27] synchronize_srcu+0x3cc/0x4f0 [ 3167.028511][ T27] mmu_notifier_unregister+0x320/0x42c [ 3167.029064][ T27] kvm_put_kvm+0x6a0/0xfa8 [ 3167.029494][ T27] kvm_vm_release+0x58/0x78 [ 3167.029974][ T27] __fput+0x4ac/0x980 [ 3167.030411][ T27] ____fput+0x20/0x58 [ 3167.030879][ T27] task_work_run+0x1bc/0x254 [ 3167.031304][ T27] do_notify_resume+0x1bc/0x270 [ 3167.031782][ T27] el0_svc+0xb8/0x164 [ 3167.032240][ T27] el0t_64_sync_handler+0x84/0x12c [ 3167.032720][ T27] el0t_64_sync+0x198/0x19c SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 3167.172421][ T27] [ 3167.172421][ T27] Showing all locks held in the system: [ 3167.205404][ T27] 1 lock held by khungtaskd/27: [ 3167.205987][ T27] #0: ffff800087806858 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48 [ 3167.208571][ T27] 2 locks held by kworker/u4:2/35: [ 3167.208971][ T27] #0: 5ff000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18 [ 3167.210771][ T27] #1: ffff80008c967c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18 [ 3167.212608][ T27] 2 locks held by kworker/u4:3/42: [ 3167.212975][ T27] 3 locks held by kworker/u4:5/52: [ 3167.213405][ T27] 2 locks held by getty/3181: [ 3167.213739][ T27] #0: 30f0000011d0a8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c [ 3167.377776][ T27] #1: 0fff80008c54b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8 [ 3167.379492][ T27] 2 locks held by syz-executor/3310: [ 3167.379856][ T27] 3 locks held by kworker/u4:7/3688: [ 3167.380218][ T27] 3 locks held by kworker/u4:1/3991: [ 3167.380562][ T27] 3 locks held by kworker/u4:11/4113: [ 3167.380892][ T27] 2 locks held by kworker/u4:13/4173: [ 3167.381196][ T27] #0: 5ff000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18 [ 3167.382943][ T27] #1: ffff80008ce37c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18 [ 3167.588736][ T27] 3 locks held by kworker/u4:14/4535: [ 3167.589236][ T27] 2 locks held by syz.7.89/4564: [ 3167.589635][ T27] 3 locks held by kworker/u4:0/4702: [ 3167.589982][ T27] 1 lock held by cmp/4757: [ 3167.590283][ T27] 4 locks held by modprobe/4758: [ 3167.590598][ T27] 1 lock held by modprobe/4759: [ 3167.591126][ T27] [ 3167.591398][ T27] ============================================= [ 3167.591398][ T27] [ 3167.592231][ T27] Kernel panic - not syncing: hung_task: blocked tasks [ 3167.600981][ T27] CPU: 0 UID: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT [ 3167.602266][ T27] Hardware name: linux,dummy-virt (DT) [ 3167.603084][ T27] Call trace: [ 3167.603856][ T27] show_stack+0x2c/0x3c (C) [ 3167.604810][ T27] __dump_stack+0x30/0x40 [ 3167.605545][ T27] dump_stack_lvl+0x30/0x12c [ 3167.606331][ T27] dump_stack+0x1c/0x28 [ 3167.607097][ T27] vpanic+0x22c/0x59c [ 3167.607821][ T27] vpanic+0x0/0x59c [ 3167.608559][ T27] hung_task_panic+0x0/0x2c [ 3167.609302][ T27] kthread+0x794/0x9a0 [ 3167.610090][ T27] ret_from_fork+0x10/0x20 [ 3167.611826][ T27] Kernel Offset: disabled [ 3167.612530][ T27] CPU features: 0x000000,0001a300,5f7c67c1,057ffe1f [ 3167.613536][ T27] Memory Limit: none [ 3167.617600][ T27] Rebooting in 86400 seconds.. VM DIAGNOSIS: 04:00:24 Registers: info registers vcpu 0 CPU#0 PC=ffff800085bcb2e8 X00=0000000000000000 X01=000000000000001a X02=ffff8000800077b8 X03=0000000000000001 X04=0000000000000000 X05=0000000000000000 X06=0000000000000000 X07=ffff8000859f5bfc X08=00000000000000c0 X09=0000000000000101 X10=0000000000ff0100 X11=0000000000000000 X12=94f0000025868ab0 X13=0000000000000094 X14=0000000000002000 X15=ffff800080007680 X16=ffff800080010e20 X17=00000000000000bb X18=00000000000000ff X19=0000000000000000 X20=0000000000000001 X21=ffff800087806858 X22=cdf0000015e0b920 X23=ffff800087686570 X24=94f0000025868000 X25=0000000000000006 X26=ffff800087067eb6 X27=0000000000000002 X28=94f0000025868008 X29=ffff800080007500 X30=ffff80008656e528 SP=ffff8000800074e0 PSTATE=40402009 -Z-- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000 P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000 FFR=0000 Z00=0000000000000000:0000000000000000 Z01=00312e6f732e7875:6e696c657362696c Z02=0000000000000000:ffffff0000000000 Z03=0000000000000000:0000000000000000 Z04=3333333333333333:3333333333333333 Z05=0000000000000000:000000000c000000 Z06=0000000000000000:0000000000000000 Z07=0000000000000000:0000000000000000 Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000 Z17=0000000000000000:0000000000000000 Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000