last executing test programs: 54m48.168882709s ago: executing program 1 (id=2): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_vgic_v3_setup(r1, 0x4, 0x60) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1e000000000000004000000000000000000000ef"], 0x80}], 0x1, 0x0, 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x28) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r4, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000}) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000980)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RESET_DIRTY_RINGS(r4, 0xaec7) ioctl$KVM_RUN(r2, 0xae80, 0x0) 54m45.650337278s ago: executing program 0 (id=1): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xe) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0x8000ae8c, 0x0) 53m59.338867073s ago: executing program 32 (id=2): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_vgic_v3_setup(r1, 0x4, 0x60) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1e000000000000004000000000000000000000ef"], 0x80}], 0x1, 0x0, 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x28) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r4, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000}) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000980)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RESET_DIRTY_RINGS(r4, 0xaec7) ioctl$KVM_RUN(r2, 0xae80, 0x0) 53m56.365885964s ago: executing program 33 (id=1): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xe) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0x8000ae8c, 0x0) 49m15.908025157s ago: executing program 3 (id=4): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013c00b}}], 0x18}, 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000000)={0x5, 0x3, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000000000/0x400000)=nil) r10 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x29) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x1) close(0xffffffffffffffff) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r12, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_GET_REG_LIST(r7, 0xc008aeb0, &(0x7f0000000000)) r13 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r15, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[@eret={0xe6, 0x18, 0x9ef4}, @eret={0xe6, 0x18, 0x2}, @smc={0x1e, 0x40, {0x400, [0x5, 0x0, 0x8, 0x3, 0x6]}}, @hvc={0x32, 0x40, {0x84000014, [0x4, 0x1, 0xd2c7, 0xb95f, 0x4]}}, @smc={0x1e, 0x40, {0x84000005, [0x0, 0xd5, 0xfffffffffffff801, 0x8000000000000001, 0x3ff]}}, @svc={0x122, 0x40, {0xc4000053, [0x5, 0xdce, 0x1, 0x7, 0x81]}}, @irq_setup={0x46, 0x18, {0x3, 0x94}}, @eret={0xe6, 0x18, 0x5}], 0x160}, &(0x7f0000000200)=[@featur1={0x1, 0x10}], 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 48m56.371410108s ago: executing program 3 (id=7): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0x80111500, 0x20000000) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000001000/0x2000)=nil, 0x930, 0x2000003, 0x4120932, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(r6, 0x541b, 0x2000001c) ioctl$KVM_SET_USER_MEMORY_REGION2(r4, 0x40a0ae49, &(0x7f00000000c0)={0x5, 0x5, 0x2000, 0x1000, &(0x7f0000ffd000/0x1000)=nil, 0x3}) r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000400)=@arm64_sys={0x603000000013c000, &(0x7f00000003c0)=0x3a5}) r8 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1) r11 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r10, 0x0) munmap(&(0x7f0000fd0000/0x4000)=nil, 0x4000) syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) 48m9.047605608s ago: executing program 34 (id=7): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0x80111500, 0x20000000) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000001000/0x2000)=nil, 0x930, 0x2000003, 0x4120932, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(r6, 0x541b, 0x2000001c) ioctl$KVM_SET_USER_MEMORY_REGION2(r4, 0x40a0ae49, &(0x7f00000000c0)={0x5, 0x5, 0x2000, 0x1000, &(0x7f0000ffd000/0x1000)=nil, 0x3}) r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000400)=@arm64_sys={0x603000000013c000, &(0x7f00000003c0)=0x3a5}) r8 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1) r11 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r10, 0x0) munmap(&(0x7f0000fd0000/0x4000)=nil, 0x4000) syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) 40m20.807937141s ago: executing program 4 (id=47): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x302, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async, rerun: 64) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xd) (rerun: 64) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0xd3b) (async) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r4, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000240)=[{0x0, &(0x7f00000001c0)=ANY=[@ANYRES32=r2], 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) (async) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100006, &(0x7f00000000c0)=0x7ffffffc}) (async) r9 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 64) mmap$KVM_VCPU(&(0x7f0000d95000/0x4000)=nil, 0x0, 0x1000002, 0x13, 0xffffffffffffffff, 0x0) (async, rerun: 64) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x28) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) ioctl$KVM_RUN(r13, 0xae80, 0x0) r14 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur2={0x1, 0x5c}], 0x1) (async) r15 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) r17 = syz_kvm_setup_syzos_vm$arm64(r16, &(0x7f0000c00000/0x400000)=nil) r18 = syz_kvm_add_vcpu$arm64(r17, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_GET_REG_LIST(r18, 0xc008aeb0, &(0x7f0000000000)) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f00000005c0)=@attr_pmu_irq={0x0, 0x0, 0x2000000, 0x0}) (async) eventfd2(0x8, 0x80800) 40m8.797087271s ago: executing program 4 (id=49): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000040)=@arm64_ccsidr={0x6020000000110000, &(0x7f0000000000)=0x3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x27) (async) r8 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) (async) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r9, 0xc020660b, 0xe1) (async) r10 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x88, 0xfffffffffffffffc, 0x8}}], 0x30}, 0x0, 0x0) (async) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_GET_STATS_FD_vm(r7, 0xaece) (async) r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000040)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0xc, 0x1, &(0x7f0000000040)=0xab}) (async) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_RUN(r10, 0xae80, 0x0) r15 = eventfd2(0x0, 0x0) (async) r16 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x302, 0x0) r17 = ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0) r18 = eventfd2(0x8, 0x80800) ioctl$KVM_IOEVENTFD(r17, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xeeef0000, 0x0, r18}) ioctl$KVM_IOEVENTFD(r17, 0x4040ae79, &(0x7f0000000000)={0x3, 0xff0d77deeb9aad17, 0x0, r15, 0x4}) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) 39m24.604405994s ago: executing program 4 (id=51): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f00000001c0)=@arm64_core={0x6030000000100012, &(0x7f0000000180)=0x1}) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x1, 0xffffffffffffffff, 0x1}) close(r5) r7 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve={0x60800000001500f7, &(0x7f0000000200)=0x17b5}) close(r6) r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) syz_kvm_setup_cpu$arm64(r5, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000700)=[{0x0, &(0x7f0000000240)=[@code={0xa, 0x9c, {"00b28ad200e0b8f2210180d2020180d2030080d2e40080d2020000d4609186d20060b8f2c10180d2820180d2430180d2a40180d2020000d400c4200e007008d5007008d5007008d5804497d20040b8f2010180d2820180d2430180d2040180d2020000d400c0611e00804008805888d20000b8f2010080d2420180d2630180d2440180d2020000d4"}}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x3a9}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x1, 0x0, 0xeebda19, 0x1, 0x4}}, @irq_setup={0x46, 0x18, {0x2, 0x217}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x4, 0x6, 0x4}}, @hvc={0x32, 0x40, {0xc4000053, [0x2, 0x3f36, 0x800, 0x1ac855da, 0x100000000]}}, @hvc={0x32, 0x40, {0x4600ffe2, [0x6, 0x1, 0x7fffffff, 0x5a8a, 0x5]}}, @eret={0xe6, 0x18, 0x8}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x2d7}}, @mrs={0xbe, 0x18, {0x603000000013c802}}, @mrs={0xbe, 0x18, {0x603000000013c4f1}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x1, 0xe, 0x1, 0x0, 0x1}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x48, 0x58903449, 0x2}}, @msr={0x14, 0x20, {0x603000000013f088, 0x1}}, @hvc={0x32, 0x40, {0x80000001, [0x9fad, 0x3, 0x80000000, 0xb8a, 0x6]}}, @smc={0x1e, 0x40, {0x86000001, [0xebc7, 0x1, 0x4, 0x4, 0x7ff]}}, @uexit={0x0, 0x18, 0x9}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff4, 0x10001, 0x9}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x180, 0x0, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x4, 0xa, 0x40, 0x8, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013c2ab}}, @msr={0x14, 0x20, {0x603000000013deeb, 0x4}}, @uexit={0x0, 0x18, 0x7}, @eret={0xe6, 0x18}, @hvc={0x32, 0x40, {0x400, [0x6, 0x9, 0x3ff, 0x8001, 0x4]}}, @uexit={0x0, 0x18, 0x6}, @irq_setup={0x46, 0x18, {0x2, 0x21}}], 0x494}], 0x1, 0x0, &(0x7f0000000740)=[@featur2={0x1, 0x24}], 0x1) ioctl$KVM_SET_MP_STATE(r8, 0x4004ae99, &(0x7f0000000000)=0x5) 39m9.107067695s ago: executing program 4 (id=53): r0 = openat$kvm(0x0, &(0x7f0000000100), 0xe0000, 0x0) r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r1, 0x0, 0x0, 0x0) (async) openat$kvm(0x0, 0x0, 0x0, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x80000, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000200)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f00000001c0)=0x3480}) (async) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0xc4000012, [0x8, 0x939, 0xe, 0x7f, 0xd]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) (async) ioctl$KVM_RUN(r7, 0xae80, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) 38m55.942666818s ago: executing program 4 (id=56): openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x100000000000032) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, 0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, 0x0) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x2) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x21) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2) r12 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r11, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r11, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r11, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r13, 0x40086602, 0x4110e227ffe) syz_kvm_assert_syzos_uexit$arm64(0x0, 0xffffffffffffffff) (async) syz_kvm_assert_syzos_uexit$arm64(0x0, 0xffffffffffffffff) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, r1, 0x1000014, 0x5c1fd1b6565d2f2, r5, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r5, 0x4004ae8b, &(0x7f00000000c0)=ANY=[]) ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, &(0x7f0000000000)={0xffff8001, 0x6}) mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, r1, 0x2, 0x4000010, r5, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, r1, 0x2, 0x4000010, r5, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) (async) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x0) 38m42.351931341s ago: executing program 4 (id=58): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2f) r2 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0x4b49, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x20) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000a67000/0x400000)=nil) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x35) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000001000/0x2000)=nil, 0x930, 0x2000003, 0x4120932, 0xffffffffffffffff, 0x0) syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000000)={0x0, &(0x7f0000000240)=[@hvc={0x32, 0x40, {0xc4000005, [0xd48, 0xffffffffffffff0e, 0xb, 0x5, 0x4]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1600, 0x2, 0x2}}, @hvc={0x32, 0x40, {0xffff, [0x6, 0xf1, 0x1, 0x6a6, 0x85]}}, @code={0xa, 0x6c, {"000028d5403e8ed20000b8f2a10180d2a20080d2030080d2e40180d2020000d4007008d5a04096d20060b8f2010080d2620180d2830180d2e40080d2020000d4008008d5000c803c007008d50008c0380000c0ac008008d5"}}, @code={0xa, 0x84, {"00a0600d000cc078407592d20080b0f2e10080d2020080d2430180d2c40080d2020000d40040400c208584d200a0b8f2210080d2e20180d2030080d2a40080d2020000d400d8a17e0018000e60e383d200a0b0f2810180d2820080d2a30080d2040080d2020000d400a0400d00040038"}}, @uexit={0x0, 0x18, 0x7}, @smc={0x1e, 0x40, {0x32000000, [0x1, 0x7fffffff, 0x2, 0xe9, 0x9]}}, @smc={0x1e, 0x40, {0x3f000000, [0xfffffffffffffffc, 0x9, 0xfffffffffffffdc8, 0x5, 0x2c000]}}, @memwrite={0x6e, 0x30, @generic={0x2000, 0x409, 0x1ff, 0x5}}, @smc={0x1e, 0x40, {0x4000, [0x8, 0x4, 0x18, 0x200, 0x6]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x10, 0x1ff, 0x8}}], 0x2d8}, 0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r6 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x100000c, 0x4d832, 0xffffffffffffffff, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0x80111500, 0x20000000) write$eventfd(r8, &(0x7f0000000000), 0xfffffdef) munmap(&(0x7f0000008000/0x1000)=nil, 0x200000) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION(r10, 0xae03, 0x10) mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, 0xffffffffffffffff, 0x0) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x31) syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) 37m54.588845938s ago: executing program 35 (id=58): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2f) r2 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0x4b49, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x20) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000a67000/0x400000)=nil) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x35) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000001000/0x2000)=nil, 0x930, 0x2000003, 0x4120932, 0xffffffffffffffff, 0x0) syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000000)={0x0, &(0x7f0000000240)=[@hvc={0x32, 0x40, {0xc4000005, [0xd48, 0xffffffffffffff0e, 0xb, 0x5, 0x4]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1600, 0x2, 0x2}}, @hvc={0x32, 0x40, {0xffff, [0x6, 0xf1, 0x1, 0x6a6, 0x85]}}, @code={0xa, 0x6c, {"000028d5403e8ed20000b8f2a10180d2a20080d2030080d2e40180d2020000d4007008d5a04096d20060b8f2010080d2620180d2830180d2e40080d2020000d4008008d5000c803c007008d50008c0380000c0ac008008d5"}}, @code={0xa, 0x84, {"00a0600d000cc078407592d20080b0f2e10080d2020080d2430180d2c40080d2020000d40040400c208584d200a0b8f2210080d2e20180d2030080d2a40080d2020000d400d8a17e0018000e60e383d200a0b0f2810180d2820080d2a30080d2040080d2020000d400a0400d00040038"}}, @uexit={0x0, 0x18, 0x7}, @smc={0x1e, 0x40, {0x32000000, [0x1, 0x7fffffff, 0x2, 0xe9, 0x9]}}, @smc={0x1e, 0x40, {0x3f000000, [0xfffffffffffffffc, 0x9, 0xfffffffffffffdc8, 0x5, 0x2c000]}}, @memwrite={0x6e, 0x30, @generic={0x2000, 0x409, 0x1ff, 0x5}}, @smc={0x1e, 0x40, {0x4000, [0x8, 0x4, 0x18, 0x200, 0x6]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x10, 0x1ff, 0x8}}], 0x2d8}, 0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r6 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x100000c, 0x4d832, 0xffffffffffffffff, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0x80111500, 0x20000000) write$eventfd(r8, &(0x7f0000000000), 0xfffffdef) munmap(&(0x7f0000008000/0x1000)=nil, 0x200000) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION(r10, 0xae03, 0x10) mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, 0xffffffffffffffff, 0x0) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x31) syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) 31m38.994899172s ago: executing program 2 (id=87): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) syz_kvm_setup_cpu$arm64(r4, r5, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="4600000000000000180000000000000001000000a0"], 0x18}], 0x1, 0x0, 0x0, 0x0) r6 = ioctl$KVM_GET_STATS_FD_vm(r4, 0xaece) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x13) ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000240)={0x1fd, 0x4, 0x100000, 0x1000, &(0x7f0000d8f000/0x1000)=nil, 0xb, r6}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil}) r9 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000200)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r9, 0xae80, 0x0) openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x7) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000000000/0x400000)=nil) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f0000000000)=0xf4020000}) ioctl$KVM_ARM_SET_DEVICE_ADDR(r9, 0x4010aeab, &(0x7f0000000000)={0x401, 0xdddd0000}) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x0, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000100)=@arm64_bitmap={0x6030000000160000, &(0x7f00000000c0)=0x1}) 31m24.849129644s ago: executing program 2 (id=88): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f00000001c0), 0x100, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x24) r3 = ioctl$KVM_CREATE_VM(r1, 0x80111500, 0x20000000) close(r3) close(0x3) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xcd) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x26) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x285}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r6, 0x1, 0x100) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r8, 0xae80, 0x0) 31m11.368623614s ago: executing program 2 (id=89): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4360ae82, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0x40087602, 0x1) r9 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, r13, 0x1000009, 0x12, r8, 0x0) r14 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_IRQ_LINE(r12, 0x4008ae61, &(0x7f0000000300)={0x1000020, 0x1}) ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f00000000c0)=@arm64_core={0x603000000010002e, &(0x7f0000000380)=0xfffffffffffffff8}) 30m49.886176589s ago: executing program 2 (id=90): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c) munmap(&(0x7f0000ec6000/0x3000)=nil, 0x3000) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r5, 0x4008ae6a, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000000000000000000002000000010000000000000023f1bd87ffffffff0001000000000000f9feffffffffffff040000000100008000000100010000000100feb9000000007b00000000000000090000000000000000000000000000004304000008000000"]) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) munmap(&(0x7f0000d91000/0x1000)=nil, 0x1000) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) r9 = ioctl$KVM_GET_STATS_FD_cpu(r8, 0xaece) close(r9) ioctl$KVM_RUN(r9, 0xae80, 0x0) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r3, &(0x7f0000bfe000/0x400000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000140)=@arm64_ccsidr={0x602000000011000b, &(0x7f00000000c0)=0x8000000}) 30m29.057272263s ago: executing program 2 (id=91): ioctl$KVM_HAS_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee3, &(0x7f0000000140)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000100)=0x8000}) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = eventfd2(0x8, 0x80800) ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x1, r1, 0x2}) ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f0000000040)={0x4, 0xd000, 0x8, r1, 0xa}) ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x2, r1, 0x3}) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x40000, 0x0) r3 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f00000001c0)={0x5}) ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x83) r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r8 = ioctl$KVM_CREATE_VM(r7, 0x894c, 0x0) ioctl$KVM_CREATE_VCPU(r8, 0xb702, 0x0) r9 = eventfd2(0x5, 0x80000) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x1}}], 0x28}, 0x0, 0x0) r13 = syz_kvm_vgic_v3_setup(r11, 0x3, 0xa0) ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0x5, 0x5, &(0x7f0000000000)=0x80000000}) ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000000)={0x0, 0xeeee8000, 0x1, r9, 0x1}) r14 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r14, 0xae03, 0xe) 30m11.718398363s ago: executing program 2 (id=93): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013c029, &(0x7f00000000c0)=0x8}) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_add_vcpu$arm64(r3, &(0x7f00000004c0)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013deb2, 0x3}}, @hvc={0x32, 0x40, {0x84000011, [0x6, 0x7, 0x0, 0x4, 0x4]}}, @code={0xa, 0x9c, {"c03395d20060b0f2410080d2620080d2230180d2a40180d2020000d4e0ec9dd200c0b0f2810080d2220080d2430080d2840180d2020000d4007008d500000078008008d500008013007008d560ee94d20000b0f2410080d2820180d2e30080d2e40180d2020000d440d28fd20080b0f2610080d2020180d2e30080d2840080d2020000d400f8307e"}}, @code={0xa, 0x6c, {"0080c0c8007008d5000040b3007008d5002d80d200e0b0f2610180d2420080d2630180d2c40080d2020000d440d080d20060b0f2e10080d2420180d2230080d2040080d2020000d4007008d5008008d5000040b80000291e"}}, @svc={0x122, 0x40, {0x200, [0x4, 0x40, 0x3, 0x4]}}, @smc={0x1e, 0x40, {0x80007fff, [0x1342, 0x0, 0xb, 0x2, 0x7]}}, @hvc={0x32, 0x40, {0x84000009, [0x8, 0x401, 0x0, 0x3, 0x7]}}, @irq_setup={0x46, 0x18, {0x1, 0x21e}}, @code={0xa, 0x84, {"008008d5007008d5007008d5604890d200e0b0f2410080d2220180d2e30180d2840080d2020000d420e395d200e0b0f2210080d2820180d2a30080d2440180d2020000d4a02f9ed20060b0f2c10080d2c20180d2c30180d2240080d2020000d4007008d5007008d500f4000f0000007c"}}, @svc={0x122, 0x40, {0x80000001, [0x1000, 0x9, 0x1, 0x1, 0x3]}}], 0x304}, &(0x7f0000000500), 0x1) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, 0xfffffffffffffffe) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x3}) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000000)={0x10000, 0x1, 0x1, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_CREATE_VM(r10, 0x400454e2, 0x110c210020) 29m24.429115973s ago: executing program 36 (id=93): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013c029, &(0x7f00000000c0)=0x8}) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_add_vcpu$arm64(r3, &(0x7f00000004c0)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013deb2, 0x3}}, @hvc={0x32, 0x40, {0x84000011, [0x6, 0x7, 0x0, 0x4, 0x4]}}, @code={0xa, 0x9c, {"c03395d20060b0f2410080d2620080d2230180d2a40180d2020000d4e0ec9dd200c0b0f2810080d2220080d2430080d2840180d2020000d4007008d500000078008008d500008013007008d560ee94d20000b0f2410080d2820180d2e30080d2e40180d2020000d440d28fd20080b0f2610080d2020180d2e30080d2840080d2020000d400f8307e"}}, @code={0xa, 0x6c, {"0080c0c8007008d5000040b3007008d5002d80d200e0b0f2610180d2420080d2630180d2c40080d2020000d440d080d20060b0f2e10080d2420180d2230080d2040080d2020000d4007008d5008008d5000040b80000291e"}}, @svc={0x122, 0x40, {0x200, [0x4, 0x40, 0x3, 0x4]}}, @smc={0x1e, 0x40, {0x80007fff, [0x1342, 0x0, 0xb, 0x2, 0x7]}}, @hvc={0x32, 0x40, {0x84000009, [0x8, 0x401, 0x0, 0x3, 0x7]}}, @irq_setup={0x46, 0x18, {0x1, 0x21e}}, @code={0xa, 0x84, {"008008d5007008d5007008d5604890d200e0b0f2410080d2220180d2e30180d2840080d2020000d420e395d200e0b0f2210080d2820180d2a30080d2440180d2020000d4a02f9ed20060b0f2c10080d2c20180d2c30180d2240080d2020000d4007008d5007008d500f4000f0000007c"}}, @svc={0x122, 0x40, {0x80000001, [0x1000, 0x9, 0x1, 0x1, 0x3]}}], 0x304}, &(0x7f0000000500), 0x1) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, 0xfffffffffffffffe) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x3}) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000000)={0x10000, 0x1, 0x1, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_CREATE_VM(r10, 0x400454e2, 0x110c210020) 11m49.712945991s ago: executing program 6 (id=206): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x7e) r1 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0xf, 0x32, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x20000000) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x10, r3, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) r5 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x59) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_GET_DIRTY_LOG(r7, 0x4010ae42, &(0x7f0000000000)={0xa4a605311ad0de6b, 0x0, &(0x7f0000c67000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f000073e000/0x400000)=nil) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) 11m38.600113274s ago: executing program 6 (id=208): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100032, &(0x7f00000000c0)=0x3ff}) openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100032, &(0x7f00000000c0)=0x3ff}) (async) 11m27.998880052s ago: executing program 6 (id=210): r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000280)=0x400000080a0000}) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r7 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r6, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x480, 0x0) 11m11.221908519s ago: executing program 6 (id=212): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x6832, 0xffffffffffffffff, 0x0) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac4e37c4005a9614fbff67521ce16f8f09449a7a836b73312954000000000000000000000000000000000000000000000000000000dc6900", 0x0, 0x2e) (async) close(0xffffffffffffffff) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) (async) openat$kvm(0xffffff9c, &(0x7f0000000000), 0x1a17f2, 0x1f01) (async) r4 = eventfd2(0x0, 0x0) (async) close(r1) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40800, 0x0) (async) openat$kvm(0x0, 0x0, 0x0, 0x0) (async, rerun: 64) r5 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (rerun: 64) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x29) r7 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r7, 0x4b47, 0xfffffffffffffffe) (async) r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) (async) r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@hvc={0x32, 0x40, {0x86000000, [0x2, 0x1, 0x2, 0x3, 0x3]}}], 0x40}, 0x0, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) r14 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r13, 0x2, 0x12, r8, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f00000002c0)="fb016bddfb405ee52cc6a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb2070000000000000000000000c20cecfa0a97ab7800", 0x0, 0x48) (async, rerun: 64) r15 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (rerun: 64) syz_memcpy_off$KVM_EXIT_HYPERCALL(r15, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, 0x930, 0x2000004, 0x2011, r4, 0x0) (rerun: 32) 10m59.68817592s ago: executing program 6 (id=214): mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000100)=@arm64_fw={0x6030000000140002, &(0x7f00000000c0)=0x372}) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) 10m49.357271617s ago: executing program 6 (id=215): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000200)=0x8000000}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000280)=0x400000080a0000}) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2b) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r3, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000}) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0xfffffffffffffff7) ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x7f) r5 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000ab5000/0x400000)=nil) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x50801, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CAP_ARM_MTE(r1, 0x4068aea3, &(0x7f0000000380)={0xb1}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x60800, 0x0) ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x83) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8521, 0x0) ioctl$KVM_GET_API_VERSION(0xffffffffffffffff, 0xae00, 0x0) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000980)={0x0, 0x0}, 0x0, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil}) r10 = openat$kvm(0x0, &(0x7f0000000100), 0x13b040, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) 10m47.427393684s ago: executing program 5 (id=216): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x20) (async) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) (async) openat$kvm(0xffffffffffffff9c, 0x0, 0x84440, 0x0) (async) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r1, 0x4010aeb5, 0x0) 10m37.397645063s ago: executing program 5 (id=217): r0 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc000000000000f000", 0x0, 0xffffffffffffff32) r1 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) 10m26.570681253s ago: executing program 5 (id=218): mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000) munmap(&(0x7f0000f7c000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r1, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) 10m17.437857722s ago: executing program 5 (id=219): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x2) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100050, &(0x7f0000000000)=0x12}) munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) (async) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async) ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x2) (async) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100050, &(0x7f0000000000)=0x12}) (async) munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) (async) 10m1.085605632s ago: executing program 37 (id=215): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000200)=0x8000000}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000280)=0x400000080a0000}) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2b) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r3, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000}) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0xfffffffffffffff7) ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x7f) r5 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000ab5000/0x400000)=nil) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x50801, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CAP_ARM_MTE(r1, 0x4068aea3, &(0x7f0000000380)={0xb1}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x60800, 0x0) ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x83) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8521, 0x0) ioctl$KVM_GET_API_VERSION(0xffffffffffffffff, 0xae00, 0x0) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000980)={0x0, 0x0}, 0x0, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil}) r10 = openat$kvm(0x0, &(0x7f0000000100), 0x13b040, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) 9m50.269441972s ago: executing program 5 (id=221): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil) r1 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@msr={0x14, 0x20, {0x603000000013e711, 0x7}}, @uexit={0x0, 0x18, 0x7fff}, @irq_setup={0x46, 0x18, {0x4, 0xe9}}, @mrs={0xbe, 0x18, {0x345}}, @mrs={0xbe, 0x18, {0x603000000013df71}}, @svc={0x122, 0x40, {0x84000008, [0x200, 0xff, 0x7, 0xfffffffffffffff9, 0x2]}}], 0xc0}, &(0x7f0000000100)=[@featur2={0x1, 0x77}], 0x1) mmap$KVM_VCPU(&(0x7f0000c69000/0x4000)=nil, 0x0, 0x200000a, 0x100010, r1, 0x0) r2 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000001c0)={0x0, &(0x7f0000000140)=[@eret={0xe6, 0x18, 0x7}, @eret={0xe6, 0x18, 0x6}, @mrs={0xbe, 0x18, {0x603000000013df72}}], 0x48}, &(0x7f0000000200)=[@featur2={0x1, 0x40}], 0x1) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000280)=@arm64_sve={0x6080000000150345, &(0x7f0000000240)}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f0000000300)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x4024}) r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x11) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_RUN(r1, 0xae80, 0x0) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) r6 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000800)={0x0, &(0x7f0000000340)=[@hvc={0x32, 0x40, {0x1400, [0x3, 0x0, 0x8, 0x8000000000000000, 0xf]}}, @smc={0x1e, 0x40, {0x4000000, [0x4, 0x100, 0x5, 0x2, 0x7ff]}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x3, 0xe, 0x80, 0x5}}, @uexit={0x0, 0x18, 0xfffffffffffff6df}, @uexit={0x0, 0x18, 0x1d}, @msr={0x14, 0x20, {0x603000000013c014, 0xd1}}, @mrs={0xbe, 0x18, {0x6030000000138006}}, @irq_setup={0x46, 0x18, {0x0, 0x3bf}}, @hvc={0x32, 0x40, {0x84000004, [0x7, 0x6, 0x5, 0x7fff, 0x1d8]}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0xec}}, @smc={0x1e, 0x40, {0xc4000001, [0x1ff, 0x8, 0xb68, 0x8c8, 0x4]}}, @smc={0x1e, 0x40, {0x31000000, [0xd42, 0x7, 0xfffffffffffffff9, 0x9, 0x8]}}, @hvc={0x32, 0x40, {0x7, [0x0, 0x6, 0xe, 0x4, 0xd]}}, @uexit={0x0, 0x18, 0x1}, @hvc={0x32, 0x40, {0x200, [0xfffffffffffffff9, 0x1, 0x1ff, 0x5, 0x9]}}, @mrs={0xbe, 0x18, {0x603000000013df7f}}, @svc={0x122, 0x40, {0x2, [0x190, 0x8, 0x86, 0xfffffffffffffc00, 0xca]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x70, 0x5, 0x7}}, @uexit={0x0, 0x18, 0x4}, @uexit={0x0, 0x18, 0x3}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x34a}}, @smc={0x1e, 0x40, {0x0, [0x2, 0x1, 0xffbf, 0xd, 0xfff]}}, @code={0xa, 0x9c, {"40ef8ad20040b8f2e10080d2620080d2030180d2a40080d2020000d4007008d5a0799ad200a0b0f2210080d2420080d2230180d2040080d2020000d4008081d200a0b0f2610180d2c20180d2a30180d2c40180d2020000d4007008d520599dd200a0b8f2c10080d2820180d2c30180d2e40180d2020000d400f8a12e000000aa008008d500008029"}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x3f7}}], 0x48c}, &(0x7f0000000840)=[@featur2={0x1, 0x10}], 0x1) mmap$KVM_VCPU(&(0x7f0000d08000/0x3000)=nil, r5, 0x2000008, 0x14032, r6, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000e4a000/0x1000)=nil, r5, 0x0, 0x8010, r7, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f00000008c0)=@attr_other={0x0, 0xd51, 0x7f, &(0x7f0000000880)=0x2}) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000900)={0xb, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000980)=@attr_other={0x0, 0x6, 0x6, &(0x7f0000000940)=0x5}) r9 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000b80)={0x0, &(0x7f00000009c0)=[@smc={0x1e, 0x40, {0xc4000004, [0xd2, 0xc, 0x400, 0x9, 0xfffffffffffffffd]}}, @svc={0x122, 0x40, {0x8400000c, [0x3, 0x9, 0x3, 0x2]}}, @msr={0x14, 0x20, {0x603000000013e6ce, 0x7f}}, @mrs={0xbe, 0x18, {0x603000000013da11}}, @uexit={0x0, 0x18, 0x3}, @svc={0x122, 0x40, {0x84000007, [0x0, 0x7, 0x2, 0x5, 0x46]}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x1, 0xa, 0x7fff, 0x1, 0x1}}, @svc={0x122, 0x40, {0x84000010, [0x2, 0x9, 0xd81f, 0x1, 0x6]}}, @mrs={0xbe, 0x18, {0x603000000013c082}}, @irq_setup={0x46, 0x18, {0x4, 0x330}}], 0x1a8}, &(0x7f0000000bc0)=[@featur1={0x1, 0x45}], 0x1) syz_kvm_setup_cpu$arm64(r3, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000001040)=[{0x0, &(0x7f0000000c00)=[@msr={0x14, 0x20, {0x603000000013c4d3, 0x6}}, @msr={0x14, 0x20, {0x603000000013c644, 0x7}}, @hvc={0x32, 0x40, {0x4000, [0x9, 0x8, 0x481, 0x19, 0x8]}}, @hvc={0x32, 0x40, {0x2000, [0x4, 0x3, 0x5, 0x8, 0xd]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x3, 0x5, 0x3, 0x2000, 0x2}}, @eret={0xe6, 0x18, 0x7}, @memwrite={0x6e, 0x30, @generic={0x4, 0xfe9, 0xfffffffffffff553, 0xa}}, @uexit={0x0, 0x18, 0x62}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x2, 0xa, 0x7, 0x7cad, 0x1}}, @svc={0x122, 0x40, {0xc400000c, [0xd6de, 0x1, 0x8, 0x6, 0xff]}}, @hvc={0x32, 0x40, {0x2, [0x4, 0x6, 0x8, 0x33, 0xfffffffffffffffe]}}, @eret={0xe6, 0x18, 0x5}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x1, 0x8, 0x8, 0x2, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x3, 0xa, 0x1000000, 0x4, 0x4}}, @smc={0x1e, 0x40, {0x84000051, [0x9, 0x80, 0x8, 0x0, 0xc]}}, @uexit={0x0, 0x18, 0x5}, @uexit={0x0, 0x18, 0x3}, @hvc={0x32, 0x40, {0x84000012, [0x8, 0x2, 0x8, 0xffff, 0x8]}}, @eret={0xe6, 0x18, 0x1}, @smc={0x1e, 0x40, {0xc4000005, [0xfffffffffffffff9, 0x9, 0x5329, 0x4, 0x9]}}, @irq_setup={0x46, 0x18, {0x2, 0x1e2}}, @smc={0x1e, 0x40, {0x8400000a, [0x7fffffffffffffff, 0x2, 0xa3, 0x3, 0x7]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x40, 0x0, 0x93e062ff45377038}}, @smc={0x1e, 0x40, {0xc4000001, [0x4, 0x4, 0x7, 0x1, 0x9]}}, @eret={0xe6, 0x18, 0x1d9b000000000000}], 0x440}], 0x1, 0x0, &(0x7f0000001080)=[@featur1={0x1, 0x91}], 0x1) ioctl$KVM_CHECK_EXTENSION_VM(r3, 0xae03, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000001100)=@attr_other={0x0, 0x2, 0xb4c, &(0x7f00000010c0)=0x2}) ioctl$KVM_GET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee2, &(0x7f0000001140)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x8}) r10 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x17) ioctl$KVM_SET_GSI_ROUTING(r10, 0x4008ae6a, &(0x7f0000001180)={0x7, 0x0, [{0x4, 0x4, 0x0, 0x0, @sint={0x7, 0x5}}, {0x0, 0x2, 0x0, 0x0, @msi={0xfffffffd, 0x6, 0xb, 0x7}}, {0x5, 0x1, 0x0, 0x0, @sint={0xffff, 0x8000}}, {0x0, 0x4, 0x1, 0x0, @msi={0x88, 0x8000, 0x2, 0x3}}, {0x7, 0x5, 0x1, 0x0, @adapter={0x5, 0x74, 0x8001, 0x1e82, 0x5831}}, {0x2, 0x4, 0x0, 0x0, @adapter={0xb3, 0x6, 0xc64b, 0x2, 0xb1}}, {0xfff, 0x4, 0x1, 0x0, @irqchip={0x2, 0x7}}]}) syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r11 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) syz_kvm_setup_cpu$arm64(r10, r11, &(0x7f0000c00000/0x400000)=nil, &(0x7f00000017c0)=[{0x0, &(0x7f0000001300)=[@hvc={0x32, 0x40, {0x200, [0x7, 0x2, 0xa556, 0x1d5, 0x8]}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x270}}, @hvc={0x32, 0x40, {0x84000010, [0x6, 0x8, 0x4e1, 0x7, 0xb6]}}, @uexit={0x0, 0x18, 0x5}, @msr={0x14, 0x20, {0x603000000013e298, 0x5}}, @uexit={0x0, 0x18, 0x98b}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x30e}}, @irq_setup={0x46, 0x18, {0x2, 0x3d9}}, @uexit={0x0, 0x18, 0x6}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x3, 0x8, 0xc5f8, 0x4}}, @svc={0x122, 0x40, {0x8400000c, [0xd, 0xffffffffffffffff, 0x1, 0x17, 0x6]}}, @smc={0x1e, 0x40, {0xc5000021, [0x3, 0x80000000, 0x7, 0x7, 0x8f]}}, @eret={0xe6, 0x18, 0x2}, @eret={0xe6, 0x18, 0x651}, @svc={0x122, 0x40, {0x84000005, [0x4, 0x0, 0x82ee, 0x200, 0x400]}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x4, 0x8, 0x9, 0x40, 0x4}}, @smc={0x1e, 0x40, {0xc4000003, [0x6d80, 0x7, 0xed, 0xa, 0x7682f414]}}, @smc={0x1e, 0x40, {0xc4000053, [0x5, 0x5, 0x71e44737, 0x2, 0x8]}}, @svc={0x122, 0x40, {0x100, [0x2, 0x8, 0x6, 0x8, 0x3]}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x11a}}, @irq_setup={0x46, 0x18, {0x3, 0x36f}}, @irq_setup={0x46, 0x18, {0x1, 0x7f}}, @hvc={0x32, 0x40, {0x100, [0x3, 0x6, 0x9, 0x0, 0x5]}}, @code={0xa, 0x84, {"20ab99d20080b0f2810180d2620180d2c30180d2440180d2020000d4008008d5201c9fd200c0b8f2c10080d2620080d2e30080d2640180d2020000d4a00489d20040b0f2810080d2420180d2430080d2640180d2020000d40084a00d000028d5e003004b000028d500f8a15e007008d5"}}, @mrs={0xbe, 0x18, {0x603000000013803f}}], 0x484}], 0x1, 0x0, &(0x7f0000001800)=[@featur2={0x1, 0x1b6}], 0x1) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000001840)={0x5, 0xffffffffffffffff, 0x1}) ioctl$KVM_GET_DEVICE_ATTR(r12, 0x4018aee2, &(0x7f00000018c0)=@attr_other={0x0, 0x4, 0x4281, &(0x7f0000001880)=0x6}) 9m40.251170337s ago: executing program 5 (id=222): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) r2 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece) ioctl$KVM_GET_REGS(r2, 0x8360ae81, &(0x7f0000000140)) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r4 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2c) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = eventfd2(0x8, 0x80800) mmap$KVM_VCPU(&(0x7f0000d95000/0x4000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xe) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) ioctl$KVM_RUN(r12, 0xae80, 0x0) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x0, r9, 0x2}) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000040)={0x9, 0x100000, 0x0, r9, 0x2acae4af004b26bf}) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000000)={0x1, 0x0, 0x0, r9, 0xf}) r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) ioctl$KVM_GET_DIRTY_LOG(r14, 0x4010ae42, 0x0) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) syz_kvm_setup_cpu$arm64(r1, r12, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000340)=[{0x0, &(0x7f0000000840)=[@irq_setup={0x46, 0x18, {0x3, 0x3db}}, @eret={0xe6, 0x18, 0x10001}, @uexit={0x0, 0x18, 0x4}, @smc={0x1e, 0x40, {0x80007fff, [0x6, 0x5, 0x7fffffffffffffff, 0x2, 0x100]}}, @irq_setup={0x46, 0x18, {0x2, 0xf1}}, @uexit={0x0, 0x18, 0x3}, @hvc={0x32, 0x40, {0x84000008, [0x6, 0x8559, 0x7, 0x7fffffff, 0x400]}}, @irq_setup={0x46, 0x18, {0x3, 0x41}}, @code={0xa, 0x84, {"00b695d20000b0f2810080d2020080d2430180d2840080d2020000d4007008d520818ed20020b8f2a10080d2820080d2230080d2e40180d2020000d4007008d500b8a12e007008d520c989d20040b8f2210180d2620080d2a30180d2e40080d2020000d4007008d5000028d5008008d5"}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x0, 0xe, 0x6, 0x3, 0x1}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x61}}, @hvc={0x32, 0x40, {0x31000000, [0x30e4, 0x100000001, 0x5, 0x1, 0x40]}}, @mrs={0xbe, 0x18, {0x603000000013def1}}, @eret={0xe6, 0x18, 0xaceca58}], 0x254}], 0x1, 0x0, &(0x7f0000000380)=[@featur2={0x1, 0x43}], 0x1) ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f0000000000)=@arm64_sys={0x603000000013c00a, &(0x7f00000000c0)=0x20000000009}) r15 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r3, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r15, 0x20, &(0x7f0000000240)="04198bd844c9e8748f0f0244293d2bbd9400bfc2ed44db9969759357abeb8d8dc8e856a4606c2e979f98d67e4ff39f6c610dc37b175c3ad3c9952305abf000", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000300)=@attr_other={0x0, 0x807, 0xd08, &(0x7f00000002c0)=0x200000000}) 8m52.459903949s ago: executing program 38 (id=222): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) r2 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece) ioctl$KVM_GET_REGS(r2, 0x8360ae81, &(0x7f0000000140)) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r4 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2c) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = eventfd2(0x8, 0x80800) mmap$KVM_VCPU(&(0x7f0000d95000/0x4000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xe) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) ioctl$KVM_RUN(r12, 0xae80, 0x0) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x0, r9, 0x2}) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000040)={0x9, 0x100000, 0x0, r9, 0x2acae4af004b26bf}) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000000)={0x1, 0x0, 0x0, r9, 0xf}) r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) ioctl$KVM_GET_DIRTY_LOG(r14, 0x4010ae42, 0x0) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) syz_kvm_setup_cpu$arm64(r1, r12, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000340)=[{0x0, &(0x7f0000000840)=[@irq_setup={0x46, 0x18, {0x3, 0x3db}}, @eret={0xe6, 0x18, 0x10001}, @uexit={0x0, 0x18, 0x4}, @smc={0x1e, 0x40, {0x80007fff, [0x6, 0x5, 0x7fffffffffffffff, 0x2, 0x100]}}, @irq_setup={0x46, 0x18, {0x2, 0xf1}}, @uexit={0x0, 0x18, 0x3}, @hvc={0x32, 0x40, {0x84000008, [0x6, 0x8559, 0x7, 0x7fffffff, 0x400]}}, @irq_setup={0x46, 0x18, {0x3, 0x41}}, @code={0xa, 0x84, {"00b695d20000b0f2810080d2020080d2430180d2840080d2020000d4007008d520818ed20020b8f2a10080d2820080d2230080d2e40180d2020000d4007008d500b8a12e007008d520c989d20040b8f2210180d2620080d2a30180d2e40080d2020000d4007008d5000028d5008008d5"}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x0, 0xe, 0x6, 0x3, 0x1}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x61}}, @hvc={0x32, 0x40, {0x31000000, [0x30e4, 0x100000001, 0x5, 0x1, 0x40]}}, @mrs={0xbe, 0x18, {0x603000000013def1}}, @eret={0xe6, 0x18, 0xaceca58}], 0x254}], 0x1, 0x0, &(0x7f0000000380)=[@featur2={0x1, 0x43}], 0x1) ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f0000000000)=@arm64_sys={0x603000000013c00a, &(0x7f00000000c0)=0x20000000009}) r15 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r3, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r15, 0x20, &(0x7f0000000240)="04198bd844c9e8748f0f0244293d2bbd9400bfc2ed44db9969759357abeb8d8dc8e856a4606c2e979f98d67e4ff39f6c610dc37b175c3ad3c9952305abf000", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000300)=@attr_other={0x0, 0x807, 0xd08, &(0x7f00000002c0)=0x200000000}) 2m3.289770229s ago: executing program 7 (id=220): openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000b97000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000280)={0x0, 0x0}, 0x0, 0x0) (async) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000280)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013c090, &(0x7f00000000c0)=0xfffffffffffffffe}) (async) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013c090, &(0x7f00000000c0)=0xfffffffffffffffe}) openat$kvm(0x0, &(0x7f0000000180), 0x2000, 0x0) ioctl$KVM_ARM_SET_DEVICE_ADDR(r3, 0x4010aeab, &(0x7f0000000000)={0xffffffffffff8000, 0x4000}) (async) ioctl$KVM_ARM_SET_DEVICE_ADDR(r3, 0x4010aeab, &(0x7f0000000000)={0xffffffffffff8000, 0x4000}) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xc) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r6, 0x3, 0xa0) r7 = eventfd2(0x6, 0x800) ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000000280)={r7, 0x9}) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r9, 0x1, 0x100) (async) r11 = syz_kvm_vgic_v3_setup(r9, 0x1, 0x100) openat$kvm(0x0, &(0x7f00000001c0), 0x181000, 0x0) (async) r12 = openat$kvm(0x0, &(0x7f00000001c0), 0x181000, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) r14 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r13, 0x3, 0x200) (async) r16 = syz_kvm_vgic_v3_setup(r13, 0x3, 0x200) ioctl$KVM_RUN(r15, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0x5, 0xc, 0x0}) (async) ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0x5, 0xc, 0x0}) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000100)={0x8}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x8, 0x6, &(0x7f0000000200)=0x200}) (async) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x8, 0x6, &(0x7f0000000200)=0x200}) 1m39.530188605s ago: executing program 7 (id=224): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f000054a000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@mrs={0xbe, 0x18, {0x603000000013808c}}], 0x18}, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r2, 0x300000d, 0x8010, r5, 0x0) mmap$KVM_VCPU(&(0x7f0000ffc000/0x3000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x20) ioctl$KVM_PPC_ALLOCATE_HTAB(r6, 0xc004aea7, &(0x7f0000000000)=0x4) r7 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000bfe000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vm(r6, 0x4018aee2, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000180)={0x1, 0xe00, 0x2}}) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000080)=@arm64_core={0x6030000000100032, &(0x7f0000000040)=0x40}) r9 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r9, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="be00000000000000180000000000000001c8"], 0x18}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r9, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000ff5000/0x8000)=nil, r2, 0x1000001, 0x1010, r9, 0x0) 1m35.992128115s ago: executing program 8 (id=223): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r3, 0xae03, 0x58) r4 = eventfd2(0x8, 0x80800) (async) r5 = eventfd2(0x8, 0x80800) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x7ffffffffffffffe, 0xeeee0000, 0x8, r5}) (async) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x1, r4, 0x3}) (async) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x8, r4, 0xa}) (async) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x24) (async) r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) (async) r8 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f00000002c0)=[@hvc={0x32, 0x40, {0x4005, [0x992000000000, 0x0, 0x1, 0xffffffffffffff81, 0x200]}}, @smc={0x1e, 0x40, {0x8400000d, [0x6, 0x2, 0x8001, 0x6, 0x1ff]}}, @code={0xa, 0xffffffffffffffbd, {"007c0013608e9bd200e0b0f2a10180d2e20080d2230080d2e40080d2020000d40080804800804008008008d580608fd20060b0f2e10180d2c20080d2830180d2e40180d2020000d4007008d5000028d50000291e60308bd20000b8f2e10080d2a20180d2630080d2a40180d2020000d4"}}, @code={0xa, 0x9c, {"0034200e407383d20020b8f2210080d2620180d2230080d2c40180d2020000d400c0202e008008d5007008d5a09e94d20060b8f2a10180d2c20080d2e30080d2e40080d2020000d4a0de83d20060b0f2810080d2220080d2c30180d2640180d2020000d400a0200e00000008807d8fd20000b8f2c10080d2420080d2a30080d2e40080d2020000d4"}}, @hvc={0x32, 0x40, {0x400, [0x5, 0x113b, 0x0, 0x2, 0x200]}}, @svc={0x122, 0x40, {0x84000011, [0x4fdf1482, 0xfffffffffffffff7, 0xffffffff, 0x3, 0x4]}}, @eret={0xe6, 0x18, 0x6}, @smc={0x1e, 0x40, {0x4000, [0x6, 0x9, 0xc00, 0x0, 0x1000]}}, @mrs={0xbe, 0x18, {0x603000000013e722}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x2, 0xa, 0x800, 0x1, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0xd0, 0x5, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013c2a8}}, @msr={0x14, 0x20, {0x603000000013c807, 0xcc0}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0xff28, 0x3, 0x6}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x3, 0x6, 0x1, 0x9, 0x3}}, @irq_setup={0x46, 0x18, {0x4, 0x212}}, @msr={0x14, 0x20, {0x603000000013df51, 0x9}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x3, 0x0, 0x2, 0x6, 0x1}}, @msr={0x14, 0x20, {0x603000000013c2a6, 0x800}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xffd0, 0x3, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0xe00, 0x2}}], 0x458}, &(0x7f0000000080)=[@featur2], 0x1) mmap$KVM_VCPU(&(0x7f0000ffe000/0x2000)=nil, r7, 0x4000006, 0x10010, r8, 0x0) (async) r9 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x169880, 0x0) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r13, 0x0) syz_kvm_setup_cpu$arm64(r12, r13, &(0x7f0000009000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r13, 0xae80, 0x0) ioctl$KVM_CHECK_EXTENSION(r10, 0x5450, 0x1) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x2, &(0x7f0000000280)=0x400000080a0000}) 1m18.74971101s ago: executing program 8 (id=225): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013df1a, &(0x7f0000000040)=0xffffffffffffffff}) r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013dcf0, 0x3}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r7, 0xae80, 0x0) 1m12.390501549s ago: executing program 7 (id=226): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2c) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x7fffffffffffffff}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$arm64(r1, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000280)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 59.17019148s ago: executing program 8 (id=227): r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r0, 0x4020aeae, &(0x7f0000000040)={0x0, 0xc0}) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000380)={0x4, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000340)=@attr_other={0x0, 0x4, 0xfff, &(0x7f0000000300)=0x100000000007d}) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$KVM_GET_API_VERSION(r7, 0xae03, 0x42) ioctl$KVM_SET_DEVICE_ATTR_vm(r5, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r10, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve={0x608000000015037a, 0x0}) r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r12, r13, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1e000000000000004000000000000000000000ef000000003a08000000000000010000000000000002c0f70000000000030000000000000004020000000000001400000000000000200000000000000084"], 0x60}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r13, 0xae80, 0x0) r14 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000002c0)={0x0, &(0x7f0000000200)}, 0x0, 0x0) ioctl$KVM_RUN(r14, 0xae80, 0x0) r15 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r16, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r16, 0x4068aea3, &(0x7f0000000180)={0xa8, 0x0, 0x2}) ioctl$KVM_RUN(r14, 0xae80, 0x0) ioctl$KVM_ARM_VCPU_FINALIZE(r14, 0x4004aec2, &(0x7f0000000000)=0x4) 48.419108259s ago: executing program 7 (id=228): openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x34) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) (async) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) syz_kvm_assert_reg(r5, 0x603000000013c4f1, 0x8000) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r5, 0x4018aee3, &(0x7f0000000100)=@attr_pmu_irq={0x0, 0x0, 0x0, 0x0}) syz_kvm_vgic_v3_setup(r1, 0x1, 0x40) (async) r6 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f00000000c0)}) (async) ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f00000000c0)}) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) 9.593451911s ago: executing program 39 (id=227): r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r0, 0x4020aeae, &(0x7f0000000040)={0x0, 0xc0}) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000380)={0x4, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000340)=@attr_other={0x0, 0x4, 0xfff, &(0x7f0000000300)=0x100000000007d}) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$KVM_GET_API_VERSION(r7, 0xae03, 0x42) ioctl$KVM_SET_DEVICE_ATTR_vm(r5, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r10, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve={0x608000000015037a, 0x0}) r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r12, r13, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1e000000000000004000000000000000000000ef000000003a08000000000000010000000000000002c0f70000000000030000000000000004020000000000001400000000000000200000000000000084"], 0x60}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r13, 0xae80, 0x0) r14 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000002c0)={0x0, &(0x7f0000000200)}, 0x0, 0x0) ioctl$KVM_RUN(r14, 0xae80, 0x0) r15 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r16, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r16, 0x4068aea3, &(0x7f0000000180)={0xa8, 0x0, 0x2}) ioctl$KVM_RUN(r14, 0xae80, 0x0) ioctl$KVM_ARM_VCPU_FINALIZE(r14, 0x4004aec2, &(0x7f0000000000)=0x4) 0s ago: executing program 40 (id=228): openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x34) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) (async) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) syz_kvm_assert_reg(r5, 0x603000000013c4f1, 0x8000) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r5, 0x4018aee3, &(0x7f0000000100)=@attr_pmu_irq={0x0, 0x0, 0x0, 0x0}) syz_kvm_vgic_v3_setup(r1, 0x1, 0x40) (async) r6 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f00000000c0)}) (async) ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f00000000c0)}) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): [ 374.542134][ T3151] 8021q: adding VLAN 0 to HW filter on device bond0 [ 406.906112][ T3151] eql: remember to turn off Van-Jacobson compression on your slave devices Warning: Permanently added '[localhost]:3957' (ED25519) to the list of known hosts. [ 588.477887][ T25] audit: type=1400 audit(587.710:61): avc: denied { name_bind } for pid=3307 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 589.377354][ T25] audit: type=1400 audit(588.610:62): avc: denied { execute } for pid=3308 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 589.403389][ T25] audit: type=1400 audit(588.640:63): avc: denied { execute_no_trans } for pid=3308 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 608.716634][ T25] audit: type=1400 audit(607.950:64): avc: denied { mounton } for pid=3308 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 608.752191][ T25] audit: type=1400 audit(607.980:65): avc: denied { mount } for pid=3308 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 608.831774][ T3308] cgroup: Unknown subsys name 'net' [ 608.883329][ T25] audit: type=1400 audit(608.120:66): avc: denied { unmount } for pid=3308 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 609.269361][ T3308] cgroup: Unknown subsys name 'cpuset' [ 609.365807][ T3308] cgroup: Unknown subsys name 'rlimit' [ 610.264136][ T25] audit: type=1400 audit(609.500:67): avc: denied { setattr } for pid=3308 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 610.282877][ T25] audit: type=1400 audit(609.510:68): avc: denied { mounton } for pid=3308 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 610.320441][ T25] audit: type=1400 audit(609.540:69): avc: denied { mount } for pid=3308 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 611.444910][ T3311] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 611.465516][ T25] audit: type=1400 audit(610.700:70): avc: denied { relabelto } for pid=3311 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 611.490737][ T25] audit: type=1400 audit(610.720:71): avc: denied { write } for pid=3311 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 611.665411][ T25] audit: type=1400 audit(610.900:72): avc: denied { read } for pid=3308 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 611.687432][ T25] audit: type=1400 audit(610.910:73): avc: denied { open } for pid=3308 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 611.734308][ T3308] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 660.923205][ T25] audit: type=1400 audit(660.160:74): avc: denied { execmem } for pid=3312 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 665.463478][ T25] audit: type=1400 audit(664.700:75): avc: denied { read } for pid=3314 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 665.477667][ T25] audit: type=1400 audit(664.710:76): avc: denied { open } for pid=3314 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 665.538321][ T25] audit: type=1400 audit(664.770:77): avc: denied { mounton } for pid=3314 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 665.807775][ T25] audit: type=1400 audit(665.040:78): avc: denied { module_request } for pid=3314 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 665.826582][ T25] audit: type=1400 audit(665.060:79): avc: denied { module_request } for pid=3315 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 666.925814][ T25] audit: type=1400 audit(666.140:80): avc: denied { sys_module } for pid=3314 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 690.207016][ T3314] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 690.337022][ T3314] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 691.394112][ T3315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 691.524459][ T3315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 706.540059][ T3314] hsr_slave_0: entered promiscuous mode [ 706.595860][ T3314] hsr_slave_1: entered promiscuous mode [ 708.817272][ T3315] hsr_slave_0: entered promiscuous mode [ 708.866955][ T3315] hsr_slave_1: entered promiscuous mode [ 708.911669][ T3315] debugfs: 'hsr0' already exists in 'hsr' [ 708.920826][ T3315] Cannot create hsr debugfs directory [ 714.000678][ T25] audit: type=1400 audit(713.230:81): avc: denied { create } for pid=3314 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 714.070060][ T25] audit: type=1400 audit(713.300:82): avc: denied { write } for pid=3314 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 714.101296][ T25] audit: type=1400 audit(713.330:83): avc: denied { read } for pid=3314 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 714.297008][ T3314] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 714.673372][ T3314] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 714.916553][ T3314] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 715.228147][ T3314] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 716.606789][ T3315] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 716.787734][ T3315] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 716.965727][ T3315] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 717.215069][ T3315] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 729.237971][ T3314] 8021q: adding VLAN 0 to HW filter on device bond0 [ 731.598396][ T3315] 8021q: adding VLAN 0 to HW filter on device bond0 [ 789.983900][ T3314] veth0_vlan: entered promiscuous mode [ 790.415326][ T3314] veth1_vlan: entered promiscuous mode [ 792.304273][ T3314] veth0_macvtap: entered promiscuous mode [ 792.561458][ T3315] veth0_vlan: entered promiscuous mode [ 792.785981][ T3314] veth1_macvtap: entered promiscuous mode [ 793.363658][ T3315] veth1_vlan: entered promiscuous mode [ 795.025608][ T35] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 795.137873][ T35] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 795.221812][ T35] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 795.228287][ T35] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 796.201513][ T3315] veth0_macvtap: entered promiscuous mode [ 796.803885][ T3315] veth1_macvtap: entered promiscuous mode [ 797.541030][ T25] audit: type=1400 audit(796.770:84): avc: denied { mount } for pid=3314 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 797.902462][ T25] audit: type=1400 audit(797.130:85): avc: denied { mounton } for pid=3314 comm="syz-executor" path="/syzkaller.eDbJKl/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 798.096103][ T25] audit: type=1400 audit(797.300:86): avc: denied { mount } for pid=3314 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 798.346532][ T25] audit: type=1400 audit(797.550:87): avc: denied { mounton } for pid=3314 comm="syz-executor" path="/syzkaller.eDbJKl/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 798.483978][ T25] audit: type=1400 audit(797.710:88): avc: denied { mounton } for pid=3314 comm="syz-executor" path="/syzkaller.eDbJKl/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3761 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 799.043583][ T25] audit: type=1400 audit(798.280:89): avc: denied { unmount } for pid=3314 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 799.143401][ T2099] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 799.147196][ T2099] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 799.163166][ T2099] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 799.174003][ T2099] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 799.355261][ T25] audit: type=1400 audit(798.580:90): avc: denied { mounton } for pid=3314 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 799.460817][ T25] audit: type=1400 audit(798.680:91): avc: denied { mount } for pid=3314 comm="syz-executor" name="/" dev="gadgetfs" ino=3770 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 799.787186][ T25] audit: type=1400 audit(799.020:92): avc: denied { mount } for pid=3314 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 799.910705][ T25] audit: type=1400 audit(799.120:93): avc: denied { mounton } for pid=3314 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 801.394659][ T3314] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 809.948097][ T25] kauditd_printk_skb: 4 callbacks suppressed [ 809.972833][ T25] audit: type=1400 audit(809.180:98): avc: denied { read } for pid=3471 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 810.060086][ T25] audit: type=1400 audit(809.280:99): avc: denied { open } for pid=3471 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 810.401175][ T25] audit: type=1400 audit(809.620:100): avc: denied { ioctl } for pid=3471 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 811.938179][ T25] audit: type=1400 audit(811.170:101): avc: denied { write } for pid=3471 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 869.474990][ T3365] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 870.526665][ T3365] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 871.464158][ T3365] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 872.392509][ T3365] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 885.663861][ T3365] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 885.805281][ T3365] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 885.907333][ T3365] bond0 (unregistering): Released all slaves [ 888.022949][ T3365] hsr_slave_0: left promiscuous mode [ 888.291464][ T3365] hsr_slave_1: left promiscuous mode [ 889.322998][ T3365] veth1_macvtap: left promiscuous mode [ 889.343451][ T3365] veth0_macvtap: left promiscuous mode [ 889.362801][ T3365] veth1_vlan: left promiscuous mode [ 889.391429][ T3365] veth0_vlan: left promiscuous mode [ 908.632106][ T3365] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 909.554509][ T3365] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 910.283097][ T3365] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 911.316277][ T3365] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 924.625454][ T3365] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 924.754124][ T3365] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 924.843899][ T3365] bond0 (unregistering): Released all slaves [ 926.162251][ T3365] hsr_slave_0: left promiscuous mode [ 926.320910][ T3365] hsr_slave_1: left promiscuous mode [ 926.759703][ T3365] veth1_macvtap: left promiscuous mode [ 926.762951][ T3365] veth0_macvtap: left promiscuous mode [ 926.776444][ T3365] veth1_vlan: left promiscuous mode [ 926.785523][ T3365] veth0_vlan: left promiscuous mode [ 955.065380][ T3479] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 955.294493][ T3479] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 962.243607][ T3481] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 962.456713][ T3481] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 976.372693][ T3479] hsr_slave_0: entered promiscuous mode [ 976.463818][ T3479] hsr_slave_1: entered promiscuous mode [ 982.374768][ T3481] hsr_slave_0: entered promiscuous mode [ 982.445330][ T3481] hsr_slave_1: entered promiscuous mode [ 982.483721][ T3481] debugfs: 'hsr0' already exists in 'hsr' [ 982.489938][ T3481] Cannot create hsr debugfs directory [ 990.856395][ T3479] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 991.323026][ T3479] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 991.713744][ T3479] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 991.921182][ T3479] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 996.387992][ T3481] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 996.753250][ T3481] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 997.097174][ T3481] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 997.508091][ T3481] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1017.004241][ T3479] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1023.214424][ T3481] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1109.115368][ T3479] veth0_vlan: entered promiscuous mode [ 1109.863643][ T3479] veth1_vlan: entered promiscuous mode [ 1112.344014][ T3479] veth0_macvtap: entered promiscuous mode [ 1112.684635][ T3479] veth1_macvtap: entered promiscuous mode [ 1115.501868][ T3481] veth0_vlan: entered promiscuous mode [ 1116.581519][ T3679] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1116.585455][ T3679] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1116.610799][ T3679] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1116.617501][ T3679] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1117.095799][ T3481] veth1_vlan: entered promiscuous mode [ 1121.291781][ T3481] veth0_macvtap: entered promiscuous mode [ 1122.206140][ T3481] veth1_macvtap: entered promiscuous mode [ 1126.262558][ T42] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1126.330684][ T2099] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1126.368074][ T2099] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1126.401864][ T2099] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1161.111072][ T25] audit: type=1400 audit(1160.070:102): avc: denied { execute } for pid=3717 comm="syz.2.6" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=5582 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 1206.389697][ T25] audit: type=1400 audit(1205.600:103): avc: denied { append } for pid=3746 comm="syz.2.10" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1221.210138][ T3365] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1222.877518][ T3365] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1224.222448][ T3365] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1225.990860][ T3365] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1251.444954][ T3365] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1252.255020][ T3365] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1252.821522][ T3365] bond0 (unregistering): Released all slaves [ 1256.043253][ T3365] hsr_slave_0: left promiscuous mode [ 1256.241835][ T3365] hsr_slave_1: left promiscuous mode [ 1257.161665][ T3365] veth1_macvtap: left promiscuous mode [ 1257.173948][ T3365] veth0_macvtap: left promiscuous mode [ 1257.176091][ T3365] veth1_vlan: left promiscuous mode [ 1257.177554][ T3365] veth0_vlan: left promiscuous mode [ 1347.987239][ T3753] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1348.256464][ T3753] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1383.847389][ T3753] hsr_slave_0: entered promiscuous mode [ 1383.986048][ T3753] hsr_slave_1: entered promiscuous mode [ 1384.081512][ T3753] debugfs: 'hsr0' already exists in 'hsr' [ 1384.090427][ T3753] Cannot create hsr debugfs directory [ 1403.810313][ T3753] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1404.293631][ T3753] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1404.714069][ T3753] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1405.202090][ T3753] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1435.814458][ T3753] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1553.425065][ T25] audit: type=1400 audit(1552.630:104): avc: denied { map } for pid=3990 comm="syz.2.36" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1553.521402][ T25] audit: type=1400 audit(1552.690:105): avc: denied { execute } for pid=3990 comm="syz.2.36" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1589.036462][ T3753] veth0_vlan: entered promiscuous mode [ 1589.893566][ T3753] veth1_vlan: entered promiscuous mode [ 1593.362197][ T3753] veth0_macvtap: entered promiscuous mode [ 1593.894496][ T3753] veth1_macvtap: entered promiscuous mode [ 1597.620979][ T2099] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1597.674320][ T42] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1597.693763][ T42] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1597.730725][ T42] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1761.927155][ T25] audit: type=1400 audit(1761.160:106): avc: denied { setattr } for pid=4128 comm="syz.4.56" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1837.468283][ T3407] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1839.227395][ T3407] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1841.074989][ T3407] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1842.654275][ T3407] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1867.445958][ T3407] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1867.831821][ T3407] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1868.013693][ T3407] bond0 (unregistering): Released all slaves [ 1871.200915][ T3407] hsr_slave_0: left promiscuous mode [ 1871.631417][ T3407] hsr_slave_1: left promiscuous mode [ 1872.483171][ T3407] veth1_macvtap: left promiscuous mode [ 1872.504516][ T3407] veth0_macvtap: left promiscuous mode [ 1872.531506][ T3407] veth1_vlan: left promiscuous mode [ 1872.580010][ T3407] veth0_vlan: left promiscuous mode [ 1955.175757][ T4160] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1955.527627][ T4160] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1996.367186][ T4160] hsr_slave_0: entered promiscuous mode [ 1996.525494][ T4160] hsr_slave_1: entered promiscuous mode [ 1996.622064][ T4160] debugfs: 'hsr0' already exists in 'hsr' [ 1996.642034][ T4160] Cannot create hsr debugfs directory [ 2015.255687][ T4160] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 2015.847009][ T4160] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 2016.252837][ T4160] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 2016.617709][ T4160] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 2053.345635][ T4160] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2218.975365][ T4160] veth0_vlan: entered promiscuous mode [ 2220.043743][ T4160] veth1_vlan: entered promiscuous mode [ 2224.541871][ T4160] veth0_macvtap: entered promiscuous mode [ 2225.173727][ T4160] veth1_macvtap: entered promiscuous mode [ 2229.330629][ T2106] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2229.484426][ T2106] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2229.623504][ T2106] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2229.624650][ T2106] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2348.663699][ T4297] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2350.877318][ T4297] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2352.989840][ T4297] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2354.924678][ T4297] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2379.853459][ T4297] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2380.361817][ T4297] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2380.594547][ T4297] bond0 (unregistering): Released all slaves [ 2383.241494][ T4297] hsr_slave_0: left promiscuous mode [ 2383.357817][ T4297] hsr_slave_1: left promiscuous mode [ 2384.034744][ T4297] veth1_macvtap: left promiscuous mode [ 2384.064326][ T4297] veth0_macvtap: left promiscuous mode [ 2384.108053][ T4297] veth1_vlan: left promiscuous mode [ 2384.132037][ T4297] veth0_vlan: left promiscuous mode [ 2495.994814][ T4454] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2496.351261][ T4454] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2542.624567][ T4454] hsr_slave_0: entered promiscuous mode [ 2542.776535][ T4454] hsr_slave_1: entered promiscuous mode [ 2565.016115][ T4454] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 2565.593727][ T4454] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 2566.194419][ T4454] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 2566.657810][ T4454] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 2608.814252][ T4454] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2793.466439][ T4454] veth0_vlan: entered promiscuous mode [ 2794.443276][ T4454] veth1_vlan: entered promiscuous mode [ 2798.007862][ T4454] veth0_macvtap: entered promiscuous mode [ 2798.832367][ T4454] veth1_macvtap: entered promiscuous mode [ 2803.288233][ T4003] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2803.308432][ T4177] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2803.343613][ T4177] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2803.344565][ T4177] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3518.915972][ T4177] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3521.141230][ T4177] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3523.271372][ T4177] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3524.773393][ T4177] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3553.047270][ T4177] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3553.346985][ T4177] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3553.666473][ T4177] bond0 (unregistering): Released all slaves [ 3556.868465][ T4177] hsr_slave_0: left promiscuous mode [ 3556.991051][ T4177] hsr_slave_1: left promiscuous mode [ 3557.980857][ T4177] veth1_macvtap: left promiscuous mode [ 3557.993693][ T4177] veth0_macvtap: left promiscuous mode [ 3557.996097][ T4177] veth1_vlan: left promiscuous mode [ 3557.997785][ T4177] veth0_vlan: left promiscuous mode [ 3599.636566][ T4177] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3601.858012][ T4177] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3603.685803][ T4177] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3606.215189][ T4177] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3631.530747][ T4177] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3631.997061][ T4177] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3632.190926][ T4177] bond0 (unregistering): Released all slaves [ 3635.190510][ T4177] hsr_slave_0: left promiscuous mode [ 3635.283688][ T4177] hsr_slave_1: left promiscuous mode [ 3635.832928][ T4177] veth1_macvtap: left promiscuous mode [ 3635.850892][ T4177] veth0_macvtap: left promiscuous mode [ 3635.871910][ T4177] veth1_vlan: left promiscuous mode [ 3635.896697][ T4177] veth0_vlan: left promiscuous mode [ 3688.068072][ T5067] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3688.912047][ T5067] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3703.211613][ T5085] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3703.463788][ T5085] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3723.174943][ T5067] hsr_slave_0: entered promiscuous mode [ 3723.294682][ T5067] hsr_slave_1: entered promiscuous mode [ 3741.675628][ T5085] hsr_slave_0: entered promiscuous mode [ 3741.717128][ T5085] hsr_slave_1: entered promiscuous mode [ 3741.747061][ T5085] debugfs: 'hsr0' already exists in 'hsr' [ 3741.774407][ T5085] Cannot create hsr debugfs directory [ 3744.535002][ T5067] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 3744.972906][ T5067] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 3745.377704][ T5067] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 3745.936932][ T5067] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 3761.983372][ T5085] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 3762.553993][ T5085] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 3763.030952][ T5085] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 3763.592040][ T5085] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 3781.785311][ T5067] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3801.342749][ T5085] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3946.853274][ T5067] veth0_vlan: entered promiscuous mode [ 3947.963445][ T5067] veth1_vlan: entered promiscuous mode [ 3952.082891][ T5067] veth0_macvtap: entered promiscuous mode [ 3952.764564][ T5067] veth1_macvtap: entered promiscuous mode [ 3957.055090][ T3408] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3957.098138][ T3408] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3957.342666][ T5215] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3957.376286][ T5215] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3968.714900][ T5085] veth0_vlan: entered promiscuous mode [ 3970.466984][ T5085] veth1_vlan: entered promiscuous mode [ 3975.594089][ T5085] veth0_macvtap: entered promiscuous mode [ 3976.448043][ T5085] veth1_macvtap: entered promiscuous mode [ 3982.182167][ T5215] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3982.231889][ T35] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3982.430061][ T4893] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3982.464449][ T3407] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 4247.353815][ T5363] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4247.823604][ T5363] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4254.752467][ T5367] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4255.295281][ T5367] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4305.811114][ T5363] hsr_slave_0: entered promiscuous mode [ 4305.888148][ T5363] hsr_slave_1: entered promiscuous mode [ 4306.056100][ T5363] debugfs: 'hsr0' already exists in 'hsr' [ 4306.094451][ T5363] Cannot create hsr debugfs directory [ 4313.496563][ T5367] hsr_slave_0: entered promiscuous mode [ 4313.613904][ T5367] hsr_slave_1: entered promiscuous mode [ 4313.732259][ T5367] debugfs: 'hsr0' already exists in 'hsr' [ 4313.770224][ T5367] Cannot create hsr debugfs directory [ 4353.035163][ T5363] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 4357.282947][ T5363] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 4358.256280][ T5363] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 4361.402233][ T5363] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 4378.605024][ T5367] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 4379.412515][ T5367] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 4380.038247][ T5367] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 4380.897929][ T5367] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 4418.514429][ T5363] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4434.765839][ T5367] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4499.191740][ T27] INFO: task syz.8.227:5339 blocked for more than 430 seconds. [ 4499.217381][ T27] Not tainted syzkaller #0 [ 4499.301655][ T27] Blocked by coredump. [ 4499.321146][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 4499.321811][ T27] task:syz.8.227 state:D stack:0 pid:5339 tgid:5337 ppid:5085 task_flags:0x40044c flags:0x00000019 [ 4499.323311][ T27] Call trace: [ 4499.323799][ T27] __switch_to+0x584/0xb20 (T) [ 4499.325857][ T27] __schedule+0x1eec/0x33a4 [ 4499.326439][ T27] schedule+0xac/0x27c [ 4499.326920][ T27] schedule_timeout+0x5c/0x1e4 [ 4499.327358][ T27] do_wait_for_common+0x28c/0x444 [ 4499.327839][ T27] wait_for_completion+0x44/0x5c [ 4499.328337][ T27] __synchronize_srcu+0x2a4/0x320 [ 4499.535201][ T27] synchronize_srcu+0x3cc/0x4f0 [ 4499.551876][ T27] __mmu_notifier_release+0x424/0x614 [ 4499.552568][ T27] exit_mmap+0xb8/0xbb8 [ 4499.553026][ T27] __mmput+0x10c/0x528 [ 4499.553533][ T27] mmput+0x70/0xac [ 4499.553982][ T27] exit_mm+0x158/0x258 [ 4499.554421][ T27] do_exit+0x788/0x2378 [ 4499.554837][ T27] do_group_exit+0x1d4/0x2ac [ 4499.555270][ T27] get_signal+0x1440/0x1554 [ 4499.555730][ T27] do_signal+0x23c/0x4dd0 [ 4499.556209][ T27] do_notify_resume+0xb0/0x270 [ 4499.556641][ T27] el0_svc+0xb8/0x164 [ 4499.557088][ T27] el0t_64_sync_handler+0x84/0x12c [ 4499.557543][ T27] el0t_64_sync+0x198/0x19c SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 4499.731105][ T27] [ 4499.731105][ T27] Showing all locks held in the system: [ 4499.731924][ T27] 1 lock held by khungtaskd/27: [ 4499.732380][ T27] #0: ffff800087806858 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48 [ 4499.734814][ T27] 3 locks held by kworker/u4:2/35: [ 4499.735320][ T27] 3 locks held by kworker/u4:5/2099: [ 4499.735653][ T27] 1 lock held by klogd/3114: [ 4499.735954][ T27] 2 locks held by getty/3179: [ 4499.736272][ T27] #0: 5ff00000121068a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c [ 4499.737939][ T27] #1: ccff80008c54b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8 [ 4499.902134][ T27] 2 locks held by syz-executor/3308: [ 4499.902511][ T27] 3 locks held by kworker/u4:7/3407: [ 4499.902808][ T27] 2 locks held by kworker/u4:8/3408: [ 4499.903080][ T27] #0: 7ff000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18 [ 4499.904748][ T27] #1: ffff80008ff87c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18 [ 4499.906484][ T27] 2 locks held by kworker/u4:11/4297: [ 4499.906873][ T27] 3 locks held by kworker/u4:14/5215: [ 4499.907180][ T27] 2 locks held by syz.7.228/5341: [ 4499.907559][ T27] 2 locks held by kworker/u4:15/5500: [ 4499.907843][ T27] #0: 7ff000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18 [ 4500.041595][ T27] #1: ffff8000a18a7c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18 [ 4500.043315][ T27] 1 lock held by cmp/5528: [ 4500.043650][ T27] 2 locks held by modprobe/5529: [ 4500.103158][ T27] [ 4500.103765][ T27] ============================================= [ 4500.103765][ T27] [ 4500.104615][ T27] Kernel panic - not syncing: hung_task: blocked tasks [ 4500.109049][ T27] CPU: 0 UID: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT [ 4500.110380][ T27] Hardware name: linux,dummy-virt (DT) [ 4500.111186][ T27] Call trace: [ 4500.111967][ T27] show_stack+0x2c/0x3c (C) [ 4500.112933][ T27] __dump_stack+0x30/0x40 [ 4500.113731][ T27] dump_stack_lvl+0x30/0x12c [ 4500.114517][ T27] dump_stack+0x1c/0x28 [ 4500.115258][ T27] vpanic+0x22c/0x59c [ 4500.116001][ T27] vpanic+0x0/0x59c [ 4500.116750][ T27] hung_task_panic+0x0/0x2c [ 4500.117582][ T27] kthread+0x794/0x9a0 [ 4500.118385][ T27] ret_from_fork+0x10/0x20 [ 4500.120134][ T27] Kernel Offset: disabled [ 4500.120852][ T27] CPU features: 0x000000,0001a300,5f7c67c1,057ffe1f [ 4500.121821][ T27] Memory Limit: none [ 4500.124034][ T27] Rebooting in 86400 seconds.. VM DIAGNOSIS: 15:43:04 Registers: info registers vcpu 0 CPU#0 PC=ffff8000864c9f88 X00=fffe8000026cbae0 X01=00000000000000de X02=0000000000000000 X03=0000000000000000 X04=0000000000000001 X05=0000000000000000 X06=0000000000000000 X07=ffff800085339500 X08=3df000000d9b9d80 X09=0000000000000000 X10=0ffff80008000768 X11=00000000000000ff X12=00000000000000ff X13=0000000000000000 X14=ffff80008000767c X15=00000000000000ff X16=0000000000000001 X17=fff07fffeb6e6000 X18=00000000000000ff X19=ffff800080007670 X20=ffff800080007578 X21=3df000000d9b9d80 X22=ffff800080007568 X23=ffff800080007930 X24=ffff800080007950 X25=ffff8000800075b8 X26=ffff8000876b5000 X27=00000000000000ff X28=0000000000000000 X29=ffff800080007620 X30=ffff8000800e30b8 SP=ffff800080007560 PSTATE=60402009 -ZC- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000 P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000 FFR=0000 Z00=0000000000000000:0a29732528097325 Z01=ffffffffffffffff:0000000000000000 Z02=0000000000000000:ffffffff00000000 Z03=0000000000000000:0000000000000000 Z04=0000000000000000:0000000000000000 Z05=0000000000000000:0000000000000000 Z06=0000000000000000:0000000000000000 Z07=0000000000000000:0000000000000000 Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000 Z17=0000000000000000:0000000000000000 Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000