INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added 'ci-upstream-next-kasan-gce-1,10.128.0.2' (ECDSA) to the list of known hosts.
2017/08/11 22:10:35 fuzzer started
2017/08/11 22:10:35 dialing manager at 10.128.0.26:40485
2017/08/11 22:10:42 executing program 0:
mmap(&(0x7f0000000000/0xaed000)=nil, 0xaed000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aed000)={0x7f, 0x4000000000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000937000-0x28)={0x0, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000ae5000-0x48)={0x80003, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000ad8000)=[], 0x0)
mmap(&(0x7f00005f9000/0x1000)=nil, 0x1000, 0x3, 0x32, r0, 0x0)
mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000ae1000)=[@text16={0x10, &(0x7f0000aee000-0x78)="6766c7442400009000006766c7442402050000006664c73524068d00000000000f011c66b80500000066b9002000000f01c10866b80f20d86635080000000f22d80000000f23d00f21f86735a630000066b91503000066b8d400000066ba000000000f3067f36d0f3266b97e0300000f3266b9760900000f32f22e0f001d0f183f66640f06", 0x85}], 0x1, 0x40, &(0x7f0000ae1000)=[], 0x0)
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_REGS(r2, 0x8090ae81, &(0x7f0000aee000-0x90)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
2017/08/11 22:10:42 executing program 1:
mmap(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x3, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000003000/0x3000)=nil, 0x3000, 0x8002, &(0x7f000000c000-0x8)=0xef3d, 0x5d4, 0x0)
mbind(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000005000-0x8)=0x9, 0x807f, 0x2)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r0, 0x4008ae93, &(0x7f000000e000)=0x5002)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0)
mmap(&(0x7f000000f000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000010000-0x20)={0x1, &(0x7f0000008000-0x8)=0x0, 0x4, r0, 0x4})
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000003000)={0x6, <r3=>0xffffffffffffff9c, 0x1})
madvise(&(0x7f0000007000/0x4000)=nil, 0x4000, 0xa)
mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f000000a000/0x2000)=nil)
mlock2(&(0x7f000000b000/0x1000)=nil, 0x1000, 0x0)
madvise(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x9)
mmap(&(0x7f0000010000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_PIT2(r3, 0x8070ae9f, &(0x7f0000011000-0x70)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mlock2(&(0x7f000000a000/0x3000)=nil, 0x3000, 0x1)
write$eventfd(r3, &(0x7f0000004000)=0x1ff, 0x8)
mremap(&(0x7f0000004000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000003000/0x2000)=nil)
ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd004)
mprotect(&(0x7f000000b000/0x3000)=nil, 0x3000, 0x300000d)
ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000005000)={0x0, 0x0, 0x9, &(0x7f000000d000-0x8)=0x0})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r3, 0x4010ae68, &(0x7f0000008000-0x10)={0x4000, 0x8000, 0x0})
mlock2(&(0x7f000000e000/0x1000)=nil, 0x1000, 0x1)
mremap(&(0x7f0000007000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000001000/0x3000)=nil)
2017/08/11 22:10:42 executing program 4:
mmap(&(0x7f0000000000/0xc000)=nil, 0xc000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000000c000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f000000d000-0xc)={0x2, <r0=>0xffffffffffffffff, 0x1})
ioctl$KVM_DEASSIGN_PCI_DEVICE(r0, 0x4040ae72, &(0x7f0000000000)={0x0, 0x9, 0x3, 0x0, 0xfffffffffffffffd})
write$eventfd(r0, &(0x7f0000000000)=0x100, 0x8)
mmap(&(0x7f000000c000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000000d000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f000000d000)="2f6465762f6b766d00", 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f000000c000)={0x7, <r2=>0xffffffffffffff9c, 0x1})
ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000007000)={0x4, 0x1})
mmap(&(0x7f000000d000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000000d000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000002000-0x40)={0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f000000e000-0x8)="2f6465762f6b766d00", 0x418f3e, 0x0)
mremap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x2000, 0x0, &(0x7f0000004000/0x2000)=nil)
mmap(&(0x7f000000e000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x0, &(0x7f000000e000)={0x0, 0xb7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f000000f000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000010000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r0, 0x4010ae74, &(0x7f0000010000)={0x7, 0x200003f, 0x8})
ioctl$KVM_ASSIGN_DEV_IRQ(r2, 0x4040ae70, &(0x7f000000f000)={0x7fffffff, 0x3f, 0xffff, 0x2})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x8000007ebc)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000001000-0xc)={0x4, r3, 0x1})
pkey_alloc(0x0, 0x1)
2017/08/11 22:10:42 executing program 7:
mmap(&(0x7f0000000000/0x28000)=nil, 0x28000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000017000)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000006000-0xc)={0x2, <r2=>r1, 0x0})
mmap(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x3, 0x33, 0xffffffffffffffff, 0x0)
ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000028000)={0xc000000000000000, 0x6004, 0x1000, 0x1, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_KVMCLOCK_CTRL(r3, 0xaead)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000017000)={{0x106000, 0xf001, 0x1f, 0x6, 0x5, 0x6000000000000000, 0x4, 0x8001, 0x1, 0x1f, 0x2, 0x6585099f, 0x0}, {0x3, 0xf000, 0x0, 0x9, 0x100000001, 0x2, 0x1f, 0x10000, 0x2, 0x8, 0x120000000, 0x2, 0x0}, {0x0, 0x6000, 0xe, 0x8, 0x4, 0x400, 0x800, 0x1f, 0x4, 0xfffffffffffffffc, 0x289, 0x2, 0x0}, {0x4000, 0x4, 0xe, 0x5, 0x20, 0x0, 0x3, 0x80000000, 0x4, 0x7, 0x1, 0xfffffffffffffffd, 0x0}, {0x4, 0x4000, 0xf, 0x3, 0x9f99, 0x1, 0x6d0, 0xfffffffffffffffe, 0x80, 0x9, 0x5, 0x400, 0x0}, {0x4000, 0x1f000, 0xb, 0x7fffffff, 0x3, 0x4, 0x7, 0x5, 0x100000001, 0x9, 0xff, 0x5, 0x0}, {0xd001, 0x5000, 0x0, 0x100000000, 0x101, 0x6, 0x200, 0x7, 0x3, 0xfffffffffffffc00, 0x5, 0x4, 0x0}, {0xf000, 0x3000, 0x0, 0x0, 0xf87b, 0x5, 0x8, 0xff, 0x4, 0x40, 0x7fffffff, 0x6, 0x0}, {0x1, 0x2, [0x0, 0x0, 0x0]}, {0x6000, 0x5000, [0x0, 0x0, 0x0]}, 0x4, 0x0, 0x0, 0x2000, 0x6, 0x8000, 0x2, [0x5, 0x100, 0x4, 0x8]})
mmap(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f000000f000/0x18000)=nil, &(0x7f0000029000-0x18)=[@text16={0x10, &(0x7f000000d000)="0f06ba4200ec66b8e90000000f23d80f21f86635000000400f23f866b8008000000f23d00f21f866352000000d0f23f86766c74424002f9f9ae46766c7442402480000006766c744240600000000670f011c240fc76a2a66b98508000066b80078000066ba000000000f300f07b861000f00d866b9800000c00f326635008000000f30", 0x83}], 0x1, 0x37, &(0x7f0000009000-0x20)=[@cr0={0x0, 0x40040001}, @dstype3={0x7, 0x1}], 0x2)
mmap(&(0x7f0000029000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f000002a000-0x70)={[{0x6, 0x5, 0x7, 0x5, 0x917, 0x4, 0x1, 0xfff, 0x6, 0xfffffffffffffc01, 0x10001, 0x7, 0x3}, {0x1, 0x0, 0x2, 0x2eb6, 0x100000000, 0x10001, 0x100000000, 0x1800000000000, 0xff, 0x300000000, 0x9, 0x2, 0x0}, {0x8, 0x2, 0x0, 0x9, 0xff, 0x6, 0x1, 0x7, 0x4, 0x8, 0x7, 0x9, 0x401}], 0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000002000/0x18000)=nil, &(0x7f0000024000-0x18)=[@text32={0x20, &(0x7f0000025000-0x64)="66b80d018ed00f21d3dfebc7442400de5f0000c7442402cc9e557bc7442406000000000f011c24c744240027610000c7442402dca79e83c7442406000000000f011c24b9a40b00000f32f2afb805000000b9fd1200000f01d90fc72d4000000066b809008ee0", 0x66}], 0x1, 0x0, &(0x7f0000023000)=[], 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000011000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34b582ec71cdec61, [0x4, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000022000-0x18)={0x1, 0x0, [{0x800, 0x0, 0xfffffffffffffffd}]})
mmap(&(0x7f0000029000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000029000)={"70bb2a128b3e90781041d44f4ed210182c8ad5cfe4871781588a516c5f0d384e4ca3603cacc146ef011ac748d359b63730c6e6cc5d77886de9d396479889d55bc24fb36817bc31d53eba46ec34cb2557194159b37d638188f7ed8b890a800d217f4ccd306d4e4c612063db6c280459216b2f7896c875d626316a1f14a952d2c852ed7f20180a530e2538bda1281842af03006e2ae91e1a7030d82fd60763bef7fa6ac3391e20b29368345b928d9ae86cc8901c76d48b0143bd8a886d55be0755a4e3eb9b971974559175c59f7e3d05e775c98a3508e43eefbae7a7659f6395de6e2cfb9f2efb635d821c52f49a6cf1742f105914f16122034220c2a6f0520d26a16cd1605fe15680dd76cf843985aae9290f56e42206e113374b4d3c0d93020758dd28362aa61638fe47831f60d23840ece28f390412b45f61f85a849a25fb385b779360a4a81dfdb7dda333306389aeeac957c1e1bb62467b33191bc8b9db7a47402e7bcc8083db61f313bff10d2fac4906afbc562af33b1ec061e895fb3ea52f6a1e9b43c253e536b7f31ea2769d1246734aef2c2d9a1c1c9ff68cfd16c7b595fd8a2236ac70624b3f007f0cf6e94130dd5bc895a36bce9df396f5cd1741bff3e9cd2766cf052a2650202a303f1236c27d57ca0938382826cee587bdb98b680986170fa3d6bec0ef4604e1433c6b1d1c7c0aa43befc947cd00b1dc690294dc02c9fa6b194833db38f6da270ceece0bb3375c2018effeeb57d642b758225936c001907de8a8cb64a8ac30858fcacc8ec615269ecb9c22b8ee1740eb018daeabdce89679645e5cdec1f2abcc2786a5d58b18fff5bba12e9dd76fbc24f0e19cfa6a14dce2ff713373884f8267eed9d207051c0f1303e401db66b35f73cc2a5b7c4faa425b7d9c19f456e60835424c336f6c16367b13cc2f3cb9cdfe8ca878d25f61f9dc62ab5e02d9d7628b2a57226ee0f6eeb00886b7356750d7c80bff1918688efd0dc816e1048b327960bef92638acef6c7f969c3cf637954665c97c02086423429d6fd45d475d60e46f0ea0ff688e6878b1012ebd46ee981f1c0b4402346687e0b629c5ee83317b28923e77516f5d6c1e3fcff71a8bf166c16430e5134372ef9fd3f3398c4590601d76c1f45e0aceff4a3699622698854b4f12cfe924a93abbc1b5559a2efaa4d4400cda58f201ddbc35fc87da86629eff83989c1f34ad47425c795ed712220b14a6f4f6aa9acbc509c0f9fee8e1846bbfd58b90fbf0e02be42d533ab91a1d0022e9d3c045056b485edee3476e32fc7bedb06aa35a3d848ee6ff76db2430c9e7195d012fef3226bd29b9babd1d0da57e0cf17e54e4329cb520256a7d880a92965a6496ba192fc6626e3db964f2091d234b9462f6b938cc68160d07c358f0222dee886507401a144fd86e31ca9d6f7a63fc57706c2467b5fd"})
2017/08/11 22:10:42 executing program 5:
mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x4, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aef000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00000ab000)={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_KVMCLOCK_CTRL(0xffffffffffffffff, 0xaead)
ioctl$KVM_SET_XSAVE(r2, 0x5000aea5, &(0x7f000031d000-0x400)={"4fa3c30e6d731fc1b9ed0a032d24f18dc06519925988cf9029578d0b354730def43ba7907a562f577d81126e8acd0df79c77502d4181d9f2cb6143255ebfa3c37785a50ab1be58c51ee425865f6e49319b320cc947dee28e176489397fc3e235c3aa942dbcc0f9fbbb8e793aab81106a4d8e9e3eec453901df262ca95ae660af528f148e5b348a3b7c1dfbfdd5e203f0e83562dda056845b9ad654dd9565ee3a2b0a875b725f2a6587586940d8f5c385f38fe7939747aa02636a68a077f96709063428e042a764380e465d491366ba63faadd36d9590c9378e8c3f03b4d5887111d8c275ca8f63dd71051686ec4e131019d265e78b2eb46806d12932da7bbc926ed0d63367f6f4c515f9cd50be3853e3c478c11d844af7b95368354758ffbaad6f243b0e1c2130e4669bd975bdfdb6fbff2a8fac4a8e8eb6a46621ec7df46211561d67a7d7490d38e579e3a8eb2f0c3c2a3651348527da5d3260c06060ac93473bca773150de392e47c1e9739ac1b04b83742fb2cb28ce7837d384e2a6871cd4698aec71ad7d96f013bce25dd0ddc7863c7cbfe1fccea4beb6b5ed54a72eb901d06951448c82314c23c6b5a77a738f8a7ed062908744fa50a7a59968d07ffb389b12b1a7e8b6b4ef710fcd7dd3a59c8543a7439a42990b8dd6d08a41ec4bea5b8219ae1be7f74881709d180f0b96fd56272e4a4c45c9097398b16fa4862024a67601e1980c6b940ee6e23f44484b5e3dc499a19519306688071909361346ff6113c72328e7fdc3b7f5b796abe15d54d165e54d605058f5c2dff602fb24b0b53197075379d28fc1b51633212a9a7933fce544b3015ab5ff0bcdefc4a03c963f5be0ee44bfa8a5e9944a3c63ee84523954ac555cd0ba206f6386d4cc1ebacba0a5862b05a909fb804cf949410fafb37fb84cb9b82ef2876f615156e1401c74a13e0ce18670a05593c3a2dc3c4dc3f15f5533dc3298236f1048b0ad00346b5ca8523413fe1e508140b6de20e045e9e0e949c73a509eec21b894159eb827633455ef1457359ecfcdd488abd1ce6024ef3cd390e5f64e716b53e357c47bad75fad02860af89bdac6f2f91cb02f1489949a618355d9479dfb66df7794e82b63eb0546472ed79e43d7d6975cf65631c9dcda9fa0ee735b8b9b034524434bb4a806ace65aa275a18efb43567c8f67cef4a37c1cf03fceedfa786f8c8864066fba6570ba1ccbb781bf74f7b14049b3f83d98f7904d3a10cc8099f5f3dfd8083bced3effa978e86379f1ea05d5ff604a8a1c71c79fcf15d7503897b124b21b36bf0312c4d5d6b4608f7700c055da34fecc7029b0cb745d160c987bb2c524633c9df957389b1faa0e83775d9e580a99209bf51ba82bc764c6c9471ff97789620286cc05b552d3b3abfe1b8311cb50f8fc88052bba926cd339326c748b8b3e9925768eddf00c"})
2017/08/11 22:10:42 executing program 6:
mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000025000-0x9)="2f6465762f6b766d00", 0x404, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000020000-0x13)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x8000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000ade000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_PPC_GET_PVINFO(r3, 0x4080aea1, &(0x7f000014b000)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f00003b8000/0x18000)=nil, &(0x7f0000ad1000)=[@textreal={0x8, &(0x7f0000ae7000-0x37)="ba43000f20c0b8eecbeecbdfd200000f230f21f86635800000a00f23f865640f019809000fbf56020f35defedbe20fc79f00000f330fbaf601", 0x39}], 0x1, 0x0, &(0x7f0000ae4000)=[], 0x0)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f000054d000-0x70)={[{0x6, 0x6118201, 0x25, 0x8000, 0xc611, 0x9, 0x8, 0x4, 0x6, 0x5, 0x20, 0x84, 0x3}, {0x1000000000000400, 0x2ab000, 0x500, 0xed5, 0xffffffff, 0x6, 0x40, 0x5, 0x312, 0x4, 0x4c8, 0x3f, 0x1}, {0x82f, 0x0, 0x80, 0x0, 0xe, 0x4, 0x7f, 0x4000000000000003, 0x1d, 0x0, 0x1a3b374d400, 0x100, 0x7}], 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x1ffffc, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f00001fb000/0x18000)=nil, &(0x7f0000adf000)=[@text64={0x40, &(0x7f000022a000)="b9800000c0b98f0400000f3235008000000f3048b89e000000000000000f23d80f21f835c00000300f23f8662e64314d00400f9bf2f26cc740442400df0000000044240200000080c7442406000000040f011c246564f20f1bffc4e3bd78ca08430f01cfb9940000400f32", 0x6b}], 0x1, 0x0, &(0x7f0000230000)=[], 0x0)
mmap(&(0x7f0000af1000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_CPUID(r6, 0x4008ae8a, &(0x7f0000af1000)={0x9, 0x0, [{0x7, 0x100000000, 0xfffffffffffffff9, 0x6, 0x4, 0x0}, {0x8000000a, 0x4, 0x3, 0x12c9b783, 0x1, 0x0}, {0x0, 0x9, 0x4, 0x3, 0x1, 0x0}, {0xd, 0x8000, 0x8001, 0x2, 0x47, 0x0}, {0xc0000007, 0x7fffffff, 0x8, 0x72c, 0x40, 0x0}, {0x7, 0x8000, 0x8, 0x1, 0x9329, 0x0}, {0x7, 0x33, 0x3, 0x7, 0x6, 0x0}, {0xc0000001, 0x100000001, 0x5, 0xffffffff, 0x101, 0x0}, {0xc0000001, 0xfac5, 0x2, 0x9, 0x18, 0x0}]})
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f00002e0000-0x9)={0x0, 0x12000, 0x0})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000a97000/0x18000)=nil, &(0x7f00002d7000)=[@textreal={0x8, &(0x7f00000ba000-0x4c)="66b8e70000000f23c80f21f86635040000000f23f80f18ae050066b90d03000066b80d00000066ba000000000f30660f38311d2099d0f6da9c060064260f005800f26f0f01c83667360f01d1", 0x4c}], 0x1, 0x4, &(0x7f0000af0000)=[@cr0={0x0, 0x40028}], 0x1)
ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4068aea3, &(0x7f000068a000-0x68)={0x7b, 0x0, [0x100000000, 0x200, 0x3, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mbind(&(0x7f00007d8000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000af1000)=0x100000000, 0x801, 0x4)
2017/08/11 22:10:42 executing program 2:
mmap(&(0x7f0000000000/0xaec000)=nil, 0xaec000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000000f000-0x6)="2f6465762f6b766d00", 0x0, 0x0)
mmap(&(0x7f000000f000/0x1000)=nil, 0x1000, 0x2000005, 0x32, r0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f000000f000-0x6)="2f6465762f6b766d00", 0x2, 0x0)
ioctl$KVM_S390_UCAS_MAP(0xffffffffffffffff, 0x4018ae50, &(0x7f00002e6000)={0x0, 0x0, 0x0})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000202000)={0x0, <r1=>r0, 0x0})
write$eventfd(r1, &(0x7f0000aed000-0x8)=0x0, 0x8)
ioctl$KVM_GET_LAPIC(0xffffffffffffffff, 0x8400ae8e, &(0x7f00004b9000)={"06bab847900775cbc1aa4e5589eeea9528c3638488535f361324105268b47ac743685297395bcc0b2e8716a0b24014cb185814e47bdf341567581ab52329b53a4a1e5636759b2b150be9b1c3c5ef286a2eab1d9f238a5c46ffa3f706794eee0863de52cd839736d33337e2c77bc8571d0111f654ffff9f5b4ef7a80cdaf93279e1a7607fdf21d5f14ced3ed753224bda72840ae6b632367b310a02fbd16ded98c6cd1d72a88662e0b85e145b14601775b2823f77d143fd8477c4fdee15eac68ee3c078ffa4b3a3fcd2005c5ab2989337887b4e33f060e3548c819e2f7173478fbde1ae632001aeb48d7cfb8f3e3fb48e420ec8d8b168f0bb11461bf0ae25ab3e290c847a7e9141aa5a502428acc4d89bc925ba86333cb4c2e86c7e53958256ef4a4dc3cc61079b7614525434d59b456073e63a96f845d98864cec545e6fc9004af950b2f02c8129097bdd4d48414e8cf3c324ed7a3503262fc4d50d05f0aa380456526f2a4e6bda88f06e0ee1aadd8d420e3206472348c90771d2b50ba45be01aaeefdde6a4ac2060a531aa38438e2304d6f139d28a6ce1177571a731e0e854dfca7f5da83e14d07f8ee884b7ccaf3e10f4ec17c4d0c72b9c090b7a146415b19745c8854ef398c3f4d5ad5caa5372bfdd32eb2222dfbe35766c681704638d89f60fec370d0a1913a787012815ccf279f61f3491e2b999013702e026bc4ce09c6614a9583a36e672da9183983c0f6f295c58e6fd7d1fe9704c4c785c5bacb2e552efc366cc5eef591b5269c0b3ea5212827bb1299011cc0c0b4b0dea13f273864b30a37e2a08f3b241eced1ef3d0e62b2505d69f3d1f9753f4c120b25cfa16fee8af479dfde191bf30d4aa3d9be499fcc44a9eaae46041cd0cc9f5949a394751b3c727b5abf3e40ba188dbdde90cf11d75abfd278be9f5f2a5e24093ecc3a722c4ea4a6883954bcd9fa281be0624679b3f91a471964e0274caaf0f4019a6bd256bf621b451383e0a6f0a25732699d5e5c2b6bb188538e94da37f567afc3d8b10ca433ad924303ec3045a49dd59292134a246ae57aa2061cc3457b6ce4ee4968ed6d7f65f1a58d7a4872858a17ccdc44bb49a1c167c6a0f3dff2a6074f6d8685d5553d8d138b74fa69052122375d4d02b7d07d2f26cca943811253560d7f8535de09d61f339bafd14e3cb0401de1f4b57b737ce3e94a904a4c6b3abf7f15e84d8bbfd4d7e88512a4cf8f703bb7e9a73d3914447bad1b93db04608c9e395b1539e91907764bb6e17b302221d42fe4e8f5e8017709739f99c7a489ddd2a4da20d3c06d65eed541d030f7e833f98d52b409ae5f9d7b49d86bb6b8274af97aea05c7bf19200cecff2288b7538ade0eaf723ff23ae0c68e799f1457c31cf21177289f084a294a1cd216949f2e5198ebe7a608ff7cb7d1d639121463875f17bce418df10"})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f00002a4000)={0x0, <r2=>r0, 0x0})
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f00006ae000)={0x0, <r3=>r0, 0x0})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f00008d7000)={0x0, <r4=>r0, 0x0})
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_XSAVE(r4, 0x9000aea4, &(0x7f0000aee000-0x400)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"})
mmap(&(0x7f000007d000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f00003de000)={0x0, 0xe5c4, 0x1ff, &(0x7f00006c2000)=0x0})
mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_BOOT_CPU_ID(r3, 0xae78, &(0x7f0000598000-0x8)=0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f000000f000-0x6)="2f6465762f6b766d00", 0xb3e, 0x0)
2017/08/11 22:10:42 executing program 3:
mmap(&(0x7f0000000000/0xae4000)=nil, 0xae4000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x2)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@textreal={0x8, &(0x7f0000ae4000)="3e0f001b66b9800000c00f326635010000000f30d88a45000f32b800018ec80f23b9360ff9c3662664f2addd8f0900f30f5805", 0x33}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}], 0x1)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_GET_XSAVE(r2, 0x9000aea4, &(0x7f0000ae6000-0x400)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"})
2017/08/11 22:10:42 executing program 1:
mmap(&(0x7f0000000000/0xaf9000)=nil, 0xaf9000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x4, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000ae6000-0x20)={0x3, 0x0, 0x100000, 0x2000, &(0x7f00002cb000/0x2000)=nil})
ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f00000ca000+0x1b9)={0x74, 0x0, [0x1, 0xb9c, 0x6, 0x6], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000766000-0x20)={0x107000, &(0x7f0000af3000)=0x0, 0x8000, r1, 0x0})
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00005f6000-0x48)={0x70003, 0x0, [0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1ff000000]})
ioctl$KVM_SET_XSAVE(r2, 0x5000aea5, &(0x7f00001c7000-0x400)={"857a6b28ea19a822f85c9c0b9c92389419b54e33c2ecc6889b129c1ccc27d95b563921f5a1484bbd1fa6c720aa8eb159b13b5f7b4a1d756cae613e3518108ce96617254ceeb63f4aef6b76f632bbadbc746f641544ef94d6b9336c98aea3b684e9433efce197f1cea3c46ca0219d90fe155a2fde52259ac9a2936bc7b4dacfea210427fb81b4fbae0827530b506079f7711d0b73515fd44ccf391a5e00ab0a461a0df035b4278fdce8806341e914dc275a6964b4c44a1d23ce87cbbe864b317f3aa67a781bd98d9c5cf4c6dc6b788da8f653f3f543c1de6a62198fdd0d5f95a5589927fd0022ff1963953462f97802b369d36313fea01bf46e7553f4ba5278ffc56582b3908fda73de8c32e7dde63d9d699336f984fa42761f781b0d0dd28ba3f159505c51a4843a537bd10779719db8cd6c2d13a16fcec69ebda2c357960da19ba4745100d9f014ea3f81273231ac8a68cfc8f64a08ba82451f391fb58b2c1d4af6834761905b7a571b3df0189706c9be94e196c4e889ec05c0e2be58ec7d0180ab1d95798ae5e73ebd56bbb527fe607428d63f46a22600bdd600cfe87b6672e7b3d3e1015125e5a08eec9439d7f30f8596216b47125a4b6b9b26c5a5e5ce2a42fa830686a341367241dc8bd1ff4aa0c244913c5b766f6edf846b4d13b5cdea8d912b54b0e9a68c90eb21dd8b96eab025595722bdfa9baf0dd2120a78c89ea9fd24c9d46ad85ce2f7bfd4bea9350b7be383669c4ad5e213a475bfac205edfa6a3088a5a043459db6d66a4cf91960932ee225da497b2e1928a11fcfee8946f6ab508af72c637881c063d1df8cf7c8b6f11f65e5b17242dc860278787a383fb3105d3f8b20ff32bb2dfe12bd5b1ee1f45d2992a45332819f78df4370a17f2f25d03e08983de0fa5a893cce08c4c09462f3de02667b2eff794487cf26fcc421165779a75c4f686ed156b33cd328b9538dbe14cc918d09527de180c279b38f05cdc53c492020239e0fe10d83b486335e4e38472d8d62b206ce3c9dd089065a0e96ca5ea3f13f157257796338fbbae8dad3f0798057db4843575c5ab49218996dc05bd158f0c4a4dd6832f7014fc1f54eff81361d88d1e87fb2b6ac27d5a09dbb546215dfc8175d7723f086a512b24ad07d5f997fdcd1ce29fbcf4fc44b22f273b61cc16205dc797cc4427bf74f576eb47d83d181bae13e22cf6925931d84a487c51d493a9eeeaf1980c54920f646ee12164c53bcd7dad526a4b2afaee38a83c92119f23f57beab8626d735efbb17bb4aac0ca30f32bf3add64466359038235aabe1d3b1312641a203e1d3caa424a078cd79343f90c0cdb0083335a55383beb7b283d164932aa92c107ffa56fd40333eb91a70355a57ea8c25e6bef3969434e136658fa10752611108aaa02099beb764005e947c2a86b51758e24e96037737140095"})
mbind(&(0x7f00007e6000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000af4000)=0x10001, 0x100000000, 0x4)
eventfd2(0x0, 0x801)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, &(0x7f0000af3000)=0x10002)
ioctl$KVM_GET_FPU(r2, 0x81a0ae8c, &(0x7f0000af5000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000af6000-0xc)={0x1, <r3=>r2, 0x1})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00004b1000/0x18000)=nil, &(0x7f0000ae7000-0x18)=[@text32={0x20, &(0x7f0000aef000)="0f2107c4e17d2b210f32c4e151605b0e66ba4100b80f000000ef650f22950fc76ccf84f3260f011a66baf80cb82a839086ef66bafc0c66b8130066efead1b30000ca00", 0x43}], 0x1, 0x0, &(0x7f0000aea000)=[], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0x1)
read$eventfd(r3, &(0x7f0000a84000-0x8)=0x0, 0x8)
syzkaller login: [   50.052917] kvm: KVM_SET_TSS_ADDR need to be called before entering vcpu
[   50.091741] *** Guest State ***
[   50.095172] CR0: actual=0x0000000080000031, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[   50.118799] CR4: actual=0x0000000000002051, shadow=0x0000000000000000, gh_mask=fffffffffffff871
2017/08/11 22:10:42 executing program 4:
mmap(&(0x7f0000000000/0xafb000)=nil, 0xafb000, 0x2000002, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000afc000-0x10)={0x101ff, 0x0, &(0x7f000042c000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f00004bc000)=[@text32={0x20, &(0x7f0000afc000)="66bad104ec660f3880abf48100009a0e000000180166ba420066edb8f6ffffff0f23d00f21f8350000000a0f23f8c4c17c2b49e8c744240073aa0000c744240201000000c7442406000000000f011424b8005000000f23d80f21f835400000d00f23f8b9800000c00f3235001000000f300f01d1", 0x74}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000afb000)={0x0, 0x200, 0x4, &(0x7f0000036000-0x8)=0x0})
mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f00002d9000)={0x0, 0x3f, 0x3f, &(0x7f0000afc000)=0x0})
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00006b4000)=@ioapic={0x2, 0x0, 0x0, 0x4, 0x0, [{0x3, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0xe2, 0x5, 0x0, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x6, 0x0, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x1, 0x4, 0x3, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x5d9a, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x5, 0x2, 0x7f, [0x0, 0x0, 0x0, 0x0], 0x40}, {0x9, 0x3f, 0x1, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x9, 0x1, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x0, 0x9, 0x5, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x100000000, 0x6, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x80000000, 0x10001, 0x8, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x7fffffff, 0x9, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xfffffffffffffffc, 0x1, 0xffffffffffffffe1, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x3, 0x6, 0xe945, [0x0, 0x0, 0x0, 0x0], 0xfff}, {0xfffffffffffff135, 0x6, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x8001}, {0x5bd, 0x3f, 0x7ff, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x400, 0x4, 0x9, [0x0, 0x0, 0x0, 0x0], 0x5d1f}, {0x100, 0x7f, 0xfffffffffffff801, [0x0, 0x0, 0x0, 0x0], 0x8}, {0x5, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1e71}, {0x3, 0x6, 0x6, [0x0, 0x0, 0x0, 0x0], 0x5}]})
[   50.189328] CR3 = 0x0000000000010002
2017/08/11 22:10:43 executing program 2:
mmap(&(0x7f0000000000/0xaeb000)=nil, 0xaeb000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000009a000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000aeb000)={0x40000, 0x0, [0xa90, 0x7, 0x8001, 0x8a6, 0xff, 0x100000001, 0xba4, 0x100000001]})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000ae7000)={0x1, 0x0, [{0x0, 0x0, 0x0}]})
mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000aec000-0x1000)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_S390_INTERRUPT_CPU(r2, 0x4010ae94, &(0x7f0000aed000-0x10)={0x0, 0x0, 0x1fbf})
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000603000)={0x20003, 0x0, [0x7, 0x80000001, 0x8222, 0x8, 0x1, 0x5, 0x0, 0xf4]})
ioctl$KVM_SET_DEBUGREGS(r2, 0x4080aea2, &(0x7f0000abc000)={[0xd003, 0x10002, 0xd000, 0x100000], 0x2, 0xd, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
[   50.212084] RSP = 0x000000000000fff4  RIP = 0x0000000000000000
[   50.231735] *** Guest State ***
[   50.231743] CR0: actual=0x0000000080000031, shadow=0x0000000060000031, gh_mask=fffffffffffffff7
[   50.231750] CR4: actual=0x0000000000002050, shadow=0x0000000000000020, gh_mask=fffffffffffff871
[   50.231753] CR3 = 0x00000000fffbc000
[   50.231758] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[   50.231764] RFLAGS=0x00000002         DR7 = 0x0000000000000400
2017/08/11 22:10:43 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_S390_INTERRUPT(r0, 0x4010ae94, &(0x7f0000001000-0x10)={0x5, 0x5, 0x2})
ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4068aea3, &(0x7f0000000000)={0x0, 0x0, [0x401, 0x8, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2)
mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_LAPIC(r1, 0x8400ae8e, &(0x7f0000003000-0x400)={"f803b9100cebe1b98294666659a318a0b8da09d6921e82076d45e61a8dbe0e54b79f9e1fcc7fda7f638feab9df6cafbb1dfe7f825beb34ec3d0c5a67423c93453833b281b67987a666e479c0c4c0637c18a4c3a3b777ce11cc15b31cc746c89609d9e37f5ce85c9ed0598cd7f145c6b4fb1b1488b43ef610d00cdf009e12e7cb9166551bd73d1878b54ad9caff98040ea057f04c25439d0841514b4b04f5a186632fd0c929b6fa9cabbf09a8d1e73722f6c82791c2d3b0214f8b1d3c6261fb9ec7eb8e7664249bb0cd4e61e4a7ef99394aa277c7e6e1e2e06dad31b4165174d24cefce9f754b08acb3bf3143f863a3febfdc56a0745cf5bbb01f6df4a71da86e6cf860c5ca7dece2e0a4f2bc978de555d480fe4f379771f266d5a00f0b4313048d9e7d6f6e70918ba7fb81acf853d1870cd010e820a7ef94fbf7e6c8d6ebef7b13b3a1e6106a4a46d6d3914eaab04b842a2d433ecccbe1e0fd24deaae179f7f2b5b092e2e264c5cc64e77fc70eb47bd54cd03386726b9d8cfbe5c91aa943b2e81ff5041fc26815f975b9b06029fcdca117e86e2fb7c31454afbd62bb79b9661a0f9aae729ee0a1fd7ce84daf48c47514f897d43b937c7c570fba3cb641051eda6b1e4bb0d4a719c895ba244a0500000046939722237e3b3031ddd453c1cbd543a0aefd05db5f88da917180f9fe6f378c47b408b41b16722587ddb46d6931b909c132ed6546f69f8449fff470f5201c8eb3d9a9319c62409648927bde123c9f01a54ecbfdcd191a84fbb3a27a1c86081de3a6d84869af586ebea71ab75265f7d066b5ae73d4f654150753c93ae57f31dc1122014b10f3ebdfb0381a12ec84774388e33e4f29ad846375638a384ef91aafcdbe872400656c32114a020d851c083274eaf000054cea011ce59ea88759fecfe79f77600af7555205cf20f29cbc4115d5c96924a83e6a7b39297e267cdd357ebfd23e65e96df16e13300515f6115a7eeddb173023f01a4db09c912dfc07ba1af67fa600eecbb8ead474bbc35d18dd0d119bae6e5f3bf7f07b0ba7d3ecc5d9769a90fa22497867ca2bdcbc84ef9ff69bbc187d316a15b31de490858654a154b0d1e8c3af38f617ef0f663c56d1f1bfe47a424f0e5537120de5aa7722ceab75eaa31c16b1dfb0fa88322c68b8cb9059550db2464e94715c0b2eefeb121af664b7acbc5622d0cab20534754771588eee9dd571e8cbc8fdd6cb83a3f5b1a0d1d94bc3863275e69ba0eb391572957c61fda74d4a2df69592f1142e93f7fa6056a3150284d211a7f5e1e6f802ae749477d51183898587ca553d2c25971ecba3e7406c43180836ef891f679f18d35fa073d0ea2f51b420c9af39555593f814ca71e6a64f21628a9cc17c153279b63b70aef0d90ffb9f696904c42da385d4e4bf3abaf4f67fcb65327490a7aeddc7208c52e0e8"})
mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r0, 0x4038ae7a, &(0x7f0000000000)={0x2, 0x6, &(0x7f0000002000)="905411ade76cc2d82147c68c737cbfce1d99985652bfadaa34b06c684c9c05771164728d906843ebbafd39eea3ee1598a022f1", &(0x7f0000002000)="", 0x33, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r1, 0x8040ae9f, &(0x7f0000004000-0x1c)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r0, 0x8008ae9d, &(0x7f0000003000-0x21)="000000000000000000000000000000000000000000000000000000000000000000")
mlock2(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x6, 0x10, r0, 0x0)
mmap(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_XSAVE(r1, 0x9000aea4, &(0x7f0000000000)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"})
r2 = pkey_alloc(0x0, 0x2)
pkey_mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, r2)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r0, 0x4010ae74, &(0x7f0000004000-0xc)={0x101, 0x6, 0x3d5f5f06})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f0000002000)={0x104000, 0xa000, 0x0})
ioctl$KVM_GET_TSC_KHZ(r1, 0xaea3)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x3, 0x1030, 0xffffffffffffffff, 0x0)
ioctl$KVM_S390_UCAS_UNMAP(r1, 0x4018ae51, &(0x7f0000005000-0x18)={0x7, 0x8, 0x4})
mmap(&(0x7f0000005000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000005000)="")
mmap(&(0x7f0000006000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000006000)="2f6465762f6b766d00", 0x41, 0x0)
ioctl$KVM_GET_MSR_INDEX_LIST(r3, 0xc004ae02, &(0x7f0000004000-0x18)={0x5, [0x5, 0x800, 0x80000001, 0x7fffffff, 0x3]})
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
mmap(&(0x7f0000006000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_XSAVE(r1, 0x9000aea4, &(0x7f0000007000-0x400)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"})
[   50.231772] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810
2017/08/11 22:10:43 executing program 2:
mmap(&(0x7f000053b000/0x2000)=nil, 0x2000, 0xffffffffffffffff, 0x2871, 0xffffffffffffffff, 0x0)
mremap(&(0x7f000053b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000816000/0x4000)=nil)
mmap(&(0x7f0000000000/0xb99000)=nil, 0xb99000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_XCRS(0xffffffffffffffff, 0x8188aea6, &(0x7f000001f000)={0x1, 0xae16, [{0x0, 0x0, 0x0}]})
ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f000000c000)={0x1, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x0}]})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000002b000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f000062e000-0x70)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000000c000)={0x2, 0x0, [{0x1, 0x0, 0x0, 0x0, 0x0, 0x0}, {0xa, 0xff9, 0x0, 0x0, 0x0, 0x0}]})
ioctl$KVM_GET_REGS(r2, 0x8090ae81, &(0x7f0000300000-0x90)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f000002c000-0x18)={0x1, 0x0, [{0x18e, 0x0, 0xbd992f9}]})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00005b8000/0x18000)=nil, &(0x7f0000a37000-0x18)=[@textreal={0x8, &(0x7f0000ae1000-0x2d)="66b822f908230f23c80f21f866350800c0000f23f866b8e10ce9300f23c80f21f866350400b0000f23f8653e0fc3050f01d9f3ac0f01cfb80d028ee8bad00466ed26660f01c966660f3a1650d800", 0x4e}], 0x1, 0x0, &(0x7f000018a000-0x20)=[@cr0={0x0, 0x0}, @efer={0x2, 0x100}], 0x2)
mremap(&(0x7f00004c7000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f00000cc000/0x4000)=nil)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f00000cf000)={0x2, <r3=>0xffffffffffffffff, 0xfffffffffffffffd})
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mbind(&(0x7f00000cc000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000001000-0x8)=0x380000000000000, 0x4, 0x2)
ioctl$KVM_SET_TSC_KHZ(r3, 0xaea2, 0x1)
mmap(&(0x7f00002f3000/0xc00000)=nil, 0xc00000, 0x3, 0x32, 0xffffffffffffffff, 0x20000000)
mmap(&(0x7f00002ab000/0x2000)=nil, 0x2000, 0x3, 0x32, r0, 0x0)
syz_kvm_setup_cpu$x86(r3, r3, &(0x7f0000f21000/0x18000)=nil, &(0x7f0000002000-0x18)=[@text32={0x20, &(0x7f0000002000-0x5c)="c4c1a45ea200000000670f01cf66baf80cb8309c8887ef66bafc0cb8ff000000eff2af0f0fb43f05000000b7f20f35660fae730c660f388293256141970fc71ac744240000900000c74424025b000000c7442406000000000f011424", 0x5c}], 0x1, 0x20, &(0x7f0000001000-0x20)=[@cr4={0x1, 0x80}, @cstype3={0x5, 0xe}], 0x2)
ioctl$KVM_X86_SET_MCE(r3, 0x4040ae9e, &(0x7f0000000000)={0x2000000000000000, 0x6000, 0x0, 0x4, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]})
mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000001000)={0x5, [0x8f, 0x4, 0x82415a6, 0x1, 0x8001]})
munlock(&(0x7f00000cf000/0x1000)=nil, 0x1000)
ioctl$KVM_ASSIGN_PCI_DEVICE(r1, 0x8040ae69, &(0x7f0000b9a000-0x14)={0xfffffffffffffff7, 0x7fff, 0x5, 0x4, 0x8})
ioctl$KVM_PPC_GET_SMMU_INFO(r3, 0x8250aea6, &(0x7f0000587000-0x1000)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
mmap(&(0x7f0000301000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0)
mremap(&(0x7f000053c000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f00000cd000/0x2000)=nil)
ioctl$KVM_GET_FPU(r2, 0x81a0ae8c, &(0x7f000010d000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0})
2017/08/11 22:10:43 executing program 4:
mmap(&(0x7f0000000000/0xae3000)=nil, 0xae3000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
mmap(&(0x7f0000a6f000/0x6000)=nil, 0x6000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000ae3000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f000083d000/0x2000)=nil, 0x2000, 0x3, 0x10, r2, 0x0)
ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x2)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff})
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@textreal={0x8, &(0x7f0000ae4000)="3e0f001b66b9800000c00f326635010000000f30d88a45000f32b800018ec80f23b9360ff9c3662664f2addd8f0900f30f5805", 0x33}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @vmwrite={0x8, 0x0, 0x0, 0x0, 0x8, 0x0, 0x4, 0x0, 0x6}], 0x2)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xae0000)=nil, 0xae0000, 0x3, 0x4d031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ae4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ae5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000ae5000)={0xd, 0x1, 0x9, 0x0})
mmap(&(0x7f0000ae4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f00005a9000-0x4)=0x6)
mmap(&(0x7f0000ae6000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_LAPIC(r4, 0x8400ae8e, &(0x7f0000ae7000-0x400)={"6ea95418ea20c9036d340112f3fdda9b09e0e1628855c73fbbf1eac5406861ce1c3a98b20b42a4712628601a1a2cc6fbbc9787feaf055a03d9e309c76c8f0888e26021a8230b953f44721a6fb5dc6a090748756b39feb23c06d849b117f001b2b8df7782f4cc59b77c3cbe45654ddb3bc8cc971c1eef53ad359d3dec271012124196581da46c119c611f3f5a70c68453961fc0c7bb7cfc967c8c0265f80855a3c9c97a9b9c6755c31ca71bc7db60170d2d705a67a89a86866ec2243cda15eb742abf13114d8466f7eb6198b3b6c0b81cb31163face4df72b3542b84a9ed9487753df5bab25677d3f12bc33bea96f9fb8ddfd25db309f9cceaea7ca8e52957a4e983d836d5ccb2d618cc590c4b922894d1c87a1722f2248695b2fe80d4f5a887dc522d044cdc996e2ecfce5d7f1c6d391bb4e4ed053a06efb5bd90b8c218534ce6c9b1773bb5e1aa6e2de129882ae34068af00bc1b0965538c30ad5b9958349127e211d128a2bb46141fe6fe345fb49fad924c509ded381c88d874238bd5286fa188a55e9d04c9603b5509d11da160996df40e378a3b6dbdeeef51dc108434cead2a97e6bd3680d6323e1432c74c97ed796d659acb9b183ae6e85e6e5757e5925d63b9b06bf6d1a40743b8dcb6629220bac232f8c32ab107ad27870d480eb6d0ebfcc9747da4db6cfa4e95214c3a9ff378d6487c0594e06d30cf9a44985d9b3b1109a1a9c5244842f0aad3b5cc4cbc36d45092595714c6fa80a0ea56b1bba2d9966164505bc5ec0775875f74f24e0433fabda925763e79db0bd5ca2c1f28ef32ada3c99ccd40f8644c82c7ebd3e196c832f252fb86e36bf29eb6e70387645afa3afde08f6e27a99c36dc41dc8b76f1f52f25f83a567526b70522bc3b04ba6ca663471d7d14b8244a7f0eda15d64844e4292a08804ef2b4f70e7bf1709a1e29febf700e9078338f620510964d29e724c53324815b76985a5133b6d935b1d767b36b70e584d781268ffea2cca4c3351ba21f16d58baf6131b50deb127b4db783b64a10541d3f94348729a11d2e09b053f042d7f9453c3d6e3325ba74e4b1c184cc80007002328af12227a28c07fa99ce7e1216b02c236d9cbf3f22fea1671af3fed2d591b7319d7445a09a2c25b2cd4d6e0abca101352b38af6ba11c095286d58971f0785b8bfe027b06df11a4c319247d127ff18ca6b70de34eb92bad052b96804c1b2938b839b984bee7c322a5a0093cc2a515138182be4f4f356d16c2340ece575c3a4516ffd35576d3803b4761f3886b583412b71b97da081fb7ac3e29953baddaa1343630ad2324ef9579ab8d6e82adc02c19a9dd970b92b26c2f956e785ca75505b9fe31ee6e611ab51d8566770545b7d173621f9daf5872d64889eb94cd2ab475729068c17d0a17cc301cbe40f1aa5857de48ad5223767b7d2db23e7ef12"})
ioctl$KVM_GET_XSAVE(r3, 0x9000aea4, &(0x7f00003c2000-0x400)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
[   50.231780] CS:   sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000
2017/08/11 22:10:43 executing program 3:
mmap(&(0x7f0000000000/0xafa000)=nil, 0xafa000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text64={0x40, &(0x7f000099d000-0x64)="b6c3f8e788595dc51ba31779d22e2453ab6fe204d8cb17bc3c4ab8e3e0483b9931418b5c1612cb68cb1f08acd613883205213823efd610026d3b892f9ecf43c837882ddb41cb3a22a62644cc9081d865b5c7d6d371bfbc1b7da5ab28911fcb5667d0b08b", 0x64}], 0x1, 0x41, &(0x7f0000aeb000+0x7dc)=[@vmwrite={0x8, 0x0, 0x34c, 0x0, 0x3, 0x0, 0x7f800000000, 0x0, 0x8}, @flags={0x3, 0x80800}], 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00006b4000)=@ioapic={0x2, 0x0, 0x0, 0x4, 0x0, [{0x3, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0xe2, 0x5, 0x0, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x6, 0x0, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x1, 0x4, 0x3, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x5d9a, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x5, 0x2, 0x7f, [0x0, 0x0, 0x0, 0x0], 0x40}, {0x9, 0x3f, 0x1, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x9, 0x1, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x0, 0x9, 0x5, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x100000000, 0x6, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x80000000, 0x10001, 0x8, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x7fffffff, 0x9, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xfffffffffffffffc, 0x1, 0xffffffffffffffe1, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x3, 0x6, 0xe945, [0x0, 0x0, 0x0, 0x0], 0xfff}, {0xfffffffffffff135, 0x6, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x8001}, {0x5bd, 0x3f, 0x7ff, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x400, 0x4, 0x9, [0x0, 0x0, 0x0, 0x0], 0x5d1f}, {0x100, 0x7f, 0xfffffffffffff801, [0x0, 0x0, 0x0, 0x0], 0x8}, {0x5, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1e71}, {0x3, 0x6, 0x6, [0x0, 0x0, 0x0, 0x0], 0x5}]})
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000326000)={0x3f, 0x1})
2017/08/11 22:10:43 executing program 6:
mmap(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000000f000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000000f000-0x6)="2f6465762f6b766d00", 0x0, 0x0)
mremap(&(0x7f000000f000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000000a000/0x3000)=nil)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000010000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_DEASSIGN_DEV_IRQ(r1, 0x4040ae75, &(0x7f0000010000)={0xfff, 0x0, 0x11da, 0x100})
ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f000000f000-0x9)="")
mmap(&(0x7f000000f000/0x1000)=nil, 0x1000, 0x0, 0x32, r0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f000000f000-0x6)="2f6465762f6b766d00", 0x240000, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f000000f000)={0x3, <r2=>r0, 0x0})
mmap(&(0x7f0000010000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_DIRTY_TLB(r2, 0x4010aeaa, &(0x7f0000010000)={0x7fff, 0x7})
2017/08/11 22:10:43 executing program 0:
mmap(&(0x7f0000000000/0xaec000)=nil, 0xaec000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000ae6000-0x40)={0x80000000007fe, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000039000-0x10)={0x954, 0x8, 0xfffffffc, 0x1563a85c6c8d69ab})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000763000-0xc)={0x4, <r2=>r1, 0x0})
ioctl$KVM_SET_XSAVE(r2, 0x5000aea5, &(0x7f000097d000)={"445ffdfba3b72807f31915a26b87bfe562ed61a16dad2279b3372ac568f04f90ea3228e447ad26c4e29c27238f299e5b0303df9e1b1c26b972b4ffd29ce9622954e6e6595f8fb890a33169c032503238d78754d7602f496ef468fc7e2de880b83ed7edf68ea62acf334d76a6530f3d9b33853fb8a3b798963c2d6ab408e61b92a87116a58376f558f14dd58a08d39a54c86c92f0b6bf24a703d67a8525b5b5bf8f6fb0b66b7c673c815a2f749ed706c5ef9967f8ab96a26635b560264784b4302ba2adba6aaa8ddd28ee35fb7c9883c5a06e5f7db9d717695eaf38753a34f6f68ca1b1ef6a3e6f7159866e6b4136a52742df8074f5e4f978aa49a076d5e54c3f11f6be238d4f10fd8e0f18432dd3398122cda2de9a0af4df24fbf4832f50216bc3d8c19b4dd50532ccc75efb5fe66b22ea95f30cfdddca255b8da52bc404a6ee126a38b31eed819e9ee1128597ed2a3c9937002b9883bd430fc6b70f4b67f841df804c05833fe9437226268d4b5922b6fa92a006653b571518aafa2ca45e98baba4865aefd740c6e58f57fd92912d313351607d86622672a0349dd38263d01f6d1bf0da6657f9b5f905c6293cfa048a4b78232e078fde5774d68afd396a39bb8cc4937ad047f9aae9f3f1e549444a511787b40f917ea39bc7bbbadc97b9cb653723cba2719450a463601376289cbc4437390bf2ab13b0ce0c0540673ee38e7225eb38cd238d64e5260c4689031d125d628b07b0f028d774fdf9c90d883b00ba81220bbb9d9b5fd747cbb5d085558280fce2faad50cc00f77ef4172991dd82e175b58866f9560435f19b244d4bd85a4f19e1ca5c7b8c6baaa9edc9db9629b7d6f9b9633a3e2c18ab15d246822960a4c5b2f4021b9b3a5b99c7b9cec8f7d9be90ce92277e7b48b003ab140ce8a5542ba9cbd9ae681ca242d7e2257c81cc28c3b28f91c7067671fb30a5b6c090f895876d87e25966ed5aeee90c78cda907c4f58867ba479c186a3cd19c5c40f03e3d43ecf3e0b02db659d15d6dc0af4263aafd64d838f20c3700c432a0a5045b69c16f07ec0042d70e73eed0d1db1865c183f8b54b223462ba619778d3bf0c9a54bf4fdd7bbc5ac3868db3d8307c1eab014e6025178d56be6ba8f6aa03d15970c710676ab17719e7490f11e5b23b431973d4b4eb4b17f1f15147b3268fd5eadb4d0c2ff71f7dccc7c548ed9eda8ba281ab909c4b6e85c3f3316c9c448b9b720cb8c9c1ca03d3e75cdaed7a1afad51a79872b7761034f1dc6f8fb9d88664d9974c75e9bed4a1dc2f74c57eb15bc8576b928efc30cc06f64d056f4cc2cc6034dd6009edc8d45ffa4708ea2563c2d0127c5476819a5659cb2b1aaebff260b6ee1a26e99e0653191cabdefcdeb9e5c3c0f0b3617c8ef917a4baff4f710b6dcb5ce31d380ec30c648a6787e6d7374673e8896cf39e0dc1"})
ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f0000ae7000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000ae8000)={0xfffffffffffffffe, 0xffffffffffffffff})
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f000030d000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f000028e000)={0x0, 0x1, 0x5, &(0x7f00006ea000)=0x0})
ioctl$KVM_XEN_HVM_CONFIG(r2, 0x4038ae7a, &(0x7f00000e8000)={0x400, 0x0, &(0x7f0000a26000)="4cb9db57fe359dcd85e16208f68c5ca7a2d34624fe20c9e841a17462fcd1cc4c2c5ecbb59fc1e313b4e05223352370cba366c8effd7dec9b86587940b5218954be1b5debcf1d69bd88ca2401957f4dc460638ebd79bb5b640a4c519081bc0ba9b196b689e5e179df14cbb5330e9ec9b5d77f741005f441cb2ef3b116a84d623060", &(0x7f00000ec000-0x56)="fd7135cd6431b3957bdda16fac3bf38eb69e128afed7b5b6ca64bee3bd1d39f1ebfa5eab1c2a64646f366498444c97b8ee1b4c790f225db3341d0573a99f0d94920ecd3ec2e7a962720c5bb1f757bdb009c43497580b", 0x81, 0x56, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r2, 0x4010aeab, &(0x7f0000ae9000)={0xffffffff, 0x0})
ioctl$KVM_DIRTY_TLB(r3, 0x4010aeaa, &(0x7f0000ae8000)={0x7fffffff, 0x800})
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000aec000)={0x10002, 0x0, &(0x7f0000358000/0x1000)=nil})
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mbind(&(0x7f00004a5000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000aed000-0x8)=0x80000000, 0x5, 0x2)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000134000)=@ioapic={0x2, 0x5, 0x7f, 0x4, 0x0, [{0x6, 0x9, 0x2, [0x0, 0x0, 0x0, 0x0], 0xa1}, {0x4, 0x80000000, 0x40, [0x0, 0x0, 0x0, 0x0], 0x800}, {0x400000000000000, 0x1, 0x4, [0x0, 0x0, 0x0, 0x0], 0x6}, {0xfffffffffffffff9, 0x100000000, 0x8, [0x0, 0x0, 0x0, 0x0], 0x80000000}, {0x8, 0x1f, 0x4, [0x0, 0x0, 0x0, 0x0], 0x4cabdc08}, {0x9, 0x400, 0xfffffffffffffc01, [0x0, 0x0, 0x0, 0x0], 0x401}, {0xfff, 0x7a7, 0x0, [0x0, 0x0, 0x0, 0x0], 0xeb2}, {0x3ff, 0x446, 0x1000000000000008, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x100000001, 0x4, 0xb89a, [0x0, 0x0, 0x0, 0x0], 0x80000000000000}, {0x6, 0x9, 0x6, [0x0, 0x0, 0x0, 0x0], 0xffff}, {0x80, 0x5, 0x10001, [0x0, 0x0, 0x0, 0x0], 0x67}, {0x40, 0x7, 0x400, [0x0, 0x0, 0x0, 0x0], 0x5c}, {0xab, 0x0, 0x1f, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x6, 0x4, 0x80000000, [0x0, 0x0, 0x0, 0x0], 0x80}, {0x7fffffff, 0xfffffffffffffffc, 0x9, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x401, 0x3, 0x4, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x12, 0x1, 0x3, [0x0, 0x0, 0x0, 0x0], 0x1}, {0x2, 0x4, 0x9b, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x24, 0x4, 0x40, [0x0, 0x0, 0x0, 0x0], 0xffffffffffffffff}, {0x8, 0x8, 0x80, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x80, 0x9, 0x3, [0x0, 0x0, 0x0, 0x0], 0x243}, {0x104, 0x6, 0x4, [0x0, 0x0, 0x0, 0x0], 0x19}, {0x3f, 0x0, 0x48e, [0x0, 0x0, 0x0, 0x0], 0x80000000}, {0xb6, 0x2, 0x8e, [0x0, 0x0, 0x0, 0x0], 0x4}]})
2017/08/11 22:10:43 executing program 5:
mmap(&(0x7f0000000000/0xc5c000)=nil, 0xc5c000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text64={0x40, &(0x7f0000612000)="66ba2100b006ee660f3882404ff2460fe643e7490fc7993ca200003e646565360f6b9a1080000064f2490f2d73eb66b88e008ee0b994030000b8fdffffffbaff7f00000f30c402edb650c54e12ac7b9d1a0000", 0x53}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000c5a000-0xc)={0x3, 0xffffffffffffffff, 0x1})
[   50.231790] DS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   50.231800] SS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   50.231809] ES:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
2017/08/11 22:10:43 executing program 6:
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffff9c, 0xae41, 0x2)
mmap(&(0x7f00000b4000/0x3000)=nil, 0x3000, 0x200002, 0x35, r0, 0x1)
mmap(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x3, 0x8972, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe000, 0x0, &(0x7f0000b18000/0xe000)=nil)
mmap(&(0x7f0000b1a000/0x3000)=nil, 0x3000, 0x3, 0x10010, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000b1a000)={0x5, 0x6000})
mmap(&(0x7f0000ae0000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ae0000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000)="2f6465762f6b766d00", 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f00008f9000-0x70)={[{0xfffffffffffffff8, 0x2b2, 0x3, 0x9, 0xa00000, 0x10000, 0x8, 0x9, 0x95, 0x5, 0x3, 0x3, 0x7}, {0x800, 0x80000001, 0xf74f, 0xb5, 0x4ad, 0x8, 0x81, 0x2, 0x4, 0x1, 0x9, 0xffff, 0x80}, {0x2, 0x80000001, 0x6, 0x800000000, 0x5, 0x4, 0x7, 0x5, 0x5, 0xc65e, 0x8, 0xefa, 0x3}], 0x10000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x6e5)
syz_kvm_setup_cpu$x86(r2, r4, &(0x7f00004a3000/0x18000)=nil, &(0x7f0000777000)=[@text64={0x40, &(0x7f0000ae1000-0x64)="ccbc354571d0c4e2f9b7b2867dc286dbb1cdfb335216eb5c1d3040394a381d7833fdaf218e9a220295084ba09751326d3cdd944cf0e3cb2c33bc59b60301e86d30787c52b3acc959a2df10c9147278779a3b0f5242384b40baabcf1e1a7d1c76515f6055c8f13bca42", 0x69}], 0x1, 0x0, &(0x7f0000ae0000)=[], 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_CPUID2(r3, 0xc008ae91, &(0x7f0000000000)={0x8, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}]})
mmap(&(0x7f0000ae0000/0x1000)=nil, 0x1000, 0xc, 0x200000000000032, 0xffffffffffffffff, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000663000)={0x0, 0x0, &(0x7f0000814000/0x4000)=nil})
mmap(&(0x7f0000b20000/0x3000)=nil, 0x3000, 0x2, 0x33, r2, 0x0)
ioctl$KVM_GET_REG_LIST(r5, 0xc008aeb0, &(0x7f0000ae1000)={0x3, [0x1, 0xfffffffffffffffe, 0x10001]})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000ae1000-0x20)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000adb000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r2, r5, &(0x7f00009cb000/0x18000)=nil, &(0x7f0000ae1000)=[@text32={0x20, &(0x7f000039c000)="c4e27d34e766b81e000f00d0c4e2d9dd9ec84332be66b838010f00d0c4c2099c611b0f01d1b96f0800000f3209ebb95c0a00000f32c4e1f1f3d5", 0x3a}], 0x1, 0x4, &(0x7f0000ae2000)=[@flags={0x3, 0x2200}, @cr4={0x1, 0x200}], 0x2)
mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_DEBUGREGS(r0, 0x8080aea1, &(0x7f0000003000-0x80)={[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
2017/08/11 22:10:43 executing program 7:
mmap(&(0x7f0000000000/0xaec000)=nil, 0xaec000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000ae6000-0x40)={0x80000000007fe, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000039000-0x10)={0x954, 0x8, 0xfffffffc, 0x1563a85c6c8d69ab})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000763000-0xc)={0x4, <r2=>r1, 0x0})
ioctl$KVM_SET_XSAVE(r2, 0x5000aea5, &(0x7f0000ae7000)={"445ffdfba3b72807f31915a26b87bfe562ed61a16dad2279b3372ac568f04f90ea3228e447ad26c4e29c27238f299e5b0303df9e1b1c26b972b4ffd29ce9622954e6e6595f8fb890a33169c032503238d78754d7602f496ef468fc7e2de880b83ed7edf68ea62acf334d76a6530f3d9b33853fb8a3b798963c2d6ab408e61b92a87116a58376f558f14dd58a08d39a54c86c92f0b6bf24a703d67a8525b5b5bf8f6fb0b66b7c673c815a2f749ed706c5ef9967f8ab96a26635b560264784b4302ba2adba6aaa8ddd28ee35fb7c9883c5a06e5f7db9d717695eaf38753a34f6f68ca1b1ef6a3e6f7159866e6b4136a52742df8074f5e4f978aa49a076d5e54c3f11f6be238d4f10fd8e0f18432dd3398122cda2de9a0af4df24fbf4832f50216bc3d8c19b4dd50532ccc75efb5fe66b22ea95f30cfdddca255b8da52bc404a6ee126a38b31eed819e9ee1128597ed2a3c9937002b9883bd430fc6b70f4b67f841df804c05833fe9437226268d4b5922b6fa92a006653b571518aafa2ca45e98baba4865aefd740c6e58f57fd92912d313351607d86622672a0349dd38263d01f6d1bf0da6657f9b5f905c6293cfa048a4b78232e078fde5774d68afd396a39bb8cc4937ad047f9aae9f3f1e549444a511787b40f917ea39bc7bbbadc97b9cb653723cba2719450a463601376289cbc4437390bf2ab13b0ce0c0540673ee38e7225eb38cd238d64e5260c4689031d125d628b07b0f028d774fdf9c90d883b00ba81220bbb9d9b5fd747cbb5d085558280fce2faad50cc00f77ef4172991dd82e175b58866f9560435f19b244d4bd85a4f19e1ca5c7b8c6baaa9edc9db9629b7d6f9b9633a3e2c18ab15d246822960a4c5b2f4021b9b3a5b99c7b9cec8f7d9be90ce92277e7b48b003ab140ce8a5542ba9cbd9ae681ca242d7e2257c81cc28c3b28f91c7067671fb30a5b6c090f895876d87e25966ed5aeee90c78cda907c4f58867ba479c186a3cd19c5c40f03e3d43ecf3e0b02db659d15d6dc0af4263aafd64d838f20c3700c432a0a5045b69c16f07ec0042d70e73eed0d1db1865c183f8b54b223462ba619778d3bf0c9a54bf4fdd7bbc5ac3868db3d8307c1eab014e6025178d56be6ba8f6aa03d15970c710676ab17719e7490f11e5b23b431973d4b4eb4b17f1f15147b3268fd5eadb4d0c2ff71f7dccc7c548ed9eda8ba281ab909c4b6e85c3f3316c9c448b9b720cb8c9c1ca03d3e75cdaed7a1afad51a79872b7761034f1dc6f8fb9d88664d9974c75e9bed4a1dc2f74c57eb15bc8576b928efc30cc06f64d056f4cc2cc6034dd6009edc8d45ffa4708ea2563c2d0127c5476819a5659cb2b1aaebff260b6ee1a26e99e0653191cabdefcdeb9e5c3c0f0b3617c8ef917a4baff4f710b6dcb5ce31d380ec30c648a6787e6d7374673e8896cf39e0dc1"})
ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f0000ae7000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000ae8000)={0xfffffffffffffffe, 0xffffffffffffffff})
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f000030d000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f000028e000)={0x0, 0x1, 0x5, &(0x7f00006ea000)=0x0})
ioctl$KVM_XEN_HVM_CONFIG(r2, 0x4038ae7a, &(0x7f00000e8000)={0x400, 0x0, &(0x7f0000a26000)="4cb9db57fe359dcd85e16208f68c5ca7a2d34624fe20c9e841a17462fcd1cc4c2c5ecbb59fc1e313b4e05223352370cba366c8effd7dec9b86587940b5218954be1b5debcf1d69bd88ca2401957f4dc460638ebd79bb5b640a4c519081bc0ba9b196b689e5e179df14cbb5330e9ec9b5d77f741005f441cb2ef3b116a84d623060", &(0x7f00000ec000-0x56)="fd7135cd6431b3957bdda16fac3bf38eb69e128afed7b5b6ca64bee3bd1d39f1ebfa5eab1c2a64646f366498444c97b8ee1b4c790f225db3341d0573a99f0d94920ecd3ec2e7a962720c5bb1f757bdb009c43497580b", 0x81, 0x56, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r2, 0x4010aeab, &(0x7f0000ae9000)={0xffffffff, 0x0})
ioctl$KVM_DIRTY_TLB(r3, 0x4010aeaa, &(0x7f0000ae8000)={0x7fffffff, 0x800})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000134000)=@ioapic={0x2, 0x5, 0x7f, 0x4, 0x0, [{0x5, 0x9, 0x2, [0x0, 0x0, 0x0, 0x0], 0xa1}, {0x4, 0x80000000, 0x40, [0x0, 0x0, 0x0, 0x0], 0x800}, {0x400000000000000, 0x1, 0x4, [0x0, 0x0, 0x0, 0x0], 0x6}, {0xfffffffffffffff9, 0x100000000, 0x8, [0x0, 0x0, 0x0, 0x0], 0x80000000}, {0x8, 0x1f, 0x4, [0x0, 0x0, 0x0, 0x0], 0x4cabdc08}, {0x9, 0x400, 0xfffffffffffffc01, [0x0, 0x0, 0x0, 0x0], 0x401}, {0xfff, 0x7a7, 0x0, [0x0, 0x0, 0x0, 0x0], 0xeb2}, {0x3ff, 0x446, 0x8, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x100000001, 0x4, 0xb89a, [0x0, 0x0, 0x0, 0x0], 0x80000000000000}, {0x6, 0x9, 0x6, [0x0, 0x0, 0x0, 0x0], 0xffff}, {0x80, 0x5, 0x10001, [0x0, 0x0, 0x0, 0x0], 0x67}, {0x40, 0x7, 0x400, [0x0, 0x0, 0x0, 0x0], 0x5c}, {0xab, 0x0, 0x1f, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x6, 0x4, 0x80000000, [0x0, 0x0, 0x0, 0x0], 0x80}, {0x7fffffff, 0xfffffffffffffffc, 0x9, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x401, 0x3, 0x4, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x12, 0x1, 0x3, [0x0, 0x0, 0x0, 0x0], 0x1}, {0x2, 0x4, 0x9b, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x20, 0x4, 0x40, [0x0, 0x0, 0x0, 0x0], 0x2}, {0x8, 0x8, 0x80, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x80, 0x9, 0x3, [0x0, 0x0, 0x0, 0x0], 0x243}, {0x4, 0x6, 0x4, [0x0, 0x0, 0x0, 0x0], 0x19}, {0x3f, 0x0, 0x48e, [0x0, 0x0, 0x0, 0x0], 0x80000000}, {0xb6, 0x2, 0x8e, [0x0, 0x0, 0x0, 0x0], 0x6}]})
2017/08/11 22:10:43 executing program 2:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x4)
mmap(&(0x7f0000000000/0xae3000)=nil, 0xae3000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap(&(0x7f0000ae3000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_GET_IRQCHIP(r2, 0xc208ae62, &(0x7f000098d000-0xd8)=@pic={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap(&(0x7f0000ae4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x4)
mmap(&(0x7f000083d000/0x2000)=nil, 0x2000, 0x3, 0x100000000032, r0, 0x0)
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f000000a000-0x8)={0x40006, 0x7ff})
syz_kvm_setup_cpu$x86(r2, r4, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@textreal={0x8, &(0x7f0000ae4000)="3e0f001b66b9800000c00f326635010000000f30d88a45000f32b800018ec80f23b9360ff9c3662664f2addd8f0900f30f5805", 0x33}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @vmwrite={0x8, 0x0, 0x0, 0x0, 0x8, 0x0, 0x4, 0x0, 0x6}], 0x2)
mmap(&(0x7f0000000000/0xae0000)=nil, 0xae0000, 0x3, 0x4d031, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_XSAVE(r4, 0x9000aea4, &(0x7f0000ae6000-0x400)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"})
mmap(&(0x7f0000ae5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_PPC_GET_PVINFO(r3, 0x4080aea1, &(0x7f0000ae5000)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xf72000)=nil, 0xf72000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000f72000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
[   50.231818] FS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
2017/08/11 22:10:43 executing program 0:
mmap(&(0x7f0000000000/0xaef000)=nil, 0xaef000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f000038c000)={0x7, <r0=>0xffffffffffffffff, 0x1})
ioctl$KVM_DEASSIGN_PCI_DEVICE(r0, 0x4040ae72, &(0x7f0000001000-0x14)={0x3d, 0xfff, 0x80, 0x3, 0x9})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r0, 0x4010aeab, &(0x7f0000aef000-0x10)={0x8000, 0xf000})
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="36dc8044b9000066b84710000000d0ba000000000f3052c76dfef3ab66b86f000f99d520e0e0e02ec1e80566b8c4000f00d035001000000d30ef66bafc0cc966e955e955266767f2a50f20d835080000000f22d8650f070f01b102000000", 0x5e}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0)
ioctl$KVM_SET_NR_MMU_PAGES(r0, 0xae44, 0x1f)
ioctl$KVM_GET_ONE_REG(r0, 0x4010aeab, &(0x7f00001bc000-0x10)={0x8, 0x2})
ioctl$KVM_DEASSIGN_PCI_DEVICE(r2, 0x4040ae72, &(0x7f0000aef000-0x14)={0xffffffff00000001, 0x4, 0x5, 0x1, 0xd678})
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0xffffffffffff8001})
ioctl$KVM_S390_VCPU_FAULT(r3, 0x4008ae52, &(0x7f000033b000-0x8)=0xb4)
ioctl$KVM_DEASSIGN_DEV_IRQ(r0, 0x4040ae75, &(0x7f0000aee000)={0x8, 0x3, 0x6, 0x1})
ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f00000ab000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0bcfc300bc75ce5da3001ccb1007655a4f7410ae2abb351756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac4b348ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f7942061ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269bd87224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77c75cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3528baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624e76bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"})
2017/08/11 22:10:43 executing program 5:
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f000038c000)={0x7, <r0=>0xffffffffffffffff, 0x1})
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_DEASSIGN_PCI_DEVICE(r0, 0x4040ae72, &(0x7f0000001000-0x14)={0x3d, 0xfff, 0x80, 0x3, 0x9})
mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r0, 0x4010aeab, &(0x7f0000aef000-0x10)={0x8000, 0xf000})
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="36dc8044b9000066b84710000000d0ba000000000f3052c76dfef3ab66b86f000f99d520e0e0e02ec1e80566b8c4000f00d035001000000d30ef66bafc0cc966e955e955266767f2a50f20d835080000000f22d8650f070f01b102000000", 0x5e}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0)
ioctl$KVM_SET_NR_MMU_PAGES(r0, 0xae44, 0x1f)
ioctl$KVM_GET_ONE_REG(r0, 0x4010aeab, &(0x7f00001bc000-0x10)={0x8, 0x2})
mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_DEASSIGN_PCI_DEVICE(r2, 0x4040ae72, &(0x7f0000aef000-0x14)={0xffffffff00000001, 0x4, 0x5, 0x1, 0xd678})
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0xffffffffffff8001})
ioctl$KVM_S390_VCPU_FAULT(r3, 0x4008ae52, &(0x7f000033b000-0x8)=0xb4)
mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_DEASSIGN_DEV_IRQ(r0, 0x4040ae75, &(0x7f0000aee000)={0x8, 0x3, 0x6, 0x1})
mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_CLOCK(r2, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f00000ab000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0bcfc300bc75ce5da3001ccb1007655a4f7410ae2abb351756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac4b348ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f7942061ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269bd87224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77c75cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3528baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624e76bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
2017/08/11 22:10:43 executing program 4:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x3)
mmap(&(0x7f0000000000/0xae3000)=nil, 0xae3000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap(&(0x7f000009a000/0x2000)=nil, 0x2000, 0x2, 0x32, 0xffffffffffffffff, 0x0)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_GET_IRQCHIP(r3, 0xc208ae62, &(0x7f000098d000-0xd8)=@pic={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mmap(&(0x7f0000ae3000/0x1000)=nil, 0x1000, 0x8, 0x32, 0xffffffffffffffff, 0x0)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000ae4000-0x20)={0x10001, 0x0, 0x6ffd, 0x2000, &(0x7f0000055000/0x2000)=nil})
mmap(&(0x7f0000ae4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000ae4000)={0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x4)
mmap(&(0x7f000083d000/0x2000)=nil, 0x2000, 0x3, 0x100000000032, r0, 0x0)
ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, &(0x7f000000a000-0x8)={0x40006, 0x7ff})
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@textreal={0x8, &(0x7f0000ae4000)="3e0f001b66b9800000c00f326635010000000f30d88a45000f32b800018ec80f23b9360ff9c3662664f2addd8f0900f30f5805", 0x33}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @vmwrite={0x8, 0x0, 0x0, 0x0, 0x8, 0x0, 0x4, 0x0, 0x6}], 0x2)
mmap(&(0x7f0000000000/0xae0000)=nil, 0xae0000, 0x3, 0x4d031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000000c000/0x4000)=nil, 0x4000, 0x1000000000002, 0x8010, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ae5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_PPC_GET_PVINFO(r4, 0x4080aea1, &(0x7f0000ae5000)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
ioctl$KVM_GET_PIT2(r2, 0x8070ae9f, &(0x7f00002f1000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, &(0x7f00001cc000)={0x0, 0x2})
mmap(&(0x7f0000000000/0xf72000)=nil, 0xf72000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000f72000/0x1000)=nil, 0x1000, 0x3, 0x32, r3, 0x0)
mbind(&(0x7f0000000000/0x9000)=nil, 0x9000, 0x20000000000003, &(0x7f0000f72000)=0xc0000000, 0x6, 0x3)
mmap(&(0x7f0000f73000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_CLOCK(r3, 0x8030ae7c, &(0x7f0000f73000)={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
[   50.231829] GS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   50.231836] GDTR:                           limit=0x000007ff, base=0x0000000000001000
[   50.231850] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
[   50.231881] IDTR:                           limit=0x000001ff, base=0x0000000000003800
[   50.231891] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[   50.231897] EFER =     0x0000000000000001  PAT = 0x0007040600070406
[   50.231903] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   50.231909] Interruptibility = 00000000  ActivityState = 00000000
[   50.231912] *** Host State ***
[   50.231919] RIP = 0xffffffff811b6777  RSP = 0xffff8801cc9f74c8
[   50.231932] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   50.231939] FSBase=00007f825f2c4700 GSBase=ffff8801dc100000 TRBase=ffff8801dc122cc0
[   50.231946] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000
[   50.231955] CR0=0000000080050033 CR3=00000001cc67e000 CR4=00000000001426e0
[   50.231963] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   50.231969] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   50.231972] *** Control State ***
[   50.231977] PinBased=0000003f CPUBased=b699edfa SecondaryExec=0000004a
[   50.231982] EntryControls=0000d1ff ExitControls=0023efff
[   50.231990] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[   50.231995] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   50.232000] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[   50.232063]         reason=80000021 qualification=0000000000000000
[   50.232067] IDTVectoring: info=00000000 errcode=00000000
[   50.232071] TSC Offset = 0xffffffe37bb826ab
[   50.232077] EPT pointer = 0x00000001cbb0a01e
[   50.331128] *** Guest State ***
[   50.331137] CR0: actual=0x0000000080000031, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[   50.331144] CR4: actual=0x0000000000002051, shadow=0x0000000000000000, gh_mask=fffffffffffff871
[   50.331148] CR3 = 0x00000000fffbc000
[   50.331154] RSP = 0x0000000000000f7a  RIP = 0x0000000000000000
[   50.331160] RFLAGS=0x00227402         DR7 = 0x0000000000000400
[   50.331169] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[   50.331177] CS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   50.331187] DS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   50.331197] SS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   50.331207] ES:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   50.331217] FS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   50.331227] GS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   50.331235] GDTR:                           limit=0x000007ff, base=0x0000000000001000
[   50.331249] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
[   50.331295] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   50.331305] TR:   sel=0x0000, attr=0x0008b, limit=0x00002088, base=0x0000000000000000
[   50.331314] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[   50.331339] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   50.331344] Interruptibility = 00000000  ActivityState = 00000000
[   50.331347] *** Host State ***
[   50.331354] RIP = 0xffffffff811b6777  RSP = 0xffff8801cb47f4c8
[   50.331367] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   50.331374] FSBase=00007f376c0a7700 GSBase=ffff8801dc100000 TRBase=ffff8801dc122cc0
[   50.331381] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000
[   50.331397] CR0=0000000080050033 CR3=00000001ce3af000 CR4=00000000001426e0
[   50.331406] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   50.331413] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   50.331415] *** Control State ***
[   50.331421] PinBased=0000003f CPUBased=b6a1edfe SecondaryExec=0000004b
[   50.331425] EntryControls=0000d1ff ExitControls=0023efff
[   50.331433] ExceptionBitmap=ffffbfff PFECmask=00000000 PFECmatch=00000000
[   50.331438] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   50.331443] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[   50.331448]         reason=80000021 qualification=0000000000000000
[   50.331452] IDTVectoring: info=00000000 errcode=00000000
[   50.331456] TSC Offset = 0xffffffe36c3634b3
[   50.331459] TPR Threshold = 0x00
[   50.331464] EPT pointer = 0x00000001caefc01e
[   50.484923] kvm pmu: pin control bit is ignored
[   50.485121] kvm_pmu: event creation failed -2
[   50.524955] APIC base relocation is unsupported by KVM
[   50.799802] *** Guest State ***
[   50.799811] CR0: actual=0x0000000080000031, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[   50.799818] CR4: actual=0x0000000000002051, shadow=0x0000000000000000, gh_mask=fffffffffffff871
[   50.799822] CR3 = 0x00000000fffbc000
[   50.799827] RSP = 0x000000000000fffa  RIP = 0x0000000000000000
[   50.799832] RFLAGS=0x00033000         DR7 = 0x0000000000000400
[   50.799841] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[   50.799849] CS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   50.799859] DS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   50.799870] SS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   50.799879] ES:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   50.799889] FS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   50.799903] GS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   50.799933] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   50.799944] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[   50.799952] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   50.799964] TR:   sel=0x0000, attr=0x0008b, limit=0x00002088, base=0x0000000000000000
[   50.799971] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[   50.799978] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   50.799984] Interruptibility = 00000000  ActivityState = 00000000
[   50.799987] *** Host State ***
[   50.799994] RIP = 0xffffffff811b6777  RSP = 0xffff8801c73bf4c8
[   50.800036] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   50.800045] FSBase=00007f61ee55c700 GSBase=ffff8801dc100000 TRBase=ffff8801dc122cc0
[   50.800053] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000
[   50.800062] CR0=0000000080050033 CR3=00000001c834c000 CR4=00000000001426e0
[   50.800071] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   50.800079] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   50.800082] *** Control State ***
[   50.800089] PinBased=0000003f CPUBased=b699edfa SecondaryExec=0000004a
[   50.800094] EntryControls=0000d1ff ExitControls=0023efff
[   50.800103] ExceptionBitmap=ffffbfff PFECmask=00000000 PFECmatch=00000000
[   50.800108] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   50.800113] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[   50.800118]         reason=80000021 qualification=0000000000000000
[   50.800122] IDTVectoring: info=00000000 errcode=00000000
[   50.800126] TSC Offset = 0xffffffe32b2f81a6
[   50.800132] EPT pointer = 0x00000001c7ff301e
[   50.864141] kvm [3206]: vcpu0, guest rIP: 0x9114 disabled perfctr wrmsr: 0x187 data 0x66c9000000001043
[   50.864230] kvm [3206]: vcpu0, guest rIP: 0x9114 disabled perfctr wrmsr: 0x186 data 0x66c9000000001043
[   50.896932] kvm [3206]: vcpu0, guest rIP: 0x9114 ignored wrmsr: 0x11e data 0x66c9000000001043
[   50.938618] kvm [3206]: vcpu0, guest rIP: 0x9114 disabled perfctr wrmsr: 0x187 data 0x66c9000000001043
[   50.938684] kvm [3206]: vcpu0, guest rIP: 0x9114 disabled perfctr wrmsr: 0x186 data 0x66c9000000001043
[   51.633658] RFLAGS=0x00033000         DR7 = 0x0000000000000400
[   51.640107] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[   51.646789] CS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   51.654779] DS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   51.662756] SS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   51.670735] ES:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   51.678711] FS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   51.686693] GS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   51.694665] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   51.702643] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[   51.710613] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   51.718593] TR:   sel=0x0000, attr=0x0008b, limit=0x00002088, base=0x0000000000000000
[   51.726567] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[   51.732979] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   51.740439] Interruptibility = 00000000  ActivityState = 00000000
[   51.746734] *** Host State ***
[   51.749958] RIP = 0xffffffff811b6777  RSP = 0xffff8801ccfcf4c8
[   51.755943] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   51.762622] FSBase=00007fa9f5890700 GSBase=ffff8801dc100000 TRBase=ffff8801dc122cc0
[   51.770422] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000
[   51.776315] CR0=0000000080050033 CR3=00000001ccdd5000 CR4=00000000001426e0
[   51.783338] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   51.790033] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   51.796094] *** Control State ***
[   51.799561] PinBased=0000003f CPUBased=b699edfa SecondaryExec=0000004a
[   51.806234] EntryControls=0000d1ff ExitControls=0023efff
[   51.811693] ExceptionBitmap=ffffbfff PFECmask=00000000 PFECmatch=00000000
[   51.818635] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   51.825305] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[   51.831888]         reason=80000021 qualification=0000000000000000
2017/08/11 22:10:44 executing program 6:
mmap(&(0x7f0000000000/0xc5b000)=nil, 0xc5b000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000aef000-0x4)=0x7)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
mmap(&(0x7f0000c5b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_X86_SET_MCE(r3, 0x4040ae9e, &(0x7f0000c5b000)={0x100000000000000, 0x7000, 0x1, 0x8, 0x18, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]})
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b86f000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e955266767f2a50f20d835080000000f22d8650f070f01b102000000", 0x5e}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000af0000-0x8)=0x5003)
ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00008cf000)={0x6, 0x0, [{0x6, 0x200, 0x7, 0x1000, 0x1d8, 0x0}, {0x80000007, 0xffff, 0x5, 0x4, 0x400, 0x0}, {0x80000000, 0x4, 0x1200000000000, 0x19e, 0x4, 0x0}, {0x40000000, 0x4d85, 0xffffffff, 0xffffffff, 0x7, 0x0}, {0x1, 0x6, 0xfffffffffffffff7, 0x16, 0x6, 0x0}, {0x80000008, 0x2000000000000000, 0x7f, 0x200, 0x7, 0x0}]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f00000ab000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000ab8000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0bcfc300bc75ce5da3001ccb1007655a4f7410ae2abb351756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac4b348ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f7942061ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269bd87224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77c75cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3528baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624e76bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
munmap(&(0x7f000064f000/0x3000)=nil, 0x3000)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = eventfd2(0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000c5a000-0xc)={0x3, <r6=>r4, 0x1})
ioctl$KVM_GET_XSAVE(r1, 0x9000aea4, &(0x7f0000560000-0x400)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"})
read$eventfd(r5, &(0x7f000043e000)=0x0, 0x8)
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000c5a000)=@ioapic={0x2, 0x10000, 0x200, 0x3caf5cbe, 0x0, [{0x1f, 0x63, 0x800, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x4, 0x1ff, 0xc67, [0x0, 0x0, 0x0, 0x0], 0x101}, {0x9, 0x9, 0x10000, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x10001, 0x3, 0x2, [0x0, 0x0, 0x0, 0x0], 0x4}, {0xfffffffffffffff9, 0x9, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1f}, {0x6, 0x100, 0x7, [0x0, 0x0, 0x0, 0x0], 0xc3d6}, {0x100, 0x7f, 0x2, [0x0, 0x0, 0x0, 0x0], 0x10000}, {0x200, 0x1, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1eebd052}, {0x800, 0x1, 0x9, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x401, 0x8, 0x101, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x20, 0x40, 0x7, [0x0, 0x0, 0x0, 0x0], 0x667114e8}, {0x6, 0x4, 0x7, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xa20, 0x1ff, 0x8, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x2, 0x8001, 0x7, [0x0, 0x0, 0x0, 0x0], 0x1000}, {0x4, 0x4, 0x100000000, [0x0, 0x0, 0x0, 0x0], 0x1c}, {0x4, 0xfffffffffffffff7, 0x5, [0x0, 0x0, 0x0, 0x0], 0xffffffff}, {0x6, 0x7, 0x7, [0x0, 0x0, 0x0, 0x0], 0x5}, {0x8, 0x9, 0x0, [0x0, 0x0, 0x0, 0x0], 0x94}, {0x7ff, 0x8000, 0xffffffff, [0x0, 0x0, 0x0, 0x0], 0xf3b}, {0x3, 0x8, 0xffffffff, [0x0, 0x0, 0x0, 0x0], 0x15}, {0x8, 0x1f, 0x1, [0x0, 0x0, 0x0, 0x0], 0xfffffffffffff000}, {0x80000001, 0xfffffffffffffffb, 0x9, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x7f, 0xfff, 0xc1, [0x0, 0x0, 0x0, 0x0], 0x1c4e}, {0x10000, 0x100000001, 0x40, [0x0, 0x0, 0x0, 0x0], 0x1}]})
write$eventfd(r5, &(0x7f0000c57000)=0x4, 0x8)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r4, 0x4008ae9c, &(0x7f00005b3000-0x4)={0x6, 0x4, 0x81, 0x0})
mremap(&(0x7f000020f000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000b84000/0x4000)=nil)
ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f0000c5b000-0x70)={[{0x8, 0x1, 0x1, 0x4, 0xe38, 0x1, 0x5, 0x9, 0x40, 0x0, 0x9, 0x9, 0x7}, {0x5, 0x5, 0x8000, 0x6, 0x7f, 0x1000, 0x20, 0xcde9, 0x8000, 0x100000001, 0x3, 0x71, 0x4c48}, {0x7f, 0x6, 0x0, 0x88, 0x7f, 0x4, 0x60, 0x10000, 0x9, 0x5, 0x7, 0x1, 0x80}], 0xdf, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f000064f000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000079000+0xdd6)={0x0, 0x3f, 0x0, &(0x7f0000650000-0x8)=0x0})
2017/08/11 22:10:44 executing program 1:
mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000aef000-0x4)=0x7)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text64={0x40, &(0x7f0000612000)="66ba2100b006ee660f3882404ff2460fe643e7490fc7993ca200003e646565360f6b9a1080000064f2490f2d73eb66b88e008ee0b994030000b8fdffffffbaff7f00000f30c402edb650c54e12ac7b9d1a0000", 0x53}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f000071f000)=0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f00000ab000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0bcfc300bc75ce5da3001ccb1007655a4f7410ae2abb351756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac4b348ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f7942061ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269bd87224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77c75cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3528baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624e76bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"})
mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x0, 0x36, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xc59000)=nil, 0xc59000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
munmap(&(0x7f000064f000/0x3000)=nil, 0x3000)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = eventfd2(0x0, 0x0)
mmap(&(0x7f0000c59000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xaf8000)=nil, 0xaf8000, 0x5, 0x31, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000001000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f000099b000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000c5a000-0xc)={0x3, r4, 0x1})
mmap(&(0x7f0000c59000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
read$eventfd(r5, &(0x7f000043e000)=0x0, 0x8)
mmap(&(0x7f0000c5a000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000c5a000)=@ioapic={0x2, 0x10000, 0x200, 0x3caf5cbe, 0x0, [{0x1f, 0x63, 0x800, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x4, 0x1ff, 0xc67, [0x0, 0x0, 0x0, 0x0], 0x101}, {0x9, 0x9, 0x10000, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x10001, 0x3, 0x2, [0x0, 0x0, 0x0, 0x0], 0x4}, {0xfffffffffffffff9, 0x9, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1f}, {0x6, 0x100, 0x7, [0x0, 0x0, 0x0, 0x0], 0xc3d6}, {0x100, 0x7f, 0x2, [0x0, 0x0, 0x0, 0x0], 0x10000}, {0x200, 0x1, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1eebd052}, {0x800, 0x1, 0x9, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x401, 0x8, 0x101, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x20, 0x40, 0x7, [0x0, 0x0, 0x0, 0x0], 0x667114e8}, {0x6, 0x4, 0x7, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xa20, 0x1ff, 0x8, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x2, 0x8001, 0x7, [0x0, 0x0, 0x0, 0x0], 0x1000}, {0x4, 0x4, 0x100000000, [0x0, 0x0, 0x0, 0x0], 0x1c}, {0x4, 0xfffffffffffffff7, 0x5, [0x0, 0x0, 0x0, 0x0], 0xffffffff}, {0x6, 0x7, 0x7, [0x0, 0x0, 0x0, 0x0], 0x5}, {0x8, 0x9, 0x0, [0x0, 0x0, 0x0, 0x0], 0x94}, {0x7ff, 0x8000, 0xffffffff, [0x0, 0x0, 0x0, 0x0], 0xf3b}, {0x3, 0x8, 0xffffffff, [0x0, 0x0, 0x0, 0x0], 0x15}, {0x8, 0x1f, 0x1, [0x0, 0x0, 0x0, 0x0], 0xfffffffffffff000}, {0x80000001, 0xfffffffffffffffb, 0x9, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x7f, 0xfff, 0xc1, [0x0, 0x0, 0x0, 0x0], 0x1c4e}, {0x10000, 0x100000001, 0x40, [0x0, 0x0, 0x0, 0x0], 0x1}]})
write$eventfd(r5, &(0x7f0000c57000)=0xe318, 0x8)
mmap(&(0x7f0000c5b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000c5b000)={0x6, 0x4, 0x81, 0x0})
2017/08/11 22:10:44 executing program 3:
mmap(&(0x7f0000000000/0xaed000)=nil, 0xaed000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000937000-0x28)={0x0, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000ae5000-0x48)={0x80003, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000ad8000)=[], 0x0)
mmap(&(0x7f00005f9000/0x1000)=nil, 0x1000, 0x3, 0x32, r0, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000ae1000)=[@text16={0x10, &(0x7f0000aee000-0x78)="6766c7442400009000006766c7442402050000006664c73524068d00000000000f011c240f0866b80f20d86635080000000f22d80000000f23d00f21f86735a630000066b91503000066b8d400000066ba000000000f3067f36d0f3266b97e0300000f3266b9760900000f32f22e0f001d0f183f66640f06", 0x78}], 0x1, 0x40, &(0x7f0000ae1000)=[], 0x0)
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_REGS(r2, 0x8090ae81, &(0x7f0000aee000-0x90)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
2017/08/11 22:10:44 executing program 7:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000034b000)="2f6465762f6b766d00", 0x0, 0x0)
mmap(&(0x7f0000000000/0xaed000)=nil, 0xaed000, 0x3, 0x32, r0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r3, 0x4048ae9b, &(0x7f0000ae5000-0x48)={0x80003, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x52, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f000028b000/0x18000)=nil, &(0x7f0000aee000-0x18)=[@text32={0x20, &(0x7f00002ea000)="0f8306000000d935000000000f213666baf80cb870aeef87ef66bafc0cb8a0d50000eff20f060f01c966ba6100edc74424000a000000c7442402329a0000c7442406000000000f011424b8010000000f01c1260f01cb", 0x56}], 0x1, 0x4, &(0x7f0000aee000-0x10)=[@cr0={0x0, 0x13}], 0x1)
mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0xfffffffffffffffd)
mmap(&(0x7f0000aad000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000738000/0x3000)=nil, 0x3000, 0x0, 0x32, r2, 0x0)
mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text32={0x20, &(0x7f000099b000)="66baa000ec66b830008ee09ae200000022000f21ecb805000000b9001000000f01d9662e0f2026f26d64653e2e660fc6189cdd48e5b946020000b812b90000ba000000000f30", 0x46}], 0x1, 0x400065, &(0x7f0000ad8000)=[], 0x0)
r4 = pkey_alloc(0x0, 0x0)
pkey_free(r4)
mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000019a000/0x1000)=nil, 0x1000, 0x3, 0x20010, 0xffffffffffffffff, 0x1000000000000)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000af0000-0x18)=[@textreal={0x8, &(0x7f0000499000)="0f0766360f0db5e77bf20f320f20c06635000001000f22c00f35ba2000ecbaf80c66b8c451aa8a66efbafc0c66b818ec000066ef3b32dfbb0080660f3a147f0a00", 0x41}], 0x1, 0x10, &(0x7f0000aef000)=[@cr4={0x2, 0x200000}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_TSC_KHZ(r3, 0xaea2, 0x1000)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000246000-0x10)={0x75, 0x80000000000})
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_S390_UCAS_UNMAP(r3, 0x4018ae51, &(0x7f0000aed000)={0x0, 0x10000, 0x0})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_REINJECT_CONTROL(r2, 0xae71, &(0x7f00001e1000)={0x10000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mremap(&(0x7f000028f000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00005cd000/0x3000)=nil)
mmap(&(0x7f0000000000/0xaf4000)=nil, 0xaf4000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000af4000)="2f6465762f6b766d00", 0x101000, 0x0)
2017/08/11 22:10:44 executing program 5:
mmap(&(0x7f0000000000/0xae8000)=nil, 0xae8000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, &(0x7f0000007000)={0x6, [0x14bbf6c5, 0xff, 0x1, 0x2, 0x1, 0x9]})
mmap(&(0x7f0000ae8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ae9000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aea000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r3 = pkey_alloc(0x0, 0x3)
pkey_free(r3)
mbind(&(0x7f00003d2000/0x400000)=nil, 0x400000, 0x2, &(0x7f0000aeb000-0x8)=0x1, 0x7, 0x1)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f000099d000-0x120)={0x7, 0x0, [{0x80000006, 0x9, 0x2, 0x9, 0xe669, 0xffffffff, 0x7f, [0x0, 0x0, 0x0]}, {0xb, 0x401, 0x0, 0xffffffff, 0x0, 0x909, 0x9, [0x0, 0x0, 0x0]}, {0x40000000, 0x4788, 0x5, 0x2, 0x7ff, 0x80000000, 0x2, [0x0, 0x0, 0x0]}, {0x40000007, 0xfff, 0x2, 0xffff, 0x2, 0x1ff, 0x3, [0x0, 0x0, 0x0]}, {0x40000001, 0x80000000, 0x2, 0x3, 0x4, 0x5c0a, 0xc7, [0x0, 0x0, 0x0]}, {0x80000019, 0x80, 0x1, 0x0, 0x1, 0x8, 0x9, [0x0, 0x0, 0x0]}, {0x0, 0x6, 0x4, 0x401, 0x3, 0x63f, 0x1, [0x0, 0x0, 0x0]}]})
mmap(&(0x7f0000295000/0x4000)=nil, 0x4000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000054b000/0x18000)=nil, &(0x7f0000828000-0x18)=[@text16={0x10, &(0x7f00005b8000)="c77900100f350f21f866350000000d0f23f80f083e660f3a0f699c6e673e0f015f4726660f7e2fb825010f00d8d9e56766c744240040e05a826766c7442402000000006766c744240600000000670f011c24bad104b00fee66ed0fc75c0e", 0x5e}], 0x1, 0x40, &(0x7f0000aec000-0x20)=[@vmwrite={0x8, 0x0, 0x7f, 0x0, 0x4, 0x0, 0x80, 0x0, 0x2}, @dstype0={0x6, 0x3}], 0x2)
mmap(&(0x7f0000aea000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f000079f000)={0x101ff, 0x3, 0x10000, 0x1000, &(0x7f0000996000/0x1000)=nil})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000aeb000-0x10)={0x15004, 0x10000, 0x0})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000379000-0xc)={0x3, r2, 0x1})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000ae7000)={0x1, 0x0, [{0x11, 0x0, 0x5}]})
2017/08/11 22:10:44 executing program 0:
mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000025000-0x9)="2f6465762f6b766d00", 0x404, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000020000-0x13)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x8000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000ade000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mprotect(&(0x7f00008cd000/0x1000)=nil, 0x1000, 0x2000004)
ioctl$KVM_PPC_GET_PVINFO(r3, 0x4080aea1, &(0x7f00004ae000)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f00003b8000/0x18000)=nil, &(0x7f0000ad1000)=[@textreal={0x8, &(0x7f0000ae7000-0x37)="ba43000f20c0b8eecbeecbdfd200000f230f21f86635800000a00f23f865640f019809000fbf56020f35defedbe20fc79f00000f330fbaf601", 0x39}], 0x1, 0x20, &(0x7f0000ae4000)=[], 0x0)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f000054d000-0x70)={[{0x4, 0x6118201, 0x25, 0x8000, 0xc611, 0x9, 0x8, 0x4, 0x6, 0x5, 0x20, 0x84, 0x3}, {0x1000000000000400, 0x3ff, 0x4fc, 0x20000000000ed5, 0xffffffff, 0x6, 0x40, 0x5, 0x312, 0x4, 0x4c8, 0x3f, 0x1}, {0x82f, 0x0, 0x80, 0x0, 0xe, 0x4, 0x7f, 0x4000000000000003, 0x1d, 0x0, 0x1a3b374d400, 0x100, 0x87}], 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x1ffffc, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x3)
syz_kvm_setup_cpu$x86(r6, r7, &(0x7f00001fb000/0x18000)=nil, &(0x7f0000adf000)=[@text64={0x40, &(0x7f000022a000)="b9800000c0b98f0400000f3235008000000f3048b89e000000000000000f23d80f21f835c00000300f23f8662e64314d00400f9bf2f26cc740442400df0000000044240200000080c7442406000000040f011c246564f20f1bffc4e3bd78ca08430f01cfb9940000400f32", 0x6b}], 0x1, 0x0, &(0x7f0000230000)=[], 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f00002e0000-0x9)={0x0, 0x12000, 0x0})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r6, r7, &(0x7f0000a97000/0x18000)=nil, &(0x7f00002d7000)=[@textreal={0x8, &(0x7f00000ba000-0x4c)="66b8e70000000f23c80f21f86635040000000f23f80f18ae050066b90d03000066b80d00000066ba000000000f30660f38311d2099d0f6da9c060064260f005800f26f0f01c83667360f01d1", 0x4c}], 0x1, 0x4, &(0x7f0000af0000)=[@cr0={0x0, 0x40028}], 0x1)
mbind(&(0x7f00007d8000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000af1000)=0x100000000, 0x801, 0x4)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
2017/08/11 22:10:44 executing program 2:
mmap(&(0x7f0000000000/0xe97000)=nil, 0xe97000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000017000)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000da8000-0x8)={0x1f, 0x0})
r2 = eventfd2(0xedf, 0x800)
mmap(&(0x7f0000e97000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x46)
write$eventfd(r2, &(0x7f0000e98000-0x8)=0xfffffffffffff5e7, 0x8)
r3 = eventfd2(0x0, 0x0)
eventfd2(0x0, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000026000-0x20)={r3, 0x0, 0x2, r3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000565000)="2f6465762f6b766d00", 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = eventfd2(0x0, 0x0)
r8 = eventfd2(0x9, 0x80000)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000556000-0x20)={0xf000, 0x2001, 0xffffffffffff9202, 0x6, 0x1f, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_S390_INTERRUPT(r6, 0x4010ae94, &(0x7f0000dac000)={0x401, 0x9, 0x400})
ioctl$KVM_CHECK_EXTENSION_VM(r6, 0xae03, 0x3c)
madvise(&(0x7f00004c8000/0x1000)=nil, 0x1000, 0x7f)
mmap(&(0x7f0000e98000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r6, 0x4010ae42, &(0x7f0000e98000)={0x1ff, 0x0, &(0x7f0000958000/0x4000)=nil})
mmap(&(0x7f0000e99000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000064000-0x20)={r3, 0x0, 0x100000000002, r8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
eventfd2(0xc, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r5, 0x4010ae74, &(0x7f0000d32000-0xc)={0xa9d, 0x4, 0x3})
mmap(&(0x7f0000e97000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000939000-0x9)="2f6465762f6b766d00", 0x200002, 0x0)
pkey_alloc(0x0, 0x1)
mbind(&(0x7f00007b7000/0x3000)=nil, 0x3000, 0x2, &(0x7f0000ca6000-0x8)=0x1, 0x9, 0x2)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f0000d95000-0x138)={{0xd004, 0x3000, 0x10, 0x294a, 0x9, 0x2, 0x400, 0x7f, 0xce, 0xff, 0x2, 0x6d50, 0x0}, {0x6000, 0x1000, 0x10, 0x7, 0x3, 0x800, 0x6, 0x4c4ab5c, 0x2, 0x40, 0x2, 0x1, 0x0}, {0xf000, 0x4, 0xb, 0x1f, 0x5, 0x2744, 0x3, 0x7, 0xc82, 0xe4, 0x267d, 0x101, 0x0}, {0x4, 0x6, 0xf, 0xfffffffffffffffb, 0x4, 0x100, 0x83, 0x80, 0xfffffffffffffc01, 0x8001, 0x3b, 0xfffffffffffffffa, 0x0}, {0x101004, 0x1000, 0x8, 0x200, 0x7, 0x7900, 0x100000001, 0x9, 0x9, 0x2, 0xaf63, 0x1f, 0x0}, {0x0, 0x1000, 0xa, 0x9, 0x8, 0xe8, 0x5, 0x7fffffff, 0x4eb, 0xfffffffffffffd60, 0x4, 0x9, 0x0}, {0xd002, 0x2000, 0x3, 0x4, 0xbe, 0xc1a, 0x4, 0x6d0, 0x2, 0x0, 0xf17, 0x4, 0x0}, {0x0, 0x6000, 0x3, 0x5, 0x4000000000000, 0x81, 0xfff, 0x101, 0x4, 0x1, 0xfb1, 0x4, 0x0}, {0x2, 0x5002, [0x0, 0x0, 0x0]}, {0x3000, 0x4000, [0x0, 0x0, 0x0]}, 0x13, 0x0, 0x4000, 0x20, 0xa, 0x1, 0x110004, [0x8, 0x3548, 0x2, 0x5]})
ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000e97000-0x20)={r7, 0x2000000002, 0x2, r2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
2017/08/11 22:10:44 executing program 4:
mmap(&(0x7f0000000000/0xadb000)=nil, 0xadb000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mmap(&(0x7f0000adb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_IRQCHIP(r0, 0xc208ae62, &(0x7f0000adc000-0xd8)=@pic={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KVM_SET_NR_MMU_PAGES(r0, 0xae44, 0x3)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000003000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000446000)={0x7, <r3=>r1, 0x1})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x101)
ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000530000-0x8)={0x7, 0x240})
ioctl$KVM_GET_XCRS(r3, 0x8188aea6, &(0x7f0000004000)={0x1, 0x8, [{0x7fff, 0x0, 0x1000000000}]})
ioctl$KVM_GET_LAPIC(r4, 0x8400ae8e, &(0x7f0000004000-0x400)={"1f123725f9e93dbc8afdd2061dd1ba4975b021981d13da50013fc62a6aa3f3a3f7a258eec41dae7e00ea8317e65975bf965d3ab93d6fda8e85ac3bf13c300807e8b845c515ec8ac35d399deabde70f20e263bc97ae7c093770aabfaa9e3cbb25356f39c8cb3ec52d9cd05819549ec694e3541c3e21afc4117c0485603e3d8da6faec51163cc77c7a1d868ad17fe701427a3268c34b99abc54b359bdc42902f70f2dc426d19ff6132f5e3b370a1a795b2fff23b082e85836cc38d61f5854221a03737622c69ffa78cdd2a721ca085c49c74557e1e93764a786809cfcfb40c088a52303fa7ee69359ac15a26d6ab8ac9cf8ad503ab1d18315dae34de911c554cb9137ef14c6aed7922e7e11163964df08142f659f22505d5ce50a2669c105f45fd254524c13933505b3eea10913c142dda1809e6d18724c7d32cf3e6a75bf067458582371f62d18b90b18992139aa63894487509e66d79c76b237e1de34b0829b8b5c93da141d3831296c539e5b13129a76d9a4c72e0d1c0c14092d30f977d7047b9dfebb91535d87731a948b356ac8bc7d26b330a61697efe2432a35d132de17f3483fe721dd519fbe14a83c4efa90d29ff0b12147b6a8ea51c5daf74a7b5e786bfed596e3b55f7974f881b6b84e52a6a978a559572efa3b1030adccd9d5769a0c452a191859f0d5b423040ceec1dfe093c0848ab9b0f3029fed7be95abafbddd12055dacba52734af93defc155276f9daf1877e54bbcb2429a6358608a25a17a964ddf69eecd74f77a1f96d5ee41446eb2004eea6c4bbd0605582975d84e228403247b876748019cea5988b7ec52707aec5ce20b01282d8f1e34c1aa99375957a67f9b02d0aa355269f6853bb505519e69d7615bb41b239a525df0a389a4d42149c58910908e4fc1acc4aaba680c3d07a5f3992929f0c35d246c9a84e45eb4737f183148f6ec2ddb38c21d6045224ec4e3f11aacef270d8aa6a1f52201abce439839d4dd5240982a76747603136d4acadadc2b7b1eff66739cd5e859a9118c2557e9a0925dee69c0378edc5cb59f9ae4d22d15ed2a31645990de0c835e1b8df1e67f7562aafc41250cb248603c4161bccf4e0e8b313ebe36d85a32750376c7a6d51144e0e4f2488f6d0d80f8e54ec215d0156b72df3846dd014aee4be2f7cb979ef1a83d54a2e57f602c2fd500a21dad5906cf99a098a5b0d0c8eaa40d390b83f8dda84cf87a4a14702f9857f789b99b4e0072c108a67885f4cf93959afa0377e48e989a8e0577628462ef2db8b77eed2a3097113458617cb5926b05abcf52c389dd13fbfab58074e7b77f352b1df3fce989fe9ec2be57505955a668696edb048d20935c7f883aa450e087a6542a533cdde4acb4af1302d8bd4a830e8183b504aac69541b0f677981ce5883e0534d95e908af302fcdbec8ef3daebef8a971fcf"})
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000002000)={0x4, <r6=>r5, 0x1})
ioctl$KVM_GET_PIT2(r0, 0x8070ae9f, &(0x7f0000002000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000002000)="")
ioctl$KVM_SET_GUEST_DEBUG(r4, 0x4048ae9b, &(0x7f0000ad8000)={0x10000, 0x0, [0x3, 0xfffffffffffffff7, 0x7f, 0x40, 0x2, 0x9, 0xfffffffffffffff5, 0x2]})
ioctl$KVM_ARM_VCPU_INIT(r3, 0x0, &(0x7f0000005000)={0x9, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000adc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000adc000)={[{0x8001, 0x0, 0x2, 0x4, 0x1, 0x3, 0x1, 0x80000000, 0x1ff, 0x280597a8, 0x7, 0xfffffffffffffff7, 0x3}, {0x9, 0xffffffffffffffff, 0xc09e, 0xffffffff, 0x3, 0x0, 0xffff, 0xa9e, 0xffffffffffffff81, 0x0, 0x28d0, 0x51, 0x7}, {0xfffffffffffffffc, 0x4, 0x9, 0xde4, 0xa0e, 0x5, 0x200, 0x9, 0x2f8, 0x4, 0x2, 0x400, 0x3ff}], 0x101, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_DEASSIGN_PCI_DEVICE(r2, 0x4040ae72, &(0x7f000084f000)={0xfffffffffffff000, 0x20, 0x7, 0x2, 0x5})
ioctl$KVM_SET_SIGNAL_MASK(r4, 0x4004ae8b, &(0x7f0000869000)={0x50, "9e45f6a7e47c1eb8b7f74d6be75d01299ac19c6b1e7e132e84da3819b7bff9820b5e58074bce39cbdff7cff81dbab26599c4aed245360903b3e7dc8275747e12d5705ca45c2279c02f2f0ef069da82fb"})
ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f0000788000+0x292)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
ioctl$KVM_SET_XCRS(r4, 0x4188aea7, &(0x7f0000007000-0x2a)={0x4, 0xfff, [{0x8a4, 0x0, 0x8}, {0x9, 0x0, 0x7e}, {0x408e, 0x0, 0x7}, {0x1ff, 0x0, 0x3}]})
ioctl$KVM_ASSIGN_SET_INTX_MASK(r5, 0x4040aea4, &(0x7f0000002000)={0x8, 0x7f, 0x0, 0x5, 0x2})
ioctl$KVM_SET_MP_STATE(r6, 0x4004ae99, &(0x7f0000000000)=0x5)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000000)={0xfffffffffffffffd, &(0x7f0000ada000)=0x0, 0x0, r6, 0x1000000000b})
[   51.838222] IDTVectoring: info=00000000 errcode=00000000
[   51.843675] TSC Offset = 0xffffffe38c9bb955
[   51.848004] EPT pointer = 0x00000001cc73101e
[   51.963512] *** Guest State ***
[   51.967072] CR0: actual=0x0000000080000031, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
2017/08/11 22:10:44 executing program 1:
mmap(&(0x7f0000000000/0xae3000)=nil, 0xae3000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000ae3000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000ae4000-0x14)={0xffffffffffffffff, 0x20, 0x9, 0x6, 0x0})
ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f000008d000)=0x100000000000003)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_GET_IRQCHIP(r2, 0xc208ae62, &(0x7f000098d000-0xd8)=@pic={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mmap(&(0x7f0000ae3000/0x1000)=nil, 0x1000, 0x8, 0x10, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000ae4000)={0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_S390_UCAS_UNMAP(r3, 0x4018ae51, &(0x7f000031c000)={0xffff, 0x10000, 0xa1b6})
mmap(&(0x7f000083d000/0x2000)=nil, 0x2000, 0x3, 0x100000000032, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@textreal={0x8, &(0x7f0000ae4000)="3e0f001b66b9800000c00f326635010000000f30d88a45000f32b800018ec80f23b9360ff9c3662664f2addd8f0900f30f5805", 0x33}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}], 0x1)
mmap(&(0x7f0000000000/0xae0000)=nil, 0xae0000, 0x3, 0x4d031, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_IRQCHIP(r2, 0xc208ae62, &(0x7f0000a5e000-0xd8)=@pic={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KVM_GET_XSAVE(r3, 0x9000aea4, &(0x7f0000ae6000-0x400)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"})
ioctl$KVM_GET_MP_STATE(r3, 0x8004ae98, &(0x7f0000784000)=0x0)
ioctl$KVM_SET_BOOT_CPU_ID(r2, 0xae78, &(0x7f0000ae4000)=0x1)
ioctl$KVM_GET_DEVICE_ATTR(r0, 0x4018aee2, &(0x7f0000597000)={0x0, 0x10, 0x4, &(0x7f0000925000-0x8)=0x0})
ioctl$KVM_SET_SIGNAL_MASK(r3, 0x4004ae8b, &(0x7f000033e000-0x5c)={0x57, "eb601882a4e5381c1fb9f6b23aaa29b22935dcbd9d528867a1c1b51c0a7f0b638f3a0e4c157edb0e3617f9ce64f8eb1c8c968709ae3604d943981d398bbe722d0263807f69ec8d49919666186aab058994c96e05e04984"})
mmap(&(0x7f0000ae5000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f00002f1000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000000000/0xf72000)=nil, 0xf72000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000f72000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000f73000-0x20)={0xf000, 0x10000, 0x8df, 0x6, 0xfffffffffffffff7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
2017/08/11 22:10:44 executing program 0:
mmap(&(0x7f0000000000/0xaf4000)=nil, 0xaf4000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffff9c, 0xae41, 0x1)
ioctl$KVM_X86_SET_MCE(r0, 0x4040ae9e, &(0x7f00008ff000-0x40)={0x4000000000000000, 0x1, 0x8, 0xc, 0x10, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_GET_SREGS(r3, 0x8138ae83, &(0x7f00006f0000-0x138)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]})
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f00000f3000)={[{0xffc000000000000, 0x20, 0x0, 0x83ee, 0x4, 0x8, 0x4, 0x9, 0x39, 0x7, 0x9, 0x0, 0x0}, {0x1f, 0x3f, 0x3, 0x4, 0x5, 0x4, 0xffff, 0x3, 0xf, 0xff, 0x3f, 0x9, 0x470}, {0x7, 0x8, 0x1, 0x7, 0x4, 0x8000, 0xfffffffffffffffe, 0x5, 0x2, 0x68c4, 0xba, 0x9, 0xfd79}], 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
syz_kvm_setup_cpu$x86(r2, r4, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0)
ioctl$KVM_DEASSIGN_PCI_DEVICE(r2, 0x4040ae72, &(0x7f000011a000)={0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4068aea3, &(0x7f0000aef000)={0x7a, 0x0, [0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_GET_LAPIC(r4, 0x8400ae8e, &(0x7f0000224000)={"e1348a07cb208c9486bcbe18689e137065b11ef5491b5831480aaba243a7dd03117bd4998324d8c254fede8ec508460bea485cb5f8b66f2ced1ea94030770d78b1ba3be7917ae7e356bbbccee468d4e24a8009ac0b67aa865fce96fd5a9b93f8d0e99209a19170dc3c75b8f1b3ac6a9104830fc89d4769dfb7201dd3eac588080000000000006aa1d328cac2d82657d12a7697970c962e016e3ac63bf8c85706df2838d206708e40cec0f77127cdb7522398e5d60c8a8dab9f1a844c3aab629eaa486852e8fa7c7e3c24756bbefab412a75f4635cf2224a348d3a6226cc437aa2e5e43c2f2ea10c926212d7e2f1ad5122aab9fc7941408e484dce354b9fd806908e8da1b68f5530df699de8bd378c997c5ffff0000000000006e9bcb9c82739c5b83394666995b522f434beb3e78bb8df406678a8b933ab26e0338a9f661d179647dd0342df5f3952682ebaf03af2d657f3fc6becd18b17d2437c7450c9bfe17f3f98a9173045a733e4becc7cb409148b90e4754c4d467c1b82b3ab7d2d175b5d68126a65fb322ebbe25d2844d392943e500956866c732aa9e40b619a8da4ea05ae66d45b5193a65768ede202b189810222739f44472cf4a2f027cbf8a008378ce0a0bbcf684e0ee91addf193e91c85e4b2e6508e086562e33bab4e2b7123def4b56deaf9952d09d25590aaf658509e5b818b6c8aeaedbae2ff0a661956a6c7126fa2c8fec1c496df2406f56512a1fe332b7932e46ee2a174b565765e99802a0e66ce428d85ebdf48150a62e54fdab44a9f71d0d67dfdb59d762cb7a8b24b09e046df78fb15c27dfa37bf1aaf3c038591f84f66bc29cc20a5b7c73272e83dd0f9a094692df5aac383ae35030e4200b63c911efd3adcb35a27eeaee306ea944a3c38da8ca799d97bbc097ba00bf19dd60fe32361e5dcee02f0b68c602fb5ab2dbfd21e826e34dab88665a0f9b827cbd99c0649378ac5fa09a340d8c39bbbf1168fab530da86b44e0cbfe710f16cf41a87fbddd3a8046064980faf81cadfc334aa66a51bac724b272956fd968c080ee46766e2eeeb45c8533ed7eb950277bd8be90ef0ebbc383defa96e2762cd2f4dbc90090bd138197ac7e887768da901b3c8ca2b9a0a7b29c26c083cc1c216609daaa9ff2ca1b44bfc0205c7287312f28ba8daa3edba0ff878a9017b04e1fa956036db5ba4348ba3ba40acbc86d0aca873294041fa9f5f6015aab8a43907469ff81aa36c0037cb576095f9a6d6aeecb258bc67e70258556d081e65e6c9d62ca82a3638a92b18335eb34f06bff840b061919341ddcf666314516406b2f617c9b229c0321bc4e0b63e95cbcfc02ea01b368094b0924bf5067d07d3dfe620d457794d07ca774109f5afed760637fa9ee3c3e1aaf0092184323b274b22bee134ce03090719abfb0e8174a4f6c56a0d172467564e3e"})
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f00002de000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
[   51.982486] *** Guest State ***
[   51.982495] CR0: actual=0x0000000080000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7
2017/08/11 22:10:44 executing program 4:
mmap(&(0x7f0000000000/0xafa000)=nil, 0xafa000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text64={0x40, &(0x7f000099d000-0x64)="b6c3f8e788595dc51ba31779d22e2453ab6fe204d8cb17bc3c4ab8e3e0483b9931418b5c1612cb68cb1f08acd613883205213823efd610026d3b892f9ecf43c837882ddb41cb3a22a62644cc9081d865b5c7d6d371bfbc1b7da5ab28911fcb5667d0b08b", 0x64}], 0x1, 0x41, &(0x7f0000aeb000+0x7dc)=[@vmwrite={0x8, 0x0, 0x34c, 0x0, 0x3, 0x0, 0x7f800000000, 0x0, 0x8}, @flags={0x3, 0x80800}], 0x2)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00006b4000)=@ioapic={0x2, 0x0, 0x0, 0x4, 0x0, [{0x3, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0xe2, 0x5, 0x0, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x6, 0x0, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x1, 0x4, 0x3, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x5d9a, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x5, 0x2, 0x7f, [0x0, 0x0, 0x0, 0x0], 0x40}, {0x9, 0x3f, 0x1, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x9, 0x1, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x0, 0x9, 0x5, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x100000000, 0x6, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x80000000, 0x10001, 0x8, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x7fffffff, 0x9, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xfffffffffffffffc, 0x1, 0xffffffffffffffe1, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x3, 0x6, 0xe945, [0x0, 0x0, 0x0, 0x0], 0xfff}, {0xfffffffffffff135, 0x6, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x8001}, {0x5bd, 0x3f, 0x7ff, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x400, 0x4, 0x9, [0x0, 0x0, 0x0, 0x0], 0x5d1f}, {0x100, 0x7f, 0xfffffffffffff801, [0x0, 0x0, 0x0, 0x0], 0x8}, {0x5, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1e71}, {0x3, 0x6, 0x6, [0x0, 0x0, 0x0, 0x0], 0x5}]})
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000326000)={0x3f, 0x1})
2017/08/11 22:10:44 executing program 5:
mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000af1000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000af1000)={0x0, 0x9, 0xfffffffffffffffd, &(0x7f0000a75000-0x8)=0x0})
mmap(&(0x7f0000000000/0xae6000)=nil, 0xae6000, 0x4000000003, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000034f000-0x9)="2f6465762f6b766d00", 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000777000)=[@text64={0x40, &(0x7f0000add000)="66b834010f00d026656766480f388274fb6a3e4c0f01cbc4820dbe75fac4e3fd6d0d5f090000803e360f01d1c4e139586d0036f2410f5934f066baf80cb822eaf082ef66bafc0cb062eec744240074240000c744240252000000c7442406000000000f011424", 0x66}], 0x1, 0x41, &(0x7f0000ad8000)=[], 0x0)
mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000af3000-0x9)="2f6465762f6b766d00", 0x2, 0x0)
ioctl$KVM_GET_XCRS(r2, 0x8188aea6, &(0x7f0000386000-0x38)={0x3, 0x8001, [{0x3, 0x0, 0x7}, {0x4, 0x0, 0x7}, {0x80, 0x0, 0x9}]})
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x3)
ioctl$KVM_S390_UCAS_UNMAP(r5, 0x4018ae51, &(0x7f000017a000)={0x3, 0x4, 0x200})
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000777000)=[@text64={0x40, &(0x7f0000add000)="66b834010f00d026656766480f388274fb6a3e4c0f01cbc4820dbe75fac4e3fd6d0d5f090000803e360f01d1c4e139586d0036f2410f5934f066baf80cb822eaf082ef66bafc0cb062eec744240074240000c744240252000000c7442406000000000f011424", 0x66}], 0x1, 0x41, &(0x7f0000ad8000)=[], 0x0)
mmap(&(0x7f0000ae6000/0x1000)=nil, 0x1000, 0x3, 0x10, r5, 0x20000)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000ae1000)=[@text64={0x40, &(0x7f000017c000)="66baf80cb800d0d883ef66bafc0c66edc74424003fd1ce03c744240200300000c7442406000000000f0114244c351e0000008f491099bc9c040726294cc1eddac7442400ba000000c7442402fa7f0000ff1c24c45fe2daf52500dd000000442400e99eefbac744240200000000c7442406000000000f011424c4431d4a8c28000000000066f93c0c", 0x88}], 0x1, 0x0, &(0x7f0000ae1000)=[@cr0={0x1, 0x0}], 0x1)
mmap(&(0x7f0000af1000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_DEASSIGN_DEV_IRQ(r4, 0x4040ae75, &(0x7f0000af1000)={0x100, 0x93f, 0x5, 0x402})
mmap(&(0x7f0000ae7000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000af2000)={0x10202, 0x2, 0xf000, 0x1000, &(0x7f0000408000/0x1000)=nil})
mmap(&(0x7f0000000000/0x70d000)=nil, 0x70d000, 0x3, 0x233, 0xffffffffffffffff, 0xfffffffffffffffe)
madvise(&(0x7f00006ce000/0x4000)=nil, 0x4000, 0x1)
ioctl$KVM_DEASSIGN_DEV_IRQ(0xffffffffffffffff, 0x4040ae75, &(0x7f0000001000-0x10)={0x4, 0x6, 0x100, 0x2})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f000028f000)={0x0, 0x3, 0xfffffffffffbfffc, 0x1000, &(0x7f0000548000/0x1000)=nil})
mbind(&(0x7f00003fc000/0xc000)=nil, 0xc000, 0x4000, &(0x7f000070c000)=0x462, 0x1, 0x2)
madvise(&(0x7f0000048000/0x1000)=nil, 0x1000, 0x8)
ioctl$KVM_S390_UCAS_MAP(r2, 0x4018ae50, &(0x7f00001b5000-0x18)={0x2, 0x1f, 0x3})
ioctl$KVM_X86_SET_MCE(r5, 0x4040ae9e, &(0x7f0000ae8000-0x40)={0x4000000000000000, 0x6000, 0x200, 0x2, 0x20, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000ae1000)=[@text32={0x20, &(0x7f0000ae4000-0x74)="b9dd0b0000b871d90000ba000000000f30650f2181b8e90000000f23d80f21f835000000b00f23f8c4c2d5a602c744240000000000c744240276540000c7442406000000000f011424363e3e0f01d1c4c101f45b0c66baf80cb8a4e73281ef66bafc0cedc4e27959af8cc60000b92a0800000f32", 0x74}], 0x1, 0x0, &(0x7f0000ae1000)=[@cr4={0x2, 0x0}], 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
2017/08/11 22:10:44 executing program 7:
mmap(&(0x7f0000000000/0xaf5000)=nil, 0xaf5000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffff9c, 0xae41, 0x0)
ioctl$KVM_X86_SET_MCE(r1, 0x4040ae9e, &(0x7f000040d000)={0x400000000000000, 0x4, 0x6, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r2, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000")
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0)
ioctl$KVM_DEASSIGN_PCI_DEVICE(r2, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8b, 0x0, 0x4, 0x8})
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80)
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000747000)=0x0)
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x0})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000af5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x8040ae9f, &(0x7f0000af6000-0x1c)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000)
[   51.982502] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=fffffffffffff871
2017/08/11 22:10:44 executing program 2:
mmap(&(0x7f0000000000/0xaf7000)=nil, 0xaf7000, 0x3, 0x3e, 0xffffffffffffffff, 0x4)
mmap(&(0x7f0000af7000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000af8000-0x9)="2f6465762f6b766d00", 0x801, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_TRANSLATE(r1, 0xc018ae85, &(0x7f000013e000)={0x0, 0x106001, 0x7, 0x1ff, 0x0})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_PIT2(r2, 0x4070aea0, &(0x7f0000164000)={[{0x6, 0x2, 0x3, 0x1c0a, 0x1, 0x0, 0x2, 0x81, 0x0, 0x5, 0x80000000, 0x4, 0x1}, {0xf, 0x9, 0xfffffffffffff33b, 0x63, 0x2, 0x7, 0x9, 0x7f, 0x9de, 0x100, 0x4, 0x1, 0x975d}, {0x8, 0x4, 0x41, 0x8, 0x5, 0x3, 0x8000, 0x8, 0xff, 0x1f, 0x3, 0x6, 0xb07}], 0xb4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000af7000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_CLOCK(r2, 0x8030ae7c, &(0x7f0000af8000-0x30)={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000000000/0xbf2000)=nil, 0xbf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f000037b000-0xc)={0x3, <r4=>0xffffffffffffffff, 0x1})
mmap(&(0x7f0000bf2000/0x1000)=nil, 0x1000, 0x3, 0x32, r4, 0x0)
r5 = pkey_alloc(0x0, 0x2)
pkey_mprotect(&(0x7f00008a9000/0x1000)=nil, 0x1000, 0x3f7e72c626bf9bc2, r5)
mmap(&(0x7f0000bf3000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000bf4000-0xc)={0x1, <r6=>r1, 0x1})
ioctl$KVM_SET_XSAVE(r6, 0x5000aea5, &(0x7f0000582000-0x400)={"57615b317301c69a6a76d9c95200370fb62935061d7ec07969b69e5f3e007188063b3e4373e1c4142fbad48e14489d953a459ed8de19e0043b099132b267e8e2ffdec5cf61f5e630c33d674aa512fdfc44d7129510329932f1b1825ce600ed6c992ee906a542814918214341ad490c0ef5699e2170a804327aeacc738da97090b08c656fcb77ca74c4cbcf54844b3c3ee797d5844fe68169acaed0837e1073b26e7ed051105be9b00ac456cac4c5fa9c1a4333b2982c3474563a89d7d9f3cd55b605b4a300978cd9d27b2e6e7c71597af76136ac296fee7a55ece4e12153a8adac6eb0b475effee4d4a089c5681d3f5fd5f3b0dd67ce332eab5dd0e7ff36c1dd150241fad871629129657dfe03d54ec99def8f9ccb74456bab84afb3b67618f106bdbb324eef1ba9aba5e27671a6928bbc31810f11fca726d521419faa7a52be23b2d91681b5bf2349294a174a40e3153cf0b55e01962a19fb5547095937ff7228f4de719d5130df6b8758804d1909717effc68eaf0f4925529193ae1ec92b6f2666b2d22fcc45bf717565b2218f7dcf0189cc123654f2baad867ffa39b39bad4a6b7328b7531b0d0a6e8b2330433c22b0bb592ea2c3cf2c5c1585b1be6e179fe06ab69da1c8c87994707b0c397fd333e5cd9ce66e7c7e2d25ed079bf320f92a5e96d2a140448a9ff154b661cad1a0c8dc6ad38096f7680037f768214ebbcdc87f2f54e77c476ecaed7f2345784873cfeda32697979e31f213022e62f2b83b0b23815ce1552b27dd21c94c0fdacc04d2fb401046a059514995c7245840bb9ea665959e9e54dbdc06cade43ad0505839753aa59c6c6a819fd43606ff024ad903b7698222860c8319590d41f990a9046b59b5dfbfcef5ecb9a950ae79680bea20facbc433970732479df2720a8f6bc5f65b4c43f90ec0fd180c902a8171909727cadc6582e081d85b5f814d1240c37b0e0855c01835b51850cbf8dcb71231db0d65199c2fe70240de74d9f5732fbcb7c0c097f8b2745a6fa426361e308b6a90f83c04b3d685e38f142f8f4418be62f5ee0c1331b2288c1ad364ec2d834723e840e46adbbe4dc80a773c58ec22ce74857e70cb3e1ec14b0bbc5057757fd39459e2ad4a246262f2477046e4171aad34b33336d5a2d865143a57dca06aa6d638279b041abf585369e3d25e91e8d8c767f1b749a1672066d880a87639bc643e3c7e2999994a43237283a4362c05f73c673772e2a0634ed9ca533dc1a3f88d50f23814d73579049eb0a0776407880583d134a5e412dcc55361799f99b21c6cb23497a82188edbc045ac321baa131af357fd1fae6d63255ac43236810a3f1e2a5b0ca9d8d464cd9fd58c30f194180d188b2d8e2fd51828710eba496078e14d76fc263aa273bc51baf48a656bb8c81305983378110c8c5d74bc50f39ec878ef7b3f82dda8"})
mprotect(&(0x7f000002c000/0x400000)=nil, 0x400000, 0x2)
mprotect(&(0x7f0000362000/0xc00000)=nil, 0xc00000, 0x20)
mmap(&(0x7f0000bf4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000bf4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r6, 0x4004ae8b, &(0x7f0000950000-0xf0)={0xec, "64d6ba3a876a38f90001701bd70b090069fa83735b88e4cd8f3f1e9c6641c8678ff6db31dda4f9145e7145e88e106a7c6992f1227475d38396d5f9801ef14358514a5795add504fa65d5f97e05357f14522d1fd9ddf93fdaffa02ccebb2815ed3ff72182dcdb71efc5c62a28ee64f6705d25659b8bc406a8ebbe8b97bb0182a7f913420226f92de5f38ec698e82acc88be703cc669103953327552b982ebda5c5dfcbfd8b391c740a64e60cf9a34f20657cb7c5f94f1b3764b7bb60b4ae19114736c009e2483bba46ae28e19866de6e3d40b7b197547cdf76468e44d497839c678ab7ae8c540ad582d37728a"})
ioctl$KVM_DEASSIGN_PCI_DEVICE(r2, 0x4040ae72, &(0x7f00007ac000)={0xf4f, 0xffffffff80000001, 0x6, 0x4, 0x2})
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000adf000)=[@text64={0x40, &(0x7f000099d000-0x64)="b6c3f8e788595d2a1ba31779d22e2453ab6fe204d8cb17bc3c4ab8e3e0483b9931418b5c1612cb68cb1f08acd253883205213823efd610026d3b892f9ecf43c837882ddb41cb3a22a62644cc9081d865b5c7d6d371bfbc1b7da5ab28911fcb5667d0b08b", 0x64}], 0x1, 0x42, &(0x7f0000ae2000-0x10)=[], 0x0)
mmap(&(0x7f0000af7000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_X86_SET_MCE(r3, 0x4040ae9e, &(0x7f0000af8000-0x40)={0x2000000000000000, 0x2, 0x7, 0x3, 0xc, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]})
ioctl$KVM_GET_LAPIC(r3, 0x8400ae8e, &(0x7f0000af0000-0x400)={"b437d29a752c8602339ddb221e2c7ed214b31a9032373e9fc5c2940691ae0949199f12225b19df685ddca013e39473e0a6b596f84924340c3258558735d397524f1302040940f88431c9e856fa424b5e015f3555534919bd86e65f6e3e58b1ace158f4c7fea4cbcbfffa3298717fb27e88fc850ea3765315e55d490e247c6dfd4bf6299d5528da9991c8200f1794e389048ff032f6579986624f52361c6e668c2c4639a361d9957de884bd29c058683342e72268a85598697866fbddae2f308097dd35ea8e89565ccb57cf77b11e4826532b65c316e46261902b446173f094383cb0935ecd4a19227314172967bb65829557752bb722e3a3ffeabd38f7b5fff837c0ccc4abf14b07a6913c37ca307b6222a9eab47f75db7ec377ab9d619ad71587d71049daa82a2ea9bbf648de9605682da85cecb002a0c8cb9cf3ecff3d9f4766abf40c3343b3800fedc62eb71be649b34b6da255cd039c4144bf467625fc2c04064043ab8e8775e227a688d2d6b3ac9204e2773ca33b6fbdb864740e9b862f4ce4a1a8ed436f379d7e2ac42291ca2c81177e4cedc3659e04e426df7aceb7d1ec7ad36e4686c7db9222ce11a6f034532be4766eee4e376cad2cbcbdb44a54a8a1c8a462b28e0af79a8ed0599bd281e42f028b5f6b3b7410c0bdb05162298abae6a0b1971d7797a28ab4fed6958a2c3d43a63a8ad8af7df142c7c1c03e3cddf36cc9e57c90ea9ca4cbafc97cd5c7ec62651ecb8e9682495976a0d1abc4e0b7045edca9176b4c221643782285f8a1acc7c5f2ccdc659c0f1930a9494d86b65e8045ccdf356522f66971274359eaf4cd25f23023103823c6daa29dd2ca36599f9b8085e5e2cedbcf363a1c67de72f4f711df1e97727aea2e4c37762d3737db1fcd4ca4273d911c0b984c5dcc4808827b2de4e3ddeacd2250a18ff2055f97b9e31a3f831c878de6479768ec3b2122c62cb93122d026b85f444dc1f1900d69589d15ab20ab7512b9193766e0c52e3d67c9dda426d647d806a4f055e39df5d509d0ccdb589fe08746d505d9e0ccc8e645b28e49d6d3a8eeb7fefaf2dceb1a45fb1758837d4a9b636e2d6575fff18119a76f20da8e318ed22854150bc68c78ac0647843f9b085a18eddf14b1461783ca0d060b30c49fbffcceadb34288d995768cd9e87758509a267ebe832d47d3b008ec39f3d7baf7975849c5f5532f603a0eeaec04e5bff5cf02842b6d6bded49dfab1bbc2446b3a6558a95a92ade5bac97949097fe9f068711ba518d7072ebf0ccd3d434d76a890d74031e5d6343f4acb86a7cae2d8d9ef102e81a35f8e5520bc7b7e039665ad257154908288dc2833b1461ff331bf72657bb53fd42675677a62e31d042f1a8d97e7184d29d7efcb54d4c9c39615c245cfc48b483d416e7fa7c086a03551e459a58da4ede5d9eaffc047969d179f"})
ioctl$KVM_GET_XCRS(r3, 0x8188aea6, &(0x7f0000633000-0x51)={0x8, 0x3d, [{0x3, 0x0, 0x0}, {0x6, 0x0, 0xa817}, {0x1ff, 0x0, 0x9}, {0x80000000, 0x0, 0x2}, {0xd, 0x0, 0x81}, {0x200, 0x0, 0x401}, {0xf21, 0x0, 0x4}, {0x7fff, 0x0, 0x5}]})
ioctl$KVM_DEASSIGN_DEV_IRQ(r6, 0x4040ae75, &(0x7f000043f000-0x10)={0x95a, 0x0, 0x1f, 0x1})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xaf7000)=nil, 0xaf7000, 0x3, 0x4000000000000032, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000aed000-0x18)={0x1, 0x0, [{0x3a, 0x0, 0x0}]})
2017/08/11 22:10:45 executing program 3:
mmap(&(0x7f0000000000/0xaf5000)=nil, 0xaf5000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffff9c, 0xae41, 0x0)
ioctl$KVM_X86_SET_MCE(r1, 0x4040ae9e, &(0x7f000040d000)={0x400000000000000, 0x4, 0x6, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r2, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000")
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0)
ioctl$KVM_DEASSIGN_PCI_DEVICE(r2, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8b, 0x0, 0x4, 0x8})
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80)
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000747000)=0x0)
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x0})
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000af5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x8040ae9f, &(0x7f0000af6000-0x1c)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KVM_ASSIGN_SET_MSIX_NR(r2, 0x4008ae73, &(0x7f0000af4000)={0x8097, 0x10001})
ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000)
[   51.982507] CR3 = 0x00000000fffbc000
[   51.982512] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
2017/08/11 22:10:45 executing program 4:
mmap(&(0x7f0000000000/0xaed000)=nil, 0xaed000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000937000-0x28)={0x0, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000380000-0x20)={0x4, 0x1, 0xf000, 0x1000, &(0x7f000024a000/0x1000)=nil})
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000ae5000-0x48)={0x80003, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, &(0x7f0000aed000)=0x3000)
mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000aef000)=@pic={0x3df5, 0x0, 0x1f, 0xffffffffffffff80, 0x7, 0x6, 0x8, 0x9, 0x80000001, 0x5d, 0x81, 0x18ac, 0x4, 0x6839aa64, 0x9, 0x40})
ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000aed000)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000ad8000)=[], 0x0)
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x6)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000ae1000)=[@text16={0x10, &(0x7f0000aee000-0x78)="6766c7442400009000006766c7442402050000006664c73524068d00000000000f011c240f0866b80f20d86635080000000f22d80000000f23d00f21f86735a630000066b91503000066b8d400000066ba000000000f3067f36d0f3266b97e0300000f3266b9760900000f32f22e0f001d0f183f66640f06", 0x78}], 0x1, 0x40, &(0x7f0000ae1000)=[], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
[   51.982519] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[   51.982529] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[   51.982537] CS:   sel=0x0010, attr=0x0009b, limit=0x000fffff, base=0x0000000000000000
[   51.982549] DS:   sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000
[   51.982560] SS:   sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000
[   51.982571] ES:   sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000
[   51.982582] FS:   sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000
[   51.982593] GS:   sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000
[   51.982601] GDTR:                           limit=0x000007ff, base=0x0000000000001000
[   51.982611] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
[   51.982619] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   51.982630] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[   51.982636] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[   51.982643] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   51.982649] Interruptibility = 00000000  ActivityState = 00000000
[   51.982652] *** Host State ***
[   51.982659] RIP = 0xffffffff811b6777  RSP = 0xffff8801c3ce74c8
[   51.982673] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   51.982681] FSBase=00007f61ee55c700 GSBase=ffff8801dc000000 TRBase=ffff8801dc022cc0
[   51.982688] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000
[   51.982697] CR0=0000000080050033 CR3=00000001c411a000 CR4=00000000001426f0
[   51.982706] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   51.982714] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   51.982717] *** Control State ***
[   51.982723] PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=0000004b
[   51.982728] EntryControls=0000d1ff ExitControls=0023efff
[   51.982739] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[   51.982801] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   51.982807] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[   51.982813]         reason=80000021 qualification=0000000000000000
[   51.982817] IDTVectoring: info=00000000 errcode=00000000
[   51.982841] TSC Offset = 0xffffffe28e5b89d5
[   51.982845] TPR Threshold = 0x00
[   51.982851] EPT pointer = 0x00000001c3ba601e
[   52.014752] *** Guest State ***
[   52.014763] CR0: actual=0x0000000080000031, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[   52.014771] CR4: actual=0x0000000000002051, shadow=0x0000000000000000, gh_mask=fffffffffffff871
[   52.014776] CR3 = 0x00000000fffbc000
[   52.014782] RSP = 0x000000000000fffa  RIP = 0x0000000000000000
[   52.014789] RFLAGS=0x00033000         DR7 = 0x0000000000000400
[   52.014799] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[   52.014808] CS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.014820] DS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.014833] SS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.014847] ES:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.014860] FS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.014872] GS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.014880] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   52.014891] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[   52.014900] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   52.014911] TR:   sel=0x0000, attr=0x0008b, limit=0x00002088, base=0x0000000000000000
[   52.014918] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[   52.014926] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   52.014932] Interruptibility = 00000000  ActivityState = 00000000
[   52.014936] *** Host State ***
[   52.014943] RIP = 0xffffffff811b6777  RSP = 0xffff8801c322f4c8
[   52.014957] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   52.014964] FSBase=00007f115a74f700 GSBase=ffff8801dc100000 TRBase=ffff8801dc122cc0
[   52.014971] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000
[   52.014979] CR0=0000000080050033 CR3=00000001c4124000 CR4=00000000001426e0
[   52.014988] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   52.014996] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   52.014999] *** Control State ***
[   52.015037] PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=0000004b
[   52.015043] EntryControls=0000d1ff ExitControls=0023efff
[   52.015052] ExceptionBitmap=ffffbfff PFECmask=00000000 PFECmatch=00000000
[   52.015058] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   52.015064] VMExit: intr_info=800000fd errcode=00000000 ilen=00000003
[   52.015070]         reason=80000021 qualification=0000000000000000
[   52.015075] IDTVectoring: info=00000000 errcode=00000000
[   52.015079] TSC Offset = 0xffffffe28c4bc983
[   52.015083] TPR Threshold = 0x00
[   52.015088] EPT pointer = 0x00000001c399701e
[   52.026281] *** Guest State ***
[   52.026290] CR0: actual=0x0000000080000031, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[   52.026298] CR4: actual=0x0000000000002051, shadow=0x0000000000000000, gh_mask=fffffffffffff871
[   52.026301] CR3 = 0x00000000fffbc000
[   52.026306] RSP = 0x000000000000fffa  RIP = 0x0000000000000000
[   52.026313] RFLAGS=0x00033000         DR7 = 0x0000000000000400
[   52.026322] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[   52.026329] CS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.026340] DS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.026350] SS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.026360] ES:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.026371] FS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.026388] GS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.026396] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   52.026407] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[   52.026415] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   52.026426] TR:   sel=0x0000, attr=0x0008b, limit=0x00002088, base=0x0000000000000000
[   52.026434] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[   52.026442] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   52.026448] Interruptibility = 00000000  ActivityState = 00000000
[   52.026451] *** Host State ***
[   52.026459] RIP = 0xffffffff811b6777  RSP = 0xffff8801c352f4c8
[   52.026473] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   52.026481] FSBase=00007f115a770700 GSBase=ffff8801dc100000 TRBase=ffff8801dc122cc0
[   52.026488] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000
[   52.026497] CR0=0000000080050033 CR3=00000001c4124000 CR4=00000000001426e0
[   52.026507] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   52.026515] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   52.026517] *** Control State ***
[   52.026524] PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=0000004b
[   52.026530] EntryControls=0000d1ff ExitControls=0023efff
[   52.026539] ExceptionBitmap=ffffbfff PFECmask=00000000 PFECmatch=00000000
[   52.026545] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   52.026552] VMExit: intr_info=80000306 errcode=00000000 ilen=00000003
[   52.026557]         reason=80000021 qualification=0000000000000000
[   52.026563] IDTVectoring: info=00000000 errcode=00000000
[   52.026566] TSC Offset = 0xffffffe28c4bc983
[   52.026570] TPR Threshold = 0x00
[   52.026576] EPT pointer = 0x00000001c399701e
[   52.049399] Disabled LAPIC found during irq injection
[   52.049699] irq bypass consumer (token ffff8801cb0a4180) registration fails: -16
[   52.150656] *** Guest State ***
[   52.150665] CR0: actual=0x0000000080000031, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[   52.150674] CR4: actual=0x0000000000002051, shadow=0x0000000000000000, gh_mask=fffffffffffff871
[   52.150678] CR3 = 0x00000000fffbc000
[   52.150682] RSP = 0x000000000000fffa  RIP = 0x0000000000000000
[   52.150689] RFLAGS=0x00033000         DR7 = 0x0000000000000400
[   52.150698] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[   52.150705] CS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.150716] DS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.150726] SS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.150735] ES:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.150745] FS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.150755] GS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.150762] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   52.150773] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[   52.150780] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   52.150790] TR:   sel=0x0000, attr=0x0008b, limit=0x00002088, base=0x0000000000000000
[   52.150796] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[   52.150802] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   52.150808] Interruptibility = 00000000  ActivityState = 00000000
[   52.150811] *** Host State ***
[   52.150818] RIP = 0xffffffff811b6777  RSP = 0xffff8801c366f4c8
[   52.150830] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   52.150837] FSBase=00007ff45c85a700 GSBase=ffff8801dc000000 TRBase=ffff8801dc022cc0
[   52.150844] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000
[   52.150852] CR0=0000000080050033 CR3=00000001c43d6000 CR4=00000000001426f0
[   52.150860] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   52.150867] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   52.150869] *** Control State ***
[   52.150874] PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=00000043
[   52.150878] EntryControls=0000d1ff ExitControls=0023efff
[   52.150894] ExceptionBitmap=ffffbfff PFECmask=00000000 PFECmatch=00000000
[   52.150900] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   52.150905] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[   52.150911]         reason=80000021 qualification=0000000000000000
[   52.150915] IDTVectoring: info=00000000 errcode=00000000
[   52.150919] TSC Offset = 0xffffffe274368860
[   52.150923] TPR Threshold = 0x00
[   52.150929] EPT pointer = 0x00000001c3bbd01e
[   52.164539] Disabled LAPIC found during irq injection
[   52.241239] kvm [3276]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008f
[   52.241286] kvm [3276]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008e
[   52.241326] kvm [3276]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008d
[   52.241366] kvm [3276]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008c
[   52.241406] kvm [3276]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008b
[   52.241442] kvm [3276]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008a
[   52.241477] kvm [3276]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x40000089
[   52.241518] kvm [3276]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x40000088
[   52.241614] kvm [3276]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x40000087
[   52.241650] kvm [3276]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x40000086
[   52.249501] *** Guest State ***
[   52.249509] CR0: actual=0x0000000080000031, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[   52.249516] CR4: actual=0x0000000000002051, shadow=0x0000000000000000, gh_mask=fffffffffffff871
[   52.249520] CR3 = 0x00000000fffbc000
[   52.249524] RSP = 0x000000000000fffa  RIP = 0x0000000000000000
[   52.249530] RFLAGS=0x00033000         DR7 = 0x0000000000000400
[   52.249539] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[   52.249547] CS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.249557] DS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.249568] SS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.249577] ES:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.249588] FS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.249600] GS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.249608] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   52.249621] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[   52.249629] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   52.249641] TR:   sel=0x0000, attr=0x0008b, limit=0x00002088, base=0x0000000000000000
[   52.249648] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[   52.249656] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   52.249663] Interruptibility = 00000000  ActivityState = 00000000
[   52.249665] *** Host State ***
[   52.249673] RIP = 0xffffffff811b6777  RSP = 0xffff8801c1a3f4c8
[   52.249687] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   52.249696] FSBase=00007f115a793700 GSBase=ffff8801dc100000 TRBase=ffff8801dc122cc0
[   52.249703] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000
[   52.249712] CR0=0000000080050033 CR3=00000001c2f94000 CR4=00000000001426e0
[   52.249722] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   52.249729] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   52.249732] *** Control State ***
[   52.249739] PinBased=0000003f CPUBased=b699edfa SecondaryExec=0000004a
[   52.249743] EntryControls=0000d1ff ExitControls=0023efff
[   52.249752] ExceptionBitmap=ffffbfff PFECmask=00000000 PFECmatch=00000000
[   52.249758] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   52.249763] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[   52.249768]         reason=80000021 qualification=0000000000000000
[   52.249772] IDTVectoring: info=00000000 errcode=00000000
[   52.249776] TSC Offset = 0xffffffe263e9b478
[   52.249781] EPT pointer = 0x00000001c1b8c01e
[   52.271250] kvm [3276]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000023 data 0x66c900003b9a1043
[   52.274591] kvm [3276]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000022 data 0x66c9000089171043
[   52.280640] kvm [3276]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000020 data 0x66c9000000171043
[   52.289948] *** Guest State ***
[   52.289956] CR0: actual=0x0000000080000031, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[   52.289963] CR4: actual=0x0000000000002051, shadow=0x0000000000000000, gh_mask=fffffffffffff871
[   52.289966] CR3 = 0x00000000fffbc000
[   52.289971] RSP = 0x000000000000fffa  RIP = 0x0000000000000000
[   52.289982] RFLAGS=0x00033000         DR7 = 0x0000000000000400
[   52.289991] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[   52.289997] CS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.290056] DS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.290066] SS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.290076] ES:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.290086] FS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.290096] GS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.290104] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   52.290115] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[   52.290123] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   52.290132] TR:   sel=0x0000, attr=0x0008b, limit=0x00002088, base=0x0000000000000000
[   52.290138] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[   52.290146] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   52.290151] Interruptibility = 00000000  ActivityState = 00000000
[   52.290154] *** Host State ***
[   52.290161] RIP = 0xffffffff811b6777  RSP = 0xffff8801c1b274c8
[   52.290174] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   52.290181] FSBase=00007f376c0a7700 GSBase=ffff8801dc100000 TRBase=ffff8801dc122cc0
[   52.290187] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000
[   52.290196] CR0=0000000080050033 CR3=00000001c1e8a000 CR4=00000000001426e0
[   52.290204] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   52.290211] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   52.290214] *** Control State ***
[   52.290219] PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=0000004b
[   52.290224] EntryControls=0000d1ff ExitControls=0023efff
[   52.290231] ExceptionBitmap=ffffbfff PFECmask=00000000 PFECmatch=00000000
[   52.290236] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   52.290241] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[   52.290246]         reason=80000021 qualification=0000000000000000
[   52.290250] IDTVectoring: info=00000000 errcode=00000000
[   52.290254] TSC Offset = 0xffffffe25de975d1
[   52.290258] TPR Threshold = 0x00
[   52.290263] EPT pointer = 0x00000001da39401e
[   52.300594] *** Guest State ***
[   52.300605] CR0: actual=0x0000000080000031, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[   52.300613] CR4: actual=0x0000000000002051, shadow=0x0000000000000000, gh_mask=fffffffffffff871
[   52.300617] CR3 = 0x00000000fffbc000
[   52.300623] RSP = 0x000000000000fffa  RIP = 0x0000000000000000
[   52.300632] RFLAGS=0x00033000         DR7 = 0x0000000000000400
[   52.300644] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[   52.300653] CS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.300666] DS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.300677] SS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.300688] ES:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.300699] FS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.300710] GS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.300718] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   52.300729] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[   52.300738] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   52.300748] TR:   sel=0x0000, attr=0x0008b, limit=0x00002088, base=0x0000000000000000
[   52.300757] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[   52.300765] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   52.300771] Interruptibility = 00000000  ActivityState = 00000000
[   52.300774] *** Host State ***
[   52.300782] RIP = 0xffffffff811b6777  RSP = 0xffff8801c265f4c8
[   52.300796] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   52.300804] FSBase=00007f115a7b4700 GSBase=ffff8801dc100000 TRBase=ffff8801dc122cc0
[   52.300812] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000
[   52.300820] CR0=0000000080050033 CR3=00000001c2f94000 CR4=00000000001426e0
[   52.300828] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   52.300835] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   52.300837] *** Control State ***
[   52.300843] PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=0000004b
[   52.300849] EntryControls=0000d1ff ExitControls=0023efff
[   52.300857] ExceptionBitmap=ffffbfff PFECmask=00000000 PFECmatch=00000000
[   52.300862] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   52.300867] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[   52.300873]         reason=80000021 qualification=0000000000000000
[   52.300878] IDTVectoring: info=00000000 errcode=00000000
[   52.300882] TSC Offset = 0xffffffe25aa71b09
[   52.300885] TPR Threshold = 0x00
[   52.300890] EPT pointer = 0x00000001da09d01e
[   52.418423] *** Guest State ***
[   52.418434] CR0: actual=0x0000000080000031, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[   52.418443] CR4: actual=0x0000000000002051, shadow=0x0000000000000000, gh_mask=fffffffffffff871
[   52.418447] CR3 = 0x00000000fffbc000
[   52.418453] RSP = 0x000000000000fffa  RIP = 0x000000000000abf3
[   52.418460] RFLAGS=0x00033000         DR7 = 0x0000000000000400
[   52.418469] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[   52.418479] CS:   sel=0xb866, attr=0x000f3, limit=0x0000ffff, base=0x00000000000b8660
[   52.418491] DS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.418504] SS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.418514] ES:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.418525] FS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.418536] GS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.418543] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   52.418554] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[   52.418562] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   52.418572] TR:   sel=0x0000, attr=0x0008b, limit=0x00002088, base=0x0000000000000000
[   52.418579] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[   52.418587] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   52.418594] Interruptibility = 00000000  ActivityState = 00000000
[   52.418597] *** Host State ***
[   52.418605] RIP = 0xffffffff811b6777  RSP = 0xffff8801c1b4f4c8
[   52.418618] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   52.418626] FSBase=00007f376c084700 GSBase=ffff8801dc000000 TRBase=ffff8801dc022cc0
[   52.418634] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000
[   52.418643] CR0=0000000080050033 CR3=00000001c1e8a000 CR4=00000000001426f0
[   52.418652] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   52.418659] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   52.418662] *** Control State ***
[   52.418668] PinBased=0000003f CPUBased=b699edfa SecondaryExec=0000004a
[   52.418673] EntryControls=0000d1ff ExitControls=0023efff
[   52.418681] ExceptionBitmap=ffffbfff PFECmask=00000000 PFECmatch=00000000
[   52.418687] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   52.418693] VMExit: intr_info=800000fd errcode=00000000 ilen=00000003
[   52.418698]         reason=80000021 qualification=0000000000000000
[   52.418703] IDTVectoring: info=00000000 errcode=00000000
[   52.418706] TSC Offset = 0xffffffe2503029fb
[   52.418711] EPT pointer = 0x00000001d755801e
[   52.430796] *** Guest State ***
[   52.430806] CR0: actual=0x0000000080000031, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[   52.430815] CR4: actual=0x0000000000002051, shadow=0x0000000000000000, gh_mask=fffffffffffff871
[   52.430819] CR3 = 0x0000000000000000
[   52.430826] RSP = 0x000000000000fffa  RIP = 0x0000000000000000
[   52.430832] RFLAGS=0x00023000         DR7 = 0x0000000000000400
[   52.430841] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[   52.430850] CS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.430862] DS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.430874] SS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.430891] ES:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.430903] FS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.430915] GS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   52.430923] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   52.430934] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[   52.430942] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   52.430953] TR:   sel=0x0000, attr=0x0008b, limit=0x00002088, base=0x0000000000000000
[   52.430961] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[   52.430969] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   52.430976] Interruptibility = 00000000  ActivityState = 00000000
[   52.430980] *** Host State ***
[   52.430988] RIP = 0xffffffff811b6777  RSP = 0xffff8801d744f4c8
[   52.431006] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   52.431041] FSBase=00007f2c9333d700 GSBase=ffff8801dc000000 TRBase=ffff8801dc022cc0
[   52.431049] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000
[   52.431059] CR0=0000000080050033 CR3=00000001dab3b000 CR4=00000000001426f0
[   52.431068] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   52.431076] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   52.431079] *** Control State ***
[   52.431086] PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=0000004b
[   52.431092] EntryControls=0000d1ff ExitControls=0023efff
[   52.431100] ExceptionBitmap=ffffbfff PFECmask=00000000 PFECmatch=00000000
[   52.431106] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   52.431113] VMExit: intr_info=800000fd errcode=00000000 ilen=00000003
[   52.431119]         reason=80000021 qualification=0000000000000000
[   52.431124] IDTVectoring: info=00000000 errcode=00000000
[   52.431129] TSC Offset = 0xffffffe24c410bb9
[   52.431133] TPR Threshold = 0x00
[   52.431139] EPT pointer = 0x00000001d770801e
[   54.804107] CR4: actual=0x0000000000002051, shadow=0x0000000000000000, gh_mask=fffffffffffff871
[   54.821632] CR3 = 0x00000000fffbc000
[   54.825709] RSP = 0x000000000000fffa  RIP = 0x0000000000000000
[   54.831996] RFLAGS=0x00033000         DR7 = 0x0000000000000400
[   54.838271] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[   54.845263] CS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   54.853520] DS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   54.861801] SS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   54.870139] ES:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   54.878439] FS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   54.886754] GS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   54.895118] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   54.904271] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[   54.912672] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   54.921056] TR:   sel=0x0000, attr=0x0008b, limit=0x00002088, base=0x0000000000000000
[   54.929419] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[   54.936173] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   54.943938] Interruptibility = 00000000  ActivityState = 00000000
[   54.950476] *** Host State ***
[   54.953951] RIP = 0xffffffff811b6777  RSP = 0xffff8801c39874c8
[   54.960231] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   54.966953] FSBase=00007ff45c87c700 GSBase=ffff8801dc000000 TRBase=ffff8801dc022cc0
[   54.975119] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000
[   54.981292] CR0=0000000080050033 CR3=00000001c43d6000 CR4=00000000001426f0
[   54.988597] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   54.995755] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   55.002154] *** Control State ***
[   55.005896] PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=00000043
[   55.012863] EntryControls=0000d1ff ExitControls=0023efff
[   55.018585] ExceptionBitmap=ffffbfff PFECmask=00000000 PFECmatch=00000000
[   55.025790] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   55.033540] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[   55.040492]         reason=80000021 qualification=0000000000000000
[   55.047154] IDTVectoring: info=00000000 errcode=00000000
2017/08/11 22:10:47 executing program 6:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000e13000-0x4)=0x0)
r1 = socket(0xa, 0x3, 0x3c)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000abf000)=0x104, 0x4)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000d58000-0x4)=0xd08, 0x4)
setsockopt$inet6_int(r1, 0x29, 0x4a, &(0x7f0000ef2000-0x4)=0x800, 0x4)
sendmsg$unix(r1, &(0x7f0000210000-0x38)={&(0x7f000055e000-0x18)=@file={0x0, "0000007f0022ff02200c000000bcbb5b340100000000"}, 0x18, &(0x7f0000d89000)=[{&(0x7f0000b2d000-0x33)="9658bf23a09c205351c351be861d27993dfef2bb0fc027bc1a76526dfc272050a38c5fd4b3aed49d1ad0e55007ed7f4b446f45feceeba5ff34c853eabc6238f57630d09a8ca6b389eb22235e299ebe17023cb67af0733748ca2ac4a68e5d4135c7d3c3c5e1851ccf750283a437f3f69b285f35960d09ae38446346cf0d08d76b2258055681e9cc9be46a771720c4774224129472d5087be14ca61093cbb598965ea4ba6aaf094eb0d02fb6738bc06cb6592a31adc5216f", 0xb7}, {&(0x7f0000040000)="b2f2c04a3444d596fac7389468db10f21365674148eac8b7c21aff8f18cab0af4616304fe7badb61315fec195e97973ac6ca6de4edd8ee5aca643496b3d42929990dced3dc3774c586555ad11cda336e349cc5b0c5496688ba9bf876a9c47d905e0bb919f79b1c4f85eb338ee8ae2bcfee0174e5dc868d8f54d02d6b8821e5f70f910f67a4a966f501dfbfb31ed0c4fc5d402b0bd012e07b368dc94ebca8eb49564e1f24ae283f075c653cecc31e8e7fff09ab3287f0b5a0c1cd68bc0588943ac30667b8b543d086ce8dbb65cf8f15f90fbf06ac4bd75a271635c8dfbfc72094a7108b", 0xe3}, {&(0x7f00000f3000-0xae)="1cdd3efa5c1f65adcecc728d461fb328a5d7d6c2d968cc47f6ed327bcfcf293529cc0415450aafdd5d8c2051ca027df85e0c5700b260f626ddd49f9fa974bdd1814511ea86ae15beb2a20ae6b7028ed03b3c44b0ca3345f47f66fd076f05142882da9c8ba16cd9f5b39fc1e417994ab64bc1a6537b2696e45fdfd1332ba833a915527dc2aa28c3d8292659069b0937048143f1a28f50a6f253ac89a7b87f976b71bfe9c2fabebb7bc327ccb3c5ff", 0xae}, {&(0x7f0000eeb000-0x84)="2d4ec37b92b5ff4eab6c3334ccf9de88d5d9cf85875441da336e4ffb22d3b7aae8ea3edf238c6980e636c453bb91b2b8c3f208df7f324b6586a0e9cfbb96e1a62232c80a6f4090a039f18be313395927085e853796e3c6059098969c7847a2e488ba619b75a28f386fcc3b839da75b7bf9cd5f67705523c889d87d62798d12d3224de11a", 0x84}, {&(0x7f0000307000-0xb3)="cf19dcc8836f2077d8384aef691274b2f09f1d2756a5b53b46ac1c575d7596c0513ea06af2b73b8b9ffc4da997abcc91756714224da01f13508be873e9f629ed30447e84550e2e8c19a94ac720191df45ff6c415e1968c5ad809ee597541c1776a68636e5c5039268a6cbdc0917780a6d961d0a6559d9623e7558891fba8eb3ac4c5289837275f61bcf8185866c49712f5edcfc470884d536a2e91406e397650bed4e655629f5914ba2de09872450674c51924", 0xb3}], 0x5, &(0x7f0000e4c000)=[], 0x0, 0x42}, 0x4000)
pread64(r1, &(0x7f0000883000)="0000000000000000", 0x8, 0x0)
ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, &(0x7f000005f000-0x20)={@generic="d1348d57cdb695541eea4be93e9e8df3", @ifru_addrs={0x2, 0x3, @loopback=0x7f000001, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}})
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000dd1000-0x4)=0xc0, 0x4)
ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f00004b0000-0x78)={0x1f, {0x2, 0x2, @local={0xac, 0x14, 0x0, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, {0x2, 0x2, @empty=0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, {0x2, 0x2, @empty=0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x55, 0xbe0, 0x6024, 0x80000001, 0x7f, &(0x7f0000b65000)=@generic="a19eca00c1213f05f8ccbcca84a99dfe", 0x4, 0x5, 0x8001})
setsockopt$sock_int(r1, 0x1, 0x23, &(0x7f0000181000-0x4)=0x80000000, 0x4)
setsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f000076f000-0x4)=0x2, 0x4)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000a7d000)={@syzn={0x73, 0x79, 0x7a, 0x0, 0x0}, @ifru_addrs={0x2, 0x1, @broadcast=0xffffffff, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}})
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000ec5000)={{{@in6=@remote={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}, @in6=@empty={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {{@in6=@empty={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x0, 0x0}, 0x0, @in=@multicast1=0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, &(0x7f0000bf4000-0x4)=0xe8)
recvfrom$inet(r1, &(0x7f0000fe7000)="000000000000000000000000000000000000000000000000000000000000", 0x1e, 0x40012000, 0x0, 0x0)
getuid()
ioctl$sock_proto_private(r1, 0x89e8, &(0x7f0000118000-0xff)="7853d48203dd2c9949c2aa98371de8f7ae4e94251c72c2ff780021bed4e45fc42ad31aa5fef2b982e45c47cc6b3e587fadc27c2054770189c007f13753e3534681d83e4a9ae47448af00d02fcd678d90eb7fa5a1fcf2534c8c9af8363614e88cb4041f5627069223f541868a36d9509d216414ba791975d1061a6b7ada2d907fce3823c71190c81ef81a15eac13937672cd308c982f6eaf6964a0d025cf4b6681ad3f4d90be4c4b1d4ae5c45a033998b183c39280f38560bb905cc8906b41643bc1242863b50f8a90abbb0f1ab346e7ae2e9438c98e1c9337efe5a98c84d4d82119be732be066e0067f7c783bd8833d2a311dde26a18948e359a95cb183aa3")
getsockopt$inet_buf(r1, 0x0, 0x24, &(0x7f0000e51000)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", &(0x7f00007d0000-0x4)=0xd3)
2017/08/11 22:10:47 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xde, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x96d000)=nil, 0x96d000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x1022, &(0x7f0000088000/0x3000)=nil)
mmap(&(0x7f000096d000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f000096d000)={0x2, 0x78, 0x9eb6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}, 0x0, 0x3, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000369000/0x3000)=nil, 0x3000, 0x200000a, 0x801e, r0, 0x0)
mmap(&(0x7f000096e000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f00003e8000-0x8)="2e2f66696c653000", 0x10)
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x1000006, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000923000/0x2000)=nil, 0x2000, 0x3, 0x32, 0xffffffffffffffff, 0x3)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_ifreq(r2, 0x89f0, &(0x7f0000853000)={@common="73697430000000000000000000000000", @ifru_map={0x407772, 0x0, 0x9, 0x7f, 0x30, 0x101}})
perf_event_open(&(0x7f0000ccd000-0x78)={0x2, 0x78, 0x9eb5, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x1fffffffffffffd, 0x0, 0xc9b, 0x0, 0x0, 0x4000000000000, 0x0, 0x10000000, 0xfffffffffffffffe, 0x0, 0x0, 0x200, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0}, 0x0, 0xffffffffffff42f8, 0xffffffffffffffff, 0x200000000)
mmap(&(0x7f0000000000/0xfee000)=nil, 0xfee000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000804000/0x2000)=nil, 0x2000, 0x4000000000003, 0x3f, r1, 0x0)
r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000b1b000)="2f6465762f73657175656e6365723200", 0x40000, 0x0)
unshare(0x440)
r4 = timerfd_create(0xffffffffffffffff, 0x800)
timerfd_settime(r4, 0x0, &(0x7f0000017000-0x20)={{0x5, 0x0}, {0x0, 0x5f6c}}, &(0x7f0000010000-0x20)={{0x0, 0x0}, {0x0, 0x0}})
socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000d08000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
mmap(&(0x7f0000fef000/0x1000)=nil, 0x1000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)
timerfd_gettime(r4, &(0x7f00001db000)={{0x0, 0x0}, {0x0, 0x0}})
pwrite64(r3, &(0x7f0000b32000+0x94a)="9e23a36c30229b3520995b63954a250adde560650792ccac78e6a8d14bbcb1a55012da578793d84dc5e618fe4b2ee57dea515fccb0aceef2a7192892d416345c5afe25a01d6fe415d08a5209af0de924098fae9f163eacef6cec50d3d4c4f0be0e4da94972339afe7c974432fec2f134543e3d4f3481b5fea091647dc1575589dbebdf9fa85d34b5e65ffc53645b1b656b6d4d841da203ec6fd9d8a6e4f5", 0x9e, 0x0)
readv(r1, &(0x7f00000c1000)=[{&(0x7f00008a6000)="", 0x0}, {&(0x7f0000018000)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", 0x4e}, {&(0x7f0000018000)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000", 0x2a}], 0x3)
ioctl$void(r4, 0xc0045c7f)
mmap(&(0x7f00000d5000/0x4000)=nil, 0x4000, 0x1000002, 0x40010, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000a15000/0x1000)=nil, 0x1000, 0x1, 0x1810, r5, 0x4)
mmap(&(0x7f0000000000/0x88f000)=nil, 0x88f000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
socket$inet(0x2, 0x8, 0x20000000)
2017/08/11 22:10:47 executing program 7:
2017/08/11 22:10:47 executing program 5:
mmap(&(0x7f0000000000/0xfc8000)=nil, 0xfc8000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000000000/0x4cc000)=nil, 0x4cc000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
mmap(&(0x7f0000481000/0x1000)=nil, 0x1000, 0x2000000, 0x32, r0, 0x0)
r3 = accept$inet6(0xffffffffffffffff, &(0x7f00004d7000)={0x0, 0x0, 0x0, @remote={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}, 0x0}, &(0x7f0000000000)=0x1c)
mmap(&(0x7f0000000000/0x6e4000)=nil, 0x6e4000, 0x4, 0x31, r1, 0x0)
mmap(&(0x7f0000207000/0x1000)=nil, 0x1000, 0x3, 0x32, r3, 0x0)
mmap(&(0x7f00006e4000/0x1000)=nil, 0x1000, 0x2, 0x10010, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000fc8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
bind$inet6(r1, &(0x7f0000fc8000)={0xa, 0x0, 0x2, @loopback={0x0, 0x1}, 0x9}, 0x1c)
mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00003c0000-0x1c)={0xa, 0x0, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xaa}, 0x40000004}, 0x1c)
mmap(&(0x7f0000000000/0x11000)=nil, 0x11000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000011000/0x1000)=nil, 0x1000, 0x200000000000003, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000fc8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000fc8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000fc9000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000fca000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
accept$inet(r5, &(0x7f0000fc9000-0x10)={0x0, 0x0, @multicast2=0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000754000-0x4)=0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
listen(r1, 0x800007)
mmap(&(0x7f0000011000/0x1000)=nil, 0x1000, 0x2, 0x32, r2, 0xffffffffffffffff)
syz_extract_tcp_res$synack(&(0x7f0000402000)={0x42424242, <r6=>0x42424242}, 0x1, 0x0)
mmap(&(0x7f0000fd5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x3b, &(0x7f0000fd6000-0x3b)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x0}, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x0}, [], {{0x800, @ipv4={{0x5, 0x4, 0xa2, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x6, 0x0, @remote={0xac, 0x14, 0x0, 0xbb}, @local={0xac, 0x14, 0x0, 0xaa}, {[]}}, @tcp={{0x1, 0x0, 0x42424242, r6, 0x0, 0x0, 0x6, 0x2, 0x2, 0x0, 0x0, {[@sack_perm={0x4, 0x2}, @generic={0x2, 0x2, ""}]}}, {"f6"}}}}}})
mmap(&(0x7f0000fd6000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_extract_tcp_res(&(0x7f0000353000-0x8)={<r7=>0x42424242, <r8=>0x42424242}, 0xffffffff7fffffff, 0x1000020000001bb7)
mmap(&(0x7f0000012000/0x1000)=nil, 0x1000, 0x1000000, 0x8013, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x5f, &(0x7f0000b33000-0x5f)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x0}, @remote={[0xbb, 0xbb, 0xbb, 0xbb, 0xbb], 0x0}, [{[{0x9100, 0x1, 0x400, 0x1000}], {0x8100, 0x7fffffff, 0x3, 0x7}}], {{0x800, @ipv4={{0x5, 0x4, 0x0, 0x0, 0x49, 0x0, 0x0, 0x0, 0x6, 0x0, @remote={0xac, 0x14, 0x0, 0xbb}, @empty=0x0, {[]}}, @tcp={{0x1, 0x0, r8, r7, 0x0, 0x0, 0xd, 0x10, 0x0, 0x0, 0x4, {[@nop={0x1}, @sack={0x5, 0x1a, [0x979, 0x401, 0x2, 0x20000000000002, 0x4, 0x0]}, @mss={0x2, 0x4, 0x5}]}}, {"0c"}}}}}})
bind$inet6(r4, &(0x7f0000b95000-0x1c)={0xa, 0x2, 0x8, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xaa}, 0x8}, 0x1c)
2017/08/11 22:10:47 executing program 4:
mmap(&(0x7f0000000000/0xf79000)=nil, 0xf79000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
mmap(&(0x7f0000f79000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
bind$inet(r0, &(0x7f0000f79000)={0x2, 0x3, @local={0xac, 0x14, 0x0, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x10)
mmap(&(0x7f0000228000/0x2000)=nil, 0x2000, 0x100000000000003, 0x13e, r0, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000f7a000-0x10)={0x0, &(0x7f000074a000-0x8)=[]}, 0x10)
connect$inet(r0, &(0x7f000023e000)={0x2, 0x3, @empty=0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x10)
mmap(&(0x7f0000f7a000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
sendto$inet(r0, &(0x7f0000de8000)="cee11ef15085ec23c2cf26c88a2a5755d1cd6c19474597cad3f47a8435ac9e0fb4e509a57944ff8593e0b315b6de909ead8897f320c9d7c878e072c8d50cecc14d5ba6a23b2e717e7972c8c97e12380d88406c5df3d7e96b29c1170e2fb5c5c020861a22dc5f81d391556e277865a1864f5eaffb3925d02fb45297b7fa78f1c76cf1640d63b6c30fcc4a7b2eabb9a14b30514c76105a35ab7a73dd2779135b72dd03d152b564565eeba4c3655f5237bb41b6f6ffdf5d0dc15b0ce9480adbfeaf69d42cb4e0ecf2a6eaa88962e510f67d19c46776570a30e428bbc54368ca9d45130d6e211d6754df3ee70099eddce9d0e17d2e24518c40125e584ac19486cce99d4a3ecb386a37b8b7a185a16a2733c383d5ea218b99f8e632ed504f087e70b4eedbe3840617c5d0a83b07aa24d58ad1a3d233e0f823cdb96c6b39374950c367addb3417637b377eadabc5c0155b37224c641bd5c2c4ccccd05a8ff837115fde1fbd8b8980614c3c327b172fef6fe52118529e2b8a30df1e3b003bac3ccf91d71a1d14e2fa07bddc0c89a4d15f686cb43357f3f0fa740d6d519dc3c63e54d969467f543d0e3ca7870c7fd149a13f3c730c1abf5b880e50204a99003f792396e6c4fef6526e56d2732be8d8733f4acb67169166e3196e8995e0db05e4db81a6801bc326f48997a81aa9471f908ed69b4604dd061f64d162cdd44d36baea2f6bfb15fa0ac9ff91c69ff3ce9b460838862021d9e157d218719d6388e2ba81220f98bb738713017dd2ee9ea82c24164861ce352c1748bc564e16fa7267713f342fd4174dc24f8c03646293f89eb36033f094946c18956e86053159086994d2a88d06036a556c5baee78f9cf6221a228f6631ab8cd7d2cf172b2031ac004cdb8d7f9a0621f7186f89b672feef16f28bcd6e3e60b11035abd2cf36bd7f517add4b2aba10d9fa2f1e6cf286df196742d8766262aab2dc4714f8a8d149238d01ff66005df9263d9cbb09e2e276b8c078a51ba9e54573fa30783e8687c5c2a0d2eb301237597b9fca9adc7d56e05c0ab09e7cccd6d1683a364fbf43238d876e98a4ea49784ad62fbc83bb2f4e7197b2960c21eaacb10cfaea270d5221acdc16a62106e7eff54e8ec143c5bf5b45eceac7ca789f295d22e9df1e3262fbaa64eb95efb38d75dba34d35af11368dfefa0c544d28051152457114dbcc16c2baddba323a2d1c8eded3375100a63ebcd2dfa9d3bc056c10dbee8ce00654951a7cec462a989243540c8f11ddea94e8d45b39572422665f226c3902f03b3d4223de382760424e341b1a95c974b0e3517de2824066d6146d761e2cafbcf3eb39c2e16f119e5338548120353c5da96134da4c60527c70e58718af9852c7cc9a281ee2b265fd4836f2c3035955f437361b93106a94ff3b58e5458e4c6c993ea74acff3a422490577e6125626a54973f6474fa25fd010d7e15d55930a32b8cad4db79e772d72cb9a308afaba85f6841fa807e0a845056f1ec6efe815b32a730cd5b9f374ad1c64871f8bbed83167277c64c0b42c9f5796b8af99253e2c3b20612de0ada35b5f684b8241a0b5c0f70a5a16c0a905623c26bc04d3e67bf2a0a6a7143a244b5992bf6cb9e278362028d5dd84333c2a9115c72fa61788124d7cd3339abe346c3aa9759523b76702f888ef49f9fd61c7cec879333e2c987322b37fbb514aa864b17120f631a71e074980a6bdb7ad5b9038a342eb969000ef7080b75d58166874cad2e0aef7f8e39a7b0c150830d260df8a4f0cab6755375148f01c6076cd81262e4714a6512f61e897c8a06312e2ae85ae6fbbf67da90c5326eba411bc890723060d076d73e577cd0a6edc2acb65232a7ea7c4762894d22a5d9d7a7c7814641aa563c870323c77a2025cc84ad233bfc41fb6f421548ca2427ba6631bae9d993b1619964b4034468829e476d356050a28dcbc1186f65d6270646367ef7c318e6a7fc44c953b0428cf6816dcf29cd898f2f7d64a396f5fb4a6d4220bfbfd4ed98ad3e000fff703c1cce5987df69c6aadd5218f8c05e638dbce143635b0a625ab3d6af26b4b0c2c19cbf842bde3971e789301fd3187c74f65f6d559e5f00f5f6c1002e23c6710e768f1fd4f2a05da9dc9fde71d0946912ecc73b97ecff92a6ec5f3458e73ffed28fe83e883fe417854e5a52c9bb86b7db3122ce4570753ff40f9afaf9393414e9fac50190171b76f514f0c5add1b5feefeef0ce987388eacb980498a433b23a268ca77899110dc25a92b0d5a992946c48b214e6ba6474cf7c16df1e8a00e629279ef0c9702d5d78098c3864c1397ac10a974e9a3b681b49af48c379b98465211e107e866e8830fe76cd9c37fded313752319ebe9db23b2ac905d460f5c6d59b51e27f61dfb9e60bcb16b68d27a98b0991c31edf815f99be74a1df92499cb1e4796fe9cb52e805c814f2b0d7991be702ef2981c6c9ee9d21dcb69c235b159fb7a4f85961fab377a234b8a0d35ca01e27e98f9a67ed082c4b40f09f4a75ca22cfe0821b50ca8b8b9f68c3694bbcec1b22c75ac2137683f5f9c20c9a7165d91fa128bca5bbd9b14bf014ae13252f27f39d15f8f1ce0d05ed9cdd7c619ef3b7c0348d2996a090e8f69511d891a9886fea278d9ca0367a60197a9b6cf59547f3f8a762673b9071c096a2fa6571c61a4a68c0b9edd05f83b24925097cbc99343811b9198768f488fd15d19be1efadf500e7ee6e40b5575e154fb245b778f37385f054fecc51c48b22605e66c546d0cf38db1d66750a39c71173d0e55ec818268b5e8e4dfa46bc27ee95fa0f162eaa54620b17baa0753002d0e0c8e1fb9aad1c626e98447b1f033499176bab6be61987ffab94b3ee659b81ba734b8fcd65ded36ca08e64065ef3eecd72f2f51e43b7433528865d9d645eb42696eef91c991872709ddde36419463e54bd67e04c3cb9457e5593978829fa5938b141e7d6ae4148f5990114a517c6c1ad6297797c5bd26e8821d32054642d8c8f7b9d82700dea90c86ebcb775db29765e789ec9f5bfbe51cdabd3d885358100e7008bb194606bff4e5f52bb7fee60769e293e39f9416a6ae93701a70955006710e7e16aa07994e0a83a0e7a16b94f686bd8a944f68c218608f1390613b30b29fff2dc7546e4d1d1b66103bb563f7b67248a7d5d1ec28952a14d69269b95812542374442d290e72fb98329283926e4b833cf56967e32989a4d99c0c9e33abdb56fc3e17080cbdbe05c9bfd76324f455468c63e62465a8c885f75325183e6df53888be694d5b18d54f41aa2f54668b647b9eeaae1aaf433345a728c07652ae334dc769a1e7c6f98cfe436f98bf0e924add1dae6f987a90be2671d8290ae0c04ceedf9a38719c7d19d915802563ba52eb9182ee460ebbbc9d7abea3617798852ad6c573baa63672598706fd4907d400e324cd7143ac5ba8f93f2ec754aac4dfb66633b06bb9b9834212b1dc42a3daae5e85ea6f8b9fc490204cad0c7ab1a4d33af81e67316398cd3157eb054a042a324ccbfa1ec42e70cfe1c39771bf08cb5c22eb04993f91ab8f6c2635a66f08e901d7e3b14d226328086e817a7f269de9184fa08e5140d0e72a61d8ba2988d1ba7c5e015cd2aa6b7509b13bb7a0173816c1656c738ac9d2a5e8118e7edc32c97400dcde8829afdc27f05f05f0cd5426b776b872782cfa67b571195a2f2b70827685f7c4c4722050496f7977b78e9e7f08c6bdf211d69b35f657d7783f58189eea2fbd240e0eec2cbd10a06c617b59fba9a59544f072800fa042e3a7489ce9a31c0c7a76ad33887e61dada3ed03065cba789a46e48dbeebe80603852cf4001a61720ea9c8fab583176e06bd43fe3e198f6b377463fb2869c7e7d9cb7287873d8744c3922820af69d6f8dda1c05288d9d6c3a40bcc4b5381a3520c4d7b8b329bdfed2c6157ef838d3a8422e0fa650270468ef72d661c7f72a0c7602e23252208232dfaf0d2b12a0b9a30f8af0fc5a9ab4027d1c4d2f243708b88215175be3558b2fcd33be04495ca60b4b1226550135fc1186550042cc46d8daaafbf7388340e684f309e577e184ed914f25f2e63bc9b42e51ece402db8a2d1df76533278ef1c3735e0d3a5607fb00deceddcedb546056fcdf5835d2774c4735925fe21680cfc0871e11343fae8d2f52d3888ad019033c514f5a31d04f1b4f77eec91d9e78ff746df266c21ca874594f4e96aa3af84ae276641fca26c82ce4ae80b971546547abebe254fa3475c132590be85b5a89f01c5d9f130e963cb13d1fb904d1095e2061ae5f5f0e3e185183b33e5ff39f1d6dfe8db53909d5eaa1e256fa64dfdbe903f1a2c7655d45ed67bbca2cb2bffebd13d5556dd7cd746c864976e45765f6365eb4e65f39165bf352a7d8aa45bc990afc20e752a8385743eb0825776157ccc41a2efdf97a164d752f6ed1493c66665f212a0ed4938846c8c27c07f317e01c6f1d74307c5339c6ad46ff36cf332ce33ec70894e8ca80c51fdaa0f8e04d5cab1e2de457c9bde06f82437447949840bf6aa777373f8099513a0632a06c2da7a6409b79b249041eb400af54bee16680ac3cf8084b1be47898a7ee6ab116c6c5f25387351223881dc912e4ea054efd1aecae50f1418137557cb48561753cb330e8343d0c18d805c0321eab2307e9e7e5117f19d7fb52cd97ea2cc6e1f3eb911f3390b3751f7841c8b52e2c28d2c2cea4c3cd81fab51a1da51fcc79d62966e3db38628588119e8059c86af9e5c740f06c9e83d3caef271c0dcb940d87c89d720e7fc2b8fb03ad7827308027834a537707a7e3c8830e70dfdbee44af2be4e43b6ec886e15409ade1ceaaf772757b92f4043aa7231ff14cb9826dfdb5ff715be68f0038c9f6d5c896deda21c5e5ec0b16a26de10a4f6abcca00aca65b2e1f338bc0c3f0513c7a4125088ae6179771c66f13e36004b9dbaf3d06ea3e2dbd5c14148e1fae006b6648563a7093b8cd298ee5922a52aa74146a696a85055a2a7c553103abbc6ed80f62b56703f9e3e834fdb78349fb608e5b6309e61f5d6e1311d107865e10f377ca5214da405e7606208a85cc078e8329e93f426890e212caa98c44130a1b696ded1a14422ad10ec2e211b23e65288ee317249d2686799819aedc21f9bacef5821a4e354a162d27c0c62881011bddb146a04cb75e01e2727e7daf3352f0bbe57b4a73de15b95600795897a42a1bdc5c46b1d16b562b2130e959c308fa4a996c097f2a531585b0a58e99c7088f9a0c69a1597e00ee12b529fb6d5d52d36678000838d4c31785dc153c674b99e22ff52a50111dc97bc15d522f9a99a67b82f0e435363ee8f3b4313d548c8f30f7ccd6a6954420c91b5a5b34a1bd76eb80a04846f23dd24ac8ecd87991bf14a5e07e4333a617900c06a10a3c845462a56dd3e57522c75f81cde6beb22cf47851a3c356193e93bedaad822ec9272ce750881f8ec3955d714d0b8b85cc181996a720c15b0cbaef146f80f6b032840fa542aa729234a7bb2ce4df45319caff386b14368c496e0d4d7e61f66dd0f1bbc5747c491df52d0cef2057c8c2e0b45414c43f71072a6aa855828fde2332c39d04c72dc9ca1547de5423b33c12516f83a4a2f977e1e545b308b382eb993487e2c0bd5884242f76d5ed195316e3a48644ed4550ac73f0b0e8918b001000007fa1092ba5279114923fdf2dc746333c2cdb29eade122a600d571ffc146f16a30aea0731e413096dd8c5deaffa33d204110acc4194961ba97a1af07d2f77f47f698c53ae579e0cf8fbde", 0x1000, 0x40, &(0x7f0000f7b000-0x10)={0x2, 0x0, @loopback=0x7f000001, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x10)
mmap(&(0x7f000098c000/0x2000)=nil, 0x2000, 0x3, 0x1c, r0, 0x0)
mmap(&(0x7f000040c000/0x1000)=nil, 0x1000, 0x3, 0x1010, r0, 0x4000000000000)
writev(r0, &(0x7f0000da6000)=[{&(0x7f0000575000-0x1e)="a1e60fc98fc2b396ceb294a58aaecef64964928a8988d686d63fae686ee3", 0x1e}, {&(0x7f0000e1f000-0x91)="0f37bcaf6356c637e54fb1c1342150ebc8ca8991bcf95c77182b90cbd9cf8412cfe7446dc651d36c0ba450347f806cc528141cc750fcaa7664448da2b9833a1e47b2bb643e1ddc9d45e9e802e4af4e349ddff0ea2698233c4b0295c836c5d516c64f7d00f326bd56206ad4b2b64e5737262031a627f686f859340e2648deeb03110b1f62b2ae87ea3dbd06a1795aadc365", 0x91}, {&(0x7f0000a26000)="049f2939b15cc445eb9bce07ff19e31079cb2f2c9461cc0dc5bf7086bfd331f35154959ef63f83d946a903b3dc635fe57a5128e15897883c4a25b90e675b94118bf890cdc4661e9c778126ff863edbc638c5547daffc67c34b8574d5e00900433ec8aeec473527349d738418a459582ca1ec92d93bd94f4d4ff10480815e336ce60dfd8f3005230fcf4efcb0e6c24a85b25598c7660331cdecca6b2163a55a1ad194580986cf0bfef1179551286f8250a5dab9934cd85f584acb8378292cf92331d95328e38a0d68e864a37999f5096513660fd34aa2d3b3139951d1d89ac7ac50bef5ae4a38d854bfa9697969560c0adfe431632cce033e87796ce75c7666df070048764d21a91cc6d0d707738294f9f080f836198a2317baedc7fa83d1766fe2a5b8320df0f0f374181290ca18ebeaaf1a045b0028a43310852c8d7d2d50ef48b0e97dce9e4fb13a607f0f9790962a03ea955ec2d8c5c94439ef0c6311dd88858412553a315a4d6370f7223fc18b0bdcf81ed19c68fdf1c048ceea626ae9af48150f5193d9e9375bf66a4dc46c324b41a0772ee9665053998bf76a13979e0ec1bdadb6684c12fb5caf7d01ef1539ffa580624f52ea6196877aed1b28671deabf894b2142e4a9f167828833db80f23009808b155d05dbf630b2ee35369251817d3ff7daad1a26e583fbdebf972a6d33b7f50e292ecaa49d7cd3c630ca6501826e2355d41caf0922863935d0257a520325f0e94a5afc70debaa5c0c12d0ba6d144f315c149df6039dd096bc8eea98ecc904d7a6be95c4727199549b8b7c09ee344e3292aa3df13a7441ca58f402bb43b2c06b68af6294b1317f1dc2e6342f99bc92d2347ba871db0641341ee2547215754b5b0a6b6073e1f0dd4f6b6f570b5dc60729614101f42439bc4fcab4dc14f630170f767e81c16335c1405d2a8587dbe44d16e3c950702c7d5c08b7da8ee5dd6d4153a5cb3cf105e80d1855e0bf05878c7536daa84791fff090b9292758093bfd7516387fb9132f9e26b030a910eecd93e0710bb1b8014aa452d63d4f8801803d716075ddddee713afee1c4164f1453fc710fe94f93ac996b51125ee9f4cb6a65d28b7a1ac7c0753ee0ab25ffd1e9e84dc7818cdd5686558425e1f59b73771ba3753c75f641c9273d32fdb4363b555df8b85fcc4a3c1b007d1820fb20ec3ca7dc8764755f9a71e9b21b0040205a60bbc3c747c03aba04612e3eff94fb1f83cea1bc2633dd1dd9ed79e2c0ec4c09cb603fd0ce8be97a7fab3371f65c0cee05b64f664cd973cb45252c8c85179d89eb19814eaedc60638ce5193db239c623f8281a8d92f30145ad14601c5ccee8e8677e35be76a758d0d1d73ce78f3c51f96fb3570e5250913816be047d8f5f5fc5e30dbd4e6a3f660e4c98df04db9c776c45a2e7ab635f9216bd4ae353c97766b968fd9c184cd70aaf0d944c32df00c569ef1eac02a5f517f5ad15010a32c4d55bd37752fa84af986566d6ed6773d8ddfef4fa704678d75d2b05f960b319355ec08b8eff92f2e747a8a02166eb1ef726dd0e90cd499af2a8f485f2cdb97b2d9180f4639a11d4a640502c9a4d45780297c57a931ac25bfd7001c7e00b7a4b0275b57c981de3183ad1c31167be109f5fc6d4e6946517777d11adfce134880d81c816dc49f48208e7076505c966f6e5792a58dd9dd9eca74e3f0514ce542700a87df5cdb4cafcc20eab7310b355a42b3f235b0decb980c8d217dcc2c2b48c42fe935d5725ba707fa362855c506a4448343b74cc2314bcc4e8b12771825a2f51f621ff4839e00e8f2ca012433a96ec0ba4064c86d64eefce1813fba4e5a15488bfbfcaf16b93e2dd4e3cb9f5ada5ca235a2cee97c0fc7932f458bb85050dad982cf9cccc98eae1522a8f6e75aa4c36e058cd6040c8f05018d0b53619eb2058bf35364b210b01cd32ea86558de143d00855226ceb6a36259bff6e10c56b8af86b67d481adb86a9c5f3943f6574c15ed7fd675ecc1101d5a590e7caafa5e9abbc4d58b2c32ef4cc4d3c1b93cae6a0955733e6e04ceb8c169076871794eb7e4673705c39b04915521bce208436632fd43cbfbc801c47f70e1309f1c75609a9626806738eecb4dbd881ca24c9777f644bad85fec9913968c0759e36eb7aa88ecef6bd5be268e4d61c399254c4e0c8ac01c59282a2a2762c772f190625d26b346e3baf49c7dbabc84b59726e8f5d2e1cd3090dab91f8e5869f6436e7653780a2b352973100fec551f56b89902a5446409d93a0f893f7fb4344e40f4414ca9690e15be4702266ddcd14d37137fc2ca662dff5974af1569dd0da7c25ae0336a9efb76a4edb105d44e64cad52464d4e7b2c30ec14966d98c2e0ee373bc6459ffb80f2f22cea7017bb0b3003190a72cdc5149b9a2fbb299bcf028e7b78cb64f2f6c13748304bf627868daa60f47b8ae139bfd5c79dedb4e2e1f53b12f3ce3c02361bd485631b144a9d252892c12523ded2eab3586474c2f83305535052e403978ac7e423ca066b8e3182894ee51586481117fc268962e8bb4683a1901c83a610c60b1c0c4d72df7dee25f89719d1383008c577222ee5faa5a744d5d97bef3bbc8877e102f2438003548c8e999a5e3d2a3e24e636954f7dc32f111e44f69c08427ae836bdf6bfed1695fb2c36af1068487405519c9b493990cacccaf555b1f24b87bcaa6bf194f9070fdbfdaf5ff14e5d110591ed0c1dc58c6c0c797cf2ddff9d9f5505b2bbb163372670f510e031ada043bfeef87e03ee7ca7c10dbd0f6c6c117fca9f8eee936d394cecd6bd23dd23420634c2bd9a561aadcbe9e66957d687e09ae8468c45e50790698bba2ea73333b0c495f3d1edc1e7254b72cbb97a8bd5c8c87da700b01637f0ec00528f6be5aeea37201e1709ab53571a4712ffd6fda972c6588b6d82c21331d1999f6fb0a1b90a409a47dcc8cd8e2674fd390189e12741d96b2d7d96bdd2ae817fc59ffe4466ba20d4246600bcd5ba6c14022cd085d9e5b80d1ba49277b762994c4ab099bb7dd1ef7baec93f986163420d2b453cd4e3d47ce24000e66224e55916253c64e40e21685bc5b817828cdf8eae3f3497c428ceffc457291e0d1b8bde6277030d1d3245de3ce9a5ab4fa85e7b6b550555f5fc4330251ad368a169cc4abb957ef50c9913735ec037d8dfe90b092768fc6b2714cc31be9e1199aab45f93179638afa424030ccad55a22b37dc97157c3f6f4ecd22f31b7871fbb5dd9a3317c76e5c4ec589bdc6318d6bbd9b207f37a7bca5bd0d8a5ac6f684f6300d2dae4c4a7077a60dfe2319b1f285a37a5f5270dab923deda4f0251420abf7dc172b4c9c8ffa27adbff92c8dc391f258b505b3d4cf188402dcf18205f7ef6d6c4a063df563e74157cdeafdb433a4077a33fde53adc67343fcb43dd0b87fb3b1e1550893aa545167504ec99f3056fe6e008cb292eefa12b9fa09798495db8fc9886e06b1d48da93d4ee66f2e6fbed789cd04b9cfca66e9f1560ac2d15f9e06598663e59a7a10415be3d704981c1b61ca231339814b1ea2fe85721cf1ec9b1cbd2e7f9e607d6c8edb98426d2c3abab2e5e37206b0d948916af42c459127c900c86eaa43a6768a427a28c15ee1fb00623aad980653e3a855130fed7667cf206692913fef4ca379fa87e12ded96e2c03a67ead9dc3ca2effdd024179ca7828650d61c70e81e23c52c5719e688518e60d6ddf02639e17560985fc758777d48e74a82a49a20505643bfe33ed1411a11c019ac1c3654e4ff539e5ebc994428821b5661aac059685aa8d08ed490bde25e850c9c9458a4dc23c2e263eb6de58c6719b2cb88e894befceeee5925ac16bbdb05e74d152f3f56d4918606cbaa7730e8a8d6530fe6997e7ad3f291ce74f28dcde3978c6fba84b84edded8f992ba528982a71841878b4abe5015ce3e09c07c95d6e13457b176a8263b6d8c158784ea29edcab84aea1683e210a1a649f4200043b727e0b4e4660f8f6cbd9a23e6bd3a09f318a88c76233cfabd3092eb43713626b3cae653351c255cc6a3c6bd4b449d7880c5ae5add41b55903dea302054d439fd24a198b2b386545d8313f97a1cf200d38a26a468334df15fc1af6de9852eb8faa4a4e5b313c1c81d0bf0bd6d899837af180016d9ba82af5576f9ac5cdfb3062b07bec0c10d3134217e77aacdd6f20fed0e02ce1f49127dcbd64dbe637e36c1b5864f4e2bd415d1b0852f1c183dcc662ad1dcbbfd88fe958558b702d57b75ba6b29108992de4a4744ee17ff55fc45bafd819588e1685e3f0ca0353dde62bad58f96887200db1b93a5f7bb46fd6a209da4dd379bb381d93f000cf427b7c7a6ae6176666889686122a50afb706f62236fa231cbf46f23e0db193827cd7942f3efbbf10bbdac00f37ede5ed18e90d138f00d87e9dce4c1c24fc24b35d4be31e084824ae24e67a484e49e31a8de6c65e5fbf30ded00430659fcee900d4ccac8feed0135b4c44c6e873199a4e4af4b6fecfdd961474615925075420793e1eb5b208b07d97feaf0b5e7258f53571db3e987358c8beddb41a91b54f94dc5919156287060b3dbf2e4493a97de64260516daeb7fa90018e3e84c347c2560685ded5947ee36447de8e2526dfde913b7739c29a407d5c19acb49ec46a4e0257cec8013eea4300a1e29e186448201ff0420abc3ef21ff4262015aa58a08728440d0e30415fba38c2a5cbaf2e8bdd09603bfc23f088f4747c9665f22d6ec0697acb9e561efe14349be3bbef3ec3fa8f6c7b0e91e7b9c0a3d85142650acd8802b32c22aa89a866e10dd64f45f442606ab1c9e4cfce47f612dcf90ffcfe2b5eea89648207c7a117e71093b56a40f50c8c8424bb89e799e2e9bbe8c36702e330492d3a8e65ec2482a77c67a97e7f82cdf8e7368a63522b88762cf1dcf0c0b8763798377729823845a3e14a09ec80d78e81d473fae83670c0a87683426224a8a597dc21f8a4583e6244de5cbf7ba144188161dd5e77590f6f6366b57a364f1c374e2c004434f2fcf0f94925bc88b20681367d04ac37213cba242c83d72f40400584fad67aed285a4b83e908de560873a9da190691ebf7a40cd703827d5b9886e169798e93b47e973b867c15c34a97a2bca1e96f2b63b1ced62d8c2afa40d22e8dfee34a613a3f3fb2282af85ff31e442d04b72302c4b464f6395ac80f6cd9e5432fac2d455f3ab45e5c79658f960f287c0ea2905aa43dc2c434a75786f377f1888e085bb8eac7e358f2a495a8d29ff0c81e621647a2f5edfd01454bb4c5a27ba780553319a86c9b4f379a126c253f099c91c47efed68842682474e57a6f8c4ec18e55a0208ad707831cf5ba4a2bd53e43f3e2d0d8f67336d476b840b6e582f66591c08092107f098d066215c0d9a9a8116cc0073fdda74ac4afd6fd404e3e029b5e8f961a0fbf2748f8e35bc86ad8bd2648e54c4428a522ea4c11278da19ecacaaf5ff8dc2669da0954b692a7a43b77181de0b3512df4fcf3553231b488b4e6a41470b170694df5ce780f2a425e89f34d7d40ed069f2d5e33d84940a3b894a66d7212c65444246e9cb8df26773df8b6efa46aa95035e82f28dbf2de57bd04cf92f6d941e678a351f660176246c4b77281f50917ed9fa488863043e7fbb2a028f27b4a84c0d14a5bce0ad79490a90802e559493a02e8f062ad2b30aa0f6a509df426f54686c677a02979b82950bb6498da45b2102a0823b9f13f04b8224d0e0688702d7136c41bf6de51de61be35684fee4dc84ae3e53b077fb9f73e06809120df", 0x1000}, {&(0x7f00006fc000)="ededa6f9e0eac125cd8370d18a7e507f80cfbe7b26", 0x15}, {&(0x7f0000f7b000-0x54)="0269def19d670766c9a9d1a22ee6b64c2c8cbd6f3535d93e6f0a31c9f6c072c5441d25e74329e5f53d7befba668f351c21181ce991a60819fbfbe75a829e8e774854bbdb2ef978e11ce12797ab2b3d808678a3b1", 0x54}, {&(0x7f0000271000-0x6)="3a5c8210c4da206933fd5ecfcc23b5a5f0b628ef5fc1717b6605a49846797e828a11a319f24471643f6b522cde57b0b129a2db1af7cd2caa9f4c497535409529d3e701698f4c3192868f993d9c4fbe2791bf401e92ccac96b64febc3883cd4d0d13e1dc8aced26e3a16bfbf2eb7cab95d5ad8bc13dd624ea8775132bb118f7239c932760b00fcf4380e2f350808b3e1acc6364458a2eb1a429a30db9037e1261", 0xa0}], 0x6)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000b10000)=0x5, 0x4)
mmap(&(0x7f0000f7c000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f00006bd000-0x8)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x1000000080000)
mmap(&(0x7f0000f79000/0x1000)=nil, 0x1000, 0x1000000, 0x32, r1, 0x108000)
mmap(&(0x7f0000f7a000/0x1000)=nil, 0x1000, 0x4, 0x32, 0xffffffffffffffff, 0x1d)
mmap(&(0x7f0000f7a000/0x1000)=nil, 0x1000, 0x3, 0x36, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000f7b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000f7b000/0x1000)=nil, 0x1000, 0xffffffffffffffff, 0x32, r1, 0x26)
ioctl$sock_SIOCGIFBR(r1, 0x8940, &(0x7f0000f7a000)=@add_del={0x2, &(0x7f0000387000-0x10)=@common="67726574617030000000000000000000", 0x7})
connect$ipx(r1, &(0x7f000015a000)={0x4, 0x9, 0x1b, "2eaa747820ff", 0x3, 0x0}, 0x10)
mmap(&(0x7f0000f7d000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
sendto$inet(r0, &(0x7f0000f7e000-0x1)="02", 0x1, 0x1, &(0x7f0000a01000-0x10)={0x2, 0x0, @multicast2=0xe0000002, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x10)
mmap(&(0x7f0000f7b000/0x1000)=nil, 0x1000, 0x23, 0x10, 0xffffffffffffffff, 0x4)
mmap(&(0x7f0000f7b000/0x1000)=nil, 0x1000, 0x3, 0x110, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000f7c000-0x54)={0x0, 0x4c, "cc62ed5580af5695777a5942d1c7eeb87e87a8ebf700fd515470796f8ca75b8f2a85daa3826fa6ec91258671bae6e0fa78fb161b2d086721f58d394846de46f2d156f0b2f90cbb0b859e444d"}, &(0x7f0000f7c000-0x4)=0x54)
mmap(&(0x7f0000f79000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000076b000/0x2000)=nil, 0x2000, 0x1000000003, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000f7e000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ustat(0x20204d, &(0x7f00008c7000)={0x0, 0x0, 0x0, 0x0, 0x0})
mmap(&(0x7f0000f7f000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000f06000/0x1000)=nil, 0x1000, 0x2000001, 0x35, r0, 0x80000000000)
mmap(&(0x7f0000f7e000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
getsockopt$SO_PEERCRED(r2, 0x1, 0x11, &(0x7f0000f7f000-0xc)={0x0, 0x0, 0x0}, 0xc)
mmap(&(0x7f0000004000/0x2000)=nil, 0x2000, 0x7, 0x11, 0xffffffffffffffff, 0xfffffffffffffffd)
mmap(&(0x7f0000f7e000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f00000ec000/0x3000)=nil, 0x3000, 0x2000001, 0x32, r1, 0x0)
mmap(&(0x7f0000d54000/0x2000)=nil, 0x2000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
ioctl$PIO_FONTX(r2, 0x4b6c, &(0x7f0000f80000)="69")
mmap(&(0x7f0000f7a000/0x1000)=nil, 0x1000, 0x3, 0x32, r0, 0x400000000)
mmap(&(0x7f0000994000/0x3000)=nil, 0x3000, 0x3, 0x8410, r2, 0x0)
splice(r0, 0x0, r2, 0x0, 0x1000, 0x5)
mmap(&(0x7f0000f80000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
accept$netrom(0xffffffffffffffff, &(0x7f0000f81000-0x10)=@ax25={0x0, {"00000000000000"}, 0x0}, &(0x7f0000f7a000)=0x10)
2017/08/11 22:10:47 executing program 0:
2017/08/11 22:10:47 executing program 3:
2017/08/11 22:10:47 executing program 2:
mmap(&(0x7f0000a14000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xfde000)=nil, 0xfde000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f0000d73000)={<r0=>0xffffffffffffffff, 0xffffffffffffffff}, 0x0)
fcntl$getownex(r0, 0x10, &(0x7f0000fdf000-0x8)={0x0, <r1=>0x0})
perf_event_open(&(0x7f00006d1000)={0x2, 0x78, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, r1, 0x0, 0xffffffffffffffff, 0x0)
gettid()
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x4000067)
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x200000000032, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r2, &(0x7f00001ee000)={0x2, 0x0, @empty=0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x10)
r3 = gettid()
r4 = perf_event_open(&(0x7f000002f000-0x78)={0x2, 0x78, 0x40, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, r3, 0x0, 0xffffffffffffffff, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000ccd000)=0x75)
fcntl$F_MEM_LOCK(r4, 0x800)
r5 = signalfd4(0xffffffffffffffff, &(0x7f0000006000)={0x7fffffff}, 0x8, 0x0)
r6 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f000001c000-0xc)={0x2007, 0x0})
timer_create(0x2, &(0x7f000001a000-0x50)={0x0, 0x0, 0x1, @pad=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000029000-0x4)=<r7=>0x0)
timer_settime(r7, 0x0, &(0x7f0000052000)={{0x0, 0x989680}, {0x7ff, 0x7}}, &(0x7f000001b000-0x20)={{0x0, 0x0}, {<r8=>0x0, <r9=>0x0}})
mmap(&(0x7f0000055000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000056000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x30)
fcntl$getown(r5, 0x9)
r10 = gettid()
rt_sigprocmask(0x0, &(0x7f0000024000)={0xfffffffffffffffe}, 0x0, 0x8)
timer_create(0x3, &(0x7f0000044000)={0x0, 0x14, 0x4, @tid=r10}, &(0x7f0000044000)=<r11=>0x0)
timer_settime(r11, 0x0, &(0x7f0000047000-0x20)={{r8, r9}, {0x0, 0x9}}, &(0x7f0000046000)={{0x0, 0x0}, {0x0, 0x0}})
timer_settime(r11, 0x1, &(0x7f0000041000-0x20)={{0x0, 0x0}, {0x0, 0x9}}, &(0x7f0000040000)={{0x0, 0x0}, {0x0, 0x0}})
gettid()
timer_create(0xe, &(0x7f0000053000)={0xffffffffffffffff, 0x4, 0x0, @tid=0x0}, &(0x7f000004e000)=0x0)
2017/08/11 22:10:47 executing program 7:
mmap(&(0x7f0000000000/0x1a000)=nil, 0x1a000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000001000)={0x2, 0x0, @empty=0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x10)
mmap(&(0x7f000001a000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000001a000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000001a000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000001a000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_extract_tcp_res$synack(&(0x7f0000010000)={0x42424242, 0x42424242}, 0x1, 0x0)
mmap(&(0x7f000001a000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x38, &(0x7f000001a000)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x0}, @random="4c6112cc15d8", [], {{0x800, @ipv4={{0x5, 0x4, 0x0, 0x0, 0x2a, 0x0, 0x20000000, 0x0, 0x6, 0x0, @remote={0xac, 0x14, 0x0, 0xbb}, @local={0xac, 0x14, 0x0, 0xaa}, {[]}}, @tcp={{0x1, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0x0, {[]}}, {"2000"}}}}}})
syz_extract_tcp_res(&(0x7f0000001000)={<r1=>0x42424242, <r2=>0x42424242}, 0x1, 0xffffffffffffffff)
mmap(&(0x7f000001b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000001b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0xa3, &(0x7f000001b000)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x0}, @remote={[0xbb, 0xbb, 0xbb, 0xbb, 0xbb], 0x0}, [], {{0x800, @ipv4={{0x5, 0x4, 0x0, 0xffffffffffffffff, 0x95, 0x0, 0x0, 0x0, 0x6, 0x0, @remote={0xac, 0x14, 0x0, 0xbb}, @local={0xac, 0x14, 0x0, 0xaa}, {[]}}, @tcp={{0x1, 0x0, r2, r1, 0x0, 0x0, 0x20, 0x10, 0x0, 0x0, 0xfffffffffffffffc, {[@nop={0x1}, @timestamp={0x8, 0xa, 0x5, 0x1}, @sack={0x5, 0x16, [0x2, 0xa7, 0x2, 0x4, 0x59c0]}, @timestamp={0x8, 0xa, 0xa5b1, 0x290}, @md5sig={0x13, 0x12, "117a718f748f28d4fffce3e0dff56edf"}, @sack_perm={0x4, 0x2}, @md5sig={0x13, 0x12, "747baca19bfb10c48a52db7f1e5239f4"}, @md5sig={0x13, 0x12, "f0fa277e2a5726bb5babd38c773827a8"}, @nop={0x1}, @generic={0x5, 0x6, "ca4f447f"}]}}, {"0c"}}}}}})
mmap(&(0x7f000001a000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000001b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000001b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_extract_tcp_res(&(0x7f000001b000)={0x42424242, <r3=>0x42424242}, 0x27, 0x0)
syz_emit_ethernet(0x38, &(0x7f0000004000)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x0}, @remote={[0xbb, 0xbb, 0xbb, 0xbb, 0xbb], 0x0}, [], {{0x800, @ipv4={{0x5, 0x4, 0x0, 0x200, 0x2a, 0x0, 0x0, 0x20000000000, 0x6, 0x0, @remote={0xac, 0x14, 0x0, 0xbb}, @local={0xac, 0x14, 0x0, 0xaa}, {[]}}, @tcp={{0x1, 0x0, r3, r2, 0x0, 0x0, 0x5, 0x10, 0x0, 0x0, 0x0, {[]}}, {"0069"}}}}}})
syz_emit_ethernet(0xc9, &(0x7f0000019000-0xc5)={@empty=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], @random="0578f536e594", [{[{0x9100, 0x3, 0x0, 0xffff}], {0x8100, 0x37, 0x80000001, 0x1}}], {{0x8902, @x25={0x3, 0xa, 0xff, "988e38b08e1c785a1b939c47d43bb82b5441449388a3aa39370ffe44576a2abefaced30ce03d509dd9db4d022f5ae0235de92f28c599b7a41951b290ea61ded6d622619c75c652dc3a423ee85ff67be1a6c1b0808928eb9b04ceaa560b1941a842b51962be0cb125b1fbd5d2e9e29d538cc430b50c9864d4d739e6e30f861a529d72a48962c880f9f1961deab171165b1d4cbafbe99740783aaf351946d025baf35bb65711e71c5f1d91903f6f377b6d"}}}})
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000002000)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x0}, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x0}, [], {{0x800, @ipv4={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote={0xac, 0x14, 0x0, 0xbb}, @local={0xac, 0x14, 0x0, 0xaa}, {[]}}, @tcp={{0x1, 0x0, r1, 0x42424242, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x1, {[@generic={0x3, 0x2, ""}]}}, {""}}}}}})
syz_extract_tcp_res(&(0x7f000001b000-0x8)={0x42424242, 0x42424242}, 0x7, 0x5)
mmap(&(0x7f000001c000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000001a000/0x1000)=nil, 0x1000, 0x3, 0x32, r0, 0x0)
mmap(&(0x7f000001a000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000001b000/0x1000)=nil, 0x1000, 0x80000000000003, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000001c000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000001c000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000001d000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r5 = accept$inet(r4, &(0x7f0000004000-0x10)={0x0, 0x0, @local={0x0, 0x0, 0x0, 0x0}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000006000-0x4)=0x10)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000001d000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1000009, 0x32, 0xffffffffffffffff, 0x0)
setsockopt$inet_udp_encap(r5, 0x11, 0x64, &(0x7f000001e000-0x4)=0x4, 0x4)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x2, 0x46050, r0, 0x3c)
r6 = geteuid()
fchownat(0xffffffffffffffff, &(0x7f0000007000-0x8)="2e2f66696c653000", r6, 0x0, 0x100)
mmap(&(0x7f0000013000/0x2000)=nil, 0x2000, 0x400003, 0x32, r0, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqsrc(r7, 0x0, 0x27, &(0x7f0000002000)={@multicast2=0xe0000002, @local={0xac, 0x14, 0x0, 0xaa}, @rand_addr=0x0}, 0xc)
getsockopt$inet_buf(r7, 0x0, 0x29, &(0x7f0000002000)="00000000000000000000000000000000", &(0x7f0000005000)=0x10)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, r7, 0x2)
mmap(&(0x7f000001a000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x2, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000001b000/0x1000)=nil, 0x1000, 0x3, 0x32, r7, 0x0)
mmap(&(0x7f000001b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
getsockopt$inet_buf(r0, 0x0, 0x2f, &(0x7f0000013000-0x89)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", &(0x7f000001b000)=0x89)
2017/08/11 22:10:47 executing program 0:
mmap(&(0x7f0000000000/0xafa000)=nil, 0xafa000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000203000-0x9)="2f6465762f6b766d00", 0x80000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_S390_UCAS_UNMAP(r4, 0x4018ae51, &(0x7f0000afb000-0x18)={0xffffffffffffffb2, 0xf424, 0x9})
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000274000/0x18000)=nil, &(0x7f0000107000)=[@text64={0x40, &(0x7f000099d000-0x64)="b6c3f8e788595d2a1ba31779d22e2453ab6fe204d8cb17bc3c4ab8e3e0483b9931418b5c1612cb68cb1f08acd253883205213823efd610026d3b892f9ecf43c837882ddb41cb3a22a62644cc9081d865b5c7d6d371bfbc1b7da5ab28911fcb5667d0b08b", 0x64}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[@efer={0x2, 0xc00}], 0x1)
ioctl$KVM_S390_VCPU_FAULT(r5, 0x4008ae52, &(0x7f0000af7000)=0x9)
ioctl$KVM_SET_DEBUGREGS(r5, 0x4080aea2, &(0x7f0000af9000-0x80)={[0x10f000, 0x2, 0x100000, 0x10000], 0xfffffffffffffffd, 0xa9, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_GET_MSRS(r5, 0xc008ae88, &(0x7f00005a0000-0x48)={0x4, 0x0, [{0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_REINJECT_CONTROL(r3, 0xae71, &(0x7f0000017000-0x20)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_XCRS(r5, 0x4188aea7, &(0x7f0000896000-0x58)={0x5, 0x4, [{0x9, 0x0, 0x800000000}, {0x2, 0x0, 0x26b}, {0x4, 0x0, 0x7fffffff}, {0x7f, 0x0, 0x6}, {0x997, 0x0, 0xc7}]})
ioctl$KVM_S390_INTERRUPT_CPU(r5, 0x4010ae94, &(0x7f000074e000)={0x5, 0x7, 0x100000000007})
ioctl$KVM_GET_XSAVE(r5, 0x9000aea4, &(0x7f0000012000)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"})
ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f0000af6000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c0137bc281d9f1a, [0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_DEASSIGN_PCI_DEVICE(r3, 0x4040ae72, &(0x7f0000010000-0x14)={0x10000000000000, 0x0, 0xfffffffffffffff8, 0x1, 0xf6})
munlock(&(0x7f000000a000/0x4000)=nil, 0x4000)
mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000478000-0x10)={0x10201, 0x0, &(0x7f00001b8000/0x4000)=nil})
ioctl$KVM_SET_SIGNAL_MASK(r5, 0x4004ae8b, &(0x7f00007eb000)={0xa3, "1d4900e2cfc33f5fd3b178698434e9bf4d4d6aa821f804a1fff5fd9dbc443160ba87d0c1417410c1a3136af797bfb48c90b5d53f62d273ae4b744ced034cf3c06e17f57c0b837e194f4fbc7a3b8f67c9d422831b8a04cdc8ca0053e986e6ff9cad28e968207257088ee48d0a0312caaf1d3bd77ead3731ca4412d28fc0955fbdd601fa89fa1e106dc80ec7e251d9f471ad61271453c1e541ba8952a3d5ada738542ce3"})
ioctl$KVM_GET_REGS(r5, 0x8090ae81, &(0x7f0000af9000-0x90)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0})
mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_IRQCHIP(r1, 0xc208ae62, &(0x7f0000afb000-0xd8)=@pic={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1ff)
ioctl$KVM_ASSIGN_PCI_DEVICE(r1, 0x8040ae69, &(0x7f000025e000-0x14)={0x7, 0x3, 0xe39d, 0x1, 0x9b4b})
2017/08/11 22:10:47 executing program 3:
[   55.052914] TSC Offset = 0xffffffe28caa3075
[   55.057515] TPR Threshold = 0x00
[   55.061253] EPT pointer = 0x00000001c3b6a01e
2017/08/11 22:10:47 executing program 3:
2017/08/11 22:10:47 executing program 5:
2017/08/11 22:10:47 executing program 3:
2017/08/11 22:10:47 executing program 5:
2017/08/11 22:10:47 executing program 6:
2017/08/11 22:10:47 executing program 2:
2017/08/11 22:10:47 executing program 1:
2017/08/11 22:10:47 executing program 7:
2017/08/11 22:10:47 executing program 2:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 2:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xae3000)=nil, 0xae3000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap(&(0x7f0000ae3000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ae4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_BOOT_CPU_ID(r2, 0xae78, &(0x7f000008d000)=0x100000000000003)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_GET_IRQCHIP(r3, 0xc208ae62, &(0x7f000098d000-0xd8)=@pic={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mmap(&(0x7f0000ae3000/0x1000)=nil, 0x1000, 0x8, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000ae4000-0x20)={0x10001, 0x0, 0x6ffd, 0x2000, &(0x7f0000055000/0x2000)=nil})
mmap(&(0x7f0000309000/0x400000)=nil, 0x400000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f00002c2000/0x18000)=nil, &(0x7f000018e000)=[@textreal={0x8, &(0x7f0000ae4000)="3e0f001b66b9800000c00f326635010000000f30d88a45000f32b800018ec80f23b9360ff9c3662664f2addd8f0900f30f5805", 0x33}], 0x1, 0x10000000000000, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @vmwrite={0x8, 0x0, 0x3, 0x0, 0x8, 0x0, 0x4, 0x0, 0x6}], 0x2)
mmap(&(0x7f0000000000/0xae0000)=nil, 0xae0000, 0x3, 0x4d031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000000c000/0x4000)=nil, 0x4000, 0x1000000000002, 0x20010, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_XSAVE(r4, 0x9000aea4, &(0x7f0000ae6000-0x400)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"})
mmap(&(0x7f0000ae5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xf72000)=nil, 0xf72000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 2:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xae3000)=nil, 0xae3000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap(&(0x7f0000ae3000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ae4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_BOOT_CPU_ID(r2, 0xae78, &(0x7f000008d000)=0x100000000000003)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_GET_IRQCHIP(r3, 0xc208ae62, &(0x7f000098d000-0xd8)=@pic={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mmap(&(0x7f0000ae3000/0x1000)=nil, 0x1000, 0x8, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000ae4000-0x20)={0x10001, 0x0, 0x6ffd, 0x2000, &(0x7f0000055000/0x2000)=nil})
mmap(&(0x7f0000309000/0x400000)=nil, 0x400000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f00002c2000/0x18000)=nil, &(0x7f000018e000)=[@textreal={0x8, &(0x7f0000ae4000)="3e0f001b66b9800000c00f326635010000000f30d88a45000f32b800018ec80f23b9360ff9c3662664f2addd8f0900f30f5805", 0x33}], 0x1, 0x10000000000000, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @vmwrite={0x8, 0x0, 0x3, 0x0, 0x8, 0x0, 0x4, 0x0, 0x6}], 0x2)
mmap(&(0x7f0000000000/0xae0000)=nil, 0xae0000, 0x3, 0x4d031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000000c000/0x4000)=nil, 0x4000, 0x1000000000002, 0x20010, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_XSAVE(r4, 0x9000aea4, &(0x7f0000ae6000-0x400)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"})
mmap(&(0x7f0000ae5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xf72000)=nil, 0xf72000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 6:
mmap(&(0x7f0000000000/0x28000)=nil, 0x28000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000017000)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000017000)={{0x0, 0xf001, 0x0, 0x0, 0x0, 0x6000000000000000, 0x0, 0x0, 0x1, 0x1f, 0x0, 0x0, 0x0}, {0x3, 0xf000, 0x0, 0x9, 0x100000001, 0x2, 0x1f, 0x10000, 0x2, 0x8, 0x120000000, 0x2, 0x0}, {0x0, 0x6000, 0xe, 0x8, 0x4, 0x400, 0x800, 0x1f, 0x4, 0xfffffffffffffffc, 0x289, 0x2, 0x0}, {0x4000, 0x4, 0xe, 0x5, 0x20, 0x0, 0x3, 0x80000000, 0x4, 0x7, 0x1, 0xfffffffffffffffd, 0x0}, {0x4, 0x4000, 0xf, 0x3, 0x9f99, 0x1, 0x6d0, 0xfffffffffffffffe, 0x80, 0x9, 0x5, 0x400, 0x0}, {0x4000, 0x1f000, 0xb, 0x7fffffff, 0x3, 0x4, 0x7, 0x5, 0x100000001, 0x9, 0xff, 0x5, 0x0}, {0xd001, 0x5000, 0x0, 0x100000000, 0x101, 0x6, 0x200, 0x7, 0x3, 0xfffffffffffffc00, 0x5, 0x4, 0x0}, {0xf000, 0x3000, 0x0, 0x0, 0xf87b, 0x5, 0x8, 0xff, 0x4, 0x40, 0x7fffffff, 0x6, 0x0}, {0x1, 0x2, [0x0, 0x0, 0x0]}, {0x6000, 0x5000, [0x0, 0x0, 0x0]}, 0x4, 0x0, 0x0, 0x2000, 0x6, 0x8000, 0x2, [0x5, 0x100, 0x4, 0x8]})
ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000016000-0x10)={0x46, 0x1, 0x4, 0x0})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000000f000/0x18000)=nil, &(0x7f0000029000-0x18)=[@text16={0x10, &(0x7f000000d000)="0f06ba4200ec66b8e90000000f23d80f21f86635000000400f23f866b8008000000f23d00f21f866352000000d0f23f86766c74424002f9f9ae46766c7442402480000006766c744240600000000670f011c240fc76a2a66b98508000066b80078000066ba000000000f300f07b861000f00d866b9800000c00f326635008000000f30", 0x83}], 0x1, 0x37, &(0x7f0000009000-0x20)=[@cr0={0x0, 0x40040001}, @dstype3={0x7, 0x1}], 0x2)
mmap(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000028000)={0x2, 0x0, [{0x1, 0x6, 0x0, 0x17, 0x8000, 0x0}, {0xc000000f, 0x10001, 0x5, 0x79, 0x6, 0x0}]})
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000011000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34b582ec71cdec61, [0x4, 0x0, 0x0, 0x0]})
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 0:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 7:
2017/08/11 22:10:48 executing program 5:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:48 executing program 1:
2017/08/11 22:10:48 executing program 2:
2017/08/11 22:10:48 executing program 6:
2017/08/11 22:10:48 executing program 3:
2017/08/11 22:10:48 executing program 4:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 1:
mmap(&(0x7f0000000000/0xe97000)=nil, 0xe97000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000e97000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000bb4000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f000044a000)="2f6465762f6b766d00", 0x40100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000da8000-0x8)={0x1f, 0x0})
r2 = eventfd2(0xedf, 0x800)
write$eventfd(r2, &(0x7f000013b000)=0xfffffffffffff5e7, 0x8)
r3 = eventfd2(0x0, 0x0)
write$eventfd(r3, &(0x7f0000bac000-0x8)=0x0, 0x8)
eventfd2(0x0, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000026000-0x20)={r3, 0x0, 0x2, r3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000565000)="2f6465762f6b766d00", 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = eventfd2(0x0, 0x0)
r8 = eventfd2(0x0, 0x0)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000556000-0x20)={0xf000, 0x2001, 0xffffffffffff9202, 0x6, 0x1f, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_S390_INTERRUPT(r6, 0x4010ae94, &(0x7f0000dac000)={0x401, 0x9, 0x400})
madvise(&(0x7f00004c8000/0x1000)=nil, 0x1000, 0x7f)
ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000026000-0x20)={r7, 0x0, 0x2, r8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
eventfd2(0xc, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r5, 0x4010ae74, &(0x7f0000d32000-0xc)={0xa9d, 0x4, 0x3})
mmap(&(0x7f0000e97000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000e98000-0x9)="2f6465762f6b766d00", 0x600000, 0x0)
pkey_alloc(0x0, 0x1)
mbind(&(0x7f00007b7000/0x3000)=nil, 0x3000, 0x2, &(0x7f0000ca6000-0x8)=0x1, 0x9, 0x2)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f0000d95000-0x138)={{0xd004, 0x3000, 0x10, 0x294a, 0x9, 0x2, 0x400, 0x7f, 0xce, 0xff, 0x2, 0x6d50, 0x0}, {0x6000, 0x1000, 0x10, 0x7, 0x3, 0x800, 0x6, 0x4c4ab5c, 0x2, 0x40, 0x2, 0x1, 0x0}, {0xf000, 0x4, 0xb, 0x1f, 0x5, 0x2744, 0x3, 0x7, 0xc82, 0xe4, 0x267d, 0x101, 0x0}, {0x4, 0x6, 0xf, 0xfffffffffffffffb, 0x4, 0x100, 0x83, 0x80, 0xfffffffffffffc01, 0x8001, 0x3b, 0xfffffffffffffffa, 0x0}, {0x101004, 0x1000, 0x8, 0x200, 0x7, 0x7900, 0x100000001, 0x9, 0x9, 0x2, 0xaf63, 0x1f, 0x0}, {0x0, 0x1000, 0xa, 0x9, 0x8, 0xe8, 0x5, 0x7fffffff, 0x4eb, 0xfffffffffffffd60, 0x4, 0x9, 0x0}, {0xd002, 0x2000, 0x3, 0x4, 0xbe, 0xc1a, 0x4, 0x6d0, 0x2, 0x0, 0xf17, 0x4, 0x0}, {0x0, 0x6000, 0x3, 0x5, 0x4000000000000, 0x81, 0xfff, 0x101, 0x4, 0x1, 0xfb1, 0x4, 0x0}, {0x2, 0x5002, [0x0, 0x0, 0x0]}, {0x3000, 0x4000, [0x0, 0x0, 0x0]}, 0x13, 0x0, 0x4000, 0x20, 0xa, 0x1, 0x110004, [0x8, 0x3548, 0x2, 0x5]})
ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000e97000-0x20)={r3, 0x2, 0x2, r2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 5:
[   56.570459] irq bypass consumer (token ffff8801cfdce980) registration fails: -16
[   56.594170] irq bypass consumer (token ffff8801d041f080) registration fails: -16
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 5:
2017/08/11 22:10:49 executing program 3:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 0:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 5:
mmap(&(0x7f0000000000/0xaf4000)=nil, 0xaf4000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000af2000)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x401, 0x200000000000, 0x6, 0x0})
2017/08/11 22:10:49 executing program 3:
mmap(&(0x7f0000000000/0xaeb000)=nil, 0xaeb000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00001b8000-0xf8)={0x5, 0x0, [{0x8000, 0x4, 0x0, 0x0, @adapter={0x20, 0xc10c, 0x5947, 0x4, 0x1}}, {0x4, 0x2, 0x0, 0x0, @sint={0xe1, 0x1}}, {0x7, 0x7, 0x0, 0x0, @msi={0x1, 0x8, 0x6}}, {0x1, 0x0, 0x0, 0x0, @sint={0xe5, 0x8}}, {0x20, 0x2, 0x0, 0x0, @msi={0x6, 0xfffffffffffffffe, 0x9}}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000012000-0x20)={0x10003, 0x1, 0xf000, 0x1000, &(0x7f0000338000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000aeb000)={0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
eventfd2(0x800, 0x80001)
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f000088e000/0x18000)=nil, &(0x7f0000aed000-0x18)=[@text16={0x10, &(0x7f0000ada000)="ba2000b0f0eeba6100d2c366efb800008e0c87e4670f01c800072c0f0d004066b8db0000000f06c80f21f866350800d0000f23f83e6567660f38dea419f79758603e3ef2ad", 0x45}], 0x1, 0x0, &(0x7f0000aec000)=[@dstype0={0x6, 0xb}], 0x1)
r4 = eventfd2(0x0, 0x800)
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
read$eventfd(r4, &(0x7f0000aec000)=0x0, 0x8)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000aea000-0x18)={0x0, 0x0, []})
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r6 = eventfd2(0x8023, 0x0)
r7 = eventfd2(0x0, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r5, 0x4004ae8b, &(0x7f0000071000-0x50)={0x4c, "1c4c820efa6b7414d1451725b70130486bbb62b52d1988fed8d4e07f6759f6f8bb9b7bd91f07536afca166954696c90af92f61c54c15daa13f1877ec029bc190d2f351321a498a14db24be40"})
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000aeb000-0x20)={r6, 0x3, 0x2, r7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
read$eventfd(r7, &(0x7f0000aee000-0x8)=0x0, 0x8)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
2017/08/11 22:10:49 executing program 0:
mmap(&(0x7f0000000000/0xaf4000)=nil, 0xaf4000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000af2000)={0x7, 0x200, 0x8, 0x0, 0xc55, 0x1, 0x370d31e6, 0x1, 0x9, 0x9, 0x8, 0x7, 0x0, 0xb57, 0x8, 0x401, 0x200000000000, 0x6, 0x6})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000acd000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000adf000)="b90401004066b8470066bad104b0a9ee0f3052c76dfef3ab66b86f000f00d099d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e955266767f2a50f20d835080000000f22d8650f070f01b102000000", 0x5e}], 0x1, 0x0, &(0x7f0000af2000)=[], 0x0)
ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000819000-0x10)={0x0, 0x0, 0x3, 0x4})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mlock2(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x0)
madvise(&(0x7f0000004000/0x9000)=nil, 0x9000, 0x0)
madvise(&(0x7f000034e000/0x1000)=nil, 0x1000, 0x64)
mremap(&(0x7f00007cc000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f00004f1000/0x1000)=nil)
mremap(&(0x7f0000008000/0x2000)=nil, 0x2000, 0x3000, 0x0, &(0x7f0000009000/0x3000)=nil)
2017/08/11 22:10:49 executing program 7:
2017/08/11 22:10:49 executing program 4:
2017/08/11 22:10:49 executing program 1:
2017/08/11 22:10:49 executing program 6:
2017/08/11 22:10:49 executing program 2:
2017/08/11 22:10:49 executing program 7:
mmap(&(0x7f0000000000/0x28000)=nil, 0x28000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000017000)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000017000)={{0x106000, 0xf001, 0x1f, 0x6, 0x5, 0x6000000000000000, 0x4, 0x8001, 0x1, 0x1f, 0x2, 0x0, 0x0}, {0x3, 0xf000, 0x0, 0x9, 0x100000001, 0x2, 0x1f, 0x10000, 0x2, 0x8, 0x120000000, 0x2, 0x0}, {0x0, 0x6000, 0xe, 0x8, 0x4, 0x400, 0x800, 0x1f, 0x4, 0xfffffffffffffffc, 0x289, 0x2, 0x0}, {0x4000, 0x4, 0xe, 0x5, 0x20, 0x0, 0x3, 0x80000000, 0x4, 0x7, 0x1, 0xfffffffffffffffd, 0x0}, {0x4, 0x4000, 0xf, 0x3, 0x9f99, 0x1, 0x6d0, 0xfffffffffffffffe, 0x80, 0x9, 0x5, 0x400, 0x0}, {0x4000, 0x1f000, 0xb, 0x7fffffff, 0x3, 0x4, 0x7, 0x5, 0x100000001, 0x9, 0xff, 0x5, 0x0}, {0xd001, 0x5000, 0x0, 0x100000000, 0x101, 0x6, 0x200, 0x7, 0x3, 0xfffffffffffffc00, 0x5, 0x4, 0x0}, {0xf000, 0x3000, 0x0, 0x0, 0xf87b, 0x5, 0x8, 0xff, 0x4, 0x40, 0x7fffffff, 0x6, 0x0}, {0x1, 0x2, [0x0, 0x0, 0x0]}, {0x6000, 0x5000, [0x0, 0x0, 0x0]}, 0x4, 0x0, 0x0, 0x2000, 0x6, 0x8000, 0x2, [0x5, 0x100, 0x4, 0x8]})
syz_kvm_setup_cpu$x86(r0, r2, &(0x7f0000002000/0x18000)=nil, &(0x7f0000024000-0x18)=[@text32={0x20, &(0x7f0000025000-0x64)="66b80d018ed00f21d3dfebc7442400de5f0000c7442402cc9e557bc7442406000000000f011c24c744240027610000c7442402dca79e83c7442406000000000f011c24b9a40b00000f32f2afb805000000b9fd1200000f01d90fc72d4000000066b809008ee0", 0x66}], 0x1, 0x0, &(0x7f0000023000)=[], 0x0)
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000007000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000011000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34b582ec71cdec61, [0x4, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_PPC_GET_PVINFO(r1, 0x4080aea1, &(0x7f0000029000-0x2d)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000022000-0x18)={0x1, 0x0, [{0x832, 0x0, 0xfffffffffffffffd}]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000014000)="2f6465762f6b766d00", 0x8000, 0x0)
2017/08/11 22:10:49 executing program 4:
mmap(&(0x7f0000000000/0xaf4000)=nil, 0xaf4000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000af2000)={0x7, 0x200, 0x8, 0x0, 0xc55, 0x1, 0x370d31e6, 0x1, 0x9, 0x9, 0x8, 0x7, 0x0, 0xb57, 0x8, 0x401, 0x200000000000, 0x6, 0x6})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000acd000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000adf000)="b90401004066b8470066bad104b0a9ee0f3052c76dfef3ab66b86f000f00d099d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e955266767f2a50f20d835080000000f22d8650f070f01b102000000", 0x5e}], 0x1, 0x0, &(0x7f0000af2000)=[], 0x0)
ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000819000-0x10)={0x0, 0x0, 0x3, 0x4})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mremap(&(0x7f00007cc000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f00004f1000/0x1000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000af3000-0x20)={0x10002, 0x1, 0x0, 0x1000, &(0x7f000054b000/0x1000)=nil})
mremap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000005000/0x4000)=nil)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f000036d000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
2017/08/11 22:10:49 executing program 2:
mmap(&(0x7f0000000000/0x64000)=nil, 0x64000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r1, 0x4010ae74, &(0x7f0000011000-0xc)={0xef, 0x0, 0x3ff})
mmap(&(0x7f0000064000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_DEASSIGN_DEV_IRQ(r1, 0x4040ae75, &(0x7f0000064000)={0xfffffffffffffff7, 0x4, 0xfffffffffffffffb, 0x501})
r2 = eventfd2(0x8000000003, 0x1)
ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f000000d000-0x70)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000064000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000065000-0x20)={0xf000, 0x0, 0x2, 0x7f, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000064000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000064000)=0x2)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000006000)={0x0, &(0x7f000002d000)=0x0, 0x200000000000000, r2, 0xa})
mmap(&(0x7f0000064000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0xfffffffffffffffe)
mmap(&(0x7f0000065000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000065000)=@pic={0x9, 0x8001, 0x4, 0x20, 0x1000, 0x7, 0x8, 0x0, 0x6, 0x7, 0x0, 0x0, 0x9, 0xff, 0x2, 0x9})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000064000)={0x3, &(0x7f000002d000)=0x0, 0x2, r2, 0x100000003})
ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f000004e000)=0x7)
2017/08/11 22:10:49 executing program 6:
mmap(&(0x7f0000000000/0xaf4000)=nil, 0xaf4000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000af2000)={0x7, 0x200, 0x8, 0x0, 0xc55, 0x1, 0x370d31e6, 0x1, 0x9, 0x9, 0x8, 0x7, 0x0, 0xb57, 0x8, 0x401, 0x200000000000, 0x6, 0x6})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000acd000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000adf000)="b90401004066b8470066bad104b0a9ee0f3052c76dfef3ab66b86f000f00d099d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e955266767f2a50f20d835080000000f22d8650f070f01b102000000", 0x5e}], 0x1, 0x0, &(0x7f0000af2000)=[], 0x0)
ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000819000-0x10)={0x0, 0x0, 0x3, 0x4})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mlock2(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x0)
madvise(&(0x7f0000004000/0x9000)=nil, 0x9000, 0x0)
madvise(&(0x7f000034e000/0x1000)=nil, 0x1000, 0x64)
mremap(&(0x7f00007cc000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f00004f1000/0x1000)=nil)
2017/08/11 22:10:49 executing program 1:
mmap(&(0x7f0000000000/0xaf4000)=nil, 0xaf4000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000af2000)={0x7, 0x200, 0x8, 0x0, 0xc55, 0x1, 0x370d31e6, 0x1, 0x9, 0x9, 0x8, 0x7, 0x0, 0xb57, 0x8, 0x401, 0x200000000000, 0x6, 0x6})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000acd000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000adf000)="b90401004066b8470066bad104b0a9ee0f3052c76dfef3ab66b86f000f00d099d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e955266767f2a50f20d835080000000f22d8650f070f01b102000000", 0x5e}], 0x1, 0x0, &(0x7f0000af2000)=[], 0x0)
ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000819000-0x10)={0x0, 0x0, 0x3, 0x4})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mlock2(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x0)
madvise(&(0x7f0000004000/0x9000)=nil, 0x9000, 0x0)
madvise(&(0x7f000034e000/0x1000)=nil, 0x1000, 0x64)
mremap(&(0x7f00007cc000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f00004f1000/0x1000)=nil)
mremap(&(0x7f0000008000/0x2000)=nil, 0x2000, 0x3000, 0x0, &(0x7f0000009000/0x3000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000af3000-0x20)={0x10002, 0x1, 0x0, 0x1000, &(0x7f000054b000/0x1000)=nil})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000006000)={0x7, <r3=>0xffffffffffffffff, 0x0})
ioctl$KVM_GET_CLOCK(r3, 0x8030ae7c, &(0x7f000000f000-0x30)={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f000036d000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
2017/08/11 22:10:49 executing program 2:
mmap(&(0x7f0000000000/0x28000)=nil, 0x28000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000017000)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000006000-0xc)={0x2, <r2=>r1, 0x0})
mmap(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x3, 0x33, 0xffffffffffffffff, 0x0)
ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000028000)={0xc000000000000000, 0x6004, 0x1000, 0x1, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_KVMCLOCK_CTRL(r3, 0xaead)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000017000)={{0x106000, 0xf001, 0x1f, 0x6, 0x5, 0x6000000000000000, 0x4, 0x8001, 0x1, 0x1f, 0x2, 0x6585099f, 0x0}, {0x3, 0xf000, 0x0, 0x9, 0x100000001, 0x2, 0x1f, 0x10000, 0x2, 0x8, 0x120000000, 0x2, 0x0}, {0x0, 0x6000, 0xe, 0x8, 0x4, 0x400, 0x800, 0x1f, 0x4, 0xfffffffffffffffc, 0x289, 0x2, 0x0}, {0x4000, 0x4, 0xe, 0x5, 0x20, 0x0, 0x3, 0x80000000, 0x4, 0x7, 0x1, 0xfffffffffffffffd, 0x0}, {0x4, 0x4000, 0xf, 0x3, 0x9f99, 0x1, 0x6d0, 0xfffffffffffffffe, 0x80, 0x9, 0x5, 0x400, 0x0}, {0x4000, 0x1f000, 0xb, 0x7fffffff, 0x3, 0x4, 0x7, 0x5, 0x100000001, 0x9, 0xff, 0x5, 0x0}, {0xd001, 0x5000, 0x0, 0x100000000, 0x101, 0x6, 0x200, 0x7, 0x3, 0xfffffffffffffc00, 0x5, 0x4, 0x0}, {0xf000, 0x3000, 0x0, 0x0, 0xf87b, 0x5, 0x8, 0xff, 0x4, 0x40, 0x7fffffff, 0x6, 0x0}, {0x1, 0x2, [0x0, 0x0, 0x0]}, {0x6000, 0x5000, [0x0, 0x0, 0x0]}, 0x4, 0x0, 0x0, 0x2000, 0x6, 0x8000, 0x2, [0x5, 0x100, 0x4, 0x8]})
mmap(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f000000f000/0x18000)=nil, &(0x7f0000029000-0x18)=[@text16={0x10, &(0x7f000000d000)="0f06ba4200ec66b8e90000000f23d80f21f86635000000400f23f866b8008000000f23d00f21f866352000000d0f23f86766c74424002f9f9ae46766c7442402480000006766c744240600000000670f011c240fc76a2a66b98508000066b80078000066ba000000000f300f07b861000f00d866b9800000c00f326635008000000f30", 0x83}], 0x1, 0x37, &(0x7f0000009000-0x20)=[@cr0={0x0, 0x40040001}, @dstype3={0x7, 0x1}], 0x2)
syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000002000/0x18000)=nil, &(0x7f0000024000-0x18)=[@text32={0x20, &(0x7f0000025000-0x64)="66b80d018ed00f21d3dfebc7442400de5f0000c7442402cc9e557bc7442406000000000f011c24c744240027610000c7442402dca79e83c7442406000000000f011c24b9a40b00000f32f2afb805000000b9fd1200000f01d90fc72d4000000066b809008ee0", 0x66}], 0x1, 0x0, &(0x7f0000023000)=[], 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000011000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34b582ec71cdec61, [0x4, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000022000-0x18)={0x1, 0x0, [{0x832, 0x0, 0xfffffffffffffffd}]})
mmap(&(0x7f0000029000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000029000)={"70bb2a128b3e90781041d44f4ed210182c8ad5cfe4871781588a516c5f0d384e4ca3603cacc146ef011ac748d359b63730c6e6cc5d77886de9d396479889d55bc24fb36817bc31d53eba46ec34cb2557194159b37d638188f7ed8b890a800d217f4ccd306d4e4c612063db6c280459216b2f7896c875d626316a1f14a952d2c852ed7f20180a530e2538bda1281842af03006e2ae91e1a7030d82fd60763bef7fa6ac3391e20b29368345b928d9ae86cc8901c76d48b0143bd8a886d55be0755a4e3eb9b971974559175c59f7e3d05e775c98a3508e43eefbae7a7659f6395de6e2cfb9f2efb635d821c52f49a6cf1742f105914f16122034220c2a6f0520d26a16cd1605fe15680dd76cf843985aae9290f56e42206e113374b4d3c0d93020758dd28362aa61638fe47831f60d23840ece28f390412b45f61f85a849a25fb385b779360a4a81dfdb7dda333306389aeeac957c1e1bb62467b33191bc8b9db7a47402e7bcc8083db61f313bff10d2fac4906afbc562af33b1ec061e895fb3ea52f6a1e9b43c253e536b7f31ea2769d1246734aef2c2d9a1c1c9ff68cfd16c7b595fd8a2236ac70624b3f007f0cf6e94130dd5bc895a36bce9df396f5cd1741bff3e9cd2766cf052a2650202a303f1236c27d57ca0938382826cee587bdb98b680986170fa3d6bec0ef4604e1433c6b1d1c7c0aa43befc947cd00b1dc690294dc02c9fa6b194833db38f6da270ceece0bb3375c2018effeeb57d642b758225936c001907de8a8cb64a8ac30858fcacc8ec615269ecb9c22b8ee1740eb018daeabdce89679645e5cdec1f2abcc2786a5d58b18fff5bba12e9dd76fbc24f0e19cfa6a14dce2ff713373884f8267eed9d207051c0f1303e401db66b35f73cc2a5b7c4faa425b7d9c19f456e60835424c336f6c16367b13cc2f3cb9cdfe8ca878d25f61f9dc62ab5e02d9d7628b2a57226ee0f6eeb00886b7356750d7c80bff1918688efd0dc816e1048b327960bef92638acef6c7f969c3cf637954665c97c02086423429d6fd45d475d60e46f0ea0ff688e6878b1012ebd46ee981f1c0b4402346687e0b629c5ee83317b28923e77516f5d6c1e3fcff71a8bf166c16430e5134372ef9fd3f3398c4590601d76c1f45e0aceff4a3699622698854b4f12cfe924a93abbc1b5559a2efaa4d4400cda58f201ddbc35fc87da86629eff83989c1f34ad47425c795ed712220b14a6f4f6aa9acbc509c0f9fee8e1846bbfd58b90fbf0e02be42d533ab91a1d0022e9d3c045056b485edee3476e32fc7bedb06aa35a3d848ee6ff76db2430c9e7195d012fef3226bd29b9babd1d0da57e0cf17e54e4329cb520256a7d880a92965a6496ba192fc6626e3db964f2091d234b9462f6b938cc68160d07c358f0222dee886507401a144fd86e31ca9d6f7a63fc57706c2467b5fd"})
2017/08/11 22:10:49 executing program 1:
mmap(&(0x7f0000000000/0xaec000)=nil, 0xaec000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, &(0x7f0000007000)={0x6, [0x14bbf6c5, 0xff, 0x1, 0x2, 0x1, 0x9]})
r3 = eventfd2(0x100000fff, 0x80003)
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000aec000)={0xa900000000000000, 0x2, 0x8, 0x20000006, 0x12, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]})
read$eventfd(r3, &(0x7f0000964000-0x8)=0x0, 0x8)
r4 = pkey_alloc(0x0, 0x3)
pkey_free(r4)
mbind(&(0x7f00003d2000/0x400000)=nil, 0x400000, 0x2, &(0x7f0000aeb000-0x8)=0x1, 0x7, 0x1)
r5 = eventfd2(0x80000000, 0x80801)
read$eventfd(r5, &(0x7f000044a000)=0x0, 0x8)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000802000-0x10)={0x10000, 0x8000, 0x0})
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f000099d000-0x120)={0x7, 0x0, [{0x80000006, 0x9, 0x2, 0x9, 0xe669, 0xffffffff, 0x7f, [0x0, 0x0, 0x0]}, {0xb, 0x401, 0x0, 0xffffffff, 0x0, 0x909, 0x9, [0x0, 0x0, 0x0]}, {0x40000000, 0x4788, 0x5, 0x2, 0x7ff, 0x80000000, 0x2, [0x0, 0x0, 0x0]}, {0x40000007, 0xfff, 0x2, 0xffff, 0x2, 0x1ff, 0x3, [0x0, 0x0, 0x0]}, {0x40000001, 0x80000000, 0x2, 0x3, 0x4, 0x5c0a, 0xc7, [0x0, 0x0, 0x0]}, {0x80000019, 0x80, 0x1, 0x0, 0x1, 0x8, 0x9, [0x0, 0x0, 0x0]}, {0x0, 0x6, 0x4, 0x401, 0x3, 0x63f, 0x1, [0x0, 0x0, 0x0]}]})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000054b000/0x18000)=nil, &(0x7f0000828000-0x18)=[@text32={0x20, &(0x7f0000ae8000)="c4c17d2b461a66ba2000ec26670ff29f775466b804008ee8c744240000900000c7442402b0000000c7442406000000000f01142466baa000b87b0000000f23d00f21f835100000020f23f8f6774666baa000ed66ba42ecc4e27d2a85a2a50000", 0x60}], 0x1, 0x0, &(0x7f0000ae1000)=[@cr0={0x0, 0x10000}, @dstype0={0x6, 0x5}], 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f000079f000)={0x101ff, 0x3, 0x10000, 0x1000, &(0x7f0000996000/0x1000)=nil})
munmap(&(0x7f0000535000/0x3000)=nil, 0x3000)
madvise(&(0x7f0000711000/0x4000)=nil, 0x4000, 0x6)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000aeb000-0x10)={0x15004, 0x10000, 0x0})
r6 = eventfd2(0x9, 0x0)
write$eventfd(r6, &(0x7f0000789000)=0x7, 0x8)
2017/08/11 22:10:49 executing program 7:
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x4, 0x32, r0, 0x0)
mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aef000-0x9)="2f6465762f6b766d00", 0x40, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x4)
mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000aef000+0xf0)=0x7)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
mmap(&(0x7f0000af0000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000af0000/0x1000)=nil, 0x1000, 0x3, 0x32, r4, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000af0000)="b90401004066b847100000670f01be8c00ba000000000f3052c76dfef3ab66b86f000f99a1e3a1e3e0e0ea0000b2b20ff60f06c1e8050f3235001000000d30ef66bafc0cc9528e55e955266767f2a50f20d835080000000f22d8650f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f000071f000)=0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r5, 0xc028ae92, &(0x7f00000ab000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_LAPIC(r5, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0bcfc300bc75ce5da3001ccb1007655a4f7410ae2abb351756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac4b348ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f7942061ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269bd87224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77c75cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3528baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624e76bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"})
mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x11, r3, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xc59000)=nil, 0xc59000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap(&(0x7f0000000000/0x28000)=nil, 0x28000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000017000)="2f6465762f6b766d00", 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_KVMCLOCK_CTRL(r7, 0xaead)
ioctl$KVM_SET_SREGS(r7, 0x4138ae84, &(0x7f0000017000)={{0x106000, 0xf001, 0x1f, 0x6, 0x5, 0x6000000000000000, 0x4, 0x8001, 0x1, 0x1f, 0x2, 0x6585099f, 0x0}, {0x3, 0xf000, 0x0, 0x9, 0x100000001, 0x2, 0x1f, 0x10000, 0x2, 0x8, 0x120000000, 0x2, 0x0}, {0x0, 0x6000, 0xe, 0x8, 0x4, 0x400, 0x800, 0x1f, 0x4, 0xfffffffffffffffc, 0x289, 0x2, 0x0}, {0x4000, 0x4, 0xe, 0x5, 0x20, 0x0, 0x3, 0x80000000, 0x4, 0x7, 0x1, 0xfffffffffffffffd, 0x0}, {0x4, 0x4000, 0xf, 0x3, 0x9f99, 0x1, 0x6d0, 0xfffffffffffffffe, 0x80, 0x9, 0x5, 0x400, 0x0}, {0x4000, 0x1f000, 0xb, 0x7fffffff, 0x3, 0x4, 0x7, 0x5, 0x100000001, 0x9, 0xff, 0x5, 0x0}, {0xd001, 0x5000, 0x0, 0x100000000, 0x101, 0x6, 0x200, 0x7, 0x3, 0xfffffffffffffc00, 0x5, 0x4, 0x0}, {0xf000, 0x3000, 0x0, 0x0, 0xf87b, 0x5, 0x8, 0xff, 0x4, 0x40, 0x7fffffff, 0x6, 0x0}, {0x1, 0x2, [0x0, 0x0, 0x0]}, {0x6000, 0x5000, [0x0, 0x0, 0x0]}, 0x4, 0x0, 0x0, 0x2000, 0x6, 0x8000, 0x2, [0x5, 0x100, 0x4, 0x8]})
mmap(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r6, r7, &(0x7f000000f000/0x18000)=nil, &(0x7f0000029000-0x18)=[@text16={0x10, &(0x7f000000d000)="0f06ba4200ec66b8e90000000f23d80f21f86635000000400f23f866b8008000000f23d00f21f866352000000d0f23f86766c74424002f9f9ae46766c7442402480000006766c744240600000000670f011c240fc76a2a66b98508000066b80078000066ba000000000f300f07b861000f00d866b9800000c00f326635008000000f30", 0x83}], 0x1, 0x37, &(0x7f0000009000-0x20)=[@cr0={0x0, 0x40040001}, @dstype3={0x7, 0x1}], 0x2)
[   56.975712] *** Guest State ***
2017/08/11 22:10:49 executing program 5:
mmap(&(0x7f0000000000/0x709000)=nil, 0x709000, 0x0, 0x44031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000048000/0x1000)=nil, 0x1000, 0x8)
madvise(&(0x7f000026c000/0x3000)=nil, 0x3000, 0x3)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffff9c, 0xae41, 0x1)
mmap(&(0x7f0000709000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_S390_UCAS_MAP(r0, 0x4018ae50, &(0x7f0000709000)={0x2, 0x9, 0x7})
mmap(&(0x7f0000372000/0x2000)=nil, 0x2000, 0x2000000, 0x14030, r0, 0x0)
mmap(&(0x7f000070a000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000070b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f000070c000-0xc)={0x3, <r1=>r0, 0x1})
ioctl$KVM_NMI(r1, 0xae9a)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f000070b000-0x1c)={0x3ff, 0x7ff, 0x100000000, 0x0, 0xfffffffffffffffd, 0x9, 0x4, 0x7f, 0xaca, 0x4, 0x80000001, 0x4, 0x0, 0x1, 0x6, 0x5, 0x8, 0x9, 0x9})
mlock2(&(0x7f00006ec000/0x4000)=nil, 0x4000, 0x1)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f00004b9000-0xc)={0x4, <r2=>r0, 0x0})
mmap(&(0x7f0000709000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f000070a000-0x20)={0x1fd, 0x2, 0x1000, 0x2000, &(0x7f0000503000/0x2000)=nil})
[   57.017988] CR0: actual=0x0000000080000031, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[   57.030278] *** Guest State ***
[   57.030286] CR0: actual=0x0000000080000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7
2017/08/11 22:10:49 executing program 3:
mmap(&(0x7f0000000000/0xaf4000)=nil, 0xaf4000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000af4000)="2f6465762f6b766d00", 0x40, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000ae6000-0x20)={0x3, 0x0, 0x100000, 0x2000, &(0x7f00002cb000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000077000/0x18000)=nil, &(0x7f00009d5000-0x18)=[@text32={0x20, &(0x7f000064b000)="f36d670f004d1ec4c1f9e6c50f01cf0f06b8010000000f01c10f090f01d1d2580666660f388113", 0x27}], 0x1, 0x0, &(0x7f0000ae8000)=[@cr0={0x1, 0x40001}, @flags={0x4, 0x20000}], 0x2)
mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_REGS(r3, 0x8090ae81, &(0x7f0000af4000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0})
mmap(&(0x7f0000af5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000af5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f00002f5000/0x18000)=nil, &(0x7f0000ae7000-0x18)=[@textreal={0x8, &(0x7f0000af6000-0x4c)="0f20e766b8e89900000f23c00f21f86635000005000f23f836660f383306e83cba4200ec660f73d30b0f01cb642e660ffae28ec066640f22d9baf80c66b8a200218466efbafc0cb05cee0fae818500", 0x4f}], 0x1, 0x0, &(0x7f0000ad5000)=[], 0x0)
mmap(&(0x7f0000af5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000af6000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
ioctl$KVM_GET_DEBUGREGS(r3, 0x8080aea1, &(0x7f0000af2000)={[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000a36000)={0x2000, 0x118000, 0x0})
mmap(&(0x7f00004b6000/0x2000)=nil, 0x2000, 0x3, 0x32, 0xffffffffffffffff, 0x2)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r5, 0x4008ae48, &(0x7f0000af7000-0x8)=0x110002)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x4000000000)
r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, &(0x7f0000af3000-0x20)={0x3, [0x2, 0xffffffffffffff80, 0x800]})
mmap(&(0x7f0000040000/0x3000)=nil, 0x3000, 0x3, 0x61410, r0, 0xffffffffffffffff)
mmap(&(0x7f0000af7000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000af8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000af6000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000af6000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000af6000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000077000/0x18000)=nil, &(0x7f0000af7000)=[@text32={0x20, &(0x7f000067f000-0x4e)="650f01cbb9910b00000f32c4e27d1e7a040fc71b66baf80cb830221e8def66bafc0cb8ab2d1cadefc4c1cf7c45c7f79761651fe0b9cd0b0000b807800000ba000000000f303e2e0f011a640f00d6", 0x4e}], 0x1, 0x4b, &(0x7f0000af6000)=[], 0x0)
ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000329000-0x10)={0x3, [0x3, 0x1, 0xfff]})
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0x4008ae48, &(0x7f0000485000-0x8)=0x0)
mmap(&(0x7f0000509000/0x1000)=nil, 0x1000, 0x4, 0x2110, 0xffffffffffffffff, 0x0)
ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000226000-0x68)={0x74, 0x0, [0x200000, 0x9, 0x80000001, 0x80000001], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f00004d2000-0x148)={0x8, 0x0, [{0xd, 0x7, 0x5, 0x1000, 0x7, 0x164, 0x7, [0x0, 0x0, 0x0]}, {0x40000003, 0xfff, 0x6, 0xfffffffffffffff8, 0x2, 0xffffffffffffffe0, 0x1000020, [0x0, 0x0, 0x0]}, {0x8000001f, 0x0, 0x1, 0x4, 0x1, 0x6, 0x1, [0x0, 0x0, 0x0]}, {0xb, 0x10001, 0x0, 0x401, 0x0, 0x4, 0xffff, [0x0, 0x0, 0x0]}, {0xc0000019, 0xffffffff, 0x2, 0x5535, 0x2, 0x0, 0x2, [0x0, 0x0, 0x0]}, {0x80000007, 0x2, 0x4, 0x4ca004d5, 0xe400, 0x5b63, 0xdca, [0x0, 0x0, 0x0]}, {0x80000019, 0x9, 0x3, 0x5, 0xedc8, 0x4, 0x6, [0x0, 0x0, 0x0]}, {0x4, 0x100, 0x6, 0x6, 0x0, 0x4, 0x0, [0x0, 0x0, 0x0]}]})
ioctl$KVM_TPR_ACCESS_REPORTING(0xffffffffffffffff, 0xc028ae92, &(0x7f0000538000-0x28)={0x8001, 0xfffffffffffffc01, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_X86_SET_MCE(0xffffffffffffffff, 0x4040ae9e, &(0x7f0000519000)={0x100000000000000, 0x6000, 0xd, 0x6, 0x1c, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f0000aa1000-0x10)={0x1000, 0x100000, 0x0})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r5, 0x4010ae68, &(0x7f0000092000)={0xffffffffffffffff, 0x18000, 0x0})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
[   57.030295] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=fffffffffffff871
[   57.030299] CR3 = 0x00000000fffbc000
[   57.030303] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[   57.030309] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[   57.030318] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[   57.030325] CS:   sel=0x0010, attr=0x0009b, limit=0x000fffff, base=0x0000000000000000
[   57.030336] DS:   sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000
[   57.030346] SS:   sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000
[   57.030361] ES:   sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000
[   57.030372] FS:   sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000
[   57.030387] GS:   sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000
[   57.030395] GDTR:                           limit=0x000007ff, base=0x0000000000001000
[   57.030406] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
[   57.030413] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   57.030455] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[   57.030462] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[   57.030468] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   57.030474] Interruptibility = 00000000  ActivityState = 00000000
[   57.030496] *** Host State ***
[   57.030503] RIP = 0xffffffff811b6777  RSP = 0xffff8801c05ef4c8
[   57.030516] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   57.030524] FSBase=00007f376c0a7700 GSBase=ffff8801dc100000 TRBase=ffff8801dc122cc0
[   57.030531] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000
[   57.030540] CR0=0000000080050033 CR3=00000001cd473000 CR4=00000000001426e0
[   57.030548] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   57.030555] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   57.030557] *** Control State ***
[   57.030563] PinBased=0000003f CPUBased=b6a1edfe SecondaryExec=0000004b
[   57.030567] EntryControls=0000d1ff ExitControls=0023efff
[   57.030574] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[   57.030580] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   57.030585] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[   57.030590]         reason=80000021 qualification=0000000000000000
[   57.030594] IDTVectoring: info=00000000 errcode=00000000
[   57.030598] TSC Offset = 0xffffffdfd9ac3579
[   57.030602] TPR Threshold = 0x00
[   57.030607] EPT pointer = 0x00000001d8fa601e
[   57.087573] *** Guest State ***
[   57.087581] CR0: actual=0x0000000080000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7
[   57.087588] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=fffffffffffff871
[   57.087591] CR3 = 0x00000000fffbc000
[   57.087595] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[   57.087601] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[   57.087609] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810
[   57.087617] CS:   sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000
[   57.087628] DS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   57.087638] SS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   57.087648] ES:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   57.087658] FS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   57.087668] GS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   57.087676] GDTR:                           limit=0x000007ff, base=0x0000000000001000
[   57.087686] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
[   57.087694] IDTR:                           limit=0x000001ff, base=0x0000000000003800
[   57.087704] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[   57.087710] EFER =     0x0000000000000001  PAT = 0x0007040600070406
[   57.087717] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   57.087722] Interruptibility = 00000008  ActivityState = 00000000
[   57.087725] *** Host State ***
[   57.087732] RIP = 0xffffffff811b6777  RSP = 0xffff8801cc22f4c8
[   57.087747] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   57.087756] FSBase=00007ff45c87d700 GSBase=ffff8801dc100000 TRBase=ffff8801dc122cc0
[   57.087765] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000
[   57.087774] CR0=0000000080050033 CR3=00000001ce3a7000 CR4=00000000001426e0
[   57.087783] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   57.087791] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   57.087794] *** Control State ***
[   57.087800] PinBased=0000003f CPUBased=b699edfe SecondaryExec=0000004a
[   57.087805] EntryControls=0000d1ff ExitControls=0023efff
[   57.087814] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[   57.087821] VMEntry: intr_info=80000b00 errcode=00000c55 ilen=00000000
[   57.087853] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[   57.087859]         reason=80000021 qualification=0000000000000000
[   57.087864] IDTVectoring: info=00000000 errcode=00000000
[   57.087869] TSC Offset = 0xffffffdfd49ebee7
[   57.087875] EPT pointer = 0x00000001d5b3501e
[   57.095139] *** Guest State ***
[   57.095148] CR0: actual=0x0000000080000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7
[   57.095156] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=fffffffffffff871
[   57.095161] CR3 = 0x00000000fffbc000
[   57.095165] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[   57.095172] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[   57.095182] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810
[   57.095190] CS:   sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000
[   57.095202] DS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   57.095214] SS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   57.095225] ES:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   57.095237] FS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   57.095250] GS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   57.095258] GDTR:                           limit=0x000007ff, base=0x0000000000001000
[   57.095270] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
[   57.095278] IDTR:                           limit=0x000001ff, base=0x0000000000003800
[   57.095290] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[   57.095297] EFER =     0x0000000000000001  PAT = 0x0007040600070406
[   57.095305] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   57.095312] Interruptibility = 00000008  ActivityState = 00000000
[   57.095315] *** Host State ***
[   57.095323] RIP = 0xffffffff811b6777  RSP = 0xffff8801cd5cf4c8
[   57.095337] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   57.095345] FSBase=00007ff45c89e700 GSBase=ffff8801dc100000 TRBase=ffff8801dc122cc0
[   57.095353] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000
[   57.095363] CR0=0000000080050033 CR3=00000001ce3a7000 CR4=00000000001426e0
[   57.095372] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   57.095379] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   57.095390] *** Control State ***
[   57.095397] PinBased=0000003f CPUBased=b699edfe SecondaryExec=0000004a
[   57.095402] EntryControls=0000d1ff ExitControls=0023efff
[   57.095410] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[   57.095417] VMEntry: intr_info=80000b00 errcode=00000c55 ilen=00000000
[   57.095422] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[   57.095428]         reason=80000021 qualification=0000000000000000
[   57.095433] IDTVectoring: info=00000000 errcode=00000000
[   57.095437] TSC Offset = 0xffffffdfd49ebee7
[   57.095444] EPT pointer = 0x00000001d5b3501e
[   57.197239] *** Guest State ***
[   57.197247] CR0: actual=0x0000000080000031, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[   57.197255] CR4: actual=0x0000000000002051, shadow=0x0000000000000000, gh_mask=fffffffffffff871
[   57.197258] CR3 = 0x00000000fffbc000
[   57.197263] RSP = 0x000000000000fffa  RIP = 0x0000000000000000
[   57.197268] RFLAGS=0x00033000         DR7 = 0x0000000000000400
[   57.197277] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[   57.197284] CS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   57.197294] DS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   57.197304] SS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   57.197314] ES:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   57.197324] FS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   57.197333] GS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   57.197341] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   57.197350] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[   57.197358] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   57.197368] TR:   sel=0x0000, attr=0x0008b, limit=0x00002088, base=0x0000000000000000
[   57.197374] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[   57.197380] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   57.197385] Interruptibility = 00000000  ActivityState = 00000000
[   57.197388] *** Host State ***
[   57.197396] RIP = 0xffffffff811b6777  RSP = 0xffff8801cc3df4c8
[   57.197408] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   57.197415] FSBase=00007f115a793700 GSBase=ffff8801dc000000 TRBase=ffff8801dc022cc0
[   57.197421] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000
[   57.197430] CR0=0000000080050033 CR3=00000001d4d7b000 CR4=00000000001426f0
[   57.197438] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   57.197446] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   57.197448] *** Control State ***
[   57.197454] PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=0000004b
[   57.197459] EntryControls=0000d1ff ExitControls=0023efff
[   57.197467] ExceptionBitmap=ffffbfff PFECmask=00000000 PFECmatch=00000000
[   57.197472] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   57.197478] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[   57.197482]         reason=80000021 qualification=0000000000000000
[   57.197486] IDTVectoring: info=00000000 errcode=00000000
[   57.197490] TSC Offset = 0xffffffdfbc278d5e
[   57.197493] TPR Threshold = 0x00
[   57.197499] EPT pointer = 0x00000001da0a901e
[   58.323550] CR4: actual=0x0000000000002051, shadow=0x0000000000000000, gh_mask=fffffffffffff871
[   58.336309] CR3 = 0x00000000fffbc000
[   58.340401] RSP = 0x000000000000fffa  RIP = 0x0000000000000000
[   58.346724] RFLAGS=0x00033000         DR7 = 0x0000000000000400
[   58.353065] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[   58.360094] CS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   58.368358] DS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   58.376633] SS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   58.385715] ES:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   58.394100] FS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   58.402456] GS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   58.410899] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   58.419236] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[   58.427588] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   58.435914] TR:   sel=0x0000, attr=0x0008b, limit=0x00002088, base=0x0000000000000000
[   58.444196] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[   58.450926] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   58.458710] Interruptibility = 00000000  ActivityState = 00000000
[   58.465282] *** Host State ***
[   58.468740] RIP = 0xffffffff811b6777  RSP = 0xffff8801ccd774c8
[   58.475059] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   58.481739] FSBase=00007f825f2c4700 GSBase=ffff8801dc100000 TRBase=ffff8801dc022cc0
[   58.489811] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000
[   58.496059] CR0=0000000080050033 CR3=00000001c204a000 CR4=00000000001426e0
[   58.503360] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   58.510356] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   58.517959] *** Control State ***
[   58.521693] PinBased=0000003f CPUBased=b699edfa SecondaryExec=0000004a
[   58.528635] EntryControls=0000d1ff ExitControls=0023efff
[   58.534361] ExceptionBitmap=ffffbfff PFECmask=00000000 PFECmatch=00000000
[   58.541565] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   58.548566] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[   58.555498]         reason=80000021 qualification=0000000000000000
[   58.562310] IDTVectoring: info=00000000 errcode=00000000
[   58.568146] TSC Offset = 0xffffffdfda7c0f54
2017/08/11 22:10:51 executing program 5:
mmap(&(0x7f0000000000/0xe97000)=nil, 0xe97000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000007000/0x3000)=nil, 0x3000, 0x400000, 0x3, &(0x7f00007ab000/0x400000)=nil)
mprotect(&(0x7f0000abd000/0x4000)=nil, 0x4000, 0xfffffff7fffffffd)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000017000)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000da8000-0x8)={0x1f, 0x0})
r2 = eventfd2(0x7, 0x0)
read$eventfd(r2, &(0x7f00001b3000-0x8)=0x0, 0x8)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000e97000-0xc)={0x1, <r3=>r1, 0x1})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000d48000)={0x10006, 0x1, 0x0, 0x1000, &(0x7f0000cd3000/0x1000)=nil})
ioctl$KVM_SET_FPU(r3, 0x41a0ae8d, &(0x7f0000769000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x3, 0x7, 0xfff, 0x0, 0x8, 0x3000, 0xd000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x0})
r4 = eventfd2(0xedf, 0x800)
write$eventfd(r4, &(0x7f000013b000)=0xfffffffffffff5e7, 0x8)
eventfd2(0x0, 0x0)
eventfd2(0xffffffffffffff01, 0x800000002)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f000059b000-0x20)={r3, 0x3, 0x2, r4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000565000)="2f6465762f6b766d00", 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = eventfd2(0x0, 0x0)
r9 = eventfd2(0x3, 0x0)
madvise(&(0x7f0000de0000/0x4000)=nil, 0x4000, 0x6f)
ioctl$KVM_SET_MP_STATE(r5, 0x4004ae99, &(0x7f00004f4000-0x4)=0x6)
ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f0000026000-0x20)={r8, 0x0, 0x2, r9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
eventfd2(0xc, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r6, 0x4010ae74, &(0x7f0000d32000-0xc)={0xa9d, 0x4, 0x3})
pkey_alloc(0x0, 0x1)
mbind(&(0x7f00007b7000/0x3000)=nil, 0x3000, 0x2, &(0x7f0000ca6000-0x8)=0x1, 0x9, 0x2)
ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f0000028000-0x20)={r8, 0x7f080000000000, 0x1, r8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
read$eventfd(r9, &(0x7f0000a7e000-0x8)=0x0, 0x8)
2017/08/11 22:10:51 executing program 4:
mmap(&(0x7f0000000000/0xaf4000)=nil, 0xaf4000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000af2000)={0x7, 0x200, 0x8, 0x0, 0xc55, 0x1, 0x370d31e6, 0x1, 0x9, 0x9, 0x8, 0x7, 0x0, 0xb57, 0x8, 0x401, 0x200000000000, 0x6, 0x6})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000acd000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000adf000)="b90401004066b8470066bad104b0a9ee0f3052c76dfef3ab66b86f000f00d099d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e955266767f2a50f20d835080000000f22d8650f070f01b102000000", 0x5e}], 0x1, 0x0, &(0x7f0000af2000)=[], 0x0)
ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000819000-0x10)={0x0, 0x0, 0x3, 0x4})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mremap(&(0x7f00007cc000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f00004f1000/0x1000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000af3000-0x20)={0x10002, 0x1, 0x0, 0x1000, &(0x7f000054b000/0x1000)=nil})
mremap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000005000/0x4000)=nil)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f000036d000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
2017/08/11 22:10:51 executing program 0:
mmap(&(0x7f0000000000/0x28000)=nil, 0x28000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
mmap(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_CPUID2(r0, 0x4008ae90, &(0x7f0000028000)={0x9, 0x0, [{0xc000000d, 0x1ff, 0x0, 0x4, 0x9, 0x897, 0x7fffffff, [0x0, 0x0, 0x0]}, {0xa, 0x200, 0x2, 0xd0, 0x4375, 0x7ff, 0x9, [0x0, 0x0, 0x0]}, {0xc0000001, 0x9, 0x4, 0x6, 0x0, 0x0, 0x9, [0x0, 0x0, 0x0]}, {0xc0000001, 0x7fff, 0x0, 0x8, 0x1, 0x10000, 0x80, [0x0, 0x0, 0x0]}, {0xc0000001, 0x800, 0x0, 0x8000, 0x86, 0x8, 0x7f, [0x0, 0x0, 0x0]}, {0x80000007, 0xa485, 0x4, 0xffffffffffffff00, 0x8, 0xea, 0x8, [0x0, 0x0, 0x0]}, {0xc0000000, 0x844, 0x2, 0x9, 0xb0, 0x9, 0x7, [0x0, 0x0, 0x0]}, {0x40000001, 0x0, 0x2, 0x0, 0x0, 0x7f, 0x7fffffff, [0x0, 0x0, 0x0]}, {0xc000000f, 0xd21, 0x2, 0x0, 0x401, 0x8, 0x5, [0x0, 0x0, 0x0]}]})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000017000)="2f6465762f6b766d00", 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000028000)={0x1, <r3=>r1, 0x0})
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000003000-0x4)=0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x201)
mmap(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000029000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f000002a000-0x8)={0x0, 0x0, []})
mmap(&(0x7f0000029000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_ASSIGN_DEV_IRQ(r2, 0x4040ae70, &(0x7f000002a000-0x10)={0x6, 0x5, 0x3, 0x100})
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f0000017000)={{0x0, 0xf001, 0x0, 0x0, 0x0, 0x6000000000000000, 0x0, 0x0, 0x1, 0x1f, 0x0, 0x0, 0x0}, {0x3, 0xf000, 0x0, 0x9, 0x100000001, 0x2, 0x1f, 0x10000, 0x2, 0x8, 0x120000000, 0x2, 0x0}, {0x0, 0x6000, 0xe, 0x8, 0x4, 0x400, 0x800, 0x1f, 0x4, 0xfffffffffffffffc, 0x289, 0x2, 0x0}, {0x4000, 0x4, 0xe, 0x5, 0x20, 0x0, 0x3, 0x80000000, 0x4, 0x7, 0x1, 0xfffffffffffffffd, 0x0}, {0x4, 0x4000, 0xf, 0x3, 0x9f99, 0x1, 0x6d0, 0xfffffffffffffffe, 0x80, 0x9, 0x5, 0x400, 0x0}, {0x4000, 0x1f000, 0xb, 0x7fffffff, 0x3, 0x4, 0x7, 0x5, 0x100000001, 0x9, 0xff, 0x5, 0x0}, {0xd001, 0x5000, 0x0, 0x100000000, 0x101, 0x6, 0x200, 0x7, 0x3, 0xfffffffffffffc00, 0x5, 0x4, 0x0}, {0xf000, 0x3000, 0x0, 0x0, 0xf87b, 0x5, 0x8, 0xff, 0x4, 0x40, 0x7fffffff, 0x6, 0x0}, {0x1, 0x2, [0x0, 0x0, 0x0]}, {0x6000, 0x5000, [0x0, 0x0, 0x0]}, 0x4, 0x0, 0x0, 0x2000, 0x6, 0x8000, 0x2, [0x5, 0x100, 0x4, 0x8]})
syz_kvm_setup_cpu$x86(r2, r4, &(0x7f000000f000/0x18000)=nil, &(0x7f0000029000-0x18)=[@text16={0x10, &(0x7f000000d000)="0f06ba4200ec66b8e90000000f23d80f21f86635000000400f23f866b8008000000f23d00f21f866352000000d0f23f86766c74424002f9f9ae46766c7442402480000006766c744240600000000670f011c240fc76a2a66b98508000066b80078000066ba000000000f300f07b861000f00d866b9800000c00f326635008000000f30", 0x83}], 0x1, 0x37, &(0x7f0000009000-0x20)=[@cr0={0x0, 0x40040001}, @dstype3={0x7, 0x1}], 0x2)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f0000011000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x105002, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0}, {0x4, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34b582ec71cdec64, [0x4, 0x0, 0x0, 0x0]})
2017/08/11 22:10:51 executing program 6:
mmap(&(0x7f0000000000/0xaf4000)=nil, 0xaf4000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000af2000)={0x7, 0x200, 0x8, 0x0, 0xc55, 0x1, 0x370d31e6, 0x1, 0x9, 0x9, 0x8, 0x7, 0x0, 0xb57, 0x8, 0x401, 0x200000000000, 0x6, 0x6})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000acd000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000adf000)="b90401004066b8470066bad104b0a9ee0f3052c76dfef3ab66b86f000f00d099d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e955266767f2a50f20d835080000000f22d8650f070f01b102000000", 0x5e}], 0x1, 0x0, &(0x7f0000af2000)=[], 0x0)
ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000819000-0x10)={0x0, 0x0, 0x3, 0x4})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mlock2(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x0)
madvise(&(0x7f0000004000/0x9000)=nil, 0x9000, 0x0)
madvise(&(0x7f000034e000/0x1000)=nil, 0x1000, 0x64)
mremap(&(0x7f00007cc000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f00004f1000/0x1000)=nil)
mremap(&(0x7f0000008000/0x2000)=nil, 0x2000, 0x3000, 0x0, &(0x7f0000009000/0x3000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000af3000-0x20)={0x10002, 0x1, 0x0, 0x1000, &(0x7f000054b000/0x1000)=nil})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000006000)={0x7, <r3=>0xffffffffffffffff, 0x0})
ioctl$KVM_GET_CLOCK(r3, 0x8030ae7c, &(0x7f000000f000-0x30)={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mremap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000005000/0x4000)=nil)
mprotect(&(0x7f00004aa000/0x1000)=nil, 0x1000, 0x8)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f000036d000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
2017/08/11 22:10:51 executing program 1:
mmap(&(0x7f0000000000/0x67000)=nil, 0x67000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000067000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000067000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000067000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000067000)={0x22, 0x1, &(0x7f0000067000)="3d51", &(0x7f0000067000)="a0aba5b4256c1b0e44852e27c500cb86506c0139ae8cfc949590d1e9795c5acd5f47722efc7eb0e162e7db9a4899b3593f21c7a348163720f2cd42058f4083b3a4392bda69a46a1c885e0f67e7cbb9b63935ff3239bdbfd6f31d0230620fd3e0d334cd6e0c1d7ee5526dfaab55577e1dac9da31a20d08366a26b42f940e18f0c804b84eacc", 0x2, 0x85, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r2 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f000001d000)={0x0, &(0x7f000001d000)=0x0, 0x0, r2, 0x8})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000006000)={0x110004, &(0x7f000002d000)=0x0, 0x0, r2, 0xd})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000064000)={0x0, &(0x7f0000067000-0x8)=0x0, 0x2, r2, 0x0})
2017/08/11 22:10:51 executing program 7:
mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000af2000)={0x7, 0x200, 0x8, 0x0, 0xc55, 0x1, 0x370d31e6, 0x1, 0x9, 0x9, 0x8, 0x7, 0x0, 0xb57, 0x8, 0x401, 0x200000000000, 0x6, 0x6})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000acd000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000adf000)="b90401004066b8470066bad104b0a9ee0f3052c76dfef3ab66b86f000f00d099d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e955266767f2a50f20d835080000000f22d8650f070f01b102000000", 0x5e}], 0x1, 0x0, &(0x7f0000af2000)=[], 0x0)
ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000819000-0x10)={0x0, 0x0, 0x3, 0x4})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xe000)=nil, 0xe000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x0)
madvise(&(0x7f0000004000/0x9000)=nil, 0x9000, 0x0)
madvise(&(0x7f000034e000/0x1000)=nil, 0x1000, 0x64)
mremap(&(0x7f00007cc000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f00004f1000/0x1000)=nil)
mremap(&(0x7f0000008000/0x2000)=nil, 0x2000, 0x3000, 0x0, &(0x7f0000009000/0x3000)=nil)
mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000af3000-0x20)={0x10002, 0x1, 0x0, 0x1000, &(0x7f000054b000/0x1000)=nil})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000006000)={0x7, <r3=>0xffffffffffffffff, 0x0})
mmap(&(0x7f000000e000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000000e000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_CLOCK(r3, 0x8030ae7c, &(0x7f000000f000-0x30)={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mremap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000005000/0x4000)=nil)
mprotect(&(0x7f00004aa000/0x1000)=nil, 0x1000, 0x8)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f000036d000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
2017/08/11 22:10:51 executing program 2:
mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000aef000-0x4)=0x8)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b86f000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e955266767f2a50f20d835080000000f22d8650f070f01b102000000", 0x5e}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0)
mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000af0000-0x8)=0x5003)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f00000ab000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0bcfc300bc75ce5da3001ccb1007655a4f7410ae2abb351756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac4b348ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f7942061ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269bd87224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77c75cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3528baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624e76bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"})
mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000af0000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000af1000-0x138)={{0x100000, 0x2, 0x0, 0x6a3929f3, 0x7f, 0x10001, 0x5, 0x9, 0x7, 0x40e, 0x1, 0x6, 0x0}, {0x7004, 0x115000, 0xf, 0x6, 0x0, 0x45e13071, 0x7, 0xec6, 0x0, 0x80, 0x100000001, 0xfffffffffffffffb, 0x0}, {0x100000, 0xf000, 0xf, 0x4, 0x72, 0x401, 0x3, 0x9, 0x7, 0x8, 0xffffffffffffff01, 0x3, 0x0}, {0xd000, 0x5000, 0xd, 0x1, 0x3, 0x401, 0x800, 0x400000000, 0x5, 0x3, 0x7, 0x5, 0x0}, {0xf000, 0x0, 0x3, 0x5, 0x8001, 0x6, 0x40, 0x5, 0x95, 0x6, 0x4, 0xff, 0x0}, {0x2000, 0x10002, 0x0, 0x6, 0x20, 0x50b, 0x4, 0x80000000, 0x7, 0x4, 0x3, 0x74, 0x0}, {0x1000, 0x0, 0xd, 0x9, 0x80000000, 0x5, 0xa39, 0x8, 0x2, 0x2, 0x400, 0x22, 0x0}, {0x4002, 0x1f000, 0xf, 0x100, 0x101, 0xfffffffffffffffe, 0x1, 0x9, 0x7fff, 0x4, 0x6, 0x4, 0x0}, {0x6002, 0x101000, [0x0, 0x0, 0x0]}, {0xf000, 0xf000, [0x0, 0x0, 0x0]}, 0x10000, 0x0, 0x4000, 0x200, 0xf, 0x4000, 0x107000, [0x1, 0x0, 0x60241247, 0x100]})
mmap(&(0x7f0000000000/0xc59000)=nil, 0xc59000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f00003b8000-0x400)={"1548c339b60144a0bc62dd773028d65117c2db8dc4b3b826ff5973906155897ccc47ae55c28d86c6a084e06b808a9af13fc715025bfd26fb3a590f8020a2781d6914a0463c03ca5e5276a4604696f144ef5511f30aec0e8c5307880e1f75d3b7534f08c92b40ba5a4dd512de8eb6c4e1595f38de9b385b087022dd2a94f258129fa80d25d576e1d96db7f3d876198fc65c80eac2d2ec48a6314c3ccd4c3fa4fd519b769a8a55bde396e2e15d602d4588966f260b5285bc9460a55362b39524c2df87ef212a77744b0489643f16210f30929c8c1e395ef1a54daebc33182481a601b3d9e2239e157dd0e81c1e62afe69e74a5eb6d5677e4150fe5e0badc4ff4328222433c09b6e810347de430c2587c1582ef4c06ace32341f694e22527badabce9bcd9bc8bbe3a9708affa35c19e40b9ee527611d384d281fde844d2731bf6d88279d4a3b5b4815e6c2c8fbeaad7aa9c9b6cb91241e1ffba462fdf5d7f16f5401a62efa3f4768f0d98a3113971bc89af152dd33731d750301c9ebda0304b65255544aadb546fdc05f09b940e6c0977937cbb648986a3721e6e208143e285a28b75027d2c4b54a09940c5b38d1a90f6afeaf840e7d345cf3ced9fd1d46e325edee8b5d8656cf111dfd5d7a4845810a48bd585c3707dc1eeda30ee6588f37b77dd4f1ad331da482f5729583b6dd23a95bc44615ba084fba9cbe9ac9ffdaa5a1d5cd7b508f27e3acc1c55992c5f4cb842c6c96336cc87b24f5fb118496ffcc918c4b6686caf79378b4c82d7b731ccf4aa1ae154f5a73bded8d8dde917ae314200928443010dbb7db1df51646d2eae485d641083c1e0a130c626f19a8296696ce5c0e45ea670138682bb1d24a7108555670d02f6efb457ad9c8f670b33728efb3955f6c38396c4b89ef0b4fc0a3e2acb3da4ec6a4605d87b6a175fff1bb5b0e426e1a71c02a18d5001c4941381c7d9d4c991e087f687195ae0f3a1c8d3d202ee4749fef2c16b278e9f1c12007d5f8b3313b83e2093749dc8fa8201b2013876b0224433e3ab98e75f9b5c9224c7dca28342d35d39dca51e23ef61a3662587ac7638e657bbfbe5f641de3faecb09002aefe2b4ccfec05b773acf2cc2a8fce0f4717b214db8846144fbfd54e816585f900bf9aa604387a50d6addd8fa3f0ad0564d9baccdbb361945505ca8c0f9077a5e17e175376fb15785a092c0c5321e4a7ea37adf8753bfcb968940faa4d5ca44eee68168b03064535337c7794fff49ceca5f1250c9dcb27a729244a43e6141f410ceb427a76dd5561b973a9bd9f9ce7d5921a4bf1dc00efbba5ad9d743eebec58c5b80c14e602f43838c0b47f4747100ddcf14e4f3d02bebfea8677896b201458f8c9d5c77d229f34378bebbbbd0a0adabf05868fce8fbe8e37acdea1d96c06e41ee439f00986d323c597d0a7d1367a961440eb7"})
munmap(&(0x7f000064f000/0x3000)=nil, 0x3000)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = eventfd2(0x0, 0x0)
mmap(&(0x7f0000996000/0x3000)=nil, 0x3000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000c5a000-0xc)={0x3, <r6=>r4, 0x1})
mmap(&(0x7f0000c59000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
read$eventfd(r5, &(0x7f000043e000)=0x0, 0x8)
write$eventfd(r5, &(0x7f0000c57000)=0xe318, 0x8)
mmap(&(0x7f000064f000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000064f000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r6, r1, &(0x7f00009be000/0x18000)=nil, &(0x7f0000650000-0x18)=[@textreal={0x8, &(0x7f00004fb000-0x4a)="650f21a5f30f11528e67f00fbaa900800000fff20f5962000f2201f30fc77487dbdb0f20e06635002000000f22e066b92f0a000066b8e6cb714f66ba847cf0660f3066b9d90a00000f32", 0x4a}], 0x1, 0x20, &(0x7f000064f000)=[@cstype0={0x4, 0xffffffffffffffff}], 0x1)
mremap(&(0x7f000020f000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000b84000/0x4000)=nil)
2017/08/11 22:10:51 executing program 3:
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0x0, <r0=>0xffffffffffffffff, 0x1})
mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_IRQCHIP(r0, 0xc208ae62, &(0x7f0000001000)=@ioapic={0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}]})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000001000-0xc)={0x2, <r1=>0xffffffffffffffff, 0x0})
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x6)
mmap(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x3, 0x31, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000000f000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000003000)="2f6465762f6b766d00", 0x581001, 0x0)
mbind(&(0x7f0000003000/0x3000)=nil, 0x3000, 0x8002, &(0x7f000000c000-0x8)=0xef3d, 0x5d4, 0x1)
mprotect(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x7)
mbind(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000005000-0x8)=0x9, 0x7f, 0x0)
ioctl$KVM_GET_XCRS(r1, 0x8188aea6, &(0x7f0000002000)={0x7, 0x2, [{0xfffffffffffff800, 0x0, 0x2}, {0x2, 0x0, 0xe0}, {0x4, 0x0, 0x9}, {0x52d, 0x0, 0xffff}, {0xff, 0x0, 0xffffffff}, {0x9, 0x0, 0x1}, {0x0, 0x0, 0x6}]})
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f000000e000)={0x0, 0x9c, 0x6, 0x0, 0x3800000000, 0x1, 0x4, 0x9, 0x6, 0x100000001, 0x6, 0x2, 0x0, 0x1, 0x6, 0x10000, 0x2, 0x97e1, 0xfff})
ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f0000007000)={0x0, 0x6, 0x20, &(0x7f0000003000-0x8)=0x0})
mbind(&(0x7f000000d000/0x1000)=nil, 0x1000, 0x4000, &(0x7f0000008000)=0x2c, 0xfac1, 0x4)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f000000e000/0x1000)=nil)
mbind(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x1, &(0x7f000000d000-0x8)=0x0, 0x2, 0x3)
munlock(&(0x7f0000005000/0x2000)=nil, 0x2000)
munlock(&(0x7f0000006000/0x3000)=nil, 0x3000)
mlock2(&(0x7f000000d000/0x2000)=nil, 0x2000, 0x1)
[   58.572756] EPT pointer = 0x00000001dab0801e
2017/08/11 22:10:51 executing program 3:
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aed000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000602000/0x18000)=nil, &(0x7f00002cf000)=[@text32={0x20, &(0x7f00008e1000-0x54)="f20f019901000000c4e1a176800d00000036f3360f300f0175c6c74424009b000000c744240200300000c7442406000000000f0114240fb7943b00680000650fc72ec4e295b811660f38818caf000000000f01cf", 0x54}], 0x1, 0x21, &(0x7f0000af0000-0x10)=[@efer={0x2, 0x1900}], 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SMI(r2, 0xaeb7)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
2017/08/11 22:10:51 executing program 1:
mmap(&(0x7f0000000000/0xae3000)=nil, 0xae3000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
mmap(&(0x7f0000a6f000/0x6000)=nil, 0x6000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000ae3000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f000083d000/0x2000)=nil, 0x2000, 0x3, 0x10, r2, 0x0)
ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x2)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff})
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@textreal={0x8, &(0x7f0000ae4000)="3e0f001b66b9800000c00f326635010000000f30d88a45000f32b800018ec80f23b9360ff9c3662664f2addd8f0900f30f5805", 0x33}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @vmwrite={0x8, 0x0, 0x0, 0x0, 0x8, 0x0, 0x4, 0x0, 0x6}], 0x2)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_GET_XSAVE(r3, 0x9000aea4, &(0x7f0000ae6000-0x400)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
[   58.744773] kvm [4070]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x4000008f data 0x1047
[   58.751801] *** Guest State ***
2017/08/11 22:10:51 executing program 0:
mmap(&(0x7f0000000000/0xe98000)=nil, 0xe98000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000017000)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000da8000-0x8)={0x1f, 0x0})
r2 = eventfd2(0xedf, 0x800)
write$eventfd(r2, &(0x7f000013b000)=0xfffffffffffff5e7, 0x8)
r3 = eventfd2(0x0, 0x0)
eventfd2(0x0, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000026000-0x20)={r3, 0x0, 0x2, r3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000565000)="2f6465762f6b766d00", 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = eventfd2(0x0, 0x0)
r7 = eventfd2(0x9, 0x80000)
ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f0000026000-0x20)={r6, 0x0, 0x2, r7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f0000e97000-0x20)={r6, 0x2000000002, 0x2, r2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
2017/08/11 22:10:51 executing program 4:
mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000000)={0x0, 0x8})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000530000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_LAPIC(r2, 0x8400ae8e, &(0x7f0000af1000-0x400)={"1df79cfe2f035f608bee9381364e0b65472b8040dcd38ecd597fdcfb40d1205fae1e0f00a71fbf628b73eaa346d443665199126e5a31c96e0bfc8ad7cc8b2a0a87c1609901ff70d9bf1720938b425bccbb4552cb4d9ffa7d05c860289ea76512ea59ba72026896a3e9e69d04a3ea9d6b7e413782bc0f1986da9e77bc547c3239ea7817419d034aee797394a9f348c31496164bad82878c98cbea01602ab98656ed1aa696280a6ba6141f8ed67967226728c3fb0152111d4f131ac481f7f9cd7f18ab982f8b7360b9f0ad7f6c2f649dbdb8fbe9c609d7344ea77d7f4ee08bdd1fcd57ed109106a9ba90b1151c915a7149611811cf889f0ba5ed5f5025faac86befa3ca06f76d4790f2f767139d1e1d34a2e18158edef8d03eb28cc0e6ebc76cb220f0b583c13f072d746b7b2e8d4b4ce7ec42926daee2de8a5a325fe6533efcffeff478a74d2c1ef2a92fac12c01461ccd705476b87f1e1fcfc2aeabc851c6b79b03280959c4eaadc5ff3a80c0192520b5d81eff3d044aa2cccbd2794e9e5a1cfeb61c9e26ba44ff8b5c3e7b1f03adec3ff48df3e9f3f5531da756581dd2b2454b0f662918009c536caa46774089bce01b46b68f8d4230fae15623a0e381db5265df2244e72d66c9c4d09165fa47d5ba7b5c241243f1302705c846389e7e2e518ef0a74aba4508f2959f68038d7ad72a825ff936a86b1dd15445a496a6ce3acb193618fddaf0c7210affe54fddffd60f908416e3be5f9b4369e974f1e2d0a585d507a350b812c0543f074bc78eead22381bed18b1584784ce037624cbc72930f88d7c23c47bf57dac241ef18370b35f80702c2b77a13f439468fcdfc4e6664d7ec37304766fe7516dea8fab210a9081b2a531725c682a1c045c3cefe8de22f1002a6d8296138fa7369fb6606e682d4cf269fed0241434135af43f9bb43c1a4566845fe2e03e0f181449fa09f0c438f8e09903c1af307b87cafe2bcc061c6eadb95b6ede6a616bc6f995b266ddf8d68834679574e05d8c5d473bc5c66adcd7b7461fcc04df288a017ce3f02d56d1abf67b2f3ab7f73330e85a145a57aaf15e0360c3cc96bb75f257f235d231c3d18f4ad5748e62e2efcc5c862a73804bf7ac7d79a4a171f9ae45b2a4e41e047e82cac710593a413fe3b67aacc16fc29d03cbccf09009feaab7010214801992b525397292109e4cac63879b6b0c7443eb2ff77259bc119ca24c1b4e730ad936b1a6b9b17c97d902e26f402603f9ab7697e87743a2a25bb4349b7058906fd76a7c332a09de42bcda3079f2190168fe9cb3ac642d3be7e2a51d503227bc89a1525cc89de71d6bcccb6ad11f0c153e33b78e0c30b2a81219985efeda58e6bea638ce986e7a0a3b4a62aeaf0b9792b6bd4750c399a674953178df85ad84120b2376b6a5bb9ab68fff0ba31e7dbcdcf248720a82f6ffa7"})
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f000003f000-0x4)={0x6, 0x1, 0x1, 0x0})
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af0000-0xfa)={"1a3109e2ddbbb6aadcd5c2652b2031c68a46b1e3073fa0506edc5d49ad2fccfb24dd4e577f07bb72dfc55c3ea7bed5a6097ad495bd92a25655856ce787f74d5ea61c5e9cea79ea33a7eb1931b18935c40298de9e0578a07d608bbb88861a431ee6df66f43a6d10e41d43132b0409e0bd865751b9ac22eba678e73f455057062b69cafefc3885ccc262da9b8d3cf4e97cc397f96481f22b448305448300000000ecb406012c1463cd8e9eaffea2b4dafed36623e04f2fd1bde0178578d1bcdb75ba3cc3250a75c94a286e2046f4dc7dc45579ffe69eb53c9ee5144796ada9519a4a81110fda0c05e624ce574ec6b994caecf7aea051ada24edabcd54dbef8a45e35f69e8f9993e8cc2e9ade4ec84a7044e88ae422308d8e6c8c3243a65e9ad521052f0055f592964641d3e275d79a4bb7e8cf7b941e4a4b3d5a78397612e58036a1fcf53008fcf7a9b57594f656e67f2ccbfbb33e506d079178cb4b890000000043a38187a9026607da1b7cd9e6a8387e466712bba30def9b383a70039bf44cbfdd8a45877d76f09367010d9fff54b5682ceefa6bd7e268e6da89493164c5de02cd2825a173cea0c24ff63240799d4c6c751bbfca42d381e07273cfb2b48f995806b94b6369146df0662a66d6757f08c1c85842710dc50079686f01f18c89e1f7c1087d431441514ab79defae7b7c0ada7b3de1b3a6a07602c6f974bebfaf30d7a5f73a87e6dea33c2df5b6925594008528c0a95076a9dba1099dba7dfce097177eab787748fae0dbf770caf566baba5700e83629d4376fe2d7e136a3a575cc05bdfd7d82d5f4ea9817cbcf3d4101fc89967c7af87baec9359846e413d534ce995dd5dd90f90717e3663b3176aa5cda775df58789c74a53d5e43864290eb3a35d5b95bf91c35e80ce61957817c2719a553ab120021a1fcd4519d4e894964db35c848a8ae4e4c2160fd2f4bafbba9a8ae19babc72b19144b014e0a7eb85abcbc334cdc10fa3752b79e24859ebcbc954c1faf5873f78555bae5d8a56fb6367cab718cc7557bf7d988635404fc3de67606a48fba6cff353f86d450fc05946729e7f68f823e0ec70a6d05a075f7177399cbe43dc9d78ab6b8938453b36e874e310abac1ebe6b3c63ff3040f29e4ae5979a5ec907d92172c8498c5f03f07789eb85505d912f81135d91d94b02f30fc5d3a3fb9fc6b9ecf2f7843c555ed198d36e6ec3180350b138c647af7cf7794ad5d5479b62341f80d1d8873a316aae18f10807ddfa75d4a7d1c5e9094a9c7ad3bc4556a8c2cd62acedc0e9cda469a0b8afc42a73c5230e228ff11c983baadcb3f7b16797f5738c9da52ec538fda1d7ee50ea7b1cd841d32702e801c261ccbe46561933a039b5e97b30826eeefd8948939b1085429aaf4dff06e75e822e6e5446f0bece4d75f86332c5e5fc062ed9e356102c478d3"})
mmap(&(0x7f0000af1000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000af2000-0x28)={0x1, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
2017/08/11 22:10:51 executing program 5:
mmap(&(0x7f0000000000/0xaeb000)=nil, 0xaeb000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00001b8000-0xf8)={0x5, 0x0, [{0x8000, 0x4, 0x0, 0x0, @adapter={0x20, 0xc10c, 0x5947, 0x4, 0x1}}, {0x4, 0x2, 0x0, 0x0, @sint={0xe1, 0x1}}, {0x7, 0x7, 0x0, 0x0, @msi={0x1, 0x8, 0x6}}, {0x1, 0x0, 0x0, 0x0, @sint={0xe5, 0xa58e}}, {0x20, 0x2, 0x0, 0x0, @msi={0x6, 0xfffffffffffffffe, 0x9}}]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000aeb000)={0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f0000ada000)="ba2000b0f0eeba610066b81d00000066efb800008e0c87e4670f01c800072c0f01b6cba966b8db0000000f06c80f21f866350800d0000f23f83e6567660f38dea419f79758603e3ef2ad", 0x4a}], 0x1, 0x0, &(0x7f0000adf000)=[], 0x0)
r4 = eventfd2(0x0, 0x800)
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
read$eventfd(r4, &(0x7f0000aec000)=0x0, 0x8)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000aea000-0x18)={0x0, 0x0, []})
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r6 = eventfd2(0x8023, 0x0)
r7 = eventfd2(0x0, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r5, 0x4004ae8b, &(0x7f0000071000-0x50)={0x4c, "1c4c820efa6b7414d1451725b70130486bbb62b52d1988fed8d4e07f6759f6f8bb9b7bd91f07536afca166954696c90af92f61c54c15daa13f1877ec029bc190d2f351321a498a14db24be40"})
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000aeb000-0x20)={r6, 0x3, 0x2, r7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000aed000)={0x11, 0x0, 0x10001, 0x0})
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000243000)={r4, 0x1, 0x6, r6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
read$eventfd(r7, &(0x7f0000aee000-0x8)=0x0, 0x8)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
2017/08/11 22:10:51 executing program 7:
mmap(&(0x7f0000000000/0xaeb000)=nil, 0xaeb000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000aeb000)={0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@textreal={0x8, &(0x7f0000aed000-0x4f)="0f7fa5e2600f49fd2e0fc79d0b8066ffab0100baf80c66b82050978266efbafc0ced66b8000000800f23d00f21f86635300000030f23f80f32baf80c66b8a1dfb28266efbafc0cec0f03c10f01730e", 0x4f}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0)
r3 = eventfd2(0x0, 0x800)
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000aed000)={0x1, 0x0, [{0x200, 0x0, 0x7f}]})
read$eventfd(r3, &(0x7f0000aec000)=0x0, 0x8)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000aea000-0x18)={0x0, 0x0, []})
eventfd2(0x6, 0x800)
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, r0, 0x0)
mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(0xffffffffffffffff, 0xc028ae92, &(0x7f0000aef000-0x28)={0x6, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r4 = eventfd2(0x101, 0x800)
r5 = eventfd2(0x12, 0x80001)
ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000071000-0x50)={0x4c, "1c4c820efa6b7414d1451725b70130486bbb62b52d1988fed8d4e07f6759f6f8bb9b7bd91f07536afca166954696c90af92f61c54c15daa13f1877ec029bc190d2f351321a498a14db24be40"})
ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0xfffffffffffffffa)
mmap(&(0x7f0000652000/0x1000)=nil, 0x1000, 0x4, 0x30, r2, 0x0)
ioctl$KVM_PPC_GET_PVINFO(r1, 0x4080aea1, &(0x7f0000aee000-0xf1)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000aeb000-0x20)={r4, 0x3, 0x2, r5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aef000)=0x4000)
read$eventfd(r5, &(0x7f0000aee000-0x8)=0x0, 0x8)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
[   58.751812] CR0: actual=0x0000000080000031, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
2017/08/11 22:10:51 executing program 3:
mmap(&(0x7f0000000000/0xaec000)=nil, 0xaec000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000ae6000-0x40)={0x80000000007fe, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000039000-0x10)={0x954, 0x8, 0xfffffffc, 0x1563a85c6c8d69ab})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000763000-0xc)={0x4, <r2=>r1, 0x0})
ioctl$KVM_SET_XSAVE(r2, 0x5000aea5, &(0x7f0000ae7000)={"445ffdfba3b72807f31915a26b87bfe562ed61a16dad2279b3372ac568f04f90ea3228e447ad26c4e29c27238f299e5b0303df9e1b1c26b972b4ffd29ce9622954e6e6595f8fb890a33169c032503238d78754d7602f496ef468fc7e2de880b83ed7edf68ea62acf334d76a6530f3d9b33853fb8a3b798963c2d6ab408e61b92a87116a58376f558f14dd58a08d39a54c86c92f0b6bf24a703d67a8525b5b5bf8f6fb0b66b7c673c815a2f749ed706c5ef9967f8ab96a26635b560264784b4302ba2adba6aaa8ddd28ee35fb7c9883c5a06e5f7db9d717695eaf38753a34f6f68ca1b1ef6a3e6f7159866e6b4136a52742df8074f5e4f978aa49a076d5e54c3f11f6be238d4f10fd8e0f18432dd3398122cda2de9a0af4df24fbf4832f50216bc3d8c19b4dd50532ccc75efb5fe66b22ea95f30cfdddca255b8da52bc404a6ee126a38b31eed819e9ee1128597ed2a3c9937002b9883bd430fc6b70f4b67f841df804c05833fe9437226268d4b5922b6fa92a006653b571518aafa2ca45e98baba4865aefd740c6e58f57fd92912d313351607d86622672a0349dd38263d01f6d1bf0da6657f9b5f905c6293cfa048a4b78232e078fde5774d68afd396a39bb8cc4937ad047f9aae9f3f1e549444a511787b40f917ea39bc7bbbadc97b9cb653723cba2719450a463601376289cbc4437390bf2ab13b0ce0c0540673ee38e7225eb38cd238d64e5260c4689031d125d628b07b0f028d774fdf9c90d883b00ba81220bbb9d9b5fd747cbb5d085558280fce2faad50cc00f77ef4172991dd82e175b58866f9560435f19b244d4bd85a4f19e1ca5c7b8c6baaa9edc9db9629b7d6f9b9633a3e2c18ab15d246822960a4c5b2f4021b9b3a5b99c7b9cec8f7d9be90ce92277e7b48b003ab140ce8a5542ba9cbd9ae681ca242d7e2257c81cc28c3b28f91c7067671fb30a5b6c090f895876d87e25966ed5aeee90c78cda907c4f58867ba479c186a3cd19c5c40f03e3d43ecf3e0b02db659d15d6dc0af4263aafd64d838f20c3700c432a0a5045b69c16f07ec0042d70e73eed0d1db1865c183f8b54b223462ba619778d3bf0c9a54bf4fdd7bbc5ac3868db3d8307c1eab014e6025178d56be6ba8f6aa03d15970c710676ab17719e7490f11e5b23b431973d4b4eb4b17f1f15147b3268fd5eadb4d0c2ff71f7dccc7c548ed9eda8ba281ab909c4b6e85c3f3316c9c448b9b720cb8c9c1ca03d3e75cdaed7a1afad51a79872b7761034f1dc6f8fb9d88664d9974c75e9bed4a1dc2f74c57eb15bc8576b928efc30cc06f64d056f4cc2cc6034dd6009edc8d45ffa4708ea2563c2d0127c5476819a5659cb2b1aaebff260b6ee1a26e99e0653191cabdefcdeb9e5c3c0f0b3617c8ef917a4baff4f710b6dcb5ce31d380ec30c648a6787e6d7374673e8896cf39e0dc1"})
ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f0000ae7000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000ae8000)={0xfffffffffffffffe, 0xffffffffffffffff})
ioctl$KVM_XEN_HVM_CONFIG(r2, 0x4038ae7a, &(0x7f00000e8000)={0x400, 0x0, &(0x7f0000a26000)="4cb9db57fe359dcd85e16208f68c5ca7a2d34624fe20c9e841a17462fcd1cc4c2c5ecbb59fc1e313b4e05223352370cba366c8effd7dec9b86587940b5218954be1b5debcf1d69bd88ca2401957f4dc460638ebd79bb5b640a4c519081bc0ba9b196b689e5e179df14cbb5330e9ec9b5d77f741005f441cb2ef3b116a84d623060", &(0x7f00000ec000-0x56)="fd7135cd6431b3957bdda16fac3bf38eb69e128afed7b5b6ca64bee3bd1d39f1ebfa5eab1c2a64646f366498444c97b8ee1b4c790f225db3341d0573a99f0d94920ecd3ec2e7a962720c5bb1f757bdb009c43497580b", 0x81, 0x56, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r2, 0x4010aeab, &(0x7f0000ae9000)={0xffffffff, 0x0})
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000ae8000-0x1)="00")
ioctl$KVM_DIRTY_TLB(r3, 0x4010aeaa, &(0x7f0000ae8000)={0x7fffffff, 0x800})
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000478000-0x70)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000}, {0x0, 0x1, 0x200000000000, 0x0, 0x101, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfbf, 0x0, 0x0, 0x2, 0x0, 0x717c8be1, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_REINJECT_CONTROL(r3, 0xae71, &(0x7f0000aeb000)={0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000134000)=@ioapic={0x2, 0x5, 0x7f, 0x4, 0x0, [{0x5, 0x9, 0x2, [0x0, 0x0, 0x0, 0x0], 0xa1}, {0x4, 0x80000000, 0x40, [0x0, 0x0, 0x0, 0x0], 0x800}, {0x400000000000000, 0x1, 0x4, [0x0, 0x0, 0x0, 0x0], 0x6}, {0xfffffffffffffff9, 0x100000000, 0x8, [0x0, 0x0, 0x0, 0x0], 0x80000000}, {0x8, 0x1f, 0x4, [0x0, 0x0, 0x0, 0x0], 0x4cabdc08}, {0x9, 0x400, 0xfffffffffffffc01, [0x0, 0x0, 0x0, 0x0], 0x401}, {0xfff, 0x7a7, 0x0, [0x0, 0x0, 0x0, 0x0], 0xeb2}, {0x3ff, 0x446, 0x8, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x100000001, 0x4, 0xb89a, [0x0, 0x0, 0x0, 0x0], 0x80000000000000}, {0x6, 0x9, 0x6, [0x0, 0x0, 0x0, 0x0], 0xffff}, {0x80, 0x5, 0x10001, [0x0, 0x0, 0x0, 0x0], 0x67}, {0x40, 0x7, 0x400, [0x0, 0x0, 0x0, 0x0], 0x5c}, {0xab, 0x0, 0x1f, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x6, 0x4, 0x80000000, [0x0, 0x0, 0x0, 0x0], 0x80}, {0x7fffffff, 0xfffffffffffffffc, 0x9, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x401, 0x3, 0x4, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x12, 0x1, 0x3, [0x0, 0x0, 0x0, 0x0], 0x1}, {0x2, 0x4, 0x9b, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x20, 0x4, 0x40, [0x0, 0x0, 0x0, 0x0], 0x2}, {0x8, 0x8, 0x80, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x80, 0x9, 0x3, [0x0, 0x0, 0x0, 0x0], 0x243}, {0x4, 0x6, 0x4, [0x0, 0x0, 0x0, 0x0], 0x19}, {0x3f, 0x0, 0x48e, [0x0, 0x0, 0x0, 0x0], 0x80000000}, {0xb6, 0x2, 0x8e, [0x0, 0x0, 0x0, 0x0], 0x6}]})
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000aeb000-0x8)={0x20, 0x80000001})
2017/08/11 22:10:51 executing program 6:
mmap(&(0x7f0000000000/0xaeb000)=nil, 0xaeb000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000aeb000)={0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@textreal={0x8, &(0x7f0000aed000-0x4f)="0f7fa5e2600f49fd2e0fc79d0b8066ffab0100baf80c66b82050978266efbafc0ced66b8000000800f23d00f21f86635300000030f23f80f32baf80c66b8a1dfb28266efbafc0cec0f03c10f01730e", 0x4f}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0)
r3 = eventfd2(0x0, 0x800)
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
read$eventfd(r3, &(0x7f0000aec000)=0x0, 0x8)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000aea000-0x18)={0x0, 0x0, []})
eventfd2(0x6, 0x800)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000aee000-0x28)={0x9, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_DEBUGREGS(r4, 0x4080aea2, &(0x7f0000430000)={[0x6000, 0x5000, 0xf004, 0x0], 0xfffffffffffffff8, 0x23, 0xd, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r5 = eventfd2(0x8001, 0x0)
r6 = eventfd2(0x0, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r4, 0x4004ae8b, &(0x7f0000071000-0x50)={0x4c, "1c4c820efa6b7414d1451725b70130486bbb62b52d1988fed8d4e07f6759f6f8bb9b7bd91f07536afca166954696c90af92f61c54c15daa13f1877ec029bc190d2f351321a498a14db24be40"})
ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0xfffffffffffffffa)
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_PPC_GET_PVINFO(r1, 0x4080aea1, &(0x7f0000aee000-0xf1)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000aef000-0x20)={r5, 0x3, 0x2, r2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x232, r4, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f00009bf000-0x8)=0x4000)
read$eventfd(r6, &(0x7f0000aee000-0x8)=0x0, 0x8)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
2017/08/11 22:10:51 executing program 4:
mmap(&(0x7f0000000000/0xafb000)=nil, 0xafb000, 0x2000002, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00007c3000)={0x1, 0x0, [{0x0, 0x5, 0x7fff, 0x9, 0x8, 0x0}]})
mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000afc000-0x14e)={0x7, 0x0, [{0x7, 0x1, 0x0, 0x0, @irqchip={0xe94, 0x40}}, {0x6, 0x3, 0x0, 0x0, @msi={0x0, 0x20, 0x1000}}, {0x5, 0x2, 0x0, 0x0, @adapter={0x6, 0x9, 0x8001, 0x0, 0x8}}, {0xfffffffffffffbae, 0x2, 0x0, 0x0, @sint={0x10001, 0x1b41}}, {0x8, 0x3, 0x0, 0x0, @irqchip={0xfffffffffffffffb, 0x7}}, {0x10001, 0x0, 0x0, 0x0, @msi={0x8, 0x8, 0x5}}, {0x1, 0x7, 0x0, 0x0, @sint={0x8, 0x7ff}}]})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000afb000-0x28)={0x400000000, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text64={0x40, &(0x7f000099d000-0x64)="b6c3f8e788595dc51ba31779d22e2453ab6fe204d8cb17bc3c4ab8e3e0483b9931418b5c1612cb68cb1f08acd613883205213823efd610026d3b892f9ecf43c837882ddb41cb3a22a62644cc9081d865b5c7d6d371bfbc1b7da5ab28911fcb5667d0b08b", 0x64}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00006b4000)=@ioapic={0x2, 0x0, 0x0, 0x4, 0x0, [{0x3, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0xe2, 0x5, 0x0, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x6, 0x0, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x1, 0x4, 0x3, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x5d9a, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x5, 0x2, 0x7f, [0x0, 0x0, 0x0, 0x0], 0x40}, {0x9, 0x3f, 0x1, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x9, 0x1, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x0, 0x9, 0x5, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x100000000, 0x6, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x80000000, 0x10001, 0x8, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x7fffffff, 0x9, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xfffffffffffffffc, 0x1, 0xffffffffffffffe1, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x3, 0x6, 0xe945, [0x0, 0x0, 0x0, 0x0], 0xfff}, {0xfffffffffffff135, 0x6, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x8001}, {0x5bd, 0x3f, 0x7ff, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x400, 0x4, 0x9, [0x0, 0x0, 0x0, 0x0], 0x5d1f}, {0x100, 0x7f, 0xfffffffffffff801, [0x0, 0x0, 0x0, 0x0], 0x8}, {0x5, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1e71}, {0x3, 0x6, 0x6, [0x0, 0x0, 0x0, 0x0], 0x5}]})
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000326000)={0x3f, 0x1})
[   58.751820] CR4: actual=0x0000000000002051, shadow=0x0000000000000000, gh_mask=fffffffffffff871
[   58.751824] CR3 = 0x00000000fffbc000
2017/08/11 22:10:51 executing program 1:
mmap(&(0x7f0000000000/0xafe000)=nil, 0xafe000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f00007d6000-0xc)={0x2, <r0=>0xffffffffffffffff, 0x5349a09d7bdc14a7})
mmap(&(0x7f0000afe000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000afe000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_DEVICE_ATTR(r0, 0x4018aee2, &(0x7f0000aff000-0x18)={0x0, 0x1, 0xe73, &(0x7f0000aff000-0x8)=0x0})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x440, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap(&(0x7f0000afe000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000868000-0x19)={0x5000, &(0x7f0000afe000)=0x0, 0x1, r2, 0xd})
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000afb000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000afc000-0xc)={0x7, <r4=>r3, 0x1})
ioctl$KVM_SET_PIT2(r4, 0x4070aea0, &(0x7f0000afb000)={[{0x0, 0x8, 0x6, 0x3, 0x6, 0x7ff, 0x8, 0x9, 0x4, 0x8, 0x1, 0x401, 0x6}, {0x1, 0x0, 0x1, 0xa1, 0x9, 0x20, 0x8, 0x7ff, 0x0, 0x6, 0x100000000, 0x6, 0x7fff}, {0x7fffffff, 0x4, 0x4, 0x7, 0xff, 0xffffffffffff8001, 0x7fff, 0x200, 0x8, 0x4, 0x7f, 0xffffffff, 0x5}], 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_ASSIGN_DEV_IRQ(r2, 0x4040ae70, &(0x7f0000afb000)={0x40, 0x5, 0x1ff, 0x106})
ioctl$KVM_GET_PIT(r2, 0xc048ae65, &(0x7f0000a3e000-0x70)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000afc000)={0x2, 0x22})
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r2, 0x8008ae9d, &(0x7f0000015000-0x1000)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
ioctl$KVM_SET_CLOCK(r2, 0x4030ae7b, &(0x7f0000afc000)={0x6, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f00002d3000/0x18000)=nil, &(0x7f0000add000)=[@text32={0x20, &(0x7f0000adf000-0x3c)="66ba200066ed0f0099d0330000300fe3c15044a2ea815cc5f57595d94d3e0f236eb8cc4ab08f6fececbafc0ced0f013f640f01caf26e36643e0f224566ba4040b800000000ef", 0x46}], 0x1, 0xf, &(0x7f0000ae9000)=[], 0x0)
ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f000095f000-0xc)={0x2, [0x100000000, 0xe0]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
2017/08/11 22:10:51 executing program 0:
mmap(&(0x7f0000000000/0xafb000)=nil, 0xafb000, 0x2000002, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00007c3000)={0x1, 0x0, [{0x0, 0x5, 0x7fff, 0x9, 0x8, 0x0}]})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000afb000-0x28)={0x400000000, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text64={0x40, &(0x7f000099d000-0x64)="b6c3f8e788595dc51ba31779d22e2453ab6fe204d8cb17bc3c4ab8e3e0483b9931418b5c1612cb68cb1f08acd613883205213823efd610026d3b892f9ecf43c837882ddb41cb3a22a62644cc9081d865b5c7d6d371bfbc1b7da5ab28911fcb5667d0b08b", 0x64}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00006b4000)=@ioapic={0x2, 0x0, 0x0, 0x4, 0x0, [{0x3, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0xe2, 0x5, 0x0, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x6, 0x0, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x1, 0x4, 0x3, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x5d9a, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x5, 0x2, 0x7f, [0x0, 0x0, 0x0, 0x0], 0x40}, {0x9, 0x3f, 0x1, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x9, 0x1, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x0, 0x9, 0x5, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x100000000, 0x6, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x80000000, 0x10001, 0x8, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x7fffffff, 0x9, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xfffffffffffffffc, 0x1, 0xffffffffffffffe1, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x3, 0x6, 0xe945, [0x0, 0x0, 0x0, 0x0], 0xfff}, {0xfffffffffffff135, 0x6, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x8001}, {0x5bd, 0x3f, 0x7ff, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x400, 0x4, 0x9, [0x0, 0x0, 0x0, 0x0], 0x5d1f}, {0x100, 0x7f, 0xfffffffffffff801, [0x0, 0x0, 0x0, 0x0], 0x8}, {0x5, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1e71}, {0x3, 0x6, 0x6, [0x0, 0x0, 0x0, 0x0], 0x5}]})
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000326000)={0x3f, 0x1})
[   58.751856] RSP = 0x000000000000fffa  RIP = 0x0000000000000000
2017/08/11 22:10:51 executing program 3:
mmap(&(0x7f0000000000/0xae3000)=nil, 0xae3000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
mmap(&(0x7f0000a6f000/0x6000)=nil, 0x6000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000ae3000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f000083d000/0x2000)=nil, 0x2000, 0x3, 0x10, r2, 0x0)
ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x2)
mmap(&(0x7f0000ae4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f00005ad000-0x18)={0x0, 0xfffffffffffffffe, 0x0, &(0x7f0000ae5000-0x8)=0x0})
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff})
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@textreal={0x8, &(0x7f0000ae4000)="3e0f001b66b9800000c00f326635010000000f30d88a45000f32b800018ec80f23b9360ff9c3662664f2addd8f0900f30f5805", 0x33}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @vmwrite={0x8, 0x0, 0x0, 0x0, 0x8, 0x0, 0x4, 0x0, 0x6}], 0x2)
ioctl$KVM_X86_SET_MCE(r3, 0x4040ae9e, &(0x7f000081b000)={0x400000000000000, 0x0, 0x5, 0x7, 0x15, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xae0000)=nil, 0xae0000, 0x3, 0x4d031, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_XSAVE(r3, 0x9000aea4, &(0x7f0000ae6000-0x400)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"})
ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f0000ae4000)=0x1)
ioctl$KVM_TRANSLATE(r3, 0xc018ae85, &(0x7f0000079000)={0x4, 0x2000, 0x0, 0x6000000000, 0x7})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xf72000)=nil, 0xf72000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x9000)=nil, 0x9000, 0x20000000000003, &(0x7f0000f72000)=0xc0000000, 0x6, 0x3)
[   58.751864] RFLAGS=0x00033000         DR7 = 0x0000000000000400
[   58.751874] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
2017/08/11 22:10:51 executing program 7:
mmap(&(0x7f0000000000/0xe98000)=nil, 0xe98000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = eventfd2(0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000565000)="2f6465762f6b766d00", 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = eventfd2(0x0, 0x0)
r4 = eventfd2(0x0, 0x0)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000026000-0x20)={r3, 0x0, 0x2, r4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000e97000-0x20)={r3, 0x2000000002, 0x0, r0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
2017/08/11 22:10:51 executing program 3:
mmap(&(0x7f0000000000/0xaed000)=nil, 0xaed000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000049e000)="2f6465762f6b766d00", 0x0, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4068aea3, &(0x7f00009ad000-0x68)={0x7b, 0x0, [0x4, 0x35f, 0xe7, 0x10001], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x40)
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000003e000/0x18000)=nil, &(0x7f0000777000)=[@text64={0x40, &(0x7f00000bf000)="0fc72f66baf80cb848b37087ef66bafc0c66b8000066ef660f388098b3000000b9800000c00f3235002000000f30646564f466baf80cb814e4e386ef66bafc0c66ed26360f71d400670fc75e00c4e3d55e1d3a000000f30f20c035000000400f22c0", 0x62}], 0x1, 0x0, &(0x7f0000ad8000)=[], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f000000f000)={0x0, 0x1, &(0x7f0000ae0000)="", &(0x7f0000ae0000)="bb", 0x0, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000ae0000-0x28)={0x1, 0x0, [{0x1, 0x0, 0x0}]})
ioctl$KVM_PPC_GET_SMMU_INFO(r1, 0x8250aea6, &(0x7f0000ae5000)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_ASSIGN_PCI_DEVICE(r1, 0x8040ae69, &(0x7f00007fa000-0x14)={0x6, 0x6, 0xe48, 0x2, 0x8})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f000001e000)={0x0, 0x1, 0x0, 0x1000, &(0x7f0000001000/0x1000)=nil})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6)
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000aed000)="2f6465762f6b766d00", 0x4c000, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)="2f6465762f6b766d00", 0x600, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_PIT2(r4, 0x4070aea0, &(0x7f000005c000-0x70)={[{0x2d, 0xb0, 0x6, 0x100000000, 0x0, 0x1, 0x5, 0x4, 0xffffffffffff0001, 0xf5, 0x6, 0x9a, 0x3f}, {0x3, 0xe29, 0xd9, 0x7, 0x2, 0x0, 0x8000, 0x3, 0x425, 0xc97, 0x2, 0x6, 0x0}, {0x2, 0xdbbc, 0xd06b, 0x5, 0x2, 0x3, 0x828, 0x1, 0x9, 0x8, 0x2000, 0x800, 0x80000001}], 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_ASSIGN_PCI_DEVICE(r6, 0x8040ae69, &(0x7f0000006000)={0x0, 0x1, 0x10, 0x1, 0x0})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1fffffffffffffff)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f000000c000)={0x366, 0x2f25})
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000aeb000)={0x7, <r8=>r5, 0x0})
ioctl$KVM_X86_SET_MCE(r8, 0x4040ae9e, &(0x7f000000d000-0x40)={0x8000000000000000, 0x0, 0x401, 0x8, 0x19, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]})
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, &(0x7f0000aec000)={0x2, [0x0, 0x3f]})
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r4, 0x4010ae74, &(0x7f0000aee000-0xc)={0x3, 0x1f, 0x7})
[   58.751882] CS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   58.751894] DS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   58.751905] SS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   58.751916] ES:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   58.751926] FS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   58.751937] GS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   58.751945] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   58.751955] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[   58.751963] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   58.751974] TR:   sel=0x0000, attr=0x0008b, limit=0x00002088, base=0x0000000000000000
[   58.751980] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[   58.751987] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   58.751993] Interruptibility = 00000000  ActivityState = 00000000
[   58.751995] *** Host State ***
[   58.752005] RIP = 0xffffffff811b6777  RSP = 0xffff8801cd84f4c8
[   58.752051] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   58.752060] FSBase=00007f115a770700 GSBase=ffff8801dc100000 TRBase=ffff8801dc122cc0
[   58.752067] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000
[   58.752076] CR0=0000000080050033 CR3=00000001d5b3b000 CR4=00000000001426e0
[   58.752086] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   58.752093] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   58.752096] *** Control State ***
[   58.752102] PinBased=0000003f CPUBased=b699edfa SecondaryExec=0000004a
[   58.752106] EntryControls=0000d1ff ExitControls=0023efff
[   58.752113] ExceptionBitmap=ffffbfff PFECmask=00000000 PFECmatch=00000000
[   58.752119] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   58.752124] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[   58.752129]         reason=80000021 qualification=0000000000000000
[   58.752133] IDTVectoring: info=00000000 errcode=00000000
[   58.752137] TSC Offset = 0xffffffdee88903bf
[   58.752142] EPT pointer = 0x00000001d1d9601e
[   59.000888] *** Guest State ***
[   59.000897] CR0: actual=0x0000000080000031, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[   59.000904] CR4: actual=0x0000000000002051, shadow=0x0000000000000000, gh_mask=fffffffffffff871
[   59.000907] CR3 = 0x00000000fffbc000
[   59.000912] RSP = 0x000000000000fffa  RIP = 0x0000000000000000
[   59.000917] RFLAGS=0x00033000         DR7 = 0x0000000000000400
[   59.000925] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[   59.000932] CS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   59.000943] DS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   59.000954] SS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   59.000963] ES:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   59.000973] FS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   59.000984] GS:   sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000
[   59.000992] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   59.001007] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[   59.001059] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[   59.001071] TR:   sel=0x0000, attr=0x0008b, limit=0x00002088, base=0x0000000000000000
[   59.001078] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[   59.001086] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   59.001092] Interruptibility = 00000000  ActivityState = 00000000
[   59.001095] *** Host State ***
[   59.001103] RIP = 0xffffffff811b6777  RSP = 0xffff8801c00274c8
[   59.001117] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   59.001126] FSBase=00007f74d19f2700 GSBase=ffff8801dc100000 TRBase=ffff8801dc122cc0
[   59.001137] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000
[   59.001163] CR0=0000000080050033 CR3=00000001a01e7000 CR4=00000000001426e0
[   59.001174] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   59.001183] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   59.001186] *** Control State ***
[   59.001192] PinBased=0000003f CPUBased=b699edfa SecondaryExec=0000004a
[   59.001197] EntryControls=0000d1ff ExitControls=0023efff
[   59.001206] ExceptionBitmap=ffffbfff PFECmask=00000000 PFECmatch=00000000
[   59.001213] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   59.001219] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[   59.001225]         reason=80000021 qualification=0000000000000000
[   59.001230] IDTVectoring: info=00000000 errcode=00000000
[   59.001234] TSC Offset = 0xffffffdec64f2652
[   59.001239] EPT pointer = 0x00000001d54e701e
[   59.149849] *** Guest State ***
[   59.149859] CR0: actual=0x0000000080000031, shadow=0x0000000060000031, gh_mask=fffffffffffffff7
[   59.149868] CR4: actual=0x0000000000002050, shadow=0x0000000000000020, gh_mask=fffffffffffff871
[   59.149872] CR3 = 0x00000000fffbc000
[   59.149877] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[   59.149884] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[   59.149894] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810
[   59.149903] CS:   sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000
[   59.149916] DS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   59.149926] SS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   59.149936] ES:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   59.149949] FS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   59.149961] GS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   59.149970] GDTR:                           limit=0x000007ff, base=0x0000000000001000
[   59.149982] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
[   59.149991] IDTR:                           limit=0x000001ff, base=0x0000000000003800
[   59.150007] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[   59.150059] EFER =     0x0000000000000001  PAT = 0x0007040600070406
[   59.150066] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   59.150073] Interruptibility = 00000000  ActivityState = 00000000
[   59.150076] *** Host State ***
[   59.150084] RIP = 0xffffffff811b6777  RSP = 0xffff8801c3d274c8
[   59.150099] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   59.150107] FSBase=00007f825f2a1700 GSBase=ffff8801dc100000 TRBase=ffff8801dc122cc0
[   59.150114] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000
[   59.150124] CR0=0000000080050033 CR3=00000001d7bdb000 CR4=00000000001426e0
[   59.150134] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   59.150141] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   59.150144] *** Control State ***
[   59.150150] PinBased=0000003f CPUBased=b6a1edfe SecondaryExec=0000004b
[   59.150157] EntryControls=0000d1ff ExitControls=0023efff
[   59.150165] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[   59.150170] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   59.150175] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
2017/08/11 22:10:52 executing program 4:
mmap(&(0x7f0000000000/0xaeb000)=nil, 0xaeb000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000009a000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
pkey_alloc(0x0, 0x3)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000054b000/0x18000)=nil, &(0x7f0000828000-0x18)=[@text32={0x20, &(0x7f0000ae8000)="c4c17d2b461a66ba2000ec26670ff29f775466b804008ee8c744240000900000c7442402b0000000c7442406000000000f01142466baa000b87b0000000f23d00f21f835100000020f23f8f6774666baa000ed66ba42ecc4e27d2a85a2a50000", 0x60}], 0x1, 0x0, &(0x7f0000ae1000)=[], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_GET_REGS(r2, 0x8090ae81, &(0x7f00003a5000-0x90)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000ae7000)={0x1, 0x0, [{0x12, 0x0, 0x5}]})
2017/08/11 22:10:52 executing program 6:
mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f000028e000)={0x0, 0x71a7, 0x4, &(0x7f0000ad3000)=0x0})
ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000af1000-0x9)="2f6465762f6b766d00", 0x1c1000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000ae6000-0x40)={0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_ASSIGN_DEV_IRQ(r4, 0x4040ae70, &(0x7f0000032000)={0x954, 0x8, 0xffffffff, 0x1563a85c6c8d698b})
ioctl$KVM_GET_PIT(r4, 0xc048ae65, &(0x7f0000625000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r4, 0x4008ae73, &(0x7f000069d000)={0x0, 0x0})
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r4, 0x8008ae9d, &(0x7f0000ae8000-0x1)="00")
ioctl$KVM_PPC_GET_SMMU_INFO(r1, 0x8250aea6, &(0x7f0000af0000-0x1000)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text32={0x20, &(0x7f0000af1000)="0f01c9f30f011ac744240000900000c74424025810b3b3c7442406000000000f0114240f017e18260f20d166f20f01d88fc860ee8200000100040f20e035000040000f22e0c4e16311ea66baf80cb8da62cf80ef66bafc0c66b8631766ef", 0x5e}], 0x1, 0x0, &(0x7f0000adf000)=[], 0x0)
ioctl$KVM_INTERRUPT(r5, 0x4004ae86, &(0x7f0000af0000)=0xff)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
2017/08/11 22:10:52 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x4)
mmap(&(0x7f0000000000/0xae3000)=nil, 0xae3000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap(&(0x7f0000ae3000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ae4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_BOOT_CPU_ID(r2, 0xae78, &(0x7f000008d000)=0x100000000000003)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_GET_IRQCHIP(r3, 0xc208ae62, &(0x7f000098d000-0xd8)=@pic={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mmap(&(0x7f0000ae3000/0x1000)=nil, 0x1000, 0x8, 0x32, 0xffffffffffffffff, 0x0)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000ae4000-0x20)={0x10001, 0x0, 0x6ffd, 0x2000, &(0x7f0000055000/0x2000)=nil})
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f00004a2000)={0x6, 0x0, [{0x5, 0x1, 0x0, 0x0, @msi={0x1, 0x9, 0x2}}, {0x1, 0x0, 0x0, 0x0, @sint={0x9, 0x1}}, {0x100, 0x3, 0x0, 0x0, @sint={0x20, 0x87}}, {0x1f, 0x6, 0x0, 0x0, @msi={0x6b1a508e, 0x1, 0x3}}, {0x9, 0x2, 0x0, 0x0, @adapter={0x5, 0x3f, 0x7f, 0x2, 0x92f8}}, {0x8000000000000000, 0x0, 0x0, 0x0, @irqchip={0xfffffffffffffff7, 0x1000}}]})
mmap(&(0x7f0000309000/0x400000)=nil, 0x400000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000ae4000)={0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
mmap(&(0x7f000083d000/0x2000)=nil, 0x2000, 0x3, 0x100000000032, r0, 0x0)
ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, &(0x7f000000a000-0x8)={0x40006, 0x7ff})
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@textreal={0x8, &(0x7f0000ae4000)="3e0f001b66b9800000c00f326635010000000f30d88a45000f32b800018ec80f23b9360ff9c3662664f2addd8f0900f30f5805", 0x33}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @vmwrite={0x8, 0x0, 0x0, 0x0, 0x8, 0x0, 0x4, 0x0, 0x6}], 0x2)
mmap(&(0x7f0000000000/0xae0000)=nil, 0xae0000, 0x3, 0x4d031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000000c000/0x4000)=nil, 0x4000, 0x1000000000002, 0x20010, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ae5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_PPC_GET_PVINFO(r4, 0x4080aea1, &(0x7f0000ae5000)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
ioctl$KVM_RUN(r5, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xf72000)=nil, 0xf72000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
2017/08/11 22:10:52 executing program 2:
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000000000)={0x1, <r0=>0xffffffffffffff9c, 0x1})
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000000)=0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
pkey_alloc(0x0, 0x0)
mmap(&(0x7f0000000000/0xaec000)=nil, 0xaec000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f000000f000-0x6)="2f6465762f6b766d00", 0x0, 0x0)
mmap(&(0x7f000000f000/0x1000)=nil, 0x1000, 0x2000005, 0x32, r1, 0x0)
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f000003d000-0x9)="2f6465762f6b766d00", 0x121102, 0x0)
ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f00000c3000-0x40)={0xe019, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
write$eventfd(r2, &(0x7f0000772000)=0x20, 0x8)
read$eventfd(r2, &(0x7f0000aec000)=0x0, 0x8)
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f00005f2000)={0x1, <r3=>r2, 0x0})
ioctl$KVM_SET_CLOCK(r3, 0x4030ae7b, &(0x7f0000242000)={0xfc1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
2017/08/11 22:10:52 executing program 1:
mmap(&(0x7f0000000000/0xaeb000)=nil, 0xaeb000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000009a000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
pkey_alloc(0x0, 0x3)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000054b000/0x18000)=nil, &(0x7f0000828000-0x18)=[@text32={0x20, &(0x7f0000ae8000)="c4c17d2b461a66ba2000ec26670ff29f775466b804008ee8c744240000900000c7442402b0000000c7442406000000000f01142466baa000b87b0000000f23d00f21f835100000020f23f8f6774666baa000ed66ba42ecc4e27d2a85a2a50000", 0x60}], 0x1, 0x0, &(0x7f0000ae1000)=[], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_GET_REGS(r2, 0x8090ae81, &(0x7f00003a5000-0x90)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0})
mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000aeb000)={0x1, 0x0, [{0x10, 0x0, 0x5}]})
2017/08/11 22:10:52 executing program 0:
mmap(&(0x7f0000000000/0xaf4000)=nil, 0xaf4000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0)
ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7a, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x0})
ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_DEASSIGN_DEV_IRQ(r1, 0x4040ae75, &(0x7f0000af3000)={0x8, 0x81, 0x9, 0x200})
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000af0000-0x8)={0x1, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
2017/08/11 22:10:52 executing program 7:
mmap(&(0x7f0000000000/0xe99000)=nil, 0xe99000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000017000)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000da8000-0x8)={0x1f, 0x0})
r2 = eventfd2(0xedf, 0x800)
write$eventfd(r2, &(0x7f000013b000)=0xfffffffffffff5e7, 0x8)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000565000)="2f6465762f6b766d00", 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
eventfd2(0x0, 0x0)
r5 = eventfd2(0x0, 0x0)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000026000-0x20)={r1, 0x0, 0x3, r5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000e97000)={0x9, 0x0, [{0x7, 0x2, 0x0, 0x0, @msi={0x0, 0x3ff, 0x8}}, {0x985, 0x3, 0x0, 0x0, @irqchip={0x9, 0x2}}, {0x1000, 0x2, 0x0, 0x0, @adapter={0x0, 0x8ff, 0x8, 0x6f5, 0x19ad}}, {0x7fff, 0x6, 0x0, 0x0, @adapter={0x9, 0x343, 0x1, 0xc1, 0x7}}, {0xffffffffffffff86, 0x7, 0x0, 0x0, @adapter={0x7, 0x8, 0x0, 0x9, 0x2}}, {0xc6, 0x0, 0x0, 0x0, @irqchip={0x4, 0x2}}, {0x99, 0x4, 0x0, 0x0, @irqchip={0x5, 0x8000}}, {0xd46, 0x1, 0x0, 0x0, @irqchip={0x4000000000000, 0x1}}, {0x22, 0x4, 0x0, 0x0, @msi={0x6, 0x6, 0x8001}}]})
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000e97000-0x20)={0xffffffffffffffff, 0x2, 0x2, r2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000e99000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_IRQCHIP(r4, 0xc208ae62, &(0x7f0000e9a000-0xd8)=@ioapic={0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}]})
mmap(&(0x7f0000e99000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
write$eventfd(r5, &(0x7f0000e99000)=0x4, 0x8)
2017/08/11 22:10:52 executing program 3:
mmap(&(0x7f0000000000/0xafb000)=nil, 0xafb000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f000050f000)={0x0, 0x3cca})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text64={0x40, &(0x7f000099d000-0x64)="b6c3f8e788595dc51ba31779d22e2453ab6fe204d8cb17bc3c4ab8e3e0483b9931418b5c1612cb68cb1f08acd613883205213823efd610026d3b892f9ecf43c837882ddb41cb3a22a62644cc9081d865b5c7d6d371bfbc1b7da5ab28911fcb5667d0b08b", 0x64}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[@dstype3={0x7, 0x5}, @dstype3={0x7, 0x7}], 0x2)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x80)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00006b4000)=@ioapic={0x2, 0x0, 0x0, 0x0, 0x0, [{0x3, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x5, 0x0, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x5d9a, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x9, 0x3f, 0x1, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x9, 0x1, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x0, 0x9, 0x5, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x100000000, 0x6, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x80000000, 0x10001, 0x8, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x7fffffff, 0x9, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xfffffffffffffffc, 0x1, 0xffffffffffffffe1, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x3, 0x6, 0xe945, [0x0, 0x0, 0x0, 0x0], 0xfff}, {0xfffffffffffff135, 0x200000006, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x8001}, {0x5bd, 0x3f, 0x7ff, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x400, 0x4, 0x9, [0x0, 0x0, 0x0, 0x0], 0x5d1f}, {0x100, 0x7f, 0xfffffffffffff801, [0x0, 0x0, 0x0, 0x0], 0x8}, {0x5, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1e71}, {0x3, 0x6, 0x6, [0x0, 0x0, 0x0, 0x0], 0x5}]})
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000326000)={0x3f, 0x1})
ioctl$KVM_SET_DEBUGREGS(r2, 0x4080aea2, &(0x7f0000907000-0x80)={[0xd000, 0x2, 0xd000, 0x6000], 0x1ff, 0x4, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_S390_INTERRUPT(r0, 0x4010ae94, &(0x7f0000afb000)={0x3fffffffc00000, 0x100, 0x2bd})
mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r1, 0x4040aea4, &(0x7f0000668000-0x14)={0x7c, 0x90, 0x3, 0x2, 0x100000000})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f00006a0000)={0x7b, 0x0, [0xa39, 0x0, 0xc, 0xfffffffffffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000afc000-0x98)={0x3, 0x0, [{0x2f, 0x4, 0x0, 0x0, @msi={0x1, 0x8, 0x8}}, {0x5, 0x0, 0x0, 0x0, @adapter={0x0, 0x6, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffc}}, {0x4, 0x4, 0x0, 0x0, @irqchip={0x4b9e, 0x2d3}}]})
[   59.150181]         reason=80000021 qualification=0000000000000000
[   59.150186] IDTVectoring: info=00000000 errcode=00000000
[   59.150190] TSC Offset = 0xffffffdebc61f9fa
[   59.150195] TPR Threshold = 0x00
[   59.150201] EPT pointer = 0x00000001d1bbf01e
2017/08/11 22:10:52 executing program 2:
mmap(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f000000f000-0xc)={0x0, <r1=>r0, 0x0})
openat$kvm(0xffffffffffffff9c, &(0x7f000000f000-0x6)="2f6465762f6b766d00", 0xb3e, 0x0)
mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, r1, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f00006c1000/0x18000)=nil, &(0x7f0000777000)=[@text64={0x40, &(0x7f0000aec000)="66ba400066b8270066efb9800000c00f3235000100000f300f1a760b490f07490f23fbb9391001c0b89d83c3ceba5a3e32740f30c461b8c2d4dfb9eb0a0000b8f88fca56ba000000000f3066ba108cb824c6ed82ef66bafc0c66b8996a66effad9c92136e7", 0x65}], 0x1, 0x60, &(0x7f0000aee000)=[], 0x0)
mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r4, r4, &(0x7f000068d000/0x18000)=nil, &(0x7f0000aef000)=[@text64={0x40, &(0x7f0000aef000)="0f5e0520f37c7ec7442400f0ff0000c7442402d7450000c7442406000000000f011424c461f9178700000000f30f0095f7b2da67c403696fe0e466baf80cb840c37784ef66bafc0cb803000000ef0f20e035010000000f22e00f20432e4b0f01cab9d90800000f32", 0x68}], 0x1, 0x24, &(0x7f0000407000-0x10)=[@efer={0x2, 0x1800}], 0x1)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f000022e000-0x90)={[0x1827, 0x0, 0x3, 0x1, 0x789c, 0x982, 0x2, 0x0, 0x0, 0x7, 0x3ff, 0x6ea, 0x4, 0xbcd, 0x4, 0x100], 0x101002, 0x0})
ioctl$KVM_CHECK_EXTENSION_VM(r3, 0xae03, 0x3)
mmap(&(0x7f000000f000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000010000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000a15000-0x400)={"bcf7ff052c26de7632c41b31d7c01a3e9327c500fe10ebcd4ad15953c6223fde92678d946653f1e579e6c09b76888d7e7d99d18360416609aeaa87411cb891b619cb6854faada0f1395d1feb927bb68f52fd603e6505987aea82ffcd71c82378ffcc500b4e17d1d5aa0085ca9ee2e18f2e49f3c9c215d3171485ea2a74013f3cb87702ec3441aae523325261b8633f0c840af8d9f6dc45f90db9dbfe62909c7ab7c0ae25d2c8cf8ed4f32f55f1405f5c625be71d0ddab30cd9b167888f201845172dc736f40ace5d348a2279cb26a35fec3080f7808066eb5573b85e30a22563d05e46792f9e6a8ca96ef75033b2d506e2f67ccf0aae7134e894f4716e545d0af5c53ea0d45db023a972f3cff43ba342b4269e579b499499aae326b94fa03f87539886fef5e8c4da792da6a8dc62880170cb9a40c0c8a8cf253ab73157c41d673d5672f30f445db9bab8662aec57ee939f439234313d8d8f01f34609ab45780f78453ae38bb363754267376b6d8d234e7cabb5729aa29f6526ffdb97977899e45be432a3c64226305868b5b8e843bb45ff191e934e9b60071fb823500a5168fc237287b5e6cc36f7755fdac90fd881868d478d958ffe233c562c251a1266c247499107f8b0acff069260173584304a1186daffab82eda3d5c18a081989581c33ffcdfabcd30fa14be8c299ed8eb1d830af10a5943c34dd98b5031926510d27e22908bebddcc49e21bb675172c63d80ada9545270832eff44b0a286565ae54d8b786a65582e9fc15116bc4d9e756da335cef0e76106e1ec13a3ac2c3209581c1632df3510416e2651fa94ef8196eaa7ea9b7396029bd7feb9843e0d66a15f6cab8b9f49bf5a0fb3c0541d251dcac6840c363d4639f47781ae479cbbfd8dad6bb5b509401cc58c88194be69b511f25f7167d2c6893e42d4cd5dae0aad1707afad510676e1940ee8c99653ea4b504c0e1bbf983b0ecbb7e462079742d4c9233518153dd53dcac61d3cd3cdcf7c3fdf4f5f1913c5aca0e84c4148c7c8b8c36c46d0289aac733ec2dd2c60714ebc17dc965a13ef7a6f0981908ae05c3c0fc7d2a2b90f19735775d0cc2b18ce4590a67b0698a3e1026cb978fd078d322efe093de8398da708a467a528c33ced31b8b7cfd4539bcf862e6d9958a17c5ce1b69419ad17393146a17ff706d96829bfd5fe5df5ffe0daeaf3fbeb3a30fe6ee065ed6f4f49db0da136b604bfaa82b780e02a244a220d229f6e408eea95da37ad774be094ed7a4bc3c3b21b851fadbee445d5f16afdc814f4a00e56e5bae540317f3163c8d356def2078d742e6068d410a96285f0d9a18a39b9f56ce7e8e8cab484ffb44cf590034663ba01ff48988b1e09ad9b681cd2d0950ed7e4cc6f9cd18738f3c96d850d5c3df210d35b41c7c413573d0f10a6c1ba81b16cf4c35f27f2b64f612e6c588"})
ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f000000f000)=0x3)
mmap(&(0x7f0000010000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEBUGREGS(r1, 0x4080aea2, &(0x7f0000010000)={[0xf000, 0x4000, 0x100000, 0xd000], 0x40, 0x5, 0x100000000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f000000c000/0x4000)=nil, 0x4000, 0x3, 0x32, 0xffffffffffffffff, 0x8000)
mmap(&(0x7f0000011000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_REGS(r1, 0x8090ae81, &(0x7f000000c000-0x90)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0})
mmap(&(0x7f0000012000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000003000-0x30)={0x2, 0xf7ffffff, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f000000a000-0x70)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
2017/08/11 22:10:52 executing program 1:
mmap(&(0x7f0000000000/0xafb000)=nil, 0xafb000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_CPUID2(r2, 0xc008ae91, &(0x7f0000afa000)={0x1, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}]})
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000326000)={0x0, 0x0})
mmap(&(0x7f0000000000/0xbf3000)=nil, 0xbf3000, 0x2000000000001, 0x8032, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00004e0000)={"3625fe46080add72b2132d3d17e179b789af21f4c9f2805194f3f6e0a489a393a133036425414a127c43c65e42a4be30ac273de0309dd9350980e1956933fa042c26fa8711de2d1627c39e97c7070023ebfbdf3bc069aa7c6fab987a6908fced920defb7c1be9e58da5821581fa31ed1e94eece8d1ca8603e2152b6b3ddbed19eb2e1aade3269626ea9d3b0d5111006ecd2bd4333938153b027427804446439a380c4ab981eb30b8512e95f9a06fd5d10af98fea08fd20123ec13ac322f167eba942bb51dcb205fa0dda90ba5b71b32a85f969d0049b925e81c7abe5ccebedae5443735c88550c7bea23be4c9a86bc932dbf24a64435fd8fb91766e2d94dbd9acd30d8033ad028b07ce265155771e816724df2183c996b11e902de8df1cef1b55edd1bfc8214961d82c6daceae5e712f0367be5119821a18cafb3066879ea54a04770b84a1ebd9370e3d8069c1d4902103f70b6b08f3f98fc6cf765b8556746ba96fc1a797b529e7057a52991c32cfd60b47145b0387e510c423368b7e5111c46be38dfbe2b0f28dc6cfffb0767ee20162d1d41705baa4e9a350a5605c0a4d019597fb3cd6e6fa1ac0ad83b1e7c4672bceeee0e67a7ce31e282abb58a7a03622e86a6d3d0ab1d8c76239387da6aa6cbeaf16768c65a72950297727fb704381416a3be6edb0cbc68ea20cebc3ab3dd9491c465e5ebe138cbc389aeeb6162dfb8d747a252e6f88dfa49a04821571a511e105a18aeb36a8679f3d0746dc095c569bcbaeedc8ff2ad9e9a5483cbbce2c9a58ed386881c98421e6ce86c15303ebfad6cfe1e954762fc6c35b1e445778bba66817ffd3ccabf94bbad5f30241ec7bcdc747013d1376e665aca3f30c8e3dff0dfe1bcb648b9a1706bedbfc5bf622c0c671090fab399c4e9961538a81792f3c81bdeca9c4bd99bbe5fc0ea86568e470830e285d58e5f532d1ccad41e86d685d2d38fc75d3bba5816269c55827ecbae4b1fa38bea5a2a419d5bd764a82dbfbc6712071d4533e0890b5bbdc8da4755894c357eccac459b3fbce14ee6585780c71b14e6c3e6e2026c606c902ca8c2f0aeed712566700e049eecbdeeace948f26ebfe058604652d2c909b1e66d5c7a406d990bb24c0f2669d3ba2747acec1a24dbc87dc94357ef16392895ab1502e09a7bbdaef9c6095f1d6d6000b098dd35cdabf7e2896f4872d8a73be7fdbc1011da436557498f0030d9dd3a9c89c3b0859b2d5913f14391a7aade2f74eaf8280fd5d2fb46bdb36c7e69f30348984b5cb095493efc9d9c860c5bbb767635c84f00918d5878634f82d65a873f3f4398e11273d7592860533c861d8efc2979b239c6dc3dcc8d7a8bd1d6a71ce6868e417f1431f8abbbd414c19a929892999e1add5002c0d8bdd04fed035effa1e7b8adc3e1bf43a962629c1e1c91357e5716594c5e2825a7247"})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000bf3000-0xc)={0x0, <r3=>0xffffffffffffffff, 0x0})
ioctl$KVM_SET_XSAVE(r3, 0x5000aea5, &(0x7f0000582000-0x400)={"57615b317301c69a6a76d9c95200370fb62935061d7ec07969b69e5f3e007188063b3e4373e1c4142fbad48e14489d953a459ed8de19e0043b099132b267e8e2ffdec5cf61f5e630c33d674aa512fdfc44d7129510329932f1b1825ce600ed6c992ee906a542814918214341ad490c0ef5699e2170a804327aeacc738da97090b08c656fcb77ca74c4cbcf54844b3c3ee797d5844fe68169acaed0837e1073b26e7ed051105be9b00ac456cac4c5fa9c1a4333b2982c3474563a89d7d9f3cd55b605b4a300978cd9d27b2e6e7c71597af76136ac296fee7a55ece4e12153a8adac6eb0b475effee4d4a089c5681d3f5fd5f3b0dd67ce332eab5dd0e7ff36c1dd150241fad871629129657dfe03d54ec99def8f9ccb74456bab84afb3b67618f106bdbb324eef1ba9aba5e27671a6928bbc31810f11fca726d521419faa7a52be23b2d91681b5bf2349294a174a40e3153cf0b55e01962a19fb5547095937ff7228f4de719d5130df6b8758804d1909717effc68eaf0f4925529193ae1ec92b6f2666b2d22fcc45bf717565b2218f7dcf0189cc123654f2baad867ffa39b39bad4a6b7328b7531b0d0a6e8b2330433c22b0bb592ea2c3cf2c5c1585b1be6e179fe06ab69da1c8c87994707b0c397fd333e5cd9ce66e7c7e2d25ed079bf320f92a5e96d2a140448a9ff154b661cad1a0c8dc6ad38096f7680037f768214ebbcdc87f2f54e77c476ecaed7f2345784873cfeda32697979e31f213022e62f2b83b0b23815ce1552b27dd21c94c0fdacc04d2fb401046a059514995c7245840bb9ea665959e9e54dbdc06cade43ad0505839753aa59c6c6a819fd43606ff024ad903b7698222860c8319590d41f990a9046b59b5dfbfcef5ecb9a950ae79680bea20facbc433970732479df2720a8f6bc5f65b4c43f90ec0fd180c902a8171909727cadc6582e081d85b5f814d1240c37b0e0855c01835b51850cbf8dcb71231db0d65199c2fe70240de74d9f5732fbcb7c0c097f8b2745a6fa426361e308b6a90f83c04b3d685e38f142f8f4418be62f5ee0c1331b2288c1ad364ec2d834723e840e46adbbe4dc80a773c58ec22ce74857e70cb3e1ec14b0bbc5057757fd39459e2ad4a246262f2477046e4171aad34b33336d5a2d865143a57dca06aa6d638279b041abf585369e3d25e91e8d8c767f1b749a1672066d880a87639bc643e3c7e2999994a43237283a4362c05f73c673772e2a0634ed9ca533dc1a3f88d50f23814d73579049eb0a0776407880583d134a5e412dcc55361799f99b21c6cb23497a82188edbc045ac321baa131af357fd1fae6d63255ac43236810a3f1e2a5b0ca9d8d464cd9fd58c30f194180d188b2d8e2fd51828710eba496078e14d76fc263aa273bc51baf48a656bb8c81305983378110c8c5d74bc50f39ec878ef7b3f82dda8"})
mprotect(&(0x7f0000362000/0xc00000)=nil, 0xc00000, 0x0)
mlock2(&(0x7f00006b8000/0x2000)=nil, 0x2000, 0x1)
mmap(&(0x7f00003f7000/0x3000)=nil, 0x3000, 0x2000000, 0x110, r3, 0x0)
[   60.131767] *** Guest State ***
[   60.140164] CR0: actual=0x0000000080000031, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
2017/08/11 22:10:52 executing program 4:
mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f000019b000)={0x0, 0x10000000, 0xfffffffffffffffe, &(0x7f000038d000)=0x0})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f00005d1000-0xc)={0x2, <r0=>0xffffffffffffffff, 0x0})
mmap(&(0x7f0000291000/0x8000)=nil, 0x8000, 0x4000000003, 0x32, r0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f000034f000-0x9)="2f6465762f6b766d00", 0x1, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000777000)=[@text64={0x40, &(0x7f0000add000)="66b834010f00d026656766480f388274fb6a3e4c0f01cbc4820dbe75fac4e3fd6d0d5f090000803e360f01d1c4e139586d0036f2410f5934f066baf80cb822eaf082ef66bafc0cb062eec744240074240000c744240252000000c7442406000000000f011424", 0x66}], 0x1, 0x41, &(0x7f0000ad8000)=[], 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
ioctl$KVM_GET_XCRS(r3, 0x8188aea6, &(0x7f0000386000-0x38)={0x3, 0x8001, [{0x3, 0x0, 0x7}, {0x4, 0x0, 0x7}, {0x80, 0x0, 0x9}]})
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x3)
mmap(&(0x7f0000ae6000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000ae1000)=[@text64={0x40, &(0x7f000017c000)="66baf80cb800d0d883ef66bafc0c66edc74424003fd1ce03c744240200300000c7442406000000000f0114244c351e0000008f491099bc9c040726294cc1eddac7442400ba000000c7442402fa7f0000ff1c24c45fe2daf52500dd000000442400e99eefbac744240200000000c7442406000000000f011424c4431d4a8c28000000000066f93c0c", 0x88}], 0x1, 0x0, &(0x7f0000ae1000)=[@cr0={0x1, 0x0}], 0x1)
mmap(&(0x7f00000a6000/0x1000)=nil, 0x1000, 0x3, 0x20032, 0xffffffffffffffff, 0x0)
ioctl$KVM_X86_SET_MCE(r4, 0x4040ae9e, &(0x7f0000ae8000-0x40)={0x4000000000000000, 0x6000, 0x200, 0x2, 0x20, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]})
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000ae1000)=[@text32={0x20, &(0x7f0000ae4000-0x74)="b9dd0b0000b871d90000ba000000000f30650f2181b8e90000000f23d80f21f835000000b00f23f8c4c2d5a602c744240000000000c744240276540000c7442406000000000f011424363e3e0f01d1c4c101f45b0c66baf80cb8a4e73281ef66bafc0cedc4e27959af8cc60000b92a0800000f32", 0x74}], 0x1, 0x0, &(0x7f0000ae1000)=[@cr4={0x2, 0x0}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mbind(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000002000-0x8)=0x0, 0x2, 0x2)
2017/08/11 22:10:52 executing program 7:
mmap(&(0x7f0000000000/0x24000)=nil, 0x24000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000024000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000024000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000000e000/0x4000)=nil, 0x4000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000024000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000025000-0x9)="2f6465762f6b766d00", 0x404, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000020000-0x13)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000000000/0xae9000)=nil, 0xae9000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x8000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000ade000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_PPC_GET_PVINFO(r3, 0x4080aea1, &(0x7f000014b000)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f00003b8000/0x18000)=nil, &(0x7f0000ad1000)=[@textreal={0x8, &(0x7f0000ae7000-0x37)="ba43000f20c0b8eecbeecbdfd200000f230f21f86635800000a00f23f865640f019809000fbf56020f35defedbe20fc79f00000f330fbaf601", 0x39}], 0x1, 0x0, &(0x7f0000ae4000)=[], 0x0)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f000054d000-0x70)={[{0x6, 0x6118201, 0x25, 0x8000, 0xc611, 0x9, 0x8, 0x4, 0x6, 0x5, 0x20, 0x84, 0x3}, {0x1000000000000400, 0x2ab000, 0x500, 0xed5, 0xffffffff, 0x6, 0x40, 0x5, 0x312, 0x4, 0x4c8, 0x3f, 0x1}, {0x82f, 0x0, 0x80, 0x0, 0xe, 0x4, 0x7f, 0x4000000000000003, 0x1d, 0x0, 0x1a3b374d400, 0x100, 0x7}], 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000000000/0xaf0000)=nil, 0xaf0000, 0x0, 0x40012, r0, 0x9)
openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x1ffffc, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f00001fb000/0x18000)=nil, &(0x7f0000adf000)=[@text64={0x40, &(0x7f000022a000)="b9800000c0b98f0400000f3235008000000f3048b89e000000000000000f23d80f21f835c00000300f23f8662e64314d00400f9bf2f26cc740442400df0000000044240200000080c7442406000000040f011c246564f20f1bffc4e3bd78ca08430f01cfb9940000400f32", 0x6b}], 0x1, 0x0, &(0x7f0000230000)=[], 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f00002e0000-0x9)={0x0, 0x12000, 0x0})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
mmap(&(0x7f00002e9000/0x3000)=nil, 0x3000, 0x3, 0x2030, 0xffffffffffffffff, 0x7fffffffffc)
mmap(&(0x7f0000af0000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000a97000/0x18000)=nil, &(0x7f00002d7000)=[@textreal={0x8, &(0x7f00000ba000-0x4c)="66b8e70000000f23c80f21f86635040000000f23f80f18ae050066b90d03000066b80d00000066ba000000000f30660f38311d2099d0f6da9c060064260f005800f26f0f01c83667360f01d1", 0x4c}], 0x1, 0x4, &(0x7f0000af0000)=[@cr0={0x0, 0x40028}], 0x1)
mmap(&(0x7f0000063000/0x1000)=nil, 0x1000, 0x3, 0x2032, r1, 0x2)
mmap(&(0x7f0000200000/0x2000)=nil, 0x2000, 0x3000005, 0x10, r2, 0x20)
mbind(&(0x7f00007d8000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000af1000)=0x100000000, 0x801, 0x4)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r3, 0x8008ae9d, &(0x7f00004d7000-0xf8)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
mmap(&(0x7f0000ae9000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aea000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_ASSIGN_DEV_IRQ(r5, 0x4040ae70, &(0x7f0000aeb000-0x10)={0x100000001, 0x200000, 0x800000c, 0x200000002})
2017/08/11 22:10:53 executing program 3:
mmap(&(0x7f0000000000/0xaec000)=nil, 0xaec000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f00008d2000)={0x4, <r3=>r2, 0x0})
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00008e0000)={0x3, 0x0, [{0x2, 0x0, 0x0}, {0x0, 0x0, 0x1}, {0x7fffffff, 0x0, 0x80000001}]})
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x804000000003, 0x5810, r4, 0x0)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000aed000-0x400)={"d04003a9db104c0349d5cb58ac7eb2bcb86348f2f1aee069d47bca5de970710253279ee82cd4f8cf0c8c20203d2f46b8bea35f8cb195e73efb9592853aa6ec14a565d1315e915b10aefffc3865ec0dfca46ce4504c0e9a80914df3032f8dfd7991c1c600ccb38a573c1fc2a440dd00b2e17202bf226b3244308dd3f3dc2bb23db7a102b1129017235c885f67056dde38cd0d8f021a6067fcc4e91740622290c316f94d886aca61f9a1e7463b51dbc35f1ffab100afbdc181ce05efd1b595fefbcff8824fe7ec7345cfe370f2a7f19fbb300336ef3ae44825e3061a27f2ac04e32e1f46e9c652dde6b872e60786ad9db218ffd3f54518b8b8c66f743dad8c048d9b9b71142615b1f7f4d26c5aa11de7dfd07494251fe8a6e8080be194309f48496276f5449d075bb00db8367d3ed67094864a89eb6e9c2aff784b52bdb5245390bf4afae1f1d56b4c4ee8df589792cb6f39234b40dcb2afd3e2d6aba87d228d6bdc3ad0e1e7f2907a605ace46c24d544b4c3a4e5b6b4da1ad7233f5849d7e5df7289a13a939be28abad18f6e694842bc361fe210a9495d8b7463e1684b11589d7be2a5e00a6e35667061eee80247abddd932a51aa591642e1ce3b391b70ec593c45c022b1809740bd315f97589b6c002def16fe0a766f8779f311aa79824244949c7c4d9384b5196c395c168bf7ef4f4198f354d2fabe0260f8067138de05ab37a234042c9bf18888e460d34a432ba4f28454ef78911a0d40aa0666caca46c82c7ab26197cecd37390dae7737639e46c4bb72e180a620b27ea540aa489589125e4078130c095c1e73de17dd89888a8761ab6e3885a4f286056adcfe82ab7ea79baf3ccd265129b5f9a9ae2e582630df45ce252cc18fc75c64f52ab8b8b63450a873eb227b30641cad3a925332b3e4371b9b8726c43f21fd2440409e318c8098d128322f7f9cf0a686b742767c71be122d44a37baa0f4064e8b5f9221e0d21f34e9e592a1e5ee46e7e0190e079f8709f3aaf4780441cb3db714b045373834ea9b8cef1c7109b8d92e4015378b0e7617b11a12c7e68f4ebb2de55519d79ae88b2653be67cbf9d5cb7a4483f41c314a165cb325435b3ea5d72578ed33188e0412673eb06a3d6650460dc231bf90ebc6a02f92fb0a29c7c17f21b4028d569e4688275e4025ba7d383066af18c4830f5323b2a5d136e5925c214e5e353558b158c1722fc1d825e9b56e97ad8d7369f9f935d770f4362ec0ff811be058a435ff86f7941bcc36acac9eb776a1c2ca7f68e27c8d7f2fdd690175a6395f98c5009570774f6669568189aaa6d4b0c209835c358f0d1f473730c314cc4895d62ebf49efe2aef671484629d9fbbc442833fe56c626d4089edb4966bff91e0b2f6157df85568c8d4c2f1ba03445e898a42ebe7f7af110ab6f0fc5ca67345d92218d82ac570393a"})
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x6, 0x1811, r1, 0x0)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000aec000)={0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(r3, 0x4018aee3, &(0x7f000040d000)={0x0, 0x7, 0x6, &(0x7f00002a5000)=0x0})
ioctl$KVM_INTERRUPT(r4, 0x4004ae86, &(0x7f0000aed000)=0x7)
ioctl$KVM_SMI(r4, 0xaeb7)
ioctl$KVM_PPC_ALLOCATE_HTAB(r3, 0xc004aea7, &(0x7f0000548000)=0x6)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
[   60.196725] *** Guest State ***
2017/08/11 22:10:53 executing program 6:
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x69032, 0xffffffffffffffff, 0xc700000000000000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00006dc000)="2f6465762f6b766d00", 0x240000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f000084a000-0x70)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffff9c, 0xae41, 0x1)
ioctl$KVM_GET_CPUID2(r2, 0xc008ae91, &(0x7f0000739000-0xa8)={0x4, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}]})
mmap(&(0x7f0000000000/0xaec000)=nil, 0xaec000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f000000f000-0x6)="2f6465762f6b766d00", 0x0, 0x0)
mmap(&(0x7f000000f000/0x1000)=nil, 0x1000, 0x2000005, 0x32, r3, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f000000f000-0x6)="2f6465762f6b766d00", 0x2, 0x0)
mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x2000001, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(0xffffffffffffffff, 0x4040aea4, &(0x7f0000aee000-0x14)={0x0, 0x0, 0x0, 0x0, 0x1000})
write$eventfd(r4, &(0x7f0000aed000-0x6)=0x0, 0x8)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f000005d000-0x10)={0x104000, 0x0, 0x0})
[   60.196735] CR0: actual=0x0000000080000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7
[   60.196743] CR4: actual=0x0000000000002050, shadow=0x0000000000000020, gh_mask=fffffffffffff871
[   60.196747] CR3 = 0x00000000fffbc000
[   60.196751] RSP = 0x0000000000000f80  RIP = 0x0000000000000000
[   60.196757] RFLAGS=0x00000002         DR7 = 0x0000000000000400
[   60.196766] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810
[   60.196774] CS:   sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000
[   60.196786] DS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   60.196796] SS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   60.196807] ES:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   60.196818] FS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   60.196853] GS:   sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
[   60.196862] GDTR:                           limit=0x000007ff, base=0x0000000000001000
[   60.196873] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
[   60.196881] IDTR:                           limit=0x000001ff, base=0x0000000000003800
[   60.196900] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[   60.196907] EFER =     0x0000000000001801  PAT = 0x0007040600070406
[   60.196915] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   60.196921] Interruptibility = 00000000  ActivityState = 00000000
[   60.196925] *** Host State ***
[   60.196932] RIP = 0xffffffff811b6777  RSP = 0xffff8801c427f4c8
[   60.196947] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   60.196955] FSBase=00007f74d1a99700 GSBase=ffff8801dc000000 TRBase=ffff8801dc022cc0
[   60.196964] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000
[   60.196973] CR0=0000000080050033 CR3=00000001c432d000 CR4=00000000001426f0
[   60.196983] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef40
[   60.196990] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   60.196993] *** Control State ***
[   60.197000] PinBased=0000003f CPUBased=b699edfa SecondaryExec=0000004a
[   60.197082] EntryControls=0000d1ff ExitControls=0023efff
[   60.197092] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[   60.197103] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[   60.197154] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[   60.197160]         reason=80000021 qualification=0000000000000000
[   60.197165] IDTVectoring: info=00000000 errcode=00000000
[   60.197170] TSC Offset = 0xffffffde23c1095c
[   60.197176] EPT pointer = 0x00000001c425b01e
[   60.302127] ------------[ cut here ]------------
[   60.302164] WARNING: CPU: 1 PID: 4237 at arch/x86/kvm/mmu.c:719 mmu_spte_clear_track_bits+0x366/0x400
[   60.302170] Kernel panic - not syncing: panic_on_warn set ...
[   60.302170] 
[   60.302180] CPU: 1 PID: 4237 Comm: syz-executor4 Not tainted 4.13.0-rc4-next-20170811 #1
[   60.302185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   60.302188] Call Trace:
[   60.302199]  dump_stack+0x194/0x257
[   60.302214]  ? arch_local_irq_restore+0x53/0x53
[   60.302245]  panic+0x1e4/0x417
[   60.302257]  ? __warn+0x1d9/0x1d9
[   60.302265]  ? show_regs_print_info+0x65/0x65
[   60.302287]  ? __warn+0x1a9/0x1d9
[   60.302308]  ? mmu_spte_clear_track_bits+0x366/0x400
[   60.302317]  __warn+0x1c4/0x1d9
[   60.302329]  ? mmu_spte_clear_track_bits+0x366/0x400
[   60.302344]  report_bug+0x211/0x2d0
[   60.302366]  fixup_bug+0x40/0x90
[   60.302379]  do_trap+0x260/0x390
[   60.302409]  do_error_trap+0x120/0x390
[   60.302428]  ? do_trap+0x390/0x390
[   60.302442]  ? mmu_spte_clear_track_bits+0x366/0x400
[   60.302454]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   60.302480]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   60.302502]  do_invalid_op+0x1b/0x20
[   60.302511]  invalid_op+0x1e/0x30
[   60.302522] RIP: 0010:mmu_spte_clear_track_bits+0x366/0x400
[   60.302527] RSP: 0018:ffff8801d4fef2f0 EFLAGS: 00010212
[   60.302536] RAX: 0000000000010000 RBX: 1ffff1003a9fde60 RCX: ffffc90002056000
[   60.302542] RDX: 00000000000003a3 RSI: ffffffff810f0436 RDI: ffffea00057b00cc
[   60.302547] RBP: ffff8801d4fef408 R08: 0000000000000001 R09: 0000000000000000
[   60.302553] R10: ffff8801d4fef5a0 R11: 0000000000000004 R12: 4000000190dbac77
[   60.302558] R13: 1ffff1003a9fde64 R14: ffff8801d4fef3e0 R15: 0000000000190dba
[   60.302588]  ? mmu_spte_clear_track_bits+0x366/0x400
[   60.302613]  ? mmu_spte_update+0x220/0x220
[   60.302624]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   60.302647]  ? retint_kernel+0x10/0x10
[   60.302682]  drop_spte+0x24/0x270
[   60.302702]  kvm_zap_rmapp+0x7e/0xd0
[   60.302713]  ? drop_spte+0x270/0x270
[   60.302726]  ? __lock_is_held+0xb6/0x140
[   60.302737]  ? rmap_walk_init_level+0x1a/0x200
[   60.302759]  kvm_unmap_rmapp+0x1d/0x30
[   60.302772]  kvm_handle_hva_range+0x3ed/0x6e0
[   60.302797]  ? kvm_zap_rmapp+0xd0/0xd0
[   60.302817]  ? shadow_page_table_clear_flood+0x5c0/0x5c0
[   60.302848]  ? kvm_mmu_notifier_invalidate_range_start+0x66/0x130
[   60.302862]  ? kvm_flush_remote_tlbs+0x150/0x150
[   60.302879]  ? lock_release+0xa40/0xa40
[   60.302892]  ? lock_release+0xa40/0xa40
[   60.302929]  kvm_unmap_hva_range+0x2e/0x40
[   60.302945]  kvm_mmu_notifier_invalidate_range_start+0x9a/0x130
[   60.302963]  ? kvm_flush_remote_tlbs+0x150/0x150
[   60.302975]  __mmu_notifier_invalidate_range_start+0x1cd/0x2d0
[   60.302996]  ? mmu_notifier_unregister_no_release+0x3f0/0x3f0
[   60.303017]  ? set_next_entity+0x2e4/0xd60
[   60.303026]  ? nohz_balance_exit_idle.part.84+0x70/0x70
[   60.303040]  ? flush_tlb_func_remote+0x60/0x60
[   60.303064]  unmap_vmas+0x14b/0x1b0
[   60.303084]  unmap_region+0x2b2/0x4f0
[   60.303106]  ? reusable_anon_vma+0x560/0x560
[   60.303122]  ? do_raw_spin_trylock+0x190/0x190
[   60.303136]  ? may_expand_vm+0x5ba/0x860
[   60.303164]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   60.303177]  ? trace_hardirqs_on+0xc/0x10
[   60.303196]  ? userfaultfd_remove+0x220/0x220
[   60.303203]  ? vmacache_find+0x61/0x270
[   60.303212]  ? vmacache_update+0xfe/0x130
[   60.303229]  ? find_vma+0x30/0x150
[   60.303247]  do_munmap+0x726/0xdf0
[   60.303276]  mmap_region+0x59e/0x15a0
[   60.303304]  ? SyS_brk+0x6f0/0x6f0
[   60.303314]  ? arch_get_unmapped_area_topdown+0xba/0x8a0
[   60.303334]  ? arch_get_unmapped_area+0x750/0x750
[   60.303343]  ? lock_acquire+0x1d5/0x580
[   60.303352]  ? vm_mmap_pgoff+0x198/0x280
[   60.303370]  ? selinux_mmap_addr+0x1f/0xf0
[   60.303390]  ? security_mmap_addr+0x79/0xa0
[   60.303407]  ? get_unmapped_area+0x265/0x300
[   60.303428]  do_mmap+0x69b/0xd40
[   60.303449]  ? mmap_region+0x15a0/0x15a0
[   60.303456]  ? vm_mmap_pgoff+0x198/0x280
[   60.303469]  ? down_write+0x120/0x120
[   60.303480]  ? security_mmap_file+0x14e/0x190
[   60.303500]  vm_mmap_pgoff+0x1de/0x280
[   60.303528]  ? vma_is_stack_for_current+0xa0/0xa0
[   60.303543]  ? trace_event_raw_event_sys_exit+0x260/0x260
[   60.303554]  ? kasan_check_write+0x14/0x20
[   60.303586]  SyS_mmap_pgoff+0x23b/0x5f0
[   60.303606]  ? find_mergeable_anon_vma+0xd0/0xd0
[   60.303619]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   60.303631]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   60.303651]  SyS_mmap+0x16/0x20
[   60.303661]  entry_SYSCALL_64_fastpath+0x1f/0xbe
[   60.303668] RIP: 0033:0x4512e9
[   60.303673] RSP: 002b:00007f2c9335fc08 EFLAGS: 00000216 ORIG_RAX: 0000000000000009
[   60.303683] RAX: ffffffffffffffda RBX: 00000000007180a8 RCX: 00000000004512e9
[   60.303689] RDX: 0000000000000003 RSI: 0000000000af1000 RDI: 0000000020000000
[   60.303694] RBP: 0000000000000086 R08: ffffffffffffffff R09: 0000000000000000
[   60.303700] R10: 0000000000000032 R11: 0000000000000216 R12: 00000000004b960f
[   60.303705] R13: 00000000ffffffff R14: 0000000020000000 R15: 0000000000002000
[   60.304320] Dumping ftrace buffer:
[   60.304374]    (ftrace buffer empty)
[   60.304377] Kernel Offset: disabled
[   61.029034] Rebooting in 86400 seconds..