last executing test programs: 42m35.120052878s ago: executing program 0 (id=42): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000040)={0x0, &(0x7f00000000c0)=[@hvc={0x32, 0x40, {0x8400000d, [0x8, 0x8, 0x1, 0x5, 0x1]}}, @code={0xa, 0x84, {"007008d50038202e0030004f001884d20020b8f2c10180d2220080d2630180d2440180d2020000d400000037601799d20000b8f2210080d2420080d2630180d2640080d2020000d4000820fc605b85d20040b0f2a10180d2420180d2230080d2c40180d2020000d40070800c0048215e"}}, @uexit={0x0, 0x18, 0x8}, @uexit={0x0, 0x18, 0x2}, @uexit={0x0, 0x18, 0x1f}, @msr={0x14, 0x20, {0x603000000013c518, 0x6da}}, @irq_setup={0x46, 0x18, {0x1, 0x107}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x17d}}, @eret={0xe6, 0x18, 0x1}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xb0, 0x4, 0xa}}, @irq_setup={0x46, 0x18, {0x4, 0x1a}}, @irq_setup={0x46, 0x18, {0x4, 0xcb}}, @msr={0x14, 0x20, {0x603000000013e520, 0x377c}}, @msr={0x14, 0x20, {0x603000000013c527, 0x3}}, @mrs={0xbe, 0x18}, @smc={0x1e, 0x40, {0x800, [0x8001, 0x7ff, 0xc84500000000000, 0x6, 0x8]}}, @svc={0x122, 0x40, {0x84000000, [0x1, 0x2, 0x8, 0x1b0f7f0e, 0x2]}}], 0x2bc}, &(0x7f0000000380)=[@featur2={0x1, 0x10}], 0x1) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, &(0x7f00000003c0)={0x5, [0x0, 0x8000, 0x80, 0x4, 0x7]}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CLEAR_DIRTY_LOG(r2, 0xc018aec0, &(0x7f0000000000)={0x10001, 0x400, 0xc0, 0x0}) openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) (async) syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000040)={0x0, &(0x7f00000000c0)=[@hvc={0x32, 0x40, {0x8400000d, [0x8, 0x8, 0x1, 0x5, 0x1]}}, @code={0xa, 0x84, {"007008d50038202e0030004f001884d20020b8f2c10180d2220080d2630180d2440180d2020000d400000037601799d20000b8f2210080d2420080d2630180d2640080d2020000d4000820fc605b85d20040b0f2a10180d2420180d2230080d2c40180d2020000d40070800c0048215e"}}, @uexit={0x0, 0x18, 0x8}, @uexit={0x0, 0x18, 0x2}, @uexit={0x0, 0x18, 0x1f}, @msr={0x14, 0x20, {0x603000000013c518, 0x6da}}, @irq_setup={0x46, 0x18, {0x1, 0x107}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x17d}}, @eret={0xe6, 0x18, 0x1}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xb0, 0x4, 0xa}}, @irq_setup={0x46, 0x18, {0x4, 0x1a}}, @irq_setup={0x46, 0x18, {0x4, 0xcb}}, @msr={0x14, 0x20, {0x603000000013e520, 0x377c}}, @msr={0x14, 0x20, {0x603000000013c527, 0x3}}, @mrs={0xbe, 0x18}, @smc={0x1e, 0x40, {0x800, [0x8001, 0x7ff, 0xc84500000000000, 0x6, 0x8]}}, @svc={0x122, 0x40, {0x84000000, [0x1, 0x2, 0x8, 0x1b0f7f0e, 0x2]}}], 0x2bc}, &(0x7f0000000380)=[@featur2={0x1, 0x10}], 0x1) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, &(0x7f00000003c0)={0x5, [0x0, 0x8000, 0x80, 0x4, 0x7]}) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$KVM_CLEAR_DIRTY_LOG(r2, 0xc018aec0, &(0x7f0000000000)={0x10001, 0x400, 0xc0, 0x0}) (async) 42m26.701369312s ago: executing program 0 (id=45): r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_vgic_v3_setup(r4, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f0000000080)=@attr_other={0x0, 0x9, 0x5660b638, &(0x7f0000000000)=0x4}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x2, &(0x7f0000000100)=0x4}) r6 = eventfd2(0x8, 0x80800) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xdddd1000, 0x0, r6}) close(r6) r7 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2d) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x27) r10 = syz_kvm_vgic_v3_setup(r9, 0x40000000000004, 0xc0) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x0, 0x9, &(0x7f0000000000)=0x7}) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r7, 0x4010aeb5, &(0x7f0000000000)={0x5, 0x40}) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x6832, r0, 0x0) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r7, 0x4068aea3, &(0x7f0000000040)={0xe4, 0x0, 0x3}) 42m17.975231772s ago: executing program 0 (id=47): r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) (async) ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f0000000000)=@x86={0xd, 0x0, 0x3, 0x0, 0x7, 0xff, 0xa9, 0x7, 0x7, 0x3, 0x80, 0x0, 0x0, 0x9, 0x1, 0x4, 0x5, 0x4, 0xd, '\x00', 0x0, 0x80}) (async) r2 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000bfe000/0x400000)=nil) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2c) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async) ioctl$KVM_SET_SREGS(r1, 0x4000ae84, &(0x7f0000000080)={{0xf000, 0x4000, 0x0, 0x0, 0x5, 0x9, 0x1, 0x4, 0x1, 0x7, 0x5, 0x4}, {0xdddd1000, 0x0, 0x3, 0x1, 0x8, 0x4, 0x9, 0x5, 0x5, 0x3, 0x3, 0x6}, {0x1000, 0x4, 0x0, 0x7e, 0xf, 0x6, 0x2, 0x81, 0x0, 0x5, 0x2e, 0x1}, {0x1000, 0x0, 0xc, 0xa, 0x9, 0x9f, 0x3, 0x7, 0x2, 0x24, 0x1, 0x5}, {0xeeef0000, 0xdddd0000, 0x8, 0x7, 0xf7, 0x8, 0x3, 0x6, 0x4, 0x1, 0xc, 0x5}, {0xdddd0000, 0x2, 0xf, 0xe1, 0x2, 0x8, 0x6, 0x3, 0x5, 0xe, 0x6, 0x7}, {0xd000, 0x0, 0x9, 0x10, 0x7, 0x6, 0x40, 0x1, 0x3, 0x15, 0x3, 0xc}, {0x0, 0x8080000, 0x0, 0x9, 0x8, 0x6, 0x4, 0x0, 0x1, 0x1, 0x9, 0x7}, {0x2000, 0x6}, {0x1b3bb6004, 0x9}, 0x10002, 0x0, 0x5000, 0x40000, 0xa, 0x1ac00, 0xd000, [0x9, 0xb, 0x0, 0x7]}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r0, 0x4018aee1, &(0x7f0000000200)=@attr_other={0x0, 0x40, 0x5, &(0x7f00000001c0)=0x5}) ioctl$KVM_GET_API_VERSION(r3, 0xae00, 0x0) ioctl$KVM_PRE_FAULT_MEMORY(r0, 0xc040aed5, &(0x7f0000000240)={0x100000, 0x115000}) (async) r5 = ioctl$KVM_GET_STATS_FD_vm(r0, 0xaece) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) (async) r7 = mmap$KVM_VCPU(&(0x7f0000c75000/0x2000)=nil, r4, 0x0, 0x13, r5, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000280)="8a4d8c0634e479a841f0c2d5b1bd718a110b9635a701615c46fc5050995cf7aea7be823070e86bfd1aebd62ea15f83b69302012780a9615b53830813bbb13d10470fa67d036c84a7", 0x0, 0x48) openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x80000, 0x0) (async) ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000000340)={0x4, 0x9}) r8 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x3) ioctl$KVM_SET_GSI_ROUTING(r5, 0x4008ae6a, &(0x7f0000000380)={0x7, 0x0, [{0x6712, 0xb8100e141fc51d78, 0x0, 0x0, @adapter={0x8, 0x9, 0x5, 0xd, 0xffff493e}}, {0x81, 0x2, 0x0, 0x0, @adapter={0x8000, 0x4, 0x8, 0x9b6, 0x4}}, {0x3, 0x5, 0x1, 0x0, @sint={0x2d, 0x80000001}}, {0x200, 0x1, 0x1, 0x0, @adapter={0x9, 0xeea, 0x2, 0x7, 0x81}}, {0x0, 0x5, 0x1, 0x0, @irqchip={0x0, 0xbb}}, {0x0, 0x5, 0x0, 0x0, @adapter={0x8, 0x1000, 0x7, 0x7}}, {0xa8a, 0x3, 0x0, 0x0, @sint={0x3, 0x3}}]}) ioctl$KVM_RUN(r5, 0xae80, 0x0) (async) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x10000) (async) ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f0000000500)=@arm64={0x81, 0x40, 0xf1, '\x00', 0xeb1f}) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r1, 0x4018aee2, &(0x7f0000000580)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000540)=0x401}) r9 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000009c0)={0x0, &(0x7f00000005c0)=[@mrs={0xbe, 0x18, {0x603000000013c016}}, @irq_setup={0x46, 0x18, {0x2, 0x1a3}}, @code={0xa, 0x54, {"007008d5e003bfd6000008d5008480d20080b0f2e10080d2420180d2830180d2e40180d2020000d4000c202e008008d5007c00130068603c007c0053000008d5"}}, @code={0xa, 0x6c, {"009c000fc0349dd20000b0f2010180d2420180d2830080d2440080d2020000d460a395d200c0b8f2410180d2c20080d2630080d2a40180d2020000d41020601e0024c01a00ac200e000028d5008008d5008008d50000c028"}}, @mrs={0xbe, 0x18, {0x603000000013df56}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x184}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x2, 0x8, 0x3, 0x6}}, @code={0xa, 0x84, {"605993d20020b0f2210180d2420180d2c30080d2440080d2020000d4007008d50080a00d0060400d40a089d20040b0f2410180d2220180d2630080d2440180d2020000d400c0211e007008d500f8a12ee0a293d200c0b8f2a10080d2020080d2e30080d2040080d2020000d40038200e"}}, @uexit={0x0, 0x18, 0x3438}, @irq_setup={0x46, 0x18, {0x4, 0x2d7}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x232}}, @code={0xa, 0x54, {"007008d5007008d5000028d5007008d5007008d50048c01ae00300fa007008d5000008d5007393d200e0b8f2c10180d2020180d2a30180d2640180d2020000d4"}}, @msr={0x14, 0x20, {0x603000000013dce3, 0x3}}, @mrs={0xbe, 0x18, {0x603000000013c510}}, @irq_setup={0x46, 0x18, {0x4, 0x55}}, @hvc={0x32, 0x40, {0x84000000, [0x4f, 0x2, 0x200, 0xa, 0x6]}}, @hvc={0x32, 0x40, {0x820084fc, [0x10, 0x5, 0x770, 0x9, 0x2]}}, @mrs={0xbe, 0x18}, @uexit={0x0, 0x18, 0x8}, @hvc={0x32, 0x40, {0x31000000, [0xffff, 0xd, 0x1, 0x1, 0x7]}}], 0x3c8}, &(0x7f0000000a00)=[@featur2={0x1, 0x2}], 0x1) ioctl$KVM_ARM_PREFERRED_TARGET(r9, 0x8020aeaf, &(0x7f0000000a40)) (async) ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4040aea0, &(0x7f0000000a80)=@arm64={0x7f, 0x0, 0x1, '\x00', 0x3}) (async) ioctl$KVM_ARM_SET_DEVICE_ADDR(r5, 0x4010aeab, &(0x7f0000000ac0)={0x7, 0x4000}) (async) ioctl$KVM_GET_REG_LIST(r9, 0xc008aeb0, &(0x7f0000000b00)={0x5, [0x8, 0x9, 0x1, 0x6, 0x9]}) (async) ioctl$KVM_CLEAR_DIRTY_LOG(r8, 0xc018aec0, &(0x7f0000000f40)={0x2, 0x340, 0x140, &(0x7f0000000b40)=[0x9, 0xff, 0x0, 0x0, 0xb4d, 0x6, 0xffffffffffffffff, 0x5, 0x1, 0xf35e, 0xed4, 0x8, 0x8000000000000000, 0x1, 0x2, 0x5, 0x1000, 0xb030, 0x5, 0x4, 0x0, 0x7, 0x3, 0xc00000, 0x101, 0xffffffffffff8000, 0xfffffffffffffff8, 0x3, 0x400, 0x6, 0x6, 0x24b1, 0x9, 0x4, 0x2, 0x1, 0x57, 0x6e, 0x9, 0x80000001, 0x5, 0x4, 0x3, 0x2fbf, 0x40, 0x100, 0x8, 0xffff, 0xcc65, 0x3, 0x8, 0x7fffffff, 0x2000000000000, 0x7, 0x5, 0x2, 0x80, 0x7fff, 0x2, 0x2, 0x7, 0x100000001, 0x6, 0xf9d0, 0x3, 0x390, 0x40, 0x1000, 0x1, 0x5f, 0x8, 0xb8, 0x5, 0x0, 0x9, 0x5, 0x2, 0xfff, 0x3, 0x4, 0x898d, 0xd, 0xffffffff, 0x9, 0x7, 0x81, 0x6, 0x0, 0xfffffffffffffffc, 0x5, 0x401, 0x9, 0xffffffffffffffff, 0x6, 0x1, 0x2, 0xfffffffffffffffa, 0x81, 0x8000, 0x7, 0x800, 0x4161, 0x2a44, 0x8000, 0x7f, 0xffff, 0x3, 0x9, 0x6, 0x0, 0x0, 0x0, 0x6, 0x7, 0x9, 0x8, 0x0, 0x4, 0x8, 0x80000000, 0x7, 0xd1, 0x9, 0x4, 0x68, 0xfffffffffffffffb, 0x4, 0x40]}) (async) mmap$KVM_VCPU(&(0x7f0000d95000/0x1000)=nil, r6, 0x2000005, 0x10010, 0xffffffffffffffff, 0x0) 42m11.361817155s ago: executing program 0 (id=49): openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x20100, 0x0) munmap(&(0x7f0000667000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000d49000/0x4000)=nil, 0x930, 0xd, 0x40010, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) openat$kvm(0x0, &(0x7f0000000240), 0x10101, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x7, 0xffffffffffffffff}) ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x5, 0x0}) r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3d) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bde000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@msr={0x14, 0x20, {0x603000000013c108, 0x3}}], 0x20}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r3, 0x4, 0x220) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) r9 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r8, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000005, 0x11, 0xffffffffffffffff, 0x0) r10 = eventfd2(0x5, 0x1) close(r10) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) r11 = mmap$KVM_VCPU(&(0x7f0000d4f000/0x3000)=nil, 0x930, 0x1000000, 0x30, r8, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) write$eventfd(r10, &(0x7f0000000180)=0x5, 0xfffffde3) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000280)=0x8080000}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 42m3.890865245s ago: executing program 0 (id=51): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x22300, 0x0) ioctl$KVM_GET_API_VERSION(r2, 0xae00, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x21) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r6 = mmap$KVM_VCPU(&(0x7f00004e3000/0x2000)=nil, r5, 0xa, 0x2013, r4, 0x40000) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000000000/0x400000)=nil) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101402, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x145541, 0x0) syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x100) r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x8) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f00000000c0)=[@hvc={0x32, 0x40, {0x200, [0xf8e4, 0x80000001, 0x2b58, 0x800, 0x70]}}], 0x40}, &(0x7f0000000300)=[@featur2={0x1, 0x10}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r10, 0xae80, 0x0) r11 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_assert_reg(r10, 0x603000000013dce8, 0x8000) syz_memcpy_off$KVM_EXIT_MMIO(r6, 0x20, &(0x7f0000000040)="dd78d80e2966ae7132c2f59ded956e000000004ff94f9c29", 0x0, 0x18) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r12 = openat$kvm(0x0, &(0x7f0000000040), 0x40, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) 41m51.70021982s ago: executing program 0 (id=53): r0 = openat$kvm(0x0, &(0x7f00000001c0), 0x2083, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000073000/0x400000)=nil) r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) r6 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r5, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000100)="fb0149dd033be3ac2cc4a29ea6af8031d1dfd900080001000000315f9731c10d097fd66f8f1f44f9ffffffffffffffebb207000000000000000000002a2900", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000000)=[@mrs={0xbe, 0x18, {0x603000000013c2a4}}], 0x18}, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, 0x0, 0x300000a, 0x40010, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) openat$kvm(0x0, &(0x7f00000001c0), 0x2083, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000073000/0x400000)=nil) (async) openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) (async) mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r5, 0x0) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000100)="fb0149dd033be3ac2cc4a29ea6af8031d1dfd900080001000000315f9731c10d097fd66f8f1f44f9ffffffffffffffebb207000000000000000000002a2900", 0x0, 0x48) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0) (async) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) (async) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000000)=[@mrs={0xbe, 0x18, {0x603000000013c2a4}}], 0x18}, 0x0, 0x0) (async) ioctl$KVM_RUN(r7, 0xae80, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, 0x0, 0x300000a, 0x40010, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async) 41m5.421646544s ago: executing program 32 (id=53): r0 = openat$kvm(0x0, &(0x7f00000001c0), 0x2083, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000073000/0x400000)=nil) r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) r6 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r5, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000100)="fb0149dd033be3ac2cc4a29ea6af8031d1dfd900080001000000315f9731c10d097fd66f8f1f44f9ffffffffffffffebb207000000000000000000002a2900", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000000)=[@mrs={0xbe, 0x18, {0x603000000013c2a4}}], 0x18}, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, 0x0, 0x300000a, 0x40010, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) openat$kvm(0x0, &(0x7f00000001c0), 0x2083, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000073000/0x400000)=nil) (async) openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) (async) mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r5, 0x0) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000100)="fb0149dd033be3ac2cc4a29ea6af8031d1dfd900080001000000315f9731c10d097fd66f8f1f44f9ffffffffffffffebb207000000000000000000002a2900", 0x0, 0x48) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0) (async) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) (async) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000000)=[@mrs={0xbe, 0x18, {0x603000000013c2a4}}], 0x18}, 0x0, 0x0) (async) ioctl$KVM_RUN(r7, 0xae80, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, 0x0, 0x300000a, 0x40010, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async) 28m53.593810499s ago: executing program 1 (id=147): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x200000000000000) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x603000000010000a, &(0x7f00000000c0)=0x80003fe}) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x8) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) syz_kvm_vgic_v3_setup(r8, 0x1, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f00000005c0)=@attr_pmu_irq={0x0, 0x0, 0x0, 0x0}) r11 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x1) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f00000000c0)=@arm64_fw={0x6030000000140003, &(0x7f0000000040)=0x7}) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r13 = eventfd2(0x101, 0x800) write$eventfd(r13, &(0x7f0000000080)=0xfffffffffffffff7, 0x8) ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f00000001c0)={0x1, 0x1, 0xeeee8000, 0x1000, &(0x7f0000f95000/0x1000)=nil}) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000001, 0x12, 0xffffffffffffffff, 0x0) r14 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x0, 0x6000006, 0x1010, r14, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) ioctl$KVM_ARM_VCPU_FINALIZE(r6, 0x4004aec2, &(0x7f0000000000)=0x2) 28m43.857600648s ago: executing program 1 (id=149): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x17) ioctl$KVM_RESET_DIRTY_RINGS(r0, 0xaec7) ioctl$KVM_GET_DEVICE_ATTR_vm(r0, 0x4018aee2, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x1000, 0x8000, 0x1}}) ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000080)={0x3, 0xe}) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x23) ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f00000000c0)={0x1ff, 0x2, 0x8000000, 0x2000, &(0x7f0000ffc000/0x2000)=nil, 0x2}) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r1, 0x4010ae74, &(0x7f0000000180)={0xdf3e, 0x44, 0x6}) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000000200)=@attr_other={0x0, 0x3c3c4d40, 0x1, &(0x7f00000001c0)=0x4}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101200, 0x0) ioctl$KVM_GET_API_VERSION(r2, 0xae00, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000280)={0xeb1b46c7473ddff3, 0x0, &(0x7f0000dfb000/0x3000)=nil}) ioctl$KVM_PPC_ALLOCATE_HTAB(r0, 0xc004aea7, &(0x7f00000002c0)=0x6) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000740)={0x0, &(0x7f0000000300)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x200, 0x5, 0x4}}, @msr={0x14, 0x20, {0x603000000013def2, 0x1}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x20a}}, @uexit={0x0, 0x18, 0x2}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x1cc}}, @uexit={0x0, 0x18}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x3fe}}, @mrs={0xbe, 0x18, {0x603000000013e643}}, @code={0xa, 0x9c, {"008008d500c0671e801a8ed20060b0f2810080d2820180d2c30180d2e40080d2020000d460fd91d20040b8f2810180d2620080d2c30180d2e40080d2020000d41f0000f20004000f00ba94d200e0b0f2c10080d2020180d2a30080d2840080d2020000d4007008d5203085d20080b8f2810080d2820180d2230180d2640180d2020000d40078201e"}}, @code={0xa, 0x9c, {"007008d580d697d20020b8f2a10080d2820180d2830080d2640080d2020000d40040204ec02291d20000b8f2c10080d2220080d2030080d2e40080d2020000d440408fd200c0b0f2610080d2420080d2830180d2040080d2020000d4006a96d200a0b8f2210180d2420080d2430080d2a40080d2020000d4000028d5007008d500a4e00d00000092"}}, @eret={0xe6, 0x18, 0xe2}, @mrs={0xbe, 0x18, {0x603000000013e088}}, @hvc={0x32, 0x40, {0x84000011, [0xb, 0x1, 0x7ef3, 0xd6, 0x3]}}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x113}}, @smc={0x1e, 0x40, {0x31000000, [0xf, 0xffffffffffff0944, 0x5, 0x0, 0xe]}}, @uexit={0x0, 0x18, 0x1c}, @smc={0x1e, 0x40, {0x3f000000, [0xfffffffffffffff8, 0xfff, 0x4, 0x9, 0xffffffff]}}, @svc={0x122, 0x40, {0x84000014, [0x4, 0xffffffffffffffef, 0x2, 0x10000, 0x7]}}, @its_setup={0x82, 0x28, {0x2, 0xffffffffffffffff, 0x8b}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x66}}], 0x408}, &(0x7f0000000780)=[@featur1={0x1, 0x80}], 0x1) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000007c0)=0x8) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000800)={0x9, 0x0, [{0x3, 0x1, 0x1, 0x0, @sint={0x8, 0x9}}, {0x4, 0xc3a5b4d46012a943, 0x0, 0x0, @msi={0x2, 0x1ff, 0x7, 0xa06}}, {0x4, 0x5, 0x1, 0x0, @sint={0x3, 0x8001}}, {0x8001, 0x2, 0x1, 0x0, @adapter={0xb, 0x0, 0xa1c, 0x2, 0x8}}, {0x6, 0x1, 0x0, 0x0, @msi={0xfff, 0x7fff, 0x88, 0x7fff}}, {0x7f7ac40, 0x2, 0x1, 0x0, @sint={0xffff4dd8}}, {0x9, 0x0, 0x0, 0x0, @msi={0x3, 0x2, 0x3, 0x7ff}}, {0x0, 0x4, 0x0, 0x0, @msi={0x5, 0x100, 0x2, 0xa}}, {0x2292, 0x2, 0x0, 0x0, @irqchip={0xfffff791, 0x80000000}}]}) openat$kvm(0xffffffffffffff9c, &(0x7f00000009c0), 0x1, 0x0) ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x6) ioctl$KVM_CREATE_VM(r2, 0xae01, 0xe) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000a00)={0xb, 0xffffffffffffffff, 0x1}) r5 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000d80)={0x0, &(0x7f0000000a40)=[@smc={0x1e, 0x40, {0x1, [0x3605, 0xeb8, 0xc, 0x6, 0x8]}}, @code={0xa, 0x6c, {"000008d560f882d20040b8f2e10180d2c20080d2c30180d2640180d2020000d440d69cd200e0b0f2c10080d2e20080d2630080d2a40180d2020000d4000008d50008c05a00f8a02e008008d500c8a10e008008d5007008d5"}}, @eret={0xe6, 0x18, 0x5}, @hvc={0x32, 0x40, {0x80008000, [0x7, 0x7, 0x1, 0x7fffffffffffffff, 0x9]}}, @svc={0x122, 0x40, {0x2003fff, [0x10, 0x8, 0x2, 0x5, 0x7fff]}}, @mrs={0xbe, 0x18, {0x86f365fd464423ec}}, @hvc={0x32, 0x40, {0xc400000c, [0x8000000000000000, 0x80000000]}}, @smc={0x1e, 0x40, {0xc4000010, [0x8, 0x0, 0xe8, 0x8ef9, 0x6]}}, @svc={0x122, 0x40, {0x84000002, [0xb16e, 0x4, 0x3, 0x10001, 0x5]}}, @eret={0xe6, 0x18, 0x4}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x1, 0x6, 0x2, 0xab, 0x1}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x8a}}, @mrs={0xbe, 0x18, {0x603000000013c024}}, @eret={0xe6, 0x18, 0x3}, @eret={0xe6, 0x18, 0x6}, @uexit={0x0, 0x18, 0x7fff}, @uexit={0x0, 0x18, 0x2}, @mrs={0xbe, 0x18, {0x603000000013c288}}], 0x314}, &(0x7f0000000dc0)=[@featur2={0x1, 0x3}], 0x1) ioctl$KVM_ARM_SET_DEVICE_ADDR(r5, 0x4010aeab, &(0x7f0000000e00)={0x0, 0xeeee0000}) r6 = ioctl$KVM_GET_STATS_FD_cpu(r4, 0xaece) ioctl$KVM_SIGNAL_MSI(r6, 0x4020aea5, &(0x7f0000000e40)={0x10000, 0x2000, 0x1, 0x1, 0x2}) r7 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000f00)={0x0, &(0x7f0000000e80)=[@irq_setup={0x46, 0x18, {0x2, 0x101}}, @eret={0xe6, 0x18, 0x29}, @msr={0x14, 0x20, {0x603000000013c524, 0x4}}], 0x50}, &(0x7f0000000f40), 0x1) ioctl$KVM_DIRTY_TLB(r7, 0x4010aeaa, &(0x7f0000000f80)={0x94b, 0x1000}) ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) r8 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2b) ioctl$KVM_HAS_DEVICE_ATTR_vm(r8, 0x4018aee3, &(0x7f0000001000)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000fc0)={0x3, 0xbfe, 0x2}}) ioctl$KVM_GET_DEVICE_ATTR_vm(r0, 0x4018aee2, &(0x7f0000001080)=@attr_other={0x0, 0x5, 0x2, &(0x7f0000001040)=0x4}) 28m36.012788541s ago: executing program 1 (id=151): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x28) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f1, 0x8000}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0x100}}) ioctl$KVM_RUN(r11, 0xae80, 0x0) r12 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r12, 0x4004ae8b, &(0x7f00000000c0)) r13 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) r14 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r3, 0x2, 0x100) (async) ioctl$KVM_RUN(r14, 0xae80, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0) r15 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0xd) r16 = eventfd2(0xeffffffb, 0x80800) ioctl$KVM_IOEVENTFD(r15, 0x4040ae79, &(0x7f0000000000)={0x200, 0x4000, 0x4, r16, 0x1}) ioctl$KVM_IOEVENTFD(r15, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r16, 0x3}) ioctl$KVM_IOEVENTFD(r15, 0x4040ae79, &(0x7f00000000c0)={0x3, 0x0, 0x2, r16, 0xb}) ioctl$KVM_RUN(r13, 0xae80, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) 28m20.421646359s ago: executing program 1 (id=153): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x7, 0x88000002}}) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x80) 28m12.317704518s ago: executing program 1 (id=155): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x40000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1000000000036) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1000000000036) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xffffffbfffffeffd) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="be00000000000000180000000000000001c8"], 0x18}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 28m7.407593138s ago: executing program 1 (id=157): munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000000940)=@attr_arm64={0x0, 0x4, 0x500, 0x0}) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) eventfd2(0x97, 0x1) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x0, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r4, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31) ioctl$KVM_CHECK_EXTENSION_VM(r6, 0xae03, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, r8, 0x0, 0x40032, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200c0, 0x0) 27m20.972949497s ago: executing program 33 (id=157): munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000000940)=@attr_arm64={0x0, 0x4, 0x500, 0x0}) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) eventfd2(0x97, 0x1) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x0, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r4, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31) ioctl$KVM_CHECK_EXTENSION_VM(r6, 0xae03, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, r8, 0x0, 0x40032, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200c0, 0x0) 25m33.179562078s ago: executing program 2 (id=171): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000100), 0x82001, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) r7 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000340)={0x1a64afb6, 0x8000000, 0x8, r7}) ioctl$KVM_RUN(r6, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x3000007, 0x2012, r2, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000140)=@arm64_core={0x6030000000100024, &(0x7f0000000100)=0x2}) 25m21.911316946s ago: executing program 2 (id=172): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x23) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000440)={0x7, 0x0, [{0x7fff, 0x4, 0x1, 0x0, @irqchip={0x4, 0x9}}, {0xcb10, 0x1, 0x1, 0x0, @msi={0x1, 0x0, 0x6, 0xf}}, {0xa9, 0x5, 0x0, 0x0, @sint={0x4, 0xd8b}}, {0x0, 0x8022903cd69c48c6, 0x0, 0x0, @msi={0x7c8c, 0xfa, 0x5, 0x9}}, {0xfff, 0x3, 0x1, 0x0, @irqchip={0x8, 0xffffffff}}, {0x2, 0x5, 0x1, 0x0, @adapter={0x40000000000, 0x5, 0x10, 0x8, 0x5}}, {0x9e05, 0x1, 0x0, 0x0, @adapter={0xe, 0xfffffffffffffff8, 0x8, 0x8d02, 0xe112}}]}) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x3, 0x0, &(0x7f0000000240)=0x100}) (async) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r6, 0x4068aea3, &(0x7f00000001c0)={0xa8, 0x0, 0x3}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async) r7 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000200)={0x4, 0xffda, 0x2}}) 25m13.85957491s ago: executing program 2 (id=173): mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil}) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) 25m6.083777928s ago: executing program 2 (id=174): munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async, rerun: 64) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xa) (rerun: 64) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000000)={0x989d68bb00d3400e, 0x4, 0x33336000, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) (async) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) (async) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) (async) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0) (async, rerun: 64) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) (rerun: 64) ioctl$KVM_RUN(r1, 0xae80, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) 24m59.510065752s ago: executing program 2 (id=175): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x40000, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x40980, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2c) r3 = openat$kvm(0x0, &(0x7f0000000140), 0x474381, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r7, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x8, 0x4, 0x0}) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000240)=0x1000008080000}) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = ioctl$KVM_GET_STATS_FD_vm(r2, 0xaece) ioctl$KVM_RESET_DIRTY_RINGS(r11, 0xaec7) r12 = eventfd2(0x8, 0x80800) ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f0000000000)={0x48, 0xdddd1000, 0x0, r12}) close(r12) close(r10) r13 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f0000000040)=@arm64_sve={0x6080000000150537, 0x0}) r15 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r15, 0xae03, 0xe) 24m46.430277595s ago: executing program 2 (id=176): r0 = eventfd2(0x0, 0x80000) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r2, 0x2, 0x100) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000000)={r0, 0x3}) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000140)=@arm64_bitmap={0x6070000000160002, 0x0}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r7, 0x541b, 0xac) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x31) syz_kvm_setup_cpu$arm64(r8, 0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="be00000000000000180000000000000019c0130000003060aa000000000000002800000000000000080101000000100000002000000005000000020000000000be00000000000000180000000000000016da13000000306082000000a23858479deb7ee24000000000280000000000000001000000000000000200000000000000f402000000000000220100000000000040000000000000000300008400000000100000000000000007000000000000000200000000000000020000000000000004000000000000006e00000000000000300000080800000000e8ff000000000000000000000000000002000000000000003200000000000000400000000000000000000032000000000000008000000000010000000000000006000000000000000004000000000000010000000000000022010000000000004000000000000000120000840000000003000000000000005402000000000000020000000000000055000000000000002fec682d00000000be00000000000000180000000000000090c21300000030606e00000000000000300000000000000000000008000000000000000000000000fdffffffffffffff04000000000000006e00000000000000300000000000000000000c0800000000a00000000000000005000000000000000b000000000000001400000000000000200000000000000067e61300000030600000f83f000000006e0000000000000030000000000000000000080800000000f8ff00000000000007000000000000"], 0x238}], 0x1, 0x0, &(0x7f0000000040)=[@featur1={0x1, 0xb9}], 0x1) 23m57.42963258s ago: executing program 34 (id=176): r0 = eventfd2(0x0, 0x80000) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r2, 0x2, 0x100) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000000)={r0, 0x3}) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000140)=@arm64_bitmap={0x6070000000160002, 0x0}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r7, 0x541b, 0xac) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x31) syz_kvm_setup_cpu$arm64(r8, 0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="be00000000000000180000000000000019c0130000003060aa000000000000002800000000000000080101000000100000002000000005000000020000000000be00000000000000180000000000000016da13000000306082000000a23858479deb7ee24000000000280000000000000001000000000000000200000000000000f402000000000000220100000000000040000000000000000300008400000000100000000000000007000000000000000200000000000000020000000000000004000000000000006e00000000000000300000080800000000e8ff000000000000000000000000000002000000000000003200000000000000400000000000000000000032000000000000008000000000010000000000000006000000000000000004000000000000010000000000000022010000000000004000000000000000120000840000000003000000000000005402000000000000020000000000000055000000000000002fec682d00000000be00000000000000180000000000000090c21300000030606e00000000000000300000000000000000000008000000000000000000000000fdffffffffffffff04000000000000006e00000000000000300000000000000000000c0800000000a00000000000000005000000000000000b000000000000001400000000000000200000000000000067e61300000030600000f83f000000006e0000000000000030000000000000000000080800000000f8ff00000000000007000000000000"], 0x238}], 0x1, 0x0, &(0x7f0000000040)=[@featur1={0x1, 0xb9}], 0x1) 20m24.530179052s ago: executing program 3 (id=181): mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r1, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, r1, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000667000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x35) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f000019f000/0x400000)=nil) 20m11.929224384s ago: executing program 3 (id=182): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0x1, 0x1001, 0x2}}) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x5a1e82, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x800000000000001) r5 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x0, 0xab2be1f34d35335a, 0x100010, r4, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x80500, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000000)=@arm64_fp={0x60400000001000bc, &(0x7f0000000300)}) ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r7, 0x4068aea3, &(0x7f0000000240)) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000001c0)="04198bd844c9e8a7b82d748f0f0244293d28bd9440bfc2ed44db9969759357abab8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b2e5c3ad3c9952305abf0", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, 0x0, 0x3000006, 0x110, r4, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000007, 0x4f833, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000c72000/0x1000)=nil, 0x1000) ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f00000002c0)=ANY=[@ANYRES32=r9]) ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x10) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000b80)={0x0, &(0x7f0000000100)=[@smc={0x1e, 0x40, {0x84000003, [0x99a, 0x7, 0xaca, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) 19m57.707495473s ago: executing program 3 (id=183): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000180)=[@hvc={0x32, 0x40, {0x84000007, [0x60e, 0xfffffffffffffffb, 0x4, 0x8, 0x1]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x1, 0x1, 0x0, 0x8001, 0x3}}], 0x68}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) (async) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000700)={0x7, 0x0}) 19m46.011794919s ago: executing program 3 (id=184): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x402001, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1e000000000000004000000000000000000000ef00000000fcffffffffffff1bf3a3b292e50d96000200000001000000030000000000000004000000000000003200000000000000400000000000000052000084"], 0x80}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0xffffffffffffffde) 19m37.109245617s ago: executing program 3 (id=185): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616}) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000180)={0xdddd0000, 0x8000}) r3 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000000080)={0xffff0001, 0x3ff}) 19m25.957045092s ago: executing program 3 (id=186): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x32) r3 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = eventfd2(0x7, 0x1) ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000000)={0x0, 0x1000, 0x2, r7, 0x8}) syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x69) r8 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce4, &(0x7f0000000000)=0x2}) ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) r11 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r10, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r10, 0x0) r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x401c5820, &(0x7f00000000c0)=@attr_other={0x0, 0x8dc, 0xfffffffffffffffd, 0x0}) 18m37.527796722s ago: executing program 35 (id=186): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x32) r3 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = eventfd2(0x7, 0x1) ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000000)={0x0, 0x1000, 0x2, r7, 0x8}) syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x69) r8 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce4, &(0x7f0000000000)=0x2}) ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) r11 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r10, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r10, 0x0) r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x401c5820, &(0x7f00000000c0)=@attr_other={0x0, 0x8dc, 0xfffffffffffffffd, 0x0}) 15m8.303659632s ago: executing program 4 (id=200): openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000160002, &(0x7f0000000000)=0x7}) mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0) (async) r7 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r9, 0x1, 0x100) (async) syz_kvm_vgic_v3_setup(r9, 0x1, 0x100) r10 = eventfd2(0x8, 0x80800) ioctl$KVM_IRQFD(r9, 0x4020ae76, &(0x7f00000000c0)={r10, 0x3}) ioctl$KVM_IRQFD(r9, 0x4020ae76, &(0x7f0000000000)={r10, 0x9, 0x3, r10}) ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0x9, 0x0, r10}) 14m56.452702898s ago: executing program 4 (id=201): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x8840, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x5) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000be7000/0x400000)=nil) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x21) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@mrs={0xbe, 0x18, {0x603000000013e71a}}], 0x18}, 0x0, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) 14m41.8687334s ago: executing program 4 (id=202): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async, rerun: 64) r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (rerun: 64) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x2, 0x1}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x62}}], 0x50}, 0x0, 0x0) (async, rerun: 64) syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) (async, rerun: 64) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_RUN(r6, 0xae80, 0x0) (async) ioctl$KVM_SET_GUEST_DEBUG_arm64(r2, 0x4208ae9b, &(0x7f0000000280)={0x20001, 0x0, {[0x40, 0x9600000000000000, 0x6, 0xfffffffffffffff7, 0x101, 0x5, 0xa6c, 0xffffffffffffffff, 0x8ec, 0x8, 0xbe, 0x3, 0x4, 0x4, 0x7f, 0xfff], [0x2, 0x81, 0xcc1e, 0x4855, 0x200, 0x2, 0x1000, 0x0, 0x2e9, 0x8, 0x3, 0x0, 0x7fffffffffffffff, 0x3, 0x7fffffffffffffff, 0x6], [0xffffffffffff2b57, 0x100000001, 0xd, 0x7, 0x4, 0x1780000000000000, 0x0, 0x4, 0x4, 0x100, 0x0, 0x1ff, 0x2, 0x1, 0x9, 0x100000001], [0x81, 0x7fffffffffffffff, 0xfff, 0x100000001, 0xaad, 0x2, 0x8, 0x4, 0x3, 0x8, 0x0, 0x20e, 0x7, 0xfff, 0x8000000000000001, 0x7]}}) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000780), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0xeeef0000, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f00000000c0)={0x2515, 0x0, 0x0, 0x1000, &(0x7f0000fec000/0x1000)=nil}) close(r9) 14m27.280680912s ago: executing program 4 (id=203): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x102, 0x0) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000002, [0x99b, 0x100000001, 0x5, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000200)) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_GSI_ROUTING(r5, 0x4008ae6a, &(0x7f0000000140)={0x1, 0x0, [{0x3, 0x5, 0x0, 0x0, @sint={0xfff, 0xf96}}]}) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000280)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100042, &(0x7f00000000c0)}) ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4040aea0, &(0x7f00000001c0)=@arm64={0xdb, 0x8, 0x3, '\x00', 0x1}) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000be7000/0x400000)=nil) ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0) ioctl$KVM_RUN(r11, 0xae80, 0x0) syz_kvm_setup_cpu$arm64(r1, r7, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f00000002c0)=[@irq_setup={0x46, 0x18, {0x2, 0x144}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1400, 0x6, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013df42}}, @mrs={0xbe, 0x18, {0x603000000013801c}}, @svc={0x122, 0x40, {0x7300f71e, [0x6, 0x7, 0x5, 0x5, 0xc]}}, @hvc={0x32, 0x40, {0x6000000, [0x8, 0xfffffffffffffff9, 0xe7a8, 0x4fe, 0x10001]}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x3, 0xd, 0x11, 0xabdf, 0x3}}, @mrs={0xbe, 0x18, {0x60300000001383ce}}, @eret={0xe6, 0x18, 0x4}, @smc={0x1e, 0x40, {0x80000000, [0x3, 0x8, 0x4, 0x6, 0x6]}}, @hvc={0x32, 0x40, {0x8400000d, [0x1, 0xffffffffffff07df, 0x200, 0x6, 0x1]}}, @code={0xa, 0x84, {"e06389d200e0b8f2210080d2420080d2e30080d2c40180d2020000d4000028d5a0b09cd20000b8f2410180d2e20180d2630080d2a40080d2020000d460229cd20040b0f2010180d2c20080d2e30080d2240180d2020000d4000008d5000000b1008008d50050202e007008d50040200d"}}, @eret={0xe6, 0x18, 0x2}, @its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x2, 0x5, 0xb, 0xf, 0x2}}, @irq_setup={0x46, 0x18, {0x1, 0x2dc}}, @eret={0xe6, 0x18, 0x9}, @svc={0x122, 0x40, {0x84000008, [0x1, 0x10, 0xffffffffffffffff, 0x3ff, 0x1]}}, @svc={0x122, 0x40, {0x84000014, [0x3, 0x3, 0x1a13, 0x4, 0x5]}}], 0x344}], 0x1, 0x0, &(0x7f0000000080)=[@featur2={0x1, 0x2}], 0x1) 14m10.712817505s ago: executing program 4 (id=204): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0xc400000d, [0x99b, 0x100000003, 0x5, 0x101]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r5, 0xae80, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f0000000000)={0x567, 0x4}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x90500, 0x0) close(r7) close(r6) ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r1, 0x4068aea3, &(0x7f00000000c0)={0xa8, 0x0, 0x3}) 13m55.870251999s ago: executing program 4 (id=205): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2b) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000240)={0x1, 0xe000, 0x1}) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000080)={0x1000}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r4, 0x4010ae68, &(0x7f0000001480)={0xfffffffffffffdfd, 0x13000, 0x1}) r5 = syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, 0x0) r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013e08d, &(0x7f00000000c0)=0x6db}) r7 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) (async) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2b) (async) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000240)={0x1, 0xe000, 0x1}) (async) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000080)={0x1000}) (async) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r4, 0x4010ae68, &(0x7f0000001480)={0xfffffffffffffdfd, 0x13000, 0x1}) (async) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) (async) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, 0x0) (async) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013e08d, &(0x7f00000000c0)=0x6db}) (async) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) (async) 13m7.747649999s ago: executing program 36 (id=205): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2b) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000240)={0x1, 0xe000, 0x1}) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000080)={0x1000}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r4, 0x4010ae68, &(0x7f0000001480)={0xfffffffffffffdfd, 0x13000, 0x1}) r5 = syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, 0x0) r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013e08d, &(0x7f00000000c0)=0x6db}) r7 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) (async) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2b) (async) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000240)={0x1, 0xe000, 0x1}) (async) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000080)={0x1000}) (async) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r4, 0x4010ae68, &(0x7f0000001480)={0xfffffffffffffdfd, 0x13000, 0x1}) (async) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) (async) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, 0x0) (async) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013e08d, &(0x7f00000000c0)=0x6db}) (async) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) (async) 10m50.109489994s ago: executing program 5 (id=187): ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x91) r0 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x0, 0x3c2a1c3178cda732, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48) 10m39.851471975s ago: executing program 5 (id=207): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r3, 0x4068aea3, &(0x7f0000000000)={0xef, 0x0, 0x7}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r5 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) ioctl$KVM_KVMCLOCK_CTRL(r4, 0xaead) ioctl$KVM_CHECK_EXTENSION_VM(r3, 0xae03, 0x29) 9m49.509692523s ago: executing program 37 (id=207): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r3, 0x4068aea3, &(0x7f0000000000)={0xef, 0x0, 0x7}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r5 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) ioctl$KVM_KVMCLOCK_CTRL(r4, 0xaead) ioctl$KVM_CHECK_EXTENSION_VM(r3, 0xae03, 0x29) 3m22.739692071s ago: executing program 6 (id=213): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x402102, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000b10000/0x400000)=nil) ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f0000000100)={0x7912, 0x5}) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0x86000001, [0x0, 0x1, 0x2, 0x3, 0x4]}}, @hvc={0x32, 0x40, {0x86000000, [0x2, 0x1, 0x2, 0x3, 0x3]}}], 0x80}, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee2, &(0x7f00000000c0)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0}) syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_DEVICE(r8, 0xc018aec0, &(0x7f00000000c0)={0x1}) eventfd2(0x0, 0x0) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x302, 0x0) r10 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x1) r13 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r12, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r12, 0x0) r14 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) close(r14) r15 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r16 = eventfd2(0x8, 0x80800) ioctl$KVM_IOEVENTFD(r15, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xeeef0000, 0x0, r16}) r17 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000200)=[@hvc={0x32, 0x40, {0x84000012, [0x5, 0x9, 0x6, 0xff, 0x73]}}, @mrs={0xbe, 0x18, {0x603000000013e710}}, @uexit={0x0, 0x18, 0xfffffffffffffff7}, @smc={0x1e, 0x40, {0xc4000012, [0x1, 0x0, 0x5, 0x10000, 0xd]}}, @code={0xa, 0x6c, {"007008d5007008d5007008d5e0048cd20080b8f2c10080d2020080d2a30080d2a40180d2020000d4009b98d20000b0f2810080d2c20080d2030080d2440080d2020000d40000002f00fc007f007008d5000008d5008008d5"}}], 0x11c}, &(0x7f0000000340)=[@featur2={0x1, 0x21}], 0x1) ioctl$KVM_GET_ONE_REG(r17, 0x4010aeab, &(0x7f00000003c0)=@arm64_bitmap={0x6030000000160000, &(0x7f0000000380)=0x33}) 2m59.719403193s ago: executing program 6 (id=214): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x7e) (async) r3 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) (async, rerun: 64) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x11) (async, rerun: 64) r4 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) r5 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x59) (async) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x389c41, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async, rerun: 32) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x40000, 0x0) (rerun: 32) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r9, 0xae03, 0xe) (async) ioctl$KVM_GET_DIRTY_LOG(r7, 0x4010ae42, &(0x7f0000000200)={0xa4a605311ad0de6b, 0x0, &(0x7f0000c67000/0x2000)=nil}) (async, rerun: 64) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f000073e000/0x400000)=nil) (async, rerun: 64) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async) r10 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x28) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000040)={0xb, 0xffffffffffffffff, 0x1}) (async) ioctl$KVM_SET_SIGNAL_MASK(r12, 0x4004ae8b, &(0x7f0000000240)=ANY=[]) (async) r13 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x2, 0x3, 0x7c}}], 0x28}, 0x0, 0x0) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x3, 0x3, &(0x7f0000000000)=0x8090000}) (async) ioctl$KVM_RUN(r14, 0xae80, 0x0) 2m47.527729932s ago: executing program 6 (id=215): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x600900, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bde000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r6 = openat$kvm(0x0, 0x0, 0x2002, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000bfe000/0x400000)=nil) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x28) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, 0x0, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) ioctl$KVM_RUN(r11, 0xae80, 0x0) r12 = syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000080)=[@featur1={0x1, 0x2}], 0x1) ioctl$KVM_RUN(r12, 0xae80, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, &(0x7f0000000140)=[@featur2={0x1, 0xe1}], 0x1) r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x21) ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x2) 2m27.870738643s ago: executing program 6 (id=216): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xb702, 0x0) openat$kvm(0x0, 0x0, 0x141001, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r2, 0x0, 0x0, 0x0) (async) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x2, 0x100) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x3, 0xfffffffd}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r7, 0xae80, 0x0) 2m8.900291416s ago: executing program 6 (id=217): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2) ioctl$KVM_GET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee2, &(0x7f00000000c0)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0xffffffffffffffff}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_DEVICE(r1, 0xc018aec0, &(0x7f00000000c0)={0x1}) 1m57.793490279s ago: executing program 6 (id=218): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async, rerun: 32) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) (async, rerun: 32) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r5, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) (async) r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_GUEST_DEBUG_arm64(r7, 0x4208ae9b, &(0x7f0000000240)={0x20003, 0x0, {[0x97ab, 0x10001, 0x3, 0xc08d, 0x8, 0xffffffff00000001, 0x3b880, 0x400, 0x5, 0x2, 0x6, 0x5, 0x2, 0x8, 0x6, 0x7fff], [0x45e1, 0x8000, 0x5d2, 0xfff, 0xbb9, 0x0, 0x8, 0xe, 0x51bb, 0x8, 0x4d681830, 0x9, 0x3, 0x10000, 0x7, 0xfffffffffffffff6], [0x80000001, 0xfffffffffffffffe, 0xa3, 0x0, 0x8, 0x81, 0x6, 0xfda8, 0x401, 0x5fd6, 0x3, 0x0, 0x40, 0x4, 0xffffffff, 0x9], [0x3, 0x6, 0xe99, 0xe, 0x9, 0x7, 0x8, 0x0, 0xb, 0x2, 0x10, 0x4, 0x9, 0x9, 0xc, 0x6]}}) (async, rerun: 64) ioctl$KVM_RUN(r7, 0xae80, 0x0) (async, rerun: 64) r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000100)={0x0, &(0x7f0000000180)=[@code={0xa, 0xcc, {"206f80d200e0b0f2610180d2e20080d2c30180d2640080d2020000d4c0939ed20040b0f2e10180d2c20080d2e30180d2e40080d2020000d400889ad20040b8f2810180d2620080d2830080d2840080d2020000d4007008d5e02e8bd20040b8f2c10180d2e20180d2e30080d2040080d2020000d4007008d5408c88d20020b8f2410080d2220180d2630080d2640180d2020000d4406d88d20080b0f2010180d2220180d2030080d2640180d2020000d400809f0c00a0004f"}}, @code={0xa, 0x84, {"007008d5007008d5000040fc60969ad20000b8f2010180d2c20080d2830080d2840180d2020000d40038207e003c004e80ad97d200e0b8f2010080d2020080d2230180d2240080d2020000d4408d95d20000b8f2610080d2220080d2030180d2e40080d2020000d4000028d5009c006f"}}, @msr={0x14, 0x20, {0x603000000013c64b, 0x7}}, @svc={0x122, 0x40, {0x200, [0x7, 0x8000000000000001, 0x6, 0x1, 0x800]}}, @uexit={0x0, 0x18, 0x6}], 0x1c8}, &(0x7f0000000380)=[@featur1={0x1, 0x18}], 0x1) ioctl$KVM_RUN(r9, 0xae80, 0x0) (async, rerun: 32) munmap(&(0x7f0000d70000/0x3000)=nil, 0x3000) (async, rerun: 32) r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) ioctl$KVM_SET_DEVICE_ATTR_vm(r10, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0xffffffff, 0x8, 0x2}}) 1m6.696148553s ago: executing program 38 (id=218): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async, rerun: 32) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) (async, rerun: 32) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r5, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) (async) r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_GUEST_DEBUG_arm64(r7, 0x4208ae9b, &(0x7f0000000240)={0x20003, 0x0, {[0x97ab, 0x10001, 0x3, 0xc08d, 0x8, 0xffffffff00000001, 0x3b880, 0x400, 0x5, 0x2, 0x6, 0x5, 0x2, 0x8, 0x6, 0x7fff], [0x45e1, 0x8000, 0x5d2, 0xfff, 0xbb9, 0x0, 0x8, 0xe, 0x51bb, 0x8, 0x4d681830, 0x9, 0x3, 0x10000, 0x7, 0xfffffffffffffff6], [0x80000001, 0xfffffffffffffffe, 0xa3, 0x0, 0x8, 0x81, 0x6, 0xfda8, 0x401, 0x5fd6, 0x3, 0x0, 0x40, 0x4, 0xffffffff, 0x9], [0x3, 0x6, 0xe99, 0xe, 0x9, 0x7, 0x8, 0x0, 0xb, 0x2, 0x10, 0x4, 0x9, 0x9, 0xc, 0x6]}}) (async, rerun: 64) ioctl$KVM_RUN(r7, 0xae80, 0x0) (async, rerun: 64) r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000100)={0x0, &(0x7f0000000180)=[@code={0xa, 0xcc, {"206f80d200e0b0f2610180d2e20080d2c30180d2640080d2020000d4c0939ed20040b0f2e10180d2c20080d2e30180d2e40080d2020000d400889ad20040b8f2810180d2620080d2830080d2840080d2020000d4007008d5e02e8bd20040b8f2c10180d2e20180d2e30080d2040080d2020000d4007008d5408c88d20020b8f2410080d2220180d2630080d2640180d2020000d4406d88d20080b0f2010180d2220180d2030080d2640180d2020000d400809f0c00a0004f"}}, @code={0xa, 0x84, {"007008d5007008d5000040fc60969ad20000b8f2010180d2c20080d2830080d2840180d2020000d40038207e003c004e80ad97d200e0b8f2010080d2020080d2230180d2240080d2020000d4408d95d20000b8f2610080d2220080d2030180d2e40080d2020000d4000028d5009c006f"}}, @msr={0x14, 0x20, {0x603000000013c64b, 0x7}}, @svc={0x122, 0x40, {0x200, [0x7, 0x8000000000000001, 0x6, 0x1, 0x800]}}, @uexit={0x0, 0x18, 0x6}], 0x1c8}, &(0x7f0000000380)=[@featur1={0x1, 0x18}], 0x1) ioctl$KVM_RUN(r9, 0xae80, 0x0) (async, rerun: 32) munmap(&(0x7f0000d70000/0x3000)=nil, 0x3000) (async, rerun: 32) r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) ioctl$KVM_SET_DEVICE_ATTR_vm(r10, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0xffffffff, 0x8, 0x2}}) 48.401336274s ago: executing program 7 (id=208): r0 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x18b080, 0x0) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) ioctl$KVM_CHECK_EXTENSION(r4, 0x5421, 0x6) ioctl$KVM_CREATE_VM(r3, 0xc0189436, 0x20004000) (async) mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0x1, 0x2012, r2, 0x0) (async) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) (async) r13 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, &(0x7f0000000600)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x200, 0x2, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x0, 0xe, 0x9, 0xfffffffc}}, @eret={0xe6, 0x18, 0x6}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x285}}, @eret={0xe6, 0x18, 0x3800000}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x2, 0xb, 0x8, 0xf21e}}, @eret={0xe6, 0x18, 0x4}, @svc={0x122, 0x40, {0x84000053, [0x0, 0x100, 0xffffffffffffffff, 0x3, 0x100000001]}}, @smc={0x1e, 0x40, {0xc4000011, [0x8000000000000001, 0x100000000, 0x81, 0x64, 0x1ff]}}, @smc={0x1e, 0x40, {0x84000051, [0x3, 0x3000000, 0x84, 0xd51, 0x8]}}, @uexit={0x0, 0x18, 0x100000001}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x276}}, @code={0xa, 0x84, {"0020df0d007008d51f00002b0024202e40f894d20060b0f2210080d2620180d2830080d2840080d2020000d4607482d200a0b8f2c10180d2020180d2230180d2640080d2020000d4000000da206383d20020b8f2410080d2a20180d2230080d2640080d2020000d400b8207e0040661e"}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x3, 0x6, 0x81, 0x400}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x50, 0x9c38, 0x1}}, @irq_setup={0x46, 0x18, {0x3, 0x18d}}, @eret={0xe6, 0x18, 0x9}, @svc={0x122, 0x40, {0x8400000c, [0xab1, 0xc0, 0x5f2145b2, 0x9, 0x5]}}, @eret={0xe6, 0x18, 0x4}, @eret={0xe6, 0x18, 0x1}, @code={0xa, 0x3c, {"007008d500d8307e0068200e0014002f007008d5008008d500a0600d007008d50044200e007008d5"}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x4, 0xf, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x0, 0x0, 0x4, 0xc, 0x9, 0x463b, 0x1}}, @msr={0x14, 0x20, {0x603000000013c01e, 0x3}}, @code={0xa, 0x6c, {"000028d560d681d20000b0f2810180d2820080d2630180d2240180d2020000d40044007f007008d5007008d50010005e000028d5007008d5a0fb96d200c0b0f2810180d2020080d2430080d2c40180d2020000d4007008d5"}}, @msr={0x14, 0x20, {0x603000000013c01e, 0x80}}, @msr={0x14, 0x20, {0x39a, 0x8001}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x1, 0xa, 0x9, 0xe}}, @hvc={0x32, 0x40, {0xc4000007, [0x5, 0x6, 0x29, 0x335e, 0x3]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xf10, 0x2, 0xc}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff4, 0x523, 0x3}}], 0x58c}, &(0x7f0000000100)=[@featur2={0x1, 0x60}], 0x1) mmap$KVM_VCPU(&(0x7f0000f29000/0x4000)=nil, r6, 0x6000004, 0x4010, r13, 0x0) (async) ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r12, 0x4068aea3, 0x0) (async) syz_kvm_vgic_v3_setup(r8, 0x1, 0x0) (async, rerun: 32) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f00000005c0)=@attr_pmu_irq={0x0, 0x0, 0x0, 0x0}) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f00005e1000/0x3000)=nil, r6, 0x2000009, 0x213011, r2, 0x0) (async, rerun: 32) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) 0s ago: executing program 39 (id=208): r0 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x18b080, 0x0) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) ioctl$KVM_CHECK_EXTENSION(r4, 0x5421, 0x6) ioctl$KVM_CREATE_VM(r3, 0xc0189436, 0x20004000) (async) mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0x1, 0x2012, r2, 0x0) (async) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) (async) r13 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, &(0x7f0000000600)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x200, 0x2, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x0, 0xe, 0x9, 0xfffffffc}}, @eret={0xe6, 0x18, 0x6}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x285}}, @eret={0xe6, 0x18, 0x3800000}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x2, 0xb, 0x8, 0xf21e}}, @eret={0xe6, 0x18, 0x4}, @svc={0x122, 0x40, {0x84000053, [0x0, 0x100, 0xffffffffffffffff, 0x3, 0x100000001]}}, @smc={0x1e, 0x40, {0xc4000011, [0x8000000000000001, 0x100000000, 0x81, 0x64, 0x1ff]}}, @smc={0x1e, 0x40, {0x84000051, [0x3, 0x3000000, 0x84, 0xd51, 0x8]}}, @uexit={0x0, 0x18, 0x100000001}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x276}}, @code={0xa, 0x84, {"0020df0d007008d51f00002b0024202e40f894d20060b0f2210080d2620180d2830080d2840080d2020000d4607482d200a0b8f2c10180d2020180d2230180d2640080d2020000d4000000da206383d20020b8f2410080d2a20180d2230080d2640080d2020000d400b8207e0040661e"}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x3, 0x6, 0x81, 0x400}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x50, 0x9c38, 0x1}}, @irq_setup={0x46, 0x18, {0x3, 0x18d}}, @eret={0xe6, 0x18, 0x9}, @svc={0x122, 0x40, {0x8400000c, [0xab1, 0xc0, 0x5f2145b2, 0x9, 0x5]}}, @eret={0xe6, 0x18, 0x4}, @eret={0xe6, 0x18, 0x1}, @code={0xa, 0x3c, {"007008d500d8307e0068200e0014002f007008d5008008d500a0600d007008d50044200e007008d5"}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x4, 0xf, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x0, 0x0, 0x4, 0xc, 0x9, 0x463b, 0x1}}, @msr={0x14, 0x20, {0x603000000013c01e, 0x3}}, @code={0xa, 0x6c, {"000028d560d681d20000b0f2810180d2820080d2630180d2240180d2020000d40044007f007008d5007008d50010005e000028d5007008d5a0fb96d200c0b0f2810180d2020080d2430080d2c40180d2020000d4007008d5"}}, @msr={0x14, 0x20, {0x603000000013c01e, 0x80}}, @msr={0x14, 0x20, {0x39a, 0x8001}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x1, 0xa, 0x9, 0xe}}, @hvc={0x32, 0x40, {0xc4000007, [0x5, 0x6, 0x29, 0x335e, 0x3]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xf10, 0x2, 0xc}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff4, 0x523, 0x3}}], 0x58c}, &(0x7f0000000100)=[@featur2={0x1, 0x60}], 0x1) mmap$KVM_VCPU(&(0x7f0000f29000/0x4000)=nil, r6, 0x6000004, 0x4010, r13, 0x0) (async) ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r12, 0x4068aea3, 0x0) (async) syz_kvm_vgic_v3_setup(r8, 0x1, 0x0) (async, rerun: 32) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f00000005c0)=@attr_pmu_irq={0x0, 0x0, 0x0, 0x0}) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f00005e1000/0x3000)=nil, r6, 0x2000009, 0x213011, r2, 0x0) (async, rerun: 32) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): [ 393.801049][ T3157] 8021q: adding VLAN 0 to HW filter on device bond0 [ 425.803928][ T3157] eql: remember to turn off Van-Jacobson compression on your slave devices Warning: Permanently added '[localhost]:53642' (ED25519) to the list of known hosts. [ 582.137215][ T25] audit: type=1400 audit(581.300:61): avc: denied { name_bind } for pid=3307 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 584.455139][ T25] audit: type=1400 audit(583.650:62): avc: denied { execute } for pid=3308 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 584.509568][ T25] audit: type=1400 audit(583.680:63): avc: denied { execute_no_trans } for pid=3308 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 610.400392][ T25] audit: type=1400 audit(609.600:64): avc: denied { mounton } for pid=3308 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 610.433078][ T25] audit: type=1400 audit(609.630:65): avc: denied { mount } for pid=3308 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 610.519209][ T3308] cgroup: Unknown subsys name 'net' [ 610.569998][ T25] audit: type=1400 audit(609.770:66): avc: denied { unmount } for pid=3308 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 610.968026][ T3308] cgroup: Unknown subsys name 'cpuset' [ 611.068116][ T3308] cgroup: Unknown subsys name 'rlimit' [ 611.991365][ T25] audit: type=1400 audit(611.190:67): avc: denied { setattr } for pid=3308 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 612.010962][ T25] audit: type=1400 audit(611.200:68): avc: denied { mounton } for pid=3308 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 612.039222][ T25] audit: type=1400 audit(611.230:69): avc: denied { mount } for pid=3308 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 613.240519][ T3316] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 613.260387][ T25] audit: type=1400 audit(612.450:70): avc: denied { relabelto } for pid=3316 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 613.280616][ T25] audit: type=1400 audit(612.470:71): avc: denied { write } for pid=3316 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 613.462253][ T25] audit: type=1400 audit(612.660:72): avc: denied { read } for pid=3308 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 613.484427][ T25] audit: type=1400 audit(612.670:73): avc: denied { open } for pid=3308 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 613.529701][ T3308] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 663.849680][ T25] audit: type=1400 audit(663.040:74): avc: denied { execmem } for pid=3317 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 668.518119][ T25] audit: type=1400 audit(667.710:75): avc: denied { read } for pid=3319 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 668.538247][ T25] audit: type=1400 audit(667.730:76): avc: denied { open } for pid=3320 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 668.609383][ T25] audit: type=1400 audit(667.800:77): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 668.844341][ T25] audit: type=1400 audit(668.040:78): avc: denied { module_request } for pid=3320 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 668.886892][ T25] audit: type=1400 audit(668.070:79): avc: denied { module_request } for pid=3319 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 669.970653][ T25] audit: type=1400 audit(669.160:80): avc: denied { sys_module } for pid=3319 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 693.500522][ T3319] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 693.724281][ T3319] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 694.239790][ T3320] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 694.330224][ T3320] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 711.283201][ T3319] hsr_slave_0: entered promiscuous mode [ 711.313045][ T3319] hsr_slave_1: entered promiscuous mode [ 712.360095][ T3320] hsr_slave_0: entered promiscuous mode [ 712.390518][ T3320] hsr_slave_1: entered promiscuous mode [ 712.417504][ T3320] debugfs: 'hsr0' already exists in 'hsr' [ 712.429234][ T3320] Cannot create hsr debugfs directory [ 717.488892][ T25] audit: type=1400 audit(716.680:81): avc: denied { create } for pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 717.532116][ T25] audit: type=1400 audit(716.730:82): avc: denied { write } for pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 717.572033][ T25] audit: type=1400 audit(716.740:83): avc: denied { read } for pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 717.729101][ T3319] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 718.164930][ T3319] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 718.394861][ T3319] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 718.708270][ T3319] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 720.150090][ T3320] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 720.281237][ T3320] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 720.464501][ T3320] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 720.604631][ T3320] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 733.140324][ T3319] 8021q: adding VLAN 0 to HW filter on device bond0 [ 735.435408][ T3320] 8021q: adding VLAN 0 to HW filter on device bond0 [ 790.730704][ T3319] veth0_vlan: entered promiscuous mode [ 791.121337][ T3319] veth1_vlan: entered promiscuous mode [ 792.993707][ T3319] veth0_macvtap: entered promiscuous mode [ 793.124413][ T3320] veth0_vlan: entered promiscuous mode [ 793.449541][ T3319] veth1_macvtap: entered promiscuous mode [ 794.029353][ T3320] veth1_vlan: entered promiscuous mode [ 795.939468][ T35] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 795.961384][ T35] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 795.967360][ T35] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 795.973311][ T35] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 796.988528][ T3320] veth0_macvtap: entered promiscuous mode [ 797.353921][ T3320] veth1_macvtap: entered promiscuous mode [ 798.533582][ T25] audit: type=1400 audit(797.720:84): avc: denied { mount } for pid=3319 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 798.759775][ T25] audit: type=1400 audit(797.960:85): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/syzkaller.BLaFqY/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 798.914013][ T25] audit: type=1400 audit(798.070:86): avc: denied { mount } for pid=3319 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 799.190617][ T25] audit: type=1400 audit(798.390:87): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/syzkaller.BLaFqY/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 799.351828][ T25] audit: type=1400 audit(798.510:88): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/syzkaller.BLaFqY/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3746 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 799.644522][ T3421] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 799.702126][ T3421] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 799.712011][ T3421] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 799.748534][ T2130] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 800.051895][ T25] audit: type=1400 audit(799.250:89): avc: denied { unmount } for pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 800.420034][ T25] audit: type=1400 audit(799.600:90): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 800.545108][ T25] audit: type=1400 audit(799.740:91): avc: denied { mount } for pid=3319 comm="syz-executor" name="/" dev="gadgetfs" ino=3759 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 800.811666][ T25] audit: type=1400 audit(800.000:92): avc: denied { mount } for pid=3319 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 800.879464][ T25] audit: type=1400 audit(800.070:93): avc: denied { mounton } for pid=3319 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 802.279341][ T3319] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 811.946896][ T25] kauditd_printk_skb: 4 callbacks suppressed [ 811.947831][ T25] audit: type=1400 audit(811.110:98): avc: denied { read } for pid=3471 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 811.981366][ T25] audit: type=1400 audit(811.180:99): avc: denied { open } for pid=3471 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 812.368108][ T25] audit: type=1400 audit(811.560:100): avc: denied { execute } for pid=3471 comm="syz.0.1" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3799 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 812.788609][ T25] audit: type=1400 audit(811.980:101): avc: denied { ioctl } for pid=3471 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 820.312151][ T25] audit: type=1400 audit(819.500:102): avc: denied { write } for pid=3478 comm="syz.0.3" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 857.388104][ T25] audit: type=1400 audit(856.570:103): avc: denied { append } for pid=3497 comm="syz.0.8" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1125.949339][ T51] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1127.400217][ T51] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1128.892265][ T51] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1130.418602][ T51] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1151.581032][ T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1151.862595][ T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1152.053673][ T51] bond0 (unregistering): Released all slaves [ 1154.338431][ T51] hsr_slave_0: left promiscuous mode [ 1154.438913][ T51] hsr_slave_1: left promiscuous mode [ 1154.967077][ T51] veth1_macvtap: left promiscuous mode [ 1154.971125][ T51] veth0_macvtap: left promiscuous mode [ 1154.999277][ T51] veth1_vlan: left promiscuous mode [ 1155.016754][ T51] veth0_vlan: left promiscuous mode [ 1224.220666][ T3647] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1224.591209][ T3647] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1254.052505][ T3647] hsr_slave_0: entered promiscuous mode [ 1254.133372][ T3647] hsr_slave_1: entered promiscuous mode [ 1273.243322][ T3647] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1273.632029][ T3647] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1274.072428][ T3647] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1274.322176][ T3647] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1299.293748][ T3647] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1317.624233][ T3797] kvm [3797]: Failed to find VMA for hva 0x21016000 [ 1407.948975][ T3647] veth0_vlan: entered promiscuous mode [ 1408.628541][ T3647] veth1_vlan: entered promiscuous mode [ 1411.508890][ T3647] veth0_macvtap: entered promiscuous mode [ 1412.080193][ T3647] veth1_macvtap: entered promiscuous mode [ 1415.109759][ T3369] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1415.138875][ T3369] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1415.187961][ T21] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1415.328487][ T21] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1433.897522][ T25] audit: type=1400 audit(1433.070:104): avc: denied { setattr } for pid=3889 comm="syz.1.86" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1530.773081][ T25] audit: type=1400 audit(1529.930:105): avc: denied { ioctl } for pid=3963 comm="syz.2.102" path="net:[4026532790]" dev="nsfs" ino=4026532790 ioctlcmd=0xae46 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 1574.173509][ T3977] kvm [3977]: Failed to find VMA for hva 0x20c01000 [ 1574.472573][ T3977] kvm [3977]: Failed to find VMA for hva 0x20bdf000 [ 1803.980108][ T4112] kvm [4112]: Failed to find VMA for hva 0x21016000 [ 1949.300291][ T3421] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1950.640684][ T3421] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1951.794243][ T3421] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1952.954461][ T3421] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1970.948105][ T3421] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1971.480115][ T3421] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1971.769241][ T3421] bond0 (unregistering): Released all slaves [ 1974.466956][ T3421] hsr_slave_0: left promiscuous mode [ 1974.577554][ T3421] hsr_slave_1: left promiscuous mode [ 1975.302958][ T3421] veth1_macvtap: left promiscuous mode [ 1975.318906][ T3421] veth0_macvtap: left promiscuous mode [ 1975.361577][ T3421] veth1_vlan: left promiscuous mode [ 1975.397900][ T3421] veth0_vlan: left promiscuous mode [ 2044.728314][ T25] audit: type=1400 audit(2043.920:106): avc: denied { map } for pid=4223 comm="syz.2.171" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 2044.820645][ T25] audit: type=1400 audit(2044.020:107): avc: denied { execute } for pid=4223 comm="syz.2.171" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 2054.661055][ T4162] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2054.963364][ T4162] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2086.174502][ T4162] hsr_slave_0: entered promiscuous mode [ 2086.293180][ T4162] hsr_slave_1: entered promiscuous mode [ 2086.368559][ T4162] debugfs: 'hsr0' already exists in 'hsr' [ 2086.371660][ T4162] Cannot create hsr debugfs directory [ 2104.613967][ T4162] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 2105.095098][ T4162] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 2105.564708][ T4162] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 2106.098319][ T4162] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 2132.451008][ T4162] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2150.809970][ T4167] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2152.692052][ T4167] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2154.313571][ T4167] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2156.160366][ T4167] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2175.637195][ T4167] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2175.859136][ T4167] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2175.971979][ T4167] bond0 (unregistering): Released all slaves [ 2177.878502][ T4167] hsr_slave_0: left promiscuous mode [ 2178.007628][ T4167] hsr_slave_1: left promiscuous mode [ 2178.837970][ T4167] veth1_macvtap: left promiscuous mode [ 2178.849413][ T4167] veth0_macvtap: left promiscuous mode [ 2178.851463][ T4167] veth1_vlan: left promiscuous mode [ 2178.852909][ T4167] veth0_vlan: left promiscuous mode [ 2241.727882][ T4302] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2242.020005][ T4302] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2261.189984][ T4162] veth0_vlan: entered promiscuous mode [ 2261.956328][ T4162] veth1_vlan: entered promiscuous mode [ 2264.392201][ T4162] veth0_macvtap: entered promiscuous mode [ 2264.741665][ T4162] veth1_macvtap: entered promiscuous mode [ 2268.702295][ T4170] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2268.709691][ T4170] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2268.881127][ T4170] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2268.899397][ T4170] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2269.253299][ T4302] hsr_slave_0: entered promiscuous mode [ 2269.324390][ T4302] hsr_slave_1: entered promiscuous mode [ 2291.038863][ T4302] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 2291.544261][ T4302] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 2292.167423][ T4302] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 2292.663573][ T4302] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 2324.959125][ T4302] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2468.603798][ T4302] veth0_vlan: entered promiscuous mode [ 2470.490905][ T4302] veth1_vlan: entered promiscuous mode [ 2476.202813][ T4302] veth0_macvtap: entered promiscuous mode [ 2477.199560][ T4302] veth1_macvtap: entered promiscuous mode [ 2481.759785][ T4170] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2481.762919][ T4170] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2481.784536][ T4170] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2481.799499][ T4170] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2528.454056][ T4183] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2530.850192][ T4183] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2532.582674][ T4183] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2534.608604][ T4183] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2565.434023][ T4183] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2565.771966][ T4183] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2565.962646][ T4183] bond0 (unregistering): Released all slaves [ 2568.649617][ T4183] hsr_slave_0: left promiscuous mode [ 2568.779234][ T4183] hsr_slave_1: left promiscuous mode [ 2569.606266][ T4183] veth1_macvtap: left promiscuous mode [ 2569.621664][ T4183] veth0_macvtap: left promiscuous mode [ 2569.628966][ T4183] veth1_vlan: left promiscuous mode [ 2569.658324][ T4183] veth0_vlan: left promiscuous mode [ 2640.822020][ T4528] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2641.255181][ T4528] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2679.572747][ T4528] hsr_slave_0: entered promiscuous mode [ 2679.721539][ T4528] hsr_slave_1: entered promiscuous mode [ 2679.839096][ T4528] debugfs: 'hsr0' already exists in 'hsr' [ 2679.842879][ T4528] Cannot create hsr debugfs directory [ 2699.012627][ T4528] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 2699.613080][ T4528] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 2700.213339][ T4528] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 2700.731021][ T4528] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 2738.122251][ T4528] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2896.992905][ T4528] veth0_vlan: entered promiscuous mode [ 2898.331634][ T4528] veth1_vlan: entered promiscuous mode [ 2904.765440][ T4716] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2905.353803][ T4716] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2908.189605][ T4528] veth0_macvtap: entered promiscuous mode [ 2908.988841][ T4528] veth1_macvtap: entered promiscuous mode [ 2912.883188][ T4184] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2912.910374][ T4184] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2913.021018][ T4184] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2913.046833][ T4184] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2956.770729][ T4716] hsr_slave_0: entered promiscuous mode [ 2956.928897][ T4716] hsr_slave_1: entered promiscuous mode [ 2956.992720][ T4716] debugfs: 'hsr0' already exists in 'hsr' [ 2956.997098][ T4716] Cannot create hsr debugfs directory [ 2978.869881][ T4716] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 2979.991355][ T4716] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 2981.034467][ T4716] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 2981.840382][ T4716] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 3025.845341][ T4716] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3106.952171][ T4830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3107.338023][ T4830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3145.650295][ T4532] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3148.114519][ T4532] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3150.381493][ T4532] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3152.408585][ T4532] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3172.664122][ T4532] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3173.168361][ T4532] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3173.559904][ T4532] bond0 (unregistering): Released all slaves [ 3175.645288][ T4830] hsr_slave_0: entered promiscuous mode [ 3175.771011][ T4830] hsr_slave_1: entered promiscuous mode [ 3175.803889][ T4830] debugfs: 'hsr0' already exists in 'hsr' [ 3175.831590][ T4830] Cannot create hsr debugfs directory [ 3176.249385][ T4532] hsr_slave_0: left promiscuous mode [ 3176.319436][ T4532] hsr_slave_1: left promiscuous mode [ 3176.857674][ T4532] veth1_macvtap: left promiscuous mode [ 3176.859071][ T4532] veth0_macvtap: left promiscuous mode [ 3176.862421][ T4532] veth1_vlan: left promiscuous mode [ 3176.863820][ T4532] veth0_vlan: left promiscuous mode [ 3206.003385][ T4532] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3207.992080][ T4532] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3209.484725][ T4532] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3210.974801][ T4532] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3238.183461][ T4532] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3238.500723][ T4532] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3238.783927][ T4532] bond0 (unregistering): Released all slaves [ 3241.480484][ T4532] hsr_slave_0: left promiscuous mode [ 3241.628543][ T4532] hsr_slave_1: left promiscuous mode [ 3242.276924][ T4532] veth1_macvtap: left promiscuous mode [ 3242.300012][ T4532] veth0_macvtap: left promiscuous mode [ 3242.308842][ T4532] veth1_vlan: left promiscuous mode [ 3242.339594][ T4532] veth0_vlan: left promiscuous mode [ 3268.933231][ T4716] veth0_vlan: entered promiscuous mode [ 3269.234015][ T4830] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 3269.643349][ T4830] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 3270.354059][ T4830] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 3270.800131][ T4830] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 3271.827722][ T4716] veth1_vlan: entered promiscuous mode [ 3276.105092][ T4716] veth0_macvtap: entered promiscuous mode [ 3276.554552][ T4716] veth1_macvtap: entered promiscuous mode [ 3280.112744][ T4184] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3280.129403][ T4184] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3280.233076][ T4184] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3280.238616][ T4184] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3309.541535][ T4830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3494.260536][ T4830] veth0_vlan: entered promiscuous mode [ 3495.398756][ T4830] veth1_vlan: entered promiscuous mode [ 3499.338738][ T4830] veth0_macvtap: entered promiscuous mode [ 3500.740579][ T4830] veth1_macvtap: entered promiscuous mode [ 3507.909369][ T3654] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3507.931871][ T3421] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3507.951362][ T4170] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3508.081424][ T4532] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3662.890169][ T5070] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3663.483784][ T5070] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3718.644506][ T5070] hsr_slave_0: entered promiscuous mode [ 3718.762065][ T5070] hsr_slave_1: entered promiscuous mode [ 3726.852899][ T5092] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3728.697643][ T5092] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3753.789505][ T5070] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 3754.554930][ T5070] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 3755.321402][ T5070] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 3756.098687][ T5070] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 3790.393679][ T5092] hsr_slave_0: entered promiscuous mode [ 3790.631167][ T5092] hsr_slave_1: entered promiscuous mode [ 3790.849795][ T5092] debugfs: 'hsr0' already exists in 'hsr' [ 3790.879378][ T5092] Cannot create hsr debugfs directory [ 3826.641209][ T5070] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3830.719488][ T5092] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 3831.591236][ T5092] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 3832.292685][ T5092] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 3833.039565][ T5092] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 3889.981443][ T5092] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3968.659474][ T27] INFO: task syz.7.208:5066 blocked for more than 430 seconds. [ 3968.729843][ T27] Not tainted syzkaller #0 [ 3968.775054][ T27] Blocked by coredump. [ 3968.798647][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 3968.799321][ T27] task:syz.7.208 state:D stack:0 pid:5066 tgid:5064 ppid:4830 task_flags:0x40044c flags:0x00000018 [ 3968.800805][ T27] Call trace: [ 3968.801317][ T27] __switch_to+0x584/0xb20 (T) [ 3968.803405][ T27] __schedule+0x1eec/0x33a4 [ 3968.803975][ T27] schedule+0xac/0x27c [ 3968.804503][ T27] schedule_timeout+0x5c/0x1e4 [ 3968.804916][ T27] do_wait_for_common+0x28c/0x444 [ 3968.805320][ T27] wait_for_completion+0x44/0x5c [ 3968.989819][ T27] __synchronize_srcu+0x2a4/0x320 [ 3968.990528][ T27] synchronize_srcu+0x3cc/0x4f0 [ 3968.991000][ T27] __mmu_notifier_release+0x424/0x614 [ 3968.991491][ T27] exit_mmap+0xb8/0xbb8 [ 3968.991963][ T27] __mmput+0x10c/0x528 [ 3968.992458][ T27] mmput+0x70/0xac [ 3968.992900][ T27] exit_mm+0x158/0x258 [ 3968.993344][ T27] do_exit+0x788/0x2378 [ 3968.993768][ T27] do_group_exit+0x1d4/0x2ac [ 3968.994230][ T27] get_signal+0x1440/0x1554 [ 3968.994703][ T27] do_signal+0x23c/0x4dd0 [ 3968.995182][ T27] do_notify_resume+0xb0/0x270 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 3969.157537][ T27] el0_svc+0xb8/0x164 [ 3969.158185][ T27] el0t_64_sync_handler+0x84/0x12c [ 3969.158660][ T27] el0t_64_sync+0x198/0x19c [ 3969.160276][ T27] [ 3969.160276][ T27] Showing all locks held in the system: [ 3969.160742][ T27] 3 locks held by kworker/u4:1/21: [ 3969.161310][ T27] 1 lock held by khungtaskd/27: [ 3969.161673][ T27] #0: ffff800087876d18 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48 [ 3969.163999][ T27] 2 locks held by getty/3187: [ 3969.164380][ T27] #0: 96f0000011d0e8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c [ 3969.324788][ T27] #1: c1ff80008c5cb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8 [ 3969.408125][ T27] 2 locks held by syz-executor/3308: [ 3969.408511][ T27] 3 locks held by kworker/u4:6/3421: [ 3969.408810][ T27] 2 locks held by kworker/u4:0/3652: [ 3969.409093][ T27] #0: 3bf000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18 [ 3969.410861][ T27] #1: ffff80008cda7c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18 [ 3969.412534][ T27] 2 locks held by kworker/u4:3/3654: [ 3969.412846][ T27] 3 locks held by kworker/u4:8/3788: [ 3969.413157][ T27] 2 locks held by kworker/u4:4/4167: [ 3969.413482][ T27] 3 locks held by kworker/u4:7/4170: [ 3969.413793][ T27] 3 locks held by kworker/u4:10/4184: [ 3969.414127][ T27] 3 locks held by kworker/u4:5/4532: [ 3969.414471][ T27] 3 locks held by kworker/u4:11/4725: [ 3969.414830][ T27] 2 locks held by syz.6.218/5040: [ 3969.415158][ T27] 3 locks held by kworker/u4:14/5166: [ 3969.587986][ T27] 2 locks held by dhcpcd-run-hook/5253: [ 3969.589305][ T27] 2 locks held by modprobe/5255: [ 3969.589699][ T27] 2 locks held by kworker/u4:3/5256: [ 3969.590049][ T27] 1 lock held by dhcpcd-run-hook/5257: [ 3969.649143][ T27] [ 3969.649612][ T27] ============================================= [ 3969.649612][ T27] VM DIAGNOSIS: 07:01:54 Registers: info registers vcpu 0 CPU#0 PC=ffff800085bc10c8 X00=0000000000000007 X01=0000000000000000 X02=0000000000000000 X03=ffff800085bc1100 X04=0000000000000000 X05=94f0000010df4000 X06=63f00000117ad400 X07=ffff8000800076e4 X08=000000000000007e X09=000000000000007e X10=0000000000ff0100 X11=00000000d11ed82c X12=00000000000000fe X13=0000000000000003 X14=0000000000000000 X15=ffff800080007680 X16=ffff800080010e20 X17=000000000000003d X18=00000000000000ff X19=efff800000000000 X20=00000000000000cb X21=0000000000000000 X22=cbf0000026d81b58 X23=87f0000015d33c00 X24=0000000000000001 X25=00000000000000ff X26=ffff8000800077d0 X27=cbf0000026d81b00 X28=0000000000000001 X29=ffff800080007610 X30=ffff8000865a5c04 SP=ffff800080007610 PSTATE=40402009 -Z-- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000 P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000 FFR=0000 Z00=0078756e696c6573:2f73662f7379732f Z01=0078756e696c6573:2f73662f7379732f Z02=0000000000000000:f000000000000000 Z03=0000000000000000:0000ff00000000ff Z04=3333333333333333:3333333333333333 Z05=0000000000000000:0c00000000300003 Z06=0000000000000000:0000000000000000 Z07=0000000000000000:0000000000000000 Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000 Z17=0000000000000000:0000000000000000 Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000