0xae80, 0x0) ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0x101) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000246000-0x10)={0x75, 0x80000000000}) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f00001e1000)={0x10000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mremap(&(0x7f000028f000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00005cd000/0x3000)=nil) pkey_mprotect(&(0x7f00001f3000/0x1000)=nil, 0x1000, 0x5, 0xffffffffffffffff) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001f1000/0x18000)=nil, &(0x7f0000778000)=[@text32={0x20, &(0x7f000099a000)="b805000000b9000000000f01c1b9150800000f320f01cab9bd0800000f320f00dd0f00d00f01582d66b80c010f00d86767660f383251210f50f1", 0x3a}], 0x1, 0x8, &(0x7f00002f8000-0x20)=[@efer={0x2, 0x400}, @flags={0x3, 0x80400}], 0x2) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000aef000-0x90)={[0x10000, 0x7, 0xfffffffffffffc01, 0x80000000, 0x9d9e, 0xffff, 0x0, 0xe2, 0x7, 0x6d664873, 0x800, 0x3, 0x776b7480, 0x1ff, 0x9, 0x0], 0x0, 0x41090}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 26.682538] Interruptibility = 00000000 ActivityState = 00000000 [ 26.682539] *** Host State *** [ 26.682542] RIP = 0xffffffff811b6777 RSP = 0xffff8800398d74c8 [ 26.682547] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 26.682550] FSBase=00007fdfd85e2700 GSBase=ffff88003fc00000 TRBase=ffff88003fc22cc0 [ 26.682552] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 26.682556] CR0=0000000080050033 CR3=000000003dac7000 CR4=00000000000026f0 2017/08/11 21:15:12 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0xf000, 0xf, 0x7f0000, 0x3ff, 0x3, 0xfe00000000000000, 0x3, 0x5, 0xfe0, 0x9, 0x1, 0x0}, {0xdc97dc77cb2c6988, 0x1f007, 0xf, 0x0, 0x5, 0x5, 0x3ad0, 0xffff, 0x3, 0x80, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 26.682559] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 26.682562] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 26.682563] *** Control State *** [ 26.682565] PinBased=0000003f CPUBased=b699edfe SecondaryExec=001000e2 [ 26.682567] EntryControls=0001d1ff ExitControls=00afefff [ 26.682571] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 26.682575] VMEntry: intr_info=800000ff errcode=00000000 ilen=00000000 [ 26.682577] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 26.682579] reason=80000021 qualification=0000000000000000 [ 26.682580] IDTVectoring: info=00000000 errcode=00000000 [ 26.682582] TSC Offset = 0xffffffe796972fd4 2017/08/11 21:15:12 executing program 6: mmap(&(0x7f0000000000/0x68000)=nil, 0x68000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd2(0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000068000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000068000)=@ioapic={0x0, 0x5, 0x2, 0x3, 0x0, [{0x6, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x100, 0x151, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1}, {0xcb27, 0xff, 0x8, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x1cf9df56, 0x4, 0xf43, [0x0, 0x0, 0x0, 0x0], 0xdd}, {0x0, 0x4, 0x5c, [0x0, 0x0, 0x0, 0x0], 0xeb5}, {0x5, 0x1f, 0x1, [0x0, 0x0, 0x0, 0x0], 0x11}, {0x5, 0x0, 0x8, [0x0, 0x0, 0x0, 0x0], 0xfffffffffffffff8}, {0x10001, 0xecb, 0x0, [0x0, 0x0, 0x0, 0x0], 0x2}, {0x3, 0x7, 0x5, [0x0, 0x0, 0x0, 0x0], 0x78}, {0x3, 0x0, 0x4, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x9, 0x9a1, 0x400, [0x0, 0x0, 0x0, 0x0], 0x3ffc}, {0x0, 0xfffffffffffffcf8, 0x66d, [0x0, 0x0, 0x0, 0x0], 0x2}, {0x2, 0x400000000010001, 0x24, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x7f, 0x8001, 0x4, [0x0, 0x0, 0x0, 0x0], 0xa2a}, {0x80000001, 0x1, 0x0, [0x0, 0x0, 0x0, 0x0], 0x200}, {0x6, 0x0, 0x7f, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x9, 0x4, 0x9, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x2, 0x1, 0x2, [0x0, 0x0, 0x0, 0x0], 0xcc9}, {0x4, 0x200, 0x5, [0x0, 0x0, 0x0, 0x0], 0x401}, {0x2, 0x1, 0xeb9, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x2, 0x9, 0x7f, [0x0, 0x0, 0x0, 0x0], 0x100000001}, {0x0, 0xda6f, 0x9, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xea, 0x8, 0x4000000000000006, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x4834, 0x9, 0x1, [0x0, 0x0, 0x0, 0x0], 0x7}]}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000020000)={0x0, &(0x7f000002d000)=0x0, 0x2, r2, 0x3}) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000066000-0x20)={0x0, &(0x7f000002d000)=0x0, 0x2, r2, 0xffffff7fffffffff}) ioctl$KVM_GET_TSC_KHZ(0xffffffffffffffff, 0xaea3) [ 26.682584] EPT pointer = 0x000000003e13d01e [ 26.682586] Virtual processor ID = 0x0519 [ 26.701461] kvm [5613]: vcpu0, guest rIP: 0x0 disabled perfctr wrmsr: 0xc1 data 0x8000 [ 26.726841] kvm [5613]: vcpu0, guest rIP: 0x0 disabled perfctr wrmsr: 0xc1 data 0x8000 [ 26.730114] *** Guest State *** [ 26.730117] CR0: actual=0x0000000000000023, shadow=0x0000000060000003, gh_mask=fffffffffffffff7 2017/08/11 21:15:12 executing program 5: mmap(&(0x7f0000000000/0xaff000)=nil, 0xaff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000688000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SIGNAL_MSI(0xffffffffffffffff, 0x4020aea5, &(0x7f000000b000)={0x1000, 0x4000, 0x8, 0xf40, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000af5000)={0x79, 0x0, [0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000221000)=0xff) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00005d2000)={0x0, 0x0, 0x1000, 0x2000, &(0x7f000062d000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000007000/0x18000)=nil, &(0x7f0000022000-0x18)=[@textreal={0x8, &(0x7f0000af1000-0x6b)="b862038ee866b8fdffffff0f23d00f21f866350000000a0f23f80f213666b8c0cfc3810f23d00f21f866351000000e0f23f836660f2acb26660f380292a284dfa164e466b9800000c00f326635000400000f30baf80c66b84b501d8766efbafc0cb099eeba6100b8e13aef", 0x6b}], 0x1, 0x0, &(0x7f0000021000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 26.730120] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=fffffffffffff871 [ 26.730122] CR3 = 0x00000000fffbc000 [ 26.730123] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 26.730126] RFLAGS=0x00041090 DR7 = 0x0000000000030402 [ 26.730129] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 26.730132] CS: sel=0x0043, attr=0x040fb, limit=0x000fffff, base=0x0000000000000000 [ 26.730138] DS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000 [ 26.730143] SS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000 [ 26.730147] ES: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000 [ 26.730151] FS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000 [ 26.730155] GS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000 [ 26.730158] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 26.730162] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 26.730165] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 26.730169] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 26.730171] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 26.730174] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 26.730176] BndCfgS = 0x0000000000000000 [ 26.730178] Interruptibility = 00000008 ActivityState = 00000000 [ 26.730179] *** Host State *** [ 26.730182] RIP = 0xffffffff811b6777 RSP = 0xffff88006721f4c8 [ 26.730187] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 26.730189] FSBase=00007f3c9ba77700 GSBase=ffff88006e100000 TRBase=ffff88006e122cc0 [ 26.730192] GDTBase=ffffffffff574000 IDTBase=ffffffffff57b000 [ 26.730198] CR0=0000000080050033 CR3=0000000067d5d000 CR4=00000000000026e0 [ 26.730201] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 2017/08/11 21:15:12 executing program 3: mmap(&(0x7f0000000000/0xaf3000)=nil, 0xaf3000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000af1000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000ae6000-0x40)={0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_PIT(r2, 0xc048ae65, &(0x7f0000625000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) [ 26.730204] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 26.730205] *** Control State *** [ 26.730208] PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=001000e3 [ 26.730209] EntryControls=0001d1ff ExitControls=00afefff [ 26.730212] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 26.730215] VMEntry: intr_info=0000030d errcode=00000000 ilen=00000000 [ 26.730216] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 26.730218] reason=80000021 qualification=0000000000000000 [ 26.730220] IDTVectoring: info=00000000 errcode=00000000 [ 26.730222] TSC Offset = 0xffffffe78d8878b6 [ 26.730223] TPR Threshold = 0x00 [ 26.730225] EPT pointer = 0x000000006b72201e [ 26.730227] Virtual processor ID = 0x0522 [ 26.735896] *** Guest State *** [ 26.735899] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 26.735902] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=fffffffffffff871 2017/08/11 21:15:12 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x7f0000, 0x3ff, 0x3, 0xfe00000000000000, 0x3, 0x5, 0xfe0, 0x9, 0x1, 0x0}, {0xdc97dc77cb2c6988, 0x1f007, 0xf, 0x0, 0x5, 0x5, 0x3ad0, 0xffff, 0x3, 0x80, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 26.735904] CR3 = 0x00000000fffbc000 [ 26.735906] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 26.735908] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 26.735911] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 26.735914] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 26.735918] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 26.735922] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 26.735926] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 26.735932] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 26.735937] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 26.735940] GDTR: limit=0x0000ffff, base=0x0000000000000000 2017/08/11 21:15:12 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002bd000)={0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000aed000)={0x7, r0, 0x0}) write$eventfd(r3, &(0x7f0000aed000)=0x200, 0x8) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) eventfd2(0x0, 0x800) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000aea000-0x18)={0x0, 0x0, []}) eventfd2(0x6, 0x800) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) eventfd2(0x5, 0x800) ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000aee000-0x28)={0x9, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) eventfd2(0x8001, 0x0) eventfd2(0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 26.735944] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 26.735947] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 26.735951] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 26.735953] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 26.735956] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 26.735957] BndCfgS = 0x0000000000000000 [ 26.735960] Interruptibility = 00000000 ActivityState = 00000000 [ 26.735961] *** Host State *** [ 26.735964] RIP = 0xffffffff811b6777 RSP = 0xffff8800689e74c8 [ 26.735968] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 26.735971] FSBase=00007fdfd8603700 GSBase=ffff88006e100000 TRBase=ffff88006e122cc0 [ 26.735974] GDTBase=ffffffffff574000 IDTBase=ffffffffff57b000 2017/08/11 21:15:12 executing program 4: mmap(&(0x7f0000000000/0xae3000)=nil, 0xae3000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f000017c000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x80000001, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@textreal={0x8, &(0x7f0000ae4000)="3e0f001b66b9800000c00f326635010000000f30d88a45000f32b800018ec80f23b9360ff9c3662664f2addd8f0900f30f5805", 0x33}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}], 0x1) mmap(&(0x7f0000000000/0xae0000)=nil, 0xae0000, 0x3, 0x4d031, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 26.735977] CR0=0000000080050033 CR3=0000000039304000 CR4=00000000000026e0 [ 26.735982] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 26.735986] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 26.735987] *** Control State *** [ 26.735989] PinBased=0000003f CPUBased=b699edfe SecondaryExec=001000e2 [ 26.735991] EntryControls=0001d1ff ExitControls=00afefff [ 26.735994] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 26.735996] VMEntry: intr_info=800000ff errcode=00000000 ilen=00000000 [ 26.735998] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 26.736002] reason=80000021 qualification=0000000000000000 [ 26.736025] IDTVectoring: info=00000000 errcode=00000000 [ 26.736026] TSC Offset = 0xffffffe78b414ef2 [ 26.736028] EPT pointer = 0x000000006b49501e [ 26.736031] Virtual processor ID = 0x0523 [ 26.792588] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 26.794325] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 26.795090] GDTR: limit=0x00000004, base=0x0000000000000000 [ 26.795719] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 26.796460] IDTR: limit=0x00000000, base=0x0000000000000001 [ 26.797145] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 26.798946] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 26.800059] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 26.800638] BndCfgS = 0x0000000000000000 [ 26.800956] Interruptibility = 00000008 ActivityState = 00000000 [ 26.801702] *** Host State *** [ 26.801967] RIP = 0xffffffff811b6777 RSP = 0xffff88002c7df4c8 [ 26.802545] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 26.803248] FSBase=00007f4c3a973700 GSBase=ffff88003fd00000 TRBase=ffff88006e022cc0 [ 26.803867] GDTBase=ffffffffff575000 IDTBase=ffffffffff57b000 [ 26.804530] CR0=0000000080050033 CR3=000000003a4ba000 CR4=00000000000026e0 [ 26.805208] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 26.805819] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 26.806350] *** Control State *** [ 26.806629] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 26.807288] EntryControls=0001d1ff ExitControls=00afefff [ 26.807709] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 26.808545] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000 [ 26.809145] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 26.809761] reason=80000021 qualification=0000000000000000 [ 26.813069] IDTVectoring: info=00000000 errcode=00000000 [ 26.813595] TSC Offset = 0xffffffe7988c7f9c [ 26.816279] EPT pointer = 0x000000003b13701e [ 26.817395] Virtual processor ID = 0x0516 2017/08/11 21:15:12 executing program 3: mmap(&(0x7f0000000000/0xaf3000)=nil, 0xaf3000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000af1000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000ae6000-0x40)={0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_PIT(r2, 0xc048ae65, &(0x7f0000625000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) 2017/08/11 21:15:12 executing program 6: mmap(&(0x7f0000000000/0xaf6000)=nil, 0xaf6000, 0x3, 0x32, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x2, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000acd000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000adf000)="b90401004066b8470066bad104b0a9ee0f3052c76dfef3ab66b86f000f00d099d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e955266767f2a50f20d835080000000f22d8650f070f01b102000000", 0x5e}], 0x1, 0x0, &(0x7f0000af2000)=[], 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000ae9000)={0x7b, 0x0, [0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00008d3000)={"c8d0159ed3680688f0e8b18d0edc142710b585ad1729bc3e453d454e2fa3c8d3b48d66565810fc1ab111a07337cee279616a45b6503046dff269113dffb96fa05d412376e53f97774588577c86e438fa1d2c3a5d692a16107049eb416c1b09fa273de8de63dbef84e3745a1c5a21b97f17c41e902f5df397d88c66fad065b5d25dca12485a90172397352bfc2a74e169c9deb8df7391a115245f85ce17b52c472751738b309a0b6e7b588a9825031f60356adf1f98cfed065e794d3a29f4ec565518fea8a685d1ee3bc9f6eb523a5ebb4f1cea55c32a703bb15dcb07ed04086c96d62a020fe2f63738f99ecd3f91e69d8e3a49c37f15bcb83dcace48d526865faa5ac4de14dee3e547ba4bef0e66f8eaf96653f596162787a504d09c9a1f393f7f162f3c841440d0b46eb1a55b7ba42d4d3d7a007d34e9f829e5fe6ff2808f3c46b72fa727325cd6de3e2c3b888ab4cf717dff22fe39cb6f3973cf1fef794383782a6590d3d29ab199940b8d1ddccb195a4306e3e9b618475b1993fdc34cccd8e91dafd402bdfd03d66341249c04aefa340c1448a840c54506056334110e5122ae7ac079a22a1e71c78130a5440fdf7023826ef43efa154f1898e632ebc5148a8b6de2a725c69bdea3e1e44300ade89e934e990f90ee0f12528db5c251b192b81853cf52ac431d7249166d7f01d8663ecd99e3f36b8322a76c82d121158c461d8191d34f0a8c56587c9343d7790d9eb1ca1fab4b48ec0372ff235cf4839eae5db6718808debc0c741d4dca8a61677d0fc03cfd075bc4de894935b4c302a3fa6a926426c8080ce45b208d224391505e3c27655718f266a655e83100de2ae6bc7c9f861cd38b05c1bb58eb00defc04a15339fed77cb99010e0eedee23b31e6af80a6c19a5ff4e6d1ca59fc8dcbcca6c62d432ed40005499cf06ce8a141de0ba40c3b5782fa873fb80acd5d81e9194a086e4ee9d82aa4b83a8ebab2c39cc04d0907ad0b60d1cf2d7ef8c373b44154a5452c4fa9fd1204185d746a0adcb4a9b5804568a596f49fa712a7477e89e037321a5b96d03243e34e5942d1cfe584342e1f8d904025148d77f19dfff71bf62435ec7b8760b06b1ef893b4d2cace6dcb6564f3c9c8c851d01ada3f3cf60fae2fe15afd79a1c64b334ff8bdd2e854b78e69d313e5ea3e0ce951fc1782e802f454e84089a5dc28a6ddc5c52225efd6f86a18b00896ec436bf7d64bee1033210e4423d0b6e3f37cb2eab28d66c028879bfd3543206a683a5c91fa61c54fa0843eb6d613fdbd21c11794dedefab0576b7f4c5be20ce472d5fb32621f7b2e982329cb92db158a3b7a813353aff17d9d7c70635ccd8099b479acfd3f69d322c640e0798c67644ab4ef4a88e875da115770788d207e2e4afe7e00d0021c33d8ac2e79b857afb4517cee3e3564ed18acaab39bee8854c8"}) ioctl$KVM_PPC_GET_SMMU_INFO(r1, 0x8250aea6, &(0x7f0000165000)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) mlock2(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) 2017/08/11 21:15:12 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:12 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x7f0000, 0x3ff, 0x3, 0xfe00000000000000, 0x3, 0x5, 0xfe0, 0x9, 0x1, 0x0}, {0xdc97dc77cb2c6988, 0x1f007, 0xf, 0x0, 0x5, 0x5, 0x3ad0, 0xffff, 0x3, 0x80, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:12 executing program 5: mmap(&(0x7f0000000000/0xaff000)=nil, 0xaff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000688000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SIGNAL_MSI(0xffffffffffffffff, 0x4020aea5, &(0x7f000000b000)={0x1000, 0x4000, 0x8, 0xf40, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000af5000)={0x79, 0x0, [0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000221000)=0xff) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00005d2000)={0x0, 0x0, 0x1000, 0x2000, &(0x7f000062d000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000007000/0x18000)=nil, &(0x7f0000022000-0x18)=[@textreal={0x8, &(0x7f0000af1000-0x6b)="b862038ee866b8fdffffff0f23d00f21f866350000000a0f23f80f213666b8c0cfc3810f23d00f21f866351000000e0f23f836660f2acb26660f380292a284dfa164e466b9800000c00f326635000400000f30baf80c66b84b501d8766efbafc0cb099eeba6100b8e13aef", 0x6b}], 0x1, 0x0, &(0x7f0000021000)=[], 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 2017/08/11 21:15:12 executing program 4: mmap(&(0x7f0000000000/0xae3000)=nil, 0xae3000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f000017c000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x80000001, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@textreal={0x8, &(0x7f0000ae4000)="3e0f001b66b9800000c00f326635010000000f30d88a45000f32b800018ec80f23b9360ff9c3662664f2addd8f0900f30f5805", 0x33}], 0x1, 0x0, &(0x7f0000adf000)=[], 0x0) mmap(&(0x7f0000000000/0xae0000)=nil, 0xae0000, 0x3, 0x4d031, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:12 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002bd000)={0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000aed000)={0x7, r0, 0x0}) write$eventfd(r3, &(0x7f0000aed000)=0x200, 0x8) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) eventfd2(0x0, 0x800) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000aea000-0x18)={0x0, 0x0, []}) eventfd2(0x6, 0x800) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) eventfd2(0x5, 0x800) ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000aee000-0x28)={0x9, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) eventfd2(0x8001, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 26.847473] *** Guest State *** [ 26.848744] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 26.849564] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 26.850396] CR3 = 0x0000000000002000 [ 26.850685] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 26.851278] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 26.851830] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 26.852424] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 26.853245] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 26.853878] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 26.854626] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 26.855266] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 26.857045] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 26.857843] GDTR: limit=0x00000004, base=0x0000000000000000 [ 26.859974] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 26.861053] IDTR: limit=0x00000000, base=0x0000000000000001 [ 26.861698] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 26.863780] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 26.864474] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 26.865208] BndCfgS = 0x0000000000000000 2017/08/11 21:15:12 executing program 3: mmap(&(0x7f0000000000/0xaf3000)=nil, 0xaf3000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000af1000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000ae6000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_PIT(r2, 0xc048ae65, &(0x7f0000625000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) [ 26.865771] Interruptibility = 00000000 ActivityState = 00000000 [ 26.866664] *** Host State *** [ 26.866968] kvm [5669]: vcpu0, guest rIP: 0x9110 Hyper-V uhandled wrmsr: 0x4000008f data 0x4d1ba6600a9 [ 26.867028] kvm [5669]: vcpu0, guest rIP: 0x9110 Hyper-V uhandled wrmsr: 0x4000008e data 0x4d1ba6600a9 [ 26.871161] kvm [5669]: vcpu0, guest rIP: 0x9110 Hyper-V uhandled wrmsr: 0x40000020 data 0x4d1ba6600a9 [ 26.885782] RIP = 0xffffffff811b6777 RSP = 0xffff880069d174c8 [ 26.886444] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 26.887235] FSBase=00007f4c3a973700 GSBase=ffff88006e000000 TRBase=ffff88006e022cc0 [ 26.887966] GDTBase=ffffffffff575000 IDTBase=ffffffffff57b000 [ 26.888661] CR0=0000000080050033 CR3=00000000548a5000 CR4=00000000000026e0 [ 26.889395] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 26.890140] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 26.890722] *** Control State *** [ 26.891122] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 26.892566] EntryControls=0001d1ff ExitControls=00afefff [ 26.893174] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 26.893918] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000 [ 26.894606] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 26.895418] reason=80000021 qualification=0000000000000000 [ 26.896095] IDTVectoring: info=00000000 errcode=00000000 [ 26.896674] TSC Offset = 0xffffffe775691348 [ 26.897186] EPT pointer = 0x000000005340201e [ 26.898692] Virtual processor ID = 0x04fc 2017/08/11 21:15:12 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x3ff, 0x3, 0xfe00000000000000, 0x3, 0x5, 0xfe0, 0x9, 0x1, 0x0}, {0xdc97dc77cb2c6988, 0x1f007, 0xf, 0x0, 0x5, 0x5, 0x3ad0, 0xffff, 0x3, 0x80, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:12 executing program 1: mmap(&(0x7f0000000000/0xaed000)=nil, 0xaed000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000ae5000-0x48)={0x80003, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x52, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r0, r2, &(0x7f000028b000/0x18000)=nil, &(0x7f0000aee000-0x18)=[@text32={0x20, &(0x7f00002ea000)="0f8306000000d935000000000f213666baf80cb870aeef87ef66bafc0cb8a0d50000eff20f060f01c966ba6100edc74424000a000000c7442402329a0000c7442406000000000f011424b8010000000f01c1260f01cb", 0x56}], 0x1, 0x4, &(0x7f0000aee000-0x10)=[@cr0={0x0, 0x13}], 0x1) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x1, 0x35, r1, 0x3) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x0, 0x32, r0, 0x0) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af0000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af0000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af0000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@textreal={0x8, &(0x7f0000931000)="3ddddb66b8007000000f23c00f21f86635020003003e0f4ba20c4f0f20e06635000001000f22e067c39da6fe6f1a9166b9800000c0f3e00066357b000100000030b800058ee0cc200066b89f6a000066ef66b90903000066b8c3da13d566b9800000c00f326635001000000f300f3026660f78c700ccf0290b", 0x79}], 0x1, 0x400064, &(0x7f0000af0000)=[@flags={0x3, 0x4}], 0x1) r3 = pkey_alloc(0x0, 0x0) pkey_free(r3) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000ae1000)=[@text16={0x10, &(0x7f0000ae2000-0x5b)="6766c7442400009000006766c7442402050000006664c73524068d00000000000f011c240f0866b8430000000f23d00f21f86735a630000066b91503000066b8d400000066ba000000000f3067f36d0f3266b97e0300000f3266b9760900000f32f22e0f001d0f183f66640f06", 0x6d}], 0x1, 0x0, &(0x7f0000ae1000)=[@cr4={0x2, 0x0}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0x101) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000246000-0x10)={0x75, 0x80000000000}) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f00001e1000)={0x10000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mremap(&(0x7f000028f000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00005cd000/0x3000)=nil) pkey_mprotect(&(0x7f00001f3000/0x1000)=nil, 0x1000, 0x5, 0xffffffffffffffff) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001f1000/0x18000)=nil, &(0x7f0000778000)=[@text32={0x20, &(0x7f000099a000)="b805000000b9000000000f01c1b9150800000f320f01cab9bd0800000f320f00dd0f00d00f01582d66b80c010f00d86767660f383251210f50f1", 0x3a}], 0x1, 0x8, &(0x7f00002f8000-0x20)=[@efer={0x2, 0x400}, @flags={0x3, 0x80400}], 0x2) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000aef000-0x90)={[0x10000, 0x7, 0xfffffffffffffc01, 0x80000000, 0x9d9e, 0xffff, 0x0, 0xe2, 0x7, 0x6d664873, 0x800, 0x3, 0x776b7480, 0x1ff, 0x9, 0x0], 0x0, 0x41090}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:12 executing program 5: mmap(&(0x7f0000000000/0xa71000)=nil, 0xa71000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000d29000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000)=0x6, 0x200c, 0x0) r0 = pkey_alloc(0x0, 0x8000) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f000000b000-0x20)={0x10007, 0x1, 0x1, 0x2000, &(0x7f0000007000/0x2000)=nil}) pkey_mprotect(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x3, r0) munmap(&(0x7f0000006000/0x1000)=nil, 0x1000) munlock(&(0x7f0000693000/0x2000)=nil, 0x2000) mremap(&(0x7f0000005000/0x1000)=nil, 0x1000, 0xb000, 0x3, &(0x7f0000a66000/0xb000)=nil) mremap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0) mmap(&(0x7f0000a71000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r1, 0xc008ae09, &(0x7f0000a72000-0x44)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000a6b000)={0x10003, 0x1, 0xf002, 0x2000, &(0x7f0000008000/0x2000)=nil}) mlock2(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1) mlock2(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x0) r3 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0) munlock(&(0x7f0000003000/0x2000)=nil, 0x2000) ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f000000a000)=@ioapic={0x1d002, 0x0, 0x0, 0x5, 0x0, [{0x3, 0x6823fa17, 0x101, [0x0, 0x0, 0x0, 0x0], 0x5}, {0x3f, 0x7fffffff, 0x1, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x8, 0x40, 0x1, [0x0, 0x0, 0x0, 0x0], 0x1}, {0x40, 0x0, 0x80000001, [0x0, 0x0, 0x0, 0x0], 0xfffffffffffffffd}, {0x40, 0xcec, 0x4, [0x0, 0x0, 0x0, 0x0], 0x5f6}, {0x2, 0x0, 0xe, [0x0, 0x0, 0x0, 0x0], 0x0}, {0xffffffffffffff7c, 0x602, 0xffffffffffffffc1, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x3, 0x0, 0x80, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x1, 0x8, 0x5, [0x0, 0x0, 0x0, 0x0], 0x8}, {0xf3e, 0x59c, 0x3, [0x0, 0x0, 0x0, 0x0], 0x2}, {0x8000000000, 0x6, 0xdc0d, [0x0, 0x0, 0x0, 0x0], 0xcf7}, {0x131f, 0xfffffffffffffffb, 0x3, [0x0, 0x0, 0x0, 0x0], 0x8a0}, {0x4, 0x9, 0xb6, [0x0, 0x0, 0x0, 0x0], 0x187}, {0xf2, 0xfffffffffffffffc, 0x800, [0x0, 0x0, 0x0, 0x0], 0xffffffffffffff81}, {0x1ff, 0xe5d, 0x5, [0x0, 0x0, 0x0, 0x0], 0x1}, {0x51c2, 0x96f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x1, 0x0, 0x7, [0x0, 0x0, 0x0, 0x0], 0x7ff}, {0x200, 0x80000000, 0x9ac, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x7f, 0x7, 0x6, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x200, 0x2, 0xbf59, [0x0, 0x0, 0x0, 0x0], 0x101}, {0x4, 0xbcc, 0x86a, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x7, 0x9, 0xffffffffffffde65, [0x0, 0x0, 0x0, 0x0], 0x1000}, {0x3ff, 0x7fffffff, 0xc11, [0x0, 0x0, 0x0, 0x0], 0xec}, {0x7, 0xdd18, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x3}]}) 2017/08/11 21:15:12 executing program 4: mmap(&(0x7f0000000000/0xae3000)=nil, 0xae3000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f000017c000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x80000001, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@textreal={0x8, &(0x7f0000ae4000)="3e0f001b66b9800000c00f326635010000000f30d88a45000f32b800018ec80f23b9360ff9c3662664f2addd8f0900f30f5805", 0x33}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x0}], 0x1) mmap(&(0x7f0000000000/0xae0000)=nil, 0xae0000, 0x3, 0x4d031, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:12 executing program 6: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = eventfd2(0xffff, 0x1) madvise(&(0x7f0000120000/0x4000)=nil, 0x4000, 0x400000000010) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f0000001000-0x20)={0x2001, &(0x7f0000835000)=0x0, 0x8, r1, 0x2}) mmap(&(0x7f0000000000/0xb000)=nil, 0xb000, 0x3, 0x32, r0, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(0xffffffffffffffff, 0x8008ae9d, &(0x7f0000c05000)="0000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffff9c, 0xae41, 0x0) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f000000a000)={0x4800000000000000, 0x10f001, 0x8000, 0x5, 0x1e, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)="2f6465762f6b766d00", 0x191200, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r3, 0x4048ae9b, &(0x7f0000009000)={0x2, 0x0, [0x6, 0x4, 0x0, 0x3ff, 0x3, 0x9, 0x0, 0x100]}) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f000000b000-0x8)="2f6465762f6b766d00", 0x414082, 0x0) ioctl$KVM_ASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x8040ae69, &(0x7f000000a000-0x14)={0x6, 0x0, 0x400, 0x3, 0x3}) mmap(&(0x7f000000b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000008000)={{0x3002, 0xd000, 0x0, 0x101, 0x3, 0x200, 0x1c50, 0x2, 0x9, 0x2, 0xfffffffffffffbff, 0x6, 0x0}, {0x13004, 0x5004, 0xc, 0x9, 0x2, 0x1c, 0x40, 0x8, 0x8, 0x2, 0x95, 0xa282, 0x0}, {0x105004, 0xd000, 0xb, 0xac8, 0x5b7, 0x5, 0x3, 0x7f24, 0x0, 0x1, 0x8, 0x8, 0x0}, {0x2000, 0x1f000, 0xf, 0xd9af, 0x4, 0x2, 0x9, 0x7fff, 0xd91f, 0x7ff, 0x80, 0x9, 0x0}, {0x7529073b3e4a7132, 0x107000, 0x10, 0x400, 0x7, 0x3, 0x59e7, 0x4a, 0xff, 0x5, 0x8001, 0x0, 0x0}, {0x7005, 0x5, 0x1a, 0x8001, 0x5, 0x8, 0x1, 0x2, 0x4, 0x1f, 0x7, 0xfffffffffffffff9, 0x0}, {0x5000, 0x2, 0x9, 0x81, 0x7fff, 0x1ff, 0x2, 0x7, 0xffffffffffffff01, 0xffffffffffffffe1, 0xe19, 0x4, 0x0}, {0x3000, 0x6, 0xf, 0x0, 0xffffffffffffff0a, 0x6, 0xffffffff8ff0bbae, 0x8, 0x0, 0x2, 0x8, 0x100, 0x0}, {0x1f001, 0x5000, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x20040001, 0x0, 0x107000, 0x40, 0x1, 0x2d00, 0x106000, [0x1, 0x3d, 0xa26, 0x1]}) ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000007000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_DEASSIGN_DEV_IRQ(r4, 0x4040ae75, &(0x7f000000a000)={0x0, 0x10, 0xaf, 0x3}) ioctl$KVM_CHECK_EXTENSION_VM(r4, 0xae03, 0xfff) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) mmap(&(0x7f0000000000/0x64000)=nil, 0x64000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = eventfd2(0x0, 0x0) mmap(&(0x7f0000064000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_PIT(r4, 0xc048ae65, &(0x7f0000064000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000006000)={0x0, &(0x7f000002d000)=0x0, 0x0, r7, 0xa}) ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000023000)={0x0, &(0x7f0000006000-0x8)=0x0, 0x0, r1, 0xffbfffffffffffff}) r8 = pkey_alloc(0x0, 0x2) pkey_mprotect(&(0x7f0000025000/0x2000)=nil, 0x2000, 0x0, r8) 2017/08/11 21:15:12 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0x0, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:12 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002bd000)={0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000aed000)={0x7, r0, 0x0}) write$eventfd(r3, &(0x7f0000aed000)=0x200, 0x8) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) eventfd2(0x0, 0x800) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000aea000-0x18)={0x0, 0x0, []}) eventfd2(0x6, 0x800) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) eventfd2(0x5, 0x800) ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000aee000-0x28)={0x9, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:12 executing program 3: mmap(&(0x7f0000000000/0xaf3000)=nil, 0xaf3000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000af1000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000ae6000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_PIT(0xffffffffffffffff, 0xc048ae65, &(0x7f0000625000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) [ 26.938239] *** Guest State *** [ 26.938506] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 26.939126] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 26.939770] CR3 = 0x0000000000002000 [ 26.941613] RSP = 0x0000000000000f77 RIP = 0x000000000000914a [ 26.942093] *** Guest State *** [ 26.942098] CR0: actual=0x0000000000000023, shadow=0x0000000060000003, gh_mask=fffffffffffffff7 [ 26.942103] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=fffffffffffff871 2017/08/11 21:15:12 executing program 4: mmap(&(0x7f0000000000/0xae3000)=nil, 0xae3000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f000017c000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x80000001, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@textreal={0x8, &(0x7f0000ae4000)="3e0f001b66b9800000c00f326635010000000f30d88a45000f32b800018ec80f23b9360ff9c3662664f2addd8f0900f30f5805", 0x33}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}], 0x1) mmap(&(0x7f0000000000/0xae0000)=nil, 0xae0000, 0x0, 0x4d031, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 26.942106] CR3 = 0x00000000fffbc000 [ 26.942109] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 26.942113] RFLAGS=0x00041090 DR7 = 0x0000000000000400 [ 26.942118] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 26.942124] CS: sel=0x0043, attr=0x040fb, limit=0x000fffff, base=0x0000000000000000 [ 26.942131] DS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000 [ 26.942138] SS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000 [ 26.942144] ES: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000 [ 26.942151] FS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000 [ 26.942157] GS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000 [ 26.942162] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 26.942169] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 26.942174] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 26.942180] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 26.942184] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 26.942189] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 26.942191] BndCfgS = 0x0000000000000000 [ 26.942195] Interruptibility = 00000008 ActivityState = 00000000 [ 26.942197] *** Host State *** [ 26.942202] RIP = 0xffffffff811b6777 RSP = 0xffff8800524bf4c8 [ 26.942210] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 2017/08/11 21:15:12 executing program 5: mmap(&(0x7f0000000000/0xaeb000)=nil, 0xaeb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f000032e000-0x40)={0x7a4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f000060f000-0x18)=[@text32={0x20, &(0x7f0000aee000-0x5f)="f30fbb3366baf80cb8b265ef8bef66bafc0c66b8001066efc7442400c900c0fec74424024f000000c7442406000000000f011424f3e00e0f013666b80f008ed0646465da070f017b34260fc75907b998080000b886000000ba000000000f30", 0x5f}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) r3 = eventfd2(0x0, 0x800) mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) read$eventfd(r3, &(0x7f0000aec000)=0x0, 0x8) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000aea000-0x18)={0x0, 0x0, []}) eventfd2(0x6, 0x800) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000aee000-0x28)={0x9, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r5 = eventfd2(0x8001, 0x0) r6 = eventfd2(0x0, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r4, 0x4004ae8b, &(0x7f0000071000-0x50)={0x4c, "1c4c820efa6b7414d1451725b70130486bbb62b52d1988fed8d4e07f6759f6f8bb9b7bd91f07536afca166954696c90af92f61c54c15daa13f1877ec029bc190d2f351321a498a14db24be40"}) ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0xfffffffffffffffa) ioctl$KVM_PPC_GET_PVINFO(r1, 0x4080aea1, &(0x7f0000aee000-0xf1)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000aeb000-0x20)={r5, 0x3, 0x2, r6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000aef000-0x9)="2f6465762f6b766d00", 0x80, 0x0) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f00009bf000-0x8)=0x4000) read$eventfd(r6, &(0x7f0000aee000-0x8)=0x0, 0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 26.942215] FSBase=00007f3c9ba77700 GSBase=ffff88006e100000 TRBase=ffff88006e122cc0 [ 26.942220] GDTBase=ffffffffff574000 IDTBase=ffffffffff57b000 [ 26.942226] CR0=0000000080050033 CR3=0000000067b6f000 CR4=00000000000026e0 [ 26.942231] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 26.942236] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 26.942238] *** Control State *** [ 26.942242] PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=001000e3 [ 26.942245] EntryControls=0001d1ff ExitControls=00afefff [ 26.942250] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 26.942253] VMEntry: intr_info=0000030d errcode=00000000 ilen=00000000 [ 26.942257] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 26.942260] reason=80000021 qualification=0000000000000000 [ 26.942263] IDTVectoring: info=00000000 errcode=00000000 [ 26.942266] TSC Offset = 0xffffffe7630c6d5c [ 26.942268] TPR Threshold = 0x00 [ 26.942272] EPT pointer = 0x000000006889601e [ 26.942276] Virtual processor ID = 0x0523 [ 26.972160] RFLAGS=0x00000046 DR7 = 0x0000000000000400 [ 26.972787] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 2017/08/11 21:15:12 executing program 6: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, r0, 0x0) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000acd000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text64={0x40, &(0x7f0000af4000-0x4e)="b9800000c00f3235000100000f300f08c4a179d626c461acc6b6dd000000e366baa10066b8016066ef66b818010f00d8c744240020000000c744240200000000ff2c24f30f0139f0802300f20f08", 0x4e}], 0x1, 0x0, &(0x7f0000453000)=[], 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000ae9000)={0x2007b, 0x0, [0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000819000-0x10)={0x6, 0x8, 0x3, 0x4}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000af4000-0x78)={0x7, 0x0, [{0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}]}) mmap(&(0x7f0000000000/0xe000)=nil, 0xe000, 0x0, 0x32, 0xffffffffffffffff, 0x0) mlock2(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x0) madvise(&(0x7f0000004000/0x9000)=nil, 0x9000, 0x0) mremap(&(0x7f00007cc000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f00004f1000/0x1000)=nil) mremap(&(0x7f00001ca000/0x1000)=nil, 0x1000, 0x1000, 0xffffffffffffffff, &(0x7f0000624000/0x1000)=nil) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000006000)={0x3, r1, 0x0}) ioctl$KVM_ASSIGN_SET_MSIX_NR(r4, 0x4008ae73, &(0x7f000000d000)={0x10001, 0x229cd9a4}) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0) mmap(&(0x7f000000e000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f000061a000+0x1e4)={0x81, 0x0, [0x100000000, 0x1, 0x8, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f000000e000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_CLOCK(r4, 0x8030ae7c, &(0x7f000000f000-0x30)={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x3, 0x2132, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f000036d000-0x40)={0x9b8d, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) [ 26.973471] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 26.978651] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 26.979518] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 26.980546] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 2017/08/11 21:15:12 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfe00000000000000, 0x3, 0x5, 0xfe0, 0x9, 0x1, 0x0}, {0xdc97dc77cb2c6988, 0x1f007, 0xf, 0x0, 0x5, 0x5, 0x3ad0, 0xffff, 0x3, 0x80, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 26.981393] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 26.982599] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 26.983354] GDTR: limit=0x00000004, base=0x0000000000000000 [ 26.984204] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 26.986253] IDTR: limit=0x00000000, base=0x0000000000000001 [ 26.987042] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 26.987890] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 26.988696] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 26.989521] BndCfgS = 0x0000000000000000 [ 26.989892] Interruptibility = 00000000 ActivityState = 00000000 [ 26.990503] *** Host State *** [ 26.990925] RIP = 0xffffffff811b6777 RSP = 0xffff88003a3d74c8 [ 26.991512] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 26.992217] FSBase=00007f4c3a973700 GSBase=ffff88003fd00000 TRBase=ffff88003fc22cc0 [ 26.992937] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 26.993526] CR0=0000000080050033 CR3=0000000069bb5000 CR4=00000000000026e0 [ 26.994277] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 26.994926] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 26.995499] *** Control State *** [ 26.995823] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 26.996577] EntryControls=0001d1ff ExitControls=00afefff [ 26.997105] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 26.997868] VMEntry: intr_info=80000017 errcode=00000118 ilen=00000000 [ 26.998507] VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 [ 26.999230] reason=80000021 qualification=0000000000000000 [ 26.999822] IDTVectoring: info=00000000 errcode=00000118 [ 27.000373] TSC Offset = 0xffffffe762e9b598 [ 27.000883] EPT pointer = 0x000000003921401e [ 27.001309] Virtual processor ID = 0x0531 2017/08/11 21:15:12 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:12 executing program 1: mmap(&(0x7f0000000000/0xae3000)=nil, 0xae3000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) mmap(&(0x7f0000a6f000/0x6000)=nil, 0x6000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000ae3000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000ae3000)={0x2000, 0x100000, 0x0}) mmap(&(0x7f0000ae3000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000ae4000-0x68)={0x79, 0x0, [0x8a, 0x5103, 0x8, 0x0], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000ae3000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r3 = eventfd2(0x8000, 0x80000) mmap(&(0x7f0000ae4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000ae5000-0x20)={0xbbcb4cbaeb7a4ffe, &(0x7f00001a5000-0x8)=0x0, 0x1, r3, 0x2}) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f000083d000/0x2000)=nil, 0x2000, 0x3, 0x10, r4, 0x800000) mmap(&(0x7f0000ae4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000ae5000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_INTERRUPT(r5, 0x4004ae86, &(0x7f0000411000-0x4)=0x7b) ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x2) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff}) syz_kvm_setup_cpu$x86(r1, r5, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@textreal={0x8, &(0x7f0000ae4000)="3e0f001b66b9800000c00f326635010000000f30d88a45000f32b800018ec80f23b9360ff9c3662664f2addd8f0900f30f5805", 0x33}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @vmwrite={0x8, 0x0, 0x0, 0x0, 0x8, 0x0, 0x4, 0x0, 0x6}], 0x2) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000671000-0x10)={0x1ff, 0x0, &(0x7f0000474000/0x2000)=nil}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_DEASSIGN_DEV_IRQ(r4, 0x4040ae75, &(0x7f00000f3000)={0x3ff, 0x5, 0xfffffffffffffff9, 0x400}) 2017/08/11 21:15:12 executing program 4: mmap(&(0x7f0000000000/0xae3000)=nil, 0xae3000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f000017c000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x80000001, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@textreal={0x8, &(0x7f0000ae4000)="3e0f001b66b9800000c00f326635010000000f30d88a45000f32b800018ec80f23b9360ff9c3662664f2addd8f0900f30f5805", 0x33}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}], 0x1) mmap(&(0x7f0000000000/0xae0000)=nil, 0xae0000, 0x3, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:12 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002bd000)={0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000aed000)={0x7, r0, 0x0}) write$eventfd(r3, &(0x7f0000aed000)=0x200, 0x8) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) eventfd2(0x0, 0x800) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000aea000-0x18)={0x0, 0x0, []}) eventfd2(0x6, 0x800) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) eventfd2(0x5, 0x800) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:12 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfe00000000000000, 0x3, 0x5, 0xfe0, 0x9, 0x1, 0x0}, {0xdc97dc77cb2c6988, 0x1f007, 0xf, 0x0, 0x5, 0x5, 0x3ad0, 0xffff, 0x3, 0x80, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:12 executing program 3: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000000000)={0x1, 0xffffffffffffff9c, 0x1}) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000000)=0x0) pkey_alloc(0x0, 0x1) mmap(&(0x7f0000000000/0xaec000)=nil, 0xaec000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r0, 0xc004aea7, &(0x7f0000aee000-0x4)=0xffffffffffff2de7) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r0, 0x8008ae9d, &(0x7f0000aec000)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r0, 0x8008ae9d, &(0x7f0000a60000)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f000000f000-0x6)="2f6465762f6b766d00", 0x0, 0x0) mmap(&(0x7f000000f000/0x1000)=nil, 0x1000, 0x2000005, 0x32, r1, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f000000f000-0x6)="2f6465762f6b766d00", 0x121101, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f00000c3000-0x40)={0xe019, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) write$eventfd(r2, &(0x7f0000772000)=0x20, 0x8) read$eventfd(r2, &(0x7f0000aec000)=0x0, 0x8) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00005b1000-0xc)={0x3, r2, 0x0}) ioctl$KVM_SET_CLOCK(r3, 0x4030ae7b, &(0x7f0000242000)={0xfc1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) [ 27.029520] *** Guest State *** [ 27.029835] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 27.030811] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 27.031621] CR3 = 0x0000000000002000 [ 27.032029] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 27.032571] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 27.033167] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 27.033733] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.034617] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.035170] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 27.036259] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 27.036864] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.037737] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.038282] GDTR: limit=0x00000004, base=0x0000000000000000 [ 27.039450] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 27.040188] IDTR: limit=0x00000000, base=0x0000000000000001 [ 27.041061] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 27.041818] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 27.042566] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 27.043236] BndCfgS = 0x0000000000000000 [ 27.043734] Interruptibility = 00000000 ActivityState = 00000000 [ 27.044296] *** Host State *** [ 27.044910] RIP = 0xffffffff811b6777 RSP = 0xffff88003df274c8 2017/08/11 21:15:12 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x637}) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00009c7000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0b0800000000000000001ccb1007655a4f7410ae2abb2a1756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac477f1ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f79420c7ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269e787224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77615cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3520baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624bd6bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f000026f000)={0x0, 0xdf, 0x8, &(0x7f00009f0000-0x8)=0x0}) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000af0000-0x8)={0x1, 0x6}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000af4000)={0x8097, 0x10001}) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000394000-0x14)={0x0, 0x0, 0x7ff, 0x0, 0x0}) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000af5000-0x68)={0x4, 0x0, [{0xc0000001, 0x7, 0x8, 0x2a, 0x5, 0x0}, {0x8000000b, 0x1, 0x25, 0xfffffffffffffe00, 0x80000000, 0x0}, {0xb, 0x3, 0x80000000, 0x4, 0x2e, 0x0}, {0x1, 0x2, 0x5, 0xd7fb, 0x6, 0x0}]}) [ 27.046254] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 27.046926] FSBase=00007f4c3a973700 GSBase=ffff88003fc00000 TRBase=ffff88003fc22cc0 [ 27.047969] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 27.048516] CR0=0000000080050033 CR3=000000003e1a1000 CR4=00000000000026f0 [ 27.049631] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 27.050276] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 27.050946] *** Control State *** [ 27.051273] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 27.052103] EntryControls=0001d1ff ExitControls=00afefff [ 27.052593] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 27.053329] VMEntry: intr_info=80000017 errcode=00000000 ilen=00000000 [ 27.053920] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 27.054811] reason=80000021 qualification=0000000000000000 [ 27.055421] IDTVectoring: info=00000000 errcode=00000000 [ 27.057219] TSC Offset = 0xffffffe7502b83a6 [ 27.057951] EPT pointer = 0x000000003ab6f01e [ 27.058367] Virtual processor ID = 0x0543 2017/08/11 21:15:12 executing program 5: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)="2f6465762f6b766d00", 0x428001, 0x0) mmap(&(0x7f0000f84000/0x13000)=nil, 0x13000, 0x3, 0x32, r0, 0x5b) mmap(&(0x7f000002c000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f000002b000)={0x3, 0x0, [{0x0, 0x7, 0x1, 0x3, 0x3, 0x40, 0x8, [0x0, 0x0, 0x0]}, {0xc0000000, 0x0, 0x0, 0x6, 0x8, 0x99, 0x6, [0x0, 0x0, 0x0]}, {0x80000019, 0x1, 0x1, 0x7, 0x7, 0x8, 0x3000, [0x0, 0x0, 0x0]}]}) mmap(&(0x7f000002c000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f000002c000)="2f6465762f6b766d00", 0x200000022000, 0x0) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f0000000000)={[{0x0, 0xc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x800, 0xa68}, {0x0, 0x3, 0x10000, 0x5, 0x5, 0xffffffffffffff5a, 0x5, 0x0, 0x7f, 0x1f, 0x6, 0x2, 0x0}, {0x2, 0xf6c3, 0x579, 0x9, 0x1fffc00000000, 0x43f, 0x4, 0x80, 0x57, 0xfff, 0x3, 0x1, 0xfffffffffffffffe}], 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x3, 0x31, 0xffffffffffffffff, 0x0) ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x12) mmap(&(0x7f000000f000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000003000)="2f6465762f6b766d00", 0x581001, 0x0) mprotect(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x7) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r3, 0x8008ae9d, &(0x7f0000007000-0x17)="0000000000000000000000000000000000000000000000") mbind(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000005000-0x8)=0x9, 0x7f, 0x0) ioctl$KVM_GET_XCRS(0xffffffffffffffff, 0x8188aea6, &(0x7f0000002000)={0x7, 0x2, [{0xfffffffffffff800, 0x0, 0x2}, {0x2, 0x0, 0xe0}, {0x4, 0x0, 0x9}, {0x52d, 0x0, 0xffff}, {0x9, 0x0, 0xffffffff}, {0x9, 0x0, 0x1f}, {0x0, 0x0, 0x6}]}) mbind(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x1, &(0x7f000000d000-0x8)=0x0, 0x2, 0x3) mmap(&(0x7f0000010000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_DIRTY_TLB(r1, 0x4010aeaa, &(0x7f0000010000)={0x100, 0x24}) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) mlock2(&(0x7f000000d000/0x2000)=nil, 0x2000, 0x1) mmap(&(0x7f0000011000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r1, 0x4048ae9b, &(0x7f0000012000-0x48)={0x1, 0x0, [0x0, 0x7ff, 0x9, 0x7, 0x0, 0xa, 0x5, 0x2]}) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) 2017/08/11 21:15:12 executing program 6: mmap(&(0x7f0000000000/0xaeb000)=nil, 0xaeb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, &(0x7f0000007000)={0x6, [0x14bbf6c5, 0xff, 0x1, 0x2, 0x1, 0x9]}) r3 = eventfd2(0xfff, 0x80000) read$eventfd(r3, &(0x7f0000964000-0x8)=0x0, 0x8) r4 = pkey_alloc(0x0, 0x3) pkey_free(r4) mbind(&(0x7f00003d2000/0x400000)=nil, 0x400000, 0x2, &(0x7f0000aeb000-0x8)=0x1, 0x7, 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000086000-0x20)={0x0, 0x2, 0x1, 0x2000, &(0x7f00009b1000/0x2000)=nil}) r5 = eventfd2(0x80000000, 0x80801) read$eventfd(r5, &(0x7f000044a000)=0x0, 0x8) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f000099d000-0x120)={0x7, 0x0, [{0x80000006, 0x9, 0x2, 0x9, 0xe669, 0xffffffff, 0x7f, [0x0, 0x0, 0x0]}, {0xb, 0x401, 0x0, 0xffffffff, 0x0, 0x909, 0x9, [0x0, 0x0, 0x0]}, {0x40000000, 0x4788, 0x5, 0x2, 0x7ff, 0x80000000, 0x2, [0x0, 0x0, 0x0]}, {0x40000007, 0xfff, 0x2, 0xffff, 0x2, 0x1ff, 0x3, [0x0, 0x0, 0x0]}, {0x40000001, 0x80000000, 0x2, 0x3, 0x4, 0x5c0a, 0xc7, [0x0, 0x0, 0x0]}, {0x80000019, 0x80, 0x1, 0x0, 0x1, 0x8, 0x9, [0x0, 0x0, 0x0]}, {0x0, 0x6, 0x4, 0x401, 0x3, 0x63f, 0x1, [0x0, 0x0, 0x0]}]}) madvise(&(0x7f0000711000/0x4000)=nil, 0x4000, 0x6) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000aeb000-0x10)={0x15004, 0x10000, 0x0}) write$eventfd(0xffffffffffffffff, &(0x7f0000789000)=0x7, 0x8) eventfd2(0x200000000000000, 0x80801) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000a72000-0x18)={0x1, 0x0, [{0x11, 0x0, 0x5fff}]}) 2017/08/11 21:15:12 executing program 4: mmap(&(0x7f0000000000/0xae3000)=nil, 0xae3000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f000017c000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x80000001, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@textreal={0x8, &(0x7f0000ae4000)="3e0f001b66b9800000c00f326635010000000f30d88a45000f32b800018ec80f23b9360ff9c3662664f2addd8f0900f30f5805", 0x33}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}], 0x1) mmap(&(0x7f0000000000/0xae0000)=nil, 0xae0000, 0x3, 0x4d031, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 27.079310] kvm [5767]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000020 data 0x66c9000000041043 2017/08/11 21:15:12 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, 0xfe0, 0x9, 0x1, 0x0}, {0xdc97dc77cb2c6988, 0x1f007, 0xf, 0x0, 0x5, 0x5, 0x3ad0, 0xffff, 0x3, 0x80, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:12 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:12 executing program 1: mmap(&(0x7f0000000000/0xafa000)=nil, 0xafa000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffff9c, 0xae41, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r0, 0x4004ae8b, &(0x7f00007a1000-0x1004)={0x0, ""}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_MSRS(r0, 0x4008ae89, &(0x7f0000363000)={0x6, 0x0, [{0x20, 0x0, 0x536a}, {0x5, 0x0, 0x7ff}, {0x1, 0x0, 0x0}, {0x7, 0x0, 0x1f}, {0x8001, 0x0, 0x0}, {0x10000, 0x0, 0xe69}]}) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000afa000)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000adf000)=[@text64={0x40, &(0x7f000099d000-0x64)="b6c3f8e788595d2a1ba31779d22e2453ab6fe204d8cb17bc3c4ab8e3e0483b9931418b5c1612cb68cb1f08acd253883205213823efd610026d3b892f9ecf43c837882ddb41cb3a22a62644cc9081d865b5c7d6d371bfbc1b7da5ab28911fcb5667d0b08b", 0x64}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SIGNAL_MSI(r2, 0x4020aea5, &(0x7f0000afc000-0x20)={0xf000, 0x1f004, 0x6, 0x7, 0x81, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_CPUID(r0, 0x4008ae8a, &(0x7f0000afb000-0x50)={0x3, 0x0, [{0xd, 0x7491, 0x9, 0x800, 0x9, 0x0}, {0x0, 0x5, 0x0, 0x7, 0x1, 0x0}, {0xc0000000, 0x4, 0x9, 0x100000001, 0x4, 0x0}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_S390_INTERRUPT_CPU(r0, 0x4010ae94, &(0x7f0000af7000)={0x7fff, 0x2, 0x401}) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000515000)={0x4, r0, 0x1}) ioctl$KVM_GET_SREGS(r0, 0x8138ae83, &(0x7f00003e2000-0x138)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}) mremap(&(0x7f0000294000/0x2000)=nil, 0x2000, 0x4000, 0x2, &(0x7f00002da000/0x4000)=nil) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000a69000)=0x3) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000af8000)={0xa3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) ioctl$KVM_GET_LAPIC(r4, 0x8400ae8e, &(0x7f0000afa000-0x400)={"7b27d3b64a87e6025ecc0555dfc410dd938e993293cc09c27d286292559242c198873530f3c60f18ef51c5613edf4323f8c02f69d0fca2266076a7e7824d9c854de7052a853a2df7169f57b8d24b07462d8c98a9965a75e5072e7c97121fc3561ff57df693eb84143554a2274744dc0bb19d4aa4d9da2fb6fa49f5b30c909603304c6dc3b28e75bbcbaa615b98ffdfa9873e1096ad1dbe1a7e4fae37da09dd5590f92b6dd95b56d37f82c247d6984325f2099b25022eda8cb94c836f181c2b9e9adbe70ae00a0a938585cf20ee10c690446248cf1c6dc8691e1fbe78fc350b36339027f9cbaa7428a665cbf6d32770ba755c5aa04961ce450df4462516f93f56e7d9e97f4cb8ff0db7a861b51d7f5fc737d5dfa7de9648dc5bd0a4a92184ca87a4c29d8580dd5783946c7466da4c8750656d511a02060a91e1f80c697f07d7788081f68024b137abd634761f0c7765265877a1c1f71f2a1d6c98461cd4fdbbf33b141c45d35c51068e3dfac09c29275a3bd0a2e762b46561ddb7efc58bffaa72096a7577d17c8fd7aeb37f46ea59e1c866fc6dbeefad42d4125dd50f76c4aac46c3c9fe58e7cf6814df077d657720ee9dd91de440202d25e6274b0894319d72d76476eb493609942cc024ebee82dbeaff4d7315ffeb0439c0555ee95381c871f1d710c4f5c29fc917649c7a5279707f964d373d3982f7030b3876d7ecbf018181bde61e3db5ab8655bca7dafbd1334be07492318ecc65687c6e5d90797a614f1afef96f4d68ce2cd053e87ad3df58641776dbe64093d32f69fe67ae8a97a88ddf1d03bdbc0d70ec4fe0da6fcec1a8079aaedf03abcac161caa036d06a765e4e14e2b2deb48dd2289e972ed26e1e4da4e81d446af11dd1fcf2ff1cf5052dfeac0e1710195ad72cc55b3a2182da4ce23a33238d3457374a3f04d569b019486de2faf6b26f3f91da458736916a85b7d0ad85104e635400462feafca888af61bc82dde5a877230871607b3059bf8ce202488cac0ec478ec316948bc2b55a4e7f30effc619be3ed746b0f4767b1869418c50e5e2e08ba6d1b447be12480a1af05ec98f28f404c2fee03efb276cf44170f150a21b6046411b6e772b1de3995cbe9b2ce9aee530323f65adc0d9606c7175d365953f8beb3629ff500edc3b783e3492cb9d29f668a0e7d66d95b6add4d101934fd394b70843c8e1c1bb84532bcf62b716853946d3df3bcb9cec40cb98b85062d1cb62dd20b8291ba7d598e1b0faaab6c7f111e59c78d6961b33ca358aa9dda30502d338c039bb704ad4ebf0b98347c47a32429b8f7f6ab1f7925c375a778faad36a6502d1e12243a11f1ba86eaa5167146ec6d4ab992920bf03baa8b24b31e7504fe8042ea2695e9f3bfa2cb27f779922ef23f37bec41e9ac5470b09a0b3304797eb6a208a902f497e6c1c76284a3fdc31"}) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f000079c000/0x18000)=nil, &(0x7f0000635000-0x18)=[@textreal={0x8, &(0x7f00004b0000)="baf80c66b88ad9018466efbafc0cedb800068ee866b9800000c00f326635000100000f300f01c9ba430066b86e60e0c766ef670f01cf9c660f6e9a00000fbc6800f0306201", 0x45}], 0x1, 0x74, &(0x7f0000afa000-0x20)=[@efer={0x3, 0x1000}, @efer={0x3, 0x9800}], 0x2) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000417000/0x18000)=nil, &(0x7f0000491000)=[@textreal={0x8, &(0x7f0000afd000-0x3a)="0f08660f0e0f090f009a000866b8fe61b85b0f23d00f21f86635000000070f23f8f00fc749d63e0f005c072e67263e650f09360f070f011e9000", 0x3a}], 0x1, 0x48, &(0x7f0000ab5000)=[@vmwrite={0x8, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4, 0x0, 0x46a3}, @efer={0x2, 0x1001}], 0x2) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f0000afb000)={0x2, 0x0, [{0x40000000, 0xffffffffffffff4f, 0x6, 0x1, 0x3, 0x0}, {0x8000000f, 0x8fa, 0xc95e, 0x3, 0x5, 0x0}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2017/08/11 21:15:12 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002bd000)={0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000aed000)={0x7, r0, 0x0}) write$eventfd(r3, &(0x7f0000aed000)=0x200, 0x8) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) eventfd2(0x0, 0x800) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000aea000-0x18)={0x0, 0x0, []}) eventfd2(0x6, 0x800) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:12 executing program 5: mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x69032, 0xffffffffffffffff, 0xc700000000000000) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00006dc000)="2f6465762f6b766d00", 0x240000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f000084a000-0x70)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffff9c, 0xae41, 0x1) ioctl$KVM_GET_CPUID2(r2, 0xc008ae91, &(0x7f0000739000-0xa8)={0x4, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}]}) mmap(&(0x7f0000000000/0xaec000)=nil, 0xaec000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f000000f000-0x6)="2f6465762f6b766d00", 0x0, 0x0) mremap(&(0x7f0000765000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000c81000/0x4000)=nil) mmap(&(0x7f000000f000/0x1000)=nil, 0x1000, 0x2000005, 0x32, r3, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0xe42f) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f000000f000-0x6)="2f6465762f6b766d00", 0x402, 0x0) mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x2000001, 0x32, 0xffffffffffffffff, 0x0) read$eventfd(r1, &(0x7f0000f18000-0x8)=0x0, 0x8) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ff5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_REGS(r2, 0x8090ae81, &(0x7f0000ff6000-0x90)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) ioctl$KVM_GET_CLOCK(r1, 0x8030ae7c, &(0x7f0000dbe000-0x30)={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_ASSIGN_SET_INTX_MASK(0xffffffffffffffff, 0x4040aea4, &(0x7f0000aee000-0x14)={0x0, 0x0, 0x0, 0x0, 0x1000}) write$eventfd(r4, &(0x7f0000aed000-0x6)=0xffffffffffffffff, 0x8) mmap(&(0x7f0000ff5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ff6000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000ff7000-0xc)={0x3, r0, 0xfefda5193c7ce651}) mmap(&(0x7f0000ff6000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) read$eventfd(r5, &(0x7f0000ff7000-0x8)=0x0, 0x8) ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f0000ff5000)=0x1) ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f000005d000-0x10)={0x104000, 0x0, 0x0}) 2017/08/11 21:15:12 executing program 6: mmap(&(0x7f0000000000/0xafb000)=nil, 0xafb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000afb000-0x28)={0x400000000, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afd000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000afd000)={0x0, []}) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afe000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000aff000-0x98)={0x3, 0x0, [{0x7, 0x7, 0x0, 0x0, @irqchip={0x1, 0x1cab}}, {0x1, 0x3, 0x0, 0x0, @sint={0x75d, 0x200}}, {0x81, 0x0, 0x0, 0x0, @adapter={0x3, 0x7ff, 0x1, 0x6, 0x6}}]}) ioctl$KVM_GET_DEBUGREGS(r3, 0x8080aea1, &(0x7f0000afc000)={[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afd000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aff000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000aff000)={0x400, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000afd000)={0x7, 0x7}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00006b4000)=@ioapic={0x2, 0x0, 0x0, 0x4, 0x0, [{0x3, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0xe2, 0x5, 0x0, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x6, 0x0, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x1, 0x4, 0x3, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x5d9a, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x5, 0x2, 0x7f, [0x0, 0x0, 0x0, 0x0], 0x40}, {0x9, 0x3f, 0x1, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x9, 0x1, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x0, 0x9, 0x5, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x100000000, 0x6, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x80000000, 0x10001, 0x8, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x7fffffff, 0x9, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xfffffffffffffffc, 0x1, 0xffffffffffffffe1, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x3, 0x6, 0xe945, [0x0, 0x0, 0x0, 0x0], 0xfff}, {0xfffffffffffff135, 0x6, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x8001}, {0x5bd, 0x3f, 0x7ff, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x400, 0x4, 0x9, [0x0, 0x0, 0x0, 0x0], 0x5d1f}, {0x100, 0x7f, 0xfffffffffffff801, [0x0, 0x0, 0x0, 0x0], 0x8}, {0x5, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1e71}, {0x3, 0x6, 0x6, [0x0, 0x0, 0x0, 0x0], 0x5}]}) mmap(&(0x7f0000b00000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_INTERRUPT(r3, 0x4004ae86, &(0x7f0000b00000)=0x1) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000326000)={0x3f, 0x1}) 2017/08/11 21:15:12 executing program 5: mmap(&(0x7f0000000000/0xae3000)=nil, 0xae3000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) mmap(&(0x7f0000a6f000/0x6000)=nil, 0x6000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000ae3000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000ae3000)={0x2000, 0x100000, 0x0}) mmap(&(0x7f0000ae3000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000ae4000-0x68)={0x79, 0x0, [0x8a, 0x5103, 0xc100, 0x80200000000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000ae3000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r3 = eventfd2(0x8000, 0x80000) mmap(&(0x7f0000ae4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000ae5000-0x20)={0xbbcb4cbaeb7a4ffe, &(0x7f00001a5000-0x8)=0x0, 0x1, r3, 0x2}) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) mmap(&(0x7f000083d000/0x2000)=nil, 0x2000, 0x3, 0x10, r4, 0x800000) mmap(&(0x7f0000ae4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000ae5000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_INTERRUPT(r5, 0x4004ae86, &(0x7f0000411000-0x4)=0x7b) ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x2) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff}) syz_kvm_setup_cpu$x86(r1, r5, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@textreal={0x8, &(0x7f0000ae4000)="3e0f001b66b9800000c00f326635010000000f30d88a45000f32b800018ec80f23b9360ff9c3662664f2addd8f0900f30f5805", 0x33}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @vmwrite={0x8, 0x0, 0x0, 0x0, 0x8, 0x0, 0x4, 0x0, 0x6}], 0x2) ioctl$KVM_RUN(r5, 0xae80, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000671000-0x10)={0x1ff, 0x0, &(0x7f0000474000/0x2000)=nil}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00002a8000)={0x6, r6, 0x0}) ioctl$KVM_DEASSIGN_DEV_IRQ(r7, 0x4040ae75, &(0x7f00008e2000+0x9c0)={0x3ff, 0x5, 0xfffffffffffffff8, 0x3fc}) [ 27.130131] kvm [5767]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000020 data 0x66c9000000061043 2017/08/11 21:15:12 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0xfe0, 0x9, 0x1, 0x0}, {0xdc97dc77cb2c6988, 0x1f007, 0xf, 0x0, 0x5, 0x5, 0x3ad0, 0xffff, 0x3, 0x80, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:12 executing program 4: mmap(&(0x7f0000000000/0xaf7000)=nil, 0xaf7000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af7000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000af7000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000adf000)=[@text64={0x40, &(0x7f000099d000-0x64)="b6c3f8e788595d2a1ba31779d22e2453ab6fe204d8cb17bc3c4ab8e3e0483b9931418b5c1612cb68cb1f08acd253883205213823efd610026d3b892f9ecf43c837882ddb41cb3a22a62644cc0f01c981d865b5c7d6d371bfbc1b7da5ab28911fcb5667d0b08b", 0x66}], 0x1, 0x4000000000000042, &(0x7f0000aeb000+0x7dc)=[@vmwrite={0x8, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2, 0x0, 0x400}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000273000/0x14000)=nil, 0x14000, 0x0, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f000058c000)={{0xf000, 0x0, 0x0, 0x0, 0x7, 0x200, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x100000000, 0x0}, {0x0, 0x0, 0xfffffffffffffffc, 0x7, 0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x101, 0xafe, 0x7, 0x7b, 0x0, 0x0}, {0x12000, 0x0, 0x0, 0x1, 0x8001, 0x46f, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb1, 0x0}, {0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0}, {0x4004, 0x1000, 0x0, 0x0, 0x2, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x106000, 0x0, 0x7, 0x962, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0xec5, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x2, 0xb00, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9, 0x0}, {0xf000, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x5100, 0xffffffffffffffff, [0x0, 0x0, 0x0, 0x3]}) mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x3) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:12 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:12 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002bd000)={0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000aed000)={0x7, r0, 0x0}) write$eventfd(r3, &(0x7f0000aed000)=0x200, 0x8) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) eventfd2(0x0, 0x800) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000aea000-0x18)={0x0, 0x0, []}) eventfd2(0x6, 0x800) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:12 executing program 6: mmap(&(0x7f0000000000/0xafb000)=nil, 0xafb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000afb000-0x28)={0x400000000, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afd000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000afd000)={0x0, []}) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afe000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000aff000-0x98)={0x3, 0x0, [{0x7, 0x7, 0x0, 0x0, @irqchip={0x1, 0x1cab}}, {0x1, 0x3, 0x0, 0x0, @sint={0x75d, 0x200}}, {0x81, 0x0, 0x0, 0x0, @adapter={0x3, 0x7ff, 0x1, 0x6, 0x6}}]}) ioctl$KVM_GET_DEBUGREGS(r3, 0x8080aea1, &(0x7f0000afc000)={[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afd000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aff000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000aff000)={0x400, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000afd000)={0x7, 0x7}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00006b4000)=@ioapic={0x2, 0x0, 0x0, 0x4, 0x0, [{0x3, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0xe2, 0x5, 0x0, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x6, 0x0, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x1, 0x4, 0x3, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x5d9a, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x5, 0x2, 0x7f, [0x0, 0x0, 0x0, 0x0], 0x40}, {0x9, 0x3f, 0x1, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x9, 0x1, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x0, 0x9, 0x5, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x100000000, 0x6, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x80000000, 0x10001, 0x8, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x7fffffff, 0x9, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xfffffffffffffffc, 0x1, 0xffffffffffffffe1, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x3, 0x6, 0xe945, [0x0, 0x0, 0x0, 0x0], 0xfff}, {0xfffffffffffff135, 0x6, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x8001}, {0x5bd, 0x3f, 0x7ff, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x400, 0x4, 0x9, [0x0, 0x0, 0x0, 0x0], 0x5d1f}, {0x100, 0x7f, 0xfffffffffffff801, [0x0, 0x0, 0x0, 0x0], 0x8}, {0x5, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1e71}, {0x3, 0x6, 0x6, [0x0, 0x0, 0x0, 0x0], 0x5}]}) mmap(&(0x7f0000b00000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_INTERRUPT(r3, 0x4004ae86, &(0x7f0000b00000)=0x1) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000326000)={0x3f, 0x1}) 2017/08/11 21:15:12 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x637}) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00009c7000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0b0800000000000000001ccb1007655a4f7410ae2abb2a1756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac477f1ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f79420c7ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269e787224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77615cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3520baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624bd6bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f000026f000)={0x0, 0xdf, 0x8, &(0x7f00009f0000-0x8)=0x0}) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000af0000-0x8)={0x1, 0x6}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000af4000)={0x8097, 0x10001}) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000394000-0x14)={0x0, 0x0, 0x7ff, 0x0, 0x0}) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000af5000-0x68)={0x4, 0x0, [{0xc0000001, 0x7, 0x8, 0x2a, 0x5, 0x0}, {0x8000000b, 0x1, 0x25, 0xfffffffffffffe00, 0x80000000, 0x0}, {0xb, 0x3, 0x80000000, 0x4, 0x2e, 0x0}, {0x1, 0x2, 0x5, 0xd7fb, 0x6, 0x0}]}) 2017/08/11 21:15:12 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfe0, 0x9, 0x1, 0x0}, {0xdc97dc77cb2c6988, 0x1f007, 0xf, 0x0, 0x5, 0x5, 0x3ad0, 0xffff, 0x3, 0x80, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 27.180924] *** Guest State *** [ 27.181323] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 27.182294] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 27.183479] CR3 = 0x0000000000002000 [ 27.183868] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 27.184892] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 27.185116] kvm [5827]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000020 data 0x66c9000000031043 [ 27.186761] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 27.187461] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.188868] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.190063] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 27.191031] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 27.192065] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.192894] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.194108] GDTR: limit=0x00000004, base=0x0000000000000000 [ 27.194897] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 27.196168] IDTR: limit=0x00000000, base=0x0000000000000001 [ 27.197430] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 27.198628] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 27.199442] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 27.200751] BndCfgS = 0x0000000000000000 [ 27.201594] Interruptibility = 00000008 ActivityState = 00000000 [ 27.202277] *** Host State *** [ 27.202890] RIP = 0xffffffff811b6777 RSP = 0xffff88003ad5f4c8 [ 27.203754] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 27.204974] FSBase=00007f4c3a973700 GSBase=ffff88003fc00000 TRBase=ffff88003fc22cc0 [ 27.205794] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 27.206669] CR0=0000000080050033 CR3=0000000067d1f000 CR4=00000000000026f0 [ 27.207378] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 27.208102] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 27.209314] *** Control State *** [ 27.209757] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 27.210465] EntryControls=0001d1ff ExitControls=00afefff [ 27.211187] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 27.211911] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 27.212602] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 27.213449] reason=80000021 qualification=0000000000000000 [ 27.214159] IDTVectoring: info=00000000 errcode=00000000 [ 27.214526] kvm [5827]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000020 data 0x66c9000000031043 [ 27.215955] TSC Offset = 0xffffffe731c3a504 [ 27.216491] EPT pointer = 0x000000003d8f201e [ 27.217156] Virtual processor ID = 0x0583 2017/08/11 21:15:12 executing program 6: mmap(&(0x7f0000000000/0xafb000)=nil, 0xafb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000afb000-0x28)={0x400000000, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afd000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000afd000)={0x0, []}) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afe000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000aff000-0x98)={0x3, 0x0, [{0x7, 0x7, 0x0, 0x0, @irqchip={0x1, 0x1cab}}, {0x1, 0x3, 0x0, 0x0, @sint={0x75d, 0x200}}, {0x81, 0x0, 0x0, 0x0, @adapter={0x3, 0x7ff, 0x1, 0x6, 0x6}}]}) ioctl$KVM_GET_DEBUGREGS(r3, 0x8080aea1, &(0x7f0000afc000)={[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afd000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aff000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000aff000)={0x400, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000afd000)={0x7, 0x7}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00006b4000)=@ioapic={0x2, 0x0, 0x0, 0x4, 0x0, [{0x3, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0xe2, 0x5, 0x0, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x6, 0x0, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x1, 0x4, 0x3, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x5d9a, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x5, 0x2, 0x7f, [0x0, 0x0, 0x0, 0x0], 0x40}, {0x9, 0x3f, 0x1, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x9, 0x1, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x0, 0x9, 0x5, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x100000000, 0x6, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x80000000, 0x10001, 0x8, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x7fffffff, 0x9, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xfffffffffffffffc, 0x1, 0xffffffffffffffe1, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x3, 0x6, 0xe945, [0x0, 0x0, 0x0, 0x0], 0xfff}, {0xfffffffffffff135, 0x6, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x8001}, {0x5bd, 0x3f, 0x7ff, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x400, 0x4, 0x9, [0x0, 0x0, 0x0, 0x0], 0x5d1f}, {0x100, 0x7f, 0xfffffffffffff801, [0x0, 0x0, 0x0, 0x0], 0x8}, {0x5, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1e71}, {0x3, 0x6, 0x6, [0x0, 0x0, 0x0, 0x0], 0x5}]}) mmap(&(0x7f0000b00000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_INTERRUPT(r3, 0x4004ae86, &(0x7f0000b00000)=0x1) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000326000)={0x3f, 0x1}) 2017/08/11 21:15:12 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, 0x0}, {0xdc97dc77cb2c6988, 0x1f007, 0xf, 0x0, 0x5, 0x5, 0x3ad0, 0xffff, 0x3, 0x80, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:12 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:12 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x637}) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00009c7000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0b0800000000000000001ccb1007655a4f7410ae2abb2a1756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac477f1ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f79420c7ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269e787224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77615cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3520baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624bd6bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f000026f000)={0x0, 0xdf, 0x8, &(0x7f00009f0000-0x8)=0x0}) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000af0000-0x8)={0x1, 0x6}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000af4000)={0x8097, 0x10001}) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000394000-0x14)={0x0, 0x0, 0x7ff, 0x0, 0x0}) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000af5000-0x68)={0x4, 0x0, [{0xc0000001, 0x7, 0x8, 0x2a, 0x5, 0x0}, {0x8000000b, 0x1, 0x25, 0xfffffffffffffe00, 0x80000000, 0x0}, {0xb, 0x3, 0x80000000, 0x4, 0x2e, 0x0}, {0x1, 0x2, 0x5, 0xd7fb, 0x6, 0x0}]}) [ 27.246437] *** Guest State *** [ 27.246709] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 27.247551] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 27.248181] CR3 = 0x0000000000002000 [ 27.248522] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 27.248946] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 27.249395] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 27.251231] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.251914] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.252596] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 27.253219] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 27.253856] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.254508] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.255478] GDTR: limit=0x00000004, base=0x0000000000000000 [ 27.256263] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 27.257078] IDTR: limit=0x00000000, base=0x0000000000000001 [ 27.257689] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 27.258300] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 27.259338] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 27.259946] BndCfgS = 0x0000000000000000 [ 27.260345] Interruptibility = 00000008 ActivityState = 00000000 [ 27.260989] *** Host State *** [ 27.261312] RIP = 0xffffffff811b6777 RSP = 0xffff88003ad5f4c8 [ 27.262250] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 27.262884] FSBase=00007f4c3a973700 GSBase=ffff88003fd00000 TRBase=ffff88003fd22cc0 [ 27.263720] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 [ 27.264360] CR0=0000000080050033 CR3=0000000066e2c000 CR4=00000000000026e0 [ 27.265060] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 27.265733] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 27.266751] *** Control State *** [ 27.267165] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 27.267835] EntryControls=0001d1ff ExitControls=00afefff [ 27.268567] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 27.269314] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 27.269993] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 27.270667] reason=80000021 qualification=0000000000000000 [ 27.271322] IDTVectoring: info=00000000 errcode=00000000 [ 27.271880] TSC Offset = 0xffffffe72487fb8e [ 27.272333] EPT pointer = 0x000000003be2901e [ 27.272767] Virtual processor ID = 0x057c [ 27.278766] kvm [5863]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000020 data 0x66c9000000051043 2017/08/11 21:15:12 executing program 5: mmap(&(0x7f0000000000/0xafb000)=nil, 0xafb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000910000)={0x2, 0x1, 0x2000, 0x1000, &(0x7f0000a21000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a1f000/0x18000)=nil, &(0x7f00001f5000)=[@text16={0x10, &(0x7f0000ac5000)="6764660fddf4360f005edd0f01c8f30f5ed366b9800000c00f326635004000000f3066b89be773ae0f23d80f21f86635c00000c00f23f80f01d1807f10216766c7442400000000006766c7442402003800006766c744240600000000670f011424660fd418", 0x65}], 0x1, 0x12, &(0x7f000007d000)=[], 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000afb000)={0x400000000, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text64={0x40, &(0x7f000099d000-0x64)="b6c3f8e788595dc51ba31779d22e2453ab6fe204d8cb17bc3c4ab8e3e0483b9931418b5c1612cb68cb1f08acd613883205213823efd610026d3b892f9ecf43c837882ddb41cb3a22a62644cc9081d865b5c7d6d371bfbc1b7da5ab28911fcb5667d0b08b", 0x64}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00006b4000)=@ioapic={0x2, 0x0, 0x0, 0x4, 0x0, [{0x3, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0xe2, 0x5, 0x0, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x6, 0x0, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x1, 0x4, 0x3, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x5d9a, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x5, 0x2, 0x7f, [0x0, 0x0, 0x0, 0x0], 0x40}, {0x9, 0x3f, 0x1, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x9, 0x1, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x0, 0x9, 0x5, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x100000000, 0x6, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x80000000, 0x10001, 0x8, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x7fffffff, 0x9, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xfffffffffffffffc, 0x1, 0xffffffffffffffe1, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x3, 0x6, 0xe945, [0x0, 0x0, 0x0, 0x0], 0xfff}, {0xfffffffffffff135, 0x6, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x8001}, {0x5bd, 0x3f, 0x7ff, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x400, 0x4, 0x9, [0x0, 0x0, 0x0, 0x0], 0x5d1f}, {0x100, 0x7f, 0xfffffffffffff801, [0x0, 0x0, 0x0, 0x0], 0x8}, {0x5, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1e71}, {0x3, 0x6, 0x6, [0x0, 0x0, 0x0, 0x0], 0x5}]}) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000326000)={0x3f, 0x1}) 2017/08/11 21:15:12 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002bd000)={0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000aed000)={0x7, r0, 0x0}) write$eventfd(r3, &(0x7f0000aed000)=0x200, 0x8) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) eventfd2(0x0, 0x800) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000aea000-0x18)={0x0, 0x0, []}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:12 executing program 1: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000961000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f000048a000-0x6b)="b90401004066b84710000000d0d5ba00000000003052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d2667675836f2a5f2a5d8c4e25d0d353f7500000f228b58580f070f01b102000000", 0x6b}], 0x1, 0x3, &(0x7f0000af3000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000af3000)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x0}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000311000/0x18000)=nil, &(0x7f00006cb000-0x18)=[@text32={0x20, &(0x7f0000af0000)="b9800000c00f3235010000000f30660febb13600c0fe0f01c8660f38812ff30f1077ac0fc7a80f000000c4c17e7ff5f4f4660f38805f84", 0x37}], 0x1, 0x0, &(0x7f0000af0000)=[], 0x0) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00000ab000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0bcfc300bc75ce5da3001ccb1007655a4f7410ae2abb351756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac4b348ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f7942061ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269bd87224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77c75cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3528baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624e76bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f000026f000)={0x0, 0xdf, 0x8, &(0x7f00009f0000-0x8)=0x0}) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000af0000-0x8)={0x1, 0x9}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000394000-0x14)={0x0, 0x0, 0x7ff, 0x0, 0x0}) mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f000042b000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 2017/08/11 21:15:12 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, {0xdc97dc77cb2c6988, 0x1f007, 0xf, 0x0, 0x5, 0x5, 0x3ad0, 0xffff, 0x3, 0x80, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:12 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:12 executing program 4: mmap(&(0x7f0000000000/0x2f000)=nil, 0x2f000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000002c000)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd2(0x0, 0x0) r3 = eventfd2(0x0, 0x1) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000026000-0x20)={r2, 0x0, 0x0, r2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f000002f000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f000000a000)={0x0, 0x0, [0x0, 0x8, 0x3, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000012000)={0x79, 0x0, [0x0, 0x6, 0x8000, 0x8], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000030000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000031000-0x10)={0x5000, 0x100000, 0x0}) read$eventfd(r2, &(0x7f000002f000)=0x0, 0x8) mmap(&(0x7f0000030000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000030000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000031000-0xce)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") read$eventfd(r2, &(0x7f000002e000-0x8)=0x0, 0x8) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000030000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000030000)={0x391, 0x453, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000031000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000031000)={0x0, 0x0, []}) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f0000032000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f0000032000)={0x2, 0x0, [{0x80000000, 0x80000000, 0x1ff, 0x8001, 0x3, 0x0}, {0x0, 0x6, 0x2, 0x3e22, 0xfffffffffffffff8, 0x0}]}) ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f000002d000)={r2, 0x2007, 0x0, r3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000032000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) write$eventfd(r2, &(0x7f0000033000-0x8)=0x401, 0x8) mmap(&(0x7f0000031000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000018000-0x20)={0x10001, 0x2, 0x0, 0x1000, &(0x7f000001e000/0x1000)=nil}) ioctl$KVM_ASSIGN_SET_MSIX_NR(r4, 0x4008ae73, &(0x7f0000031000)={0x7, 0x10001}) 2017/08/11 21:15:12 executing program 6: mmap(&(0x7f0000000000/0xafb000)=nil, 0xafb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000afb000-0x28)={0x400000000, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afd000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000afd000)={0x0, []}) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afe000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000aff000-0x98)={0x3, 0x0, [{0x7, 0x7, 0x0, 0x0, @irqchip={0x1, 0x1cab}}, {0x1, 0x3, 0x0, 0x0, @sint={0x75d, 0x200}}, {0x81, 0x0, 0x0, 0x0, @adapter={0x3, 0x7ff, 0x1, 0x6, 0x6}}]}) ioctl$KVM_GET_DEBUGREGS(r3, 0x8080aea1, &(0x7f0000afc000)={[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afd000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aff000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000aff000)={0x400, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000afd000)={0x7, 0x7}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00006b4000)=@ioapic={0x2, 0x0, 0x0, 0x4, 0x0, [{0x3, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0xe2, 0x5, 0x0, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x6, 0x0, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x1, 0x4, 0x3, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x5d9a, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x5, 0x2, 0x7f, [0x0, 0x0, 0x0, 0x0], 0x40}, {0x9, 0x3f, 0x1, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x9, 0x1, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x0, 0x9, 0x5, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x100000000, 0x6, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x80000000, 0x10001, 0x8, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x7fffffff, 0x9, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xfffffffffffffffc, 0x1, 0xffffffffffffffe1, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x3, 0x6, 0xe945, [0x0, 0x0, 0x0, 0x0], 0xfff}, {0xfffffffffffff135, 0x6, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x8001}, {0x5bd, 0x3f, 0x7ff, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x400, 0x4, 0x9, [0x0, 0x0, 0x0, 0x0], 0x5d1f}, {0x100, 0x7f, 0xfffffffffffff801, [0x0, 0x0, 0x0, 0x0], 0x8}, {0x5, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1e71}, {0x3, 0x6, 0x6, [0x0, 0x0, 0x0, 0x0], 0x5}]}) mmap(&(0x7f0000b00000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_INTERRUPT(r3, 0x4004ae86, &(0x7f0000b00000)=0x1) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000326000)={0x3f, 0x1}) [ 27.318235] kvm [5863]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000020 data 0x66c9000000041043 2017/08/11 21:15:12 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x637}) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00009c7000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0b0800000000000000001ccb1007655a4f7410ae2abb2a1756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac477f1ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f79420c7ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269e787224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77615cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3520baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624bd6bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f000026f000)={0x0, 0xdf, 0x8, &(0x7f00009f0000-0x8)=0x0}) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000af0000-0x8)={0x1, 0x6}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000af4000)={0x8097, 0x10001}) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000394000-0x14)={0x0, 0x0, 0x7ff, 0x0, 0x0}) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000af5000-0x68)={0x4, 0x0, [{0xc0000001, 0x7, 0x8, 0x2a, 0x5, 0x0}, {0x8000000b, 0x1, 0x25, 0xfffffffffffffe00, 0x80000000, 0x0}, {0xb, 0x3, 0x80000000, 0x4, 0x2e, 0x0}, {0x1, 0x2, 0x5, 0xd7fb, 0x6, 0x0}]}) [ 27.343261] *** Guest State *** [ 27.343529] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 27.344190] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 27.344776] CR3 = 0x0000000000002000 [ 27.345047] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 27.345473] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 27.345876] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 27.346383] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.347054] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.347762] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 27.348780] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.349390] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.350078] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.350662] GDTR: limit=0x00000004, base=0x0000000000000000 [ 27.351473] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 27.352072] IDTR: limit=0x00000000, base=0x0000000000000001 [ 27.352688] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 27.353315] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 27.353794] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 27.354331] BndCfgS = 0x0000000000000000 [ 27.354623] Interruptibility = 00000008 ActivityState = 00000000 [ 27.355088] *** Host State *** [ 27.355317] RIP = 0xffffffff811b6777 RSP = 0xffff88003b1bf4c8 [ 27.355734] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 27.356223] FSBase=00007f4c3a973700 GSBase=ffff88003fd00000 TRBase=ffff88003fd22cc0 [ 27.356772] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 [ 27.357200] CR0=0000000080050033 CR3=00000000548f0000 CR4=00000000000026e0 [ 27.357718] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 27.358206] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 27.358649] *** Control State *** [ 27.359129] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 27.359734] EntryControls=0001d1ff ExitControls=00afefff [ 27.360191] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 27.361388] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 27.361850] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 27.363314] reason=80000021 qualification=0000000000000000 [ 27.363902] IDTVectoring: info=00000000 errcode=00000000 [ 27.364414] TSC Offset = 0xffffffe710a99276 [ 27.364724] EPT pointer = 0x000000003ac7301e [ 27.365313] Virtual processor ID = 0x0595 2017/08/11 21:15:12 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000afb000-0x28)={0x400000000, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000afd000)={0x0, []}) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000aff000-0x98)={0x3, 0x0, [{0x7, 0x7, 0x0, 0x0, @irqchip={0x1, 0x1cab}}, {0x1, 0x3, 0x0, 0x0, @sint={0x75d, 0x200}}, {0x81, 0x0, 0x0, 0x0, @adapter={0x3, 0x7ff, 0x1, 0x6, 0x6}}]}) ioctl$KVM_GET_DEBUGREGS(r3, 0x8080aea1, &(0x7f0000afc000)={[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000aff000)={0x400, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000afd000)={0x7, 0x7}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00006b4000)=@ioapic={0x2, 0x0, 0x0, 0x4, 0x0, [{0x3, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0xe2, 0x5, 0x0, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x6, 0x0, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x1, 0x4, 0x3, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x5d9a, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x5, 0x2, 0x7f, [0x0, 0x0, 0x0, 0x0], 0x40}, {0x9, 0x3f, 0x1, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x9, 0x1, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x0, 0x9, 0x5, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x100000000, 0x6, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x80000000, 0x10001, 0x8, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x7fffffff, 0x9, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xfffffffffffffffc, 0x1, 0xffffffffffffffe1, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x3, 0x6, 0xe945, [0x0, 0x0, 0x0, 0x0], 0xfff}, {0xfffffffffffff135, 0x6, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x8001}, {0x5bd, 0x3f, 0x7ff, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x400, 0x4, 0x9, [0x0, 0x0, 0x0, 0x0], 0x5d1f}, {0x100, 0x7f, 0xfffffffffffff801, [0x0, 0x0, 0x0, 0x0], 0x8}, {0x5, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1e71}, {0x3, 0x6, 0x6, [0x0, 0x0, 0x0, 0x0], 0x5}]}) ioctl$KVM_INTERRUPT(r3, 0x4004ae86, &(0x7f0000b00000)=0x1) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000326000)={0x3f, 0x1}) 2017/08/11 21:15:12 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0xdc97dc77cb2c6988, 0x1f007, 0xf, 0x0, 0x5, 0x5, 0x3ad0, 0xffff, 0x3, 0x80, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:12 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002bd000)={0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000aed000)={0x7, r0, 0x0}) write$eventfd(r3, &(0x7f0000aed000)=0x200, 0x8) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) eventfd2(0x0, 0x800) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 27.385494] irq bypass consumer (token ffff88006dc48100) registration fails: -16 2017/08/11 21:15:12 executing program 5: mmap(&(0x7f0000000000/0xafb000)=nil, 0xafb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000afc000-0xc)={0x2, 0xffffffffffffffff, 0x0}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000afb000)={0x6, 0xffffffffffffff9c, 0x0}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f000086b000/0x18000)=nil, &(0x7f0000afc000)=[@textreal={0x8, &(0x7f0000500000)="f08287df007c0f41870d000f015c0e0fc7af20a7baf80c66b86109bb8666efbafc0cecbaf80c66b859b7458666efbafc0cb0c5ee0f01c9baf80c66b8dc12428c66efbafc0c66b80000000066efb8e7098ec00f20c06635100000000f22c0", 0x5e}], 0x1, 0xb1b0391779620f2f, &(0x7f0000afc000-0x20)=[], 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000688000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SIGNAL_MSI(r3, 0x4020aea5, &(0x7f000000b000)={0x1000, 0x4000, 0x8, 0xf40, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_TSS_ADDR(r3, 0xae47, 0x0) ioctl$KVM_ENABLE_CAP(r3, 0x4068aea3, &(0x7f0000af5000)={0x79, 0x0, [0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f00005a6000/0x18000)=nil, &(0x7f00000b3000-0x18)=[@text32={0x20, &(0x7f0000afb000)="b805000000b9000000000f01d9440f20c0350b000000440f22c00fae6f00660f38817d3166ba4000b8b7e39812efc744240000000000c7442402b3ea0000c7442406000000000f011424670f011f0fc71866bad10466edf20f1c19", 0x5b}], 0x1, 0x1, &(0x7f0000549000)=[], 0x0) r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) mmap(&(0x7f0000000000/0xd000)=nil, 0xd000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mlock2(&(0x7f0000007000/0x2000)=nil, 0x2000, 0x0) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEBUGREGS(r5, 0x4080aea2, &(0x7f0000afc000-0x80)={[0x5000, 0x3000, 0xf005, 0x0], 0x681ae888, 0xfffffffffffffffe, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mprotect(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x4) mbind(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x3, &(0x7f000000d000-0x8)=0x8abc, 0x9, 0x1) mlock2(&(0x7f0000006000/0x2000)=nil, 0x2000, 0x1) ioctl$KVM_INTERRUPT(r5, 0x4004ae86, &(0x7f0000221000)=0x100000001) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00005d2000)={0x0, 0x2, 0x1000, 0x2000, &(0x7f000062d000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000007000/0x18000)=nil, &(0x7f0000022000-0x18)=[@textreal={0x8, &(0x7f0000af1000-0x6b)="b862038ee866b8fdffffff0f23d00f21f866350000000a0f23f80f213666b8c0cfc3810f23d00f21f866351000000e0f23f836660f2acb26660f380292a284dfa164e466b9800000c00f326635000400000f30baf80c66b84b501d8766efbafc0cb099eeba6100b8e13aef", 0x6b}], 0x1, 0x0, &(0x7f0000021000)=[@cr0={0x0, 0x10000}], 0x1) ioctl$KVM_RUN(r5, 0xae80, 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_S390_VCPU_FAULT(r5, 0x4008ae52, &(0x7f0000afc000)=0xffffffffffff7fff) 2017/08/11 21:15:12 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 27.394114] kvm [5898]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000020 data 0x66c9000000071043 [ 27.406497] *** Guest State *** [ 27.406757] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 2017/08/11 21:15:12 executing program 1: mmap(&(0x7f0000000000/0xaf8000)=nil, 0xaf8000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x4, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f00000ca000+0x1b9)={0x74, 0x0, [0x1, 0xb9c, 0x6, 0x6], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000ae8000-0x48)={0x70003, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff000000]}) ioctl$KVM_SET_XSAVE(r2, 0x5000aea5, &(0x7f00001c7000-0x400)={"857a6b28ea19a822f85c9c0b9c92389419b54e33c2ecc6889b129c1ccc27d95b563921f5a1484bbd1fa6c720aa8eb159b13b5f7b4a1d756cae613e3518108ce96617254ceeb63f4aef6b76f632bbadbc746f641544ef94d6b9336c98aea3b684e9433efce197f1cea3c46ca0219d90fe155a2fde52259ac9a2936bc7b4dacfea210427fb81b4fbae0827530b506079f7711d0b73515fd44ccf391a5e00ab0a461a0df035b4278fdce8806341e914dc275a6964b4c44a1d23ce87cbbe864b317f3aa67a781bd98d9c5cf4c6dc6b788da8f653f3f543c1de6a62198fdd0d5f95a5589927fd0022ff1963953462f97802b369d36313fea01bf46e7553f4ba5278ffc56582b3908fda73de8c32e7dde63d9d699336f984fa42761f781b0d0dd28ba3f159505c51a4843a537bd10779719db8cd6c2d13a16fcec69ebda2c357960da19ba4745100d9f014ea3f81273231ac8a68cfc8f64a08ba82451f391fb58b2c1d4af6834761905b7a571b3df0189706c9be94e196c4e889ec05c0e2be58ec7d0180ab1d95798ae5e73ebd56bbb527fe607428d63f46a22600bdd600cfe87b6672e7b3d3e1015125e5a08eec9439d7f30f8596216b47125a4b6b9b26c5a5e5ce2a42fa830686a341367241dc8bd1ff4aa0c244913c5b766f6edf846b4d13b5cdea8d912b54b0e9a68c90eb21dd8b96eab025595722bdfa9baf0dd2120a78c89ea9fd24c9d46ad85ce2f7bfd4bea9350b7be383669c4ad5e213a475bfac205edfa6a3088a5a043459db6d66a4cf91960932ee225da497b2e1928a11fcfee8946f6ab508af72c637881c063d1df8cf7c8b6f11f65e5b17242dc860278787a383fb3105d3f8b20ff32bb2dfe12bd5b1ee1f45d2992a45332819f78df4370a17f2f25d03e08983de0fa5a893cce08c4c09462f3de02667b2eff794487cf26fcc421165779a75c4f686ed156b33cd328b9538dbe14cc918d09527de180c279b38f05cdc53c492020239e0fe10d83b486335e4e38472d8d62b206ce3c9dd089065a0e96ca5ea3f13f157257796338fbbae8dad3f0798057db4843575c5ab49218996dc05bd158f0c4a4dd6832f7014fc1f54eff81361d88d1e87fb2b6ac27d5a09dbb546215dfc8175d7723f086a512b24ad07d5f997fdcd1ce29fbcf4fc44b22f273b61cc16205dc797cc4427bf74f576eb47d83d181bae13e22cf6925931d84a487c51d493a9eeeaf1980c54920f646ee12164c53bcd7dad526a4b2afaee38a83c92119f23f57beab8626d735efbb17bb4aac0ca30f32bf3add64466359038235aabe1d3b1312641a203e1d3caa424a078cd79343f90c0cdb0083335a55383beb7b283d164932aa92c107ffa56fd40333eb91a70355a57ea8c25e6bef3969434e136658fa10752611108aaa02099beb764005e947c2a86b51758e24e96037737140095"}) mbind(&(0x7f00007e6000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000af4000)=0x14001, 0x100000000, 0x4) eventfd2(0x0, 0x801) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, &(0x7f0000af3000)=0x10002) ioctl$KVM_GET_DEBUGREGS(r2, 0x8080aea1, &(0x7f000079d000-0x80)={[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_FPU(r2, 0x81a0ae8c, &(0x7f0000af5000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00008ba000/0x18000)=nil, &(0x7f000029f000)=[@text32={0x20, &(0x7f0000af7000-0x38)="0f38f1650166ba6100b800000000ef0f205d3e0f07f30f1ae40f320f090f0096090000000f00d0b93b0b0000b804000000ba000000000f30", 0x38}], 0x1, 0x0, &(0x7f00007bc000)=[], 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f00004b1000/0x18000)=nil, &(0x7f0000ae7000-0x18)=[@text16={0x10, &(0x7f0000af8000-0x52)="670f059d66b8b3ca00000f23c00f21f86635030000000f23f80f300f00153c76672e660f74c4baf80c66b8646e618766efbafc0cb06aee66b8005000000f23c80f21f866350c0010000f23f8b814000f00d8", 0x52}], 0x1, 0x0, &(0x7f0000aea000)=[], 0x0) mmap(&(0x7f0000af8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000664000)={0x0, 0x1, 0x7fffffff, &(0x7f0000784000)=0x0}) ioctl$KVM_ASSIGN_PCI_DEVICE(r1, 0x8040ae69, &(0x7f0000226000)={0x3b32eaca, 0x10001, 0x7fff, 0x7, 0x4}) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000af8000)={0x5, 0xfffffffffffff755, 0x5, 0x1, 0xfffffffffffffff8}) mmap(&(0x7f0000af9000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000af9000)="2f6465762f6b766d00", 0x600, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000afa000)={0x0, 0x0, []}) ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0x1) [ 27.409003] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 27.409626] CR3 = 0x0000000000002000 [ 27.409870] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 27.410345] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 27.410739] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 27.411244] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.412141] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.412913] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 27.413542] ES: sel=0x0000, attr=0x00081, limit=0x00000000, base=0x0000000000000000 [ 27.414094] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.414660] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.415214] GDTR: limit=0x00000004, base=0x0000000000000000 [ 27.415819] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 27.416359] IDTR: limit=0x00000000, base=0x0000000000000001 [ 27.416918] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 27.417480] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 27.417899] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 27.418445] BndCfgS = 0x0000000000000000 2017/08/11 21:15:12 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1f007, 0xf, 0x0, 0x5, 0x5, 0x3ad0, 0xffff, 0x3, 0x80, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 27.419243] Interruptibility = 00000008 ActivityState = 00000000 [ 27.419981] *** Host State *** [ 27.420247] RIP = 0xffffffff811b6777 RSP = 0xffff88003a4c74c8 [ 27.420699] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 27.421241] FSBase=00007f4c3a973700 GSBase=ffff88003fd00000 TRBase=ffff88003fd22cc0 [ 27.421819] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 [ 27.422355] CR0=0000000080050033 CR3=000000006b4a9000 CR4=00000000000026e0 [ 27.422895] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 27.423461] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 27.423916] *** Control State *** [ 27.424205] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 27.424759] EntryControls=0001d1ff ExitControls=00afefff [ 27.425202] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 27.425687] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 27.426592] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 27.427168] reason=80000021 qualification=0000000000000000 [ 27.427638] IDTVectoring: info=00000000 errcode=00000000 [ 27.427993] TSC Offset = 0xffffffe703d3a842 [ 27.428389] EPT pointer = 0x000000003a74601e [ 27.428721] Virtual processor ID = 0x0523 2017/08/11 21:15:13 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000afb000-0x28)={0x400000000, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000afd000)={0x0, []}) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000aff000-0x98)={0x3, 0x0, [{0x7, 0x7, 0x0, 0x0, @irqchip={0x1, 0x1cab}}, {0x1, 0x3, 0x0, 0x0, @sint={0x75d, 0x200}}, {0x81, 0x0, 0x0, 0x0, @adapter={0x3, 0x7ff, 0x1, 0x6, 0x6}}]}) ioctl$KVM_GET_DEBUGREGS(r3, 0x8080aea1, &(0x7f0000afc000)={[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000aff000)={0x400, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000afd000)={0x7, 0x7}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00006b4000)=@ioapic={0x2, 0x0, 0x0, 0x4, 0x0, [{0x3, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0xe2, 0x5, 0x0, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x6, 0x0, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x1, 0x4, 0x3, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x5d9a, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x5, 0x2, 0x7f, [0x0, 0x0, 0x0, 0x0], 0x40}, {0x9, 0x3f, 0x1, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x9, 0x1, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x0, 0x9, 0x5, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x100000000, 0x6, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x80000000, 0x10001, 0x8, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x7fffffff, 0x9, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xfffffffffffffffc, 0x1, 0xffffffffffffffe1, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x3, 0x6, 0xe945, [0x0, 0x0, 0x0, 0x0], 0xfff}, {0xfffffffffffff135, 0x6, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x8001}, {0x5bd, 0x3f, 0x7ff, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x400, 0x4, 0x9, [0x0, 0x0, 0x0, 0x0], 0x5d1f}, {0x100, 0x7f, 0xfffffffffffff801, [0x0, 0x0, 0x0, 0x0], 0x8}, {0x5, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1e71}, {0x3, 0x6, 0x6, [0x0, 0x0, 0x0, 0x0], 0x5}]}) ioctl$KVM_INTERRUPT(r3, 0x4004ae86, &(0x7f0000b00000)=0x1) [ 27.446543] *** Guest State *** [ 27.446846] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 27.447571] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=fffffffffffff871 [ 27.448291] CR3 = 0x00000000fffbc000 [ 27.448595] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 2017/08/11 21:15:13 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002bd000)={0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000aed000)={0x7, r0, 0x0}) write$eventfd(r3, &(0x7f0000aed000)=0x200, 0x8) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 27.449529] RFLAGS=0x00000002 DR7 = 0x0000000000000400 2017/08/11 21:15:13 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x5, 0x5, 0x3ad0, 0xffff, 0x3, 0x80, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 27.451247] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 27.451769] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [ 27.454570] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 27.455789] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 27.456522] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 27.457289] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [ 27.457903] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 2017/08/11 21:15:13 executing program 3: mmap(&(0x7f0000000000/0xaf5000)=nil, 0xaf5000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x637}) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00009c7000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0b0800000000000000001ccb1007655a4f7410ae2abb2a1756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac477f1ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f79420c7ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269e787224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77615cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3520baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624bd6bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f000026f000)={0x0, 0xdf, 0x8, &(0x7f00009f0000-0x8)=0x0}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000af0000-0x8)={0x1, 0x6}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000af4000)={0x8097, 0x10001}) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000394000-0x14)={0x0, 0x0, 0x7ff, 0x0, 0x0}) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000af5000-0x68)={0x4, 0x0, [{0xc0000001, 0x7, 0x8, 0x2a, 0x5, 0x0}, {0x8000000b, 0x1, 0x25, 0xfffffffffffffe00, 0x80000000, 0x0}, {0xb, 0x3, 0x80000000, 0x4, 0x2e, 0x0}, {0x1, 0x2, 0x5, 0xd7fb, 0x6, 0x0}]}) 2017/08/11 21:15:13 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 27.461966] irq bypass consumer (token ffff88006d2a0c80) registration fails: -16 [ 27.464507] GDTR: limit=0x0000ffff, base=0x0000000000000000 [ 27.465745] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [ 27.470176] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 27.470485] *** Guest State *** [ 27.470488] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 2017/08/11 21:15:13 executing program 4: mmap(&(0x7f0000000000/0x24000)=nil, 0x24000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f000001e000-0x20)={0x0, 0x3, 0x0, 0x1000, &(0x7f0000005000/0x1000)=nil}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000005000/0x18000)=nil, &(0x7f000001d000-0x18)=[@text64={0x40, &(0x7f0000024000-0x64)="5561768db3e6122d41a5c68a561d07d0bd937869ecfcda6fdac7109d23a756c3a66c647ccfbf3f36330f1dfe523e674af213b56fad718020c21915b1c4b1a37bfb1119ef6477d2d5992cf4079aa6fc2b7e2243ae91c0ca941773350bb4a9157016188f88", 0x64}], 0x1, 0x0, &(0x7f000001c000)=[], 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000002000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0xe0000021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000018000-0x20)={0x10003, 0x0, 0x0, 0x2000, &(0x7f000000d000/0x2000)=nil}) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000021000)={0x7, 0x8001}) ioctl$KVM_GET_IRQCHIP(r1, 0xc208ae62, &(0x7f0000023000-0xd8)=@pic={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f000001f000)={0x0, 0x0, &(0x7f000001c000/0x4000)=nil}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000003000/0x18000)=nil, &(0x7f0000014000)=[@text64={0x40, &(0x7f0000007000-0x49)="66baf80cb8f0e82d8def66bafc0cb800000000efb8010000000f01c1480f074b0f01c866baa00066ed2e430f01c9664f0f38808cca0f000000c4a2f91e1366ba420066ed4d0f005581", 0x49}], 0x1, 0x9, &(0x7f0000022000)=[], 0x0) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f0000023000)={0x0, 0x0, 0x400000000000, 0x8000000000000009, 0xffff}) [ 27.470491] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 27.470493] CR3 = 0x0000000000002000 [ 27.470495] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 27.470497] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 27.470500] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 2017/08/11 21:15:13 executing program 1: mmap(&(0x7f0000000000/0xafe000)=nil, 0xafe000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x440, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mlock2(&(0x7f0000267000/0x2000)=nil, 0x2000, 0x1) mmap(&(0x7f0000afe000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000afe000)={0x0, 0x0, [0xfffffffffffffffe, 0x1, 0x1, 0x10001], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000afb000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000aff000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aff000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aff000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000555000/0x18000)=nil, &(0x7f0000aff000)=[@textreal={0x8, &(0x7f0000b00000-0x2b)="0f1f40000f01f6b87f018ee866b9030200000f322ef30f07ba4100ed0f01cbf30f005d510f09263ef0ff05", 0x2b}], 0x1, 0x27, &(0x7f0000aff000)=[], 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000afc000-0xc)={0x7, r2, 0x1}) ioctl$KVM_SET_PIT2(r3, 0x4070aea0, &(0x7f0000afb000)={[{0x0, 0x8, 0x6, 0x3, 0x0, 0x7ff, 0x8, 0x9, 0x4, 0x8, 0x1, 0x401, 0x6}, {0x1, 0x0, 0x1, 0xa1, 0x9, 0x20, 0x8, 0x7ff, 0xc5e, 0x6, 0x100000000, 0x6, 0x7fff}, {0x7fffffff, 0x4, 0x4, 0x7, 0xff, 0xffffffffffff8001, 0x7fff, 0x200, 0x8, 0x4, 0x7f, 0xffffffff, 0x5}], 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000afb000)={0x0, 0x0, 0x1ff, 0x106}) ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f0000a3e000-0x70)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000afc000)={0x2, 0x22}) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000015000-0x1000)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000afc000)={0x6, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00002d3000/0x18000)=nil, &(0x7f0000add000)=[@text32={0x20, &(0x7f0000adf000-0x3c)="66ba200066ed0f0099d0330000300fe3c15044a2ea815cc5f57595d94d3e0f236eb8cc4ab08f6fececbafc0ced0f013f640f01caf26e36643e0f224566ba4040b800000000ef", 0x46}], 0x1, 0xf, &(0x7f0000ae9000)=[], 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000afd000)={[{0x7, 0x2, 0x7, 0x0, 0x1f, 0x40, 0x3, 0x2, 0x80000001, 0x1, 0x0, 0x3, 0x10001}, {0x5, 0x6, 0x80000001, 0x10001, 0xfff, 0x6, 0x4, 0x40, 0x10000, 0x8001, 0xd1, 0x1, 0xfff}, {0x3, 0x3, 0xfffffffffffffffd, 0x401, 0x3, 0x2, 0x7, 0x9, 0x3, 0x1000, 0x800, 0x800, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, &(0x7f000095f000-0xc)={0x1, [0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 27.470503] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.470508] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.470512] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 27.470515] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 27.470519] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.470523] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.470526] GDTR: limit=0x00000004, base=0x0000000000000000 [ 27.470530] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 27.470533] IDTR: limit=0x00000000, base=0x0000000000000001 [ 27.470537] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 27.470540] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 27.470542] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 27.470544] BndCfgS = 0x0000000000000000 [ 27.470546] Interruptibility = 00000008 ActivityState = 00000000 [ 27.470547] *** Host State *** [ 27.470550] RIP = 0xffffffff811b6777 RSP = 0xffff880038ff74c8 [ 27.470555] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 27.470558] FSBase=00007f4c3a973700 GSBase=ffff88003fd00000 TRBase=ffff88003fd22cc0 [ 27.470560] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 [ 27.470564] CR0=0000000080050033 CR3=0000000069c09000 CR4=00000000000026e0 [ 27.470567] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 27.470570] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 27.470571] *** Control State *** [ 27.470573] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 27.470575] EntryControls=0001d1ff ExitControls=00afefff [ 27.470578] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 27.470580] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 27.470582] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 27.470584] reason=80000021 qualification=0000000000000000 [ 27.470586] IDTVectoring: info=00000000 errcode=00000000 [ 27.470587] TSC Offset = 0xffffffe6f6835e72 [ 27.470589] EPT pointer = 0x000000002c36401e [ 27.470592] Virtual processor ID = 0x05b8 [ 27.501780] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 2017/08/11 21:15:13 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x5, 0x5, 0x3ad0, 0xffff, 0x3, 0x80, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 27.502775] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 27.504692] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 27.505577] BndCfgS = 0x0000000000000000 [ 27.506149] Interruptibility = 00000000 ActivityState = 00000000 [ 27.506834] *** Host State *** [ 27.507322] RIP = 0xffffffff811b6777 RSP = 0xffff88003acef4c8 2017/08/11 21:15:13 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002bd000)={0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000aed000)={0x7, r0, 0x0}) write$eventfd(r3, &(0x7f0000aed000)=0x200, 0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 27.508924] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 27.510023] FSBase=00007fdfd8603700 GSBase=ffff88006e100000 TRBase=ffff88006e122cc0 [ 27.510731] GDTBase=ffffffffff574000 IDTBase=ffffffffff57b000 2017/08/11 21:15:13 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000afb000-0x28)={0x400000000, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000afd000)={0x0, []}) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000aff000-0x98)={0x3, 0x0, [{0x7, 0x7, 0x0, 0x0, @irqchip={0x1, 0x1cab}}, {0x1, 0x3, 0x0, 0x0, @sint={0x75d, 0x200}}, {0x81, 0x0, 0x0, 0x0, @adapter={0x3, 0x7ff, 0x1, 0x6, 0x6}}]}) ioctl$KVM_GET_DEBUGREGS(r3, 0x8080aea1, &(0x7f0000afc000)={[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000aff000)={0x400, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000afd000)={0x7, 0x7}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00006b4000)=@ioapic={0x2, 0x0, 0x0, 0x4, 0x0, [{0x3, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0xe2, 0x5, 0x0, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x6, 0x0, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x1, 0x4, 0x3, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x5d9a, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x5, 0x2, 0x7f, [0x0, 0x0, 0x0, 0x0], 0x40}, {0x9, 0x3f, 0x1, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x9, 0x1, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x0, 0x9, 0x5, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x100000000, 0x6, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x80000000, 0x10001, 0x8, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x7fffffff, 0x9, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xfffffffffffffffc, 0x1, 0xffffffffffffffe1, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x3, 0x6, 0xe945, [0x0, 0x0, 0x0, 0x0], 0xfff}, {0xfffffffffffff135, 0x6, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x8001}, {0x5bd, 0x3f, 0x7ff, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x400, 0x4, 0x9, [0x0, 0x0, 0x0, 0x0], 0x5d1f}, {0x100, 0x7f, 0xfffffffffffff801, [0x0, 0x0, 0x0, 0x0], 0x8}, {0x5, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1e71}, {0x3, 0x6, 0x6, [0x0, 0x0, 0x0, 0x0], 0x5}]}) 2017/08/11 21:15:13 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 27.512032] CR0=0000000080050033 CR3=000000006dc96000 CR4=00000000000026e0 [ 27.512938] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 27.513898] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 27.514727] *** Control State *** [ 27.515198] PinBased=0000003f CPUBased=b699edfe SecondaryExec=001000e2 [ 27.516200] EntryControls=0001d1ff ExitControls=00afefff [ 27.516772] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 27.517931] VMEntry: intr_info=80000001 errcode=00000000 ilen=00000000 [ 27.520145] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002 [ 27.521087] reason=80000021 qualification=0000000000000000 [ 27.521751] IDTVectoring: info=00000000 errcode=00000000 [ 27.522423] TSC Offset = 0xffffffe6fd70c4b0 [ 27.523418] EPT pointer = 0x000000006c03d01e [ 27.524194] Virtual processor ID = 0x05bc 2017/08/11 21:15:13 executing program 5: mmap(&(0x7f0000000000/0xaf4000)=nil, 0xaf4000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00003b4000-0x9)="2f6465762f6b766d00", 0x40, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000ae6000-0x20)={0x3, 0x0, 0x100000, 0x2000, &(0x7f00002cb000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000077000/0x18000)=nil, &(0x7f00009d5000-0x18)=[@text32={0x20, &(0x7f000064b000)="f36d670f004d1ec4c1f9e6c50f01cf0f06b8010000000f01c10f090f01d1d2580666660f388113", 0x27}], 0x1, 0x0, &(0x7f0000ae8000)=[@cr0={0x1, 0x40001}, @flags={0x4, 0x20000}], 0x2) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x2000002, 0x11, r3, 0x0) ioctl$KVM_GET_REGS(r3, 0x8090ae81, &(0x7f0000af4000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f00002f5000/0x18000)=nil, &(0x7f0000ae7000-0x18)=[@text64={0x40, &(0x7f0000ae7000-0x64)="54838c89bcaa94b4c64c902e4f5093e18859bc5129e376101bfe4c4deed68a37e2ec74f41c591ee04901e5261330d08f304123e8264a0385538f240ab98b6ad3c1118a991f748fb321e55ad1302cb9f1cfa1f54a9812a8dacf577d258c69ccf966b3df38", 0x64}], 0x1, 0x0, &(0x7f0000ad5000)=[@flags={0x4, 0x140}], 0x1) mmap(&(0x7f0000af5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000af6000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_GET_DEBUGREGS(r3, 0x8080aea1, &(0x7f0000af2000)={[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000a36000)={0x2000, 0x118000, 0x0}) mmap(&(0x7f00004b6000/0x2000)=nil, 0x2000, 0x3, 0x32, 0xffffffffffffffff, 0x2) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r5, 0x4008ae48, &(0x7f0000af7000-0x8)=0x110002) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x4000000000) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1) ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, &(0x7f0000af3000-0x20)={0x3, [0x2, 0xffffffffffffff80, 0x800]}) mmap(&(0x7f0000af7000/0x1000)=nil, 0x1000, 0x3, 0x61010, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af7000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af6000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af6000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af6000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000077000/0x18000)=nil, &(0x7f0000af7000)=[@textreal={0x8, &(0x7f0000af7000-0x35)="640f01d1260f01ca59f08048c79a670f01cb66b8050000000f23d80f21f86635c00000b00f23f80fc75f000f01cf0f1a6c040f01cb", 0x35}], 0x1, 0x4b, &(0x7f0000af6000)=[], 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000329000-0x10)={0x3, [0x3, 0x1, 0xfff]}) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0x4008ae48, &(0x7f0000485000-0x8)=0x0) mmap(&(0x7f0000509000/0x1000)=nil, 0x1000, 0x4, 0x2110, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000226000-0x68)={0x74, 0x0, [0x200000, 0x9, 0x80000001, 0x80000001], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f00004d2000-0x148)={0x8, 0x0, [{0xd, 0x7, 0x5, 0x1000, 0x7, 0x164, 0x7, [0x0, 0x0, 0x0]}, {0x40000003, 0xfff, 0x6, 0xfffffffffffffff8, 0x2, 0xffffffffffffffe0, 0x1000020, [0x0, 0x0, 0x0]}, {0x8000001f, 0x0, 0x1, 0x4, 0x1, 0x6, 0x1, [0x0, 0x0, 0x0]}, {0xb, 0x10001, 0x0, 0x401, 0x0, 0x4, 0xffff, [0x0, 0x0, 0x0]}, {0xc0000019, 0xffffffff, 0x2, 0x5535, 0x2, 0x0, 0x2, [0x0, 0x0, 0x0]}, {0x80000007, 0x2, 0x4, 0x4ca004d5, 0xe400, 0x5b63, 0xdca, [0x0, 0x0, 0x0]}, {0x80000019, 0x9, 0x3, 0x5, 0xedc8, 0x4, 0x6, [0x0, 0x0, 0x0]}, {0x4, 0x100, 0x6, 0x6, 0x0, 0x4, 0x0, [0x0, 0x0, 0x0]}]}) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000211000-0xc)={0x2, r6, 0xffffffffffffffff}) ioctl$KVM_TPR_ACCESS_REPORTING(r7, 0xc028ae92, &(0x7f0000538000-0x28)={0x8001, 0xfffffffffffffc01, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_X86_SET_MCE(r7, 0x4040ae9e, &(0x7f0000519000)={0x100000000000000, 0x6000, 0xd, 0x6, 0x1c, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f0000aa1000-0x10)={0x1000, 0x100000, 0x0}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r5, 0x4010ae68, &(0x7f00005a4000-0x10)={0x0, 0x7000, 0x0}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3ad0, 0xffff, 0x3, 0x80, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:13 executing program 4: mmap(&(0x7f0000000000/0x68000)=nil, 0x68000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000020000)={0x0, &(0x7f000002d000)=0x0, 0x2, r2, 0x3}) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000066000-0x20)={0x0, &(0x7f000002d000)=0x0, 0x2, r2, 0xffffff7fffffffff}) ioctl$KVM_GET_TSC_KHZ(0xffffffffffffffff, 0xaea3) ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000004000-0x38)={0x9, 0x4, &(0x7f0000064000-0x69)="957b3920284999cba807b147766ba9996d4daafa230a28b17fff87a996ab708cd9311cc5a4c27cd2254ab2d9687c9911aa0531c86cc116f056b895210c60b29072ecd8aad123deb40a01d368b4dd1e28ecd83f1f3697ec3d63101c2564b9ecf6eb63904cc1ba84b05d", &(0x7f0000052000-0x1000)="2f874672cd0e9ab4d56f2f11579a86836777397fde1c2a490c3198779dc2977c14af5d629dfaee2ce9b98c8354241f0067b31d173221a5598fd97dd1e3b83e68818ace73e633b313de211ad53226eb55f38818d8940c17e8af6002c2ff5836cd39ff6e072c13d0cd4ff6e3889a1d13a4d98123e1e454fccd1aa27813d8766292c5ff0f918cf0259f2b98678572762283e331218a40c063a541ae358786172e14c52147f534b005fe7377c72d7ba4589ca5cb293f296ce0c6733aeb6014e921cb12c7e2489dbe8f7223d3e669937b26f8c73114bf99f310d9179927a894c7be7b6c4e25ca6edc8a1686ec8a21e858254f13c1e560a9ef8e0b0fc26552ac188ea7fa0f0c494cb085db4690e9c435b2f6eb4c44df7df881bd9aa7ae53aae9a9d27fd18124a72a77b3e4942ae4f68f0cc3bbdc41384aff4ac88fd845276368047d8a054ddefd0e5d7a348a2c8767e1409332fb0a8748b203df7ebf90c9a250ef23fd59171094a5137eeec3719f361eb60eca918244bfcf2fce41b7d813669e675183a6798953fcf5815043c384303ab2488c3b98e7aa472da66d99be7aa92164374ed644a7a15665ec3cb213b0a0123963cc4598f2c8e82d1961e9a96ea61968f26878246b54d28a264f5322ed45c132023fd124e5426998566b581aa371708cfd3fa777a8ae54d77d16b486d346b20cb12710e88746f3b87556bf8e9ed1975401bebc616be083b4173f8b0e490ee958891a802c2cd2ee0f2d58019042c32cb24b08955276a7e9ba98adf15f4374b64a5b62f1be59ce784e5667ef96fe4cab6d2beba7b5815880973605f2e9614dc821f1747569de2abfc8e22a92c6a810100badc3b9427c54574db7b4edefa1213cd7728b749396efb0d05c8b1f5be93cf9b633227aeee4e2babd5bb8fa435c678abd67b837c491bb75a14f1029c19567e8781aca160a0bcddefb41848fb493acd00dba2ad6ef1c3bae6e4d9b9db4d6b0f948079cccb3a01fdcb8fa6958cd3109c42d0ccbe99c064fa9ce5841f1cc35c5bc23c4c73fe1b571328f388204bfa015e7920fe071c901e96eb87dbec5ea0d595de020764958ddbcf7f8b7e8cd86bc1976f0f1a689e6a1954c647a8b79766e5df70a239be26275c9907e82502be7f9d63e52aa1339aa110f9bfa93b0461808d83b75c5c8b01789c8aa0364dd5379b7e6a5d0bc3ead8c152a470fa245c8583b0e6556c8eb8482b32bdb45a428bb7b8bddc207f7f90798bf75d614e85e6241998bca0e56440d983ac16663b4f1b504517848bc721063b239e42c834c34fd22a6c46c08486d0615c29f19f0d6d93db12876a87caa15d49d53bed0bd7a00155957e39cf40a1341e783c24e2d5c100d3cebf5660713981e11736f4eabfab1416c33cf7015b1b34572f002452a1f9c0476fc6f7805af005f268bfd9fd9fdd2407e69c1791ee1e625186b584e5af52fd2758a2093c1ad660f3c20c6e9105aa1923c2dd682685869cbf53a732073b3cead66bc308ff94af5bfc7a5de62e7eada6acf5869623c92528ae25866e718114836195fbae5ed9cd6b0385d7c812059246cf14b4e3aa68f79a0186c99de5f4e2d5311662567ef714817b054a13b089da5b8fd3eb7900e0f8c4c7e40a92f6fc1d9bea6b550d6267147026767b30fbccba388b450fce573a81ac5e40aba7b62883f1d5f6f6fe65e7cbed6e5408167fb1b68a0e5c13882553f635750f2aa0b887267f0b77a93ba0e807ea6d8d63392abb87c6bf678e4ac99298d8703f32e2caa63f5f59dd4be8dd8cee877d62d65a3953a495d99dee5e792cfc60a6bf46af9e05e8c86d32a3ace3449b8d5425319c79bf692e3a82584699a5e791aaf5bfd7fe47ab26ec345f1038e344205d145e34279b4a59ae22c795354c089d67538d86d9a69ee9a0be440fc721d031b8ccbc61e65d6d7324472bd9b0663e62e8ef55474380926aa280bc13f2c4d195f41aeb9fd59eac8a3c26f5e308a8b53ab8c7ae520bd58c98db2d47d0a3a2149375d8ddba4c21f07f2c77ff1c59bef225e8b2f12b6749a1f1c3f9af5cda1b255a7db0f52c91ea75098596ed5c6ae4a014089101bc60c23d6e32bc3843f794f47fc17c6c8bff3e7d5a9894345a210538d17e1993d97479d6e80bd6fc1a01ea98d3fc0e81fb179de61179b6141c6d645d5fe39754656796f77fa860f866292a8a3635d29c52773e173e5ddb7c72ed8478b9f5805a24624ac03cfce9e8c8c7c337d8a8e1fa9a87996bb1fa293b507b4427ab4f5d48b0d6115b91b9752a47e035420b06272d7b16a6caa6c03cc5e5edd58431c86e41a211394a94dbd64067e496c73224f54df65ced99b62d7ff8d2a9895190e99b5ce2db127982f60f2ff587a804b1a506bdccc0b98c398e61c36b99d8cac2b8fc375f3b60b5521518164de62729f5bbc07b0320f980610678ed59c5c1b536e1474eeb2184bfb62ff7ed5c537f761b1942b4c2464b2dcd422e353924f069bc53dc0f53780cda57b5ed9196b135855f47f94a9fa63ea2522d1ba543548386f724a7a64813ab9fbc1870b479f43941cba3ebadd4272e2105dbcbf91dca1f600f45508354d9adbd12a607172d5af57ee63768c984dffa017fa48b34a25b509ba807ebc4b530c6f8b58f361208ed69db950e25b782148aa7352fa7c3a374dc95f8ca4cc6cb80ff7f37e973d9b92a8952e856fa0acb617a678527241cda0dcc287227d4cd4c3df81485ea7c9021c5fda9beb547df748e256c27b5bd94653190357c05328d87736f932ce7d2618a8d7a1a839f756e2daca8d3d99940e1d6a4248a02e50117ce93b35432f1c29cd01ea757a941ccd72479de1efbed15dae60508aa3ee2b794c097d2d3f8ea8a0ee8eb4983df9531865b85788bf6cfb509eb55a35b7e124914b1d94820764bcc787f6e79edf4a819d4482298b51552f5dd1f6e944d4a5cb5a81ea6648c63b2040ff0b2be8f217ba1ec729356f845a6da51383283d6fd0fdb324dfeb6d21d5690a5469cf43497b699d6ec5326e8726ba3527f6d4ab9bf3c629b2f191c0a5f96281deccdff02cbdb569f4e09983ddd1365e6c73da3335878a11e7d0621b7547f0fecd49d3594d164127f54e599ba0ebf15dd1b75ed98f91bfe08b595e9b7259cd005749a839b3b9332ada43e4e166359bdc85f6011abd2f1e1177f56f74dafbfe9a8d66d7b56aef8330774ac2d7981b2ea953669703841349ebfb236f35104fb1d1b528e09ca5f45a084657a141c626abdf5a8c1b61c4ccbcc90c1bc3ada911ee5f2e0027fa9173e9d5c45ab69a936ef39264e3113a0cf3be704f5ccd25ed50d3042209ee4bf569d1177fe59c421de81f74d34e11c7ae30d8b05648f6dbebe334871126db7e31ee65a6ad87c9108ff28fbe3f9da13eb593f6cd1fa87f2e2f0e3202d56a8bf066daaea46b24d4a11d61b9f45d80c2e0e482c5ebb78fbc6aae3d43a8341ccbc996ab13235fe6707a15befa3b2483528edacbd38d7b02bde4f4944c12eca755182971ed3701d304d1ee6dd60737a41208c55886a0e3ea3ad85ffe73366f2d8c2f9f2ccfcac78f9ce8c64d3dcb3b69295ed8e83c57f456cc0a3540e431c6b24033eed8914133de7a32b06c28f725cf2c375cf81d33807d51d30f444dc488312dc39abb239fa3d7a801463d200cc97149c728e28566be0090f9c9af98c0944e588ccf28c131b7ec3dbce3bfae81657393913a21e31d21fc12dcd1c6890d0288e74ec001483d69add0b547e633d23c6c5c93605680b0c4420ad0754cb916b5273b818836303a4f4933d1835e6c03f9beaf5f9531352f8ed16d9add3ea2b8ff8969b5f79fa18c14ecfe40c51ce3562b5d593a99945e38024a53914f7ec84ea4f3c69b0944694153ad70440baec97309c052f00cf09a9f299294a9cb50eeb5d316943fc57bc17b807c6d18aa955de0aa4a61c1b72a3eb69a29ab122fb64c0a150ec377741a1031a54ef16df6279db5e8258bcfc4aeb81c9a917aed8b7d6c7f41cd08e0f19023f776655eb809ab20d3ba894bebf3b8cc9b95134b83fc45d8ad72a126b3b7ac12fcb081d72914f859eb272c52dc9f1913bd5527214e0c959164aa450f3986942a2974c23dd9027ca6e3991de9ab1b7dca55582c5a7ac6364662d36466ee074a2c440b7adc9d3f68df1ef9c762477547a680971d6e212256638f0ce70aa4c86749b4142b148b83fcb37506115017e5d04ff7d40ac7ea24f9a3f57d07dc8a29ff3b0cbfcb5be284de3d07eb45327b2f001188e9d3dc9f533eb19ede95b0b9cbba9406c4fd34b20b84454b3596f679c28a67780a3ce71b55ed3d91fc7513f86cca4d9e9c0ba3c0d029f2718e679d9e4248a88b336232e601423a8a5c3d3db541b2e5baf09e63685a6284a32353d6ce39783006e1b13dbdb67de1900047b9eb18c283932a31fb11d0391013179cffff9cf30306527d8c0c69f9291f9e675f41b5305a479ccf59d2ba348db633d77d6c31a3c7aaa6c6964d1d50402e14c7e184663e1c6e2d012ea1b8e6420fd31c2c8fd08cb0ea449b73a64dd729736c5153316f37795e6cd5da52e1d0d8c803a07944c6ac846ab02707e5510c0ab5fdee5f10192e0eb8a5a5bf0fd058cce061da9a3ce1a9afff4eca9cd02f3ef4f22f27c7bab2603a60d21da45ffebf41aa5d8df446eb01ea23d8319711f1ad3c44d59e4bee1863177b65097dac37394469ef55b0ad8ccb0350e8f09df23f987896645503a7e2ac89fb39a3a73e94cbb5444aaf2e49a5dc510e4d84472eb9491758bab8939b4afaf3b1824fc9e753135d8bda6108701656791dbdd5432ac81c442622db137419ad25a95444ea823407ae12452a3724ef6e4df4d916bde54f26b4ce843cb86efc549b3e0f047ea0f83e23fbb75fb2d53d32d9b18278842be79094b5b0fad0e33be288616c1bc5889ea6c350a0bf2ef34a83f5ce868e23e6e87234830e12d9ffd9f0d5f92dee010a62f7efa4d3e7997b8ee38366e50020864516bba044c8c8a1870deeba792b67db390e5cedb9916e3d0259e0d27d413fc6b6614e4e926832bdad34b5fe4eecbc1a0da423435525b631bf685beb852cf3a2a5da2ec170cbe0daacc7d7c31b44d321d17ca064dc96d133a7f43473ce1543fa7c466a94d9fa68fa043ae2160c813653b3ff954ceeb1325526b173feed6a6a1fd591a55a01ee59753b64f4162860961354ba8dd38ebf7955bcc238580c872aebc46f910b4f82df78d6d5283d933c7f1847d4cad8225a0af1e72d5b7def4cc2351ddacf2443714bca97c0c604e37d8a5464f7a3ab51b0f96dd63fe9dbdef8282e81c8c662b8ff00e324a5cb919ee060dd1b7528685b8c7f0ba3a19a7cbfc43b1f5aa326036bb56b00b9ab52b16813a2d86d88268fbc7057982d37f83256edd2b4b36282c93f0cc3de757bb84da7589321968f2a52ef0badf869329f662655d20e26175a2132b536cf5fcd210191453cc3fa72bb909b0a08c1835cc7268db814025fc56fd08ba3518393e2550791737541b9bef0c721ce4153fbee5dbb48a3922700f0436aeb3aa04bb83d2cd8076a16a25919fa94afb29ce6413eb4dd06c553d5accd51f22891665c0146bd72fcb3c6bfb77ab3dbba7ecc855428e376c2da6a39615f2d8591b6f555ecdadedeccb93416497b66a9864ce1612111de83da26a85371a91ec5866425131afbe83e20c87b5d3530da0b8cef24f0517199a4a85bc5b004cf44ada414fb7b5f3edfaa813e64345d7e9fde631e8aa833935dd429ec3f8968023dd7898d53937bb598644e1b76705b77b322886dff0e61", 0x69, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) [ 27.554752] *** Guest State *** [ 27.555301] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 27.556105] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 27.557076] CR3 = 0x0000000000002000 [ 27.557407] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 27.557821] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 27.558577] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 27.562561] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.564799] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 2017/08/11 21:15:13 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000afb000-0x28)={0x400000000, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000afd000)={0x0, []}) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000aff000-0x98)={0x3, 0x0, [{0x7, 0x7, 0x0, 0x0, @irqchip={0x1, 0x1cab}}, {0x1, 0x3, 0x0, 0x0, @sint={0x75d, 0x200}}, {0x81, 0x0, 0x0, 0x0, @adapter={0x3, 0x7ff, 0x1, 0x6, 0x6}}]}) ioctl$KVM_GET_DEBUGREGS(r3, 0x8080aea1, &(0x7f0000afc000)={[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000aff000)={0x400, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000afd000)={0x7, 0x7}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x637}) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00009c7000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0b0800000000000000001ccb1007655a4f7410ae2abb2a1756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac477f1ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f79420c7ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269e787224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77615cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3520baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624bd6bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f000026f000)={0x0, 0xdf, 0x8, &(0x7f00009f0000-0x8)=0x0}) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000af0000-0x8)={0x1, 0x6}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000af4000)={0x8097, 0x10001}) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000394000-0x14)={0x0, 0x0, 0x7ff, 0x0, 0x0}) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) [ 27.565700] SS: sel=0x0000, attr=0x0b071, limit=0x00000000, base=0x0000000000000000 [ 27.566845] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 27.567668] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 2017/08/11 21:15:13 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002bd000)={0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000aed000)={0x7, r0, 0x0}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 27.569159] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 2017/08/11 21:15:13 executing program 1: mmap(&(0x7f0000000000/0xaf5000)=nil, 0xaf5000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0) ioctl$KVM_REINJECT_CONTROL(r0, 0xae71, &(0x7f000043c000)={0xfc3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mmap(&(0x7f0000af5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000af5000)={0x0, r2, 0x0}) ioctl$KVM_KVMCLOCK_CTRL(r3, 0xaead) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r4, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r2, 0x4040ae72, &(0x7f000011a000)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000763000-0x10)={0x4, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 27.571982] GDTR: limit=0x00000004, base=0x0000000000000000 [ 27.572840] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 27.573693] IDTR: limit=0x00000000, base=0x0000000000000001 [ 27.574534] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 27.575400] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 27.576092] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 27.576847] BndCfgS = 0x0000000000000000 [ 27.577295] Interruptibility = 00000008 ActivityState = 00000000 [ 27.577938] *** Host State *** [ 27.580532] RIP = 0xffffffff811b6777 RSP = 0xffff88006b61f4c8 [ 27.581302] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 27.582211] FSBase=00007f4c3a973700 GSBase=ffff88003fc00000 TRBase=ffff88006e022cc0 [ 27.583120] GDTBase=ffffffffff575000 IDTBase=ffffffffff57b000 [ 27.583715] CR0=0000000080050033 CR3=000000003a0ef000 CR4=00000000000026f0 [ 27.589085] kvm [6000]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000020 data 0x66c9000000021043 2017/08/11 21:15:13 executing program 4: ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000037000-0xc)={0x6, 0xffffffffffffffff, 0x1}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000517000-0x18)={0x0, 0x6, 0x4, &(0x7f0000001000-0x8)=0x0}) mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, r1, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae7000-0x9)="2f6465762f6b766d00", 0x81, 0x0) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f000075a000)=0x0) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f0000aee000)={{0xf000, 0x4000, 0x0, 0x1017, 0x0, 0xbd, 0x6, 0x1000, 0x1, 0x6, 0x1, 0x9, 0x0}, {0x10000, 0x2000, 0x0, 0x7, 0x3, 0x9, 0x9, 0x7, 0x81, 0x8, 0x6, 0x80000001, 0x0}, {0x10d002, 0x4000, 0xa, 0x800, 0x80, 0xbb6, 0x1, 0xfb7, 0x9, 0x8, 0x1, 0x0, 0x0}, {0x0, 0x4000, 0x0, 0x0, 0x2, 0x7, 0x80000001, 0xfffffffffffffffe, 0x400, 0x3, 0x2, 0x401, 0x0}, {0x5000, 0x5001, 0xc, 0xffffffffffff0000, 0x56, 0x101, 0x5f4c, 0x4, 0x35, 0x17d1, 0x5, 0x9, 0x0}, {0x4000, 0x5000, 0xc, 0x9, 0x19, 0x8b, 0x0, 0x200, 0x7fff, 0x101, 0x5, 0x7c14e688, 0x0}, {0x1f000, 0x4000, 0xa, 0x800, 0xe30, 0x4, 0x3, 0x6, 0x0, 0xffffffffffff8001, 0x2, 0x90000000000, 0x0}, {0x5000, 0xf000, 0xd, 0x9, 0xffffffff, 0x8, 0x1000, 0xfffffffffffffff8, 0x3, 0xfe33, 0x3, 0xfffffffffffffffc, 0x0}, {0x4, 0x10000, [0x0, 0x0, 0x0]}, {0x1, 0x1000, [0x0, 0x0, 0x0]}, 0x80000000, 0x0, 0x100006, 0x10010, 0x5, 0x4000, 0x100000, [0xfff, 0x8, 0x485a, 0x6]}) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_GET_CLOCK(r0, 0x8030ae7c, &(0x7f000024d000-0x30)={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000241000/0x18000)=nil, &(0x7f0000af0000-0x18)=[@text32={0x20, &(0x7f0000aef000)="b8010000000f01c1f22e0f212e2393723fa16b8fe8788509d8b9020100c00f32660fbbeac4e1356146f865650f080f0966baf80cb8e8f52f81ef66bafc0c66ed", 0x40}], 0x1, 0x60, &(0x7f0000ae7000)=[], 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_GET_REG_LIST(r4, 0xc008aeb0, &(0x7f00000d0000-0x18)={0x2, [0x8, 0x3]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f000084e000)={0x7ff, 0x5}) ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f00004ae000-0x1c)={0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1, 0x2, 0x0}) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_FPU(r4, 0x81a0ae8c, &(0x7f0000af0000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r3, 0xc004aea7, &(0x7f0000af0000-0x4)=0x1) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af0000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) write$eventfd(r0, &(0x7f0000af0000)=0x6feb, 0x8) ioctl$KVM_RUN(r4, 0xae80, 0x0) mmap(&(0x7f0000af1000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) write$eventfd(r0, &(0x7f0000af1000)=0xffffffffffff7fff, 0x8) ioctl$KVM_DIRTY_TLB(r4, 0x4010aeaa, &(0x7f0000aef000-0x10)={0x7, 0x100}) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 27.595706] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 27.596598] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 27.597277] *** Control State *** [ 27.597671] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 27.598373] EntryControls=0001d1ff ExitControls=00afefff [ 27.598950] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 27.599726] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 27.600439] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 27.602326] reason=80000021 qualification=0000000000000000 [ 27.602980] IDTVectoring: info=00000000 errcode=00000000 [ 27.603883] TSC Offset = 0xffffffe6e7473b88 [ 27.604343] EPT pointer = 0x000000003a1b001e [ 27.604815] Virtual processor ID = 0x05b4 2017/08/11 21:15:13 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x0, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ad0, 0xffff, 0x3, 0x80, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:13 executing program 5: mmap(&(0x7f0000000000/0xaed000)=nil, 0xaed000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000ae5000-0x48)={0x80003, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000265000/0x1000)=nil, 0x1000, 0x2ffffff, 0x10, r0, 0x0) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r0, r2, &(0x7f000028b000/0x18000)=nil, &(0x7f0000aee000-0x18)=[@text32={0x20, &(0x7f00002ea000)="0f8306000000d935000000000f213666baf80cb870aeef87ef66bafc0cb8a0d50000eff20f060f01c966ba6100edc74424000a000000c7442402329a0000c7442406000000000f011424b8010000000f01c1260f01cb", 0x56}], 0x1, 0x4, &(0x7f0000aee000-0x10)=[@cr0={0x0, 0x13}], 0x1) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x0, 0x32, r0, 0x0) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x4) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000ad8000)=[], 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000054b000/0x18000)=nil, &(0x7f0000828000-0x18)=[@text32={0x20, &(0x7f0000ae8000)="c4c17d2b461a66ba2000ec26670ff29f775466b804008ee8c744240000900000c7442402b0000000c7442406000000000f01142466baa000b87b0000000f23d00f21f835100000020f23f8f6774666baa000ed66ba42ecc4e27d2a85a2a50000", 0x60}], 0x1, 0x0, &(0x7f0000ae1000)=[], 0x0) r3 = pkey_alloc(0x0, 0x0) pkey_free(r3) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000ae1000)=[@text16={0x10, &(0x7f0000ae2000-0x5b)="6766c7442400009000006766c7442402050000006664c73524068d00000000000f011c240f0866b8430000000f23d00f21f86735a630000066b91503000066b8d400000066ba000000000f3067f36d0f3266b97e0300000f3266b9760900000f32f22e0f001d0f183f66640f06", 0x6d}], 0x1, 0x0, &(0x7f0000ae1000)=[@cr4={0x2, 0x0}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f000058d000-0xc)={0x2, r0, 0x1}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0x103) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000246000-0x10)={0x75, 0x80000000000}) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_S390_UCAS_UNMAP(r2, 0x4018ae51, &(0x7f0000aed000)={0x0, 0x10000, 0x0}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f00001e1000)={0x10000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mremap(&(0x7f000028f000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00005cd000/0x3000)=nil) r4 = pkey_alloc(0x0, 0x0) pkey_mprotect(&(0x7f00001f3000/0x1000)=nil, 0x1000, 0x5, r4) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001f1000/0x18000)=nil, &(0x7f0000778000)=[@text32={0x20, &(0x7f000099a000)="b805000000b9000000000f01c1b9150800000f320f01cab9bd0800000f320f00dd0f00d00f01582d66b80c010f00d86767660f383251210f50f1", 0x3a}], 0x1, 0x8, &(0x7f00002f8000-0x20)=[@efer={0x2, 0x400}, @flags={0x3, 0x80400}], 0x2) [ 27.638461] *** Guest State *** [ 27.638799] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 27.639674] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 27.640473] CR3 = 0x0000000000002000 [ 27.641079] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 27.641610] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 27.642151] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 27.642587] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.643154] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.643706] SS: sel=0x0000, attr=0x10000, limit=0x00001000, base=0x0000000000000000 [ 27.644280] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 27.644993] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.645846] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.649673] GDTR: limit=0x00000004, base=0x0000000000000000 [ 27.651722] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 27.652755] IDTR: limit=0x00000000, base=0x0000000000000001 [ 27.653526] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 2017/08/11 21:15:13 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000afb000-0x28)={0x400000000, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000afd000)={0x0, []}) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000aff000-0x98)={0x3, 0x0, [{0x7, 0x7, 0x0, 0x0, @irqchip={0x1, 0x1cab}}, {0x1, 0x3, 0x0, 0x0, @sint={0x75d, 0x200}}, {0x81, 0x0, 0x0, 0x0, @adapter={0x3, 0x7ff, 0x1, 0x6, 0x6}}]}) ioctl$KVM_GET_DEBUGREGS(r3, 0x8080aea1, &(0x7f0000afc000)={[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000aff000)={0x400, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 27.656874] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 27.657366] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 27.658146] BndCfgS = 0x0000000000000000 [ 27.658440] Interruptibility = 00000008 ActivityState = 00000000 [ 27.659026] *** Host State *** [ 27.659259] RIP = 0xffffffff811b6777 RSP = 0xffff8800548e74c8 [ 27.659938] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 2017/08/11 21:15:13 executing program 1: mmap(&(0x7f0000000000/0xae4000)=nil, 0xae4000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000ae1000)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f000088f000-0xc)={0x3, 0xffffffffffffff9c, 0x1}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x44000001) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f00006fe000)={0x1000, 0x1000, 0x400, 0x7, 0x1000}) mmap(&(0x7f0000ae4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_S390_INTERRUPT_CPU(r1, 0x4010ae94, &(0x7f0000ae5000-0x10)={0x8, 0x779, 0x4}) mmap(&(0x7f0000ae5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000564000-0x58)={0x5, 0x0, [{0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}]}) ioctl$KVM_GET_DEVICE_ATTR(r0, 0x4018aee2, &(0x7f0000ae6000-0x18)={0x0, 0xfffffffffffffffc, 0x7, &(0x7f000089e000)=0x0}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) mmap(&(0x7f0000ae6000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000ae7000-0xe0)={0x9, 0x0, [{0x8000001f, 0x9, 0x6c18, 0x4, 0x1d7, 0x0}, {0x80000000, 0xfffffffffffffffd, 0x6, 0x5, 0x6, 0x0}, {0xc0000001, 0x14000000000, 0x400, 0x2, 0x6a0, 0x0}, {0x80000007, 0xffff, 0x3, 0x10000, 0x7, 0x0}, {0x40000001, 0x6, 0x1, 0x8, 0x6, 0x0}, {0x80000008, 0x1205b496, 0x100000000, 0x1f, 0x627, 0x0}, {0xc0000007, 0x7, 0x6, 0x2, 0xffffffffffffffcb, 0x0}, {0x0, 0x4, 0x9, 0x4, 0x3, 0x0}, {0x80000001, 0x2, 0x6, 0x5, 0x8, 0x0}]}) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) mmap(&(0x7f0000ae4000/0x1000)=nil, 0x1000, 0x5, 0x10, r3, 0x0) mmap(&(0x7f0000ae7000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000ae8000-0x8)={0x8, 0x4}) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f00008fc000)={0x4, r4, 0x0}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000ae5000-0x18)={0x0, 0x1, 0x0, &(0x7f00006a3000)=0x0}) [ 27.661796] FSBase=00007f4c3a973700 GSBase=ffff88006e100000 TRBase=ffff88003fc22cc0 [ 27.664720] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 27.665278] CR0=0000000080050033 CR3=000000003acdf000 CR4=00000000000026e0 [ 27.666109] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 27.668914] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 27.669733] *** Control State *** 2017/08/11 21:15:13 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x3, 0x80, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:13 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002bd000)={0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 27.672226] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 27.673122] EntryControls=0001d1ff ExitControls=00afefff [ 27.673881] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 27.676290] VMEntry: intr_info=8000030c errcode=00000000 ilen=00000000 [ 27.676928] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 27.677644] reason=80000021 qualification=0000000000000000 [ 27.678225] IDTVectoring: info=00000000 errcode=00000000 [ 27.678798] TSC Offset = 0xffffffe6d4fb4816 [ 27.679643] EPT pointer = 0x00000000672f101e [ 27.680119] Virtual processor ID = 0x0523 2017/08/11 21:15:13 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x637}) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00009c7000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0b0800000000000000001ccb1007655a4f7410ae2abb2a1756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac477f1ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f79420c7ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269e787224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77615cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3520baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624bd6bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f000026f000)={0x0, 0xdf, 0x8, &(0x7f00009f0000-0x8)=0x0}) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000af0000-0x8)={0x1, 0x6}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000af4000)={0x8097, 0x10001}) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000394000-0x14)={0x0, 0x0, 0x7ff, 0x0, 0x0}) 2017/08/11 21:15:13 executing program 1: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_TSS_ADDR(r0, 0xae47, 0xd000) mmap(&(0x7f0000000000/0xafb000)=nil, 0xafb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_GET_SMMU_INFO(r0, 0x8250aea6, &(0x7f0000a8e000)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_DEV_IRQ(r0, 0x4040ae70, &(0x7f0000afc000-0x10)={0x9, 0x8, 0x101, 0x400}) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000afb000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, r0, 0xfffffffffffffffd) ioctl$KVM_S390_INTERRUPT(r0, 0x4010ae94, &(0x7f0000afb000)={0x2, 0x5, 0x8001}) ioctl$KVM_ASSIGN_SET_INTX_MASK(r2, 0x4040aea4, &(0x7f00005d2000)={0x66d, 0x7, 0x2, 0x1, 0xcb8}) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000a33000-0x28)={0xd, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_PIT(r2, 0xc048ae65, &(0x7f0000a3e000-0x70)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x11, r3, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000afb000)={0x0, 0x22}) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f00008ac000/0x18000)=nil, &(0x7f0000358000)=[@text16={0x10, &(0x7f000017d000)="0f01c90f1bfe66f0821845650f06b84f008ee86766c74424004b0000006766c744240208bf43456766c744240600000000670f011c248ed00f01c9baf80c66b82c4bd28666efbafc0c66b80000000066efbaf80c66b893dd3f8066efbafc0cec0f09", 0x62}], 0x1, 0x1, &(0x7f0000015000)=[], 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r1, &(0x7f0000604000/0x18000)=nil, &(0x7f0000add000)=[@text32={0x20, &(0x7f0000089000)="66ba200066ed0f0099d0330000300fe3c1c05050a2ea815cc5427595d94d3e0f236eb8cc4ab08f6fececbafc0ced0b013f640f01caf26e36643e0f224566ba4040b800000000ef", 0x47}], 0x1, 0xf, &(0x7f0000395000)=[@efer={0x3, 0xc00}], 0x1) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f000095f000-0xc)={0x2, [0x100000000, 0xe0]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 4: mmap(&(0x7f0000000000/0xaf5000)=nil, 0xaf5000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffff9c, 0xae41, 0x0) ioctl$KVM_X86_SET_MCE(r1, 0x4040ae9e, &(0x7f000040d000)={0x400000000000000, 0x4, 0x6, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00009c0000-0x20)={0x12714, 0x1, 0x1f004, 0x1000, &(0x7f00001f2000/0x1000)=nil}) mmap(&(0x7f0000af5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r2, 0x8008ae9d, &(0x7f00002e3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r2, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8b, 0x0, 0x4, 0x8}) ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000747000)=0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x0}) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) mmap(&(0x7f0000af5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x8040ae9f, &(0x7f0000af6000-0x1c)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$KVM_ASSIGN_SET_MSIX_NR(r2, 0x4008ae73, &(0x7f0000af4000)={0x8097, 0x10001}) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) 2017/08/11 21:15:13 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x0, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x80, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:13 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000afb000-0x28)={0x400000000, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000afd000)={0x0, []}) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000aff000-0x98)={0x3, 0x0, [{0x7, 0x7, 0x0, 0x0, @irqchip={0x1, 0x1cab}}, {0x1, 0x3, 0x0, 0x0, @sint={0x75d, 0x200}}, {0x81, 0x0, 0x0, 0x0, @adapter={0x3, 0x7ff, 0x1, 0x6, 0x6}}]}) ioctl$KVM_GET_DEBUGREGS(r3, 0x8080aea1, &(0x7f0000afc000)={[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000aff000)={0x400, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 27.739787] *** Guest State *** 2017/08/11 21:15:13 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002bd000)={0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 5: mmap(&(0x7f0000000000/0x64000)=nil, 0x64000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r2 = eventfd2(0x4000000002, 0x0) mmap(&(0x7f0000064000/0x1000)=nil, 0x1000, 0x3, 0x10, r2, 0x0) mlock2(&(0x7f0000063000/0x2000)=nil, 0x2000, 0x1) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000020000)={0x0, &(0x7f000002d000)=0x0, 0x2, r2, 0x3}) mmap(&(0x7f0000065000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000065000)={0x1000, 0x0, 0x0}) mmap(&(0x7f0000066000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000066000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000066000-0x20)={0x6000, &(0x7f000002d000)=0x0, 0x2, r2, 0xffffff7fffffffff}) mmap(&(0x7f0000065000/0x1000)=nil, 0x1000, 0x3, 0x13, r2, 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000066000-0x14)={0x3f, 0x7, 0x2, 0x3, 0x9}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_GET_TSC_KHZ(r3, 0xaea3) mmap(&(0x7f0000065000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000065000/0x1000)=nil, 0x1000, 0x3, 0x32, r1, 0x0) mmap(&(0x7f0000019000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f000003a000/0x18000)=nil, &(0x7f0000066000-0x18)=[@text64={0x40, &(0x7f0000065000)="48b895670000000000000f23c00f21f835010002000f23f8440f20c0350f000000440f22c0660f38800bc4c2810bef43806a6b00b9390900000f3267410f029ff3ffffffc4012955b50030000067450f01d10f2014", 0x55}], 0x1, 0x8, &(0x7f0000066000-0x10)=[@dstype0={0x6, 0x9}], 0x1) mmap(&(0x7f0000066000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f0000066000)={0x0, 0x7, 0x2, &(0x7f000002d000)=0x0}) write$eventfd(r2, &(0x7f000003e000)=0x100, 0x8) mmap(&(0x7f0000065000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000066000-0x8)={0x5309, 0x1}) write$eventfd(r2, &(0x7f0000001000-0x5)=0x20009, 0x8) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) mmap(&(0x7f0000065000/0x1000)=nil, 0x1000, 0x1fffffd, 0x32, r1, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000066000-0x1c)={0xfffffffffffffffd, 0x1ff, 0x80000000, 0x0, 0x3, 0x7fff, 0x1, 0xdff, 0x1b7, 0xffffffffffff8001, 0x0, 0xfffffffffffffffc, 0x0, 0x99, 0x8, 0xfff, 0xffff, 0x4, 0x58f}) mmap(&(0x7f0000067000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000067000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000068000-0xc)={0x6, r4, 0x0}) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000049000-0x8)={0x3ff, 0x1}) [ 27.742905] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 27.743753] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 27.744907] CR3 = 0x0000000000002000 [ 27.745706] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 27.746509] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 27.747130] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 27.747825] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.748635] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.749477] SS: sel=0x0000, attr=0x0b011, limit=0x00001000, base=0x0000000000000000 [ 27.753121] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 27.754117] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.755416] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.756176] GDTR: limit=0x00000004, base=0x0000000000000000 [ 27.756991] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 27.757794] IDTR: limit=0x00000000, base=0x0000000000000001 [ 27.758607] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 27.759912] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 27.760541] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 27.762890] BndCfgS = 0x0000000000000000 [ 27.763329] Interruptibility = 00000008 ActivityState = 00000000 [ 27.763981] *** Host State *** [ 27.764287] RIP = 0xffffffff811b6777 RSP = 0xffff8800673374c8 [ 27.764892] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 27.765815] FSBase=00007f4c3a973700 GSBase=ffff88003fc00000 TRBase=ffff88003fc22cc0 [ 27.767704] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 27.768276] CR0=0000000080050033 CR3=000000003acdf000 CR4=00000000000026f0 [ 27.768993] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 27.769660] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 27.770292] *** Control State *** [ 27.770633] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 2017/08/11 21:15:13 executing program 1: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000001000-0xc)={0x6, r0, 0x0}) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f000029a000)={0x3, 0xffffffffffffffff, 0x0}) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000000)={r1, 0x6, 0x4728, r2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x69032, 0xffffffffffffffff, 0xc700000000000000) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00006dc000)="2f6465762f6b766d00", 0x240000, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_GET_PIT2(r4, 0x8070ae9f, &(0x7f000084a000-0x70)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffff9c, 0xae41, 0x1) ioctl$KVM_GET_CPUID2(r5, 0xc008ae91, &(0x7f0000739000-0xa8)={0x4, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}]}) mmap(&(0x7f0000000000/0xaec000)=nil, 0xaec000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f000000f000-0x6)="2f6465762f6b766d00", 0x0, 0x0) mmap(&(0x7f000000f000/0x1000)=nil, 0x1000, 0x2000005, 0x32, r6, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f000000f000-0x6)="2f6465762f6b766d00", 0x2, 0x0) mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x2000001, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ff5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) read$eventfd(r2, &(0x7f0000ff6000-0x8)=0x0, 0x8) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) write$eventfd(r7, &(0x7f0000aed000-0x6)=0xffffffffffffffff, 0x8) 2017/08/11 21:15:13 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x637}) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00009c7000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0b0800000000000000001ccb1007655a4f7410ae2abb2a1756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac477f1ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f79420c7ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269e787224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77615cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3520baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624bd6bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f000026f000)={0x0, 0xdf, 0x8, &(0x7f00009f0000-0x8)=0x0}) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000af0000-0x8)={0x1, 0x6}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000af4000)={0x8097, 0x10001}) 2017/08/11 21:15:13 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:13 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000afb000-0x28)={0x400000000, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000afd000)={0x0, []}) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000aff000-0x98)={0x3, 0x0, [{0x7, 0x7, 0x0, 0x0, @irqchip={0x1, 0x1cab}}, {0x1, 0x3, 0x0, 0x0, @sint={0x75d, 0x200}}, {0x81, 0x0, 0x0, 0x0, @adapter={0x3, 0x7ff, 0x1, 0x6, 0x6}}]}) ioctl$KVM_GET_DEBUGREGS(r3, 0x8080aea1, &(0x7f0000afc000)={[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 27.787827] EntryControls=0001d1ff ExitControls=00afefff [ 27.788548] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 2017/08/11 21:15:13 executing program 4: mmap(&(0x7f0000000000/0xafa000)=nil, 0xafa000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffff9c, 0xae41, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r0, 0x4004ae8b, &(0x7f00007a1000-0x1004)={0x0, ""}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000afa000)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000adf000)=[@text64={0x40, &(0x7f000099d000-0x64)="b6c3f8e788595d2a1ba31779d22e2453ab6fe204d8cb17bc3c4ab8e3e0483b9931418b5c1612cb68cb1f08acd253883205213823efd610026d3b892f9ecf43c837882ddb41cb3a22a62644cc9081d865b5c7d6d371bfbc1b7da5ab28911fcb5667d0b08b", 0x64}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_CPUID(r0, 0x4008ae8a, &(0x7f0000afb000-0x50)={0x3, 0x0, [{0xd, 0x7491, 0x9, 0x800, 0x9, 0x0}, {0x0, 0x5, 0x0, 0x7, 0x1, 0x0}, {0xc0000000, 0x4, 0x9, 0x100000001, 0x4, 0x0}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_S390_INTERRUPT_CPU(r0, 0x4010ae94, &(0x7f0000af7000)={0x7fff, 0x2, 0x401}) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000515000)={0x4, r0, 0x1}) ioctl$KVM_GET_SREGS(r0, 0x8138ae83, &(0x7f00003e2000-0x138)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}) mremap(&(0x7f0000294000/0x2000)=nil, 0x2000, 0x4000, 0x2, &(0x7f00002da000/0x4000)=nil) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000a69000)=0x3) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000af8000)={0xa3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) ioctl$KVM_GET_LAPIC(r4, 0x8400ae8e, &(0x7f0000afa000-0x400)={"7b27d3b64a87e6025ecc0555dfc410dd938e993293cc09c27d286292559242c198873530f3c60f18ef51c5613edf4323f8c02f69d0fca2266076a7e7824d9c854de7052a853a2df7169f57b8d24b07462d8c98a9965a75e5072e7c97121fc3561ff57df693eb84143554a2274744dc0bb19d4aa4d9da2fb6fa49f5b30c909603304c6dc3b28e75bbcbaa615b98ffdfa9873e1096ad1dbe1a7e4fae37da09dd5590f92b6dd95b56d37f82c247d6984325f2099b25022eda8cb94c836f181c2b9e9adbe70ae00a0a938585cf20ee10c690446248cf1c6dc8691e1fbe78fc350b36339027f9cbaa7428a665cbf6d32770ba755c5aa04961ce450df4462516f93f56e7d9e97f4cb8ff0db7a861b51d7f5fc737d5dfa7de9648dc5bd0a4a92184ca87a4c29d8580dd5783946c7466da4c8750656d511a02060a91e1f80c697f07d7788081f68024b137abd634761f0c7765265877a1c1f71f2a1d6c98461cd4fdbbf33b141c45d35c51068e3dfac09c29275a3bd0a2e762b46561ddb7efc58bffaa72096a7577d17c8fd7aeb37f46ea59e1c866fc6dbeefad42d4125dd50f76c4aac46c3c9fe58e7cf6814df077d657720ee9dd91de440202d25e6274b0894319d72d76476eb493609942cc024ebee82dbeaff4d7315ffeb0439c0555ee95381c871f1d710c4f5c29fc917649c7a5279707f964d373d3982f7030b3876d7ecbf018181bde61e3db5ab8655bca7dafbd1334be07492318ecc65687c6e5d90797a614f1afef96f4d68ce2cd053e87ad3df58641776dbe64093d32f69fe67ae8a97a88ddf1d03bdbc0d70ec4fe0da6fcec1a8079aaedf03abcac161caa036d06a765e4e14e2b2deb48dd2289e972ed26e1e4da4e81d446af11dd1fcf2ff1cf5052dfeac0e1710195ad72cc55b3a2182da4ce23a33238d3457374a3f04d569b019486de2faf6b26f3f91da458736916a85b7d0ad85104e635400462feafca888af61bc82dde5a877230871607b3059bf8ce202488cac0ec478ec316948bc2b55a4e7f30effc619be3ed746b0f4767b1869418c50e5e2e08ba6d1b447be12480a1af05ec98f28f404c2fee03efb276cf44170f150a21b6046411b6e772b1de3995cbe9b2ce9aee530323f65adc0d9606c7175d365953f8beb3629ff500edc3b783e3492cb9d29f668a0e7d66d95b6add4d101934fd394b70843c8e1c1bb84532bcf62b716853946d3df3bcb9cec40cb98b85062d1cb62dd20b8291ba7d598e1b0faaab6c7f111e59c78d6961b33ca358aa9dda30502d338c039bb704ad4ebf0b98347c47a32429b8f7f6ab1f7925c375a778faad36a6502d1e12243a11f1ba86eaa5167146ec6d4ab992920bf03baa8b24b31e7504fe8042ea2695e9f3bfa2cb27f779922ef23f37bec41e9ac5470b09a0b3304797eb6a208a902f497e6c1c76284a3fdc31"}) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f000079c000/0x18000)=nil, &(0x7f0000635000-0x18)=[@textreal={0x8, &(0x7f00004b0000)="baf80c66b88ad9018466efbafc0cedb800068ee866b9800000c00f326635000100000f300f01c9ba430066b86e60e0c766ef670f01cf9c660f6e9a00000fbc6800f0306201", 0x45}], 0x1, 0x74, &(0x7f0000afa000-0x20)=[@efer={0x3, 0x1000}, @efer={0x3, 0x9800}], 0x2) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f0000afb000)={0x2, 0x0, [{0x40000000, 0xffffffffffffff4f, 0x6, 0x1, 0x3, 0x0}, {0x8000000f, 0x8fa, 0xc95e, 0x3, 0x5, 0x0}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 27.790388] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 27.791825] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 27.793168] reason=80000021 qualification=0000000000000000 2017/08/11 21:15:13 executing program 1: mmap(&(0x7f0000000000/0xc5b000)=nil, 0xc5b000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000aef000-0x4)=0x7) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) mmap(&(0x7f0000c5b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000aef000)=[@text64={0x40, &(0x7f00006da000)="f3f30f0179ee4c0f0090000000000af36e66baa000b82b197c6aefc7442480e1f40000c7442402d6950000c7442406000000000f011c24b805000000b9af0000000f01c166baa000ecc744240030000000c744240221b77923ff1c2467410f01df66b8d7000f00d8", 0x68}], 0x1, 0x3ffe, &(0x7f0000c5b000)=[@flags={0x3, 0x100c0}], 0x1) ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f00000cb000-0x4)=0x7) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0bcfc300bc75ce5da3001ccb1007655a4f7410ae2abb351756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac4b348ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f7942061ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269bd87224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77c75cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3528baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624e76bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) mremap(&(0x7f0000446000/0x3000)=nil, 0x3000, 0x3000, 0x22, &(0x7f00002a5000/0x3000)=nil) [ 27.797526] IDTVectoring: info=00000000 errcode=00000000 [ 27.798442] TSC Offset = 0xffffffe6c181cd68 [ 27.799108] EPT pointer = 0x000000003da9f01e [ 27.799942] Virtual processor ID = 0x05e3 2017/08/11 21:15:13 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x0, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002bd000)={0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000afb000-0x28)={0x400000000, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000afd000)={0x0, []}) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000aff000-0x98)={0x3, 0x0, [{0x7, 0x7, 0x0, 0x0, @irqchip={0x1, 0x1cab}}, {0x1, 0x3, 0x0, 0x0, @sint={0x75d, 0x200}}, {0x81, 0x0, 0x0, 0x0, @adapter={0x3, 0x7ff, 0x1, 0x6, 0x6}}]}) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 27.840861] *** Guest State *** [ 27.841527] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 27.842520] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 27.843484] CR3 = 0x0000000000002000 [ 27.843942] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 2017/08/11 21:15:13 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:13 executing program 5: mmap(&(0x7f0000000000/0x16000)=nil, 0x16000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000016000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000016000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000016000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f000000c000/0x3000)=nil, 0x3000, 0x3, 0x32, r1, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1fb) mmap(&(0x7f0000af7000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r4, &(0x7f0000878000/0x18000)=nil, &(0x7f0000107000)=[@text64={0x40, &(0x7f000099d000-0x64)="b6c3f8e788595d2a1ba31779d22e2453ab6fe204d8cb17bc3c4ab8e3e0483b9931418b5c1612cb68cb1f08acd253883205213823efd610026d3b892f9ecf43c837882ddb41cb3a22a62644cc9081d865b5c7d6d371bfbc1b7da5ab28911fcb5667d0b08b", 0x64}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[@efer={0x2, 0xc00}], 0x1) mmap(&(0x7f0000af7000/0x1000)=nil, 0x1000, 0x3, 0x10, 0xffffffffffffffff, 0xffffffffffffffff) ioctl$KVM_S390_VCPU_FAULT(r4, 0x4008ae52, &(0x7f0000af7000)=0x9) mmap(&(0x7f0000895000/0x1000)=nil, 0x1000, 0x3, 0x10114, r4, 0x10000000) ioctl$KVM_SET_DEBUGREGS(r4, 0x4080aea2, &(0x7f0000af9000-0x80)={[0x10f000, 0x2, 0x100000, 0x10000], 0xfffffffffffffffd, 0xa9, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_MSRS(r4, 0xc008ae88, &(0x7f0000af7000)={0x4, 0x0, [{0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) mmap(&(0x7f0000016000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_REINJECT_CONTROL(r3, 0xae71, &(0x7f0000017000-0x20)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_XCRS(r4, 0x4188aea7, &(0x7f0000896000-0x58)={0x5, 0x4, [{0x9, 0x0, 0x800000000}, {0x2, 0x0, 0x26b}, {0x4, 0x0, 0x7fffffff}, {0x7f, 0x0, 0x6}, {0x997, 0x0, 0xc7}]}) ioctl$KVM_S390_INTERRUPT_CPU(r4, 0x4010ae94, &(0x7f000074e000)={0x5, 0x7, 0x100000000007}) ioctl$KVM_GET_XSAVE(r4, 0x9000aea4, &(0x7f0000012000)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"}) mbind(&(0x7f0000003000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000007000)=0x8, 0xff, 0x4) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f0000af6000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c0137bc281d9f1a, [0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000017000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000017000)={[{0x1000, 0x101, 0x0, 0x5, 0x3, 0x6d, 0x8, 0x80, 0x2, 0xca, 0x5, 0x8, 0x8}, {0x7ff, 0x471, 0x88d3, 0x9, 0x4, 0x3, 0x2, 0x100, 0x70, 0x1, 0x0, 0x2, 0x1ff}, {0x4, 0x68db, 0x9, 0x8000, 0x37, 0x3ff, 0xf26, 0x4, 0xebd, 0x3ff, 0x6f, 0x5, 0xffffffff7fffffff}], 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000af9000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_FPU(r4, 0x41a0ae8d, &(0x7f000000d000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7ff, 0x0, 0x1f, 0x0, 0x3f, 0x5000, 0x2000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xffffffffffffd6ca, 0x0}) ioctl$KVM_GET_REGS(r4, 0x8090ae81, &(0x7f0000af9000-0x90)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1ff) [ 27.846906] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 27.847576] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 27.848288] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.849165] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.850004] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 27.850867] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 27.851720] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.852579] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.853417] GDTR: limit=0x00000004, base=0x0000000000000000 [ 27.854279] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 27.855128] IDTR: limit=0x00000000, base=0x0000000000000001 2017/08/11 21:15:13 executing program 1: mmap(&(0x7f0000000000/0xaf4000)=nil, 0xaf4000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_GET_MP_STATE(r1, 0x8004ae98, &(0x7f000003a000)=0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000af4000)={0x4, r0, 0x0}) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000521000)={0x80000000, 0x4}) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) mmap(&(0x7f0000af5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000af5000)={"7b58c65710beb1f9f133f7a57d915a968b41dbb43aaade1f1bbc541ba2670fa8e4806466dc18e16dfc7a9684703ab206a987a48008984f601ec06c6125b6a43c6c50b9daa1f36a887242803ed5aa9796ea22d4a8b42e831953063048c722d9e3489f213a9b3d62e43b8f1f9a8244ef4e43dc4ce720958ef1a33d7ea2e92ba235115a3a3d08642a7de0b1009f598bad23f4864010c8e303d6a5aaba8975268e808c84d6aa50ebe969a9e880f79e5650d824ae793eae43413ef08d1e510af3e15da4ebd383446420eb218ef3c8a1b061f1d4fdcc5fb19c893504db0318c082a63876e4985a81a45539711446eb9f905f2f68272af0878805d1c585045213a41569d107a2233e479b1d6d56a7941ce001f3e65f372b4fddde7fdefbd1139fcb3c05a53934f21d155265116f4204f86663066b1bf4138a4b173eebf117909bf6f86e8af5f21cfcd8b3f87393dac166b2231dc457333373708c1759d04f1e8e81a31e5d599ff9ad55e1b69aa077a4452debdd38c6993ade663b2355d52e966779965f392afe5110ff55890ce634f16688288f8382b033c670a8fe7f97f01085a6cabc6e0ca9fed32ec94efec733b33145989200ac01798bbec20d869c796a467e3168c63ef61f71508e12c9064dba6011b0265e3273af9bfd36cb0d197826b3451f15ddaf1c03f2d2c3eb473b39d53922c374864347b0d481af91d4f447f1bedd5c7b9b48b4226605e9e020748637ff0ca56991e3cab8a71bceaf164e0a92c82f2dc2e80614766b843c58be0d5f2079a18e00727a1e0b3de60e50bff5cb31efb40d71bfa7dbc948bcca7931662b49096a49cb23217775c753d1ef787a933f0e4d709f768aaf43f124697e4b5176ccafe9182e5f390ddaa48b74fd72efbb1a0b54d5cf5d9d2c7553c0d4379dec5a9fd1197f3fe7deab06ea60607449794859a80ac494df3c5c512631f91a40ffd5c5bb1c3db5de43b55d2d57471c552f0ffad60b29e13122e79db7eea3fe9da536fcaf36cc7445132617b5ff41315048a837e50246c180986f7c13c57a177c0eb8d2b16069149c1ec0e5e7f6a8699501c4affbc7a24ff95cee979cbeeb587a54ebe6480fb6802914876366a843d96d3fc5912ae16a4a5565670f1dc706ef3e0a16ab422a2002c0b465c612f5b94134c2261fa31fda04e50ad59fb09320806506e16bc14ee47598e99763524d8d90fe35b93fed1ed31bd2c644b5bd63713e45200fb01f0f4057ffadb6fe21cfa4487a1c641598ecefbe68942b2beff7f1866cb5f4b4816e5b40eb52b1b7c06afebf29b47cf695c9880934dafaa8df9e59d307243aae0ccc2789ec1370d0c1b34853eb901d64475e3a9b0e7e3d62b30e0ee2bcccd35428c1e862a7cb5dc503f211f9d3cb3b9e754595059f436436170b894e1884390ebf0e92c94430cb35ecbbc4f9ae6c1e3e797c1cd7"}) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000aee000-0x8)=0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000311000/0x18000)=nil, &(0x7f00006cb000-0x18)=[@text32={0x20, &(0x7f0000af0000)="b9800000c00f3235010000000f30660febb13600c0fe0f01c8660f38812ff30f1077ac0fc7a80f000000c4c17e7ff5f4f4660f38805f84", 0x37}], 0x1, 0x0, &(0x7f0000af0000)=[], 0x0) ioctl$KVM_S390_VCPU_FAULT(r4, 0x4008ae52, &(0x7f0000af1000)=0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r3, 0x4040ae72, &(0x7f0000394000-0x14)={0x0, 0x0, 0x7ff, 0x0, 0x0}) [ 27.856615] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 27.857512] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 27.858343] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 27.859526] BndCfgS = 0x0000000000000000 [ 27.860285] Interruptibility = 00000008 ActivityState = 00000000 [ 27.860948] *** Host State *** [ 27.861311] RIP = 0xffffffff811b6777 RSP = 0xffff8800698774c8 [ 27.861963] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 27.862660] FSBase=00007f4c3a973700 GSBase=ffff88003fc00000 TRBase=ffff88003fc22cc0 [ 27.863486] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 27.864163] CR0=0000000080050033 CR3=000000003b3c8000 CR4=00000000000026f0 [ 27.864900] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 27.865814] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 27.867254] *** Control State *** [ 27.867954] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 27.869032] EntryControls=0001d1ff ExitControls=00afefff [ 27.869582] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 27.870214] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 27.870950] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 27.871580] reason=80000021 qualification=0000000000000000 [ 27.872184] IDTVectoring: info=00000000 errcode=00000000 [ 27.872671] TSC Offset = 0xffffffe6ad8e4968 [ 27.873074] EPT pointer = 0x000000003ddf201e [ 27.873497] Virtual processor ID = 0x05ff 2017/08/11 21:15:13 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000afb000-0x28)={0x400000000, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000afd000)={0x0, []}) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:13 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x0, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 27.922905] *** Guest State *** [ 27.923227] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 2017/08/11 21:15:13 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x637}) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00009c7000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0b0800000000000000001ccb1007655a4f7410ae2abb2a1756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac477f1ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f79420c7ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269e787224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77615cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3520baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624bd6bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f000026f000)={0x0, 0xdf, 0x8, &(0x7f00009f0000-0x8)=0x0}) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000af0000-0x8)={0x1, 0x6}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) [ 27.924755] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 27.925640] CR3 = 0x0000000000002000 [ 27.925947] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 27.926445] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 27.926984] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 27.927621] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.928432] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 2017/08/11 21:15:13 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000001000-0xc)={0x6, 0xffffffffffffffff, 0x0}) ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000c09000-0x8)={0x7fffffff, 0x50}) mmap(&(0x7f0000000000/0xaf4000)=nil, 0xaf4000, 0x3, 0x32, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r4, &(0x7f0000acd000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000adf000)="b90401004066b8470066bad104b0a9ee0f3052c76dfef3ab66b86f000f00d099d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e955266767f2a50f20d835080000000f22d8650f070f01b102000000", 0x5e}], 0x1, 0x0, &(0x7f0000af2000)=[], 0x0) ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4068aea3, &(0x7f0000ae9000)={0x7b, 0x0, [0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_ASSIGN_DEV_IRQ(r2, 0x4040ae70, &(0x7f0000819000-0x10)={0x6, 0x8, 0x3, 0x4}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000af4000-0x78)={0x7, 0x0, [{0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}]}) ioctl$KVM_SIGNAL_MSI(r2, 0x4020aea5, &(0x7f0000404000-0xb)={0x6000, 0x10f001, 0x3ff, 0xaf7, 0x3ff, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mlock2(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x0) madvise(&(0x7f0000004000/0x9000)=nil, 0x9000, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000006000)={0x7, 0xffffffffffffffff, 0x0}) ioctl$KVM_ASSIGN_DEV_IRQ(r2, 0x4040ae70, &(0x7f000015f000-0x10)={0x9, 0x400, 0x8, 0x400}) ioctl$KVM_ENABLE_CAP(r5, 0x4068aea3, &(0x7f000000f000-0x68)={0x81, 0x0, [0x100000000, 0x1, 0x8, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_DEVICE_ATTR(r0, 0x4018aee1, &(0x7f00009ce000-0x18)={0x0, 0x0, 0x2, &(0x7f0000830000)=0x0}) [ 27.929466] SS: sel=0x0000, attr=0x0b061, limit=0x00001000, base=0x0000000000000000 [ 27.930426] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 27.931360] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.932230] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 27.933121] GDTR: limit=0x00000004, base=0x0000000000000000 [ 27.934003] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 27.934913] IDTR: limit=0x00000000, base=0x0000000000000001 [ 27.935821] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 27.936652] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 27.937502] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 27.938402] BndCfgS = 0x0000000000000000 [ 27.938917] Interruptibility = 00000008 ActivityState = 00000000 [ 27.939528] *** Host State *** [ 27.940074] RIP = 0xffffffff811b6777 RSP = 0xffff880068ad74c8 [ 27.940912] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 27.941653] FSBase=00007f4c3a973700 GSBase=ffff88006e000000 TRBase=ffff88006e022cc0 [ 27.942555] GDTBase=ffffffffff575000 IDTBase=ffffffffff57b000 2017/08/11 21:15:13 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000afb000-0x28)={0x400000000, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000afd000)={0x0, []}) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 27.945048] CR0=0000000080050033 CR3=000000003e128000 CR4=00000000000026e0 [ 27.946148] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 27.950741] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 27.951965] *** Control State *** [ 27.952418] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 27.958773] EntryControls=0001d1ff ExitControls=00afefff [ 27.959950] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 27.962202] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 27.965181] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 27.965952] reason=80000021 qualification=0000000000000000 [ 27.966821] IDTVectoring: info=00000000 errcode=00000000 [ 27.967637] TSC Offset = 0xffffffe69b5d6fa2 [ 27.968193] EPT pointer = 0x000000006986e01e [ 27.968860] Virtual processor ID = 0x0600 2017/08/11 21:15:13 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0xd000, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:13 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x0, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000afb000-0x28)={0x400000000, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 4: mmap(&(0x7f0000000000/0xae8000)=nil, 0xae8000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, &(0x7f0000007000)={0x6, [0x14bbf6c5, 0xff, 0x1, 0x2, 0x1, 0x9]}) mmap(&(0x7f0000ae8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ae9000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aea000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r3 = pkey_alloc(0x0, 0x3) mlock2(&(0x7f0000987000/0x4000)=nil, 0x4000, 0x1) pkey_free(r3) mbind(&(0x7f00003d2000/0x400000)=nil, 0x400000, 0x2, &(0x7f0000aeb000-0x8)=0x1, 0x7, 0x1) mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000aeb000)={0xf004, 0xf000, 0x8, 0x200, 0x80000000000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f000099d000-0x120)={0x7, 0x0, [{0x80000006, 0x9, 0x2, 0x9, 0xe669, 0xffffffff, 0x7f, [0x0, 0x0, 0x0]}, {0xb, 0x401, 0x0, 0xffffffff, 0x0, 0x909, 0x9, [0x0, 0x0, 0x0]}, {0x40000000, 0x4788, 0x5, 0x2, 0x7ff, 0x80000000, 0x2, [0x0, 0x0, 0x0]}, {0x40000007, 0xfff, 0x2, 0xffff, 0x2, 0x1ff, 0x3, [0x0, 0x0, 0x0]}, {0x40000001, 0x80000000, 0x2, 0x3, 0x4, 0x5c0a, 0xc7, [0x0, 0x0, 0x0]}, {0x80000019, 0x80, 0x1, 0x0, 0x1, 0x8, 0x9, [0x0, 0x0, 0x0]}, {0x0, 0x6, 0x4, 0x401, 0x3, 0x63f, 0x1, [0x0, 0x0, 0x0]}]}) munmap(&(0x7f000029e000/0x3000)=nil, 0x3000) mmap(&(0x7f0000295000/0x4000)=nil, 0x4000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00005c3000/0x18000)=nil, &(0x7f0000992000)=[@text32={0x20, &(0x7f0000aec000-0x3f)="2e0f08660f71e700c4e17a120ab9800000c00f3235010000000f300f01c8c4e3b57cc6933e0fc758a7673e260fc72efb0066b84d008ec0b8010000000f01c1", 0x3f}], 0x1, 0x2, &(0x7f0000aec000-0x20)=[@cstype3={0x5, 0x5}, @cr0={0x0, 0x10000}], 0x2) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000054b000/0x18000)=nil, &(0x7f0000828000-0x18)=[@text32={0x20, &(0x7f0000ae8000)="c4c17d2b461a66ba2000ec26670ff29f775466b804008ee8c744240000900000c7442402b0000000c7442406000000000f01142466baa000b87b0000000f23d00f21f835100000020f23f8f6774666baa000ed66ba42ecc4e27d2a85a2a50000", 0x60}], 0x1, 0x0, &(0x7f0000ae1000)=[@cr0={0x0, 0x10000}, @dstype0={0x6, 0x5}], 0x2) mmap(&(0x7f0000aea000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f000079f000)={0x101ff, 0x3, 0x10000, 0x1000, &(0x7f0000996000/0x1000)=nil}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000aeb000-0x10)={0x15004, 0x10000, 0x0}) mmap(&(0x7f000029e000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f000029f000-0x48)={0x3, 0x0, [0x40, 0x5, 0x8001, 0x1, 0x7, 0x3, 0x6, 0xcd8c]}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000379000-0xc)={0x3, r2, 0x1}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000ae7000)={0x1, 0x0, [{0x11, 0x0, 0x5}]}) 2017/08/11 21:15:13 executing program 1: mmap(&(0x7f0000000000/0xae8000)=nil, 0xae8000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, &(0x7f0000007000)={0x6, [0x14bbf6c5, 0xff, 0x1, 0x2, 0x1, 0x9]}) mmap(&(0x7f0000ae8000/0x1000)=nil, 0x1000, 0x2000000, 0x10, r0, 0x4) mmap(&(0x7f0000ae9000/0x1000)=nil, 0x1000, 0x3, 0x10, r0, 0x0) mmap(&(0x7f0000aea000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) eventfd2(0x100000fff, 0x80003) mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x33, 0xffffffffffffffff, 0x0) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000aec000-0x40)={0x9000000000000000, 0x0, 0x8, 0x2, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]}) r3 = pkey_alloc(0x0, 0xffffffffffffffff) pkey_free(r3) mbind(&(0x7f0000a7d000/0x2000)=nil, 0x2000, 0x4003, &(0x7f0000aeb000-0x8)=0x1, 0x7, 0x13) r4 = eventfd2(0x7, 0x80000) read$eventfd(r4, &(0x7f000044a000)=0x0, 0x8) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f000099d000-0x120)={0x7, 0x0, [{0x80000006, 0x9, 0x2, 0x9, 0xe669, 0xffffffff, 0x7f, [0x0, 0x0, 0x0]}, {0xb, 0x401, 0x0, 0xffffffff, 0x0, 0x909, 0x9, [0x0, 0x0, 0x0]}, {0x40000000, 0x4788, 0x5, 0x2, 0x7ff, 0x80000000, 0x2, [0x0, 0x0, 0x0]}, {0x40000007, 0xfff, 0x2, 0xffff, 0x2, 0x1ff, 0x3, [0x0, 0x0, 0x0]}, {0x40000001, 0x80000000, 0x2, 0x3, 0x4, 0x5c0a, 0xc7, [0x0, 0x0, 0x0]}, {0x80000019, 0x80, 0x1, 0x0, 0x1, 0x8, 0x9, [0x0, 0x0, 0x0]}, {0x0, 0x6, 0x4, 0x401, 0x3, 0x63f, 0x1, [0x0, 0x0, 0x0]}]}) mmap(&(0x7f0000295000/0x4000)=nil, 0x4000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000054b000/0x18000)=nil, &(0x7f0000828000-0x18)=[@text32={0x20, &(0x7f00004f0000-0x62)="c4c17d2b461a66ba2000ec26670ff29f775466b804008ee8c744240000900000c7442402b0000000c7442406000000000f01142466baa000b87b0000000f23d00f21f83510000002670f015feef6774666baa000ed66ba42ecc4e27d2a85a2a50000", 0x62}], 0x1, 0x0, &(0x7f0000ae1000)=[@cr0={0x0, 0x10000}, @dstype0={0x6, 0x5}], 0x2) mmap(&(0x7f0000aea000/0x1000)=nil, 0x1000, 0x2000007, 0x32, 0xffffffffffffffff, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f000079f000)={0x101ff, 0x3, 0x10000, 0x1000, &(0x7f0000996000/0x1000)=nil}) madvise(&(0x7f0000711000/0x4000)=nil, 0x4000, 0x6) mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000aec000)={0x15001, 0x10000, 0x0}) r5 = eventfd2(0x9, 0x0) read$eventfd(r4, &(0x7f0000120000-0x8)=0x0, 0x8) write$eventfd(r5, &(0x7f0000789000)=0x7, 0x8) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000379000-0xc)={0x4, r2, 0x1}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000ae7000)={0x1, 0x0, [{0x11, 0x0, 0x5}]}) [ 28.036094] *** Guest State *** [ 28.036375] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 28.037069] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 28.037968] CR3 = 0x0000000000002000 [ 28.038453] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 28.038990] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 28.039515] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 28.040157] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.040782] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.041429] SS: sel=0x0000, attr=0x09071, limit=0x00001000, base=0x0000000000000000 [ 28.042196] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 28.042802] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.043462] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.044294] GDTR: limit=0x00000004, base=0x0000000000000000 [ 28.045063] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 28.045939] IDTR: limit=0x00000000, base=0x0000000000000001 [ 28.046696] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 28.047639] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 28.048292] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 28.049182] BndCfgS = 0x0000000000000000 [ 28.049611] Interruptibility = 00000008 ActivityState = 00000000 [ 28.050251] *** Host State *** [ 28.050754] RIP = 0xffffffff811b6777 RSP = 0xffff88003a0774c8 [ 28.051837] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 28.052660] FSBase=00007f4c3a973700 GSBase=ffff88003fc00000 TRBase=ffff88003fc22cc0 [ 28.053474] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 28.054255] CR0=0000000080050033 CR3=0000000069a82000 CR4=00000000000026f0 [ 28.054997] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 28.055730] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 28.056581] *** Control State *** [ 28.056975] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 28.057699] EntryControls=0001d1ff ExitControls=00afefff [ 28.058385] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 28.059353] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 28.060033] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 28.060805] reason=80000021 qualification=0000000000000000 [ 28.061506] IDTVectoring: info=00000000 errcode=00000000 [ 28.062517] TSC Offset = 0xffffffe684affac4 [ 28.063348] EPT pointer = 0x000000003d25801e [ 28.063767] Virtual processor ID = 0x05fd 2017/08/11 21:15:13 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0xf000, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:13 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x637}) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00009c7000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0b0800000000000000001ccb1007655a4f7410ae2abb2a1756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac477f1ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f79420c7ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269e787224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77615cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3520baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624bd6bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f000026f000)={0x0, 0xdf, 0x8, &(0x7f00009f0000-0x8)=0x0}) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000af0000-0x8)={0x1, 0x6}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 4: mmap(&(0x7f0000000000/0xade000)=nil, 0xade000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000562000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mlock2(&(0x7f0000340000/0x3000)=nil, 0x3000, 0x1) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f0000ade000/0x1000)=nil, 0x1000, 0x5, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000630000/0x18000)=nil, &(0x7f0000777000)=[@text32={0x20, &(0x7f0000ad7000-0x52)="26f20f5fd3660f3880bff2ff0000b8f0ffff7f0f23c0c4e27918f73503000c000f23f8b9ac08000026640f01c8ba0000000066ba4200ed26f26d26660ffbe766ba2000b800000000ef3e0f4dd9", 0x4d}], 0x1, 0x0, &(0x7f0000715000)=[], 0x0) mmap(&(0x7f0000adf000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000adf000)={0x1, 0x0, [{0x485, 0x0, 0x0}]}) ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0x8001) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f0000ae1000-0x18)={0x0, 0x9, 0x1, &(0x7f0000833000)=0x0}) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000ade000)={0xee9a0bee73b23a6, &(0x7f0000ade000)=0x0, 0x0, 0xffffffffffffffff, 0x0}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000ae0000)={0x0, []}) mmap(&(0x7f0000000000/0xaeb000)=nil, 0xaeb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) 2017/08/11 21:15:13 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x0, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 1: mmap(&(0x7f0000000000/0xa71000)=nil, 0xa71000, 0xffffff, 0x32, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000d29000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000)=0x6, 0x200c, 0x0) r0 = pkey_alloc(0x0, 0x8000) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f000000b000-0x20)={0x10007, 0x1, 0x1, 0x2000, &(0x7f0000007000/0x2000)=nil}) pkey_mprotect(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x3, r0) munmap(&(0x7f0000006000/0x1000)=nil, 0x1000) mremap(&(0x7f0000005000/0x1000)=nil, 0x1000, 0xb000, 0x3, &(0x7f0000a66000/0xb000)=nil) mremap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000a6b000)={0x10003, 0x1, 0xf002, 0x2000, &(0x7f0000008000/0x2000)=nil}) mlock2(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1) mlock2(&(0x7f000034e000/0x4000)=nil, 0x4000, 0x1) ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0) mmap(&(0x7f0000000000/0xae8000)=nil, 0xae8000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f0000197000)={{0x100000, 0x2, 0x3, 0x4, 0x2, 0x5, 0x80000000, 0x8, 0x20, 0x9, 0x8, 0x81, 0x0}, {0x0, 0x2, 0x4, 0x20, 0x6, 0x7, 0x1, 0x7, 0xfffffffffffffffd, 0x81, 0x7, 0x200000000, 0x0}, {0xf000, 0x100000, 0x3, 0x44855d8f, 0x0, 0x4, 0x0, 0x8ce0000000, 0xfffffffffffffffa, 0x0, 0xfff, 0x8, 0x0}, {0x16004, 0x10000, 0xd, 0x4, 0x8001, 0x6, 0x4, 0x400, 0x401, 0x4, 0x9, 0x9, 0x0}, {0x2000, 0x1, 0xf, 0x300, 0x3, 0x8001, 0xb7, 0xae, 0x7, 0xfff, 0xfff, 0x1, 0x0}, {0x103000, 0x67e51b6418fe7baa, 0x4, 0x0, 0x3ff, 0x5, 0xfffffffffffffffd, 0xffffffffffffffff, 0x10000, 0x6, 0x5, 0x100, 0x0}, {0xf002, 0x1, 0x0, 0x9, 0x7, 0x0, 0x1, 0x7, 0xe52c, 0x4, 0x4, 0x2, 0x0}, {0x10000, 0x113002, 0xc, 0x100000000, 0x0, 0xfffffffffffff801, 0x4, 0xaaa, 0x7, 0x6, 0xd6, 0x3, 0x0}, {0x6000, 0x10f004, [0x0, 0x0, 0x0]}, {0x10000, 0xd004, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x100000, 0x400000, 0xa, 0x400, 0x7001, [0x5, 0xcc9, 0x1, 0x6]}) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r4, 0x4008ae48, &(0x7f000025d000-0x8)=0x14002) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) mmap(&(0x7f0000ae8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ae9000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ae9000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_MSRS(r5, 0xc008ae88, &(0x7f0000ae9000)={0x2, 0x0, [{0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}]}) r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) mmap(&(0x7f0000ae8000/0x1000)=nil, 0x1000, 0x7, 0x1011, r6, 0x0) syz_kvm_setup_cpu$x86(r4, r6, &(0x7f0000780000/0x18000)=nil, &(0x7f0000ae8000)=[@text64={0x40, &(0x7f0000198000-0x6e)="0fa222d8d8200000000f22d8c74424000e000000c7442402e2bf0000c7442406000000000f01142426400f22c62e2e67260f01cfc4e1975fe566baf80cb8ec89438866bafc0c66b85cac66ef440f20c03507000000440f22c08fc830a2b734ff1da30fc4210171e0b3c4e2fda8f1", 0x6e}], 0x1, 0x6d, &(0x7f000095e000)=[], 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) mmap(&(0x7f0000ae9000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_DIRTY_TLB(r6, 0x4010aeaa, &(0x7f0000ae9000)={0x5, 0x7f}) munlock(&(0x7f0000003000/0x2000)=nil, 0x2000) 2017/08/11 21:15:13 executing program 5: mmap(&(0x7f0000000000/0xade000)=nil, 0xade000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000562000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mlock2(&(0x7f0000340000/0x3000)=nil, 0x3000, 0x1) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f0000ade000/0x1000)=nil, 0x1000, 0x5, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000630000/0x18000)=nil, &(0x7f0000777000)=[@text32={0x20, &(0x7f0000ad7000-0x52)="26f20f5fd3660f3880bff2ff0000b8f0ffff7f0f23c0c4e27918f73503000c000f23f8b9ac08000026640f01c8ba0000000066ba4200ed26f26d26660ffbe766ba2000b800000000ef3e0f4dd9", 0x4d}], 0x1, 0xfffffffffffffffe, &(0x7f0000715000)=[], 0x0) mmap(&(0x7f0000adf000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000adf000)={0x1, 0x0, [{0x485, 0x0, 0x7fffffff}]}) ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0x8001) ioctl$KVM_DEASSIGN_DEV_IRQ(r1, 0x4040ae75, &(0x7f0000222000-0x10)={0x4, 0x4, 0xc6, 0x100}) mmap(&(0x7f0000ade000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ae0000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f00001f6000)={0x4, r2, 0x1}) mmap(&(0x7f0000adf000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r3, 0x4040ae72, &(0x7f0000ae0000-0x14)={0x0, 0x2, 0x8, 0x2, 0x1}) mmap(&(0x7f0000ae0000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f0000ae1000-0x18)={0x0, 0x9, 0x1, &(0x7f0000833000)=0x0}) mmap(&(0x7f00007e0000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000ade000)={0xee9a0bee73b23a6, &(0x7f0000ade000)=0x0, 0x0, r3, 0x0}) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f0000979000-0x18)={0x0, 0x2, 0x9, &(0x7f000011f000-0x8)=0x0}) ioctl$KVM_GET_IRQCHIP(r1, 0xc208ae62, &(0x7f0000a11000-0xd8)=@ioapic={0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}]}) mmap(&(0x7f0000857000/0x2000)=nil, 0x2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000ae0000)={0x0, []}) mmap(&(0x7f0000ae1000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xaeb000)=nil, 0xaeb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) 2017/08/11 21:15:13 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 5: mmap(&(0x7f0000000000/0xaeb000)=nil, 0xaeb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000009a000-0x9)="2f6465762f6b766d00", 0x20000000002000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, &(0x7f0000007000)={0x6, [0x14bbf6c5, 0xff, 0x1, 0x2, 0x1, 0x9]}) r3 = eventfd2(0xfff, 0x80000) mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000aec000-0x10)={0x10201, 0x0, &(0x7f0000327000/0x3000)=nil}) read$eventfd(r3, &(0x7f0000964000-0x8)=0x0, 0x8) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x75) r4 = pkey_alloc(0x0, 0x3) pkey_free(r4) mbind(&(0x7f00003d2000/0x400000)=nil, 0x400000, 0x2, &(0x7f0000aeb000-0x8)=0x1, 0x7, 0x1) r5 = eventfd2(0x80000000, 0x80801) mmap(&(0x7f0000256000/0x3000)=nil, 0x3000, 0x300000d, 0x80000000039, r1, 0x3) mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f0000aec000)={0x0, 0x1, 0xa6, &(0x7f0000aed000-0x8)=0x0}) read$eventfd(r5, &(0x7f000044a000)=0x0, 0x8) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f000099d000-0x120)={0x7, 0x0, [{0x80000006, 0x9, 0x2, 0x8000000000009, 0xe669, 0xffffffff, 0x7f, [0x0, 0x0, 0x0]}, {0xb, 0x401, 0x0, 0xfffffffd, 0x0, 0x909, 0x9, [0x0, 0x0, 0x0]}, {0x40000000, 0x4788, 0x5, 0x2, 0x7ff, 0x80000000, 0x2, [0x0, 0x0, 0x0]}, {0x40000007, 0xfff, 0x2, 0xffff, 0x2, 0x1ff, 0x3, [0x0, 0x0, 0x0]}, {0x40000001, 0x80000000, 0x2, 0x3, 0x4, 0x5c0a, 0xc7, [0x0, 0x0, 0x0]}, {0x80000019, 0x80, 0x1, 0x0, 0x1, 0x4, 0x9, [0x0, 0x0, 0x0]}, {0x0, 0x6, 0x4, 0x401, 0x3, 0x63f, 0x1, [0x0, 0x0, 0x0]}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000ae7000)={0x1, 0x0, [{0x12, 0x0, 0x5}]}) [ 28.189914] *** Guest State *** [ 28.190389] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 28.191713] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 2017/08/11 21:15:13 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 28.192888] CR3 = 0x0000000000002000 [ 28.193908] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 2017/08/11 21:15:13 executing program 4: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x4, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000ae6000-0x20)={0x3, 0x0, 0x100000, 0x2000, &(0x7f00002cb000/0x2000)=nil}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f00000ca000+0x1b9)={0x74, 0x0, [0x1, 0xb9c, 0x6, 0x6], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000766000-0x20)={0x107000, &(0x7f0000af3000)=0x0, 0x8000, r1, 0x0}) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00005f6000-0x48)={0x70003, 0x0, [0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1ff000004]}) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_XSAVE(r2, 0x5000aea5, &(0x7f00001c7000-0x400)={"857a6b28ea19a822f85c9c0b9c92389419b54e33c2ecc6889b129c1ccc27d95b563921f5a1484bbd1fa6c720aa8eb159b13b5f7b4a1d756cae613e3518108ce96617254ceeb63f4aef6b76f632bbadbc746f641544ef94d6b9336c98aea3b684e9433efce197f1cea3c46ca0219d90fe155a2fde52259ac9a2936bc7b4dacfea210427fb81b4fbae0827530b506079f7711d0b73515fd44ccf391a5e00ab0a461a0df035b4278fdce8806341e914dc275a6964b4c44a1d23ce87cbbe864b317f3aa67a781bd98d9c5cf4c6dc6b788da8f653f3f543c1de6a62198fdd0d5f95a5589927fd0022ff1963953462f97802b369d36313fea01bf46e7553f4ba5278ffc56582b3908fda73de8c32e7dde63d9d699336f984fa42761f781b0d0dd28ba3f159505c51a4843a537bd10779719db8cd6c2d13a16fcec69ebda2c357960da19ba4745100d9f014ea3f81273231ac8a68cfc8f64a08ba82451f391fb58b2c1d4af6834761905b7a571b3df0189706c9be94e196c4e889ec05c0e2be58ec7d0180ab1d95798ae5e73ebd56bbb527fe607428d63f46a22600bdd600cfe87b6672e7b3d3e1015125e5a08eec9439d7f30f8596216b47125a4b6b9b26c5a5e5ce2a42fa830686a341367241dc8bd1ff4aa0c244913c5b766f6edf846b4d13b5cdea8d912b54b0e9a68c90eb21dd8b96eab025595722bdfa9baf0dd2120a78c89ea9fd24c9d46ad85ce2f7bfd4bea9350b7be383669c4ad5e213a475bfac205edfa6a3088a5a043459db6d66a4cf91960932ee225da497b2e1928a11fcfee8946f6ab508af72c637881c063d1df8cf7c8b6f11f65e5b17242dc860278787a383fb3105d3f8b20ff32bb2dfe12bd5b1ee1f45d2992a45332819f78df4370a17f2f25d03e08983de0fa5a893cce08c4c09462f3de02667b2eff794487cf26fcc421165779a75c4f686ed156b33cd328b9538dbe14cc918d09527de180c279b38f05cdc53c492020239e0fe10d83b486335e4e38472d8d62b206ce3c9dd089065a0e96ca5ea3f13f157257796338fbbae8dad3f0798057db4843575c5ab49218996dc05bd158f0c4a4dd6832f7014fc1f54eff81361d88d1e87fb2b6ac27d5a09dbb546215dfc8175d7723f086a512b24ad07d5f997fdcd1ce29fbcf4fc44b22f273b61cc16205dc797cc4427bf74f576eb47d83d181bae13e22cf6925931d84a487c51d493a9eeeaf1980c54920f646ee12164c53bcd7dad526a4b2afaee38a83c92119f23f57beab8626d735efbb17bb4aac0ca30f32bf3add64466359038235aabe1d3b1312641a203e1d3caa424a078cd79343f90c0cdb0083335a55383beb7b283d164932aa92c107ffa56fd40333eb91a70355a57ea8c25e6bef3969434e136658fa10752611108aaa02099beb764005e947c2a86b51758e24e96037737140095"}) mbind(&(0x7f00007e6000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000af4000)=0x10001, 0x100000000, 0x4) eventfd2(0x0, 0x801) mmap(&(0x7f0000ae6000/0x1000)=nil, 0x1000, 0x6, 0x10, 0xffffffffffffffff, 0x3) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, &(0x7f0000af3000)=0x10002) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x1) ioctl$KVM_GET_FPU(r2, 0x81a0ae8c, &(0x7f0000af5000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) mmap(&(0x7f0000af5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000af6000-0xc)={0x1, r2, 0x1}) mmap(&(0x7f0000af5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af6000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af6000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af7000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000825000/0x18000)=nil, &(0x7f000029f000)=[@text16={0x10, &(0x7f00004a0000-0x35)="9aa5ab0100670f215267260f01ca0f20c06635010000000f22c00f30b837010f00d866b9d50b00000f321ba842ae660f01c9d85a0d", 0x35}], 0x1, 0x10000000000, &(0x7f00002f4000)=[@flags={0x3, 0x4001}], 0x1) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00004b1000/0x18000)=nil, &(0x7f0000ae7000-0x18)=[@text32={0x20, &(0x7f0000aef000)="0f2107c4e17d2b210f32c4e151605b0e66ba4100b80f000000ef650f22950fc76ccf84f3260f011a66baf80cb82a839086ef66bafc0c66b8130066efead1b30000ca00", 0x43}], 0x1, 0x0, &(0x7f0000aea000)=[], 0x0) mmap(&(0x7f0000af5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000986000)={0x2000, &(0x7f0000af5000)=0x0, 0x1, r3, 0x1}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0x1) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af8000/0x1000)=nil, 0x1000, 0xffffffffffffffff, 0x32, 0xffffffffffffffff, 0x0) read$eventfd(r3, &(0x7f0000a84000-0x8)=0x0, 0x8) ioctl$KVM_S390_UCAS_MAP(r3, 0x4018ae50, &(0x7f0000af4000)={0x3ff, 0x9, 0x7fff}) [ 28.207155] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 28.207701] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 28.210544] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.214717] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 2017/08/11 21:15:13 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 28.219426] SS: sel=0x0000, attr=0x03071, limit=0x00001000, base=0x0000000000000000 2017/08/11 21:15:13 executing program 1: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x4, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aef000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_XSAVE(r2, 0x5000aea5, &(0x7f0000af0000-0x400)={"4fa3c30e6d731fc1b9ed0a032d24f18dc06519925988cf9029578d0b354730def43ba7907a562f577d81126e8acd0df79c77502d4181d9f2cb6143255ebfa3c37785a50ab1be58c51ee425865f6e49319b320cc947dee28e176489397fc3e235c3aa942dbcc0f9fbbb8e793aab81106a4d8e9e3eec453901df262ca95ae660af528f148e5b348a3b7c1dfbfdd5e203f0e83562dda056845b9ad654dd9565ee3a2b0a875b725f2a6587586940d8f5c385f38fe7939747aa02636a68a077f96709063428e042a764380e465d491366ba63faadd36d9590c9378e8c3f03b4d5887111d8c275ca8f63dd71051686ec4e131019d265e78b2eb46806d12932da7bbc926ed0d63367f6f4c515f9cd50be3853e3c478c11d844af7090000004758ffbaad6f243b0e1c2130e4669bd975bdfdb6fbff2a8fac4a8e8eb6a46621ec7df46211561d67a7d7490d38e579e3a8eb2f0c3c2a3651348527da5d3260c06060ac93473bca773150de392e47c1e9739ac1b04b83742fb2cb28ce7837d384e2a6871cd4698aec71ad7d96f013bce25dd0ddc7863c7cbfe1fccea4beb6b5ed54a72eb901d06951448c82314c23c6b5a77a738f8a7ed062908744fa50a7a59968d07ffb389b12b1a7e8b6b4ef710fcd7dd3a59c8543a7439a42990b8dd6d08a41ec4bea5b8219ae1be7f74881709d180f0b96fd56272e4a4c45c9097398b16fa4862024a67601e1980c6b940ee6e23f44484b5e3dc499a19519306688071909361346ff6113c72328e7fdc3b7f5b796abe15d54d165e54d605058f5c2dff602fb24b0b53164075379d28fc1b51633212a9a7933fce544b3015ab5ff0bcdefc4a03c963f5be0ee44bfa8a5e9944a3c63ee84523954ac555cd0ba206f6386d4cc1ebacba0a5862b05a909fb804cf949410fafb37fb84cb9b82ef2876f615156e1401c74a13e0ce18670a05593c3a2dc3c4dc3f15f5533dc3298236f1048b0ad00346b5ca8523413fe1e508140b6de20e045e9e0e949c73a509eec21b894159eb827633455ef1457359ecfcdd488abd1ce6024ef3cd390e5f64e716b53e357c47bad75fad02860af89bdac6f2f91cb02f1489949a618355d9479dfb66df7794e82b63eb0546472ed79e43d7d6975cf65631c9dcda9fa0ee735b8b9b034524434bb4a806ace65aa275a18efb43567c8f672ef4a37c1cf03fceedfa786f8c8864066fba6570ba1ccbb781bf74f7b14049b3f83d98f7904d3a10cc8099f5f3dfd8083bced3effa978e86379f1ea05d5ff604a8a1c71c79fcf15d7503897b124b21b36bf0312c4d5d6b4608f7700c055da34fecc7029b0cb745d160c987bb2c524633c9df957389b1faa0e83775d9e580a99209bf51ba82bc764c6c9471ff97789620286cc05b552d3b3abfe1b8311cb50f8fc88052bba926cd339326c748b8b3e9925768eddf00c"}) mmap(&(0x7f0000af0000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000af1000-0x40)={0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_CPUID2(r2, 0xc008ae91, &(0x7f00007ca000+0xce2)={0x2, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}]}) [ 28.220252] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 28.228326] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.229189] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.230155] GDTR: limit=0x00000004, base=0x0000000000000000 [ 28.230965] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 28.231803] IDTR: limit=0x00000000, base=0x0000000000000001 [ 28.232642] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 28.233479] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 28.234152] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 2017/08/11 21:15:13 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 28.234915] BndCfgS = 0x0000000000000000 [ 28.235567] Interruptibility = 00000008 ActivityState = 00000000 2017/08/11 21:15:13 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 28.236260] *** Host State *** [ 28.236717] RIP = 0xffffffff811b6777 RSP = 0xffff880067d374c8 [ 28.237414] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 28.239549] FSBase=00007f4c3a973700 GSBase=ffff88006e100000 TRBase=ffff88003fd22cc0 [ 28.240291] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 [ 28.240887] CR0=0000000080050033 CR3=0000000067b6e000 CR4=00000000000026e0 [ 28.241862] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 28.242659] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 28.243367] *** Control State *** [ 28.243724] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 28.244420] EntryControls=0001d1ff ExitControls=00afefff [ 28.248326] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 28.249123] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 28.250222] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 28.250892] reason=80000021 qualification=0000000000000000 [ 28.251591] IDTVectoring: info=00000000 errcode=00000000 [ 28.252152] TSC Offset = 0xffffffe66647980a [ 28.252634] EPT pointer = 0x000000006bd6f01e [ 28.253145] Virtual processor ID = 0x05f9 2017/08/11 21:15:13 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x637}) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00009c7000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0b0800000000000000001ccb1007655a4f7410ae2abb2a1756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac477f1ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f79420c7ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269e787224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77615cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3520baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624bd6bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f000026f000)={0x0, 0xdf, 0x8, &(0x7f00009f0000-0x8)=0x0}) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 5: mmap(&(0x7f0000000000/0xae8000)=nil, 0xae8000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, &(0x7f0000007000)={0x6, [0x14bbf6c5, 0xff, 0x1, 0x2, 0x1, 0x9]}) mmap(&(0x7f0000ae8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ae9000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aea000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r3 = pkey_alloc(0x0, 0x3) pkey_free(r3) mbind(&(0x7f00003d2000/0x400000)=nil, 0x400000, 0x2, &(0x7f0000aeb000-0x8)=0x1, 0x7, 0x1) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f000099d000-0x120)={0x7, 0x0, [{0x80000006, 0x9, 0x2, 0x9, 0xe669, 0xffffffff, 0x7f, [0x0, 0x0, 0x0]}, {0xb, 0x401, 0x0, 0xffffffff, 0x0, 0x909, 0x9, [0x0, 0x0, 0x0]}, {0x40000000, 0x4788, 0x5, 0x2, 0x7ff, 0x80000000, 0x2, [0x0, 0x0, 0x0]}, {0x40000007, 0xfff, 0x2, 0xffff, 0x2, 0x1ff, 0x3, [0x0, 0x0, 0x0]}, {0x40000001, 0x80000000, 0x2, 0x3, 0x4, 0x5c0a, 0xc7, [0x0, 0x0, 0x0]}, {0x80000019, 0x80, 0x1, 0x0, 0x1, 0x8, 0x9, [0x0, 0x0, 0x0]}, {0x0, 0x6, 0x4, 0x401, 0x3, 0x63f, 0x1, [0x0, 0x0, 0x0]}]}) mmap(&(0x7f0000295000/0x4000)=nil, 0x4000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000054b000/0x18000)=nil, &(0x7f0000828000-0x18)=[@text32={0x20, &(0x7f0000ae8000)="c4c17d2b461a66ba2000ec26670ff29f775466b804008ee8c744240000900000c7442402b0000000c7442406000000000f011424c4c1795b9c3301000000b87b0000000f23d00f21f8351000450266b81a008ed0f6774666baa000ed66f3e821ed85a2a50000", 0x66}], 0x1, 0x0, &(0x7f0000ae1000)=[@cr0={0x0, 0x80000000}, @dstype0={0x6, 0x5}], 0x2) mmap(&(0x7f0000aea000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f000079f000)={0x101ff, 0x3, 0x10000, 0x1000, &(0x7f0000996000/0x1000)=nil}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000aeb000-0x10)={0x15004, 0x10000, 0x0}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000379000-0xc)={0x3, r2, 0x1}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000789000-0x18)={0x1, 0x0, [{0x400, 0x0, 0x1}]}) mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000aec000-0x30)={0x1, 0x0, [{0xc000000f, 0x8, 0x6, 0x1, 0x5, 0x2ed, 0x3f0, [0x0, 0x0, 0x0]}]}) 2017/08/11 21:15:13 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x0, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 1: mmap(&(0x7f0000000000/0xae8000)=nil, 0xae8000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, &(0x7f0000007000)={0x6, [0x14bbf6c5, 0xff, 0x1, 0x2, 0x1, 0x9]}) mmap(&(0x7f0000ae8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000ae8000)="2f6465762f6b766d00", 0x80002, 0x0) mmap(&(0x7f00006c8000/0x3000)=nil, 0x3000, 0xc, 0x4011, r2, 0x0) mmap(&(0x7f0000ae8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ae9000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aea000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r3 = pkey_alloc(0x0, 0x3) pkey_free(r3) mbind(&(0x7f00003d2000/0x400000)=nil, 0x400000, 0x2, &(0x7f0000aeb000-0x8)=0x1, 0x7, 0x1) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f000099d000-0x120)={0x7, 0x0, [{0x80000006, 0x9, 0x2, 0x9, 0xe669, 0xffffffff, 0x7f, [0x0, 0x0, 0x0]}, {0xb, 0x401, 0x0, 0xffffffff, 0x0, 0x909, 0x9, [0x0, 0x0, 0x0]}, {0x40000000, 0x4788, 0x5, 0x2, 0x7ff, 0x80000000, 0x2, [0x0, 0x0, 0x0]}, {0x40000007, 0xfff, 0x2, 0xffff, 0x2, 0x1ff, 0x3, [0x0, 0x0, 0x0]}, {0x40000001, 0x80000000, 0x2, 0x3, 0x4, 0x5c0a, 0xc7, [0x0, 0x0, 0x0]}, {0x80000019, 0x80, 0x1, 0x0, 0x1, 0x8, 0x9, [0x0, 0x0, 0x0]}, {0x0, 0x6, 0x4, 0x401, 0x3, 0x63f, 0x1, [0x0, 0x0, 0x0]}]}) mmap(&(0x7f0000295000/0x4000)=nil, 0x4000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000054b000/0x18000)=nil, &(0x7f0000828000-0x18)=[@text32={0x20, &(0x7f0000ae8000)="c4c17d2b461a66ba2000ec26670ff29f775466b804008ee8c744240000900000c7442402b0000000c7442406000000000f01142466baa000b87b0000000f23d00f21f835100000020f23f8f6774666baa000ed66ba42ecc4e27d2a85a2a50000", 0x60}], 0x1, 0x0, &(0x7f0000ae1000)=[@cr0={0x0, 0x10000}, @dstype0={0x6, 0x5}], 0x2) mmap(&(0x7f0000aea000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000780000/0x2000)=nil, 0x2000, 0x9) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f000079f000)={0x101ff, 0x3, 0x10000, 0x1000, &(0x7f0000996000/0x1000)=nil}) pkey_free(r3) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000aeb000-0x10)={0x15004, 0x10000, 0x0}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000379000-0xc)={0x3, r2, 0x1}) mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000aeb000)={0x2, 0x0, &(0x7f0000935000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000ae7000)={0x1, 0x0, [{0x11, 0x0, 0x5}]}) mlock2(&(0x7f000070c000/0x1000)=nil, 0x1000, 0x1) 2017/08/11 21:15:13 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x1, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:13 executing program 4: mmap(&(0x7f0000000000/0xae8000)=nil, 0xae8000, 0x3, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000ae8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ae9000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000aea000-0x38)={0x0, 0x6, &(0x7f00002b4000)="38", &(0x7f0000ae9000-0x17)="", 0x1, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000ae9000/0x1000)=nil, 0x1000, 0x6, 0x32, r1, 0x1) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000aea000-0x8)={0x0, 0x0}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) munlock(&(0x7f0000ad5000/0x2000)=nil, 0x2000) mmap(&(0x7f0000aea000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_PCI_DEVICE(r2, 0x8040ae69, &(0x7f0000aeb000-0x14)={0x100000000, 0x5, 0x8000, 0x2, 0x8}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f00004ff000/0x18000)=nil, &(0x7f000077b000-0x18)=[@text16={0x10, &(0x7f0000aeb000-0x66)="baf80c66b813b7ee8766efbafc0cecb8f6000f00d09a43002300660f5fed6635000100000f22e06766c7442400009000006766c7442402fdffffff6766c744240600000000670f011424baf80c66b88068b08e66efbafc0ced66b9800000c00f326635002000000f303aeb0f080f01ee", 0x70}], 0x1, 0x26, &(0x7f0000ada000)=[@cr0={0x0, 0x8}], 0x1) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) mlock2(&(0x7f00006b2000/0x2000)=nil, 0x2000, 0x0) mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_S390_INTERRUPT_CPU(r3, 0x4010ae94, &(0x7f0000664000)={0x9, 0x12, 0x10000}) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f0000aec000-0x18)={0x0, 0x0, 0x0, &(0x7f00004a6000)=0x0}) mmap(&(0x7f0000aea000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_DEV_IRQ(r2, 0x4040ae70, &(0x7f000063c000-0x10)={0xea, 0x6, 0x1ff, 0x105}) mmap(&(0x7f000067f000/0x3000)=nil, 0x3000, 0x2, 0x810, r1, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000aeb000-0x8)={0x8, 0x8}) mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_XSAVE(r4, 0x5000aea5, &(0x7f0000aec000)={"f1cbdf5e1bcc02e06150c9b8abeb1a45dfa66b842325a10b66b5d8c3bf4c490d2a1a55fcaea9508fe4f8bad9e5fe54a0d3a63d674de3f1d4f6977a5472995b781a4f01325a910a4bbf7cf2ca4c946f59d57f7e8abb8b5ffadf0a95c91a97919d043ef7ef33d68338875c7440b8d62ecf8963b6b2acb0274cb9d13c13b41116761d5f78bd3721d7b1b2e0767702c4c30dfe869da79b70c074cc9535d4c2dc8ee24dc3114a2d02a5e639a864739053c2a5d18fa0b713bea66fb2a573bd4dacf4341e0b7f2afc429d6018be4ad13bd3d21f27628a1a31500d9ed94f456ccdae4397a2c0c22d2793160bb750bee789515cc9cf3c5f10a633eeeb92808a03ae349987a246b89e8986fd270549ba025c852434e00396ee87313433ac8c872728e9d883ce9ecc85f368aa86f9855bdd8ed61ad84cefd945e20b7a8d0b46f1e27a85a9f27fbce2b60da749e6a7ba07f78027f6b2a704ce0265821af090f87b78c783c04b2d0b690aa20ffbe7dc7ba61a69e0ef8a76e76ba74575ff7bad39ee3df167778633c65b7b10e0ae3afc0bc6add35707a4f324daa0ac11271784e32306c5395ac90d996ee34f24310e313bdd20d9a25d9345c0c8477140d8caaa2f18daf7ccf05473b5afd504698ed6df64d2657773644f392880e0c3a3bedd3be6fa846deccf177569888ad5e2a477df03ee1e20bdadccc811b78b3f477445fbe6678b2769da74474cb9b4ef5ce9950fb58c6738aa9232be9dd0e64e6a097f9230c08dd7fb956a6e9036af25f2290e856430cd00b23f6cfe49eb18f43584ffc86c84a9e911c7ffa20cfa804c254e8bd8c1ea00df17aad6da848dc95a66e6d4a117322dabfd52e87d8662e9ce68637c405ab12764e1c8a0f199908d2f441a619cb53f6666b3ee19a5cbe41a519504e4746812d43b45074a2c702da85f02b4a4d1766039472ed022f3f5573431b65de69477ae6f9b359330488c23296faf1e1018c705f7b86a3f61d13db0fb1ef4785f271f70d0b1259b7ab82a675b862cb548a81c7887768de982aeb2e5b7029a5570beb15efd4931face9e131123fa9556700d14d8b1fbafa0fb8fda5ce58ee42eaeed5f59f8dfea0eac04e804cd7295cc9c3a8273da132cdeb13e3ec7cd29ebcb213ddd01fc60aa1abccdf8aa68ff3390025dcad1fe7b4349e22dc07613ac0a413c4f87540efa46db963c021ca0b33a10e10b63c49834789f4d1c93231650578deb1d5c1a8fb3d03233eb1374ea1b029b0f09c881d9113d65973fbe1e84f6daca13e6f893ce3d818b3b087e11c726cb230f2a664a8c59e43886070f273b50a9e85c5fd86ee0603de07727c1f7bdb74ca7eddf10f075f35b80c03cb196c6396a96fb8cbfe26fd8a7f4b5493ce4f5701d702699155d613828accf4013a6783b3566b1546ec94bde7e31dda6885292c929b2d954e1b82337a3fa07"}) syz_kvm_setup_cpu$x86(r2, r4, &(0x7f00003b9000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text32={0x20, &(0x7f0000ae1000)="474ca5155e6727ace63fa42473f474dbbcd8f53a9959fb5c424243a6db06ca21cef4badfaaff5101015795216281283b3e62c14d2f992d41270f8cb9a19a60d1921e102c70b8001000000f23d00f21f835200000060f23f8a41a8a72a724648ad4a92dd6b8bd640f01cab44ec0d25fed6853e8ba58", 0x75}], 0x1, 0x0, &(0x7f0000adf000)=[], 0x0) mmap(&(0x7f000031c000/0x4000)=nil, 0x4000, 0x3, 0x32, 0xffffffffffffffff, 0x0) eventfd2(0xbb, 0x80001) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000aed000)={0x0, 0x0}) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000031d000)={0x0, 0x0}) mmap(&(0x7f0000000000/0xae0000)=nil, 0xae0000, 0x0, 0x4d031, 0xffffffffffffffff, 0x0) [ 28.288545] *** Guest State *** [ 28.288889] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 28.289836] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 28.290677] CR3 = 0x0000000000002000 [ 28.291073] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 28.291652] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 28.292241] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 2017/08/11 21:15:13 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 28.293188] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.294227] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.295028] SS: sel=0x0000, attr=0x0a071, limit=0x00001000, base=0x0000000000000000 [ 28.295844] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 28.296699] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.297559] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.298360] GDTR: limit=0x00000004, base=0x0000000000000000 [ 28.299188] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 2017/08/11 21:15:13 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 28.299968] IDTR: limit=0x00000000, base=0x0000000000000001 [ 28.302171] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 28.303005] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 28.303667] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 28.304420] BndCfgS = 0x0000000000000000 [ 28.304827] Interruptibility = 00000008 ActivityState = 00000000 [ 28.305852] *** Host State *** [ 28.306217] RIP = 0xffffffff811b6777 RSP = 0xffff880054faf4c8 [ 28.306807] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 28.307844] FSBase=00007f4c3a973700 GSBase=ffff88006e000000 TRBase=ffff88006e022cc0 [ 28.308922] GDTBase=ffffffffff575000 IDTBase=ffffffffff57b000 [ 28.309681] CR0=0000000080050033 CR3=000000006b170000 CR4=00000000000026e0 [ 28.310919] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 28.313072] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 28.313952] *** Control State *** [ 28.314445] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 28.315440] EntryControls=0001d1ff ExitControls=00afefff [ 28.317700] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 28.318762] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 28.324508] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 28.327331] reason=80000021 qualification=0000000000000000 [ 28.327962] IDTVectoring: info=00000000 errcode=00000000 [ 28.329785] TSC Offset = 0xffffffe6509960dc [ 28.330272] EPT pointer = 0x0000000066c2501e [ 28.330662] Virtual processor ID = 0x05c0 2017/08/11 21:15:13 executing program 5: mmap(&(0x7f0000000000/0xaf4000)=nil, 0xaf4000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_GET_SREGS(r2, 0x8138ae83, &(0x7f00006f0000-0x138)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f00000f3000)={[{0xffc000000000000, 0x20, 0x0, 0x83ee, 0x4, 0x8, 0x4, 0x9, 0x9, 0x7, 0x9, 0x0, 0x0}, {0x1f, 0x3f, 0x3, 0x4, 0x5, 0x4, 0xffff, 0x3, 0xf, 0xff, 0x3f, 0x9, 0x470}, {0x7, 0x8, 0x80000000, 0x7, 0x4, 0x8000, 0xfffffffffffffffe, 0x5, 0x2, 0x68c4, 0xba, 0x9, 0xfd79}], 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_ASSIGN_PCI_DEVICE(r1, 0x8040ae69, &(0x7f00006fb000)={0x3, 0x7, 0x8, 0x1, 0x2}) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x3, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x0, 0x0, 0x0, 0x0, 0x0}) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_REGS(r2, 0x8090ae81, &(0x7f0000af4000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f000003b000)={0x0, 0x3b, 0x1, &(0x7f000082d000)=0x0}) mmap(&(0x7f0000af5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_XCRS(r3, 0x4188aea7, &(0x7f0000af6000-0x18)={0x1, 0x1ff, [{0x4, 0x0, 0x2}]}) mmap(&(0x7f0000af6000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_LAPIC(r3, 0x8400ae8e, &(0x7f0000af6000)={"a829c6cba24bd450407bebd5254f7442b8c6d1d403bf92834ce5ac0b2cbdc1ed94542b9117b7b5267fb820bd0dc3f499214c7cc7eb126411ea27376e8346a802dc681007150b0ed335c1a538630e8eefc67b19da93eb3ea1bfbc1ef0aff2648738983c6fcee8cfd2e214d40634bcbc2e1ccd5c69ad67f252c04b5497f8b96d8b1234bf722950ced4cfd47a3ae395809629cecca72b156f59b799552015638d61e86bf48eaafb0a02ab534718b0d3ba03bc667898e0633963fcaf9c56a536e543a2be32cf8e28fcd09cadc6c901a30ec1fb58aab12fa0c262045ba44905e219b9990fd6d0b6af357f832dda3b6f6627da014dba80a956e6281c341e186f20e6bb5274d73e430b5072442108fd3bc243e51e21fb90da7da645432c16160724358d8f20ac3e4a3163e2844ccd2798fb4fe58cb9203fe18fb5aa16ac0a522de1f8c976dbbc5e4150fc6e2ab4a7be6db7a0db4fb9b9123676745c2f072270d77495da77b9d3d20cacb0d214120a61924b27f077326df783b8953098bba552960bb0df1dc5d33c06422d21381e0914706ed90450777c64c1e163dd7f99546d171d7a816b96f170436d072ad593aaca0634da3ea13b8e3ecfed30514c31e6ff25fe4f0a3ac5d56de810a64059c68f68110dfac8c79b81142cfae0f120e2b91c0d26b95f895f9558d5e9e11163dad34b84ee9cb768ba9c264949829b44f44d2ecaa82c77a216190a69db92a2f77a1ddc756f7339426ffea63846f3577226f0bda8f80bcc96e8de503a68699f24448e702a1e85c028176a960ab405c205e42b3417a9ad5c5d7ce7be52ab9e1d02edb136083b1927816cd182d44f26efa2649263b42fe4480515845b5e0bc7b4d81add47c04bb74ea1488ed7919f30fdb8c01e371e5339bb45a3c384af38df15e8b978b2168ba5d12c9a8cbe4e6a531849708c8d5b1971b56d617e916fd0b4989f24d2b77ba50d40fc8571845c820fc7e6f3835abc6abc12d7deab5c269fbf136620371abbe22c6bd7972e82d4da63668bae5e87217e990dfc860eab64facfb0c69b1c9cb18ebce22e5606c06e444299abb9fae8af115084225d494622544c2dee8c0cfe0285abe9dd1baffa6ea33e8e5194d0c3135ab315f7753f8cce34178f0439eff261b7ba0624419a0ef0fccb6dfac88e935244d81ed0fee821463f3488f0e0209b9b3e83aea917fc911439d4bb5121052057eef66c9c59ab158e24c16b11ab61cd25f814036900a65fd904500be1ee30e46bf5d9466e4d87d809f481b44985e8b7326d39c67465e3a51464e3f5c1f30ba6940e551bade8f8cd0f4ad87dccf12ffa45fbf4c06f2773b508e32de3a0c195a92c118084fad0587e310d5424daf15416a5e35a344544d52f15bccf58cf0b73cd266cc14a31abd334c502fc9b8594c3cff6fa83e98479ead08cc7d84e491a0834b92b0f28"}) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000af4000)={0x7b, 0x0, [0x0, 0x0, 0x0, 0x8001], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_XCRS(r3, 0x4188aea7, &(0x7f0000020000)={0x5, 0x3800000000000000, [{0x8, 0x0, 0xfffffffffffffffe}, {0x46a9ed81, 0x0, 0x4}, {0x0, 0x0, 0x1}, {0x7, 0x0, 0x5}, {0x0, 0x0, 0x200}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_GET_LAPIC(r3, 0x8400ae8e, &(0x7f0000224000)={"e1348a07cb208c9486bcbe18689e137065b11ef5491b5831480aaba243a7dd03117bd4998324d8c254fede8ec508460bea485cb5f8b66f2ced1ea94030770d78b1ba3be7917ae7e356bbbccee468d4e24a8009ac0b67aa865fce96fd5a9b93f8d0e99209a19170dc3c75b8f1b3ac6a9104830fc89d4769dfb7201dd3eac588080000000000006aa1d328cac2d82657d12a7697970c962e016e3ac63bf8c85706df2838d206708e40cec0f77127cdb7522398e5d60c8a8dab9f1a844c3aab629eaa486852e8fa7c7e3c24756bbefab412a75f4635cf2224a348d3a6226cc437aa2e5e43c2f2ea10c926212d7e2f1ad5122aab9fc7941408e484dce354b9fd806908e8da1b68f5530df699de8bd378c997c5ffff0000000000006e9bcb9c82739c5b83394666995b522f434beb3e78bb8df406678a8b933ab26e0338a9f661d179647dd0342df5f3952682ebaf03af2d657f3fc6becd18b17d2437c7450c9bfe17f3f98a9173045a733e4becc7cb409148b90e4754c4d467c1b82b3ab7d2d175b5d68126a65fb322ebbe25d2844d392943e500956866c732aa9e40b619a8da4ea05ae66d45b5193a65768ede202b189810222739f44472cf4a2f027cbf8a008378ce0a0bbcf684e0ee91addf193e91c85e4b2e6508e086562e33bab4e2b7123def4b56deaf9952d09d25590aaf658509e5b818b6c8aeaedbae2ff0a661956a6c7126fa2c8fec1c496df2406f56512a1fe332b7932e46ee2a174b565765e99802a0e66ce428d85ebdf48150a62e54fdab44a9f71d0d67dfdb59d762cb7a8b24b09e046df78fb15c27dfa37bf1aaf3c038591f84f66bc29cc20a5b7c73272e83dd0f9a094692df5aac383ae35030e4200b63c911efd3adcb35a27eeaee306ea944a3c38da8ca799d97bbc097ba00bf19dd60fe32361e5dcee02f0b68c602fb5ab2dbfd21e826e34dab88665a0f9b827cbd99c0649378ac5fa09a340d8c39bbbf1168fab530da86b44e0cbfe710f16cf41a87fbddd3a8046064980faf81cadfc334aa66a51bac724b272956fd968c080ee46766e2eeeb45c8533ed7eb950277bd8be90ef0ebbc383defa96e2762cd2f4dbc90090bd138197ac7e887768da901b3c8ca2b9a0a7b29c26c083cc1c216609daaa9ff2ca1b44bfc0205c7287312f28ba8daa3edba0ff878a9017b04e1fa956036db5ba4348ba3ba40acbc86d0aca873294041fa9f5f6015aab8a43907469ff81aa36c0037cb576095f9a6d6aeecb258bc67e70258556d081e65e6c9d62ca82a3638a92b18335eb34f06bff840b061919341ddcf666314516406b2f617c9b229c0321bc4e0b63e95cbcfc02ea01b368094b0924bf5067d07d3dfe620d457794d07ca774109f5afed760637fa9ee3c3e1aaf0092184323b274b22bee134ce03090719abfb0e8174a4f6c56a0d172467564e3e"}) mmap(&(0x7f0000af7000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af7000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000af7000)={0x3b, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) 2017/08/11 21:15:13 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x5, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:13 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x637}) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00009c7000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0b0800000000000000001ccb1007655a4f7410ae2abb2a1756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac477f1ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f79420c7ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269e787224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77615cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3520baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624bd6bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f000026f000)={0x0, 0xdf, 0x8, &(0x7f00009f0000-0x8)=0x0}) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x20, &(0x7f0000adf000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x0, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_TSS_ADDR(r0, 0xae47, 0xd000) mmap(&(0x7f0000000000/0xafb000)=nil, 0xafb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_DEV_IRQ(r0, 0x4040ae70, &(0x7f0000afc000-0x10)={0x9, 0x8, 0x101, 0x400}) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000afb000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x5, 0x32, r3, 0x10000000000) ioctl$KVM_S390_INTERRUPT(r0, 0x4010ae94, &(0x7f0000afb000)={0x2, 0x5, 0x8001}) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000a33000-0x28)={0xd, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_PIT(r2, 0xc048ae65, &(0x7f0000a3e000-0x70)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x11, r3, 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_PCI_DEVICE(r0, 0x8040ae69, &(0x7f0000afc000)={0x9, 0x7, 0x6, 0x1, 0xffffffffb7479c1f}) ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000afb000)={0x103, 0x22}) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f00008ac000/0x18000)=nil, &(0x7f0000358000)=[@text16={0x10, &(0x7f000017d000)="0f01c90f01cb66f0821845650f06b84f008ee8b80b008ed00f01c9baf80c66b82c4bd28666efbafc0c66b80000000066efbaf80c66b893dd3f8066efbafc0cec0f09", 0x42}], 0x1, 0x5, &(0x7f0000015000)=[], 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r1, &(0x7f0000604000/0x18000)=nil, &(0x7f0000add000)=[@text32={0x20, &(0x7f0000089000)="66ba200066ed0f0099d0330000300fe3c1c05050a2ea815cc5427595d94d3e0f236eb8cc4ab08f6fececbafc0ced0b013f640f01caf26e36643e0f224566ba4040b800000000ef", 0x47}], 0x1, 0xf, &(0x7f0000395000)=[@efer={0x3, 0xc00}], 0x1) mmap(&(0x7f0000000000/0xafe000)=nil, 0xafe000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r5, r6, &(0x7f00002d3000/0x18000)=nil, &(0x7f0000add000)=[@text16={0x10, &(0x7f0000533000)="66b8010000000f01d964660f3a4262d276a3e000f2a7b8fb008ec03667660fe5dd0ff23c0f20c06635080000000f22c0660f5f9947400f01ca", 0x39}], 0x1, 0xf, &(0x7f00007e8000)=[@efer={0x2, 0x401}, @cstype0={0x4, 0xe}], 0x2) ioctl$KVM_RUN(r6, 0xae80, 0x0) 2017/08/11 21:15:13 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 28.392300] *** Guest State *** [ 28.398417] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 2017/08/11 21:15:13 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x0, &(0x7f0000adf000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 28.406150] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 28.408203] CR3 = 0x0000000000002000 [ 28.408584] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 2017/08/11 21:15:13 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 28.409588] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 28.410468] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 28.411450] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.412394] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.413291] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 28.414503] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 28.416268] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.417160] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.418099] GDTR: limit=0x00000004, base=0x0000000000000000 [ 28.418936] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 28.421402] IDTR: limit=0x00000000, base=0x0000000000000001 [ 28.424029] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 28.424888] EFER = 0x0000000000002001 PAT = 0x0007040600070406 2017/08/11 21:15:14 executing program 5: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x0}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000311000/0x18000)=nil, &(0x7f00006cb000-0x18)=[@text32={0x20, &(0x7f0000af0000)="b9800000c00f3235010000000f30660febb13600c0fe0f01c8660f38812ff30f1077ac0fc7a80f000000c4c17e7ff5f4f4660f38805f84", 0x37}], 0x1, 0x0, &(0x7f0000af0000)=[], 0x0) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00000ab000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0bcfc300bc75ce5da3001ccb1007655a4f7410ae2abb351756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac4b348ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f7942061ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269bd87224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77c75cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3528baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624e76bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f000026f000)={0x0, 0xdf, 0x8, &(0x7f00009f0000-0x8)=0x0}) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000af0000-0x8)={0x1, 0x9}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000af3000-0x86)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x3e, 0xffffffffffffffff, 0x0) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000af2000)={0x2200000000000000, 0x105000, 0xe1fbfc4, 0x2, 0x14, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f0000af3000)={0x202000000000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000394000-0x14)={0x0, 0x0, 0x7ff, 0x0, 0x0}) [ 28.426505] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 28.429450] BndCfgS = 0x0000000000000000 [ 28.429905] Interruptibility = 00000008 ActivityState = 00000000 [ 28.433850] *** Host State *** [ 28.434887] RIP = 0xffffffff811b6777 RSP = 0xffff88003b1574c8 [ 28.436215] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 28.436860] FSBase=00007f4c3a973700 GSBase=ffff88003fd00000 TRBase=ffff88006e022cc0 [ 28.437849] GDTBase=ffffffffff575000 IDTBase=ffffffffff57b000 [ 28.438468] CR0=0000000080050033 CR3=000000006d65d000 CR4=00000000000026e0 [ 28.439560] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 28.440239] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 28.440841] *** Control State *** [ 28.441216] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 28.441902] EntryControls=0001d1ff ExitControls=00afefff [ 28.442473] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 28.443186] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 28.443844] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 28.444520] reason=80000021 qualification=0000000000000000 [ 28.445197] IDTVectoring: info=00000000 errcode=00000000 [ 28.445762] TSC Offset = 0xffffffe63cbe2982 [ 28.446471] EPT pointer = 0x00000000391b501e 2017/08/11 21:15:14 executing program 1: mmap(&(0x7f0000000000/0xe98000)=nil, 0xe98000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000017000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000da8000-0x8)={0x1f, 0x0}) r2 = eventfd2(0xedf, 0x800) write$eventfd(r2, &(0x7f000013b000)=0xfffffffffffff5e7, 0x8) r3 = eventfd2(0x0, 0x0) eventfd2(0x0, 0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000026000-0x20)={r3, 0x0, 0x2, r2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000565000)="2f6465762f6b766d00", 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = eventfd2(0x0, 0x0) r7 = eventfd2(0x9, 0x80000) ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f0000026000-0x20)={r6, 0x0, 0x2, r7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f0000e97000-0x20)={r6, 0x2000000002, 0x2, r2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000000000/0xaf0000)=nil, 0xaf0000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f000000f000-0xc)={0x0, 0xffffffffffffffff, 0x0}) mmap(&(0x7f0000e98000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000e98000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000e98000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000e98000)="2f6465762f6b766d00", 0xfffffffffffffffe, 0x0) r9 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r8, 0x8008ae9d, &(0x7f0000811000)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") syz_kvm_setup_cpu$x86(r9, r10, &(0x7f00006c1000/0x18000)=nil, &(0x7f0000777000)=[@text64={0x40, &(0x7f0000aec000)="66ba400066b8270066efb9800000c00f3235000100000f300f1a760b490f07490f23fbb9391001c0b89d83c3ceba5a3e32740f30c461b8c2d4dfb9eb0a0000b8f88fca56ba000000000f3066ba108cb824c6ed82ef66bafc0c66b8996a66effad9c92136e7", 0x65}], 0x1, 0x0, &(0x7f0000aee000)=[], 0x0) syz_kvm_setup_cpu$x86(r10, r10, &(0x7f000068d000/0x18000)=nil, &(0x7f0000aef000)=[@text64={0x40, &(0x7f0000aef000)="0f5e0520f37c7ec7442400f0ff0000c7442402d7450000c7442406000000000f011424c461f9178700000000f30f0095f7b2da67c403696fe0e466baf80cb840c37784ef66bafc0cb803000000ef0f20e035010000000f22e00f20432e4b0f01cab9d90800000f32", 0x68}], 0x1, 0x24, &(0x7f0000407000-0x10)=[], 0x0) mmap(&(0x7f0000af0000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000af0000)={[0x3d, 0x1, 0x1000, 0x9, 0x7000000, 0x7, 0x4, 0x3, 0x100000000000000, 0x8, 0x1ff, 0x8, 0x34, 0x8, 0xfffffffffffff0a6, 0xc68], 0x100000, 0x42000}) eventfd2(0x8, 0x80000) ioctl$KVM_SET_CLOCK(r8, 0x4030ae7b, &(0x7f0000003000-0x30)={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) [ 28.448780] Virtual processor ID = 0x063f 2017/08/11 21:15:14 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x0, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f000011f000)="0f0170ec0f23e764f20f2b76db613e8117b4006766c7442400003000006766c7442402003000006766c744240600000000670f011c2466b8010000000f01d967660f3801639966b80500000066b90b0000000f01d90f2205", 0x58}], 0x1, 0x0, &(0x7f0000adf000)=[], 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 28.471599] kvm [6357]: vcpu0, guest rIP: 0x9112 disabled perfctr wrmsr: 0xc2 data 0x66c9000000001043 [ 28.476808] kvm [6357]: vcpu0, guest rIP: 0x9112 disabled perfctr wrmsr: 0xc1 data 0x66c9000000001043 2017/08/11 21:15:14 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 28.483497] kvm [6357]: vcpu0, guest rIP: 0x9112 disabled perfctr wrmsr: 0xc2 data 0x66c9000000001043 [ 28.485120] kvm [6357]: vcpu0, guest rIP: 0x9112 disabled perfctr wrmsr: 0xc1 data 0x66c9000000001043 2017/08/11 21:15:14 executing program 4: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x20000000000032, r1, 0x4) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x637}) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00009c7000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0bcfc300bc75ce5da3001ccb1007655a4f7410ae2abb351756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac4b348ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f7942061ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269bd87224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77c75cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3528baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624e76bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f000026f000)={0x0, 0xdf, 0x8, &(0x7f00009f0000-0x8)=0x0}) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000af0000-0x8)={0x1, 0x9}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000af4000)={0x8097, 0x10001}) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000394000-0x14)={0x0, 0x0, 0x7ff, 0x0, 0x0}) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000af5000-0x68)={0x4, 0x0, [{0xc0000001, 0x7, 0x8, 0x2a, 0x5, 0x0}, {0x8000000b, 0x1, 0x25, 0xfffffffffffffe00, 0x80000000, 0x0}, {0xb, 0x3, 0x80000000, 0x4, 0x2e, 0x0}, {0x1, 0x2, 0x5, 0xd7fb, 0x6, 0x0}]}) 2017/08/11 21:15:14 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x637}) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00009c7000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0b0800000000000000001ccb1007655a4f7410ae2abb2a1756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac477f1ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f79420c7ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269e787224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77615cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3520baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624bd6bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f000026f000)={0x0, 0xdf, 0x8, &(0x7f00009f0000-0x8)=0x0}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 28.496511] *** Guest State *** [ 28.496876] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 28.497818] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 2017/08/11 21:15:14 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 28.498927] CR3 = 0x0000000000002000 [ 28.500743] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 28.501368] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 28.502402] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 28.503105] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.503847] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.505181] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 28.505946] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 28.506826] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.507821] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.508603] GDTR: limit=0x00000004, base=0x0000000000000000 [ 28.509371] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 28.510298] IDTR: limit=0x00000000, base=0x0000000000000001 [ 28.511090] TR: sel=0x000a, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.512592] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 28.513739] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 28.516071] BndCfgS = 0x0000000000000000 [ 28.516611] Interruptibility = 00000008 ActivityState = 00000000 [ 28.517265] *** Host State *** [ 28.517676] RIP = 0xffffffff811b6777 RSP = 0xffff88003a0774c8 [ 28.518242] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 28.519727] FSBase=00007f4c3a973700 GSBase=ffff88003fd00000 TRBase=ffff88003fc22cc0 [ 28.521215] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 28.522100] CR0=0000000080050033 CR3=000000003c4ed000 CR4=00000000000026e0 [ 28.522863] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 28.523692] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 28.524378] *** Control State *** [ 28.524835] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 28.525563] EntryControls=0001d1ff ExitControls=00afefff [ 28.526156] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 28.526962] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 28.527583] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 28.528191] reason=80000021 qualification=0000000000000000 [ 28.529043] IDTVectoring: info=00000000 errcode=00000000 2017/08/11 21:15:14 executing program 1: mmap(&(0x7f0000000000/0xafb000)=nil, 0xafb000, 0x2000002, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000afb000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00007c3000)={0x1, 0x0, [{0x0, 0x5, 0x7fff, 0x9, 0x8, 0x0}]}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000afc000-0x14e)={0x7, 0x0, [{0x7, 0x1, 0x0, 0x0, @irqchip={0xe94, 0x40}}, {0x6, 0x3, 0x0, 0x0, @msi={0x0, 0x20, 0x1000}}, {0x5, 0x2, 0x0, 0x0, @adapter={0x6, 0x9, 0x8001, 0x0, 0x8}}, {0xfffffffffffffbae, 0x2, 0x0, 0x0, @sint={0x10001, 0x1b41}}, {0x8, 0x3, 0x0, 0x0, @irqchip={0xfffffffffffffffb, 0x7}}, {0x10001, 0x0, 0x0, 0x0, @msi={0x8, 0x8, 0x5}}, {0x1, 0x7, 0x0, 0x0, @sint={0x8, 0x7ff}}]}) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000afb000-0x28)={0x400000000, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r4, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text32={0x20, &(0x7f0000afc000)="0fc73a2665660f38823b66b82d010f00d0660fe66f030f320f216b66b815000f00d8fe000f20c3c4e199576ef6", 0x2d}], 0x1, 0x42, &(0x7f00006f7000)=[], 0x0) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r2, 0x4010ae74, &(0x7f000023b000-0xc)={0x6, 0x7, 0x100}) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000afc000)={0xa, 0x0, [{0x1f, 0x0, 0x9}, {0x2, 0x0, 0x4}, {0x3fe0000000000, 0x0, 0x0}, {0x2, 0x0, 0x7253}, {0x3ff, 0x0, 0x1f}, {0x100000000, 0x0, 0x1}, {0x8001, 0x0, 0x8}, {0x2, 0x0, 0x5}, {0xd963, 0x0, 0x4}, {0xff, 0x0, 0x6}]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00006b4000)=@ioapic={0x2, 0x0, 0x0, 0x4, 0x0, [{0x3, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0xe2, 0x5, 0x0, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x6, 0x0, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x1, 0x4, 0x3, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x5d9a, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x5, 0x2, 0x7f, [0x0, 0x0, 0x0, 0x0], 0x40}, {0x9, 0x3f, 0x1, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x9, 0x1, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x0, 0x9, 0x5, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x100000000, 0x6, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x80000000, 0x10001, 0x8, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x7fffffff, 0x9, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xfffffffffffffffc, 0x1, 0xffffffffffffffe1, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x3, 0x6, 0xe945, [0x0, 0x0, 0x0, 0x0], 0xfff}, {0xfffffffffffff135, 0x6, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x8001}, {0x5bd, 0x3f, 0x7ff, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x400, 0x4, 0x9, [0x0, 0x0, 0x0, 0x0], 0x5d1f}, {0x100, 0x7f, 0xfffffffffffff801, [0x0, 0x0, 0x0, 0x0], 0x8}, {0x5, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1e71}, {0x3, 0x6, 0x6, [0x0, 0x0, 0x0, 0x0], 0x5}]}) ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f000057e000)={0x6, 0x0, [{0x80000019, 0x1200000000000000, 0x40, 0x72, 0xffff, 0x0}, {0x80000008, 0x8001, 0x3, 0x10001, 0x7fff, 0x0}, {0x40000001, 0x3, 0x2, 0x401, 0xfd9, 0x0}, {0x80000008, 0xffffffff, 0x1, 0xa9, 0x2bf9f6e3, 0x0}, {0x0, 0x5, 0x7, 0x3, 0x40, 0x0}, {0x80000001, 0xf03c, 0x2, 0x4, 0xffffffffffff0000, 0x0}]}) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000326000)={0x3f, 0x1}) [ 28.530090] TSC Offset = 0xffffffe628dfa044 [ 28.530560] EPT pointer = 0x000000003e29001e [ 28.531074] Virtual processor ID = 0x0673 2017/08/11 21:15:14 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 28.536036] *** Guest State *** [ 28.536347] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 28.537156] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 28.537955] CR3 = 0x0000000000002000 [ 28.538302] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 28.538827] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 28.539369] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 28.539954] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.540693] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 2017/08/11 21:15:14 executing program 5: mmap(&(0x7f0000000000/0xae3000)=nil, 0xae3000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000ae4000/0x1000)=nil, 0x1000, 0x3, 0x10, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@textreal={0x8, &(0x7f0000ae4000)="3e0f001b66b9800000c00f326635010000000f30d88a45000f32b800018ec80f23b9360ff9c3662664f2addd8f0900f30f5805", 0x33}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}], 0x1) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000060d000)={0x0, 0x3ff}) mmap(&(0x7f0000000000/0xae0000)=nil, 0xae0000, 0x3, 0x4d031, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) mmap(&(0x7f0000000000/0xf72000)=nil, 0xf72000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r4 = eventfd2(0x8001, 0x80001) r5 = eventfd2(0x6, 0x800) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000812000-0x20)={r4, 0x8, 0xfe, r5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000f72000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000f73000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000f74000-0x20)={0x2, &(0x7f0000454000)=0x0, 0x4, r5, 0x2}) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000f73000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000f73000)={0x0, 0x3, 0x5, 0x6, 0xffffffffffff8001}) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000821000)={0x3ff, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) [ 28.541853] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 28.542876] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 28.543641] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.544603] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.545353] GDTR: limit=0x00000004, base=0x0000000000000000 [ 28.546086] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 28.546798] IDTR: limit=0x00000000, base=0x0000000000000001 [ 28.547943] TR: sel=0x000a, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.548723] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 28.549397] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 28.550123] BndCfgS = 0x0000000000000000 [ 28.550882] Interruptibility = 00000000 ActivityState = 00000000 [ 28.551492] *** Host State *** [ 28.551785] RIP = 0xffffffff811b6777 RSP = 0xffff88003a0774c8 [ 28.552364] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 28.552981] FSBase=00007f4c3a973700 GSBase=ffff88003fc00000 TRBase=ffff88003fc22cc0 [ 28.553711] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 28.554256] CR0=0000000080050033 CR3=000000003c4ed000 CR4=00000000000026f0 [ 28.554937] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 28.555550] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 28.556099] *** Control State *** [ 28.556410] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 28.557218] EntryControls=0001d1ff ExitControls=00afefff [ 28.557793] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 28.558476] VMEntry: intr_info=80000017 errcode=00000000 ilen=00000000 [ 28.559129] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 28.559719] reason=80000021 qualification=0000000000000000 [ 28.560306] IDTVectoring: info=00000000 errcode=00000000 [ 28.560791] TSC Offset = 0xffffffe61ec1ee1a [ 28.561190] EPT pointer = 0x000000003e1d601e [ 28.561590] Virtual processor ID = 0x0666 2017/08/11 21:15:14 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 2: mmap(&(0x7f0000000000/0xaf3000)=nil, 0xaf3000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_GET_ONE_REG(r0, 0x4010aeab, &(0x7f0000000000)={0x4, 0x8}) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000af1000)={0x4, r0, 0x0}) ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f000063e000-0x38)={0x80000001, 0x0, &(0x7f0000af1000)="d066dd643821aeb86487604513c5d6aed742e9bb5fe50c5d8463ae2f50735ce7dd2f6aa8cdbc36866cf6bfb2f031bfdcdb6f5ececb2820415ff3a44dbc148993a8ae66d4e00f92e9b19add87430df7bf85c3c5b9b01bbc5c5f3ac8b78bbece4ba357b1bd13776d55f083858b87be85a0a34df9f8176ce3966b529892b4a7090a5cb425e27da194459dc6e9c2edeeeb789ae34eb1c4064edc02f7b44b71b837593903e59dd0c5c96b5eb5e659416712f73998e93bf22222570638439db1c85541c65cfae6174d3fb209341a260bf05c8a6301c914ecfba3", &(0x7f0000af2000-0x38)="8f87e8e5232f8297a0063c6eb2846b437fbdd47efda700ef9dc9658698c51712bd565cbaf9050dc9a462d50da2eb4399e17a78c1738c742b", 0xd7, 0x38, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000080000-0x9)="2f6465762f6b766d00", 0x100, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f0000af4000-0x12)={0x0, 0x6, 0x800, &(0x7f0000a02000-0x8)=0x0}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r3, 0x4010ae68, &(0x7f0000320000-0x10)={0x17000, 0x6000, 0x0}) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_INTERRUPT(r4, 0x4004ae86, &(0x7f0000ad5000)=0xf9) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f00003f7000/0x18000)=nil, &(0x7f0000a90000-0x18)=[@text32={0x20, &(0x7f00000ec000)="b90c0100c066b84710000000d0ba000000000f3052c76dfef3ab66b86f000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e955266767f2a50ff720b011b0110000000f22d8650f070f01b102000000", 0x60}], 0x1, 0x0, &(0x7f0000aed000)=[], 0x0) ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4068aea3, &(0x7f00000c4000-0x68)={0x7b, 0x0, [0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f0000af5000-0x50)={0x3, 0x0, [{0x822079501ac12f0, 0x8, 0x5e80, 0x8e44, 0x7, 0x0}, {0x80000003, 0x9, 0x4f, 0x0, 0x0, 0x0}, {0x8000000f, 0x55, 0x8, 0x8000, 0x2, 0x0}]}) mlock2(&(0x7f0000007000/0x5000)=nil, 0x5000, 0x1) ioctl$KVM_GET_LAPIC(r4, 0x8400ae8e, &(0x7f0000af2000-0x173)={"1df79cfe2f035f608bee9381364e0b65472b8040dcd38ee0597fdcfb40d1205fae1e0f00a71fbf628b73eaa346d443665199126e5a31c96e0bfc8ad7cc8b2a0a87c1609901ff70d9bf1720938b425bccbb4552cb4d9ffa7d05c860289ea76512ea59ba72026896a3e9e69d04a3ea9d6b7e413782bc0f1986da9e77bc547c3239ea7817419d034aee797394a9f348c31496164bad82878c98cbea01602ab98656ed1aa696280a6ba614258ed67967226728c3fb0152111d4f131ac481f7f9cd7f18ab982f8b7360b9f0ad09002f649dbdb8fbe9c609d7344ea77d7f4ee08bdd1fcd57ed109106a9ba90b1151c915a7149611811cf889f0ba5ed5f5025faac86befa3ca06f76d4790f2f767139d1e1d34a2e18158edef8d03eb28cc0e6ebc76cb220f0b583c13f072d746b7b2e8d4b4ce7ec42926daee2de8a5a325fe6533efcffeff478a74d2c1ef2a92fac12c01461ccd705476b87f1e1fcfc2aeabc851c6b79b03280959c4eaadc5ff3a80c0192520b5d81eff3d044aa2cccbd2794e9e5a1cfeb61c9e26b7d4ff8b5c3e7b1f03adec3ff48df3e9f3f5531da756581dd2b2454b00080918009c536caa46774089bce01b46b68f8d4230fae15623a0e381db5265df2244e72d66c9c4d09165fa47d5ba7b5c241243f1302705c846389e7e2e518ef0a74aba4508f2959ff8038d7ad72a825ff936a86b1dd15445a496a6ce7acb193618fddaf0c7210affe54fddffd60f908416e3be5f9b4369e974f1e2d0a585d507a350b812c0543f074bc78eead22381bed18b1584784ce037624cbc72930f88d7c23c47bf57dac241ef18370b35f80702c2b77a13f439468fcdfc40000051ec37304766fe7516dea8fab210a9081b2a531725c682a1c045c3cefe8de22f1002a6d8296138fa7369fb6606e682d4cf269fed0241434135af43f9bb43c1a4566845fe2e03e0f181449fa09f0c438f8e09903c1af307b87cafe2bcc061c6eadb95b6ede6a616bc6f995b266ddf8d68834679574e05d8c5d473bc5c66adcd7b7461fcc04df288a017ce3f02d56d1abf67b2f3ab7f73330e85a145a57aaf15e0360c3cc96bb75f257f235d231c3d18f4ad5748e62e2efcc5c862a73804bf7ac7d79a4a171f9ae45b2a4e41e047e82cac710593a413fe3b67aacc16fc29d03cbccf09009feaab7010214801992b525397292109e4cac63879b6b0c7443eb2ff77259bc119ca24c1b4e730ad936b1a6b9b17c97d902e26f402603f9ab7697e87743a2a25bb4349b7058906fd76a7c332a09de42bcda3079f2190168fe9cb3ac642d3be7e2a51d503227bc89a1595cc89de71d6bcccb6ad11f0c153e33b78e0c30b2a81219985efeda58e6bea638ce986e7a0a3b4a62aeaf0b9792b6bd4750c399a674953178df85ad84120b2376b6a5bb9ab68fff0ba31e7dbcdcf248720a82f6ffa7"}) ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000af0000-0xfa)={"1a3109e2ddbbb6aadcd5c2652b2031c68a46b1e3073fa0506edc5d49ad2fccfb24dd4e577f07bb72dfc55c3ea7bed5a6097ad495bd92a25655856ce787f74d5ea61c5e9cea79ea33a7eb1931b18935c40298de9e0578a07d608bbb88861a431ee6df66f43a6d10e41d43132b0409e0bd865751b9ac22eba678e73f455057062b69cafefc3885ccc262da9b8d3cf4e97cc397f96481f22b448305448300000000ecb406012c1463cd8e9eaffea2b4dafed36623e04f2fd1bde0178578d1bcdb75ba3cc3250a75c94a286e2046f4dc7dc45579ffe69eb53c9ee5144796ada9519a4a81110fda0c05e624ce574ec6b994caecf7aea051ada24edabcd54dbef8a45e35f69e8f9993e8cc2e9ade4ec84a7044e88ae422308d8e6c8c3243a65e9ad521052f0055f592964641d3e275d79a4bb7e8cf7b941e4a4b3d5a78397612e58036a1fcf53008fcf7a9b57594f656e67f2ccbfbb33e506d079178cb4b890000000043a38187a9026607da1b7cd9e6a8387e466712bba30def9b383a70039bf44cbfdd8a45877d76f09367010d9fff54b5682ceefa6bd7e268e6da89493164c5de02cd2825a173cea0c24ff63240799d4c6c751bbfca42d381e07273cfb2b48f995806b94b6369146df0662a66d6757f08c1c85842710dc50079686f01f18c89e1f7c1087d431441514ab79defae7b7c0ada7b3de1b3a6a07602c6f974bebfaf30d7a5f73a87e6dea33c2df5b6925594008528c0a95076a9dba1099dba7dfce097177eab787748fae0dbf770caf566baba5700e83629d4376fe2d7e136a3a575cc05bdfd7d82d5f4ea9817cbcf3d4101fc89967c7af87baec9359846e413d534ce995dd5dd90f90717e3663b3176aa5cda775df58789c74a53d5e43864290eb3a35d5b95bf91c35e80ce61957817c2719a553ab120021a1fcd4519d4e894964db35c848a8ae4e4c2160fd2f4bafbba9a8ae19babc72b19144b014e0a7eb85abcbc334cdc10fa3752b79e24859ebcbc954c1faf5873f78555bae5d8a56fb6367cab718cc7557bf7d988635404fc3de67606a48fba6cff353f86d450fc05946729e7f68f823e0ec70a6d05a075f7177399cbe43dc9d78ab6b8938453b36e874e310abac1ebe6b3c63ff3040f29e4ae5979a5ec907d92172c8498c5f03f07789eb85505d912f81135d91d94b02f30fc5d3a3fb9fc6b9ecf2f7843c555ed198d36e6ec3180350b138c647af7cf7794ad5d5479b62341f80d1d8873a316aae18f10807ddfa75d4a7d1c5e9094a9c7ad3bc4556a8c2cd62acedc0e9cda469a0b8afc42a73c5230e228ff11c983baadcb3f7b16797f5738c9da52ec538fda1d7ee50ea7b1cd841d32702e801c261ccbe46561933a039b5e97b30826eeefd8948939b1085429aaf4dff06e75e822e6e5446f0bece4d75f86332c5e5fc062ed9e356102c478d3"}) munlock(&(0x7f0000843000/0x3000)=nil, 0x3000) ioctl$KVM_REINJECT_CONTROL(r3, 0xae71, &(0x7f0000af2000)={0x7fff, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_NR_MMU_PAGES(r3, 0xae44, 0x6) ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4068aea3, &(0x7f0000aed000)={0x7b, 0x0, [0x6, 0x200, 0x0, 0xfd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_SET_XCRS(r4, 0x4188aea7, &(0x7f0000604000-0x58)={0x5, 0x0, [{0x0, 0x0, 0x7}, {0x8, 0x0, 0x7}, {0x27, 0x0, 0x0}, {0xfffffffffffffffb, 0x0, 0x6}, {0xfffffffffffffffb, 0x0, 0x5}]}) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f0000aec000-0x138)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000, [0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_SMI(r0, 0xaeb7) 2017/08/11 21:15:14 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:14 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0x0, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r0, 0x4018aee1, &(0x7f0000517000-0x18)={0x0, 0x6, 0x4, &(0x7f0000001000-0x8)=0x0}) mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, r0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae7000-0x9)="2f6465762f6b766d00", 0x81, 0x0) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_SREGS(r0, 0x4138ae84, &(0x7f0000aee000)={{0xf000, 0x4000, 0x0, 0x1017, 0x0, 0xbd, 0x6, 0x1000, 0x1, 0x6, 0x1, 0x9, 0x0}, {0x10000, 0x2000, 0x0, 0x7, 0x3, 0x9, 0x9, 0x7, 0x81, 0x8, 0x6, 0x80000001, 0x0}, {0x10d002, 0x4000, 0xa, 0x800, 0x80, 0xbb6, 0x1, 0xfb7, 0x9, 0x8, 0x1, 0x0, 0x0}, {0x0, 0x4000, 0x0, 0x0, 0x2, 0x7, 0x80000001, 0xfffffffffffffffe, 0x400, 0x3, 0x2, 0x401, 0x0}, {0x5000, 0x5001, 0xc, 0xffffffffffff0000, 0x56, 0x101, 0x5f4c, 0x4, 0x35, 0x17d1, 0x5, 0x9, 0x0}, {0x4000, 0x5000, 0xc, 0x9, 0x19, 0x8b, 0x0, 0x200, 0x7fff, 0x101, 0x5, 0x7c14e688, 0x0}, {0x1f000, 0x4000, 0xa, 0x800, 0xe30, 0x4, 0x3, 0x6, 0x0, 0xffffffffffff8001, 0x2, 0x90000000000, 0x0}, {0x5000, 0xf000, 0xd, 0x9, 0xffffffff, 0x8, 0x1000, 0xfffffffffffffff8, 0x3, 0xfe33, 0x3, 0xfffffffffffffffc, 0x0}, {0x4, 0x10000, [0x0, 0x0, 0x0]}, {0x1, 0x1000, [0x0, 0x0, 0x0]}, 0x80000000, 0x0, 0x100006, 0x10010, 0x5, 0x4000, 0x100000, [0xfff, 0x8, 0x485a, 0x6]}) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000241000/0x18000)=nil, &(0x7f0000777000)=[@textreal={0x8, &(0x7f0000ae8000-0x36)="e170705f058ec8f00fb11066b9e30800000732660ffdd7660f1239baf80c66b82204fb8566efba84fc0c0c9797ef394a00f30f3289bc0000", 0x38}], 0x1, 0x60, &(0x7f0000ae7000)=[], 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000aef000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0}) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_DIRTY_TLB(r3, 0x4010aeaa, &(0x7f0000aef000-0x10)={0x7, 0x100}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 28.616815] *** Guest State *** [ 28.619337] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 2017/08/11 21:15:14 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 28.623143] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 2017/08/11 21:15:14 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0x1, 0xffffffffffffffff, 0x1}) ioctl$KVM_S390_INTERRUPT(r0, 0x4010ae94, &(0x7f0000001000-0x10)={0x6, 0x0, 0x1}) mmap(&(0x7f0000000000/0xaef000)=nil, 0xaef000, 0x1000002, 0x8000000000032, r0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f00005be000)=0x3) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000af0000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_GET_CLOCK(r0, 0x8030ae7c, &(0x7f0000455000-0x30)={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f00006a1000-0x70)={[{0x4, 0x2, 0x926, 0x8, 0x8, 0xdb, 0x9, 0x20, 0x3b, 0x0, 0x9, 0xb97, 0x3e}, {0x9, 0x1, 0x1, 0x1ff, 0xffffffffffffffe1, 0xfff, 0x8, 0x9, 0x3, 0x100000000, 0x2, 0x4, 0x101}, {0xfffffffffffffffc, 0x1000, 0x4, 0x4, 0x6, 0x3, 0x4b1, 0xffffffff, 0xd3, 0x1, 0x0, 0xd1, 0xd46}], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000478000-0x70)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) [ 28.625183] CR3 = 0x0000000000002000 [ 28.625556] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 28.626133] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 28.626684] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 28.627072] kvm: emulating exchange as write [ 28.628036] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.628781] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.629567] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 28.630501] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 28.631295] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.632084] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.632881] GDTR: limit=0x00000004, base=0x0000000000000000 [ 28.633743] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 28.634561] IDTR: limit=0x00000000, base=0x0000000000000001 [ 28.635924] TR: sel=0x0000, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 28.636666] EFER = 0x0000000000002001 PAT = 0x0007040600070406 2017/08/11 21:15:14 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x637}) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00009c7000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0b0800000000000000001ccb1007655a4f7410ae2abb2a1756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac477f1ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f79420c7ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269e787224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77615cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3520baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624bd6bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 28.637964] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 28.638681] BndCfgS = 0x0000000000000000 [ 28.638960] Interruptibility = 00000008 ActivityState = 00000000 [ 28.639660] *** Host State *** [ 28.639888] RIP = 0xffffffff811b6777 RSP = 0xffff88003df274c8 [ 28.640444] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 28.640950] FSBase=00007f4c3a973700 GSBase=ffff88003fc00000 TRBase=ffff88003fc22cc0 [ 28.641698] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 28.642149] CR0=0000000080050033 CR3=000000006bdd6000 CR4=00000000000026f0 2017/08/11 21:15:14 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 28.643189] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 28.643800] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 28.644259] *** Control State *** [ 28.644607] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 28.645094] EntryControls=0001d1ff ExitControls=00afefff [ 28.645591] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 28.646290] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 28.646953] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 28.647625] reason=80000021 qualification=0000000000000000 [ 28.649139] IDTVectoring: info=00000000 errcode=00000000 [ 28.649849] TSC Offset = 0xffffffe60f772d40 [ 28.650762] EPT pointer = 0x000000003d9f601e [ 28.651200] Virtual processor ID = 0x063f 2017/08/11 21:15:14 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:14 executing program 4: mmap(&(0x7f0000000000/0xafb000)=nil, 0xafb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000506000-0xc)={0x7, 0xffffffffffffff9c, 0x1}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000afc000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000afd000-0xd2)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000afb000-0x28)={0x400000000, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000afb000)={0x7, [0x1, 0x0, 0x3, 0x101, 0x0, 0x1000, 0x2]}) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DEBUGREGS(r3, 0x8080aea1, &(0x7f0000afc000)={[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00006b4000)=@ioapic={0x2, 0x0, 0x0, 0x4, 0x0, [{0x3, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0xe2, 0x5, 0x0, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x6, 0x0, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x1, 0x4, 0x3, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x5d9a, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x5, 0x2, 0x7f, [0x0, 0x0, 0x0, 0x0], 0x40}, {0x9, 0x3f, 0x1, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x9, 0x1, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x0, 0x9, 0x5, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x100000000, 0x6, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x80000000, 0x10001, 0x8, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x7fffffff, 0x9, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xfffffffffffffffc, 0x1, 0xffffffffffffffe1, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x3, 0x6, 0xe945, [0x0, 0x0, 0x0, 0x0], 0xfff}, {0xfffffffffffff135, 0x6, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x8001}, {0x5bd, 0x3f, 0x7ff, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x400, 0x4, 0x9, [0x0, 0x0, 0x0, 0x0], 0x5d1f}, {0x100, 0x7f, 0xfffffffffffff801, [0x0, 0x0, 0x0, 0x0], 0x8}, {0x5, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1e71}, {0x3, 0x6, 0x6, [0x0, 0x0, 0x0, 0x0], 0x5}]}) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000326000)={0x3f, 0x1}) 2017/08/11 21:15:14 executing program 1: mmap(&(0x7f0000000000/0xaf0000)=nil, 0xaf0000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000001000-0xc)={0x4, 0xffffffffffffffff, 0x1}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_GET_CLOCK(r0, 0x8030ae7c, &(0x7f000073d000-0x30)={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) ioctl$KVM_S390_INTERRUPT(r0, 0x4010ae94, &(0x7f0000aef000-0x10)={0xfbcc, 0x2, 0x24538f83}) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_S390_UCAS_MAP(r1, 0x4018ae50, &(0x7f0000a03000)={0x10000, 0x8, 0x2}) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00002c1000-0x10)={0x0, 0x100000, 0x0}) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) mmap(&(0x7f0000af0000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_IRQCHIP(r0, 0xc208ae62, &(0x7f0000af1000-0xd8)=@ioapic={0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}]}) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r0, 0x4010ae74, &(0x7f0000600000-0xc)={0x80000001, 0x7f, 0x95e3}) syz_kvm_setup_cpu$x86(r0, r0, &(0x7f00004c3000/0x18000)=nil, &(0x7f0000854000-0x18)=[@text16={0x10, &(0x7f0000aee000-0x38)="3e2e362e0f01cb66b8010000000f01c1360f06b82e018ed066b9a00d00000f32f33ed1bb83000f437b2e643e36dced0f381eb351000f0134", 0x38}], 0x1, 0x40, &(0x7f0000711000-0x10)=[], 0x0) ioctl$KVM_GET_PIT(r2, 0xc048ae65, &(0x7f00002ca000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000ade000-0x40)={0x3ff, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r2, 0x8008ae9d, &(0x7f00003ce000-0x4c)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000998000-0x1e8)={0xa, 0x0, [{0x8, 0x2, 0x0, 0x0, @sint={0x401, 0x3}}, {0x1, 0x4, 0x0, 0x0, @irqchip={0x7, 0x2}}, {0x1, 0x1, 0x0, 0x0, @irqchip={0x401, 0x5}}, {0x9, 0x3, 0x0, 0x0, @msi={0xc6b, 0xe000000000000, 0x7d5}}, {0x4, 0x1, 0x0, 0x0, @msi={0x8000, 0x215e, 0x6}}, {0xfc, 0x3, 0x0, 0x0, @sint={0x81, 0xffffffff}}, {0x0, 0x3, 0x0, 0x0, @msi={0x8, 0x4, 0x3f}}, {0xffffffff, 0x3, 0x0, 0x0, @irqchip={0xcbe6, 0x7fff}}, {0x3, 0x0, 0x0, 0x0, @adapter={0x40, 0x2, 0x5, 0x2, 0x74c}}, {0xfff, 0x3, 0x0, 0x0, @sint={0x0, 0x11}}]}) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae1000)=[@textreal={0x8, &(0x7f0000aef000)="99b800008ee866b9900d00000f32440f20c066350f000000440f22c0f2abbaf80c66b85050e78a66efbafc0c66b80080000066efbaf80c66b890820d8b66efbafc0ced812878df2e672e67d9e86465660f3a0e75f607", 0x56}], 0x1, 0x28, &(0x7f0000adf000)=[@cr0={0x1, 0x10}], 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_DEASSIGN_DEV_IRQ(r2, 0x4040ae75, &(0x7f0000ae6000)={0x5, 0x7, 0x0, 0x0}) ioctl$KVM_SET_NR_MMU_PAGES(r2, 0xae44, 0x9) ioctl$KVM_RUN(r0, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x0, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 5: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00002c1000-0x10)={0x0, 0x0, 0x0}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_GET_IRQCHIP(0xffffffffffffffff, 0xc208ae62, &(0x7f0000af1000-0xd8)=@ioapic={0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f00003ce000-0x4c)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae1000)=[@textreal={0x8, &(0x7f0000aef000)="99b800008ee866b9900d00000f32440f20c066350f000000440f22c0f2abbaf80c66b85050e78a66efbafc0c66b80080000066efbaf80c66b890820d8b66efbafc0ced812878df2e672e67d9e86465660f3a0e75f607", 0x56}], 0x1, 0x28, &(0x7f0000adf000)=[@cr0={0x1, 0x10}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 2: mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x31, 0xffffffffffffffff, 0x2) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x40000000000008c, 0x400, 0x8000000004, 0x8}) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_ARM_VCPU_INIT(r0, 0x0, &(0x7f0000908000-0x20)={0xe, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0xfffffffffffffffe, 0xffffffffffff8001}) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x2) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000781000-0x8)=0xb4) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00000ab000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0bcfc300bc75ce5da3001ccb1007655a4f7410ae2abb351756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac4b348ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f7942061ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269bd87224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77c75cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3528baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624e76bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f000026f000)={0x0, 0xdf, 0x8, &(0x7f00009f0000-0x8)=0x0}) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af0000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000af1000-0x14)={0x197b, 0x0, 0x7, 0x5, 0x8}) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000af0000-0x8)={0x1, 0x9}) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000436000-0x4)=0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000394000-0x14)={0x0, 0x0, 0x7ff, 0x5, 0xbf9c}) 2017/08/11 21:15:14 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 28.706093] *** Guest State *** [ 28.706441] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 28.707330] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 28.708165] CR3 = 0x0000000000002000 [ 28.708545] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 28.709156] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 28.710052] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 28.710707] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.715911] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.716892] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 28.717651] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 2017/08/11 21:15:14 executing program 4: mmap(&(0x7f0000000000/0xaeb000)=nil, 0xaeb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00001b8000-0xf8)={0x5, 0x0, [{0x8000, 0x4, 0x0, 0x0, @adapter={0x20, 0xc10c, 0x5947, 0x4, 0x1}}, {0x4, 0x2, 0x0, 0x0, @sint={0xe1, 0x1}}, {0x7, 0x7, 0x0, 0x0, @msi={0x1, 0x8, 0x6}}, {0x1, 0x0, 0x0, 0x0, @sint={0xe5, 0x8}}, {0x20, 0x2, 0x0, 0x0, @msi={0x6, 0xfffffffffffffffe, 0x9}}]}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000aeb000)={0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f000088e000/0x18000)=nil, &(0x7f0000ae0000-0x13)=[@text16={0x10, &(0x7f0000ada000)="ba2000b0f0eeba610066b81d00000066efb800008e0c87e4670f01c800072c0f01b6cba966b8db0000000f06c80f21f866350800d0000f23f83e6567660f38dea419f79758603e3ef2ad", 0x4a}], 0x1, 0x0, &(0x7f0000adf000)=[], 0x0) r4 = eventfd2(0x0, 0x800) mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) read$eventfd(r4, &(0x7f0000aec000)=0x0, 0x8) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000aea000-0x18)={0x0, 0x0, []}) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r6 = eventfd2(0x20000000008021, 0x0) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DEBUGREGS(r3, 0x8080aea1, &(0x7f0000aee000)={[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000aed000)={"ef8fe6e4eab69b26ab0e7a75ea92592f9d9802f22c0f45cabc8156fc1a440336bdc4aace3bd880742c0a8d4c6e8e2e64aefda92718575f2929cefc0b042c4592ac3577289a3277b4d6fdf3df156a0193007d83a3612c723f72500c5b9268712f9a0c7bd0ed684d5339802705c900c72d365570ae79a36141021754a3b506ecb896a9a7529d8f9a395f1ade38303d25d35278727d51efe24bed31e55739eb742dbf97320344b4e0b411ad996fe4d2085408025e4ad1580c1723ba8708c3633d49269baf05035edce566e32c2833dabf3be3da71a0533f24cd07be8ab78a5a7f9b1dc1f912a3e4c275bb84a4b4030385cf8b07ab4211582791761465af50e1421345ac07de4c667a629a839ed3576db9e5a0903888138eb47c728ff2ad05bd595db439507992429a1fc8bc16205af35bb2abf9334630f1f808905a0e06d6f3c1845c670b5f978aa762fc1cf037e0c04f7364eee8af2c39bc8056006fa4b0d9be66dc56b8d69713592c064baa6aae078b93522619e6dfccf7b2bebcb5bcd880e53250df56d9f7ecd796ccfeab8e8ff97a4b1aea765a054911496a161a42df1bfc1b614f71a013633db036647ef438abc25e30560667a4a64535bcb9ba66afca7682d2e0808bc8d8c9e81729e41ff8ecd45093602744845c1bf68bc792c30a262b262faec7584a0a0ffa573604812580aa6d6185490241cdf75aaea3a2c6658137707dd90bfe2650d1f5f11e4a04e3a78e7758e71ab8edb3738a566d2680d1545f5c1e44d03352d5684fe7a598c1d2962e53b197def0818f4d0a25cf763cedcf8472869de78f7b1466ac5eeb4f0420e6ae00982b3deaf6797e2b7b8535225e482d3f034bd2d265c85f678ed0755a3609095cffde49e5e6dcdd16ae5c48c4aeb13e4958fcf454bf5f4124bd4c09244b06e4942ff9076e3056150165c90ab0bad48c27809213108d7dfde8465df62face0aefd98e4f2d2cc86a2b00142c0115da9db5d6aab27f3cff2fa7fb5e3bf846776f7acd8428ff92f2a1acbff6bcc9a25e4a56bf93bb2c4d31f957b1169ffc3002ff97d9fa22c18472d56fd2b3c8e3d6c99ae690594898db721820807471287986dd64072db24dc573268f4b079260e6821f1b51208ec1e16c999d96d8396595a919043378fe5247376a36f0d715c221b51324c14aba982d44304088fca84793f739e0f7a31e0f8e7a2a5dcc0c39a9fe563faf3ad9f0a8a5171db18ae19598c90182dcdd03bd3e5611a45d2f7807e7b179067bd954f57dc2780fba6d2c47da2b70a63ea428b422545b768d17ecc52df170c8b41fb3b599ff9d7b8121e5501ea700a48f0156942404949fd53e8b601a6086a478a5451bb8ae526b2a8fcacad6e18e83d2d83839206c0c7a5b93b6aa097044da9488c2e1b87e607c0e6caabf95b94a02fc0556f95b80ee56800912babdfdefc4a5b"}) r7 = eventfd2(0x0, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r5, 0x4004ae8b, &(0x7f0000071000-0x50)={0x4c, "1c4c820efa6b7414d1451725b70130486bbb62b52d1988fed8d4e07f6759f6f8bb9b7bd91f07536afca166954696c90af92f61c54c15daa13f1877ec029bc190d2f351321a498a14db24be40"}) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000aeb000-0x20)={r6, 0x3, 0x2, r7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) read$eventfd(r7, &(0x7f0000aee000-0x8)=0x0, 0x8) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 28.720577] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.721952] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.724307] GDTR: limit=0x00000004, base=0x0000000000000000 [ 28.724910] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 2017/08/11 21:15:14 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x637}) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00009c7000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 28.728047] IDTR: limit=0x00000000, base=0x0000000000000001 [ 28.728627] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 28.730532] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 28.731185] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 2017/08/11 21:15:14 executing program 5: mmap(&(0x7f0000000000/0x28000)=nil, 0x28000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000017000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_KVMCLOCK_CTRL(r2, 0xaead) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000017000)={{0x106000, 0xf001, 0x1f, 0x6, 0x5, 0x6000000000000000, 0x4, 0x8001, 0x1, 0x1f, 0x2, 0x6585099f, 0x0}, {0x3, 0xf000, 0x0, 0x9, 0x100000001, 0x2, 0x1f, 0x10000, 0x2, 0x8, 0x120000000, 0x2, 0x0}, {0x0, 0x6000, 0xe, 0x8, 0x4, 0x400, 0x800, 0x1f, 0x4, 0xfffffffffffffffc, 0x289, 0x2, 0x0}, {0x4000, 0x4, 0xe, 0x5, 0x20, 0x0, 0x3, 0x80000000, 0x4, 0x7, 0x1, 0xfffffffffffffffd, 0x0}, {0x4, 0x4000, 0xf, 0x3, 0x9f99, 0x1, 0x6d0, 0xfffffffffffffffe, 0x80, 0x9, 0x5, 0x400, 0x0}, {0x4000, 0x1f000, 0xb, 0x7fffffff, 0x3, 0x4, 0x7, 0x5, 0x100000001, 0x9, 0xff, 0x5, 0x0}, {0xd001, 0x5000, 0x0, 0x100000000, 0x101, 0x6, 0x200, 0x7, 0x3, 0xfffffffffffffc00, 0x5, 0x4, 0x0}, {0xf000, 0x3000, 0x0, 0x0, 0xf87b, 0x5, 0x8, 0xff, 0x4, 0x40, 0x7fffffff, 0x6, 0x0}, {0x1, 0x2, [0x0, 0x0, 0x0]}, {0x6000, 0x5000, [0x0, 0x0, 0x0]}, 0x4, 0x0, 0x0, 0x2000, 0x6, 0x8000, 0x2, [0x5, 0x100, 0x4, 0x8]}) mmap(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000029000-0x6)={[0x2, 0x8, 0x8, 0x4556d992, 0x7, 0x5, 0x1000, 0x200, 0x3f, 0x7094, 0x7fff, 0x8, 0x5, 0x400, 0xfffffffffffffffe, 0xffffffffffffff00], 0x10000, 0x2040}) mmap(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000029000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f000002a000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f000002b000-0x10)={0xc5b, 0x3ff}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f000002a000-0x68)={0x79, 0x0, [0x5, 0x1000, 0x0, 0x8], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f000001b000-0xd8)=@pic={0x20, 0x4, 0x3000000, 0x7, 0x40, 0x9, 0x9245, 0x6, 0x8, 0x8040, 0x800, 0x1, 0x3, 0xffffffff, 0x401, 0x1000}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000000f000/0x18000)=nil, &(0x7f0000029000-0x18)=[@text16={0x10, &(0x7f000000d000)="0f06ba4200ec66b8e90000000f23d80f21f86635000000400f23f866b8008000000f23d00f21f866352000000d0f23f86766c74424002f9f9ae46766c7442402480000006766c744240600000000670f011c240fc76a2a66b98508000066b80078000066ba000000000f300f07b861000f00d866b9800000c00f326635008000000f30", 0x83}], 0x1, 0x37, &(0x7f0000009000-0x20)=[@cr0={0x0, 0x40040001}, @dstype3={0x7, 0x1}], 0x2) syz_kvm_setup_cpu$x86(r0, r2, &(0x7f0000002000/0x18000)=nil, &(0x7f0000024000-0x18)=[@text32={0x20, &(0x7f0000025000-0x64)="66b80d018ed00f21d3dfebc7442400de5f0000c7442402cc9e557bc7442406000000000f011c24c744240027610000c7442402dca79e83c7442406000000000f011c24b9a40b00000f32f2afb805000000b9fd1200000f01d90fc72d4000000066b809008ee0", 0x66}], 0x1, 0x0, &(0x7f0000023000)=[], 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000016000-0x4)=0xffff) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000024000)={[{0x100000000, 0xfffffffffffffff7, 0x6f7, 0x7, 0x4, 0x99e, 0x10001, 0x7, 0x9, 0x20, 0xa3b, 0x7250, 0x3}, {0x100000000, 0x800, 0x93ca, 0x4, 0x101, 0x6c2e2c34, 0x2, 0x9f, 0x9, 0x2, 0x8, 0x9, 0x89}, {0x2, 0x2, 0x10000, 0x40, 0x1ff, 0x2, 0x1, 0x7, 0x3, 0x308f, 0x4, 0x85, 0x6}], 0xffff, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000011000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34b582ec71cdec61, [0x4, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000022000-0x18)={0x1, 0x0, [{0x834, 0x0, 0x67e85066}]}) [ 28.732653] BndCfgS = 0x0000000000000000 [ 28.733100] Interruptibility = 00000008 ActivityState = 00000000 [ 28.733831] *** Host State *** [ 28.734342] RIP = 0xffffffff811b6777 RSP = 0xffff88003df274c8 [ 28.734811] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 28.735505] FSBase=00007f4c3a973700 GSBase=ffff88003fc00000 TRBase=ffff88003fc22cc0 [ 28.737175] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 28.740895] CR0=0000000080050033 CR3=000000006dc95000 CR4=00000000000026f0 2017/08/11 21:15:14 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0xfffe, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 28.741996] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 28.742650] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 28.743237] *** Control State *** [ 28.743574] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 28.744509] EntryControls=0001d1ff ExitControls=00afefff [ 28.745004] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 28.746397] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 28.747006] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 28.747649] reason=80000021 qualification=0000000000000000 [ 28.748235] IDTVectoring: info=00000000 errcode=00000000 [ 28.748717] TSC Offset = 0xffffffe5fc33ec4a [ 28.749229] EPT pointer = 0x000000003d9c101e [ 28.749630] Virtual processor ID = 0x0696 2017/08/11 21:15:14 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0x0, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 28.767873] *** Guest State *** [ 28.768824] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 2017/08/11 21:15:14 executing program 1: mmap(&(0x7f0000000000/0xafa000)=nil, 0xafa000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000203000-0x9)="2f6465762f6b766d00", 0x80000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f000053b000/0x18000)=nil, &(0x7f00007b8000)=[@text64={0x40, &(0x7f0000afb000)="3e0f01be0000000066b83a000f00d066660f38809a0040000048b800800000000000000f23c80f21f835000030000f23f8800e0c66ba2100ecc4225d3afe66baf80cb8284cbf8fef66bafc0cb83b760000ef66baf80cb820d57e8def66bafc0c66ed4e0f01d1", 0x66}], 0x1, 0x10, &(0x7f0000a81000)=[@cr4={0x1, 0x80}, @efer={0x2, 0x8001}], 0x2) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000afb000-0xc)={0x3, r3, 0x1}) mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r5, 0xc028ae92, &(0x7f0000afb000-0x28)={0x7, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r6, &(0x7f0000274000/0x18000)=nil, &(0x7f0000107000)=[@text64={0x40, &(0x7f000099d000-0x64)="b6c3f8e788595d2a1ba31779d22e2453ab6fe204d8cb17bc3c4ab8e3e0483b9931418b5c1612cb68cb1f08acd253883205213823efd610026d3b892f9ecf43c837882ddb41cb3a22a62644cc9081d865b5c7d6d371bfbc1b7da5ab28911fcb5667d0b08b", 0x64}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[@efer={0x2, 0xc00}], 0x1) ioctl$KVM_S390_VCPU_FAULT(r6, 0x4008ae52, &(0x7f0000af7000)=0x9) ioctl$KVM_SET_DEBUGREGS(r6, 0x4080aea2, &(0x7f0000af9000-0x80)={[0x5000, 0x6000, 0x100000, 0x10000], 0xfffffffffffffffd, 0xa9, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_MSRS(r6, 0xc008ae88, &(0x7f00005a0000-0x48)={0x4, 0x0, [{0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}]}) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_REINJECT_CONTROL(r3, 0xae71, &(0x7f0000017000-0x20)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_XCRS(r6, 0x4188aea7, &(0x7f0000896000-0x58)={0x5, 0x4, [{0x9, 0x0, 0x800000003}, {0x2, 0x0, 0x26b}, {0x4, 0x0, 0x7fffffff}, {0x7f, 0x0, 0x6}, {0x997, 0x0, 0xc7}]}) ioctl$KVM_S390_INTERRUPT_CPU(r6, 0x4010ae94, &(0x7f000074e000)={0x5, 0x7, 0x100000000007}) ioctl$KVM_GET_LAPIC(r6, 0x8400ae8e, &(0x7f0000298000)={"94707f83bb7e933377e0bec2b974eebf5b6c13839a8100c18c3f24273f68e51804a9dc8ab89fc1f83244c299ee87ea8151458ab3bffcab72c636af1290eef935d9e9d33caed65455bc76d9d56ce5232e5f7fefa8e22a23e681f0cfaddc4ff1cc6ebe1846867effffbafbeca8fa033e809205de046410b4b088bb992cdf2949e1d07af823d7626d233ab814e8138670ea9daa0ddb244b99e64420399ba87a90aea933296a22a5286ce144e1e455ec56a180a5cc4b0d8b7d7b5e61a99888e4336e6fc5f48063dfddf0084c9560f093a083a7b16f666440dc5371b2ddf633bc02c9eec072701c3098e6761f0495a50fcc99b25d4bef84c690e32feebeb6a2fedf8b32f7c474462ab31b3d1c479a0be4942f7cefcc5c50b064b0911381cd44ce4f2173b0f4adef9d9814f3412c2ba8cf585145c71c6f77d9e3eb74f9d9d02b794cf0232eeed21fb7c61724f8d1ab8b986a58cdb1567d884957d0d9b35c5c36937f2a53350e88327b706678e704206c0d4f350837294e2b7de86dc32ef000b89690898f5df29e98f584aa1a7e6d8edf15562b43134c05f039abea50e6937a864b6cfa2a1fe9a879238efc5c30892175f0bdf2da76c4be54f1a5207433f64ab8016ebed2d42da5a604dc4a817b822c7f3797272377a86f9779a241fd76c97ce4094166fe3114d73d6069fadef5109ffef9999256693c7158ca406731b87b803ef256fac62ff5de052fb01ef7e08e48d55c7fdb8c4ab75d72a6de7828b213ed5b47c16e89bab3ae655ff9f0cc3eb56374d8855d06e69de55a54618ed899289b2093020463f90f89cc938f21f359c06a68b78d82ca54844d17d78eab2037b4abeb523dfec94c3511fb1b7ccfb1987516d12453db9667b8a909323dfca69d0e4489522653dfe5c2e1edec761bb185c8de88a318e1ce1a11b19b43684ae0c990fd7cd94b30141750fbdc448e676129bbff60aa79cc7a1ac7cbd29d0910ed2cde667166bd2bb0f3bd4b3d54f0601c61dcf04ef68100c3b1d992b65bb464051ba76256c91968a21c9a7fd2059ddcf9115edd0354f3df110b0c3823d646ae1a1891b81a8ea842c67fd35e16813621ac129cd16d9494d79f927b026983aa0e7fa179172d08caefa180ca1b3d5097e6c4bd120381fcca681ff92118ee41b36ba3a935e91f76a2731e7956ba16f33bd7aedc2fceaaec2cb461aee893505d77be10b11062694843bf7a8ec9ca78caf2ccc768d1c08f7f81baee95a886c260cc0ee33365bae52046c78c8b14a847a247303ed2c8b713e2a36b1bfb553abad0d7eb158a55f358d5933b0fbdec3069615b8c43b2751c95e73218e26b95d9443315681abd85f293e0d4cd0188a2fa47430482f8f24d4a73c09cc563da41e8c825c1b48e0c619587de80115eb65071873a05cfe372a98777acf45d7bef218bb87df0edc28c8be5286f4e1e"}) ioctl$KVM_GET_XSAVE(r6, 0x9000aea4, &(0x7f0000012000)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"}) ioctl$KVM_SET_SREGS(r6, 0x4138ae84, &(0x7f0000af6000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c0137bc281d9f1a, [0x0, 0x0, 0x0, 0x0]}) munlock(&(0x7f000000a000/0x4000)=nil, 0x4000) ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000017000)={0x10201, 0x0, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_GET_REGS(r6, 0x8090ae81, &(0x7f0000af9000-0x90)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1ff) ioctl$KVM_ASSIGN_PCI_DEVICE(r1, 0x8040ae69, &(0x7f000025e000-0x14)={0x7, 0x3, 0xe39d, 0x1, 0x9b4b}) [ 28.774881] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 28.775956] CR3 = 0x0000000000002000 [ 28.776327] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 28.776861] RFLAGS=0x00010002 DR7 = 0x0000000000000400 2017/08/11 21:15:14 executing program 5: mmap(&(0x7f0000000000/0xaef000)=nil, 0xaef000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000aee000)={0x1, 0x0, [{0x1, 0x2, 0x0, 0x0, @msi={0x0, 0x0, 0x0}}]}) ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4008ae93, &(0x7f0000aee000-0x8)=0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x0}) [ 28.778073] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 28.778772] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.779566] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.783226] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 28.783957] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 28.785281] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.787614] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.788482] GDTR: limit=0x00000004, base=0x0000000000000000 [ 28.789266] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 28.790328] IDTR: limit=0x00000000, base=0x0000000000000001 [ 28.792167] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 28.792881] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 28.793575] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 28.794273] BndCfgS = 0x0000000000000000 [ 28.794640] Interruptibility = 00000008 ActivityState = 00000000 [ 28.795211] *** Host State *** [ 28.795504] RIP = 0xffffffff811b6777 RSP = 0xffff88003b3ef4c8 [ 28.796048] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 28.796631] FSBase=00007f4c3a973700 GSBase=ffff88003fc00000 TRBase=ffff88003fc22cc0 [ 28.797359] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 28.797946] CR0=0000000080050033 CR3=000000006d532000 CR4=00000000000026f0 2017/08/11 21:15:14 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:14 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 28.799803] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 28.800424] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 28.800976] *** Control State *** [ 28.801357] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 28.802070] EntryControls=0001d1ff ExitControls=00afefff [ 28.803909] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 28.804597] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 28.805205] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 28.805787] reason=80000021 qualification=0000000000000000 [ 28.807878] IDTVectoring: info=00000000 errcode=00000000 [ 28.808605] TSC Offset = 0xffffffe5eef3ab42 [ 28.809002] EPT pointer = 0x000000003b19401e [ 28.809413] Virtual processor ID = 0x0696 2017/08/11 21:15:14 executing program 5: mmap(&(0x7f0000000000/0x28000)=nil, 0x28000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000017000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000006000-0xc)={0x2, r1, 0x0}) mmap(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x3, 0x33, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000029000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f000002a000-0x10)={0x5000, 0x100000, 0x0}) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000028000)={0xc000000000000000, 0x6004, 0xffe, 0x1, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]}) mbind(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x0, &(0x7f0000019000)=0x0, 0x2, 0x2) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_KVMCLOCK_CTRL(r3, 0xaead) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000017000)={{0x106000, 0xf001, 0x1f, 0x6, 0x5, 0x6000000000000000, 0x4, 0x8001, 0x1, 0x1f, 0x2, 0x6585099f, 0x0}, {0x3, 0xf000, 0x0, 0x9, 0x100000001, 0x2, 0x1f, 0x10000, 0x2, 0x8, 0x120000000, 0x2, 0x0}, {0x0, 0x6000, 0xe, 0x8, 0x4, 0x400, 0x800, 0x1f, 0x4, 0xfffffffffffffffc, 0x289, 0x2, 0x0}, {0x4000, 0x4, 0xe, 0x5, 0x20, 0x0, 0x3, 0x80000000, 0x4, 0x7, 0x1, 0xfffffffffffffffd, 0x0}, {0x4, 0x4000, 0xf, 0x3, 0x9f99, 0x1, 0x6d0, 0xfffffffffffffffe, 0x80, 0x9, 0x5, 0x400, 0x0}, {0x4000, 0x1f000, 0xb, 0x7fffffff, 0x3, 0x4, 0x7, 0x5, 0x100000001, 0x9, 0xff, 0x5, 0x0}, {0xd001, 0x5000, 0x0, 0x100000000, 0x101, 0x6, 0x200, 0x7, 0x3, 0xfffffffffffffc00, 0x5, 0x4, 0x0}, {0xf000, 0x3000, 0x0, 0x0, 0xf87b, 0x5, 0x8, 0xff, 0x4, 0x40, 0x7fffffff, 0x6, 0x0}, {0x1, 0x2, [0x0, 0x0, 0x0]}, {0x6000, 0x5000, [0x0, 0x0, 0x0]}, 0x4, 0x0, 0x0, 0x2000, 0x6, 0x8000, 0x2, [0x5, 0x100, 0x4, 0x8]}) mmap(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f000000f000/0x18000)=nil, &(0x7f0000029000-0x18)=[@text16={0x10, &(0x7f000000d000)="0f06ba4200ec66b8e90000000f23d80f21f86635000000400f23f866b8008000000f23d00f21f866352000000d0f23f86766c74424002f9f9ae46766c7442402480000006766c744240600000000670f011c240fc76a2a66b98508000066b80078000066ba000000000f300f07b861000f00d866b9800000c00f326635008000000f30", 0x83}], 0x1, 0x37, &(0x7f0000009000-0x20)=[@cr0={0x0, 0x40040001}, @dstype3={0x7, 0x1}], 0x2) syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000002000/0x18000)=nil, &(0x7f0000024000-0x18)=[@text32={0x20, &(0x7f0000025000-0x64)="66b80d018ed00f21d3dfebc7442400de5f0000c7442402cc9e557bc7442406000000000f011c24c744240027610000c7442402dca79e83c7442406000000000f011c24b9a40b00000f32f2afb805000000b9fd1200000f01d90fc72d4000000066b809008ee0", 0x66}], 0x1, 0x0, &(0x7f0000023000)=[], 0x0) ioctl$KVM_GET_FPU(r3, 0x81a0ae8c, &(0x7f000001f000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000022000-0x20b)={"eb128b5864e37964efd7c9d4b341fdc3ac63cbb1db5ef8d8e7821e4fdea1cd342fdf7a2a0198a1be4de3346d5eec906d3499717f926c0cfeef869e0f83f61348dddcbef0d6ce2b9b1caa825a179afc0ec2c7f881f5b5f26eab41f9572ef4db56dea21c9974b99287ffebf4c76578435120cfef358cc2b79a4b7b227674e983c4b74aab446b1b6456216d2dfd382a94af731aea16fb45e1bd24a11fdc59be91fe292a3a51a4762ce50c07902b0496c0002cb6de5aa05fbe95f16d53b846233f6c301f35de651722c4cf1ec9ae08489c2a70403ab3658ebbff0d726851b694be27ebc30aaf70d8e693cbd224265fff619921939ac12f5f23b68b08074781bf1a9b232b0f843d7e1044c892004783e5146a34654f3aaca5eb510027f9e04fc473a91d8275b996b6245688ff1cb1d8e85ab28ab2664bd49e385de55aaf69cd30f4d2d6fb021ee1993c4902511b6f15169e2691b747af0b51158a9e229e20c4cef1a04f0ea2a85c2fca9881408e2eb8efcc24bdaebd70834bd50521cfd00bb6e0b0d2d6a1ad58a7ec4beef7bbd3d7f01b284861e26e5eb3f71e837125dd7c9b0e4b2f5f03a264b5a775843deb70e1e8d18de8dc9d280e6d61d26162779d3261755818e3b0065cd910fbfddc4f28031faf37c5c6070636611a5cb987968017c5f47cab1606f650c9a884be9065594b2f68b5468e0b480d3815636aaa783e39f6bfcd74b5cde7b812e3c08b71666e5548148dc2e422c98ff567dcf7105ad502093ae41a0f590952b041daa2c6c835f511e3da10c171c544a29bbc3caaed39291a7a3e7b01e11b5fc54e53958069fb08636d3bd2cdf2c50152703160b82b7a161509ba8a381c10ac9284b6056268f75161c2919d041abf7e075508b21aa0906dcf8623fb0337d9bf09240a22e9563c2ef8464ee46b48213fc4b4eb3a7495ca57cd0364062520d2452ddf933b2ef47ff417971d0df758859819a81521c537429ed5c3286c8af8369cc7ffe8d14d563e03aba5c779e7d3e6931f90aa4779fec59deca373ef10724b7151c6717e27b494b84159a4efc6011df295aa65a85fb042b20ac066df70c85ced8365fa6f713aa443d0b6c0f92b93288817d079b2f9c51fb5788881bde21a012fa7182cac16d909dd4ba665545b490c6ee16c41e7152f19eb8acf0ac6d3cb20351d882f880fcf1499287c145f0e9ca34bbfe804de9d87b07dc77e085efddd77038063b4f9f2b873fefb2a74efef8756bc517ed6b72c5b484616d56bae207ad355342cab91b2375168552a38aeae6a83ae5d4282ef7d98c0095eed1924df6e6602d900fdee8c8f04e06e6c2af5be6dd0de964269315ecc1444c209386c1b9900e1c8e44097625465fb8ea1e8e61a4869b9e89d050aa11d62f4e35b779d1b952b8e7f6a7ea1024cd6b6b815ecd5d17ed0ff69704ae2a304312fc78d8903"}) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000011000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34b582ec71cdec61, [0x4, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000022000-0x18)={0x1, 0x0, [{0x835, 0x0, 0x0}]}) mmap(&(0x7f0000029000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000029000)={"70bb2a128b3e90781041d44f4ed210182c8ad5cfe4871781588a516c5f0d384e4ca3603cacc146ef011ac748d359b63730c6e6cc5d77886de9d396479889d55bc24fb36817bc31d53eba46ec34cb2557194159b37d638188f7ed8b890a800d217f4ccd306d4e4c612063db6c280459216b2f7896c875d626316a1f14a952d2c852ed7f20180a530e2538bda1281842af03006e2ae91e1a7030d82fd60763bef7fa6ac3391e20b29368345b928d9ae86cc8901c76d48b0143bd8a886d55be0755a4e3eb9b971974559175c59f7e3d05e775c98a3508e43eefbae7a7659f6395de6e2cfb9f2efb635d821c52f49a6cf1742f105914f16122034220c2a6f0520d26a16cd1605fe15680dd76cf843985aae9290f56e42206e113374b4d3c0d93020758dd28362aa61638fe47831f60d23840ece28f390412b45f61f85a849a25fb385b779360a4a81dfdb7dda333306389aeeac957c1e1bb62467b33191bc8b9db7a47402e7bcc8083db61f313bff10d2fac4906afbc562af33b1ec061e895fb3ea52f6a1e9b43c253e536b7f31ea2769d1246734aef2c2d9a1c1c9ff68cfd16c7b595fd8a2236ac70624b3f007f0cf6e94130dd5bc895a36bce9df396f5cd1741bff3e9cd2766cf052a2650202a303f1236c27d57ca0938382826cee587bdb98b680986170fa3d6bec0ef4604e1433c6b1d1c7c0aa43befc947cd00b1dc690294dc02c9fa6b194833db38f6da270ceece0bb3375c2018effeeb57d642b758225936c001907de8a8cb64a8ac30858fcacc8ec615269ecb9c22b8ee1740eb018daeabdce89679645e5cdec1f2abcc2786a5d58b18fff5bba12e9dd76fbc24f0e19cfa6a14dce2ff713373884f8267eed9d207051c0f1303e401db66b35f73cc2a5b7c4faa425b7d9c19f456e60835424c336f6c16367b13cc2f3cb9cdfe8ca878d25f61f9dc62ab5e02d9d7628b2a57226ee0f6eeb00886b7356750d7c80bff1918688efd0dc816e1048b327960bef92638acef6c7f969c3cf637954665c97c02086423429d6fd45d475d60e46f0ea0ff688e6878b1012ebd46ee981f1c0b4402346687e0b629c5ee83317b28923e77516f5d6c1e3fcff71a8bf166c16430e5134372ef9fd3f3398c4590601d76c1f45e0aceff4a3699622698854b4f12cfe924a93abbc1b5559a2efaa4d4400cda58f201ddbc35fc87da86629eff83989c1f34ad47425c795ed712220b14a6f4f6aa9acbc509c0f9fee8e1846bbfd58b90fbf0e02be42d533ab91a1d0022e9d3c045056b485edee3476e32fc7bedb06aa35a3d848ee6ff76db2430c9e7195d012fef3226bd29b9babd1d0da57e0cf17e54e4329cb520256a7d880a92965a6496ba192fc6626e3db964f2091d234b9462f6b938cc68160d07c358f0222dee886507401a144fd86e31ca9d6f7a63fc57706c2467b5fd"}) 2017/08/11 21:15:14 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0x0, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 2: mmap(&(0x7f0000000000/0xb9b000)=nil, 0xb9b000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mremap(&(0x7f000053b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000816000/0x4000)=nil) ioctl$KVM_GET_XCRS(0xffffffffffffffff, 0x8188aea6, &(0x7f000001f000)={0x1, 0xae14, [{0x0, 0x0, 0x0}]}) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f000000c000)={0x1, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x0}]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000002b000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f000062e000-0x70)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000b9b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000b9b000)={0x3, r1, 0x1}) mmap(&(0x7f0000b9b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000b9b000)={{0x6000, 0x10f000, 0xe, 0xff, 0x7, 0x5c, 0xd8, 0x4, 0x101, 0x5, 0x80, 0x7fffffff, 0x0}, {0x2, 0x5000, 0xa, 0x800, 0x3, 0x7fffffff, 0xd253, 0x4, 0x97, 0x401, 0x20, 0x7fffffff, 0x0}, {0x12000, 0x1000, 0x4, 0x5, 0x0, 0x10001, 0x8, 0xffffffffffffe684, 0xfffffffffffffffe, 0x7, 0x4, 0x0, 0x0}, {0x107002, 0x0, 0x4, 0x1, 0x0, 0x80000001, 0xfffffffffffffc01, 0xb4e6, 0x1000, 0x93, 0x4, 0x1, 0x0}, {0x1f000, 0x10000, 0xf, 0x8, 0x1000, 0x2, 0x101, 0x6393, 0x7, 0x2, 0x5, 0x401, 0x0}, {0x0, 0x0, 0x9, 0x3, 0x3ff, 0x1000, 0x2, 0x1ff, 0xffffffffffff4bf2, 0x20, 0x9, 0x4, 0x0}, {0xf000, 0x6000, 0xe, 0x8, 0x0, 0x1, 0x131, 0x7, 0x9, 0x7, 0x3ff, 0x8001, 0x0}, {0x1000, 0x12000, 0x0, 0x8, 0x8, 0xc7b4, 0x5, 0x2a55, 0xffff, 0x9d5, 0x2, 0xbd, 0x0}, {0x4, 0x5000, [0x0, 0x0, 0x0]}, {0x0, 0x100000, [0x0, 0x0, 0x0]}, 0x40000020, 0x0, 0x1000, 0x0, 0x2, 0x8901, 0x5000, [0x731e6a32, 0x1, 0x4, 0x5]}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000000c000)={0x2, 0x0, [{0x1, 0x0, 0x0, 0x4, 0x400, 0x0}, {0xa, 0xff9, 0x0, 0x0, 0x0, 0x0}]}) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f000002c000-0x18)={0x1, 0x0, [{0x18e, 0x0, 0xbd892f5}]}) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f00000cf000)={0x2, 0xffffffffffffffff, 0xfffffffffffffffd}) mmap(&(0x7f0000b9c000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000854000/0x18000)=nil, &(0x7f00003d1000-0x18)=[@textreal={0x8, &(0x7f0000520000)="0f07440f20c066350b000000440f22c0c80000ff0f009cf500b822088ee00f00150fb46601f466b9c60d000066b86271bcc466ba685d767a0f3066b9de0a000066b80000010066ba000000000f30", 0x4e}], 0x1, 0x20, &(0x7f0000b9c000)=[@vmwrite={0x8, 0x0, 0x2c1c, 0x0, 0xfffffffffffffffd, 0x0, 0x8000, 0x0, 0xfff}, @cstype3={0x5, 0xf}], 0x2) mmap(&(0x7f0000b9b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r2, 0x4004ae8b, &(0x7f0000b23000)={0xf4, "1eface1bac95828a791cd5bb0e2bd65372f9a9d29f858b1aa029db79a60eeba306e6b69cc83ec66e81f141f49150620beb7771b785795f63978399ea30dc6f02a8504a230f5b7ecd68668af71ae0c1b90c414efd7c8df0a77c767d21ae157e44d2e12636274781249f16fd2b7a18e76aafe75af4b14da1e5b7d9a94752bdb8bd27ce331d9af7fc67b0ae73544aa0e7008c88347214fca6dd9dce39a03a3eac17dba1ef3f71ef1959ede8b6f4b9c63a575e08f49865b70eb74ee60230365d5baf2b481874c25a15374bce935c0b09a2706e3cb32a8e88f790290967f51d021c3bb894ba3afce0342972962d5b9e89b0e2b2555abf"}) syz_kvm_setup_cpu$x86(r4, r4, &(0x7f0000f21000/0x18000)=nil, &(0x7f0000002000-0x18)=[@text32={0x20, &(0x7f0000002000-0x5c)="c4c1a45ea200000000670f01cf66baf80cb8309c8887ef66bafc0cb8ff000000eff2af0f0fb43f05000000b7f20f35660fae730c660f388293256141970fc71ac744240000900000c74424025b000000c7442406000000000f011424", 0x5c}], 0x1, 0x20, &(0x7f0000b9c000-0x20)=[@cr4={0x1, 0x80}, @cstype3={0x5, 0xe}], 0x2) ioctl$KVM_X86_SET_MCE(r4, 0x4040ae9e, &(0x7f0000000000)={0x2000000000000000, 0x6000, 0x0, 0x4, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]}) 2017/08/11 21:15:14 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x5, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 28.838129] *** Guest State *** [ 28.838438] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 28.839254] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 28.841311] CR3 = 0x0000000000002000 [ 28.841659] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 28.842204] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 28.842732] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 28.843534] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.844261] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.844987] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 28.845958] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 28.846702] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.847449] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.848141] kvm pmu: pin control bit is ignored [ 28.848252] kvm_pmu: event creation failed -2 [ 28.849101] GDTR: limit=0x00000004, base=0x0000000000000000 [ 28.849897] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 28.850636] IDTR: limit=0x00000000, base=0x0000000000000001 [ 28.851350] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 28.852087] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 28.852650] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 28.853319] BndCfgS = 0x0000000000000000 [ 28.853684] Interruptibility = 00000008 ActivityState = 00000000 [ 28.854252] *** Host State *** [ 28.854539] RIP = 0xffffffff811b6777 RSP = 0xffff88006aae74c8 [ 28.855107] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 28.855680] FSBase=00007f4c3a973700 GSBase=ffff88003fc00000 TRBase=ffff88003fc22cc0 2017/08/11 21:15:14 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x637}) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00009c7000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 28.856877] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 28.857420] CR0=0000000080050033 CR3=000000006cc0d000 CR4=00000000000026f0 [ 28.858084] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 28.858668] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 28.859214] *** Control State *** [ 28.859519] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 28.860111] EntryControls=0001d1ff ExitControls=00afefff [ 28.860589] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 28.861230] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 28.862366] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 2017/08/11 21:15:14 executing program 4: mmap(&(0x7f0000000000/0xb9b000)=nil, 0xb9b000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mremap(&(0x7f000053b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000816000/0x4000)=nil) ioctl$KVM_GET_XCRS(0xffffffffffffffff, 0x8188aea6, &(0x7f000001f000)={0x1, 0xae14, [{0x0, 0x0, 0x0}]}) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f000000c000)={0x1, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x0}]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000002b000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f000062e000-0x70)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) mmap(&(0x7f0000b9b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEBUGREGS(r2, 0x4080aea2, &(0x7f0000b9c000-0x80)={[0x2000, 0x2, 0x1, 0x0], 0xfe4a, 0xab, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000000c000)={0x2, 0x0, [{0x1, 0x0, 0x0, 0x4, 0x400, 0x0}, {0xa, 0xff9, 0x0, 0x0, 0x0, 0x0}]}) ioctl$KVM_GET_REGS(r3, 0x8090ae81, &(0x7f00004c0000-0x90)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f000002c000-0x18)={0x1, 0x0, [{0x18e, 0x0, 0xbd992f9}]}) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f00005b8000/0x18000)=nil, &(0x7f0000a37000-0x18)=[@textreal={0x8, &(0x7f0000ae1000-0x2d)="66b822f908230f23c80f21f866350800c0000f23f866b8e10ce9300f23c80f21f866350400b0000f23f8653e0fc3050f01d9f3ac0f01cfb80d028ee8bad00466ed26660f01c966660f3a1650d800", 0x4e}], 0x1, 0x0, &(0x7f000018a000-0x20)=[@cr0={0x0, 0x0}, @efer={0x2, 0x100}], 0x2) mremap(&(0x7f000053b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f00000cc000/0x4000)=nil) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f00000cf000)={0x2, 0xffffffffffffffff, 0xfffffffffffffffd}) mbind(&(0x7f00000cc000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000001000-0x8)=0x380000000000000, 0x4, 0x2) ioctl$KVM_SET_TSC_KHZ(r3, 0xaea2, 0x3) syz_kvm_setup_cpu$x86(r4, r4, &(0x7f0000f21000/0x18000)=nil, &(0x7f0000002000-0x18)=[@text32={0x20, &(0x7f0000002000-0x5c)="c4c1a45ea200000000670f01cf66baf80cb8309c8887ef66bafc0cb8ff000000eff2af0f0fb43f05000000b7f20f35660fae730c660f388293256141970fc71ac744240000900000c74424025b000000c7442406000000000f011424", 0x5c}], 0x1, 0x20, &(0x7f0000001000-0x20)=[@cr4={0x1, 0x80}, @cstype3={0x5, 0xe}], 0x2) ioctl$KVM_X86_SET_MCE(r4, 0x4040ae9e, &(0x7f0000000000)={0x2000000000000000, 0x6000, 0x0, 0x4, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]}) ioctl$KVM_GET_REG_LIST(r4, 0xc008aeb0, &(0x7f0000144000+0x119)={0x1, [0xb58]}) munlock(&(0x7f00000cf000/0x1000)=nil, 0x1000) ioctl$KVM_ASSIGN_PCI_DEVICE(r1, 0x8040ae69, &(0x7f0000130000-0x14)={0xfffffffffffffff7, 0x7fff, 0x5, 0x2, 0x8}) mremap(&(0x7f000053c000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f00000cd000/0x2000)=nil) ioctl$KVM_GET_TSC_KHZ(r4, 0xaea3) ioctl$KVM_S390_UCAS_UNMAP(r4, 0x4018ae51, &(0x7f00008d1000)={0x81, 0x400, 0x100}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f000031f000)={0x6000, 0x0, 0x8, 0xfb, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_FPU(r3, 0x81a0ae8c, &(0x7f0000b9b000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) [ 28.864292] reason=80000021 qualification=0000000000000000 [ 28.864855] IDTVectoring: info=00000000 errcode=00000000 [ 28.865358] TSC Offset = 0xffffffe5e0f635ec [ 28.865753] EPT pointer = 0x000000003ba6601e [ 28.866306] Virtual processor ID = 0x069b 2017/08/11 21:15:14 executing program 2: mmap(&(0x7f0000000000/0xaeb000)=nil, 0xaeb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000009a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x20000000) mmap(&(0x7f0000333000/0x1000)=nil, 0x1000, 0x5, 0x34, r2, 0xfffffffffffffffd) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000aef000-0x4)=0x7) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f0000723000-0x5c)="260f0965468079f59f66baf80cb818cd348cef66bafc0cedb9800000c00f3235000400000f30c441d173f2fc66b833008ec066baf80cb818456881ef66bafc0c66edb9800000c00f3235008000000f30490f01ba480000004683e8f3", 0x5c}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f000071f000)=0xffffffffffffffff) ioctl$KVM_TPR_ACCESS_REPORTING(r5, 0xc028ae92, &(0x7f00000ab000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r5, 0x4400ae8f, &(0x7f0000aec000)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0bcfc300bc75ce5da3001ccb1007655a4f7410ae2abb351756d32573ad07efbff26b6c29f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca42d4a7935507ddb99198bc1ac4b348ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370084b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f7942061ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff03924e9ef495aad2c7831f72e87d20d39c031000c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1194dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11441d510b1269bd87224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33249d40760c0dd77c75cea3ced7055169a87c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fa5e989f9a2c488638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69013a938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931c8987a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4ccf9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce8549870615e1e9c969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b01d346504ab1cbc30fb5acf132544e59a2dec45e8019ef4642e672aebc040bfbfd6e7caf8846917b3e21e9b5673b31c4f3528baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624e76bad7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) mmap(&(0x7f0000000000/0xc59000)=nil, 0xc59000, 0x3, 0x32, 0xffffffffffffffff, 0x0) munmap(&(0x7f00000f3000/0x1000)=nil, 0x1000) r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) eventfd2(0x0, 0x0) mmap(&(0x7f0000c59000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000c5a000-0xc)={0x3, r6, 0x1}) mmap(&(0x7f0000c59000/0x1000)=nil, 0x1000, 0x25, 0x2010, r5, 0x4) mmap(&(0x7f0000c5a000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f000064f000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f000064f000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f000064f000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_XEN_HVM_CONFIG(r7, 0x4038ae7a, &(0x7f000064f000)={0x401, 0xfe, &(0x7f000064f000)="5b7301c29af338056ae818c3dccd3fea0665a34a7124d190343d62b1b5ff03b99d781e704b88529884bfe01097b4d13c4632c0a3bd04b773ed9f59ff1934ab98670eb4373e317a38d06fa54a7642572e64dc448ab900ce7d4e8e3866c81e85f2413ff1d83327b07c205f7fbed8280213bfd9ffdbde50d4f61cd52ecc48bc7215360da6c02777bfe3de86dba8a10741c9418075c7fd", &(0x7f000064f000)="67dd0883fe6fe3d90c3249a803f9698ff21e9e788efa952f8236088d05c10f648a57f641634d0b452195966f78295667771269041d4789fccf5f13d249087f", 0x95, 0x3f, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) 2017/08/11 21:15:14 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x0, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x0, 0xa0f, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 5: mmap(&(0x7f0000000000/0xb9b000)=nil, 0xb9b000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f000000c000)={0x0, 0x0, []}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000002b000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f000062e000-0x70)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000f0000-0xc8)={0x4, 0x0, [{0x401, 0x3, 0x0, 0x0, @adapter={0x0, 0x4a, 0x800, 0x9, 0xffffffffffffff57}}, {0x7, 0x1, 0x0, 0x0, @adapter={0x8, 0x6, 0x0, 0x7, 0x6a}}, {0x1, 0x5, 0x0, 0x0, @irqchip={0x101, 0x5}}, {0x1, 0x6, 0x0, 0x0, @sint={0x80000001, 0x101}}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) mmap(&(0x7f0000b9b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000b9b000)={0x7, r1, 0x0}) mmap(&(0x7f0000b9b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_XSAVE(r2, 0x9000aea4, &(0x7f0000b9b000)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f000000c000)={0x2, 0x0, [{0x1, 0x0, 0x0, 0x4, 0x0, 0x0}, {0xa, 0xff9, 0x0, 0x0, 0x0, 0x0}]}) mmap(&(0x7f0000b9c000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_GET_PVINFO(r0, 0x4080aea1, &(0x7f0000b9d000-0xf2)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f000002c000-0x18)={0x1, 0x0, [{0x18e, 0x0, 0xbd992f9}]}) mmap(&(0x7f0000b9c000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_INTERRUPT(r3, 0x4004ae86, &(0x7f0000b9d000-0x4)=0x1) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f00000cf000)={0x2, 0xffffffffffffffff, 0x0}) 2017/08/11 21:15:14 executing program 1: mmap(&(0x7f00004e7000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000d29000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000)=0x6, 0x200c, 0x0) r0 = pkey_alloc(0x0, 0x8000) mmap(&(0x7f0000a71000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000a71000)={0x3, 0xffffffffffffff9c, 0x0}) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f000050f000-0x30)={0x6, 0xca, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f000000b000-0x20)={0x10007, 0x1, 0x1, 0x2000, &(0x7f0000007000/0x2000)=nil}) pkey_mprotect(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x3, r0) munmap(&(0x7f0000006000/0x1000)=nil, 0x1000) mmap(&(0x7f0000000000/0xffc000)=nil, 0xffc000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f000079a000)={0x0, 0xffffffffffffffff, 0x0}) ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000873000-0x10)={0x0, 0x0, &(0x7f0000f0a000/0x2000)=nil}) mbind(&(0x7f0000117000/0x1000)=nil, 0x1000, 0x1, &(0x7f0000ff9000-0x8)=0x9, 0x2, 0x3) madvise(&(0x7f0000d3a000/0x4000)=nil, 0x4000, 0x9) ioctl$KVM_CHECK_EXTENSION_VM(r3, 0xae03, 0x7) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000ffa000-0x40)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000266000-0x10)={0x7, 0x0}) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000ffb000-0x40)={0x7, [0x4, 0x4, 0x8, 0x6, 0x8, 0xec5b, 0xfffffffffffffff8]}) ioctl$KVM_SET_PIT2(r3, 0x4070aea0, &(0x7f0000ff9000)={[{0xf357, 0xe462, 0x9, 0x9, 0x20, 0x8, 0x7, 0x7, 0x10000, 0x1, 0x7f80000000000000, 0x20, 0x0}, {0x9, 0x80000000, 0x10001, 0x6, 0x3, 0x5, 0x5, 0x8, 0x4, 0x100000001, 0x6, 0x403, 0x3}, {0x4, 0xbee2, 0x80000000, 0x7, 0x3, 0x80000001, 0x101, 0x80, 0x3, 0x81, 0x1, 0xffffffff, 0xea4a}], 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) madvise(&(0x7f0000606000/0x1000)=nil, 0x1000, 0x3) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) ioctl$KVM_SET_XCRS(r3, 0x4188aea7, &(0x7f0000ffb000)={0x1, 0x1, [{0x1ad, 0x0, 0x47d0}]}) mremap(&(0x7f0000005000/0x1000)=nil, 0x1000, 0xb000, 0x3, &(0x7f0000a66000/0xb000)=nil) mremap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) r4 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000a6b000)={0x10003, 0x1, 0xf002, 0x2000, &(0x7f0000008000/0x2000)=nil}) mlock2(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1) mlock2(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x0) r5 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0) munlock(&(0x7f0000003000/0x2000)=nil, 0x2000) ioctl$KVM_SET_IRQCHIP(r5, 0x8208ae63, &(0x7f000000a000)=@ioapic={0x1d002, 0x0, 0x0, 0x5, 0x0, [{0x3, 0x6823fa17, 0x101, [0x0, 0x0, 0x0, 0x0], 0x5}, {0x3f, 0x7fffffff, 0x1, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x8, 0x40, 0x1, [0x0, 0x0, 0x0, 0x0], 0x1}, {0x40, 0x0, 0x80000001, [0x0, 0x0, 0x0, 0x0], 0xfffffffffffffffd}, {0x40, 0xcec, 0x4, [0x0, 0x0, 0x0, 0x0], 0x5f6}, {0x2, 0x0, 0xe, [0x0, 0x0, 0x0, 0x0], 0x0}, {0xffffffffffffff7c, 0x602, 0xffffffffffffffc1, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x3, 0x0, 0x80, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x1, 0x8, 0x5, [0x0, 0x0, 0x0, 0x0], 0x8}, {0xf3e, 0x59c, 0x3, [0x0, 0x0, 0x0, 0x0], 0x2}, {0x8000000000, 0x6, 0xdc0d, [0x0, 0x0, 0x0, 0x0], 0xcf7}, {0x131f, 0xfffffffffffffffb, 0x3, [0x0, 0x0, 0x0, 0x0], 0x8a0}, {0x4, 0x9, 0xb6, [0x0, 0x0, 0x0, 0x0], 0x187}, {0xf2, 0xfffffffffffffffc, 0x800, [0x0, 0x0, 0x0, 0x0], 0xffffffffffffff81}, {0x1ff, 0xe5d, 0x5, [0x0, 0x0, 0x0, 0x0], 0x1}, {0x51c2, 0x96f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x1, 0x0, 0x7, [0x0, 0x0, 0x0, 0x0], 0x7ff}, {0x200, 0x80000000, 0x9ac, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x7f, 0x7, 0x6, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x200, 0x2, 0xbf59, [0x0, 0x0, 0x0, 0x0], 0x101}, {0x4, 0xbcc, 0x86a, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x7, 0x9, 0xffffffffffffde65, [0x0, 0x0, 0x0, 0x0], 0x1000}, {0x3ff, 0x7fffffff, 0xc11, [0x0, 0x0, 0x0, 0x0], 0xec}, {0x7, 0xdd18, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x3}]}) [ 28.908026] *** Guest State *** [ 28.909460] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 28.913360] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 28.916426] CR3 = 0x0000000000002000 2017/08/11 21:15:14 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x4, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 28.918683] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 28.919362] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 28.919971] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 28.920788] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.921704] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.922581] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 2017/08/11 21:15:14 executing program 4: mmap(&(0x7f0000142000/0x2000)=nil, 0x2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000143000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000ad8000)=[], 0x0) mmap(&(0x7f00002df000/0x3000)=nil, 0x3000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af0000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r2, 0x4004ae8b, &(0x7f0000af1000-0xc)={0x8, "bcf17f3483238b9c"}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000347000)={0x4, 0x0, [{0x3, 0x0, 0x1ff}, {0x7ff, 0x0, 0x9}, {0x1, 0x0, 0x6}, {0x2, 0x0, 0x20}]}) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000af0000-0x18)=[@text64={0x40, &(0x7f0000af0000-0x37)="f04aff800001c0fec48179e68b0b0000000f01d141abc4c1b45dbc8f000000008f2940936d00400f07c4e18d7cd1c461b959f7c0249899", 0x37}], 0x1, 0x8000000, &(0x7f0000aef000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(r2, 0x8138ae83, &(0x7f00002e0000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}) [ 28.924369] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 28.925380] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.926231] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.927606] GDTR: limit=0x00000004, base=0x0000000000000000 [ 28.928515] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 28.929340] IDTR: limit=0x00000000, base=0x0000000000000001 [ 28.930184] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 28.931395] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 28.932144] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 28.932894] BndCfgS = 0x0000000000000000 [ 28.933386] Interruptibility = 00000008 ActivityState = 00000000 [ 28.934085] *** Host State *** [ 28.934465] RIP = 0xffffffff811b6777 RSP = 0xffff8800672d74c8 [ 28.935206] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 28.935918] FSBase=00007f4c3a973700 GSBase=ffff88003fd00000 TRBase=ffff88003fd22cc0 [ 28.936812] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 [ 28.938315] CR0=0000000080050033 CR3=000000002ca71000 CR4=00000000000026e0 [ 28.938966] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 28.940518] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 28.940937] *** Control State *** [ 28.941195] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 2017/08/11 21:15:14 executing program 5: mmap(&(0x7f0000000000/0xaf4000)=nil, 0xaf4000, 0x3, 0x32, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000acd000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000adf000)="b90401004066b8470066bad104b0a9ee0f3052c76dfef3ab66b86f000f00d099d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e955266767f2a50f20d835080000000f22d8650f070f01b102000000", 0x5e}], 0x1, 0x0, &(0x7f0000af2000)=[], 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000ae9000)={0x7b, 0x0, [0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00008d3000)={"c8d0159ed3680688f0e8b18d0edc142710b585ad1729bc3e453d454e2fa3c8d3b48d66565810fc1ab111a07337cee279616a45b6503046dff269113dffb96fa05d412376e53f97774588577c86e438fa1d2c3a5d692a16107049eb416c1b09fa273de8de63dbef84e3745a1c5a21b97f17c41e902f5df397d88c66fad065b5d25dca12485a90172397352bfc2a74e169c9deb8df7391a115245f85ce17b52c472751738b309a0b6e7b588a9825031f60356adf1f98cfed065e794d3a29f4ec565518fea8a685d1ee3bc9f6eb523a5ebb4f1cea55c32a703bb15dcb07ed04086c96d62a020fe2f63738f99ecd3f91e69d8e3a49c37f15bcb83dcace48d526865faa5ac4de14dee3e547ba4bef0e66f8eaf96653f596162787a504d09c9a1f393f7f162f3c841440d0b46eb1a55b7ba42d4d3d7a007d34e9f829e5fe6ff2808f3c46b72fa727325cd6de3e2c3b888ab4cf717dff22fe39cb6f3973cf1fef794383782a6590d3d29ab199940b8d1ddccb195a4306e3e9b618475b1993fdc34cccd8e91dafd402bdfd03d66341249c04aefa340c1448a840c54506056334110e5122ae7ac079a22a1e71c78130a5440fdf7023826ef43efa154f1898e632ebc5148a8b6de2a725c69bdea3e1e44300ade89e934e990f90ee0f12528db5c251b192b81853cf52ac431d7249166d7f01d8663ecd99e3f36b8322a76c82d121158c461d8191d34f0a8c56587c9343d7790d9eb1ca1fab4b48ec0372ff235cf4839eae5db6718808debc0c741d4dca8a61677d0fc03cfd075bc4de894935b4c302a3fa6a926426c8080ce45b208d224391505e3c27655718f266a655e83100de2ae6bc7c9f861cd38b05c1bb58eb00defc04a15339fed77cb99010e0eedee23b31e6af80a6c19a5ff4e6d1ca59fc8dcbcca6c62d432ed40005499cf06ce8a141de0ba40c3b5782fa873fb80acd5d81e9194a086e4ee9d82aa4b83a8ebab2c39cc04d0907ad0b60d1cf2d7ef8c373b44154a5452c4fa9fd1204185d746a0adcb4a9b5804568a596f49fa712a7477e89e037321a5b96d03243e34e5942d1cfe584342e1f8d904025148d77f19dfff71bf62435ec7b8760b06b1ef893b4d2cace6dcb6564f3c9c8c851d01ada3f3cf60fae2fe15afd79a1c64b334ff8bdd2e854b78e69d313e5ea3e0ce951fc1782e802f454e84089a5dc28a6ddc5c52225efd6f86a18b00896ec436bf7d64bee1033210e4423d0b6e3f37cb2eab28d66c028879bfd3543206a683a5c91fa61c54fa0843eb6d613fdbd21c11794dedefab0576b7f4c5be20ce472d5fb32621f7b2e982329cb92db158a3b7a813353aff17d9d7c70635ccd8099b479acfd3f69d322c640e0798c67644ab4ef4a88e875da115770788d207e2e4afe7e00d0021c33d8ac2e79b857afb4517cee3e3564ed18acaab39bee8854c8"}) ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000819000-0x10)={0x100, 0x8, 0x8001, 0x202}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000af4000-0x78)={0x7, 0x0, [{0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}]}) mlock2(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x0) madvise(&(0x7f0000004000/0x9000)=nil, 0x9000, 0x0) ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f000000f000-0x68)={0x81, 0x0, [0x100000000, 0x1, 0x8, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af5000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_MP_STATE(r2, 0x8004ae98, &(0x7f0000af5000)=0x0) ioctl$KVM_GET_XSAVE(r2, 0x9000aea4, &(0x7f0000af5000-0x400)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"}) 2017/08/11 21:15:14 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x0, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x7, 0x0, [{0x4000000d, 0x7, 0x1, 0xff, 0x19d8, 0x0}, {0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 1: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_TSS_ADDR(r0, 0xae47, 0xd000) mmap(&(0x7f0000000000/0xafb000)=nil, 0xafb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_GET_SMMU_INFO(r0, 0x8250aea6, &(0x7f0000a8e000)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_DEV_IRQ(r0, 0x4040ae70, &(0x7f0000afc000-0x10)={0x9, 0x8, 0x101, 0x400}) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000afb000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, r0, 0xfffffffffffffffd) ioctl$KVM_S390_INTERRUPT(r0, 0x4010ae94, &(0x7f0000afb000)={0x2, 0x5, 0x8001}) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000a33000-0x28)={0xd, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_PIT(r2, 0xc048ae65, &(0x7f0000a3e000-0x70)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x11, r3, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000afb000)={0x0, 0x22}) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f00008ac000/0x18000)=nil, &(0x7f0000358000)=[@text16={0x10, &(0x7f000017d000)="0f01c90f01cb66f0821845650f06b84f008ee8b80b008ed00f01c9baf80c66b82c4bd28666efbafc0c66b80000000066efbaf80c66b893dd3f8066efbafc0cec0f09", 0x42}], 0x1, 0x5, &(0x7f0000015000)=[], 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r1, &(0x7f0000604000/0x18000)=nil, &(0x7f0000add000)=[@text32={0x20, &(0x7f0000089000)="66ba200066ed0f0099d0330000300fe3c1c05050a2ea815cc5427595d94d3e0f236eb8cc4ab08f6fececbafc0ced0b013f640f01caf26e36643e0f224566ba4040b800000000ef", 0x47}], 0x1, 0xf, &(0x7f0000395000)=[@efer={0x3, 0xc00}], 0x1) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f000095f000-0xc)={0x2, [0x100000000, 0xe0]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 28.947377] EntryControls=0001d1ff ExitControls=00afefff [ 28.948222] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 28.951200] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 28.951928] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 28.952587] reason=80000021 qualification=0000000000000000 2017/08/11 21:15:14 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x637}) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 28.956967] IDTVectoring: info=00000000 errcode=00000000 2017/08/11 21:15:14 executing program 2: mmap(&(0x7f0000000000/0xaeb000)=nil, 0xaeb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) ioctl$KVM_GET_CPUID2(r1, 0xc008ae91, &(0x7f0000201000-0xd0)={0x5, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}]}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) eventfd2(0x0, 0x0) eventfd2(0x0, 0x0) r4 = pkey_alloc(0x0, 0x3) pkey_free(r4) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f000054b000/0x18000)=nil, &(0x7f0000828000-0x18)=[@text32={0x20, &(0x7f0000ae8000)="c4c17d2b461a66ba2000ec26670ff29f775466b804008ee8c744240000900000c7442402b0000000c7442406000000000f01142466baa000b87b0000000f23d00f21f835100000020f23f8f6774666baa000ed66ba42ecc4e27d2a85a2a50000", 0x60}], 0x1, 0x0, &(0x7f0000ae1000)=[], 0x0) madvise(&(0x7f0000711000/0x4000)=nil, 0x4000, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000aeb000-0x10)={0x1003, 0x0, 0x0}) mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000aec000-0x10)={0x1ff, 0x0, &(0x7f0000abe000/0x3000)=nil}) ioctl$KVM_GET_EMULATED_CPUID(r2, 0xc008ae09, &(0x7f00005a4000-0x3f)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") write$eventfd(0xffffffffffffffff, &(0x7f0000789000)=0x0, 0x8) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000ae7000)={0x1, 0x0, [{0x11, 0x0, 0x0}]}) [ 28.958287] TSC Offset = 0xffffffe5d2f23400 [ 28.959973] EPT pointer = 0x000000003c59c01e [ 28.960462] Virtual processor ID = 0x06c8 2017/08/11 21:15:14 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0x0, 0x6, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0x81, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 28.984491] *** Guest State *** [ 28.985042] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 28.985667] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 28.986472] CR3 = 0x0000000000002000 [ 28.986804] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 28.987231] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 28.987797] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 28.988317] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.989081] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.989654] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 28.990415] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 28.991695] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.992441] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 28.993211] GDTR: limit=0x00000004, base=0x0000000000000000 [ 28.993930] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 28.994506] IDTR: limit=0x00000000, base=0x0000000000000001 [ 28.995220] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 28.995941] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 28.996564] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 28.997121] BndCfgS = 0x0000000000000000 [ 28.997515] Interruptibility = 00000008 ActivityState = 00000000 [ 28.997931] *** Host State *** 2017/08/11 21:15:14 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x0, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x6, 0x0, [{0xc0000007, 0x3, 0x4, 0x3, 0x0, 0x0}, {0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 28.998994] RIP = 0xffffffff811b6777 RSP = 0xffff88003b3ef4c8 [ 28.999893] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 29.000963] FSBase=00007f4c3a973700 GSBase=ffff88003fd00000 TRBase=ffff88003fd22cc0 [ 29.001782] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 [ 29.002477] CR0=0000000080050033 CR3=000000003b194000 CR4=00000000000026e0 [ 29.005457] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 29.016978] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 29.017789] *** Control State *** [ 29.022047] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 29.022784] EntryControls=0001d1ff ExitControls=00afefff [ 29.024078] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 29.024790] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 2017/08/11 21:15:14 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x637}) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 29.026167] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 29.026932] reason=80000021 qualification=0000000000000000 [ 29.027661] IDTVectoring: info=00000000 errcode=00000000 [ 29.028312] TSC Offset = 0xffffffe5c300ae8a [ 29.028812] EPT pointer = 0x000000003b32001e [ 29.035048] Virtual processor ID = 0x06c9 [ 29.036238] *** Guest State *** [ 29.036650] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 29.039886] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 29.040947] CR3 = 0x0000000000002000 [ 29.041366] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 29.041970] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 29.047860] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 2017/08/11 21:15:14 executing program 1: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_TSS_ADDR(r0, 0xae47, 0xd000) mmap(&(0x7f0000000000/0xafb000)=nil, 0xafb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_GET_SMMU_INFO(r0, 0x8250aea6, &(0x7f0000a8e000)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_DEV_IRQ(r0, 0x4040ae70, &(0x7f0000afc000-0x10)={0x9, 0x8, 0x101, 0x400}) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000afb000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, r0, 0xfffffffffffffffd) ioctl$KVM_S390_INTERRUPT(r0, 0x4010ae94, &(0x7f0000afb000)={0x2, 0x5, 0x8001}) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000afc000)={0xd, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r0, 0x4010ae74, &(0x7f0000afc000)={0x1, 0x7, 0x7f}) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_PIT(r2, 0xc048ae65, &(0x7f00009f9000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x11, r3, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000afb000)={0xffffffffffffffff, 0x21e}) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f00004f4000-0x18)={0x2, [0x8, 0x3]}) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f00008ac000/0x18000)=nil, &(0x7f0000358000)=[@text16={0x10, &(0x7f000017d000)="0f01c90f01cb66f0821845650f06b84f008ee8b80b008ed00f01c9baf80c66b82c4bd28666efbafc0c66b80000000066efbaf80c66b893dd3f8066efbafc0cec0f09", 0x42}], 0x1, 0x24, &(0x7f0000015000)=[], 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r1, &(0x7f0000604000/0x18000)=nil, &(0x7f0000add000)=[@text32={0x20, &(0x7f0000089000)="66ba200066ed0f0099d0330000300fe3c1c05050a2ea815cc5427595d94d3e0f236eb8cc4ab08f6fececbafc0ced0b013f640f01caf26e36643e0f224566ba4040b800000000ef", 0x47}], 0x1, 0xf, &(0x7f0000395000)=[@efer={0x3, 0xc00}], 0x1) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f000095f000-0xc)={0x2, [0x100000000, 0xe0]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 4: mmap(&(0x7f000053b000/0x2000)=nil, 0x2000, 0xffffffffffffffff, 0x2871, 0xffffffffffffffff, 0x0) mremap(&(0x7f000053b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f00000cc000/0x4000)=nil) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0x3, 0xffffffffffffff9c, 0x1}) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000379000/0xa000)=nil, 0xa000, 0x3, &(0x7f000053b000)=0x9, 0x7, 0xffffffffffffffff) mbind(&(0x7f00000cc000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000001000-0x8)=0x380000000000000, 0x4, 0x2) ioctl$KVM_X86_SET_MCE(0xffffffffffffffff, 0x4040ae9e, &(0x7f0000000000)={0x2000000000000000, 0x6000, 0x0, 0x4, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]}) ioctl$KVM_SMI(r0, 0xaeb7) munlock(&(0x7f00000cf000/0x1000)=nil, 0x1000) ioctl$KVM_DEASSIGN_DEV_IRQ(r0, 0x4040ae75, &(0x7f00000cd000)={0x0, 0x2, 0x100, 0x0}) mremap(&(0x7f000053c000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f00000cd000/0x2000)=nil) 2017/08/11 21:15:14 executing program 2: mmap(&(0x7f0000000000/0xae4000)=nil, 0xae4000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x2) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff}) mmap(&(0x7f0000ae4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@text32={0x20, &(0x7f0000ae5000-0x58)="f20f5dea640f01d7b9ec0a0000b8934b549cba000000000f300f090fc76b000f38c8a4300001c0fec744240000800000c74424027dd05742c7442406000000000f011c2466b8ab008ec066bad104b024ee64660f38820482", 0x58}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @flags={0x3, 0x4040}], 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_XSAVE(r2, 0x9000aea4, &(0x7f0000ae6000-0x400)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"}) [ 29.055298] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.056647] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 2017/08/11 21:15:14 executing program 5: mmap(&(0x7f0000000000/0xaec000)=nil, 0xaec000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, &(0x7f0000007000)={0x6, [0x14bbf6c5, 0xff, 0x1, 0x2, 0x1, 0x9]}) r3 = eventfd2(0x100000fff, 0x80003) mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000aec000)={0xa900000000000000, 0x2, 0x8, 0x20000006, 0x12, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]}) read$eventfd(r3, &(0x7f0000964000-0x8)=0x0, 0x8) r4 = pkey_alloc(0x0, 0x3) pkey_free(r4) mbind(&(0x7f00003d2000/0x400000)=nil, 0x400000, 0x2, &(0x7f0000aeb000-0x8)=0x1, 0x7, 0x1) r5 = eventfd2(0x80000000, 0x80801) read$eventfd(r5, &(0x7f000044a000)=0x0, 0x8) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000802000-0x10)={0x10000, 0x8000, 0x0}) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f000099d000-0x120)={0x7, 0x0, [{0x80000006, 0x9, 0x2, 0x9, 0xe669, 0xffffffff, 0x7f, [0x0, 0x0, 0x0]}, {0xb, 0x401, 0x0, 0xffffffff, 0x0, 0x909, 0x9, [0x0, 0x0, 0x0]}, {0x40000000, 0x4788, 0x5, 0x2, 0x7ff, 0x80000000, 0x2, [0x0, 0x0, 0x0]}, {0x40000007, 0xfff, 0x2, 0xffff, 0x2, 0x1ff, 0x3, [0x0, 0x0, 0x0]}, {0x40000001, 0x80000000, 0x2, 0x3, 0x4, 0x5c0a, 0xc7, [0x0, 0x0, 0x0]}, {0x80000019, 0x80, 0x1, 0x0, 0x1, 0x8, 0x9, [0x0, 0x0, 0x0]}, {0x0, 0x6, 0x4, 0x401, 0x3, 0x63f, 0x1, [0x0, 0x0, 0x0]}]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000054b000/0x18000)=nil, &(0x7f0000828000-0x18)=[@text32={0x20, &(0x7f0000ae8000)="c4c17d2b461a66ba2000ec26670ff29f775466b804008ee8c744240000900000c7442402b0000000c7442406000000000f01142466baa000b87b0000000f23d00f21f835100000020f23f8f6774666baa000ed66ba42ecc4e27d2a85a2a50000", 0x60}], 0x1, 0x0, &(0x7f0000ae1000)=[@cr0={0x0, 0x10000}, @dstype0={0x6, 0x5}], 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f000079f000)={0x101ff, 0x3, 0x10000, 0x1000, &(0x7f0000996000/0x1000)=nil}) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEBUGREGS(r2, 0x4080aea2, &(0x7f0000aed000)={[0x107000, 0x2, 0x2, 0x4], 0x2, 0x84, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) munmap(&(0x7f0000535000/0x3000)=nil, 0x3000) mmap(&(0x7f0000535000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000536000-0x4)={0x103fe, 0x0, &(0x7f000034a000/0x2000)=nil}) madvise(&(0x7f0000711000/0x4000)=nil, 0x4000, 0x6) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000aeb000-0x10)={0x15004, 0x10000, 0x0}) r6 = eventfd2(0x9, 0x0) write$eventfd(r6, &(0x7f0000789000)=0x6, 0x8) ioctl$KVM_GET_CPUID2(r2, 0xc008ae91, &(0x7f000060e000-0x58)={0x2, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}]}) [ 29.060676] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 29.061475] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 29.062346] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.063746] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 2017/08/11 21:15:14 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x0, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x5, 0x0, [{0xc0000001, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 4: mmap(&(0x7f0000000000/0xafa000)=nil, 0xafa000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text64={0x40, &(0x7f000099d000-0x64)="b6c3f8e788595dc51ba31779d22e2453ab6fe204d8cb17bc3c4ab8e3e0483b9931418b5c1612cb68cb1f08acd613883205213823efd610026d3b892f9ecf43c837882ddb41cb3a22a62644cc9081d865b5c7d6d371bfbc1b7da5ab28911fcb5667d0b08b", 0x64}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_CPUID2(r2, 0xc008ae91, &(0x7f0000afa000)={0x3, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_XSAVE(r2, 0x5000aea5, &(0x7f0000afc000-0x400)={"8514debd8bff13ab707294841d232772de07f9ac2b5b20aefa8ab2ff6d94d4dee6a73b5dd4cf85a1c573ad77606693b3a41d4540574c560e57d9d7e6ca37dd4d7e1e8eea837f525e7ac016926790434e95085636ea5dda705421aed48bf922efc11cbd90256b33401cee7078f77e3d39f94d90e72d24eb3c2b49ea53e22e69a252d094c5a40dc97ee26fc1fc6e67a72140efc1ea1221ade5fb7b1302ef3deb4b4600f258d902b718597ada9d580d6bda53451e25be6fa803f664da0122b3ea6adb456e625838327c227e64acebee2f94e72644896079705f92f791231fdf4309f20c5c0373d11f9e9e064efa8cfc52b781562384799bc08d5bba41773fe0a585a774961d4599fb0bcb7cd6ce959418d74216bc3e771f7c67e4ef9bf969c75be6f97319f97f349918883ad65ac3b824c5a09ad544ddcf3c923a9a063c43dabc4ef7077e86a88a889157776a14984ff66720d9ad56f7e67ac7001b01bfae6fd2649e79184ff882ae893a2c165553c84ae60f91c45db3e8d3391cc31e1069f6371c99177d0b3f360a9cb9a6cb0555482fc9c6583bed42b1a4241491083289c0ac4aa3822671e98e18c4af0cd4cd368203fa2b1713eb5e0c89a06ace34e31c25d01623e11bcc2e1879ea29a74ecb653f65cab872162a69e1f01653f51d6412fe183f89d9569c8c08846520eeb71e02ceef8370651dae3a3bf846e10337ee370565a8b078cd754074644d3fbc15666d71929a55fe922bc61ad40c5d7cb9ecc15f817f7dc2d21dd34ee50f0fbda4155fe775973d0683e1079354b6b971cf740445efe336f5cc5f847e01ecb997933cc3c8ac50a944eeb7923f44678a7511f8493aca7c7cff9738560b92ea3995a01ee2d6e2b16b982543aa1931a914ed2c83e928a6308e4aee992c388a98adca3b7e76fdaadb39df58d45795456176908c963c3395ade85543be6c95101fe42b2370c2cc0f4253fab811cfc4fe6ce65ee05fc75971c417e9a73856914da58fdb472c625a5fca64b4c949f01955a53414fa31facfe2b89a4c38bb37325fd28515f28bcbba20582f4ac368be3aed7fe133f1a65ced1a368362bef6b1f15352c0bca18ffba3dfb8eecf9d8be4e9785ab219be371958dc6ddfc461eb63f996f78bc228a4daf1f369a5c24b329643ad7707a1e1c3f4a3f168a49a0af7b22632f3bd076b5c7156fc713a5a7945fb450b5da6fb0fd21d684e53c4406234518e4b10e46144a78d62120c92383d0e58d27277d9d58e09e63ebcdc248491a4784431bae3eb47ef3c0ded47cb638fcc6969cbc533b3067e59334ba2e3b765005fe0269cd8e0a425e5339ab58695ac3ba5e75c113ae5ebd2df9530aebb6b4ab1947d4e3999fdb4332811408156db465b212aca6969aeebb1239976f9e1e1c0087ffab60e4bff194f792999a811d63a7b6ddc5774648d487c4c7704c4"}) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00006b4000)=@ioapic={0x2, 0x0, 0x0, 0x4, 0x0, [{0x3, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0xe2, 0x5, 0x0, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x6, 0x0, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x1, 0x4, 0x3, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x5d9a, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x5, 0x2, 0x7f, [0x0, 0x0, 0x0, 0x0], 0x40}, {0x9, 0x3f, 0x1, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x9, 0x1, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x0, 0x9, 0x5, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x100000000, 0x6, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x80000000, 0x10001, 0x8, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x7fffffff, 0x9, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xfffffffffffffffc, 0x1, 0xffffffffffffffe1, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x3, 0x6, 0xe945, [0x0, 0x0, 0x0, 0x0], 0xfff}, {0xfffffffffffff135, 0x6, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x8001}, {0x5bd, 0x3f, 0x7ff, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x400, 0x4, 0x9, [0x0, 0x0, 0x0, 0x0], 0x5d1f}, {0x100, 0x7f, 0xfffffffffffff801, [0x0, 0x0, 0x0, 0x0], 0x8}, {0x5, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1e71}, {0x3, 0x6, 0x6, [0x0, 0x0, 0x0, 0x0], 0x5}]}) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000326000)={0x3f, 0x1}) mmap(&(0x7f0000ac7000/0x1000)=nil, 0x1000, 0x20004000000003, 0x11, r0, 0xfffffffffffffff7) ioctl$KVM_GET_CPUID2(r2, 0xc008ae91, &(0x7f0000afc000-0xa8)={0x4, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}]}) 2017/08/11 21:15:14 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0x0, 0xc9, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 29.068701] GDTR: limit=0x00000004, base=0x0000000000000000 [ 29.069600] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 29.070477] IDTR: limit=0x00000000, base=0x0000000000000001 [ 29.071353] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 29.072200] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 29.072896] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 29.073763] BndCfgS = 0x0000000000000000 [ 29.075693] Interruptibility = 00000008 ActivityState = 00000000 [ 29.076395] *** Host State *** [ 29.077878] RIP = 0xffffffff811b6777 RSP = 0xffff88003b3ef4c8 [ 29.078530] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 29.081456] FSBase=00007f4c3a973700 GSBase=ffff88003fc00000 TRBase=ffff88003fc22cc0 [ 29.082281] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 29.083973] CR0=0000000080050033 CR3=000000003b194000 CR4=00000000000026f0 [ 29.086278] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 29.086941] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 29.089037] *** Control State *** [ 29.089401] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 29.091480] EntryControls=0001d1ff ExitControls=00afefff [ 29.092054] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 29.094486] VMEntry: intr_info=80000017 errcode=00000000 ilen=00000000 [ 29.096320] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 29.096943] reason=80000021 qualification=0000000000000000 [ 29.098729] IDTVectoring: info=00000000 errcode=00000000 [ 29.099314] TSC Offset = 0xffffffe5c300ae8a [ 29.099752] EPT pointer = 0x000000003b32001e [ 29.100226] Virtual processor ID = 0x06c9 2017/08/11 21:15:14 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x0, 0x9, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x637}) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 29.117318] *** Guest State *** [ 29.117649] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 29.118426] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 29.119262] CR3 = 0x0000000000002000 [ 29.119641] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 29.120185] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 29.120746] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 29.121367] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.122103] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.122797] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 29.123530] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 29.124245] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.124966] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 2017/08/11 21:15:14 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 29.125695] GDTR: limit=0x00000004, base=0x0000000000000000 [ 29.126601] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 29.127353] IDTR: limit=0x00000000, base=0x0000000000000001 [ 29.128475] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 29.129288] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 29.130191] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 29.130904] BndCfgS = 0x0000000000000000 [ 29.131987] Interruptibility = 00000008 ActivityState = 00000000 [ 29.132643] *** Host State *** [ 29.133130] RIP = 0xffffffff811b6777 RSP = 0xffff88003ad974c8 2017/08/11 21:15:14 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x0, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x4, 0x0, [{0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 1: mmap(&(0x7f0000000000/0xaf4000)=nil, 0xaf4000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_GET_SREGS(r2, 0x8138ae83, &(0x7f00006f0000-0x138)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f00000f3000)={[{0xffc000000000000, 0x20, 0x0, 0x83ee, 0x4, 0x8, 0x4, 0x9, 0x9, 0x7, 0x9, 0x0, 0x0}, {0x1f, 0x3f, 0x3, 0x4, 0x5, 0x4, 0xffff, 0x3, 0xf, 0xff, 0x3f, 0x9, 0x470}, {0x7, 0x8, 0x80000000, 0x7, 0x4, 0x8000, 0xfffffffffffffffe, 0x5, 0x2, 0x68c4, 0xba, 0x9, 0xfd79}], 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x0, 0x0, 0x0, 0x0, 0x0}) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_REGS(r2, 0x8090ae81, &(0x7f0000af4000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000af4000)={0x7b, 0x0, [0x0, 0x0, 0x0, 0x8001], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_XCRS(r3, 0x4188aea7, &(0x7f0000020000)={0x5, 0x3800000000000000, [{0x8, 0x0, 0xfffffffffffffffe}, {0x46a9ed81, 0x0, 0x4}, {0x0, 0x0, 0x1}, {0x7, 0x0, 0x5}, {0x0, 0x0, 0x200}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_GET_LAPIC(r3, 0x8400ae8e, &(0x7f0000224000)={"e1348a07cb208c9486bcbe18689e137065b11ef5491b5831480aaba243a7dd03117bd4998324d8c254fede8ec508460bea485cb5f8b66f2ced1ea94030770d78b1ba3be7917ae7e356bbbccee468d4e24a8009ac0b67aa865fce96fd5a9b93f8d0e99209a19170dc3c75b8f1b3ac6a9104830fc89d4769dfb7201dd3eac588080000000000006aa1d328cac2d82657d12a7697970c962e016e3ac63bf8c85706df2838d206708e40cec0f77127cdb7522398e5d60c8a8dab9f1a844c3aab629eaa486852e8fa7c7e3c24756bbefab412a75f4635cf2224a348d3a6226cc437aa2e5e43c2f2ea10c926212d7e2f1ad5122aab9fc7941408e484dce354b9fd806908e8da1b68f5530df699de8bd378c997c5ffff0000000000006e9bcb9c82739c5b83394666995b522f434beb3e78bb8df406678a8b933ab26e0338a9f661d179647dd0342df5f3952682ebaf03af2d657f3fc6becd18b17d2437c7450c9bfe17f3f98a9173045a733e4becc7cb409148b90e4754c4d467c1b82b3ab7d2d175b5d68126a65fb322ebbe25d2844d392943e500956866c732aa9e40b619a8da4ea05ae66d45b5193a65768ede202b189810222739f44472cf4a2f027cbf8a008378ce0a0bbcf684e0ee91addf193e91c85e4b2e6508e086562e33bab4e2b7123def4b56deaf9952d09d25590aaf658509e5b818b6c8aeaedbae2ff0a661956a6c7126fa2c8fec1c496df2406f56512a1fe332b7932e46ee2a174b565765e99802a0e66ce428d85ebdf48150a62e54fdab44a9f71d0d67dfdb59d762cb7a8b24b09e046df78fb15c27dfa37bf1aaf3c038591f84f66bc29cc20a5b7c73272e83dd0f9a094692df5aac383ae35030e4200b63c911efd3adcb35a27eeaee306ea944a3c38da8ca799d97bbc097ba00bf19dd60fe32361e5dcee02f0b68c602fb5ab2dbfd21e826e34dab88665a0f9b827cbd99c0649378ac5fa09a340d8c39bbbf1168fab530da86b44e0cbfe710f16cf41a87fbddd3a8046064980faf81cadfc334aa66a51bac724b272956fd968c080ee46766e2eeeb45c8533ed7eb950277bd8be90ef0ebbc383defa96e2762cd2f4dbc90090bd138197ac7e887768da901b3c8ca2b9a0a7b29c26c083cc1c216609daaa9ff2ca1b44bfc0205c7287312f28ba8daa3edba0ff878a9017b04e1fa956036db5ba4348ba3ba40acbc86d0aca873294041fa9f5f6015aab8a43907469ff81aa36c0037cb576095f9a6d6aeecb258bc67e70258556d081e65e6c9d62ca82a3638a92b18335eb34f06bff840b061919341ddcf666314516406b2f617c9b229c0321bc4e0b63e95cbcfc02ea01b368094b0924bf5067d07d3dfe620d457794d07ca774109f5afed760637fa9ee3c3e1aaf0092184323b274b22bee134ce03090719abfb0e8174a4f6c56a0d172467564e3e"}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) [ 29.134313] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 29.135479] FSBase=00007f4c3a973700 GSBase=ffff88003fd00000 TRBase=ffff88003fd22cc0 [ 29.136241] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 [ 29.136848] CR0=0000000080050033 CR3=000000006b4f0000 CR4=00000000000026e0 [ 29.137698] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 29.138432] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 29.139385] *** Control State *** [ 29.139916] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 29.140582] EntryControls=0001d1ff ExitControls=00afefff [ 29.141515] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 29.142524] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 29.143253] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 29.143866] reason=80000021 qualification=0000000000000000 [ 29.144532] IDTVectoring: info=00000000 errcode=00000000 [ 29.145059] TSC Offset = 0xffffffe5a80be486 [ 29.145470] EPT pointer = 0x000000003d5d501e [ 29.145936] Virtual processor ID = 0x06c9 2017/08/11 21:15:14 executing program 2: mmap(&(0x7f0000000000/0xae4000)=nil, 0xae4000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x2) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff}) mmap(&(0x7f0000ae4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@text32={0x20, &(0x7f0000ae5000-0x58)="f20f5dea640f01d7b9ec0a0000b8934b549cba000000000f300f090fc76b000f38c8a4300001c0fec744240000800000c74424027dd05742c7442406000000000f011c2466b8ab008ec066bad104b024ee64660f38820482", 0x58}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @flags={0x3, 0x4040}], 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_XSAVE(r2, 0x9000aea4, &(0x7f0000ae6000-0x400)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"}) 2017/08/11 21:15:14 executing program 5: mmap(&(0x7f0000000000/0xafa000)=nil, 0xafa000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = pkey_alloc(0x0, 0x2) pkey_mprotect(&(0x7f00000aa000/0x1000)=nil, 0x1000, 0x300000a, r1) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) munlock(&(0x7f000093e000/0x3000)=nil, 0x3000) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f000050f000)={0x9, 0x3cca}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text64={0x40, &(0x7f000060a000)="b9440b0000b8fc000000ba000000000f300f20d835080000000f22d8f34a0faea1f9ffffff66664b0faeba79260000420f01cb26410f01cb66baf80cb8838f1f84ef66bafc0cb000eeb805000000b90c0000000f01d966baf80cb81ef17383ef66bafc0c1517ee6665660f3a632f0b", 0x6f}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000a34000)={"c4452d564bc18131a7e3469972ffd50f9d90ea005f95a2868da5b4b79eb483a6f3a2bec0b731905380a917e373b6ebf022f79c6ecbce9219cd5eadd5f17cdaf923a403d187fa192ee25ed7a23fcd7fb1bb13281a95397b85fc72d8726a808c824318922ced4f25a6a67ed68b697c01bc1ca0861292f4885e094f1efd04f09b60a5eae1cd8f120940448caf8195cd36ddaea66dc0b13f1a2f36f561fba631bd1d1841750169a1fcd18b46df5b1eee471badaeea75e8b1d7d97041b94db7921bdc74209f489b1f75d44cd7337b21230a1680a6a763dcf6c1c3522d9b0cd8ca43b34aeda456800894b482d1609e50ec88aad0210f6537d7e2d2b1b0332340c79cd7cd494d6cffffe07dc97fd376065480e634c1da93d768b45e9a2bd9d0df1c9bc03ac52cb18c741354b1500c8fd055a203bd3ca135c98467add85baa0b72017e90b12886d58babc4af76991954b2c0207f469f8776ebd103249a478359aabb1c4cac8b0c2a3e8503ead32c6cf626047b56c067831461f4813c71740dfbfe199ac6e40dec2dea9dd7eb21e8bc0c12f461c465559c0ef9e8577e1b0e97326290feec78ebb987d4e8e46bfc89de89e86f7885623b60f2869c0e0dc293a1ede918ef946042f2f1faee98bfd69f5878201cd807224eabad85df9eaa1e36f64ae8bcd7faa949683c1189628b4bb2b56a4a2e1cf1a6872d2d6743acadd88e729046a0404791436e9b6f8ef22b6318e28c536c576100c48ac1c561c2eb03551fbc6e6437570b57fb1aa73704304977d54782f9c4777e4ad14fac0e8060ffed9d7d8b606cce39e700ca0e131c4a002035af15cb18c136fee0040b202b7c2b1a98e1eaa368e4c573f6d2376c02aa08e0e0f55980cab9dd968b6cc0e00b919088e40aabaaaa6ef87f283b46f24701e6895881b1e90abcbe807bb8fc7cb7a44acebdad88eded846869262408121639dcf3b0d700e142b9ffa1054ec14f6ee0ded5fc490974f2bb9df4684e42ac43b48b981e0a69ead50c34e75584e5834ca20ef59c5c68bc7d7ef2031b3ac08f20e237ceb88b171f9a86a11709197b2bb89880acad5c9c084b34321c8996ce631437f4b8e9917e8ebbeef67bb8564d4768636d1c65991f6e49cc81a00d26e13a360fc237d040e0797ab7feb2bbd81168fa575ee583ae12c5ad0e6423a1515741c20332608bed69140a3def484d38a1f1e6cefb33447577b1a3e60b836ae003ec9ef4fbff919e366a899ca6a006cd3aebcb9dd6e1b1c012f440057f094817e0d335bde29c17b55f4dae68aa99b4f2c0ad9f205d9094ca822f79bce544550764c02c2d3e6322706da96d3324efdf12f50c37b1805f4c5a921c2eee450ccc44d4c439410d4acc234d85cab3232109ca42c3e9b42899931c2404b0b91921143f22bd6e6d8aca01af51ca80e2d38f111523170d3bf1ce001a1c150b12"}) mprotect(&(0x7f00009d5000/0x3000)=nil, 0x3000, 0x8) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00006b4000)=@ioapic={0x2, 0x0, 0x0, 0x4, 0x0, [{0x3, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x6}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0xe2, 0x5, 0x0, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x0, 0x6, 0x0, [0x0, 0x0, 0x0, 0x0], 0x7}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x1, 0x4, 0x3, [0x0, 0x0, 0x0, 0x0], 0x80000001}, {0x5d9a, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x5, 0x2, 0x7f, [0x0, 0x0, 0x0, 0x0], 0x40}, {0x9, 0x3f, 0x1, [0x0, 0x0, 0x0, 0x0], 0x9}, {0x9, 0x1, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x4}, {0x0, 0x9, 0x5, [0x0, 0x0, 0x0, 0x0], 0x20}, {0x100000000, 0x6, 0xffff, [0x0, 0x0, 0x0, 0x0], 0x3}, {0x80000000, 0x10001, 0x8, [0x0, 0x0, 0x0, 0x0], 0x1ff}, {0x7fffffff, 0x9, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x5}, {0xfffffffffffffffc, 0x1, 0xffffffffffffffe1, [0x0, 0x0, 0x0, 0x0], 0x0}, {0x3, 0x6, 0xe945, [0x0, 0x0, 0x0, 0x0], 0xfff}, {0xfffffffffffff135, 0x6, 0x8000, [0x0, 0x0, 0x0, 0x0], 0x8001}, {0x5bd, 0x3f, 0x7ff, [0x0, 0x0, 0x0, 0x0], 0x10001}, {0x400, 0x4, 0x9, [0x0, 0x0, 0x0, 0x0], 0x5d1f}, {0x100, 0x7f, 0xfffffffffffff801, [0x0, 0x0, 0x0, 0x0], 0x8}, {0x5, 0x3f, 0x6, [0x0, 0x0, 0x0, 0x0], 0x1e71}, {0x3, 0x6, 0x6, [0x0, 0x0, 0x0, 0x0], 0x5}]}) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000326000)={0x3f, 0x1}) 2017/08/11 21:15:14 executing program 4: mmap(&(0x7f0000000000/0xaec000)=nil, 0xaec000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000964000)={0x6, 0xffffffffffffff9c, 0x0}) mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000aed000-0xc8)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r1 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x9) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r3, 0x4018aee3, &(0x7f000081e000)={0x0, 0xe8, 0x6, &(0x7f00002c0000-0x8)=0x0}) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00008d2000)={0x4, r3, 0x0}) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00008e0000)={0x3, 0x0, [{0x2, 0x0, 0x0}, {0x0, 0x0, 0x1}, {0x7fffffff, 0x0, 0x80000001}]}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x804000000003, 0x5810, r5, 0x0) ioctl$KVM_SET_LAPIC(r5, 0x4400ae8f, &(0x7f0000aed000-0x400)={"d04003a9db104c0349d5cb58ac7eb2bcb86348f2f1aee069d47bca5de970710253279ee82cd4f8cf0c8c20203d2f46b8bea35f8cb195e73efb9592853aa6ec14a565d1315e915b10aefffc3865ec0dfca46ce4504c0e9a80914df3032f8dfd7991c1c600ccb38a573c1fc2a440dd00b2e17202bf226b3244308dd3f3dc2bb23db7a102b1129017235c885f67056dde38cd0d8f021a6067fcc4e91740622290c316f94d886aca61f9a1e7463b51dbc35f1ffab100afbdc181ce05efd1b595fefbcff8824fe7ec7345cfe370f2a7f19fbb300336ef3ae44825e3061a27f2ac04e32e1f46e9c652dde6b872e60786ad9db218ffd3f54518b8b8c66f743dad8c048d9b9b71142615b1f7f4d26c5aa11de7dfd07494251fe8a6e8080be194309f48496276f5449d075bb00db8367d3ed67094864a89eb6e9c2aff784b52bdb5245390bf4afae1f1d56b4c4ee8df589792cb6f39234b40dcb2afd3e2d6aba87d228d6bdc3ad0e1e7f2907a605ace46c24d544b4c3a4e5b6b4da1ad7233f5849d7e5df7289a13a939be28abad18f6e694842bc361fe210a9495d8b7463e1684b11589d7be2a5e00a6e35667061eee80247abddd932a51aa591642e1ce3b391b70ec593c45c022b1809740bd315f97589b6c002def16fe0a766f8779f311aa79824244949c7c4d9384b5196c395c168bf7ef4f4198f354d2fabe0260f8067138de05ab37a234042c9bf18888e460d34a432ba4f28454ef78911a0d40aa0666caca46c82c7ab26197cecd37390dae7737639e46c4bb72e180a620b27ea540aa489589125e4078130c095c1e73de17dd89888a8761ab6e3885a4f286056adcfe82ab7ea79baf3ccd265129b5f9a9ae2e582630df45ce252cc18fc75c64f52ab8b8b63450a873eb227b30641cad3a925332b3e4371b9b8726c43f21fd2440409e318c8098d128322f7f9cf0a686b742767c71be122d44a37baa0f4064e8b5f9221e0d21f34e9e592a1e5ee46e7e0190e079f8709f3aaf4780441cb3db714b045373834ea9b8cef1c7109b8d92e4015378b0e7617b11a12c7e68f4ebb2de55519d79ae88b2653be67cbf9d5cb7a4483f41c314a165cb325435b3ea5d72578ed33188e0412673eb06a3d6650460dc231bf90ebc6a02f92fb0a29c7c17f21b4028d569e4688275e4025ba7d383066af18c4830f5323b2a5d136e5925c214e5e353558b158c1722fc1d825e9b56e97ad8d7369f9f935d770f4362ec0ff811be058a435ff86f7941bcc36acac9eb776a1c2ca7f68e27c8d7f2fdd690175a6395f98c5009570774f6669568189aaa6d4b0c209835c358f0d1f473730c314cc4895d62ebf49efe2aef671484629d9fbbc442833fe56c626d4089edb4966bff91e0b2f6157df85568c8d4c2f1ba03445e898a42ebe7f7af110ab6f0fc5ca67345d92218d82ac570393a"}) mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x6, 0x1811, r2, 0x0) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000aec000)={0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4068aea3, &(0x7f0000aee000-0x68)={0x7b, 0x0, [0x400, 0x7fffffff, 0x7, 0x6], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r4, 0x4018aee3, &(0x7f000040d000)={0x0, 0x7, 0x6, &(0x7f00002a5000)=0x0}) ioctl$KVM_INTERRUPT(r5, 0x4004ae86, &(0x7f0000aed000)=0x7) ioctl$KVM_SMI(r5, 0xaeb7) ioctl$KVM_PPC_ALLOCATE_HTAB(r4, 0xc004aea7, &(0x7f0000548000)=0x6) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00009f8000-0xc)={0x6, r4, 0x0}) ioctl$KVM_RUN(r5, 0xae80, 0x0) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_XCRS(r5, 0x8188aea6, &(0x7f0000aef000-0xa8)={0xa, 0xb, [{0x10000, 0x0, 0x197400000000000}, {0x4, 0x0, 0x400}, {0x0, 0x0, 0x1}, {0x6, 0x0, 0x0}, {0x6, 0x0, 0x7ff}, {0xffffffff, 0x0, 0x0}, {0x7, 0x0, 0x3}, {0x2, 0x0, 0x5}, {0x95c, 0x0, 0x800}, {0x7, 0x0, 0x1ff}]}) 2017/08/11 21:15:14 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:14 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x0, 0x3, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x0, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x5, 0x0, [{0x0, 0xfef0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 1: mmap(&(0x7f0000000000/0xafa000)=nil, 0xafa000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000afa000)={0x1, 0xffffffffffffffff, 0x1}) mmap(&(0x7f00004c0000/0x1000)=nil, 0x1000, 0x3, 0x30, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_BOOT_CPU_ID(r0, 0xae78, &(0x7f0000afa000)=0x2) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffff9c, 0xae41, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r1, 0x4004ae8b, &(0x7f00007a1000-0x1004)={0x0, ""}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) write$eventfd(r0, &(0x7f00009b3000)=0x8, 0x8) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000274000/0x18000)=nil, &(0x7f0000adf000)=[@text64={0x40, &(0x7f000099d000-0x64)="b6c3f8e788595d2a1ba31779d22e2453ab6fe204d8cb17bc3c4ab8e3e0483b9931418b5c1612cb68cb1f08acd253883205213823efd610026d3b892f9ecf43c837882ddb41cb3a22a62644cc9081d865b5c7d6d371bfbc1b7da5ab28911fcb5667d0b08b", 0x64}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f0000231000-0x8)={0x4, 0xc6}) ioctl$KVM_S390_INTERRUPT_CPU(r1, 0x4010ae94, &(0x7f0000af7000)={0x7fff, 0x2, 0x401}) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000515000)={0x4, r1, 0x1}) ioctl$KVM_GET_SREGS(r1, 0x8138ae83, &(0x7f00003e2000-0x138)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}) mremap(&(0x7f0000294000/0x2000)=nil, 0x2000, 0x4000, 0x2, &(0x7f00002da000/0x4000)=nil) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f0000afc000-0x4)=0x1) ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, &(0x7f0000635000-0x6)={0x2, [0xa72, 0x8]}) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000af8000)={0xa3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) ioctl$KVM_GET_LAPIC(r5, 0x8400ae8e, &(0x7f0000afa000-0x400)={"7b27d3b64a87e6025ecc0555dfc410dd938e993293cc09c27d286292559242c198873530f3c60f18ef51c5613edf4323f8c02f69d0fca2266076a7e7824d9c854de7052a853a2df7169f57b8d24b07462d8c98a9965a75e5072e7c97121fc3561ff57df693eb84143554a2274744dc0bb19d4aa4d9da2fb6fa49f5b30c909603304c6dc3b28e75bbcbaa615b98ffdfa9873e1096ad1dbe1a7e4fae37da09dd5590f92b6dd95b56d37f82c247d6984325f2099b25022eda8cb94c836f181c2b9e9adbe70ae00a0a938585cf20ee10c690446248cf1c6dc8691e1fbe78fc350b36339027f9cbaa7428a665cbf6d32770ba755c5aa04961ce450df4462516f93f56e7d9e97f4cb8ff0db7a861b51d7f5fc737d5dfa7de9648dc5bd0a4a92184ca87a4c29d8580dd5783946c7466da4c8750656d511a02060a91e1f80c697f07d7788081f68024b137abd634761f0c7765265877a1c1f71f2a1d6c98461cd4fdbbf33b141c45d35c51068e3dfac09c29275a3bd0a2e762b46561ddb7efc58bffaa72096a7577d17c8fd7aeb37f46ea59e1c866fc6dbeefad42d4125dd50f76c4aac46c3c9fe58e7cf6814df077d657720ee9dd91de440202d25e6274b0894319d72d76476eb493609942cc024ebee82dbeaff4d7315ffeb0439c0555ee95381c871f1d710c4f5c29fc917649c7a5279707f964d373d3982f7030b3876d7ecbf018181bde61e3db5ab8655bca7dafbd1334be07492318ecc65687c6e5d90797a614f1afef96f4d68ce2cd053e87ad3df58641776dbe64093d32f69fe67ae8a97a88ddf1d03bdbc0d70ec4fe0da6fcec1a8079aaedf03abcac161caa036d06a765e4e14e2b2deb48dd2289e972ed26e1e4da4e81d446af11dd1fcf2ff1cf5052dfeac0e1710195ad72cc55b3a2182da4ce23a33238d3457374a3f04d569b019486de2faf6b26f3f91da458736916a85b7d0ad85104e635400462feafca888af61bc82dde5a877230871607b3059bf8ce202488cac0ec478ec316948bc2b55a4e7f30effc619be3ed746b0f4767b1869418c50e5e2e08ba6d1b447be12480a1af05ec98f28f404c2fee03efb276cf44170f150a21b6046411b6e772b1de3995cbe9b2ce9aee530323f65adc0d9606c7175d365953f8beb3629ff500edc3b783e3492cb9d29f668a0e7d66d95b6add4d101934fd394b70843c8e1c1bb84532bcf62b716853946d3df3bcb9cec40cb98b85062d1cb62dd20b8291ba7d598e1b0faaab6c7f111e59c78d6961b33ca358aa9dda30502d338c039bb704ad4ebf0b98347c47a32429b8f7f6ab1f7925c375a778faad36a6502d1e12243a11f1ba86eaa5167146ec6d4ab992920bf03baa8b24b31e7504fe8042ea2695e9f3bfa2cb27f779922ef23f37bec41e9ac5470b09a0b3304797eb6a208a902f497e6c1c76284a3fdc31"}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_PIT2(r3, 0x4070aea0, &(0x7f0000afc000-0x70)={[{0x1, 0x3, 0x8001, 0x3f, 0x0, 0x1, 0x1, 0xfff, 0x3, 0x8001, 0x6, 0x4c2, 0x3f06}, {0x2, 0x9a8b, 0x401, 0x0, 0x5, 0x1, 0x3, 0x2, 0x4535, 0x1, 0x101, 0x2, 0x80000001}, {0x3, 0x7fffffff, 0xc36, 0x1f, 0xf9, 0x200, 0x8, 0x4, 0x3f, 0x2, 0x7, 0x1f, 0x82d}], 0xfffffffffffffffd, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f000079c000/0x18000)=nil, &(0x7f0000635000-0x18)=[@textreal={0x8, &(0x7f00004b0000)="baf80c66b88ad9018466efbafc0cedb800068ee866b9800000c00f326635000100000f300f01c9ba430066b86e60e0c766ef670f01cf9c660f6e9a00000fbc6800f0306201", 0x45}], 0x1, 0x74, &(0x7f0000afa000-0x20)=[@efer={0x3, 0x1000}, @efer={0x3, 0x9800}], 0x2) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 29.213172] *** Guest State *** [ 29.213474] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 29.214225] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 29.214962] CR3 = 0x0000000000002000 [ 29.215286] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 29.215775] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 29.216361] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 29.217050] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.217843] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.218670] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 29.219514] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 29.220351] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.221142] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.231536] GDTR: limit=0x00000004, base=0x0000000000000000 2017/08/11 21:15:14 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 29.234903] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 29.235736] IDTR: limit=0x00000000, base=0x0000000000000001 2017/08/11 21:15:14 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 29.237164] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 29.237946] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 29.238624] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 2017/08/11 21:15:14 executing program 2: mmap(&(0x7f0000000000/0xae4000)=nil, 0xae4000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x2) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff}) mmap(&(0x7f0000ae4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@text32={0x20, &(0x7f0000ae5000-0x58)="f20f5dea640f01d7b9ec0a0000b8934b549cba000000000f300f090fc76b000f38c8a4300001c0fec744240000800000c74424027dd05742c7442406000000000f011c2466b8ab008ec066bad104b024ee64660f38820482", 0x58}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @flags={0x3, 0x4040}], 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_XSAVE(r2, 0x9000aea4, &(0x7f0000ae6000-0x400)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"}) [ 29.239966] BndCfgS = 0x0000000000000000 [ 29.240405] Interruptibility = 00000008 ActivityState = 00000000 2017/08/11 21:15:14 executing program 4: mmap(&(0x7f0000000000/0x64000)=nil, 0x64000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r2 = eventfd2(0x4000000002, 0x0) mmap(&(0x7f0000064000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mlock2(&(0x7f0000063000/0x2000)=nil, 0x2000, 0x1) ioctl$KVM_PPC_GET_PVINFO(r0, 0x4080aea1, &(0x7f000004f000)="00000000000000000000000000000000000000000000000000000000") ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000020000)={0x0, &(0x7f000002d000)=0x0, 0x2, r2, 0x3}) mmap(&(0x7f0000065000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000065000)={0x1000, 0x0, 0x0}) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000043000)={0x6000, &(0x7f000002d000)=0x0, 0x4, r2, 0xffffffffffffffff}) mmap(&(0x7f0000065000/0x1000)=nil, 0x1000, 0x3, 0x13, r2, 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000066000-0x14)={0x3f, 0x7, 0x2, 0x3, 0x9}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_GET_TSC_KHZ(r3, 0xaea3) mmap(&(0x7f0000065000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000065000/0x1000)=nil, 0x1000, 0x3, 0x32, r1, 0x0) mmap(&(0x7f0000019000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f000003a000/0x18000)=nil, &(0x7f0000066000-0x18)=[@text64={0x40, &(0x7f0000065000)="48b895670000000000000f23c00f21f835010002000f23f8440f20c0350f000000440f22c0660f38800bc4c2810bef43806a6b00b9390900000f3267410f029ff3ffffffc4012955b50030000067450f01d10f2014", 0x55}], 0x1, 0x8, &(0x7f0000066000-0x10)=[@dstype0={0x6, 0x9}], 0x1) mmap(&(0x7f0000066000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f0000066000)={0x0, 0x7, 0x2, &(0x7f000002d000)=0x0}) write$eventfd(r2, &(0x7f000003e000)=0x100, 0x8) mmap(&(0x7f0000065000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000066000-0x8)={0x5309, 0x1}) write$eventfd(r2, &(0x7f0000005000-0x8)=0x1, 0x8) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) mmap(&(0x7f0000065000/0x1000)=nil, 0x1000, 0x1fffffd, 0x32, r1, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000066000-0x1c)={0xec, 0x8, 0x80000000, 0x0, 0x3, 0x9, 0x5, 0xdfd, 0x1b7, 0xffffffffffff8001, 0x0, 0xfffffffffffffffc, 0x0, 0x1, 0x8, 0xfff, 0xffff, 0x4, 0x58f}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f000003d000)={0x6, r1, 0x0}) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000049000-0x8)={0x3ff, 0x1}) [ 29.241923] *** Host State *** [ 29.242282] RIP = 0xffffffff811b6777 RSP = 0xffff8800390774c8 2017/08/11 21:15:14 executing program 5: mmap(&(0x7f0000000000/0xafa000)=nil, 0xafa000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffff9c, 0xae41, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r0, 0x4004ae8b, &(0x7f00007a1000-0x1004)={0x0, ""}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000274000/0x18000)=nil, &(0x7f0000adf000)=[@text64={0x40, &(0x7f000099d000-0x64)="b6c3f8e788595d2a1ba31779d22e2453ab6fe204d8cb17bc3c4ab8e3e0483b9931418b5c1612cb68cb1f08acd253883205213823efd610026d3b892f9ecf43c837882ddb41cb3a22a62644cc9081d865b5c7d6d371bfbc1b7da5ab28911fcb5667d0b08b", 0x64}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_S390_INTERRUPT_CPU(r0, 0x4010ae94, &(0x7f0000af7000)={0x7fff, 0x2, 0x401}) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000515000)={0x4, r0, 0x1}) ioctl$KVM_GET_SREGS(r0, 0x8138ae83, &(0x7f00003e2000-0x138)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}) mremap(&(0x7f0000294000/0x2000)=nil, 0x2000, 0x4000, 0x2, &(0x7f00002da000/0x4000)=nil) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000a69000)=0x3) mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_MP_STATE(r3, 0x8004ae98, &(0x7f0000afb000-0x4)=0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000af8000)={0xa3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) ioctl$KVM_GET_LAPIC(r4, 0x8400ae8e, &(0x7f0000afa000-0x400)={"7b27d3b64a87e6025ecc0555dfc410dd938e993293cc09c27d286292559242c198873530f3c60f18ef51c5613edf4323f8c02f69d0fca2266076a7e7824d9c854de7052a853a2df7169f57b8d24b07462d8c98a9965a75e5072e7c97121fc3561ff57df693eb84143554a2274744dc0bb19d4aa4d9da2fb6fa49f5b30c909603304c6dc3b28e75bbcbaa615b98ffdfa9873e1096ad1dbe1a7e4fae37da09dd5590f92b6dd95b56d37f82c247d6984325f2099b25022eda8cb94c836f181c2b9e9adbe70ae00a0a938585cf20ee10c690446248cf1c6dc8691e1fbe78fc350b36339027f9cbaa7428a665cbf6d32770ba755c5aa04961ce450df4462516f93f56e7d9e97f4cb8ff0db7a861b51d7f5fc737d5dfa7de9648dc5bd0a4a92184ca87a4c29d8580dd5783946c7466da4c8750656d511a02060a91e1f80c697f07d7788081f68024b137abd634761f0c7765265877a1c1f71f2a1d6c98461cd4fdbbf33b141c45d35c51068e3dfac09c29275a3bd0a2e762b46561ddb7efc58bffaa72096a7577d17c8fd7aeb37f46ea59e1c866fc6dbeefad42d4125dd50f76c4aac46c3c9fe58e7cf6814df077d657720ee9dd91de440202d25e6274b0894319d72d76476eb493609942cc024ebee82dbeaff4d7315ffeb0439c0555ee95381c871f1d710c4f5c29fc917649c7a5279707f964d373d3982f7030b3876d7ecbf018181bde61e3db5ab8655bca7dafbd1334be07492318ecc65687c6e5d90797a614f1afef96f4d68ce2cd053e87ad3df58641776dbe64093d32f69fe67ae8a97a88ddf1d03bdbc0d70ec4fe0da6fcec1a8079aaedf03abcac161caa036d06a765e4e14e2b2deb48dd2289e972ed26e1e4da4e81d446af11dd1fcf2ff1cf5052dfeac0e1710195ad72cc55b3a2182da4ce23a33238d3457374a3f04d569b019486de2faf6b26f3f91da458736916a85b7d0ad85104e635400462feafca888af61bc82dde5a877230871607b3059bf8ce202488cac0ec478ec316948bc2b55a4e7f30effc619be3ed746b0f4767b1869418c50e5e2e08ba6d1b447be12480a1af05ec98f28f404c2fee03efb276cf44170f150a21b6046411b6e772b1de3995cbe9b2ce9aee530323f65adc0d9606c7175d365953f8beb3629ff500edc3b783e3492cb9d29f668a0e7d66d95b6add4d101934fd394b70843c8e1c1bb84532bcf62b716853946d3df3bcb9cec40cb98b85062d1cb62dd20b8291ba7d598e1b0faaab6c7f111e59c78d6961b33ca358aa9dda30502d338c039bb704ad4ebf0b98347c47a32429b8f7f6ab1f7925c375a778faad36a6502d1e12243a11f1ba86eaa5167146ec6d4ab992920bf03baa8b24b31e7504fe8042ea2695e9f3bfa2cb27f779922ef23f37bec41e9ac5470b09a0b3304797eb6a208a902f497e6c1c76284a3fdc31"}) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f000079c000/0x18000)=nil, &(0x7f0000635000-0x18)=[@textreal={0x8, &(0x7f00004b0000)="baf80c66b88ad9018466efbafc0cedb800068ee866b9800000c00f326635000100000f300f01c9ba430066b86e60e0c766ef670f01cf9c660f6e9a00000fbc6800f0306201", 0x45}], 0x1, 0x74, &(0x7f0000afa000-0x20)=[@efer={0x3, 0x1000}, @efer={0x3, 0x9800}], 0x2) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 29.244079] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 29.244708] FSBase=00007f4c3a973700 GSBase=ffff88003fc00000 TRBase=ffff88003fc22cc0 [ 29.245782] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 29.247037] CR0=0000000080050033 CR3=000000003973c000 CR4=00000000000026f0 [ 29.247745] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 29.248500] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 29.249113] *** Control State *** [ 29.249496] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 29.250138] EntryControls=0001d1ff ExitControls=00afefff [ 29.250656] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 29.251313] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 29.251953] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 2017/08/11 21:15:14 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x0, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x5, 0x0, [{0x0, 0x0, 0x3f, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 29.254005] reason=80000021 qualification=0000000000000000 [ 29.254629] IDTVectoring: info=00000000 errcode=00000000 [ 29.255168] TSC Offset = 0xffffffe5962761e4 [ 29.255568] EPT pointer = 0x000000003d8ad01e [ 29.256060] Virtual processor ID = 0x06e1 2017/08/11 21:15:14 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x0, 0x30, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 29.280678] *** Guest State *** [ 29.280958] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 29.282976] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 29.284808] CR3 = 0x0000000000002000 [ 29.285302] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 29.285757] RFLAGS=0x00010002 DR7 = 0x0000000000000400 2017/08/11 21:15:14 executing program 4: mmap(&(0x7f0000000000/0xaf8000)=nil, 0xaf8000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aeb000)="2f6465762f6b766d00", 0x0, 0x0) mmap(&(0x7f0000af8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, &(0x7f0000683000-0x18)={0x0, 0x0, 0x0, &(0x7f0000af9000-0x8)=0x0}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f0000483000/0x1000)=nil, 0x1000, 0x0, 0x0, r1, 0x0) mmap(&(0x7f0000af9000/0x1000)=nil, 0x1000, 0x3, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000562000/0x2000)=nil, 0x2000, 0x0, 0x3a, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000888000/0x1000)=nil, 0x1000, 0x3, 0x1000000000032, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000afb000-0x48)={0x0, 0x0, [0x0, 0x1f, 0x80000000, 0x100000000, 0x0, 0x0, 0x0, 0x101]}) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000af8000)={0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x2, 0x0, 0x0, 0x3, 0x81, 0x5, 0x8, 0x1}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000ae7000-0x20)={0x0, 0x2, 0x0, 0x2000, &(0x7f00005b3000/0x2000)=nil}) mmap(&(0x7f00009d3000/0x4000)=nil, 0x4000, 0xc, 0x30, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00005b3000/0x18000)=nil, &(0x7f0000afa000)=[@text64={0x40, &(0x7f00000b0000-0x66)="c7442400d38f7c83c744240200000000c7442406000000000f01142466bad104edf30f1aad260000008f290892b000200000d9feda4800c7442400a7df0000c744240200000000c7442406000000000f0114246766440f38827f00a90300000066b805018ee0", 0x66}], 0x1, 0x54, &(0x7f0000ac7000)=[@dstype3={0x7, 0x6}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 29.291213] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 29.291999] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 2017/08/11 21:15:14 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:14 executing program 2: mmap(&(0x7f0000000000/0xae4000)=nil, 0xae4000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x2) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff}) mmap(&(0x7f0000ae4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@text32={0x20, &(0x7f0000ae5000-0x58)="f20f5dea640f01d7b9ec0a0000b8934b549cba000000000f300f090fc76b000f38c8a4300001c0fec744240000800000c74424027dd05742c7442406000000000f011c2466b8ab008ec066bad104b024ee64660f38820482", 0x58}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @flags={0x3, 0x4040}], 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_XSAVE(r2, 0x9000aea4, &(0x7f0000ae6000-0x400)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"}) [ 29.296034] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.296591] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 29.297621] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 2017/08/11 21:15:14 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x0, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x5, 0x0, [{0x0, 0x0, 0x0, 0x20, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 29.298965] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.299582] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.301529] GDTR: limit=0x00000004, base=0x0000000000000000 [ 29.302139] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 29.302938] IDTR: limit=0x00000000, base=0x0000000000000001 [ 29.303539] TR: sel=0x000a, attr=0x10000, limit=0x00000004, base=0x0000000000000000 [ 29.304399] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 29.304896] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 29.305683] BndCfgS = 0x0000000000000000 [ 29.305969] Interruptibility = 00000008 ActivityState = 00000000 [ 29.306536] *** Host State *** [ 29.306845] RIP = 0xffffffff811b6777 RSP = 0xffff8800535df4c8 [ 29.307393] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 29.307834] FSBase=00007f4c3a973700 GSBase=ffff88006e000000 TRBase=ffff88003fd22cc0 [ 29.308626] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 [ 29.309055] CR0=0000000080050033 CR3=000000003bbf1000 CR4=00000000000026e0 [ 29.309768] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 29.315710] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 29.316396] *** Control State *** [ 29.316639] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 29.318369] EntryControls=0001d1ff ExitControls=00afefff [ 29.318900] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 29.319546] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 29.321640] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 29.322341] reason=80000021 qualification=0000000000000000 [ 29.323214] IDTVectoring: info=00000000 errcode=00000000 2017/08/11 21:15:14 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 29.323700] TSC Offset = 0xffffffe586cb2592 [ 29.324794] EPT pointer = 0x0000000067b6f01e [ 29.325228] Virtual processor ID = 0x0713 2017/08/11 21:15:14 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x0, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x5, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x6, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x0, 0x0}, {0x2000, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 29.364393] *** Guest State *** [ 29.364719] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 29.365918] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 29.367424] CR3 = 0x0000000000002000 [ 29.367745] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 29.368305] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 29.368828] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 29.369433] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.370149] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.370739] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 29.371504] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 29.372050] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.372795] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.373509] GDTR: limit=0x00000004, base=0x0000000000000000 [ 29.374194] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000002000 [ 29.375075] IDTR: limit=0x00000000, base=0x0000000000000001 [ 29.375708] TR: sel=0x000a, attr=0x09059, limit=0x00000004, base=0x0000000000000000 [ 29.376241] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 29.376666] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 29.377170] BndCfgS = 0x0000000000000000 [ 29.377458] Interruptibility = 00000008 ActivityState = 00000000 [ 29.377866] *** Host State *** [ 29.378122] RIP = 0xffffffff811b6777 RSP = 0xffff88003a4c74c8 [ 29.378526] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 29.379022] FSBase=00007f4c3a973700 GSBase=ffff88003fc00000 TRBase=ffff88003fc22cc0 [ 29.379507] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 29.379888] CR0=0000000080050033 CR3=000000003bbc1000 CR4=00000000000026f0 [ 29.380361] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 29.380793] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 29.381198] *** Control State *** [ 29.381421] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 29.381899] EntryControls=0001d1ff ExitControls=00afefff [ 29.382268] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 29.382730] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 29.383175] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 29.383613] reason=80000021 qualification=0000000000000000 [ 29.384031] IDTVectoring: info=00000000 errcode=00000000 [ 29.384396] TSC Offset = 0xffffffe5764b3b6a [ 29.384707] EPT pointer = 0x000000003dce701e [ 29.385134] Virtual processor ID = 0x071a 2017/08/11 21:15:14 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 2: mmap(&(0x7f0000000000/0xae5000)=nil, 0xae5000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x2) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@text32={0x20, &(0x7f0000ae5000-0x58)="f20f5dea640f01d7b9ec0a0000b8934b549cba000000000f300f090fc76b000f38c8a4300001c0fec744240000800000c74424027dd05742c7442406000000000f011c2466b8ab008ec066bad104b024ee64660f38820482", 0x58}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @flags={0x3, 0x4040}], 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_XSAVE(r2, 0x9000aea4, &(0x7f0000ae6000-0x400)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"}) 2017/08/11 21:15:14 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x0, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x5, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x80000001, 0x8, 0x6, 0x7, 0x9, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:14 executing program 4: mmap(&(0x7f0000000000/0xaf8000)=nil, 0xaf8000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x4, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f00000ca000+0x1b9)={0x74, 0x0, [0x1, 0xb9c, 0x6, 0x6], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000ae8000-0x48)={0x70003, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff000000]}) ioctl$KVM_SET_XSAVE(r2, 0x5000aea5, &(0x7f00001c7000-0x400)={"857a6b28ea19a822f85c9c0b9c92389419b54e33c2ecc6889b129c1ccc27d95b563921f5a1484bbd1fa6c720aa8eb159b13b5f7b4a1d756cae613e3518108ce96617254ceeb63f4aef6b76f632bbadbc746f641544ef94d6b9336c98aea3b684e9433efce197f1cea3c46ca0219d90fe155a2fde52259ac9a2936bc7b4dacfea210427fb81b4fbae0827530b506079f7711d0b73515fd44ccf391a5e00ab0a461a0df035b4278fdce8806341e914dc275a6964b4c44a1d23ce87cbbe864b317f3aa67a781bd98d9c5cf4c6dc6b788da8f653f3f543c1de6a62198fdd0d5f95a5589927fd0022ff1963953462f97802b369d36313fea01bf46e7553f4ba5278ffc56582b3908fda73de8c32e7dde63d9d699336f984fa42761f781b0d0dd28ba3f159505c51a4843a537bd10779719db8cd6c2d13a16fcec69ebda2c357960da19ba4745100d9f014ea3f81273231ac8a68cfc8f64a08ba82451f391fb58b2c1d4af6834761905b7a571b3df0189706c9be94e196c4e889ec05c0e2be58ec7d0180ab1d95798ae5e73ebd56bbb527fe607428d63f46a22600bdd600cfe87b6672e7b3d3e1015125e5a08eec9439d7f30f8596216b47125a4b6b9b26c5a5e5ce2a42fa830686a341367241dc8bd1ff4aa0c244913c5b766f6edf846b4d13b5cdea8d912b54b0e9a68c90eb21dd8b96eab025595722bdfa9baf0dd2120a78c89ea9fd24c9d46ad85ce2f7bfd4bea9350b7be383669c4ad5e213a475bfac205edfa6a3088a5a043459db6d66a4cf91960932ee225da497b2e1928a11fcfee8946f6ab508af72c637881c063d1df8cf7c8b6f11f65e5b17242dc860278787a383fb3105d3f8b20ff32bb2dfe12bd5b1ee1f45d2992a45332819f78df4370a17f2f25d03e08983de0fa5a893cce08c4c09462f3de02667b2eff794487cf26fcc421165779a75c4f686ed156b33cd328b9538dbe14cc918d09527de180c279b38f05cdc53c492020239e0fe10d83b486335e4e38472d8d62b206ce3c9dd089065a0e96ca5ea3f13f157257796338fbbae8dad3f0798057db4843575c5ab49218996dc05bd158f0c4a4dd6832f7014fc1f54eff81361d88d1e87fb2b6ac27d5a09dbb546215dfc8175d7723f086a512b24ad07d5f997fdcd1ce29fbcf4fc44b22f273b61cc16205dc797cc4427bf74f576eb47d83d181bae13e22cf6925931d84a487c51d493a9eeeaf1980c54920f646ee12164c53bcd7dad526a4b2afaee38a83c92119f23f57beab8626d735efbb17bb4aac0ca30f32bf3add64466359038235aabe1d3b1312641a203e1d3caa424a078cd79343f90c0cdb0083335a55383beb7b283d164932aa92c107ffa56fd40333eb91a70355a57ea8c25e6bef3969434e136658fa10752611108aaa02099beb764005e947c2a86b51758e24e96037737140095"}) mbind(&(0x7f00007e6000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000af4000)=0x14001, 0x100000000, 0x4) eventfd2(0x0, 0x801) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, &(0x7f0000af3000)=0x10002) ioctl$KVM_GET_DEBUGREGS(r2, 0x8080aea1, &(0x7f000079d000-0x80)={[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_FPU(r2, 0x81a0ae8c, &(0x7f0000af5000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00008ba000/0x18000)=nil, &(0x7f000029f000)=[@text32={0x20, &(0x7f0000af7000-0x38)="0f38f1650166ba6100b800000000ef0f205d3e0f07f30f1ae40f320f090f0096090000000f00d0b93b0b0000b804000000ba000000000f30", 0x38}], 0x1, 0x0, &(0x7f00007bc000)=[], 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f00004b1000/0x18000)=nil, &(0x7f0000ae7000-0x18)=[@text16={0x10, &(0x7f0000af8000-0x52)="670f059d66b8b3ca00000f23c00f21f86635030000000f23f80f300f00153c76672e660f74c4baf80c66b8646e618766efbafc0cb06aee66b8005000000f23c80f21f866350c0010000f23f8b814000f00d8", 0x52}], 0x1, 0x0, &(0x7f0000aea000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0x1) 2017/08/11 21:15:14 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x7000, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:15 executing program 1: mmap(&(0x7f0000000000/0xaf8000)=nil, 0xaf8000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aeb000)="2f6465762f6b766d00", 0x0, 0x0) mmap(&(0x7f0000af8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000af8000)={0x0, 0xffffffffffffffff, 0x1}) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f0000683000-0x18)={0x0, 0x6, 0x0, &(0x7f0000af9000-0x8)=0x0}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_PIT(r2, 0xc048ae65, &(0x7f0000645000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) mmap(&(0x7f0000483000/0x1000)=nil, 0x1000, 0x2000008, 0x12, r2, 0x0) mmap(&(0x7f000013a000/0x2000)=nil, 0x2000, 0x2000002, 0x3e, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000676000/0x2000)=nil, 0x2000, 0x1, 0x72, r1, 0x0) mmap(&(0x7f0000af9000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000562000/0x2000)=nil, 0x2000, 0xffffffffffffffff, 0x3a, r1, 0x0) mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_MP_STATE(r3, 0x8004ae98, &(0x7f0000afb000-0x4)=0x0) mmap(&(0x7f0000036000/0xc000)=nil, 0xc000, 0x0, 0x1013, r2, 0xffffffffffffe7fe) mmap(&(0x7f0000888000/0x1000)=nil, 0x1000, 0x3, 0x1000000000032, 0xffffffffffffffff, 0x0) mmap(&(0x7f00004ca000/0x4000)=nil, 0x4000, 0x3, 0x30, r2, 0x0) mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r3, 0x4048ae9b, &(0x7f0000afb000-0x48)={0xf0003, 0x0, [0x67, 0x1f, 0x80000000, 0x100000000, 0x0, 0x0, 0x6, 0x101]}) mmap(&(0x7f0000af9000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af9000/0x1000)=nil, 0x1000, 0x0, 0x4030, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000af8000)={0x73, 0x100000001, 0x1, 0x0, 0x4, 0x337, 0x6, 0x8, 0x0, 0x8, 0x40, 0x2, 0x0, 0x0, 0x3, 0x81, 0x5, 0x8, 0x1}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000ae7000-0x20)={0x0, 0x2, 0x0, 0x2000, &(0x7f00005b3000/0x2000)=nil}) mmap(&(0x7f00009d3000/0x4000)=nil, 0x4000, 0xc, 0x30, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f00005b3000/0x18000)=nil, &(0x7f0000afa000)=[@text64={0x40, &(0x7f00000b0000-0x66)="c7442400d38f7c83c744240200000000c7442406000000000f01142466bad104edf30f1aad260000008f290892b000200000d9feda4800c7442400a7df0000c744240200000000c7442406000000000f0114246766440f38827f00a90300000066b805018ee0", 0x66}], 0x1, 0x54, &(0x7f0000ac7000)=[@dstype3={0x7, 0x6}], 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2017/08/11 21:15:15 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x0, 0x0}, {0x0, 0xf002, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:15 executing program 5: mmap(&(0x7f0000000000/0xaf4000)=nil, 0xaf4000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00002cc000)="2f6465762f6b766d00", 0x200040002cc000, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000acd000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text16={0x10, &(0x7f000039f000-0x5c)="0f01b10000440f20c0663505000000440f22c0440f20c00f20e06635000002000f22e0440f22c0baa00066edbad104b80500ef0f09baf80c66b81a465f8766efbafc0cb000eef20f2a51150f20c06635000000800f22c0a3e9e9f80c66b8aaed328266ef3e0f09b8394eef", 0x6b}], 0x1, 0x0, &(0x7f0000ace000)=[], 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000ae9000)={0x7b, 0x0, [0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000819000-0x10)={0x6, 0x8, 0x3, 0x4}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r1, 0xc008ae09, &(0x7f00009db000)="") mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af4000/0x1000)=nil, 0x1000, 0x1000000, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af5000/0x1000)=nil, 0x1000, 0x103, 0x36, r2, 0x4) ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000512000)={0x0, 0x8, 0xda, &(0x7f0000af5000)=0x0}) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_RUN(r3, 0xae80, 0x0) mmap(&(0x7f0000af6000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000af6000)={0x4, 0x0, [{0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}]}) ioctl$KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000af4000-0x78)={0x7, 0x0, [{0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}]}) mlock2(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x0) madvise(&(0x7f0000004000/0x9000)=nil, 0x9000, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000006000)={0x7, 0xffffffffffffffff, 0x0}) mmap(&(0x7f0000af7000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_GET_SMMU_INFO(r1, 0x8250aea6, &(0x7f0000af8000-0xec)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") mmap(&(0x7f0000af8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000af8000)={0x81, 0x0, [0x100000001, 0x1, 0x8122, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) 2017/08/11 21:15:15 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x0, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x4, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0xc0000007, 0x0, 0x9, 0x8, 0x4, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000a7d000)="2f6465762f6b766d00", 0x410000, 0x0) mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, r0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000101000)={0x4, r1, 0x1}) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f0000564000-0x20)={0x1, 0x0, [{0xc0000000, 0x1000, 0x8, 0xfffffffffffffffc, 0x100000001, 0x0}]}) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_FPU(r3, 0x81a0ae8c, &(0x7f0000aee000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r4, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b86f000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e955266767f2a50f20d835080000000f22d8650f070f01b102000000", 0x5e}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4068aea3, &(0x7f0000ae9000)={0x7b, 0x0, [0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00005dd000-0xc)={0x1, r4, 0x0}) ioctl$KVM_GET_TSC_KHZ(r5, 0xaea3) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000671000-0x400)={"acae0c68f161e1fec7eabc58f2168fc110596926f6b79c0991fbd10387ab435cc14dc187451869c14d59391d52397d059510a6d29b8f10498d480df16272370b00db6f4c2e8d32f974f8f9189baab5ccdfd1eac9ba7d63a000069c0a403eb2b99519db804bb01bb841b6d010d92076ab38c0323c49a6f25006522ef81e1196b6a90c0e0a077c189f02492bb7a2002ce511e2d9eb3eb8170c6b08559fb5d45943dfc6577536856b4cbc3358b06bd8c56426776c2f0a1352f6f949db772179b85d507136ee4feb4dd810b534447acd2aad8b7c3d04a94b80c63b9933c0ef42b0ce185217f12ceeab0520eaf98c32a9b3a443fbc309e6400ff14c0e028aecb56aeb41394f2e23d2abf7e9680b0615f33b02e4aee4e44b2b62da54b51ea5dd9ace3d525f8dfdaa6848157227f469066268b57fd98a0d1dd3a0b9e8faf0b0adf9de82673d1f7ac3fcfed5d59b02afe4241dc6f7a11b0984b1029a63c92002a80cf7eef467a619ab25df26d9fa9325b8e2a0430b6507dd20a1ce40730b5ee940d3de9463a8a89bd2a4f5a1d1b7f1b112e3f4d06e5e667693e98fc0e324b158538c82e6fa0aee41322af375bc2484258621ce53783d2f419541479f39e56ac677df6f6ed2ca3e1e80710adb72c976d4202600d0e7a0db3ec07e1a5ea9b995c1ae9362a8928373456dc7da855f9288007aed9639afe66234f9583ea08d34105fac374dbd3609ed83b94085bc4f78d7b5477913096d628c2eeceb8e508344a9ff511f80b5124d738c517e8dc5a93f357c648f92c8aa8c0dea183c5afbe363954e727d4caefa21758e95f43531dc75e208d96e4f64472a7a9f463ebb00fc38c02e4fdaaeca75030a0c6a65afca841f22121938cd08485d8d9cd1472f7021abfe1bd1fc3f6291cced4df58a621b99ac28b122bed973a5097a442ae2ee82eadea953234aeff4abddab9404c5e304b9dd3d4d02085861b7e5d3a8be96caf47b582ec46439db646d53bd7af1b0f9885609f544e6ee8aa72f050787c573c2112da1c295e5b7dda9dcf6abe3bbd91e1da7d47137c1db78748a6b6eb2fd84d3468eb5323dd5d33176ff065b99ba65a4fbd4e6e57b37729c7434a239f7960b377f052bf0f92f00d6647aa351db1a3ac39f05b78824cc7bcd0c3250521cd8d144c85edd0024be145dab1ac17e3ad9c4427ae6ddf0c7f7262190aabe2b5bcfa4e5823fdfffcfbd4459909e96589e71f236a469073ed6228add92785ae75537cc40037fa2c5ffade8751f68d65a3804195ca1981615047e39b1be3b1bda0b2196434b168a5dd6ab004040b0c5843e4028b8c31eed8d8e774111e696c6e63046076046ced9dfe559faf74dc95dff7fce9ebca4ef0f7ee7a7047de6c97431de1cbff16d94b5f33618c482ee4fd7a1d92cba1593c81e52d479da874b08436c3ecd4b990241592cc4c443c172"}) ioctl$KVM_SMI(r4, 0xaeb7) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_XCRS(r4, 0x4188aea7, &(0x7f0000aef000)={0x0, 0x0, []}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_GET_REGS(r4, 0x8090ae81, &(0x7f000061a000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SIGNAL_MSI(r5, 0x4020aea5, &(0x7f0000af0000-0x20)={0x10000, 0xf001, 0x1, 0x919, 0x2f0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) 2017/08/11 21:15:15 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xa, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 29.465574] *** Guest State *** [ 29.465846] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 29.467634] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 29.469230] CR3 = 0x0000000000002000 [ 29.469808] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 29.470228] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 29.470627] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 29.471922] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.472787] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 2017/08/11 21:15:15 executing program 2: mmap(&(0x7f0000000000/0xae5000)=nil, 0xae5000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x2) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@text32={0x20, &(0x7f0000ae5000-0x58)="f20f5dea640f01d7b9ec0a0000b8934b549cba000000000f300f090fc76b000f38c8a4300001c0fec744240000800000c74424027dd05742c7442406000000000f011c2466b8ab008ec066bad104b024ee64660f38820482", 0x58}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @flags={0x3, 0x4040}], 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 29.473371] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 29.474205] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 29.474762] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.475367] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.475926] GDTR: limit=0x00000004, base=0x0000000000000000 [ 29.476532] LDTR: sel=0x000f, attr=0x10000, limit=0x0000f002, base=0x0000000000000000 [ 29.477120] IDTR: limit=0x00000000, base=0x0000000000000001 [ 29.478998] TR: sel=0x000a, attr=0x09059, limit=0x00000004, base=0x0000000000000000 [ 29.479789] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 29.481773] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 29.483990] BndCfgS = 0x0000000000000000 [ 29.484509] Interruptibility = 00000008 ActivityState = 00000000 [ 29.487185] *** Host State *** [ 29.487718] RIP = 0xffffffff811b6777 RSP = 0xffff8800691ef4c8 [ 29.488501] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 29.491232] FSBase=00007f4c3a973700 GSBase=ffff88003fc00000 TRBase=ffff88003fc22cc0 [ 29.491827] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 29.492444] CR0=0000000080050033 CR3=00000000548f6000 CR4=00000000000026f0 [ 29.493027] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 29.493525] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 29.494059] *** Control State *** [ 29.494401] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 29.494875] EntryControls=0001d1ff ExitControls=00afefff [ 29.495278] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 29.495769] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 29.496487] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 29.497294] reason=80000021 qualification=0000000000000000 [ 29.497755] IDTVectoring: info=00000000 errcode=00000000 [ 29.498236] TSC Offset = 0xffffffe562b5bcf4 [ 29.498523] EPT pointer = 0x000000003cb1e01e 2017/08/11 21:15:15 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x4, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 29.498857] Virtual processor ID = 0x06f3 2017/08/11 21:15:15 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000af3000-0x4)=0x80) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:15 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x0, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x3, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x8000001d, 0x80000000, 0x1, 0x4, 0xff, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 29.516086] *** Guest State *** [ 29.516430] CR0: actual=0x0000000080000029, shadow=0x0000000080000009, gh_mask=fffffffffffffff7 [ 29.517304] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 29.518132] CR3 = 0x0000000000002000 [ 29.518459] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 29.519232] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 29.519806] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 2017/08/11 21:15:15 executing program 4: ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000037000-0xc)={0x6, 0xffffffffffffffff, 0x1}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000517000-0x18)={0x0, 0x6, 0x4, &(0x7f0000001000-0x8)=0x0}) mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, r1, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae7000-0x9)="2f6465762f6b766d00", 0x81, 0x0) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f000075a000)=0x0) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f0000aee000)={{0xf000, 0x4000, 0x0, 0x1017, 0x0, 0xbd, 0x6, 0x1000, 0x1, 0x6, 0x1, 0x9, 0x0}, {0x10000, 0x2000, 0x0, 0x7, 0x3, 0x9, 0x9, 0x7, 0x81, 0x8, 0x6, 0x80000001, 0x0}, {0x10d002, 0x4000, 0xa, 0x800, 0x80, 0xbb6, 0x1, 0xfb7, 0x9, 0x8, 0x1, 0x0, 0x0}, {0x0, 0x4000, 0x0, 0x0, 0x2, 0x7, 0x80000001, 0xfffffffffffffffe, 0x400, 0x3, 0x2, 0x401, 0x0}, {0x5000, 0x5001, 0xc, 0xffffffffffff0000, 0x56, 0x101, 0x5f4c, 0x4, 0x35, 0x17d1, 0x5, 0x9, 0x0}, {0x4000, 0x5000, 0xc, 0x9, 0x19, 0x8b, 0x0, 0x200, 0x7fff, 0x101, 0x5, 0x7c14e688, 0x0}, {0x1f000, 0x4000, 0xa, 0x800, 0xe30, 0x4, 0x3, 0x6, 0x0, 0xffffffffffff8001, 0x2, 0x90000000000, 0x0}, {0x5000, 0xf000, 0xd, 0x9, 0xffffffff, 0x8, 0x1000, 0xfffffffffffffff8, 0x3, 0xfe33, 0x3, 0xfffffffffffffffc, 0x0}, {0x4, 0x10000, [0x0, 0x0, 0x0]}, {0x1, 0x1000, [0x0, 0x0, 0x0]}, 0x80000000, 0x0, 0x100006, 0x10010, 0x5, 0x4000, 0x100000, [0xfff, 0x8, 0x485a, 0x6]}) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_GET_CLOCK(r0, 0x8030ae7c, &(0x7f000024d000-0x30)={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000241000/0x18000)=nil, &(0x7f0000777000)=[@textreal={0x8, &(0x7f0000ae8000-0x36)="e170705f058ec8f00fb11066b9e30800000732660ffdd7660f1239baf80c66b82204fb8566efba84fc0c0c9797ef394a00f30f3289bc0000", 0x38}], 0x1, 0x60, &(0x7f0000ae7000)=[], 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f000084e000)={0x8, 0x5}) ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f00004ae000-0x1c)={0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1, 0x2, 0x0}) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_DIRTY_TLB(r4, 0x4010aeaa, &(0x7f0000aef000-0x10)={0x7, 0x100}) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 29.526043] CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000 [ 29.526781] DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 29.527485] SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 29.528350] ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 29.529123] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 29.529961] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 29.530919] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 29.535855] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 29.537072] IDTR: limit=0x000001ff, base=0x0000000000003800 2017/08/11 21:15:15 executing program 1: mmap(&(0x7f0000000000/0x24000)=nil, 0x24000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000024000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000024000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f000000e000/0x4000)=nil, 0x4000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000024000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000025000-0x9)="2f6465762f6b766d00", 0x404, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000020000-0x13)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000000000/0xae9000)=nil, 0xae9000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x8000, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000ade000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_PPC_GET_PVINFO(r3, 0x4080aea1, &(0x7f000014b000)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") syz_kvm_setup_cpu$x86(r3, r4, &(0x7f00003b8000/0x18000)=nil, &(0x7f0000ad1000)=[@textreal={0x8, &(0x7f0000ae7000-0x37)="ba43000f20c0b8eecbeecbdfd200000f230f21f86635800000a00f23f865640f019809000fbf56020f35defedbe20fc79f00000f330fbaf601", 0x39}], 0x1, 0x0, &(0x7f0000ae4000)=[], 0x0) ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f000054d000-0x70)={[{0x6, 0x6118201, 0x25, 0x8000, 0xc611, 0x9, 0x8, 0x4, 0x6, 0x5, 0x20, 0x84, 0x3}, {0x1000000000000400, 0x2ab000, 0x500, 0xed5, 0xffffffff, 0x6, 0x40, 0x5, 0x312, 0x4, 0x4c8, 0x3f, 0x1}, {0x82f, 0x0, 0x80, 0x0, 0xe, 0x4, 0x7f, 0x4000000000000003, 0x1d, 0x0, 0x1a3b374d400, 0x100, 0x7}], 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000000000/0xaf0000)=nil, 0xaf0000, 0x0, 0x40012, r1, 0x9) openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x1ffffc, 0x0) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3) mmap(&(0x7f0000af0000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r6, &(0x7f00001fb000/0x18000)=nil, &(0x7f0000af0000)=[@text64={0x40, &(0x7f000022a000)="b9800000c0b98f0400000f3235008000000f3048b89e000000000000000f23d80f21f835c00000300f23f8662e64314d00400f9bf2f26cc740442400df0000000044240200000080c7442406000000040f011c246564f20f1bffc4e3bd78ca08430f01cfb9940000400f32", 0x6b}], 0x1, 0x0, &(0x7f0000230000)=[], 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f00002e0000-0x9)={0x0, 0x12000, 0x0}) ioctl$KVM_RUN(r6, 0xae80, 0x0) mmap(&(0x7f00002e9000/0x3000)=nil, 0x3000, 0x3, 0x2030, 0xffffffffffffffff, 0x7fffffffffc) mmap(&(0x7f0000af0000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000a97000/0x18000)=nil, &(0x7f00002d7000)=[@textreal={0x8, &(0x7f00000ba000-0x4c)="66b8e70000000f23c80f21f86635040000000f23f80f18ae050066b90d03000066b80d00000066ba000000000f30660f38311d2099d0f6da9c060064260f005800f26f0f01c83667360f01d1", 0x4c}], 0x1, 0x4, &(0x7f0000af0000)=[@cr0={0x0, 0x40028}], 0x1) mmap(&(0x7f0000063000/0x1000)=nil, 0x1000, 0x3, 0x2032, r1, 0x2) mmap(&(0x7f0000200000/0x2000)=nil, 0x2000, 0x3000005, 0x10, r2, 0x20) mbind(&(0x7f00007d8000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000af1000)=0x100000000, 0x801, 0x4) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r3, 0x8008ae9d, &(0x7f00004d7000-0xf8)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") mmap(&(0x7f0000ae9000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aea000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_DEV_IRQ(r5, 0x4040ae70, &(0x7f0000aeb000-0x10)={0x100000001, 0x200000, 0x800000c, 0x200000002}) [ 29.540765] TR: sel=0x000a, attr=0x090d9, limit=0x00000004, base=0x0000000000000000 [ 29.541721] EFER = 0x0000000000002001 PAT = 0x0007040600070406 2017/08/11 21:15:15 executing program 5: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_TSS_ADDR(r0, 0xae47, 0xd000) mmap(&(0x7f0000000000/0xafb000)=nil, 0xafb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_DEV_IRQ(r0, 0x4040ae70, &(0x7f0000afc000-0x10)={0x9, 0x8, 0x101, 0x400}) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000afb000-0x40)={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_S390_INTERRUPT(r0, 0x4010ae94, &(0x7f0000afb000)={0x2, 0x5, 0x8001}) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000a33000-0x28)={0xd, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_PIT(r2, 0xc048ae65, &(0x7f0000a3e000-0x70)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x11, r3, 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_PCI_DEVICE(r0, 0x8040ae69, &(0x7f0000afc000)={0x9, 0x7, 0x6, 0x1, 0xffffffffb7479c1f}) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000afb000)={0x0, 0x22}) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f00008ac000/0x18000)=nil, &(0x7f0000358000)=[@text16={0x10, &(0x7f000017d000)="0f01c90f01cb66f0821845650f06b84f008ee8b80b008ed00f01c9baf80c66b82c4bd28666efbafc0c66b80000000066efbaf80c66b893dd3f8066efbafc0cec0f09", 0x42}], 0x1, 0x5, &(0x7f0000015000)=[], 0x0) mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r1, &(0x7f0000604000/0x18000)=nil, &(0x7f0000add000)=[@text32={0x20, &(0x7f0000089000)="66ba200066ed0f0099d0330000300fe3c1c05050a2ea815cc5427595d94d3e0f236eb8cc4ab08f6fececbafc0ced0b013f640f01caf26e36643e0f224566ba4040b800000000ef", 0x47}], 0x1, 0xf, &(0x7f0000395000)=[@efer={0x3, 0xc00}], 0x1) mmap(&(0x7f0000000000/0xafe000)=nil, 0xafe000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r5, r6, &(0x7f00002d3000/0x18000)=nil, &(0x7f0000add000)=[@text64={0x40, &(0x7f0000150000)="660f388170fd4d0f5ae3c48191c44e00b5490f01f8662e36f3480f2a6093263626670faeb100000000c422599324ef4a0fa93649d9f82e0fc7690e", 0x3b}], 0x1, 0xf, &(0x7f0000ae9000)=[@efer={0x2, 0x401}, @cstype0={0x4, 0xe}], 0x2) ioctl$KVM_RUN(r6, 0xae80, 0x0) [ 29.543503] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 29.544772] BndCfgS = 0x0000000000000000 [ 29.545242] Interruptibility = 00000008 ActivityState = 00000000 [ 29.545967] *** Host State *** [ 29.547161] RIP = 0xffffffff811b6777 RSP = 0xffff88003b1574c8 [ 29.547759] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 29.548467] FSBase=00007f4c3a951700 GSBase=ffff88003fc00000 TRBase=ffff88003fc22cc0 [ 29.549187] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 29.549727] CR0=0000000080050033 CR3=00000000548f6000 CR4=00000000000026f0 [ 29.550373] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 29.550990] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 29.553078] *** Control State *** [ 29.553322] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 29.553989] EntryControls=0001d1ff ExitControls=00afefff [ 29.554433] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 29.558159] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 2017/08/11 21:15:15 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x1000, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:15 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x0, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x2, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0xd, 0x8, 0x8d47, 0x13bf, 0x1, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 29.562501] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 29.562954] reason=80000021 qualification=0000000000000000 [ 29.563785] IDTVectoring: info=00000000 errcode=00000000 [ 29.564354] TSC Offset = 0xffffffe562b5bcf4 [ 29.564724] EPT pointer = 0x000000003cb1e01e [ 29.565274] Virtual processor ID = 0x06f3 2017/08/11 21:15:15 executing program 2: mmap(&(0x7f0000000000/0xae5000)=nil, 0xae5000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x2) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:15 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x0, 0x0}, {0x2000, 0x0, 0xf, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 29.581365] kvm_hv_get_msr: 6923 callbacks suppressed [ 29.581967] kvm [6788]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008f [ 29.585057] kvm [6788]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008e [ 29.588560] kvm [6788]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008d [ 29.590941] kvm [6788]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008c [ 29.592955] kvm [6788]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008b 2017/08/11 21:15:15 executing program 4: ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000037000-0xc)={0x6, 0xffffffffffffffff, 0x1}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000517000-0x18)={0x0, 0x6, 0x4, &(0x7f0000001000-0x8)=0x0}) mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, r1, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae7000-0x9)="2f6465762f6b766d00", 0x81, 0x0) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f000075a000)=0x0) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f0000aee000)={{0xf000, 0x4000, 0x0, 0x1017, 0x0, 0xbd, 0x6, 0x1000, 0x1, 0x6, 0x1, 0x9, 0x0}, {0x10000, 0x2000, 0x0, 0x7, 0x3, 0x9, 0x9, 0x7, 0x81, 0x8, 0x6, 0x80000001, 0x0}, {0x10d002, 0x4000, 0xa, 0x800, 0x80, 0xbb6, 0x1, 0xfb7, 0x9, 0x8, 0x1, 0x0, 0x0}, {0x0, 0x4000, 0x0, 0x0, 0x2, 0x7, 0x80000001, 0xfffffffffffffffe, 0x400, 0x3, 0x2, 0x401, 0x0}, {0x5000, 0x5001, 0xc, 0xffffffffffff0000, 0x56, 0x101, 0x5f4c, 0x4, 0x35, 0x17d1, 0x5, 0x9, 0x0}, {0x4000, 0x5000, 0xc, 0x9, 0x19, 0x8b, 0x0, 0x200, 0x7fff, 0x101, 0x5, 0x7c14e688, 0x0}, {0x1f000, 0x4000, 0xa, 0x800, 0xe30, 0x4, 0x3, 0x6, 0x0, 0xffffffffffff8001, 0x2, 0x90000000000, 0x0}, {0x5000, 0xf000, 0xd, 0x9, 0xffffffff, 0x8, 0x1000, 0xfffffffffffffff8, 0x3, 0xfe33, 0x3, 0xfffffffffffffffc, 0x0}, {0x4, 0x10000, [0x0, 0x0, 0x0]}, {0x1, 0x1000, [0x0, 0x0, 0x0]}, 0x80000000, 0x0, 0x100006, 0x10010, 0x5, 0x4000, 0x100000, [0xfff, 0x8, 0x485a, 0x6]}) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_GET_CLOCK(r0, 0x8030ae7c, &(0x7f000024d000-0x30)={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000241000/0x18000)=nil, &(0x7f0000777000)=[@textreal={0x8, &(0x7f0000ae8000-0x36)="e170705f058ec8f00fb11066b9e30800000732660ffdd7660f1239baf80c66b82204fb8566efba84fc0c0c9797ef394a00f30f3289bc0000", 0x38}], 0x1, 0x60, &(0x7f0000ae7000)=[], 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f000084e000)={0x8, 0x5}) ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f00004ae000-0x1c)={0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1, 0x2, 0x0}) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_DIRTY_TLB(r4, 0x4010aeaa, &(0x7f0000aef000-0x10)={0x7, 0x100}) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 29.595886] kvm [6788]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008a [ 29.597964] kvm [6788]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x40000089 [ 29.598832] kvm [6788]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x40000088 [ 29.601915] kvm [6788]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x40000087 [ 29.602800] kvm [6788]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x40000086 [ 29.610376] kvm_hv_set_msr: 499 callbacks suppressed [ 29.610766] kvm [6788]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000023 data 0x66c900003b9a1043 2017/08/11 21:15:15 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x0, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x1, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x0}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 29.618220] *** Guest State *** [ 29.618224] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 2017/08/11 21:15:15 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 29.618227] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 29.618229] CR3 = 0x0000000000002000 [ 29.618231] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 29.618233] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 29.618236] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 29.618239] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.618243] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.618248] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 29.618251] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 29.618255] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.618259] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.618262] GDTR: limit=0x00000004, base=0x0000000000000000 [ 29.618266] LDTR: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000002000 [ 29.618269] IDTR: limit=0x00000000, base=0x0000000000000001 [ 29.618273] TR: sel=0x000a, attr=0x09059, limit=0x00000004, base=0x0000000000000000 [ 29.618276] EFER = 0x0000000000002001 PAT = 0x0007040600070406 2017/08/11 21:15:15 executing program 5: ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000714000)={0x1, 0xffffffffffffff9c, 0x0}) mmap(&(0x7f0000000000/0xafa000)=nil, 0xafa000, 0x3, 0x32, r0, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffff9c, 0xae41, 0x0) ioctl$KVM_GET_TSC_KHZ(r0, 0xaea3) ioctl$KVM_SET_SIGNAL_MASK(r1, 0x4004ae8b, &(0x7f00007a1000-0x1004)={0x0, ""}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f0000404000)=@pic={0x3, 0xfffffffffffffc01, 0x48, 0x6, 0x4, 0x8, 0x8, 0x1, 0x80000000, 0x100, 0x9, 0x7, 0x1, 0x400, 0x593c, 0x1}) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000274000/0x18000)=nil, &(0x7f0000adf000)=[@text64={0x40, &(0x7f000099d000-0x64)="b6c3f8e788595d2a1ba31779d22e2453ab6fe204d8cb17bc3c4ab8e3e0483b9931418b5c1612cb68cb1f08acd253883205213823efd610026d3b892f9ecf43c837882ddb41cb3a22a62644cc9081d865b5c7d6d371bfbc1b7da5ab28911fcb5667d0b08b", 0x64}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_S390_INTERRUPT_CPU(r1, 0x4010ae94, &(0x7f0000af7000)={0x7fff, 0x2, 0x401}) mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r0, 0x4008ae48, &(0x7f0000afa000)=0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00005b6000-0xc)={0x4, r1, 0x1}) ioctl$KVM_GET_SREGS(r1, 0x8138ae83, &(0x7f00003e2000-0x138)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}) mremap(&(0x7f0000294000/0x2000)=nil, 0x2000, 0x4000, 0x2, &(0x7f00002da000/0x4000)=nil) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_SET_BOOT_CPU_ID(r4, 0xae78, &(0x7f0000751000-0x8)=0x2) ioctl$KVM_GET_PIT(r3, 0xc048ae65, &(0x7f000041a000-0x70)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f0000a69000)=0x3) ioctl$KVM_DEASSIGN_DEV_IRQ(r4, 0x4040ae75, &(0x7f00004b9000)={0xfffffffffffffffa, 0x7474c420, 0x80000000000, 0x1}) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000af8000)={0xa3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) ioctl$KVM_GET_LAPIC(r5, 0x8400ae8e, &(0x7f0000afa000-0x400)={"7b27d3b64a87e6025ecc0555dfc410dd938e993293cc09c27d286292559242c198873530f3c60f18ef51c5613edf4323f8c02f69d0fca2266076a7e7824d9c854de7052a853a2df7169f57b8d24b07462d8c98a9965a75e5072e7c97121fc3561ff57df693eb84143554a2274744dc0bb19d4aa4d9da2fb6fa49f5b30c909603304c6dc3b28e75bbcbaa615b98ffdfa9873e1096ad1dbe1a7e4fae37da09dd5590f92b6dd95b56d37f82c247d6984325f2099b25022eda8cb94c836f181c2b9e9adbe70ae00a0a938585cf20ee10c690446248cf1c6dc8691e1fbe78fc350b36339027f9cbaa7428a665cbf6d32770ba755c5aa04961ce450df4462516f93f56e7d9e97f4cb8ff0db7a861b51d7f5fc737d5dfa7de9648dc5bd0a4a92184ca87a4c29d8580dd5783946c7466da4c8750656d511a02060a91e1f80c697f07d7788081f68024b137abd634761f0c7765265877a1c1f71f2a1d6c98461cd4fdbbf33b141c45d35c51068e3dfac09c29275a3bd0a2e762b46561ddb7efc58bffaa72096a7577d17c8fd7aeb37f46ea59e1c866fc6dbeefad42d4125dd50f76c4aac46c3c9fe58e7cf6814df077d657720ee9dd91de440202d25e6274b0894319d72d76476eb493609942cc024ebee82dbeaff4d7315ffeb0439c0555ee95381c871f1d710c4f5c29fc917649c7a5279707f964d373d3982f7030b3876d7ecbf018181bde61e3db5ab8655bca7dafbd1334be07492318ecc65687c6e5d90797a614f1afef96f4d68ce2cd053e87ad3df58641776dbe64093d32f69fe67ae8a97a88ddf1d03bdbc0d70ec4fe0da6fcec1a8079aaedf03abcac161caa036d06a765e4e14e2b2deb48dd2289e972ed26e1e4da4e81d446af11dd1fcf2ff1cf5052dfeac0e1710195ad72cc55b3a2182da4ce23a33238d3457374a3f04d569b019486de2faf6b26f3f91da458736916a85b7d0ad85104e635400462feafca888af61bc82dde5a877230871607b3059bf8ce202488cac0ec478ec316948bc2b55a4e7f30effc619be3ed746b0f4767b1869418c50e5e2e08ba6d1b447be12480a1af05ec98f28f404c2fee03efb276cf44170f150a21b6046411b6e772b1de3995cbe9b2ce9aee530323f65adc0d9606c7175d365953f8beb3629ff500edc3b783e3492cb9d29f668a0e7d66d95b6add4d101934fd394b70843c8e1c1bb84532bcf62b716853946d3df3bcb9cec40cb98b85062d1cb62dd20b8291ba7d598e1b0faaab6c7f111e59c78d6961b33ca358aa9dda30502d338c039bb704ad4ebf0b98347c47a32429b8f7f6ab1f7925c375a778faad36a6502d1e12243a11f1ba86eaa5167146ec6d4ab992920bf03baa8b24b31e7504fe8042ea2695e9f3bfa2cb27f779922ef23f37bec41e9ac5470b09a0b3304797eb6a208a902f497e6c1c76284a3fdc31"}) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f000079c000/0x18000)=nil, &(0x7f0000635000-0x18)=[@textreal={0x8, &(0x7f00004b0000)="baf80c66b88ad9018466efbafc0cedb800068ee866b9800000c00f326635000100000f300f01c9ba430066b86e60e0c766ef670f01cf9c660f6e9a00000fbc6800f0306201", 0x45}], 0x1, 0x74, &(0x7f0000afa000-0x20)=[@efer={0x3, 0x1000}, @efer={0x3, 0x9800}], 0x2) mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f0000afa000)={{0x4000, 0xd001, 0xd, 0x9, 0x7, 0x7, 0x100000000, 0x3, 0x100000001, 0xffffffff, 0xb9, 0xfffffffffffffff9, 0x0}, {0xd000, 0x3000, 0x0, 0x79, 0x6, 0x1ff, 0xc78, 0x4, 0x2, 0x40, 0x9, 0x8, 0x0}, {0x5, 0x1, 0x1c, 0x6e66, 0x10001, 0xff, 0x3f, 0x7, 0x1, 0xa44, 0xfff, 0x8, 0x0}, {0x3000, 0xd000, 0xf, 0xea0f, 0xff, 0x20000, 0x0, 0x4, 0x100000000, 0xff, 0x20, 0x1, 0x0}, {0x1000, 0x2000, 0xf, 0xedc, 0x20, 0xffffffffffffff7f, 0x80000000, 0x6, 0x401, 0x6120, 0xffffffffffffffeb, 0x6, 0x0}, {0x1, 0xd005, 0xd, 0x7, 0x3, 0x779, 0xffffffffffffffff, 0xf0, 0x1, 0x1, 0x3, 0x9, 0x0}, {0xf000, 0x1000, 0x1f, 0x100, 0x6, 0x0, 0xfffffffffffff001, 0x3, 0xffffffffffffffff, 0xfff, 0x6, 0x1, 0x0}, {0x2000, 0x7005, 0xb, 0x337c000000000, 0x8, 0x7fffffff, 0x8, 0x10000, 0x3, 0x39d, 0x400, 0x401, 0x0}, {0x10000, 0xf000, [0x0, 0x0, 0x0]}, {0x1000, 0x5000, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x100000, 0x4, 0x2, 0x2000, 0x4000, [0x5, 0x2, 0x1, 0x10000]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 29.618278] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 29.618280] BndCfgS = 0x0000000000000000 [ 29.618282] Interruptibility = 00000008 ActivityState = 00000000 [ 29.618284] *** Host State *** [ 29.618286] RIP = 0xffffffff811b6777 RSP = 0xffff880038fa74c8 [ 29.618291] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 29.618294] FSBase=00007f4c3a973700 GSBase=ffff88003fc00000 TRBase=ffff88003fc22cc0 [ 29.618297] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 29.618300] CR0=0000000080050033 CR3=0000000053402000 CR4=00000000000026f0 [ 29.618304] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 29.618306] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 29.618308] *** Control State *** [ 29.618310] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 29.618312] EntryControls=0001d1ff ExitControls=00afefff [ 29.618315] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 2017/08/11 21:15:15 executing program 2: mmap(&(0x7f0000000000/0xae5000)=nil, 0xae5000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x2) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@text32={0x20, &(0x7f0000ae5000-0x58)="f20f5dea640f01d7b9ec0a0000b8934b549cba000000000f300f090fc76b000f38c8a4300001c0fec744240000800000c74424027dd05742c7442406000000000f011c2466b8ab008ec066bad104b024ee64660f38820482", 0x58}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @flags={0x3, 0x4040}], 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 29.618317] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 29.618319] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 29.618321] reason=80000021 qualification=0000000000000000 [ 29.618322] IDTVectoring: info=00000000 errcode=00000000 [ 29.618324] TSC Offset = 0xffffffe544d02cc8 [ 29.618326] EPT pointer = 0x000000003e25b01e [ 29.618328] Virtual processor ID = 0x0758 [ 29.641375] *** Guest State *** [ 29.641379] CR0: actual=0x0000000080000029, shadow=0x0000000080000009, gh_mask=fffffffffffffff7 [ 29.641382] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 29.641383] CR3 = 0x0000000000002000 [ 29.641385] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 29.641387] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 29.641391] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 29.641394] CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000 [ 29.641398] DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 2017/08/11 21:15:15 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x0, 0x0}, {0x2000, 0x0, 0x0, 0x6, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 29.641402] SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 29.641406] ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 29.641411] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 29.641417] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 29.641420] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 29.641440] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 29.641443] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 29.641449] TR: sel=0x000a, attr=0x090d9, limit=0x00000004, base=0x0000000000000000 [ 29.641456] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 29.641477] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 29.641480] BndCfgS = 0x0000000000000000 2017/08/11 21:15:15 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 29.641483] Interruptibility = 00000008 ActivityState = 00000000 [ 29.641485] *** Host State *** [ 29.641490] RIP = 0xffffffff811b6777 RSP = 0xffff880038fa74c8 [ 29.641498] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 29.641502] FSBase=00007f4c3a973700 GSBase=ffff88003fc00000 TRBase=ffff88003fc22cc0 [ 29.641507] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 29.641512] CR0=0000000080050033 CR3=0000000053402000 CR4=00000000000026f0 [ 29.641518] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 29.641523] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 29.641524] *** Control State *** [ 29.641528] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 29.641531] EntryControls=0001d1ff ExitControls=00afefff [ 29.641536] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 29.641540] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 29.641543] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 29.641546] reason=80000021 qualification=0000000000000000 [ 29.641549] IDTVectoring: info=00000000 errcode=00000000 [ 29.641551] TSC Offset = 0xffffffe544d02cc8 [ 29.641555] EPT pointer = 0x000000003e25b01e [ 29.641558] Virtual processor ID = 0x0758 2017/08/11 21:15:15 executing program 6: mmap(&(0x7f0000000000/0xb01000)=nil, 0xb01000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000274000/0x18000)=nil, &(0x7f0000afa000)=[@text16={0x10, &(0x7f0000afc000)="f2640f05ba4300ecbaf80c66b888b6318166efbafc0c66ed66b80500000066b9840000000f01d9ba4200b88000efbaf80c66b8253cac8766efbafc0cb0feee0f45f4b8e2008ed867360fc72c6e656736866800", 0x53}], 0x1, 0x0, &(0x7f0000aeb000+0x7dc)=[], 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000084d000-0xb0)={0x1, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x0}]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 2017/08/11 21:15:15 executing program 1: mmap(&(0x7f0000000000/0xe98000)=nil, 0xe98000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000017000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000da8000-0x8)={0x1f, 0x0}) r2 = eventfd2(0xedf, 0x800) write$eventfd(r2, &(0x7f000013b000)=0xfffffffffffff5e7, 0x8) r3 = eventfd2(0x0, 0x0) eventfd2(0x0, 0x0) mmap(&(0x7f0000e98000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000e99000-0x20)={r3, 0xb, 0x200000000000002, r3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000565000)="2f6465762f6b766d00", 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = eventfd2(0x1000000000203, 0x0) r7 = eventfd2(0x9, 0x80000) ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f0000026000-0x20)={r6, 0x0, 0x2, r7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f0000e97000-0x20)={r6, 0x2000000002, 0x2, r2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) 2017/08/11 21:15:15 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 29.695441] *** Guest State *** [ 29.696930] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 29.698496] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 29.700433] CR3 = 0x0000000000002000 [ 29.700860] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 29.701944] RFLAGS=0x00010002 DR7 = 0x0000000000000400 2017/08/11 21:15:15 executing program 4: ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000037000-0xc)={0x6, 0xffffffffffffffff, 0x1}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000517000-0x18)={0x0, 0x6, 0x4, &(0x7f0000001000-0x8)=0x0}) mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, r1, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae7000-0x9)="2f6465762f6b766d00", 0x81, 0x0) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f000075a000)=0x0) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f0000aee000)={{0xf000, 0x4000, 0x0, 0x1017, 0x0, 0xbd, 0x6, 0x1000, 0x1, 0x6, 0x1, 0x9, 0x0}, {0x10000, 0x2000, 0x0, 0x7, 0x3, 0x9, 0x9, 0x7, 0x81, 0x8, 0x6, 0x80000001, 0x0}, {0x10d002, 0x4000, 0xa, 0x800, 0x80, 0xbb6, 0x1, 0xfb7, 0x9, 0x8, 0x1, 0x0, 0x0}, {0x0, 0x4000, 0x0, 0x0, 0x2, 0x7, 0x80000001, 0xfffffffffffffffe, 0x400, 0x3, 0x2, 0x401, 0x0}, {0x5000, 0x5001, 0xc, 0xffffffffffff0000, 0x56, 0x101, 0x5f4c, 0x4, 0x35, 0x17d1, 0x5, 0x9, 0x0}, {0x4000, 0x5000, 0xc, 0x9, 0x19, 0x8b, 0x0, 0x200, 0x7fff, 0x101, 0x5, 0x7c14e688, 0x0}, {0x1f000, 0x4000, 0xa, 0x800, 0xe30, 0x4, 0x3, 0x6, 0x0, 0xffffffffffff8001, 0x2, 0x90000000000, 0x0}, {0x5000, 0xf000, 0xd, 0x9, 0xffffffff, 0x8, 0x1000, 0xfffffffffffffff8, 0x3, 0xfe33, 0x3, 0xfffffffffffffffc, 0x0}, {0x4, 0x10000, [0x0, 0x0, 0x0]}, {0x1, 0x1000, [0x0, 0x0, 0x0]}, 0x80000000, 0x0, 0x100006, 0x10010, 0x5, 0x4000, 0x100000, [0xfff, 0x8, 0x485a, 0x6]}) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_GET_CLOCK(r0, 0x8030ae7c, &(0x7f000024d000-0x30)={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000241000/0x18000)=nil, &(0x7f0000777000)=[@textreal={0x8, &(0x7f0000ae8000-0x36)="e170705f058ec8f00fb11066b9e30800000732660ffdd7660f1239baf80c66b82204fb8566efba84fc0c0c9797ef394a00f30f3289bc0000", 0x38}], 0x1, 0x60, &(0x7f0000ae7000)=[], 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f000084e000)={0x8, 0x5}) ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f00004ae000-0x1c)={0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1, 0x2, 0x0}) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_DIRTY_TLB(r4, 0x4010aeaa, &(0x7f0000aef000-0x10)={0x7, 0x100}) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 29.702581] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 29.703475] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.704292] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.705155] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 29.705955] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 29.706822] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.707669] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.708521] GDTR: limit=0x00000004, base=0x0000000000000000 [ 29.709349] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000002000 [ 29.710285] IDTR: limit=0x00000000, base=0x0000000000000001 [ 29.711133] TR: sel=0x000a, attr=0x09059, limit=0x00000004, base=0x0000000000000000 [ 29.712080] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 29.712711] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 29.713450] BndCfgS = 0x0000000000000000 [ 29.714124] Interruptibility = 00000008 ActivityState = 00000000 [ 29.714906] *** Host State *** [ 29.715539] RIP = 0xffffffff811b6777 RSP = 0xffff8800522274c8 [ 29.716178] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 29.716847] FSBase=00007f4c3a973700 GSBase=ffff88006e000000 TRBase=ffff88006e022cc0 [ 29.717729] GDTBase=ffffffffff575000 IDTBase=ffffffffff57b000 [ 29.718328] CR0=0000000080050033 CR3=000000006ced3000 CR4=00000000000026e0 [ 29.719074] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 29.719731] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 29.720392] *** Control State *** [ 29.720729] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 29.721405] EntryControls=0001d1ff ExitControls=00afefff [ 29.722005] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 29.722728] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 29.723411] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 2017/08/11 21:15:15 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 29.724042] reason=80000021 qualification=0000000000000000 [ 29.724864] IDTVectoring: info=00000000 errcode=00000000 [ 29.725447] TSC Offset = 0xffffffe5337ec18c [ 29.725885] EPT pointer = 0x0000000067d8601e [ 29.726363] Virtual processor ID = 0x0754 2017/08/11 21:15:15 executing program 2: mmap(&(0x7f0000000000/0xae5000)=nil, 0xae5000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@text32={0x20, &(0x7f0000ae5000-0x58)="f20f5dea640f01d7b9ec0a0000b8934b549cba000000000f300f090fc76b000f38c8a4300001c0fec744240000800000c74424027dd05742c7442406000000000f011c2466b8ab008ec066bad104b024ee64660f38820482", 0x58}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @flags={0x3, 0x4040}], 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:15 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x0, 0x0}, {0x2000, 0x0, 0xf, 0x0, 0x9, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 29.750567] kvm [6859]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000023 data 0x66c900003b9a1043 [ 29.752214] kvm [6859]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000022 data 0x66c90000cb211043 2017/08/11 21:15:15 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 29.753308] kvm_hv_set_msr_pw: 38 callbacks suppressed [ 29.753757] kvm [6859]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000020 data 0x66c9000000081043 2017/08/11 21:15:15 executing program 6: mmap(&(0x7f0000000000/0xaf7000)=nil, 0xaf7000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000017000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000af7000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f000033e000-0x18)={0x0, 0x2, 0x6, &(0x7f0000af7000)=0x0}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000769000-0xc)={0x6, r1, 0x0}) mmap(&(0x7f0000af8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_SREGS(r2, 0x8138ae83, &(0x7f0000af9000-0x138)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}) r3 = eventfd2(0x0, 0x0) r4 = eventfd2(0x0, 0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000026000-0x20)={r3, 0x0, 0x2, r4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_S390_INTERRUPT_CPU(r2, 0x4010ae94, &(0x7f0000451000-0x10)={0x1f, 0x1, 0x401}) r5 = eventfd2(0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r6 = eventfd2(0x0, 0x0) mmap(&(0x7f0000af8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_PCI_DEVICE(r1, 0x8040ae69, &(0x7f0000af8000)={0x5, 0x401, 0x7, 0x1, 0x7}) mmap(&(0x7f0000af7000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000587000-0x20)={0x6001, &(0x7f0000af7000)=0x0, 0x0, r5, 0x4}) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00003a8000-0x20)={r4, 0x5, 0x2, r6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000017000)={r5, 0x0, 0x2, r6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) [ 29.755937] *** Guest State *** [ 29.756408] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 29.757045] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 29.757783] CR3 = 0x0000000000002000 [ 29.759502] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 29.759946] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 29.760405] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 29.760878] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.761470] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.762548] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 29.765335] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 29.765894] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.766481] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.767037] GDTR: limit=0x00000004, base=0x0000000000000000 [ 29.768962] LDTR: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000002000 [ 29.769537] IDTR: limit=0x00000000, base=0x0000000000000001 [ 29.770272] TR: sel=0x000a, attr=0x09059, limit=0x00000004, base=0x0000000000000000 2017/08/11 21:15:15 executing program 1: mmap(&(0x7f0000000000/0x28000)=nil, 0x28000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) mmap(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_CPUID2(r0, 0x4008ae90, &(0x7f0000028000)={0x9, 0x0, [{0xc000000d, 0x1ff, 0x0, 0x4, 0x9, 0x897, 0x7fffffff, [0x0, 0x0, 0x0]}, {0xa, 0x200, 0x2, 0xd0, 0x4375, 0x7ff, 0x9, [0x0, 0x0, 0x0]}, {0xc0000001, 0x9, 0x4, 0x6, 0x0, 0x0, 0x9, [0x0, 0x0, 0x0]}, {0xc0000001, 0x7fff, 0x0, 0x8, 0x1, 0x10000, 0x80, [0x0, 0x0, 0x0]}, {0xc0000001, 0x800, 0x0, 0x8000, 0x86, 0x8, 0x7f, [0x0, 0x0, 0x0]}, {0x80000007, 0xa485, 0x4, 0xffffffffffffff00, 0x8, 0xea, 0x8, [0x0, 0x0, 0x0]}, {0xc0000000, 0x844, 0x2, 0x9, 0xb0, 0x9, 0x7, [0x0, 0x0, 0x0]}, {0x40000001, 0x0, 0x2, 0x0, 0x0, 0x7f, 0x7fffffff, [0x0, 0x0, 0x0]}, {0xc000000f, 0xd21, 0x2, 0x0, 0x401, 0x8, 0x5, [0x0, 0x0, 0x0]}]}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000017000)="2f6465762f6b766d00", 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mmap(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f000001e000)={0x3, r1, 0x0}) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000016000-0x10)={0xffffffff, 0x7}) mmap(&(0x7f0000029000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f000000f000)=0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) mmap(&(0x7f000002a000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_GET_PVINFO(r3, 0x4080aea1, &(0x7f000002b000-0x5e)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x201) mmap(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000029000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f000002a000-0x8)={0x0, 0x0, []}) mmap(&(0x7f0000029000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_DEV_IRQ(r2, 0x4040ae70, &(0x7f000002a000-0x10)={0x6, 0x5, 0x3, 0x100}) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f0000017000)={{0x0, 0x6000, 0x0, 0x0, 0x0, 0x6000000000000000, 0x0, 0x0, 0x1, 0x1f, 0x0, 0x0, 0x0}, {0x3, 0xf000, 0x0, 0x2, 0x100000001, 0x2, 0x1f, 0x10000, 0x2, 0x8, 0x120000000, 0x2, 0x0}, {0x0, 0x6000, 0xe, 0x8, 0x4, 0x400, 0x800, 0x1f, 0x4, 0xfffffffffffffffc, 0x289, 0x2, 0x0}, {0x4000, 0x4, 0xe, 0x5, 0x20, 0x0, 0x3, 0x80000000, 0x4, 0x7, 0x1, 0xfffffffffffffffd, 0x0}, {0x4, 0x4000, 0xf, 0x3, 0x9f99, 0x1, 0x6d0, 0xfffffffffffffffe, 0x80, 0x9, 0x5, 0x400, 0x0}, {0x4000, 0x1f000, 0xb, 0x7fffffff, 0x3, 0x4, 0x7, 0x5, 0x100000001, 0x9, 0xff, 0x5, 0x0}, {0xd001, 0x5000, 0x0, 0x100000000, 0x101, 0x6, 0x200, 0x7, 0x3, 0xfffffffffffffc00, 0x5, 0x4, 0x0}, {0xf000, 0x3000, 0x0, 0x0, 0xf87b, 0x5, 0x8, 0xff, 0x4, 0x40, 0x4, 0x106, 0x0}, {0x1, 0x2, [0x0, 0x0, 0x0]}, {0x6000, 0x5000, [0x0, 0x0, 0x0]}, 0x4, 0x0, 0x0, 0x2000, 0x6, 0x8000, 0x2, [0x5, 0x100, 0x4, 0x8]}) syz_kvm_setup_cpu$x86(r2, r4, &(0x7f000000f000/0x18000)=nil, &(0x7f0000029000-0x18)=[@text16={0x10, &(0x7f000000d000)="0f06ba4200ec66b8e90000000f23d80f21f86635000000400f23f866b8008000000f23d00f21f866352000000d0f23f86766c74424002f9f9ae46766c7442402480000006766c744240600000000670f011c240fc76a2a66b98508000066b80078000066ba000000000f300f07b861000f00d866b9800000c00f326635008000000f30", 0x83}], 0x1, 0x37, &(0x7f0000009000-0x20)=[@cr0={0x0, 0x40040001}, @dstype3={0x7, 0x1}], 0x2) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f0000011000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x105002, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0}, {0x4, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34b582ec71cdec64, [0x4, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_NR_MMU_PAGES(r2, 0xae45, 0x2) 2017/08/11 21:15:15 executing program 4: ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000037000-0xc)={0x6, 0xffffffffffffffff, 0x1}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000517000-0x18)={0x0, 0x6, 0x4, &(0x7f0000001000-0x8)=0x0}) mmap(&(0x7f0000000000/0xaee000)=nil, 0xaee000, 0x3, 0x32, r1, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae7000-0x9)="2f6465762f6b766d00", 0x81, 0x0) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f000075a000)=0x0) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f0000aee000)={{0xf000, 0x4000, 0x0, 0x1017, 0x0, 0xbd, 0x6, 0x1000, 0x1, 0x6, 0x1, 0x9, 0x0}, {0x10000, 0x2000, 0x0, 0x7, 0x3, 0x9, 0x9, 0x7, 0x81, 0x8, 0x6, 0x80000001, 0x0}, {0x10d002, 0x4000, 0xa, 0x800, 0x80, 0xbb6, 0x1, 0xfb7, 0x9, 0x8, 0x1, 0x0, 0x0}, {0x0, 0x4000, 0x0, 0x0, 0x2, 0x7, 0x80000001, 0xfffffffffffffffe, 0x400, 0x3, 0x2, 0x401, 0x0}, {0x5000, 0x5001, 0xc, 0xffffffffffff0000, 0x56, 0x101, 0x5f4c, 0x4, 0x35, 0x17d1, 0x5, 0x9, 0x0}, {0x4000, 0x5000, 0xc, 0x9, 0x19, 0x8b, 0x0, 0x200, 0x7fff, 0x101, 0x5, 0x7c14e688, 0x0}, {0x1f000, 0x4000, 0xa, 0x800, 0xe30, 0x4, 0x3, 0x6, 0x0, 0xffffffffffff8001, 0x2, 0x90000000000, 0x0}, {0x5000, 0xf000, 0xd, 0x9, 0xffffffff, 0x8, 0x1000, 0xfffffffffffffff8, 0x3, 0xfe33, 0x3, 0xfffffffffffffffc, 0x0}, {0x4, 0x10000, [0x0, 0x0, 0x0]}, {0x1, 0x1000, [0x0, 0x0, 0x0]}, 0x80000000, 0x0, 0x100006, 0x10010, 0x5, 0x4000, 0x100000, [0xfff, 0x8, 0x485a, 0x6]}) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_GET_CLOCK(r0, 0x8030ae7c, &(0x7f000024d000-0x30)={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000241000/0x18000)=nil, &(0x7f0000777000)=[@textreal={0x8, &(0x7f0000ae8000-0x36)="e170705f058ec8f00fb11066b9e30800000732660ffdd7660f1239baf80c66b82204fb8566efba84fc0c0c9797ef394a00f30f3289bc0000", 0x38}], 0x1, 0x60, &(0x7f0000ae7000)=[], 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f000084e000)={0x8, 0x5}) ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f00004ae000-0x1c)={0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1, 0x2, 0x0}) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_DIRTY_TLB(r4, 0x4010aeaa, &(0x7f0000aef000-0x10)={0x7, 0x100}) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 29.771304] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 29.771756] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 29.772501] BndCfgS = 0x0000000000000000 [ 29.772781] Interruptibility = 00000008 ActivityState = 00000000 [ 29.773216] *** Host State *** [ 29.773501] RIP = 0xffffffff811b6777 RSP = 0xffff8800522274c8 [ 29.773909] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 29.774358] FSBase=00007f4c3a973700 GSBase=ffff88006e100000 TRBase=ffff88006e122cc0 [ 29.774924] GDTBase=ffffffffff574000 IDTBase=ffffffffff57b000 [ 29.775351] CR0=0000000080050033 CR3=000000006ced3000 CR4=00000000000026e0 [ 29.775850] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 29.776375] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 29.776812] *** Control State *** [ 29.777064] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 29.777966] EntryControls=0001d1ff ExitControls=00afefff [ 29.778638] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 29.779219] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 29.780070] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 29.780590] reason=80000021 qualification=0000000000000000 [ 29.781197] IDTVectoring: info=00000000 errcode=00000000 [ 29.781582] TSC Offset = 0xffffffe526db0e08 [ 29.781953] EPT pointer = 0x000000006997f01e [ 29.782376] Virtual processor ID = 0x0754 2017/08/11 21:15:15 executing program 2: mmap(&(0x7f0000000000/0xae5000)=nil, 0xae5000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@text32={0x20, &(0x7f0000ae5000-0x58)="f20f5dea640f01d7b9ec0a0000b8934b549cba000000000f300f090fc76b000f38c8a4300001c0fec744240000800000c74424027dd05742c7442406000000000f011c2466b8ab008ec066bad104b024ee64660f38820482", 0x58}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @flags={0x3, 0x4040}], 0x2) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 2017/08/11 21:15:15 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4e, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:15 executing program 1: mmap(&(0x7f0000000000/0x2b000)=nil, 0x2b000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000017000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x201) ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f000002a000-0x10)={0x0, 0x0, 0x0, 0x0}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000017000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x4, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, [0x0, 0x100, 0x4, 0x8]}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000011000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x105002, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0}, {0x4, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34b582ec71cdec64, [0x4, 0x0, 0x0, 0x0]}) 2017/08/11 21:15:15 executing program 6: mmap(&(0x7f0000000000/0xaeb000)=nil, 0xaeb000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f000096a000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00001b8000-0xf8)={0x5, 0x0, [{0x8000, 0x4, 0x0, 0x0, @adapter={0x20, 0xc10c, 0x5947, 0x4, 0x1}}, {0x4, 0x2, 0x0, 0x0, @sint={0xe1, 0x1}}, {0x7, 0x7, 0x0, 0x0, @msi={0x1, 0x8, 0x6}}, {0x1, 0x0, 0x0, 0x0, @sint={0xe5, 0x8}}, {0x20, 0x2, 0x0, 0x0, @msi={0x6, 0xfffffffffffffffe, 0x9}}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000012000-0x20)={0x10003, 0x1, 0xf000, 0x1000, &(0x7f0000338000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000aeb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000aeb000)={0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) eventfd2(0x800, 0x80001) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f0000644000)={0x5, 0x0, [{0x80000008, 0x1000, 0x5, 0x60ae, 0x3, 0x0}, {0xd, 0x61f, 0x3, 0x100000000, 0x2, 0x0}, {0xb, 0x9, 0x1000, 0x8, 0x1, 0x0}, {0x8000001f, 0x3ff, 0x9, 0x0, 0xcf, 0x0}, {0x1, 0x3, 0x8, 0x5, 0x3ff, 0x0}]}) mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f000088e000/0x18000)=nil, &(0x7f0000aed000-0x18)=[@text16={0x10, &(0x7f0000ada000)="ba2000b0f0eeba6100d2c366efb800008e0c87e4670f01c800072c0f0d004066b8db0000000f06c80f21f866350800d0000f23f83e6567660f38dea419f79758603e3ef2ad", 0x45}], 0x1, 0x0, &(0x7f0000aec000)=[@dstype0={0x6, 0xb}], 0x1) r4 = eventfd2(0x0, 0x800) mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) read$eventfd(r4, &(0x7f0000aec000)=0x0, 0x8) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000aea000-0x18)={0x0, 0x0, []}) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r6 = eventfd2(0x8023, 0x0) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, &(0x7f0000aed000)=0x1) r7 = eventfd2(0x0, 0x0) ioctl$KVM_DEASSIGN_DEV_IRQ(r2, 0x4040ae75, &(0x7f00009db000)={0x100, 0x3c, 0x200, 0x0}) ioctl$KVM_SET_SIGNAL_MASK(r5, 0x4004ae8b, &(0x7f0000071000-0x50)={0x4c, "1c4c820efa6b7414d1451725b70130486bbb62b52d1988fed8d4e07f6759f6f8bb9b7bd91f07536afca166954696c90af92f61c54c15daa13f1877ec029bc190d2f351321a498a14db24be40"}) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000aeb000-0x20)={r6, 0x3, 0x2, r7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) read$eventfd(r7, &(0x7f0000aee000-0x8)=0x0, 0x8) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2017/08/11 21:15:15 executing program 2: mmap(&(0x7f0000000000/0xae5000)=nil, 0xae5000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@text32={0x20, &(0x7f0000ae5000-0x58)="f20f5dea640f01d7b9ec0a0000b8934b549cba000000000f300f090fc76b000f38c8a4300001c0fec744240000800000c74424027dd05742c7442406000000000f011c2466b8ab008ec066bad104b024ee64660f38820482", 0x58}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @flags={0x3, 0x4040}], 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:15 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:15 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x0, 0x0}, {0x2000, 0x0, 0xf, 0x6, 0x0, 0x2, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:15 executing program 5: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x801, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000011a000)={0x1397, 0x8c, 0x0, 0x4, 0x8}) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000033d000-0x8)={0x1, 0x0}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000311000/0x18000)=nil, &(0x7f00006cb000-0x18)=[@text32={0x20, &(0x7f0000af0000)="b9800000c00f3235010000000f30660febb13600c0fe0f01c8660f38812ff30f1077ac0fc7a80f000000c4c17e7ff5f4f4660f38805f84", 0x37}], 0x1, 0x0, &(0x7f0000af0000)=[], 0x0) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000af1000)=0xb5) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000aef000-0x30)={0x20, 0x401, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00000ab000)={0x2, 0x800, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00002de000-0x40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000-0x400)={"3a5ca361a0df102fae43a3f1ec872c0185c9813608eed8f847374008d61d0bcfc300bc75ce5da3001ccb1007655a4f7410ae2abb351756d325000000000000000929f3f5b20949d1948e7dc1c8f2b7a1f53f726c506fca4289a7935507ddb99198bc1ac4b348ae7c27061ead76d16ca486010f0a3be5e5fb88b250282a1f4370284b669a6aa05d6f099ea5ce98744d4d02be5ff2bfc8a7b31392162b70f9bf6a7921ca46c22eba76a3f5fada926a9e3d39e841a85aff9e2e11df5a017550dd503eafb49349716d060d697bd0978eac053d12de846fb7d0ef0ce4f7942061ad998b000619474f6ab8bbaf74f23bef3d8874a920f438d7a3bbe9ac54c269dd8463b191dfff0392af9ef495aad6c7831f72e87d20d39c030400c2b6b009dc52fe4a87d2adbd31ef3991643480dc4e1a94dad4aaae0bbd182f86a7572202d932534fe78aa6205a387714ba722fc29e394626c6950754c5bd8e959a3d108590f13f43f23507624d0f3b464f483d2f11878b000000000000224f20a2cb5984b4f2be4d93aef0f2ae60ada076cc86b6ecd9f9cd27c13ff16725a99f1d96fb35409d9aad7cd14b4a0a6fa33236d40760c0dd77c75cea3ced7055169ac4c767c91aadd231e5b211e9b8df16a1e2aef8d3a7e02a4f7c8fb0e989f9a28788638fec8d03543fededef667b0b0cde85958ef5dd2355e3dade1126022ada4186160bcf69f139938bd9c5fe1f46fd5c8d522320840de0ede209ee11a4655a157b1ed47b6aa5daad7bc7f96313d2e02144e50a7f64ccfb866b1cc3a04ebd7e460e69f42856b474e681e2917b593b931cd487a487329d58151d14f4f1eb1b123f29f21899c524c2808269f7a833d5ed3cd93e2ffc0dbdf3c50c736b10512607837e8f50144c1c14e052c788381a2b236becb2d2bfdf0467cefcbe6926090434d31323d47576de4566f61ab7f1fab0f73e2e9b58c328f73f8fecef3e9bbad4b177d9dd2a0e3e7a6f108477afef361fd23ea1a575dd9b86515833f5bd4c5c9ddb9e5432d723f3eb50339ae229108ae769ac632d312761db5057fe4ddfae2f22be1f709bc0feef9d8dcf05a425d354bda07e3780f19d3a073e737bcc8220febd750e3ce854987000000200969d3883126c687ff7ef6c0a16aa18bf594c681ae4c2ec063b792ae01166868672360aefb97539f6825c2f17933ce890a2d7ca53fcf77dc8dd4a0e64b7010aa7fd14f7833ab907d4d3c5df1ce497abfea23c94ab44d6b0f389480b4f0c077b98ba319dff8ab86cb7ff6b9f26e1f7e88b010000038000000000b5acf132544e59a2dea65e8019ef4642e672aebc040bfbfd6e7c4e8846917b3e17e9b5673b31c4f3528baaf61b01bf160c3b535bcc7b23ee34371286407409fa292ad059d4e40624e76b8a7d3d516adae9c3fcecb877f4d9d39035338787435f6372c5fb88cd"}) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f000026f000)={0x0, 0xdf, 0x8, &(0x7f00009f0000-0x8)=0x0}) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000af0000-0x8)={0x1, 0x9}) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00007fe000-0x86)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000af2000)={0x2200000000000000, 0x105000, 0xe1fbfc4, 0x2, 0x14, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f0000af3000)={0x202000000000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f00005b6000-0x14)={0x0, 0x0, 0x7ff, 0x0, 0x0}) 2017/08/11 21:15:15 executing program 4: mmap(&(0x7f0000000000/0xaef000)=nil, 0xaef000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000037000-0xc)={0x6, 0xffffffffffffffff, 0x1}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000517000-0x18)={0x0, 0x6, 0x4, &(0x7f0000001000-0x8)=0x0}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae7000-0x9)="2f6465762f6b766d00", 0x81, 0x0) ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f000075a000)=0x0) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f0000aee000)={{0xf000, 0x4000, 0x0, 0x1017, 0x0, 0xbd, 0x6, 0x1000, 0x1, 0x6, 0x1, 0x9, 0x0}, {0x10000, 0x2000, 0x0, 0x7, 0x3, 0x9, 0x9, 0x7, 0x81, 0x8, 0x6, 0x80000001, 0x0}, {0x10d002, 0x4000, 0xa, 0x800, 0x80, 0xbb6, 0x1, 0xfb7, 0x9, 0x8, 0x1, 0x0, 0x0}, {0x0, 0x4000, 0x0, 0x0, 0x2, 0x7, 0x80000001, 0xfffffffffffffffe, 0x400, 0x3, 0x2, 0x401, 0x0}, {0x5000, 0x5001, 0xc, 0xffffffffffff0000, 0x56, 0x101, 0x5f4c, 0x4, 0x35, 0x17d1, 0x5, 0x9, 0x0}, {0x4000, 0x5000, 0xc, 0x9, 0x19, 0x8b, 0x0, 0x200, 0x7fff, 0x101, 0x5, 0x7c14e688, 0x0}, {0x1f000, 0x4000, 0xa, 0x800, 0xe30, 0x4, 0x3, 0x6, 0x0, 0xffffffffffff8001, 0x2, 0x90000000000, 0x0}, {0x5000, 0xf000, 0xd, 0x9, 0xffffffff, 0x8, 0x1000, 0xfffffffffffffff8, 0x3, 0xfe33, 0x3, 0xfffffffffffffffc, 0x0}, {0x4, 0x10000, [0x0, 0x0, 0x0]}, {0x1, 0x1000, [0x0, 0x0, 0x0]}, 0x80000000, 0x0, 0x100006, 0x10010, 0x5, 0x4000, 0x100000, [0xfff, 0x8, 0x485a, 0x6]}) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_GET_CLOCK(r0, 0x8030ae7c, &(0x7f000024d000-0x30)={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000241000/0x18000)=nil, &(0x7f0000777000)=[@textreal={0x8, &(0x7f0000ae8000-0x36)="e170705f058ec8f00fb11066b9e30800000732660ffdd7660f1239baf80c66b82204fb8566efba84fc0c0c9797ef394a00f30f3289bc0000", 0x38}], 0x1, 0x60, &(0x7f0000ae7000)=[], 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f000084e000)={0x8, 0x5}) ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f00004ae000-0x1c)={0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1, 0x2, 0x0}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_DIRTY_TLB(r4, 0x4010aeaa, &(0x7f0000aef000-0x10)={0x7, 0x100}) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 29.920784] kvm [6919]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000023 data 0x66c900003b9a1043 [ 29.924551] kvm [6919]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000022 data 0x66c90000cb211043 [ 29.926118] kvm [6919]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000020 data 0x66c9000000041043 [ 29.927308] *** Guest State *** 2017/08/11 21:15:15 executing program 1: mmap(&(0x7f0000000000/0x28000)=nil, 0x28000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000017000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) madvise(&(0x7f0000005000/0x1000)=nil, 0x1000, 0x6f) ioctl$KVM_KVMCLOCK_CTRL(r2, 0xaead) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000028000-0x49)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000017000)={{0x106000, 0xf001, 0x1f, 0x6, 0x5, 0x6000000000000000, 0x4, 0x8001, 0x1, 0x1f, 0x2, 0x6585099f, 0x0}, {0x3, 0xf000, 0x0, 0x9, 0x100000001, 0x2, 0x1f, 0x10000, 0x2, 0x8, 0x120000000, 0x2, 0x0}, {0x0, 0x6000, 0xe, 0x8, 0x4, 0x400, 0x800, 0x1f, 0x4, 0xfffffffffffffffc, 0x289, 0x2, 0x0}, {0x4000, 0x4, 0xe, 0x5, 0x20, 0x0, 0x3, 0x80000000, 0x4, 0x7, 0x1, 0xfffffffffffffffd, 0x0}, {0x4, 0x4000, 0xf, 0x3, 0x9f99, 0x1, 0x6d0, 0xfffffffffffffffe, 0x80, 0x9, 0x5, 0x400, 0x0}, {0x4000, 0x1f000, 0xb, 0x7fffffff, 0x3, 0x4, 0x7, 0x5, 0x100000001, 0x9, 0xff, 0x5, 0x0}, {0xd001, 0x5000, 0x0, 0x100000000, 0x101, 0x6, 0x200, 0x7, 0x3, 0xfffffffffffffc00, 0x5, 0x4, 0x0}, {0xf000, 0x3000, 0x0, 0x0, 0xf87b, 0x5, 0x8, 0xff, 0x4, 0x40, 0x7fffffff, 0x6, 0x0}, {0x1, 0x2, [0x0, 0x0, 0x0]}, {0x6000, 0x5000, [0x0, 0x0, 0x0]}, 0x4, 0x0, 0x0, 0x2000, 0x6, 0x8000, 0x2, [0x5, 0x100, 0x4, 0x8]}) mmap(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_DEASSIGN_DEV_IRQ(r1, 0x4040ae75, &(0x7f0000029000-0x10)={0x7fffffff, 0x80, 0x20, 0x400}) mmap(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000028000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000015000-0x8)=0x0) ioctl$KVM_S390_UCAS_MAP(r2, 0x4018ae50, &(0x7f0000021000)={0x0, 0x20, 0x6b9}) mmap(&(0x7f0000028000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x8040ae9f, &(0x7f0000001000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mmap(&(0x7f0000029000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f0000017000)={0x0, 0x2, 0x8, &(0x7f000002a000-0x8)=0x0}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000000f000/0x18000)=nil, &(0x7f0000029000-0x18)=[@text16={0x10, &(0x7f000000d000)="0f06ba4200ec66b8e90000000f23d80f21f86635000000400f23f866b8008000000f23d00f21f866352000000d0f23f86766c74424002f9f9ae46766c7442402480000006766c744240600000000670f011c240fc76a2a66b98508000066b80078000066ba000000000f300f07b861000f00d866b9800000c00f326635008000000f30", 0x83}], 0x1, 0x37, &(0x7f0000009000-0x20)=[@cr0={0x0, 0x40040001}, @dstype3={0x7, 0x1}], 0x2) mmap(&(0x7f000002a000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f0000000000)=0x0) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000025000)={0x1, 0x0, [0x5, 0x2, 0xffffffff, 0x5, 0x1, 0x3, 0x606, 0x0]}) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f000002b000-0x14)={0x1, 0x3ff, 0x8, 0x2, 0x6}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000011000)={{0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x34b582ec71cdec61, [0x4, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x8040ae9f, &(0x7f000001a000-0x7)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) [ 29.927314] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 29.927319] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 2017/08/11 21:15:15 executing program 2: mmap(&(0x7f0000000000/0xae5000)=nil, 0xae5000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@text32={0x20, &(0x7f0000ae5000-0x58)="f20f5dea640f01d7b9ec0a0000b8934b549cba000000000f300f090fc76b000f38c8a4300001c0fec744240000800000c74424027dd05742c7442406000000000f011c2466b8ab008ec066bad104b024ee64660f38820482", 0x58}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @flags={0x3, 0x4040}], 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:15 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x0, 0x0}, {0x2000, 0x0, 0xf, 0x6, 0x0, 0x0, 0x1, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 29.927321] CR3 = 0x0000000000002000 2017/08/11 21:15:15 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 29.927324] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 29.927328] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 29.927333] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 29.927338] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.927345] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.927351] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 29.927357] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 29.927364] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.927370] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 29.927375] GDTR: limit=0x00000004, base=0x0000000000000000 [ 29.927381] LDTR: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000002000 [ 29.927386] IDTR: limit=0x00000000, base=0x0000000000000001 [ 29.927392] TR: sel=0x000a, attr=0x09059, limit=0x00000004, base=0x0000000000000000 [ 29.927397] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 29.927403] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 29.927419] BndCfgS = 0x0000000000000000 [ 29.927423] Interruptibility = 00000008 ActivityState = 00000000 [ 29.927425] *** Host State *** [ 29.927429] RIP = 0xffffffff811b6777 RSP = 0xffff880069d2f4c8 [ 29.927437] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 29.927442] FSBase=00007f4c3a973700 GSBase=ffff88006e000000 TRBase=ffff88006e022cc0 [ 29.927447] GDTBase=ffffffffff575000 IDTBase=ffffffffff57b000 [ 29.927453] CR0=0000000080050033 CR3=00000000678ac000 CR4=00000000000026e0 [ 29.927458] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 29.927465] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 29.927469] *** Control State *** [ 29.927475] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 29.927479] EntryControls=0001d1ff ExitControls=00afefff [ 29.927484] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 29.927489] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 29.927494] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 29.927498] reason=80000021 qualification=0000000000000000 [ 29.927502] IDTVectoring: info=00000000 errcode=00000000 [ 29.927506] TSC Offset = 0xffffffe503cb59ca [ 29.927511] EPT pointer = 0x000000006bf0d01e [ 29.927515] Virtual processor ID = 0x0785 [ 29.949852] kvm [6928]: vcpu0, guest rIP: 0x9112 disabled perfctr wrmsr: 0xc2 data 0x66c9000000001043 [ 29.949914] kvm [6928]: vcpu0, guest rIP: 0x9112 disabled perfctr wrmsr: 0xc1 data 0x66c9000000001043 [ 29.954555] kvm [6928]: vcpu0, guest rIP: 0x9112 disabled perfctr wrmsr: 0xc2 data 0x66c9000000001043 2017/08/11 21:15:15 executing program 4: mmap(&(0x7f0000000000/0xaef000)=nil, 0xaef000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000037000-0xc)={0x6, 0xffffffffffffffff, 0x1}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000517000-0x18)={0x0, 0x6, 0x4, &(0x7f0000001000-0x8)=0x0}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae7000-0x9)="2f6465762f6b766d00", 0x81, 0x0) ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f000075a000)=0x0) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f0000aee000)={{0xf000, 0x4000, 0x0, 0x1017, 0x0, 0xbd, 0x6, 0x1000, 0x1, 0x6, 0x1, 0x9, 0x0}, {0x10000, 0x2000, 0x0, 0x7, 0x3, 0x9, 0x9, 0x7, 0x81, 0x8, 0x6, 0x80000001, 0x0}, {0x10d002, 0x4000, 0xa, 0x800, 0x80, 0xbb6, 0x1, 0xfb7, 0x9, 0x8, 0x1, 0x0, 0x0}, {0x0, 0x4000, 0x0, 0x0, 0x2, 0x7, 0x80000001, 0xfffffffffffffffe, 0x400, 0x3, 0x2, 0x401, 0x0}, {0x5000, 0x5001, 0xc, 0xffffffffffff0000, 0x56, 0x101, 0x5f4c, 0x4, 0x35, 0x17d1, 0x5, 0x9, 0x0}, {0x4000, 0x5000, 0xc, 0x9, 0x19, 0x8b, 0x0, 0x200, 0x7fff, 0x101, 0x5, 0x7c14e688, 0x0}, {0x1f000, 0x4000, 0xa, 0x800, 0xe30, 0x4, 0x3, 0x6, 0x0, 0xffffffffffff8001, 0x2, 0x90000000000, 0x0}, {0x5000, 0xf000, 0xd, 0x9, 0xffffffff, 0x8, 0x1000, 0xfffffffffffffff8, 0x3, 0xfe33, 0x3, 0xfffffffffffffffc, 0x0}, {0x4, 0x10000, [0x0, 0x0, 0x0]}, {0x1, 0x1000, [0x0, 0x0, 0x0]}, 0x80000000, 0x0, 0x100006, 0x10010, 0x5, 0x4000, 0x100000, [0xfff, 0x8, 0x485a, 0x6]}) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_GET_CLOCK(r0, 0x8030ae7c, &(0x7f000024d000-0x30)={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000241000/0x18000)=nil, &(0x7f0000777000)=[@textreal={0x8, &(0x7f0000ae8000-0x36)="e170705f058ec8f00fb11066b9e30800000732660ffdd7660f1239baf80c66b82204fb8566efba84fc0c0c9797ef394a00f30f3289bc0000", 0x38}], 0x1, 0x60, &(0x7f0000ae7000)=[], 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f000084e000)={0x8, 0x5}) ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f00004ae000-0x1c)={0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1, 0x2, 0x0}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 2017/08/11 21:15:15 executing program 1: mmap(&(0x7f0000000000/0xaec000)=nil, 0xaec000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f000016b000-0xc)={0x6, r0, 0x1}) mmap(&(0x7f0000aec000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000aed000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000aed000-0xd8)=@pic={0xfffffffffffffff7, 0x986, 0x8, 0x7, 0x3, 0x100000001, 0x7, 0x8001, 0x0, 0x5, 0x800, 0x80000000, 0x401, 0x4, 0xff, 0xa0000}) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000aee000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_GET_PVINFO(r1, 0x4080aea1, &(0x7f0000af0000-0x4)="00000000") ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000aea000)={0x0, 0x0, 0x0}) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000310000-0x10)={0x0, 0x1000, 0x0}) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_XEN_HVM_CONFIG(r2, 0x4038ae7a, &(0x7f0000aee000-0x38)={0x9, 0x4, &(0x7f0000af0000-0xc1)="358efaf6cb016af13bbef5a6f5254ea065458453ac89d572cbeb1b86be36eeeb61a78f0d4bd0e0f1754d303dd5690e041c0ef3eaf7a1bb46cdc054303b81e93031f23a88cc8f442719d7bdf3f62409f42ecdc1f26f61ea38749780b824f6bbfff35f5837a4d6684ea5cd46539734245b77af200ea7c13d6913d73987cda3dc1086d71a1a3e8c5c6ab9fe83cf59d55783ba9ab5243ef937c4286fbd823ccad1594d3b9967c5b4c4af7d1c20ec053b3c76abcf2a0e53f9fccb757e83ff80527f31eb", &(0x7f0000aee000-0x1000)="bac57ab37a2fb241a72e2e268b5f8e1359663d8c6bc096b7fb2f168a2b9165935053fff9c4597c1f16c3254cd530481ac004cc1d4407f2024d8521504b3252fa0878f198cc30f64122d739186225f2d02fc55e183e2c502131fd9ec662c3a56106352e8e353a7ae9e47d699c049fd8489afd1e45075dc88ea4744afff0e71aef09c156356b3ec72ebe5562902d2c164f8d4055d1f30d63eca5b7a7b953193a285e54e592c82c04b7c6c6ff6867b3650400ea7006c8ada14504706e854c4885f9d3e0dbc2f29329a503e6d1a174e76afdd98884ba032e1055f5a94caff170518b63d963a17740b5225b9c1e9ab5ce535aab96149ca49b92f459d05181730bf4fa277558d9c36cb549b54d7b4f393f2d4f9c7aa9708e6860afcb81628bc3d31be3fe00d2fa430f7c68944e1518e13da4f0735dbf4ca4dddf06fbf31c496928d07bffd029e2e9d0b204f7266e82d0b7865697e27a90cae054dfab6a50c20fcccbc6287b6b98f37e632582a9b993d8e8ba2f42d28c2ad8da7f1c9490c12008e0a0b4a30b660b81036e323537c5d075e971c4c6dd984bed49db88634c4f595b2e97088b4b35fcc7195b0352eb3bfb66ddeeacf44a6f6b50fe1aef196e560cb3379356794d1baedc31bca6611264597ded03ccc694350cfd737d5ad6f5215a6e032b9116b14678b027380584c36b3e1f535a8900fb591bc56efbb515bbf4553f8b36a2ff78dd6833d9c0ee6c08f0602935495d0efeaee0a76748c5cf8c68958dc69b98089bfe79c963c0e46a663687c9bd0adf0b6dbe55360ee1d6b6d0e87dde9601546d8f7eac51e01955b2cb1d2a9d62249bf07e5329623b4fe3eff7fd98706361401c1195f4c07c21fc0dd991dc229ee0242d6608d65889355f549833e5253d7c0a8341cc508454fa95dfbadd965151fb60b96f29aa137306bbb757871003c8e4793db875657ce38afd609d65b17e4efec6cdea647428183b8d01f0b29ebe0b3ef5e123d8a5a6cbe8ff6c820b5aab8c7f2e539893230ca4c0601aac12544097dd0c8d1dc9a14bc4a23bb039864e868453b8d16c833a861414debc2c7cbe575a7cb8dee58d2248ca25c27b14235c08a48f368d707fa516d51fc55fda8e3da8af2e1c3eeac0a173d10c4caca12edc7cf7c375218d5502a7dab8b58eb61528f71b496eb86f0e3595eb303c72d46a9d4b31f0acea822b2247e4d57226034d9136925d4c1149581795178405316a4637d79eb2febbc582235d212bed7d706555af3d81de24ff614ce6d4f1caae6ab11523ca2def67438d702d635bf588fb0446bf21ccfb31e251127ac677fde225d958c8891e7c5bb7493f45d0c23668b15f747e49152742398257f28b3dbd36ba848a87783a81c76e4eb08025e77d902ea3143b4c41233abaa314277ad6f697df7c873eb25ca4e92568b7ea264d0587ff93e27d1d8cdf0407684a54e21866c9f827e29c460670024d51de2063ba3e31d121d7939bfb0984a91f5bd6d27b80d7c3340c2bab7bf5b074f6bd14f02be342cdfb9ce0a889d9276705062ae0df3d79f9f4357b52a54969128bd4a391a145f86729aa2882d4f025c7eb5ffc08d3417b176476c67fef6b4ac029ff7fdedd54929900d4fe7337bb99ba3f4c871d069553b4f72f12ba1d8d4ce255975ac7aba79a96e88fab251e9a7fe5efdf5146b80dc1a626a2a9e3bdbd79850bb44ecaaa67f5e0bd4abb29ca3b8ef1ac09bc66cdcf10f98d81135f6e428e4a0fdae027eb92556aa0a9c80383bec394bed2057abbc7376ec5f46536adfa926464b7882d368d4d1ff07f50222c995c5f8be49a7524aea3ecb112307ce45ac9687b90628f6f19577c97e5edda3be893daf3f8aa086226c13c2ccc6313ca4fa118cc2b009732952dea1774a309b808127a154182b62bdc1dc81c812134605b46aaa28c1b3ebe9c69f5b84b8ff70a832ff734d39ec9541c5a1bc4324fb8b96260a56c01341bcd321c0a550c25f59c2e550b619dd18c2b8af5c0767dccc2e85848eebce72740d3944b69dcef4a5b28d6fc5a18ea838b041e7c053334c19cd1081dab0837c326b9df110e385c340630ce07d29da1cbd3cfdbd13c1895e96e2785001115092be8544a40754e3dbf953d9342ef97f6afd1f299fc0780c373f5f3ea015104ec35607044c23cb584153231dedde477df7d002b18b32777b8086e9f8751a59fd0b55dab8c5f0361305c45a426934cbf6e1ca04ca6d4db071f5e285c0356e18b741e9186f35564506719a4360409452cf3a6d78dca75a972562700ada22e7b31ff68d0bcb3dcb1ab9a9fae136563aef5f66e34a5889590d7549196680dd181d65437580885ee7bf357ce4ac23e0b800143d3af9ca5f5501680b8a0ea4da24cc8768dfd6f6d57f05d5725569b0fc04ef5e6c7067d4c8d409f5741efa591e8872fbc7c24d0fc86a6b05cb6968cf7cf080a0540966735f67584ffdc24727a8f31d21c80a9286175d2111608202ac03f405d9c27317da8ff38a460f7dc2289769887f1be5b798d2fe5962be8919073d0f1305632ee6d31eae9de5e68d2efab63e998c5a9286720f8707133e1d3a92d79fdaf5b37822dbb85ec85748fcb883371a3269f960732a2117484cf23e1e61f9715b490efd958bd611a58b59dc69fc9686dfcb521dc65daea6629c27853990a02b960cc748c7e609f8dc3dc168308ddcdde3e5886de4dfc042d75c52fcd7efbe8c479805d9a7fc9c11a48566b98996356d7ab02da0645c98f0dc5ba8a71a9fdc7b78d4a2db9d98d3574717e8b85b1e2ba62db102586a3e642468c2e4f4c73d4891d5bce86d0412b184ad8ff1470f8ed9d3c093f210dc983404b81aaf47952c885f0cea3a8ab331d22ec4fded8f17873affc2784dcfac5c911db27efbc20b21ee48e830b7cc379f692631958c8ba9aae1ed929f47ceccd7e402246126598a1f67e008a64997903395d10055ba20958aa3e8e07da438bcd6d30d4294409cd5ecb22089ad67188a02fa99138f8c517cce8709c01e9f05f1d1bf9169f6ee7cfa47caedf4c7ab54cf51802621e323117dbeab0a18a15292018dd6301be2021bbaa9c298d4d5bf8d28422d80b4cd3ed8bd0d5dd73399711e38dd42e128261fba29da2a983cb52da67d1bb730163ecbb3813d879f9b6f51ae96cb53ee10e102c9eea1490af594945ca0e39761a9a1ec5b75944565f7192268e562fa70ba1a649d7ae036d9f7fddefbeb3bed456cc3a4bdfc6f4144e665ca018188b0d7f437434740038c2a4e2ee8b5947530ab13369de61b19ba6144bff2f4dc0ff9c42bfd0ee54b26ab629df698be422c4f3c4212337d8133028511d0b0dc1db790b6e270d7bcdc998ea9c2a2e0bc133cca5d53421212c57d463aafa5831eb15d01440bc218a568a9ddaa1f234d85e910805d8750841d77b086546a5f6a21c6dee8973960005db4554e860fdc19856db9ecae8754debaaee1c40502ce3622a7595975cda70b5d4aa67ea910328706aa1efef86c820289a6c0610a638ec2e3f42bb219cc3dc3f55421592d9c52b82994a0c4302bd2594357bb8f3cf08df2792c71266ecdfc9eb43b34109cfdfcf2ca658174aef620d3ee33b05db19a15ae3348842cc991156abf5dd8daca19994167aa64eff7ffdcffae556bb9b9db507742f3f899996df82b551363bb801e2d1d07179d9497442d440e64250a6c068007754686210756f169c89a09821f6f4c5b641dffd665a4cfffef340799412210629d18b45a8cdc4f141d44b3b63e6b5771cabe1a8332d9885db2404a87603956f20a5dcd12b4bebdaa0e2cef909f0ab3f6fa655cafe8ecf380a5e8683e2ef3a414d66c30c72f42d7f1a49761124da269e6b035a1e26cf55a08781bd1b03ec7bf3878e869b058ff4afefcc161ae65d20ee382458441d40cff5f31a3ff3b71cefee4b9b76ad0d0122dfe03ed2a545402a00b2acb59f1eb3bfcd55bb1991b44266f0b3ba7b862acc515dafdc85e488a66b7cc2b5f0fb442f85cc8fbecd56876397b47d832fe42f0d902a6ee5fae76bf4e6fad28268b6a334b4a43a0f968c9a2a94095f26a120e5eb1a8bacefeaafef269d57be2a123cb9dcafbaf5627eb4e7885395decfcced7daace8174ff2c021e7700ac60712495f6db37a353f370f150aee6e4c5dcaa7debf3fe87d98e8ebad2556d2053436ad0964d6e22b2b313f64a26fbb8004a206139269c4a06d4f6701f0c1d4602803369e1a7154fac711ed9bb1f33588980d36e5fe3f0dff6111e97bcf620535119978b737b9735876ad57b618b53c30ba612e1b8b340d4d0396e2853b4dd884427394096834e0d89ce5a12f572238d2b27424cfcf92374a200230322b76ad75b55a96b0df2ec79f71ce2968bc1929abb04701198080cc521d1d45f2f4c8f1a4dc88f73e7ed33255fe99deeb673d30e8d9995cfa283fe9fe8ee509f5c79fac1afb83eeb0f47f9596ee7f4c5c99181818c476ddfd5ca335bafd2f02b56801c690f841ecc6c7b79c867cbbac79fd37f75dc9ffabe2cd65eedf58a2e28f33280b6563eb5f4f12dc83f6d1bde357a3b56e474bba57a4605630aac534c35ed3fecb2fadf4786bb86269a3d464d8b83411347178ec6db37a6985623f7ad82c070974f036b28079cf868cc03faba949a516541f92eeac3d65e5538185564df6c0ccbc26a6171116f87ec4a3256bc51178df52bef0833ab34c303695700df7fed1c108f908546681c5199abf65f1b27f09dabf166e1f0affa02a2dc460e36c8f3acb0cbbe14498d5168fdffdf61c48b7c1f3bdbb5c4759d7509cc1363318fe32ee17485bb4339b4836250535a017f05e1c26aad7b2a3f68b860a5a935f4cb7d6b340d43367c43b20f5b97c2197c29778eee349aed3f694edafda5e7ae61b226bc86ce51f845559ef3e07b99fc8b17c853883be0ddf75e9adf0cb8742e58cbcd5c1892150e87f85e57f6bf596d2b0734be41d4cb82c6ccc5308a079a9a6a486b0283ee73b83c24bdb76e49eb4a93e9fd31a6555c2caee814fb9a7f425a92b58dea0871b88463ff8010458108ec2c4cae0667c5cb0c8ac2aa370bd1f21e29c7dc5e35d4f8ac227215534a12afda76da9a9f20759a0f64f4a54c0d308fbd14f6d81d11f1fd0afd6c642a923829461b8a9754466fbb72d0f50141923ccd394e8a18405aa78002ef050b20c41756e2be448455526e9fadfd8f35ada7d6f3537e05a2bd4b9ac50225954c5aa5d99dc5188a563ffecec947a68edbba1b20b994eedc58c31d0881627cb2503b0d2205d14b4f689990945ceb8e14f721f17f64874d2a73424d49eb981be36ee2d966275c231d945fdd991f5c7c66cd298a516f2c5d565eb4daabe450a0933940a9536e655531e83f81f9ca13b3fb5093155b3e7678bcdd30b15dab9ae2a2da41c4daed5e38c82fc840ece6742ade458674502d5c38623aedf31abfab54117e315ea60f386cb44a1d727cec8672fea9bbeba136a787f89a0b36707905386b919eb5da348977a9912a8253ea2bf5c143c380ca517fabfbf6a31f09d91ce3e265892ddd6f23f6a0a1a536859688369a39cf242d6f56c23e31a166e1fe25f366ac874652cd526fa5f63f683d00a7f3d5904ffc8120abfbe17e02efca8ddd9134df43b81b001b597a5878fff8be45d819285907208636602f7e490d16509f244297597245da6506520c36acfbc515d8849bce87829b1b27a189c96c20cf9c9f2e7529c14d6beb55d4e44ce8759824b9ef6d37e59101d0187bee6e0dd3f10f6951ee300fae58c98d410f666b913ba2f87c82e7f93809452a0625", 0xc1, 0x1000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000aeb000-0x10)={0x0, 0x0, 0x0}) 2017/08/11 21:15:15 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) 2017/08/11 21:15:15 executing program 2: mmap(&(0x7f0000000000/0xae5000)=nil, 0xae5000, 0x3, 0x32, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@text32={0x20, &(0x7f0000ae5000-0x58)="f20f5dea640f01d7b9ec0a0000b8934b549cba000000000f300f090fc76b000f38c8a4300001c0fec744240000800000c74424027dd05742c7442406000000000f011c2466b8ab008ec066bad104b024ee64660f38820482", 0x58}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @flags={0x3, 0x4040}], 0x2) ioctl$KVM_RUN(r0, 0xae80, 0x0) 2017/08/11 21:15:15 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 30.009743] *** Guest State *** [ 30.010004] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 [ 30.010626] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 30.011290] CR3 = 0x0000000000002000 [ 30.011620] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 30.012055] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 30.012588] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 30.013208] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 30.014153] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 30.015084] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 30.016160] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 2017/08/11 21:15:15 executing program 5: mmap(&(0x7f0000000000/0xaed000)=nil, 0xaed000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000ae5000-0x48)={0x80003, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x52, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r0, r2, &(0x7f000028b000/0x18000)=nil, &(0x7f0000aee000-0x18)=[@text32={0x20, &(0x7f00002ea000)="0f8306000000d935000000000f213666baf80cb870aeef87ef66bafc0cb8a0d50000eff20f060f01c966ba6100edc74424000a000000c7442402329a0000c7442406000000000f011424b8010000000f01c1260f01cb", 0x56}], 0x1, 0x4, &(0x7f0000aee000-0x10)=[@cr0={0x0, 0x13}], 0x1) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x1, 0x35, r1, 0x3) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x0, 0x32, r0, 0x0) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@textreal={0x8, &(0x7f0000931000)="3ddddb0f21b70f20e06635000001000f22e0670f9da6fe6fd99166b9800000c00f326635000100000f30b800058ee0ba200066b89f6a000066ef66b90903000066b8c3da13d566ba882d78770f3026660f78c700ccf0290b", 0x58}], 0x1, 0x400065, &(0x7f00005d3000)=[], 0x0) r3 = pkey_alloc(0x0, 0x0) pkey_free(r3) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000ae1000)=[@text16={0x10, &(0x7f0000ae2000-0x5b)="6766c7442400009000006766c7442402050000006664c73524068d00000000000f011c240f0866b8430000000f23d00f21f86735a630000066b91503000066b8d400000066ba000000000f3067f36d0f3266b97e0300000f3266b9760900000f32f22e0f001d0f183f66640f06", 0x6d}], 0x1, 0x0, &(0x7f0000ae1000)=[@cr4={0x2, 0x0}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0x101) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000246000-0x10)={0x75, 0x80000000000}) mmap(&(0x7f0000aed000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000aef000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_S390_UCAS_UNMAP(r2, 0x4018ae51, &(0x7f0000aef000)={0x0, 0x10000, 0xfffffffffffffffd}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f00001e1000)={0x10000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mremap(&(0x7f000028f000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00005cd000/0x3000)=nil) r4 = pkey_alloc(0x0, 0x0) pkey_mprotect(&(0x7f00001f3000/0x1000)=nil, 0x1000, 0x5, r4) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001f1000/0x18000)=nil, &(0x7f0000778000)=[@text32={0x20, &(0x7f000099a000)="b805000000b9000000000f01c1b9150800000f320f01cab9bd0800000f320f00dd0f00d00f01582d66b80c010f00d86767660f383251210f50f1", 0x3a}], 0x1, 0x8, &(0x7f00002f8000-0x20)=[@efer={0x2, 0x400}, @flags={0x3, 0x80400}], 0x2) mmap(&(0x7f0000aee000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000aef000-0x90)={[0x10000, 0x7, 0xfffffffffffffc01, 0x80000000, 0x9d9e, 0xffff, 0x0, 0xe2, 0x7, 0x6d664873, 0x800, 0x3, 0x776b7480, 0x1ff, 0x9, 0x0], 0x0, 0x41090}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2017/08/11 21:15:15 executing program 2: mmap(&(0x7f0000000000/0xae5000)=nil, 0xae5000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff}) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@text32={0x20, &(0x7f0000ae5000-0x58)="f20f5dea640f01d7b9ec0a0000b8934b549cba000000000f300f090fc76b000f38c8a4300001c0fec744240000800000c74424027dd05742c7442406000000000f011c2466b8ab008ec066bad104b024ee64660f38820482", 0x58}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @flags={0x3, 0x4040}], 0x2) ioctl$KVM_RUN(r1, 0xae80, 0x0) [ 30.019130] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 30.021797] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 30.022690] GDTR: limit=0x00000004, base=0x0000000000000000 [ 30.023438] LDTR: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000002000 [ 30.024481] IDTR: limit=0x00000000, base=0x0000000000000001 2017/08/11 21:15:15 executing program 1: mmap(&(0x7f0000000000/0xaf8000)=nil, 0xaf8000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aeb000)="2f6465762f6b766d00", 0x0, 0x0) mmap(&(0x7f0000af8000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000af8000)={0x0, 0xffffffffffffffff, 0x1}) ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f0000683000-0x18)={0x0, 0x6, 0x4, &(0x7f0000af9000-0x8)=0x0}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_PIT(r2, 0xc048ae65, &(0x7f000037f000)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x4000000000003) mmap(&(0x7f0000af8000/0x1000)=nil, 0x1000, 0x2000008, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f000013a000/0x2000)=nil, 0x2000, 0x2000002, 0x3e, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000676000/0x2000)=nil, 0x2000, 0x1, 0x72, r1, 0x0) mmap(&(0x7f0000af9000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000562000/0x2000)=nil, 0x2000, 0xffffffffffffffff, 0x3a, r1, 0x0) mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_MP_STATE(r3, 0x8004ae98, &(0x7f0000afb000-0x4)=0x0) mmap(&(0x7f0000036000/0xc000)=nil, 0xc000, 0x0, 0x1013, r2, 0xffffffffffffe7fe) mmap(&(0x7f0000888000/0x1000)=nil, 0x1000, 0x6, 0x1000000000032, 0xffffffffffffffff, 0x0) mmap(&(0x7f00004ca000/0x4000)=nil, 0x4000, 0x3, 0x30, r2, 0x0) mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r3, 0x4048ae9b, &(0x7f0000523000-0x48)={0xf0003, 0x0, [0x67, 0x1f, 0x80000000, 0x100000000, 0x2, 0x0, 0x400000000000006, 0x80101]}) mmap(&(0x7f0000af9000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SMI(r3, 0xaeb7) mmap(&(0x7f0000af9000/0x1000)=nil, 0x1000, 0x0, 0x4030, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000af8000)={0x73, 0x100000001, 0x1, 0x0, 0x4, 0x337, 0x6, 0x8, 0x0, 0x8, 0x40, 0x2, 0x0, 0x0, 0x3, 0x81, 0x5, 0x8, 0x1}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000ae7000-0x20)={0x0, 0x2, 0x0, 0x2000, &(0x7f00005b3000/0x2000)=nil}) mmap(&(0x7f00009d3000/0x4000)=nil, 0x4000, 0xc, 0x30, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000afb000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f00005b3000/0x18000)=nil, &(0x7f0000afa000)=[@text64={0x40, &(0x7f00000b0000-0x66)="c7442400d38f7c83c744240200000000c7442406000000000f01142466bad104edf30f1aad260000008f290892b000200000d9feda4800c7442400a7df0000c744240200000000c7442406000000000f0114246766440f38827f00a90300000066b805018ee0", 0x66}], 0x1, 0x54, &(0x7f0000ac7000)=[@dstype3={0x7, 0x6}], 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2017/08/11 21:15:15 executing program 6: mmap(&(0x7f0000000000/0x21000)=nil, 0x21000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ASSIGN_SET_INTX_MASK(r1, 0x4040aea4, &(0x7f000001c000-0x14)={0xffff, 0x100000001, 0xffffffffffff0000, 0x0, 0x2}) mmap(&(0x7f0000021000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000021000)={0x5, 0x0, &(0x7f0000014000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f000001e000-0x20)={0x0, 0x3, 0x0, 0x1000, &(0x7f0000005000/0x1000)=nil}) mmap(&(0x7f0000021000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_ARM_VCPU_INIT(r2, 0x0, &(0x7f0000011000-0x20)={0x5f, 0x24, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f000001c000-0x18)={0x0, 0x8800, 0x10001, &(0x7f0000019000-0x8)=0x0}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000002000/0x18000)=nil, &(0x7f000001d000-0x18)=[@text64={0x40, &(0x7f000001c000)="5561768db3e6122d41a5c68a561d07d0bd937869ecfcda6fdac7109d23a756c3a66c647ccfbf3f36330f1dfe523e674af213b56fad718020c21915b1c4b1a37bfb1119ef6477d2d5992cf4079aa6fc2b7e2243ae91c0ca941773350bb4a9157016188f88", 0x64}], 0x1, 0x0, &(0x7f000001c000)=[], 0x0) mmap(&(0x7f0000022000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000022000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000005000/0x18000)=nil, &(0x7f0000023000-0x18)=[@textreal={0x8, &(0x7f000001a000)="baf80c66b80ae6568b66efbafc0cb0e9ee0f20d86635080000000f22d8660f382869e966b9800000c00f326635004000000f3066b8000001000f23c00f21f8663501000f000f23f866b9650b00000f32660f383db600000f3566b9800000c00f326635008000000f3086490e", 0x6c}], 0x1, 0x41, &(0x7f0000023000-0x10)=[@vmwrite={0x8, 0x0, 0x3, 0x0, 0xff, 0x0, 0x1c0000000000000, 0x0, 0xfffffffffffffffb}], 0x1) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000002000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0xe0000021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000018000-0x20)={0x10003, 0x2, 0x4, 0x2000, &(0x7f000000d000/0x2000)=nil}) mmap(&(0x7f0000022000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_IRQCHIP(r1, 0xc208ae62, &(0x7f0000023000-0xd8)=@pic={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f000001f000)={0x4, 0x0, &(0x7f000001c000/0x4000)=nil}) mmap(&(0x7f0000022000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_FPU(r2, 0x81a0ae8c, &(0x7f0000023000-0x1a0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000001e000)={0x0, 0x1002, 0x0, 0x3, 0x2}) mmap(&(0x7f0000022000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xd000)=nil, 0xd000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000007000/0x3000)=nil, 0x3000, 0x4001, &(0x7f000000b000)=0x0, 0x4, 0x0) mbind(&(0x7f0000000000/0x8000)=nil, 0x8000, 0x1, &(0x7f0000009000-0x8)=0x6, 0x76a, 0x1) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000003000/0x18000)=nil, &(0x7f0000014000)=[@text64={0x40, &(0x7f0000007000-0x49)="66baf80cb8f0e82d8def66bafc0cb800000000efb8010000000f01c1480f074b0f01c866baa00066ed2e430f01c9664f0f38808cca0f000000c4a2f91e1366ba420066ed4d0f005581", 0x49}], 0x1, 0x9, &(0x7f0000022000)=[], 0x0) mmap(&(0x7f0000023000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f0000023000)={0x0, 0x0, 0x400000000000, 0x8000000000000009, 0xffff}) [ 30.026389] TR: sel=0x000a, attr=0x09059, limit=0x00000004, base=0x0000000000000000 [ 30.027293] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 30.027951] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 30.029228] BndCfgS = 0x0000000000000000 [ 30.029662] Interruptibility = 00000008 ActivityState = 00000000 [ 30.030357] *** Host State *** [ 30.030685] RIP = 0xffffffff811b6777 RSP = 0xffff880054b574c8 [ 30.031330] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 30.032111] FSBase=00007f4c3a973700 GSBase=ffff88003fc00000 TRBase=ffff88003fc22cc0 [ 30.032880] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 30.034630] CR0=0000000080050033 CR3=000000006cc50000 CR4=00000000000026f0 [ 30.038345] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 2017/08/11 21:15:15 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x10d002, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 30.042084] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 30.042783] kvm [6971]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000023 data 0x66c900003b9a1043 [ 30.042831] kvm [6971]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000022 data 0x66c90000cb211043 [ 30.042900] kvm [6971]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000020 data 0x66c9000000041043 2017/08/11 21:15:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@text32={0x20, &(0x7f0000ae5000-0x58)="f20f5dea640f01d7b9ec0a0000b8934b549cba000000000f300f090fc76b000f38c8a4300001c0fec744240000800000c74424027dd05742c7442406000000000f011c2466b8ab008ec066bad104b024ee64660f38820482", 0x58}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @flags={0x3, 0x4040}], 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 30.048946] *** Control State *** [ 30.050650] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 30.051469] EntryControls=0001d1ff ExitControls=00afefff [ 30.052079] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 30.052783] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 30.053513] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 30.054645] reason=80000021 qualification=0000000000000000 [ 30.055355] IDTVectoring: info=00000000 errcode=00000000 [ 30.055967] TSC Offset = 0xffffffe4f9c8d654 2017/08/11 21:15:15 executing program 4: mmap(&(0x7f0000000000/0xaef000)=nil, 0xaef000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000037000-0xc)={0x6, 0xffffffffffffffff, 0x1}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000517000-0x18)={0x0, 0x6, 0x4, &(0x7f0000001000-0x8)=0x0}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae7000-0x9)="2f6465762f6b766d00", 0x81, 0x0) ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f000075a000)=0x0) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f0000aee000)={{0xf000, 0x4000, 0x0, 0x1017, 0x0, 0xbd, 0x6, 0x1000, 0x1, 0x6, 0x1, 0x9, 0x0}, {0x10000, 0x2000, 0x0, 0x7, 0x3, 0x9, 0x9, 0x7, 0x81, 0x8, 0x6, 0x80000001, 0x0}, {0x10d002, 0x4000, 0xa, 0x800, 0x80, 0xbb6, 0x1, 0xfb7, 0x9, 0x8, 0x1, 0x0, 0x0}, {0x0, 0x4000, 0x0, 0x0, 0x2, 0x7, 0x80000001, 0xfffffffffffffffe, 0x400, 0x3, 0x2, 0x401, 0x0}, {0x5000, 0x5001, 0xc, 0xffffffffffff0000, 0x56, 0x101, 0x5f4c, 0x4, 0x35, 0x17d1, 0x5, 0x9, 0x0}, {0x4000, 0x5000, 0xc, 0x9, 0x19, 0x8b, 0x0, 0x200, 0x7fff, 0x101, 0x5, 0x7c14e688, 0x0}, {0x1f000, 0x4000, 0xa, 0x800, 0xe30, 0x4, 0x3, 0x6, 0x0, 0xffffffffffff8001, 0x2, 0x90000000000, 0x0}, {0x5000, 0xf000, 0xd, 0x9, 0xffffffff, 0x8, 0x1000, 0xfffffffffffffff8, 0x3, 0xfe33, 0x3, 0xfffffffffffffffc, 0x0}, {0x4, 0x10000, [0x0, 0x0, 0x0]}, {0x1, 0x1000, [0x0, 0x0, 0x0]}, 0x80000000, 0x0, 0x100006, 0x10010, 0x5, 0x4000, 0x100000, [0xfff, 0x8, 0x485a, 0x6]}) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_GET_CLOCK(r0, 0x8030ae7c, &(0x7f000024d000-0x30)={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000241000/0x18000)=nil, &(0x7f0000777000)=[@textreal={0x8, &(0x7f0000ae8000-0x36)="e170705f058ec8f00fb11066b9e30800000732660ffdd7660f1239baf80c66b82204fb8566efba84fc0c0c9797ef394a00f30f3289bc0000", 0x38}], 0x1, 0x60, &(0x7f0000ae7000)=[], 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f000084e000)={0x8, 0x5}) ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f00004ae000-0x1c)={0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1, 0x2, 0x0}) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 30.058923] EPT pointer = 0x000000003c4cb01e [ 30.059822] Virtual processor ID = 0x0791 [ 30.061243] *** Guest State *** [ 30.061561] CR0: actual=0x0000000080000021, shadow=0x00000000e0000021, gh_mask=fffffffffffffff7 [ 30.062550] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=fffffffffffff871 [ 30.063455] CR3 = 0x0000000000000000 [ 30.064941] *** Guest State *** [ 30.064945] CR0: actual=0x0000000000000023, shadow=0x0000000060000003, gh_mask=fffffffffffffff7 [ 30.064948] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=fffffffffffff871 [ 30.064950] CR3 = 0x00000000fffbc000 2017/08/11 21:15:15 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x0, 0x0}, {0x2000, 0x0, 0xf, 0x6, 0x0, 0x2, 0x0, 0xffffffff, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 30.064951] RSP = 0x0000000000000000 RIP = 0x0000000000000000 [ 30.064954] RFLAGS=0x00041090 DR7 = 0x0000000000000400 [ 30.064957] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 30.064960] CS: sel=0x0043, attr=0x040fb, limit=0x000fffff, base=0x0000000000000000 [ 30.064964] DS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000 [ 30.064968] SS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000 [ 30.064972] ES: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000 [ 30.064976] FS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000 [ 30.064980] GS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000 [ 30.064983] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 30.064987] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 2017/08/11 21:15:15 executing program 2: mmap(&(0x7f0000000000/0xae5000)=nil, 0xae5000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@text32={0x20, &(0x7f0000ae5000-0x58)="f20f5dea640f01d7b9ec0a0000b8934b549cba000000000f300f090fc76b000f38c8a4300001c0fec744240000800000c74424027dd05742c7442406000000000f011c2466b8ab008ec066bad104b024ee64660f38820482", 0x58}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @flags={0x3, 0x4040}], 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 30.064990] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 30.064994] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 30.064997] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 30.065000] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 30.065012] BndCfgS = 0x0000000000000000 [ 30.065014] Interruptibility = 00000008 ActivityState = 00000000 [ 30.065015] *** Host State *** [ 30.065018] RIP = 0xffffffff811b6777 RSP = 0xffff880039a674c8 [ 30.065023] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 30.065026] FSBase=00007fdfd8629700 GSBase=ffff88006e100000 TRBase=ffff88006e122cc0 [ 30.065029] GDTBase=ffffffffff574000 IDTBase=ffffffffff57b000 [ 30.065032] CR0=0000000080050033 CR3=000000006bdcc000 CR4=00000000000026e0 [ 30.065036] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 30.065039] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 30.065040] *** Control State *** [ 30.065042] PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=001000e3 [ 30.065044] EntryControls=0001d1ff ExitControls=00afefff [ 30.065047] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 30.065049] VMEntry: intr_info=0000030d errcode=00000000 ilen=00000000 [ 30.065051] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 30.065053] reason=80000021 qualification=0000000000000000 [ 30.065054] IDTVectoring: info=00000000 errcode=00000000 [ 30.065056] TSC Offset = 0xffffffe4e89183b6 [ 30.065057] TPR Threshold = 0x00 [ 30.065059] EPT pointer = 0x000000006b72201e 2017/08/11 21:15:15 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 30.065062] Virtual processor ID = 0x079e [ 30.074781] kvm [6971]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000023 data 0x66c900003b9a1043 [ 30.074825] kvm [6971]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000022 data 0x66c90000cb211043 [ 30.074889] kvm [6971]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000020 data 0x66c9000000041043 2017/08/11 21:15:15 executing program 0: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000aed000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0xf000, 0xd, 0x3, 0xa96, 0x8, 0x5439, 0x8cb, 0xfff, 0x7, 0x1, 0x7, 0x0}, {0x7002, 0x1, [0x0, 0x0, 0x0]}, {0x3000, 0x2, [0x0, 0x0, 0x0]}, 0x80000004, 0x0, 0xf006, 0x200000, 0x4, 0x8100, 0xf000, [0x1, 0x4411, 0xd, 0x81]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000aee000)=[@text64={0x40, &(0x7f00009e1000-0xe)="f341882048b804000000000000000f23d00f21ef353000000b0f23f848831af34fdce436f3640f09260fbde65ef34da566baf80cb8b2c6be83efec0f22c40f0685", 0x41}], 0x1, 0x400065, &(0x7f0000aef000)=[@cr4={0x1, 0x500051}, @vmwrite={0x8, 0x0, 0x1, 0x0, 0x101, 0x0, 0x5d5, 0x0, 0x3}], 0x2) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f000006c000)={0x5000, 0x10000, 0x5, 0x3, 0x8000}) [ 30.093756] *** Guest State *** [ 30.093762] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 2017/08/11 21:15:15 executing program 1: mmap(&(0x7f0000000000/0xaef000)=nil, 0xaef000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000aec000)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000ae5000-0x48)={0x80003, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00006ab000/0x18000)=nil, &(0x7f00000be000)=[@text64={0x40, &(0x7f00007f0000-0x61)="c4e3396d1efeb9c60200000f3248b8c5910000000000000f23c80f21f835080070000f23f82666420f38818528580000420f354ba20b00000000000000b9cf0200000f3248b800900000000000000f23c80f21f8350400a0000f23f8470f320f06", 0x61}], 0x1, 0x2, &(0x7f0000132000-0x12)=[@cstype0={0x4, 0xd}, @cr0={0x0, 0x21}], 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000283000-0x50)={0x3, 0x0, [{0xc000000f, 0x1, 0x20, 0x81c4, 0x2, 0x0}, {0x0, 0x7fff, 0x0, 0xfffffffffffffff8, 0x7fff, 0x0}, {0x6, 0x2, 0x63, 0x6, 0x3186, 0x0}]}) [ 30.093767] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 30.093770] CR3 = 0x0000000000002000 [ 30.093773] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 30.093777] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 30.093783] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 30.093788] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 30.093794] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 30.093801] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 30.093808] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 30.093814] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 30.093821] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 30.093826] GDTR: limit=0x00000004, base=0x0000000000000000 [ 30.093833] LDTR: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000002000 [ 30.093838] IDTR: limit=0x00000000, base=0x0000000000000001 [ 30.093844] TR: sel=0x000a, attr=0x09059, limit=0x00000004, base=0x0000000000000000 [ 30.093848] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 30.093853] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 30.093856] BndCfgS = 0x0000000000000000 [ 30.093860] Interruptibility = 00000008 ActivityState = 00000000 [ 30.093862] *** Host State *** [ 30.093866] RIP = 0xffffffff811b6777 RSP = 0xffff88003b2b74c8 [ 30.093874] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 30.093879] FSBase=00007f4c3a973700 GSBase=ffff88003fc00000 TRBase=ffff88003fc22cc0 [ 30.093884] GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 [ 30.093890] CR0=0000000080050033 CR3=000000006b4c7000 CR4=00000000000026f0 [ 30.093895] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 30.093900] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 30.093902] *** Control State *** [ 30.093906] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 30.093909] EntryControls=0001d1ff ExitControls=00afefff 2017/08/11 21:15:15 executing program 7: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000a9c000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f00004ee000)="66b818010f00d8c4c27bf6cdb986040000b80f000000ba000000000f30c7442400e9060000c744240201000000c7442406000000000f01142466baf80cb8b4d4c588ef66bafc0cb00beeb9840200000f3266ba420066edb85bc6600b0f23c00f21f83503000c000f23f8c74424008000c0fec744240235000000c7442406000000000f011c2466baa000b000ee", 0x8d}], 0x1, 0xfffffffffffffffe, &(0x7f00003db000)=[], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000af1000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x1000, 0x0, 0x0, 0x2, 0x2ff, 0x6, 0x1, 0x5, 0x1, 0x1f, 0x60000000000000, 0x0}, {0x0, 0x4, 0xa, 0x9, 0xfc6, 0xc76, 0x2, 0xa0f, 0x6, 0x9, 0x3, 0x0, 0x0}, {0x2000, 0x0, 0xf, 0x6, 0x0, 0x2, 0x0, 0x0, 0x80000001, 0xffffffffffffffff, 0x2, 0x2, 0x0}, {0x0, 0x4, [0x0, 0x0, 0x0]}, {0x1, 0x0, [0x0, 0x0, 0x0]}, 0x80000008, 0x0, 0x2000, 0x8, 0x5, 0x2001, 0x1000, [0x800000, 0x1, 0x6, 0x10001]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 30.093914] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 30.093917] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 30.093921] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 30.093925] reason=80000021 qualification=0000000000000000 [ 30.093928] IDTVectoring: info=00000000 errcode=00000000 [ 30.093930] TSC Offset = 0xffffffe4e25d848c [ 30.093934] EPT pointer = 0x000000003da3201e [ 30.093937] Virtual processor ID = 0x07a7 [ 30.132632] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 30.133120] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 30.133524] Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 [ 30.133971] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 30.136619] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 30.137947] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 2017/08/11 21:15:15 executing program 5: mmap(&(0x7f0000000000/0xaf1000)=nil, 0xaf1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f000019b000)={0x0, 0x10000000, 0xfffffffffffffffe, &(0x7f000038d000)=0x0}) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f00005d1000-0xc)={0x2, 0xffffffffffffffff, 0x0}) mmap(&(0x7f0000291000/0x8000)=nil, 0x8000, 0x4000000003, 0x32, r0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f000034f000-0x9)="2f6465762f6b766d00", 0x1, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ARM_SET_DEVICE_ADDR(r3, 0x4010aeab, &(0x7f0000604000-0x10)={0x9, 0x6000}) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000777000)=[@text64={0x40, &(0x7f0000add000)="66b834010f00d026656766480f388274fb6a3e4c0f01cbc4820dbe75fac4e3fd6d0d5f090000803e360f01d1c4e139586d0036f2410f5934f066baf80cb822eaf082ef66bafc0cb062eec744240074240000c744240252000000c7442406000000000f011424", 0x66}], 0x1, 0x41, &(0x7f0000ad8000)=[], 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) ioctl$KVM_GET_XCRS(r3, 0x8188aea6, &(0x7f0000386000-0x38)={0x3, 0x8001, [{0x3, 0x0, 0x7}, {0x4, 0x0, 0x7}, {0x80, 0x0, 0x9}]}) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x3) ioctl$KVM_S390_UCAS_UNMAP(r6, 0x4018ae51, &(0x7f000017a000)={0x400, 0x6, 0x200}) syz_kvm_setup_cpu$x86(r5, r6, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000777000)=[@text64={0x40, &(0x7f0000add000)="66b834010f00d026656766480f388274fb6a3e4c0f01cbc4820dbe75fac4e3fd6d0d5f090000803e360f01d1c4e139586d0036f2410f5934f066baf80cb822eaf082ef66bafc0cb062eec744240074240000c744240252000000c7442406000000000f011424", 0x66}], 0x1, 0x41, &(0x7f0000ad8000)=[], 0x0) syz_kvm_setup_cpu$x86(r5, r6, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000ae1000)=[@text64={0x40, &(0x7f000017c000)="66baf80cb800d0d883ef66bafc0c66edc74424003fd1ce03c744240200300000c7442406000000000f0114244c351e0000008f491099bc9c040726294cc1eddac7442400ba000000c7442402fa7f0000ff1c24c45fe2daf52500dd000000442400e99eefbac744240200000000c7442406000000000f011424c4431d4a8c28000000000066f93c0c", 0x88}], 0x1, 0x0, &(0x7f0000ae1000)=[@cr0={0x1, 0x0}], 0x1) mmap(&(0x7f00000a6000/0x1000)=nil, 0x1000, 0x3, 0x20032, 0xffffffffffffffff, 0x0) ioctl$KVM_X86_SET_MCE(r6, 0x4040ae9e, &(0x7f0000ae8000-0x40)={0x4000000000000000, 0x6000, 0x200, 0x2, 0x20, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0]}) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f00001b3000/0x18000)=nil, &(0x7f0000ae1000)=[@text32={0x20, &(0x7f0000ae4000-0x74)="b9dd0b0000b871d90000ba000000000f30650f2181b8e90000000f23d80f21f835000000b00f23f8c4c2d5a602c744240000000000c744240276540000c7442406000000000f011424363e3e0f01d1c4c101f45b0c66baf80cb8a4e73281ef66bafc0cedc4e27959af8cc60000b92a0800000f32", 0x74}], 0x1, 0x0, &(0x7f0000ae1000)=[@cr4={0x2, 0x0}], 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) mmap(&(0x7f0000309000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000002000-0x8)=0x0, 0x2, 0x2) [ 30.138913] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 30.139576] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 30.140372] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 2017/08/11 21:15:15 executing program 2: mmap(&(0x7f0000000000/0xae5000)=nil, 0xae5000, 0x3, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@text32={0x20, &(0x7f0000ae5000-0x58)="f20f5dea640f01d7b9ec0a0000b8934b549cba000000000f300f090fc76b000f38c8a4300001c0fec744240000800000c74424027dd05742c7442406000000000f011c2466b8ab008ec066bad104b024ee64660f38820482", 0x58}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @flags={0x3, 0x4040}], 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 30.141379] GDTR: limit=0x00000000, base=0x0000000000000000 [ 30.142530] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 30.143109] IDTR: limit=0x00000000, base=0x0000000000000000 [ 30.143947] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 30.144552] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 30.145086] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 2017/08/11 21:15:15 executing program 3: mmap(&(0x7f0000000000/0xaf2000)=nil, 0xaf2000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0x3000008, 0x20000000000032, r1, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000af3000-0x24)="000000000000000000000000000000000000000000000000000000000000000000000000") syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000a71000/0x18000)=nil, &(0x7f0000ae2000-0x18)=[@text32={0x20, &(0x7f0000aeb000-0x5f)="b90401004066b84710000000d0ba000000000f3052c76dfef3ab66b8c4e3995c2708000f99d520e0e0ea0000b2b20ff6e02ec1e8050f3235001000000d30ef66bafc0cc966e955e96d266767f2a50f20d835080000000f228b58580f070f01b102000000", 0x64}], 0x1, 0x0, &(0x7f0000ae8000)=[], 0x0) mmap(&(0x7f0000af2000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4008ae93, &(0x7f0000aee000-0x8)=0x10000) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4068aea3, &(0x7f0000aef000)={0x7b, 0x0, [0x6, 0xffffffff, 0x9, 0x1000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) mmap(&(0x7f0000af3000/0x1000)=nil, 0x1000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000af3000)={"9bbb9daa05110ba1924a3f8c859bdff963f2ddb1d129f5cb2f3ae8ad3bf7068c284ba38f903676aee0049b473a5a33930a9b88deb6401d57b67b5ef503c6a4027167753b3422f85b1b144e1b09666f06770bb454bb980d5cb7f1e90d9427b10028d816afcb958eb5bc4541d20809f775835973db47fdab943f7ecf340ab9b2913f88a42aa228d95f1665dcb874e6b3b5b55a89a32e0fc862e12da3fafec957af0fce362e643894eaa38fbb8af58f8462371747c6e67ec819d268766c3c7a74e3f12575502e0ce18ab8fdeec25ec7767fae887d4cadb349c0f81694038d1a026d6a75e2531b1a8fb11b6cbd3f89a94184e04455b174f62410013ea1a32c38fc1a2448cd4c2c637b73782faf7ad9ae353b8bb6fed608778b7e846b159d0708eba89b05d4ae596fd1ce276f11b96ea628b944adcafcca622c34d8cf71c32e04679643d25bb8410efd790fae98de36207bab1c1fa95a3b125a7497822ea2f8a027ee6024ad4938ca93546a7967484ea5ed0850257facd046052d3fb4452ea95bdf6613884586ad0f7bedcf9ba794168fb9ef80fc98ab1b8c584220c399f85aa35e3b077eaa0dc79a9b88f0cdbf6805da3bca16d1fe88482e328bf0abd897070e43ead3304cdf1f113ab075a772b02e7e2b9d790f029decb02914d0fbb81bdcac8d08612898c453dd33e8a456e3cb4154e27f4d3bddea5732cd94d4adf21d3babfbb833a2ba8fcc71beafe13cfb9e8ed9fcaaecbc6a4e7c1da5f67cfae68fe80965a52918112a4927ca4a387ebf74fd5d910ceed87a668d3210361f45e8771482aceb28996ed99fdb143fc17c4112850b748c3eb5d121312f3c420d0dc03bfd571a1767bac9ae6c46b4edbfd70fb33dd89a8ae13dd57e722d95c28e5326a24054321553f3b50fe246f5e631dafc8088dcefe9029c67fbc7cb6631692d91aa5aba912b56f638cdcd14e873566edea35ecaaad547bbd265a6d4f6537ad9db538fb7db64a32c81c91dd6e4efd0317de1a0ff83c744470c93ddcaa6792e45db7d69e1106a251d39a5c5c6103f7aadb32d0290614362eaccc6d41b3f14154850e1959803f14d836a4223eb1c70249037e7adbf0e33d07a69a10d948a901858a8381803bcedcf610c985b5ea85ef46bbc44565e89142da665bede93e7c360cc814c8e00cafb81d02c95811ce32ba2dd85712056078d2f7d4be3cfc4eb157d63206d4b822599d40c02fd84ada2b572bd8899e93293a5ce6590d226f7c43858d47417bc2980358fb6ec2eee43fbbd31a00c9549680e76c31eef7f710e7aceb5a29d2a85f07332bb5e54a80ac44576e0010bc7cbd666ad4aff5174df288980f68510d74485b90afaf4040a30392861cce12229f97cbf2b8922d95110230423a3155f263d8066974f89cebaa258b87515d6d9f20c23d09067bdc955311d08300214a50ed060cc68"}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 30.146555] BndCfgS = 0x0000000000000000 [ 30.147047] Interruptibility = 00000000 ActivityState = 00000000 [ 30.147676] *** Host State *** [ 30.148101] RIP = 0xffffffff811b6777 RSP = 0xffff880054cdf4c8 [ 30.148700] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 30.149650] FSBase=00007fbd523e7700 GSBase=ffff88003fd00000 TRBase=ffff88006e022cc0 2017/08/11 21:15:15 executing program 4: mmap(&(0x7f0000000000/0xaef000)=nil, 0xaef000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000037000-0xc)={0x6, 0xffffffffffffffff, 0x1}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000517000-0x18)={0x0, 0x6, 0x4, &(0x7f0000001000-0x8)=0x0}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae7000-0x9)="2f6465762f6b766d00", 0x81, 0x0) ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f000075a000)=0x0) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f0000aee000)={{0xf000, 0x4000, 0x0, 0x1017, 0x0, 0xbd, 0x6, 0x1000, 0x1, 0x6, 0x1, 0x9, 0x0}, {0x10000, 0x2000, 0x0, 0x7, 0x3, 0x9, 0x9, 0x7, 0x81, 0x8, 0x6, 0x80000001, 0x0}, {0x10d002, 0x4000, 0xa, 0x800, 0x80, 0xbb6, 0x1, 0xfb7, 0x9, 0x8, 0x1, 0x0, 0x0}, {0x0, 0x4000, 0x0, 0x0, 0x2, 0x7, 0x80000001, 0xfffffffffffffffe, 0x400, 0x3, 0x2, 0x401, 0x0}, {0x5000, 0x5001, 0xc, 0xffffffffffff0000, 0x56, 0x101, 0x5f4c, 0x4, 0x35, 0x17d1, 0x5, 0x9, 0x0}, {0x4000, 0x5000, 0xc, 0x9, 0x19, 0x8b, 0x0, 0x200, 0x7fff, 0x101, 0x5, 0x7c14e688, 0x0}, {0x1f000, 0x4000, 0xa, 0x800, 0xe30, 0x4, 0x3, 0x6, 0x0, 0xffffffffffff8001, 0x2, 0x90000000000, 0x0}, {0x5000, 0xf000, 0xd, 0x9, 0xffffffff, 0x8, 0x1000, 0xfffffffffffffff8, 0x3, 0xfe33, 0x3, 0xfffffffffffffffc, 0x0}, {0x4, 0x10000, [0x0, 0x0, 0x0]}, {0x1, 0x1000, [0x0, 0x0, 0x0]}, 0x80000000, 0x0, 0x100006, 0x10010, 0x5, 0x4000, 0x100000, [0xfff, 0x8, 0x485a, 0x6]}) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_GET_CLOCK(r0, 0x8030ae7c, &(0x7f000024d000-0x30)={0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000241000/0x18000)=nil, &(0x7f0000777000)=[@textreal={0x8, &(0x7f0000ae8000-0x36)="e170705f058ec8f00fb11066b9e30800000732660ffdd7660f1239baf80c66b82204fb8566efba84fc0c0c9797ef394a00f30f3289bc0000", 0x38}], 0x1, 0x60, &(0x7f0000ae7000)=[], 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f000084e000)={0x8, 0x5}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 30.152892] *** Guest State *** [ 30.152896] CR0: actual=0x0000000080000028, shadow=0x0000000080000008, gh_mask=fffffffffffffff7 2017/08/11 21:15:15 executing program 2: mmap(&(0x7f0000000000/0xae5000)=nil, 0xae5000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000ae0000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f000000a000-0x8)={0x0, 0x7ff}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00003ba000/0x18000)=nil, &(0x7f000018e000)=[@text32={0x20, &(0x7f0000ae5000-0x58)="f20f5dea640f01d7b9ec0a0000b8934b549cba000000000f300f090fc76b000f38c8a4300001c0fec744240000800000c74424027dd05742c7442406000000000f011c2466b8ab008ec066bad104b024ee64660f38820482", 0x58}], 0x1, 0x0, &(0x7f0000adf000)=[@flags={0x3, 0x2c32ef086520573a}, @flags={0x3, 0x4040}], 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 30.152899] CR4: actual=0x0000000000002048, shadow=0x0000000000000008, gh_mask=fffffffffffff871 [ 30.152900] CR3 = 0x0000000000002000 [ 30.152902] RSP = 0x0000000000000f80 RIP = 0x0000000000008008 [ 30.152905] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 30.152908] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 30.152911] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 30.152915] DS: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 2017/08/11 21:15:15 executing program 1: mmap(&(0x7f0000000000/0xafa000)=nil, 0xafa000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000203000-0x9)="2f6465762f6b766d00", 0x80000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005000-0x9)="2f6465762f6b766d00", 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000afb000-0xc)={0x3, r3, 0x1}) mmap(&(0x7f0000afa000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000afb000-0x28)={0x7, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r5, &(0x7f0000274000/0x18000)=nil, &(0x7f0000107000)=[@text64={0x40, &(0x7f000099d000-0x64)="b6c3f8e788595d2a1ba31779d22e2453ab6fe204d8cb17bc3c4ab8e3e0483b9931418b5c1612cb68cb1f08acd253883205213823efd610026d3b892f9ecf43c837882ddb41cb3a22a62644cc9081d865b5c7d6d371bfbc1b7da5ab28911fcb5667d0b08b", 0x64}], 0x1, 0x42, &(0x7f0000aeb000+0x7dc)=[@efer={0x2, 0xc00}], 0x1) ioctl$KVM_S390_VCPU_FAULT(r5, 0x4008ae52, &(0x7f0000af7000)=0x9) ioctl$KVM_SET_DEBUGREGS(r5, 0x4080aea2, &(0x7f0000af9000-0x80)={[0x10f000, 0x2, 0x100000, 0x10000], 0xfffffffffffffffd, 0xa9, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_GET_MSRS(r5, 0xc008ae88, &(0x7f00005a0000-0x48)={0x4, 0x0, [{0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}]}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_REINJECT_CONTROL(r3, 0xae71, &(0x7f0000017000-0x20)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_XCRS(r5, 0x4188aea7, &(0x7f0000896000-0x58)={0x5, 0x4, [{0x9, 0x0, 0x800000000}, {0x2, 0x0, 0x26b}, {0x4, 0x0, 0x7fffffff}, {0x7f, 0x0, 0x6}, {0x997, 0x0, 0xc7}]}) ioctl$KVM_S390_INTERRUPT_CPU(r5, 0x4010ae94, &(0x7f000074e000)={0x5, 0x7, 0x100000000007}) ioctl$KVM_GET_XSAVE(r5, 0x9000aea4, &(0x7f0000012000)={"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"}) ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f0000af6000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, [0x0, 0x0, 0x0]}, {0x0, 0x0, [0x0, 0x0, 0x0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c0137bc281d9f1a, [0x0, 0x0, 0x0, 0x0]}) munlock(&(0x7f000000a000/0x4000)=nil, 0x4000) ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000017000)={0x10201, 0x0, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_GET_REGS(r5, 0x8090ae81, &(0x7f0000af9000-0x90)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1ff) ioctl$KVM_ASSIGN_PCI_DEVICE(r1, 0x8040ae69, &(0x7f000025e000-0x14)={0x7, 0x3, 0xe39d, 0x1, 0x9b4b}) [ 30.152920] SS: sel=0x0000, attr=0x0b071, limit=0x00001000, base=0x0000000000000000 [ 30.152923] ES: sel=0x0000, attr=0x04081, limit=0x00000000, base=0x0000000000000000 [ 30.152927] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 30.152931] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 30.152934] GDTR: limit=0x00000004, base=0x0000000000000000 [ 30.152939] LDTR: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000002000 [ 30.152941] IDTR: limit=0x00000000, base=0x0000000000000001 [ 30.152945] TR: sel=0x000a, attr=0x09059, limit=0x00000004, base=0x0000000000000000 [ 30.152948] EFER = 0x0000000000002001 PAT = 0x0007040600070406 [ 30.152951] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 30.152952] BndCfgS = 0x0000000000000000 [ 30.152954] Interruptibility = 00000008 ActivityState = 00000000 [ 30.152956] *** Host State *** [ 30.152958] RIP = 0xffffffff811b6777 RSP = 0xffff8800677574c8 [ 30.152963] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 30.152966] FSBase=00007f4c3a973700 GSBase=ffff88003fd00000 TRBase=ffff88003fd22cc0 [ 30.152969] GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 [ 30.152972] CR0=0000000080050033 CR3=000000003ad7c000 CR4=00000000000026e0 [ 30.152976] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 30.152979] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 30.152980] *** Control State *** [ 30.152982] PinBased=0000003f CPUBased=b6986dfe SecondaryExec=001000e2 [ 30.152984] EntryControls=0001d1ff ExitControls=00afefff [ 30.152987] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 30.152995] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 30.152997] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 30.152999] reason=80000021 qualification=0000000000000000 [ 30.153003] IDTVectoring: info=00000000 errcode=00000000 [ 30.153023] TSC Offset = 0xffffffe4d91b0824 [ 30.153026] EPT pointer = 0x0000000038d6801e [ 30.153028] Virtual processor ID = 0x07ad [ 30.189316] GDTBase=ffffffffff575000 IDTBase=ffffffffff57b000 [ 30.189921] CR0=0000000080050033 CR3=000000003b0af000 CR4=00000000000026e0 [ 30.190590] Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8449ef50 [ 30.191275] EFER = 0x0000000000000d01 PAT = 0x0007040600070406 [ 30.191878] *** Control State *** [ 30.192247] PinBased=0000003f CPUBased=b6986dfa SecondaryExec=001000e2 [ 30.192964] EntryControls=0001d1ff ExitControls=00afefff [ 30.193527] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 30.194212] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 30.194255] ------------[ cut here ]------------ [ 30.194279] WARNING: CPU: 0 PID: 7027 at arch/x86/kvm/mmu.c:719 mmu_spte_clear_track_bits+0x366/0x400 [ 30.194283] Kernel panic - not syncing: panic_on_warn set ... [ 30.194283] [ 30.194289] CPU: 0 PID: 7027 Comm: syz-executor5 Not tainted 4.13.0-rc4-next-20170811 #1 [ 30.194292] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 [ 30.194295] Call Trace: [ 30.194302] dump_stack+0x194/0x257 [ 30.194313] ? arch_local_irq_restore+0x53/0x53 [ 30.194333] panic+0x1e4/0x417 [ 30.194340] ? __warn+0x1d9/0x1d9 [ 30.194346] ? show_regs_print_info+0x65/0x65 [ 30.194360] ? __warn+0x1a9/0x1d9 [ 30.194374] ? mmu_spte_clear_track_bits+0x366/0x400 [ 30.194380] __warn+0x1c4/0x1d9 [ 30.194388] ? mmu_spte_clear_track_bits+0x366/0x400 [ 30.194398] report_bug+0x211/0x2d0 [ 30.194412] fixup_bug+0x40/0x90 [ 30.194421] do_trap+0x260/0x390 [ 30.194437] do_error_trap+0x120/0x390 [ 30.194449] ? do_trap+0x390/0x390 [ 30.194458] ? mmu_spte_clear_track_bits+0x366/0x400 [ 30.194466] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 30.194483] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 30.194497] do_invalid_op+0x1b/0x20 [ 30.194503] invalid_op+0x1e/0x30 [ 30.194510] RIP: 0010:mmu_spte_clear_track_bits+0x366/0x400 [ 30.194513] RSP: 0018:ffff880054b572f0 EFLAGS: 00010212 [ 30.194519] RAX: 0000000000010000 RBX: 1ffff1000a96ae60 RCX: ffffc900029e1000 [ 30.194523] RDX: 000000000000086f RSI: ffffffff810f0436 RDI: ffffea00011d30cc [ 30.194526] RBP: ffff880054b57408 R08: 0000000000000001 R09: 0000000000000000 [ 30.194530] R10: ffff880054b575a0 R11: 0000000000000004 R12: 40000000517bac77 [ 30.194533] R13: 1ffff1000a96ae64 R14: ffff880054b573e0 R15: 00000000000517ba [ 30.194553] ? mmu_spte_clear_track_bits+0x366/0x400 [ 30.194569] ? mmu_spte_update+0x220/0x220 [ 30.194576] ? __schedule+0x8f0/0x2070 [ 30.194593] ? check_noncircular+0x20/0x20 [ 30.194607] ? plist_check_head+0xe2/0x130 [ 30.194621] drop_spte+0x24/0x270 [ 30.194634] kvm_zap_rmapp+0x7e/0xd0 [ 30.194642] ? drop_spte+0x270/0x270 [ 30.194651] ? __lock_is_held+0xb6/0x140 [ 30.194659] ? rmap_walk_init_level+0x1a/0x200 [ 30.194676] kvm_unmap_rmapp+0x1d/0x30 [ 30.194686] kvm_handle_hva_range+0x3ed/0x6e0 [ 30.194702] ? kvm_zap_rmapp+0xd0/0xd0 [ 30.194715] ? shadow_page_table_clear_flood+0x5c0/0x5c0 [ 30.194722] ? kvm_mmu_notifier_invalidate_range_start+0x66/0x130 [ 30.194730] ? kvm_flush_remote_tlbs+0x150/0x150 [ 30.194742] ? lock_release+0xa40/0xa40 [ 30.194750] ? lock_release+0xa40/0xa40 [ 30.194756] ? _cond_resched+0x14/0x30 [ 30.194779] kvm_unmap_hva_range+0x2e/0x40 [ 30.194789] kvm_mmu_notifier_invalidate_range_start+0x9a/0x130 [ 30.194801] ? kvm_flush_remote_tlbs+0x150/0x150 [ 30.194809] __mmu_notifier_invalidate_range_start+0x1cd/0x2d0 [ 30.194823] ? mmu_notifier_unregister_no_release+0x3f0/0x3f0 [ 30.194837] ? drop_futex_key_refs.isra.12+0x63/0xb0 [ 30.194845] ? futex_wait+0x6cf/0xa00 [ 30.194861] unmap_vmas+0x14b/0x1b0 [ 30.194873] unmap_region+0x2b2/0x4f0 [ 30.194888] ? reusable_anon_vma+0x560/0x560 [ 30.194896] ? futex_wake+0x2ca/0x680 [ 30.194908] ? may_expand_vm+0x5ba/0x860 [ 30.194938] ? userfaultfd_remove+0x220/0x220 [ 30.194943] ? vmacache_find+0x61/0x270 [ 30.194949] ? vmacache_update+0xfe/0x130 [ 30.194960] ? find_vma+0x30/0x150 [ 30.194972] do_munmap+0x726/0xdf0 [ 30.194992] mmap_region+0x59e/0x15a0 [ 30.195011] ? SyS_brk+0x6f0/0x6f0 [ 30.195018] ? arch_get_unmapped_area_topdown+0xba/0x8a0 [ 30.195032] ? arch_get_unmapped_area+0x750/0x750 [ 30.195038] ? lock_acquire+0x1d5/0x580 [ 30.195044] ? vm_mmap_pgoff+0x198/0x280 [ 30.195056] ? selinux_mmap_addr+0x1f/0xf0 [ 30.195066] ? security_mmap_addr+0x79/0xa0 [ 30.195077] ? get_unmapped_area+0x265/0x300 [ 30.195091] do_mmap+0x69b/0xd40 [ 30.195105] ? mmap_region+0x15a0/0x15a0 [ 30.195110] ? vm_mmap_pgoff+0x198/0x280 [ 30.195118] ? down_write+0x120/0x120 [ 30.195126] ? security_mmap_file+0x14e/0x190 [ 30.195139] vm_mmap_pgoff+0x1de/0x280 [ 30.195158] ? vma_is_stack_for_current+0xa0/0xa0 [ 30.195169] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 30.195177] ? kasan_check_write+0x14/0x20 [ 30.195190] ? SyS_futex+0x28e/0x380 [ 30.195202] SyS_mmap_pgoff+0x23b/0x5f0 [ 30.195216] ? find_mergeable_anon_vma+0xd0/0xd0 [ 30.195224] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 30.195233] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 30.195246] SyS_mmap+0x16/0x20 [ 30.195252] entry_SYSCALL_64_fastpath+0x1f/0xbe [ 30.195257] RIP: 0033:0x446739 [ 30.195260] RSP: 002b:00007fdfd8628c08 EFLAGS: 00000282 ORIG_RAX: 0000000000000009 [ 30.195267] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000446739 [ 30.195270] RDX: 0000000000000003 RSI: 0000000000af1000 RDI: 0000000020000000 [ 30.195274] RBP: 0000000000000086 R08: ffffffffffffffff R09: 0000000000000000 [ 30.195278] R10: 0000000000000032 R11: 0000000000000282 R12: 00000000ffffffff [ 30.195281] R13: 0000000000003690 R14: 00000000006e5750 R15: 0000000000002000 [ 30.196156] Dumping ftrace buffer: [ 30.196219] (ftrace buffer empty) [ 30.196221] Kernel Offset: disabled [ 30.229418] Rebooting in 86400 seconds..