last executing test programs: 35m12.903491668s ago: executing program 1 (id=36): r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) (async) r4 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x5, 0x4, &(0x7f00000004c0)=0x6f7}) (async) r5 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = eventfd2(0xfffffffa, 0x80001) ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r8}) (async) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616}) (async) ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000180)={0x10000, 0x4000}) (async) r9 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r9, 0xae80, 0x0) (async) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000000340)=@attr_arm64={0x0, 0x0, 0x0, 0xffffffffffffffff}) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) ioctl$KVM_GET_API_VERSION(r10, 0xae00, 0x0) (async) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x2e) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r12, 0x4018aee2, &(0x7f0000000080)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000000)=0x7}) (async) syz_kvm_setup_cpu$arm64(r11, r12, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000200)=@arm64_core={0x6030000000100042, &(0x7f0000000240)=0x2}) 35m12.146053197s ago: executing program 0 (id=37): syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000b80)={0x0, &(0x7f0000001040)=[@its_setup={0x82, 0x28, {0x0, 0x2, 0x28}}, @svc={0x122, 0x40, {0x800, [0x212, 0x2, 0x0, 0x3, 0x5717]}}, @msr={0x14, 0x20, {0x6030000000138002}}, @uexit={0x0, 0x18, 0x3}, @msr={0x14, 0x20, {0x603000000013e6c9, 0x50000000000}}, @uexit={0x0, 0x18, 0x3}, @uexit={0x0, 0x18, 0x800}, @mrs={0xbe, 0x18, {0x603000000013c210}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0x15b}}, @eret={0xe6, 0x18, 0x5}, @eret={0xe6, 0x18, 0x85ff}, @memwrite={0x6e, 0x30, @generic={0x0, 0x947, 0x5, 0x2}}, @msr={0x14, 0x20, {0x6030000000131a01, 0x4}}, @hvc={0x32, 0x40, {0x84000003, [0x7f, 0x3, 0x7, 0x5, 0x2]}}, @mrs={0xbe, 0x18, {0x603000000013df5a}}, @svc={0x122, 0x40, {0x400, [0x3ff, 0xef9, 0x0, 0x66, 0x9]}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x4, 0x2, 0xbae8, 0x1ff}}, @hvc={0x32, 0x40, {0xc4000004, [0x9, 0x1, 0x7ffb, 0xffff, 0x7]}}, @eret={0xe6, 0x18, 0x6}, @its_setup={0x82, 0x28, {0x1, 0x0, 0xb9}}, @irq_setup={0x46, 0x18, {0x4, 0x104}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x1, 0x1, 0x6, 0x5, 0x1}}, @eret={0xe6, 0x18, 0xfffffffffffffffe}, @hvc={0x32, 0x40, {0x86000001, [0x8000, 0x0, 0x3, 0x7, 0x1]}}, @code={0xa, 0x84, {"0000206b000380d20040b0f2c10180d2820080d2e30180d2840180d2020000d400082078a0f587d200e0b0f2210180d2220180d2630080d2240080d2020000d40060b8f2810080d2a20180d2830080d2240080d2020000d4002c000e000020cb0008c0380028285e00e4005f0074005f"}}], 0x40c}, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) r6 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r5, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0) (async, rerun: 64) r7 = eventfd2(0x0, 0x0) (rerun: 64) close(r7) (async, rerun: 64) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) (async, rerun: 64) write$eventfd(r7, &(0x7f0000000180)=0x5, 0xfffffde3) write$eventfd(r7, 0x0, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async, rerun: 64) r8 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0) (rerun: 64) r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@smc={0x1e, 0x40, {0x80000001, [0x3f, 0x9, 0x5, 0x6, 0x7]}}], 0x40}, 0x0, 0x0) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000180)=[{0x0, &(0x7f0000001480)=[@eret={0xe6, 0x18, 0x5}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x2f7}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x361}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x1, 0x7, 0x1, 0x5}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x3b2}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff0, 0x2, 0xb}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x0, 0x8, 0xa8, 0x80000001, 0x3}}, @its_setup={0x82, 0x28, {0x4, 0x3, 0x13d}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xffe8, 0x168}}, @hvc={0x32, 0x40, {0x4000, [0x3, 0x5, 0x4, 0x6, 0x5a6]}}, @uexit={0x0, 0x18, 0x6}, @hvc={0x32, 0x40, {0x3000000, [0x4e9e, 0x4, 0xf, 0x5]}}, @msr={0x14, 0x20, {0x603000000013dea3, 0x9}}, @irq_setup={0x46, 0x18, {0x2, 0x3b4}}, @code={0xa, 0xcc, {"007008d5c0a196d20040b8f2c10180d2620080d2030080d2040080d2020000d400e0200e60e98bd20000b0f2010080d2420180d2230180d2440180d2020000d4006b87d20020b0f2c10180d2020080d2030180d2840080d2020000d400a8302e008008d500309cd20040b0f2c10180d2a20180d2030180d2640080d2020000d4e09d8ad20000b0f2e10180d2c20080d2030080d2640180d2020000d420779cd20040b0f2010180d2e20080d2a30080d2440180d2020000d4"}}, @smc={0x1e, 0x40, {0xc4000053, [0xc1, 0x400, 0x0, 0x8, 0x8000]}}, @msr={0x14, 0x20, {0x603000000013dee3, 0x2}}, @smc={0x1e, 0x40, {0x84000008, [0x3, 0x10001, 0x3, 0x400, 0x6]}}, @code={0xa, 0x6c, {"007008d5000000fdc0269dd200c0b8f2e10180d2a20080d2830080d2c40180d2020000d40000200ec00094d20040b0f2a10180d2c20080d2430080d2240080d2020000d4007008d500a8a17e000028d50070202e007008d5"}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x4, 0x3, 0x9, 0x3}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x397}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0xffd0}}, @its_setup={0x82, 0x28, {0x4, 0x3, 0x1ea}}, @uexit={0x0, 0x18, 0x1}, @code={0xa, 0x9c, {"a0ad9dd20000b8f2e10180d2c20180d2430080d2a40180d2020000d4007008d560d987d20060b0f2610180d2420180d2230180d2440080d2020000d4007008d5008008d50004805a000008d5804d91d20020b8f2810080d2820080d2230080d2c40080d2020000d460b59bd20080b8f2810180d2a20180d2e30180d2040180d2020000d400004069"}}, @hvc={0x32, 0x40, {0x84000001, [0x0, 0xfe6c, 0x5, 0x9, 0x401]}}, @msr={0x14, 0x20, {0x11b2, 0x1}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x80, 0x400000000000, 0x9}}, @uexit={0x0, 0x18, 0x7fffffffffffffff}, @code={0xa, 0x9c, {"000008d5808690d200c0b0f2210080d2c20180d2630080d2240080d2020000d400c0221e007008d5a01c91d20020b8f2e10180d2220080d2030080d2240080d2020000d4a0bd88d20000b8f2810180d2a20080d2830180d2240080d2020000d4000028d5e0ea90d20000b0f2c10180d2020180d2430180d2040080d2020000d40000006a008008d5"}}, @mrs={0xbe, 0x18, {0x6030000000138056}}, @smc={0x1e, 0x40, {0x20, [0x1d83, 0x300000000000, 0x0, 0x9]}}], 0x708}], 0x1, 0x0, &(0x7f0000000a40)=[@featur2={0x1, 0x42}], 0x1) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f00000001c0)="fb0149dd833be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8faa767969d22627e700", 0x0, 0x48) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) (async, rerun: 32) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) r12 = eventfd2(0x0, 0x0) ioctl$KVM_CREATE_VM(r12, 0x4020940d, 0x20000000) ioctl$KVM_IRQ_LINE_STATUS(r10, 0xc008ae67, &(0x7f0000000a80)={0x7ff, 0x3ff}) 35m0.924798688s ago: executing program 0 (id=38): mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x1000001, 0xdc032, 0xffffffffffffffff, 0x0) (async, rerun: 32) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x480640, 0x0) (rerun: 32) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000180)=@riscv64_sbi_fwft={0x803000000a010002, &(0x7f0000000380)=0x1}) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) (async) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013df54, &(0x7f0000000240)=0x3}) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r4, 0x4068aea3, &(0x7f00000001c0)={0xa8, 0x0, 0x3}) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x3) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000000000/0x3000)=nil, 0x0, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async, rerun: 32) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x181100, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0xdc032, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f00000001c0)={0x8}) r7 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) (async, rerun: 64) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 64) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = eventfd2(0x0, 0x0) close(r12) (async) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x20100, 0x0) ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f0000000140)={0x1ff, 0xdddc1000, 0x0, r12, 0x4}) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000640)=@arm64_core={0x6030000000100024, &(0x7f0000000000)=0x4ab}) (async, rerun: 64) ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000240)=@arm64_core={0x603000000010004e, &(0x7f0000000200)=0x8000000000000000}) (rerun: 64) 35m0.268478051s ago: executing program 1 (id=39): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x10001, 0x3, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x80400, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x2b) ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r6, 0x4010ae68, &(0x7f0000001480)={0xfffffffffffffdfd, 0x13000, 0xffffffff}) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x2, 0x100) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = eventfd2(0xeffffffd, 0x801) ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f0000000000)={0x200, 0x4000, 0x4, r11, 0x1}) ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r11, 0x3}) ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f00000000c0)={0x3, 0x0, 0x1, r11, 0xf}) r12 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000b80)={0x0, &(0x7f0000000080)=[@hvc={0x32, 0x40, {0x84000001, [0x9, 0x8, 0x5, 0x603c8354, 0x400000000000200]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_IRQ_LINE(r12, 0x4008ae61, &(0x7f0000000000)={0x0, 0x100}) ioctl$KVM_RUN(r14, 0xae80, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x8001, 0x0) ioctl$KVM_RUN(r14, 0xae80, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) 34m52.951939567s ago: executing program 0 (id=40): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async) r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000fff000/0x1000)=nil, r2, 0x200000b, 0x12, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, r2, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5) 34m45.502125132s ago: executing program 0 (id=41): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138010, 0x8000}}, @msr={0x14, 0x20, {0x603000000013801c, 0x8000}}], 0x40}, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x28) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r5, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000}) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1) r7 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x12) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x30) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2f) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_GUEST_MEMFD(r9, 0xc040aed4, &(0x7f0000000080)={0x100000000, 0x3}) ioctl$KVM_SET_USER_MEMORY_REGION2(r9, 0x40a0ae49, &(0x7f0000000140)={0x2, 0x4, 0xf000, 0x1000, &(0x7f0000e21000/0x1000)=nil, 0x0, r10}) ioctl$KVM_SET_USER_MEMORY_REGION2(r9, 0x40a0ae49, &(0x7f0000000080)={0x1fd, 0x4, 0x8000000, 0x2000, &(0x7f0000ffd000/0x2000)=nil, 0x10000, r10}) r11 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) ioctl$KVM_RESET_DIRTY_RINGS(r11, 0xaec7) r12 = ioctl$KVM_GET_STATS_FD_vm(r5, 0xaece) ioctl$KVM_SET_GSI_ROUTING(r6, 0x4008ae6a, &(0x7f0000000000)={0x8, 0x0, [{0x8001, 0x4, 0x1, 0x0, @adapter={0x1, 0x26f, 0x9, 0x20, 0x3}}, {0x40, 0x5, 0x1, 0x0, @msi={0x80000001, 0x19ed, 0xffff0001, 0x3}}, {0xfff, 0x3, 0x0, 0x0, @sint={0x2, 0x10000}}, {0xc, 0x4, 0x0, 0x0, @sint={0xf99c405, 0x4}}, {0x5, 0x4, 0x0, 0x0, @sint={0xffffffff, 0x2}}, {0x8, 0x3, 0x0, 0x0, @msi={0x9, 0x0, 0x2, 0x6}}, {0x10, 0x5e5b80e932acd07e, 0x1, 0x0, @msi={0x1, 0x400, 0x0, 0x6}}, {0x400, 0x3, 0x0, 0x0, @sint={0xff}}]}) ioctl$KVM_RESET_DIRTY_RINGS(r12, 0xaec7) 34m37.934630785s ago: executing program 1 (id=42): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x62a981, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2b) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000aec000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000040)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f00000000c0)=@arm64={0x7, 0x0, 0xfc, '\x00', 0x4}) ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f0000000100)={0xb6, 0x0, 0x7af9}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000080)=@arm64={0xd, 0x8, 0x7, '\x00', 0x2d}) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000080)={0x2, 0x0, [{0x0, 0x1, 0x0, 0x0, @msi}, {0x0, 0x1, 0x0, 0x0, @msi={0x1f}}]}) munmap(&(0x7f00005ed000/0x800000)=nil, 0x800000) 34m31.574672679s ago: executing program 1 (id=43): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd2(0x8, 0x80800) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c807, &(0x7f0000000280)=0x1}) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x1, r2, 0x2}) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, r2, 0x3}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) eventfd2(0x8, 0x80800) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) ioctl$KVM_RUN(r6, 0xae80, 0x0) (async) ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c807, &(0x7f0000000280)=0x1}) (async) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x1, r2, 0x2}) (async) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, r2, 0x3}) (async) 34m15.920600417s ago: executing program 1 (id=44): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xe800, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3}) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, r4, 0x2000003, 0x2013, r3, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000080)) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) close(r3) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000007, 0x23ac5f9b426eccb2, 0xffffffffffffffff, 0x0) 34m14.873931885s ago: executing program 0 (id=45): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000200)={0x3, "e0b52f"}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x6, 0x86, 0x6, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, 0x8, '\x00', 0x1, 0x7}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r4, 0x280000b, 0x11, r3, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b8540003000000000000001ce16f8f1f449a7a8356732f2b54ebb2aa76c869d22627e700000600", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x230000, 0x1f01) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r7, &(0x7f00000001c0), 0xe80) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x3}) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x9b, 0xf, 0x0, 0x5, 0x8, 0x82, 0x6, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x100001, 0x12c, 0x0, 0x3, 0xa, 0x8, '\x00', 0x1, 0x3ff}) write$eventfd(r10, &(0x7f00000001c0)=0x3, 0x8e80) 34m9.062542143s ago: executing program 1 (id=46): r0 = eventfd2(0x2, 0x80000) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, r0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x5, 0xb, 0x0, 0x2, 0x6, 0x6, 0x9, 0x8, 0x89, 0x2, 0x2, 0x0, 0x6, 0x6, 0xe2, 0x3, 0x29, 0x0, '\x00', 0x10, 0x6}) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x34) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r3, &(0x7f00000001c0), 0xe80) 34m3.999866793s ago: executing program 0 (id=47): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2b) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x40000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000ffb000/0x3000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x1, 0xe000, 0x1}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000080)={0x3000, 0x1000, 0x1}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000040)={0x0, 0x10c000, 0x1}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x480, 0x0) ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0xdf) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2b) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x40000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) (async) ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000ffb000/0x3000)=nil}) (async) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x1, 0xe000, 0x1}) (async) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000080)={0x3000, 0x1000, 0x1}) (async) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000040)={0x0, 0x10c000, 0x1}) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x480, 0x0) (async) ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0xdf) (async) 33m22.702312157s ago: executing program 32 (id=46): r0 = eventfd2(0x2, 0x80000) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, r0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x5, 0xb, 0x0, 0x2, 0x6, 0x6, 0x9, 0x8, 0x89, 0x2, 0x2, 0x0, 0x6, 0x6, 0xe2, 0x3, 0x29, 0x0, '\x00', 0x10, 0x6}) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x34) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r3, &(0x7f00000001c0), 0xe80) 33m17.392676102s ago: executing program 33 (id=47): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2b) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x40000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000ffb000/0x3000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x1, 0xe000, 0x1}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000080)={0x3000, 0x1000, 0x1}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000040)={0x0, 0x10c000, 0x1}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x480, 0x0) ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0xdf) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2b) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x40000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) (async) ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000ffb000/0x3000)=nil}) (async) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x1, 0xe000, 0x1}) (async) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000080)={0x3000, 0x1000, 0x1}) (async) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000040)={0x0, 0x10c000, 0x1}) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x480, 0x0) (async) ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0xdf) (async) 27m50.792170305s ago: executing program 2 (id=48): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x3}) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r3, 0x400454d0, 0x2f) r4 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@code={0xa, 0xfffffffffffffd53, {"203092d200e0b8f2610180d2a20180d2430180d2640080d2020000d40020200e007008d5007008d50014000f008008d5a09d85d20080b8f2810180d2420080d2630180d2040080d2020000d4007008d5800c94d200e0b8f2e10180d2020080d2c30080d2040180d2020000d460179ed200a0b0f2610180d2020180d2230080d2640180d2020000d4"}}], 0x9c}, &(0x7f0000000300), 0x2e) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r5, 0xae80, 0x0) close(0x4) close(0x5) 27m37.5787746s ago: executing program 2 (id=50): syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f00000002c0)=[@svc={0x122, 0x40, {0xc4000014, [0x2, 0x0, 0x400, 0xffffffffffffffff, 0xffffffff7fffffff]}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x7, 0x3, 0x10, 0x0, 0x0, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013f100}}, @smc={0x1e, 0x40, {0xc5000020, [0x7fffffff, 0x9, 0x390, 0x1a, 0x9]}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x34e}}, @eret={0xe6, 0x18, 0x101}, @code={0xa, 0xcc, {"0098a10e008008d5e0c399d20040b8f2a10180d2020180d2030180d2840080d2020000d4007008d580b695d20080b8f2210180d2220180d2830180d2640080d2020000d4c0d380d20060b0f2810180d2420180d2e30180d2a40080d2020000d480c999d20060b0f2210180d2820080d2830180d2840180d2020000d420f490d20020b8f2c10180d2420180d2230180d2640080d2020000d4a09588d20020b8f2e10080d2220180d2c30080d2040080d2020000d4000440b8"}}, @irq_setup={0x46, 0x18, {0x1, 0x33e}}, @uexit={0x0, 0x18, 0x4}, @uexit={0x0, 0x18, 0x46ea}, @memwrite={0x6e, 0x30, @generic={0xffffffff, 0xe33, 0x4, 0x6}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x380, 0x9, 0xe}}, @eret={0xe6, 0x18, 0x1}], 0x28c}, &(0x7f0000000040)=[@featur1={0x1, 0x61}], 0x1) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) (async) r4 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, 0xffffffffffffffff, 0x3}) ioctl$KVM_CREATE_VM(r4, 0x401c5820, 0x20000001) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) (async) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000080)=@arm64_sys={0x603000000013df5d, &(0x7f00000001c0)=0x20000000004}) 27m32.943327699s ago: executing program 3 (id=49): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x34) r3 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2c) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000000)=@arm64_fw={0x6030000000140000, &(0x7f00000000c0)=0xddce}) (async) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f00000001c0)={0x8}) (async) ioctl$KVM_CAP_HALT_POLL(r2, 0x4068aea3, &(0x7f0000000000)={0xb6, 0x0, 0x736}) (async) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r9, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0) (async) r11 = eventfd2(0x0, 0x0) close(r11) (async) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) write$eventfd(r11, &(0x7f0000000180)=0x5, 0xfffffde3) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) (async) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000000)={0xef, 0x0, 0x7}) (async) write$eventfd(r11, 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x83) (async) r12 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) ioctl$KVM_CREATE_IRQCHIP(r12, 0xae60) 27m24.012411957s ago: executing program 2 (id=51): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, &(0x7f0000000200)=[@smc={0x1e, 0x40, {0x84000053, [0x0, 0x7, 0x2, 0x3, 0x4]}}], 0x40}, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x2, 0xd, 0x0, 0xffffff58}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x2, 0xc, 0x2, 0x5, 0x3}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x3, 0xa, 0xffffffff, 0xf4, 0x1}}], 0x78}, &(0x7f0000000100)=[@featur1={0x1, 0x20}], 0x1) r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) openat$kvm(0x0, 0x0, 0x0, 0x0) syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x4, 0x100) (async) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x9, 0xb, 0x0, 0x5, 0x6, 0x6, 0x6, 0x48, 0x88, 0x64, 0x9, 0x0, 0x9, 0x40006, 0xe, 0x3, 0x7, 0x0, '\x00', 0x10, 0x6}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r9, &(0x7f00000001c0)=0x7ffffff, 0xe80) (async) r10 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f1, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce1, 0x7ffe}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r11, 0xae80, 0x0) r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000f88000/0x3000)=nil, r12, 0x2000000, 0x110, r4, 0x0) 26m44.993342678s ago: executing program 34 (id=49): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x34) r3 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2c) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000000)=@arm64_fw={0x6030000000140000, &(0x7f00000000c0)=0xddce}) (async) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f00000001c0)={0x8}) (async) ioctl$KVM_CAP_HALT_POLL(r2, 0x4068aea3, &(0x7f0000000000)={0xb6, 0x0, 0x736}) (async) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r9, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0) (async) r11 = eventfd2(0x0, 0x0) close(r11) (async) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) write$eventfd(r11, &(0x7f0000000180)=0x5, 0xfffffde3) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) (async) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000000)={0xef, 0x0, 0x7}) (async) write$eventfd(r11, 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x83) (async) r12 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) ioctl$KVM_CREATE_IRQCHIP(r12, 0xae60) 26m33.98618187s ago: executing program 35 (id=51): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, &(0x7f0000000200)=[@smc={0x1e, 0x40, {0x84000053, [0x0, 0x7, 0x2, 0x3, 0x4]}}], 0x40}, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x2, 0xd, 0x0, 0xffffff58}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x2, 0xc, 0x2, 0x5, 0x3}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x3, 0xa, 0xffffffff, 0xf4, 0x1}}], 0x78}, &(0x7f0000000100)=[@featur1={0x1, 0x20}], 0x1) r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) openat$kvm(0x0, 0x0, 0x0, 0x0) syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x4, 0x100) (async) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x9, 0xb, 0x0, 0x5, 0x6, 0x6, 0x6, 0x48, 0x88, 0x64, 0x9, 0x0, 0x9, 0x40006, 0xe, 0x3, 0x7, 0x0, '\x00', 0x10, 0x6}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r9, &(0x7f00000001c0)=0x7ffffff, 0xe80) (async) r10 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f1, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce1, 0x7ffe}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r11, 0xae80, 0x0) r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000f88000/0x3000)=nil, r12, 0x2000000, 0x110, r4, 0x0) 17m12.880298117s ago: executing program 4 (id=57): r0 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) ioctl$KVM_SET_SIGNAL_MASK(r1, 0x4004ae8b, &(0x7f00000000c0)={0x30, "e805a32d81a2efadbd4456e6f5ee3e95b353723bd5fbf808a6412f64eca3f3774b0b88b2a3679bbc3422802b1a8f83b7"}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r4 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000340)={0x5}) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r5, 0x4010aeb5, &(0x7f0000000140)={0x1}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000040)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x0, 0x3, 0x0}) ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1) (async) ioctl$KVM_CAP_HALT_POLL(r3, 0x4068aea3, &(0x7f0000000000)={0xdf, 0x0, 0x10000}) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x6832, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f00000011c0)=@attr_set_pmu={0x0, 0x0, 0x3, 0x0}) ioctl$KVM_CAP_HALT_POLL(r3, 0x4068aea3, &(0x7f0000000000)={0xe1}) r14 = ioctl$KVM_CREATE_VM(r0, 0xae03, 0x800000000c1) ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x1) 16m56.880436955s ago: executing program 5 (id=59): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x6) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000140), 0x400, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f00000000c0)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x3}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x2, &(0x7f0000000240)}) r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000000)={0x5, 0x4}) ioctl$KVM_RUN(r7, 0xae80, 0x0) r8 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DIRTY_LOG(r8, 0x4010ae42, 0x0) r9 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000a, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000380)="f30149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a3ff7fbc51869be2e2e0000000000000f000000000000000001000000000000000000000000000e00", 0x0, 0x34) r10 = ioctl$KVM_GET_STATS_FD_cpu(r2, 0xaece) ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000080)={0x101ff, 0x1, 0xb000, 0x1000, &(0x7f0000002000/0x1000)=nil, 0xfffffffffffffff7, r10}) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x64c542, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x6) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) 16m53.773474415s ago: executing program 4 (id=60): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000100)={0x4, 0xffffffffffffffff}) ioctl$KVM_HAS_DEVICE_ATTR(r7, 0x4018aee3, &(0x7f0000000180)=@attr_other={0x0, 0xffffffff, 0x80080, 0x0}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000240)=@attr_other={0x0, 0x8, 0x200000000000090, &(0x7f0000000000)=0x12}) 16m40.20377263s ago: executing program 5 (id=61): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x28081, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000769000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000080)=[@featur2={0x1, 0x5}], 0x1) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0xcd) r7 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000380)={0x0, &(0x7f0000000100)=[@smc={0x1e, 0x40, {0x84000004, [0x3, 0x3, 0x2, 0x3f8b, 0xf7b0]}}], 0x40}, &(0x7f00000000c0)=[@featur2={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r1, 0x4010aeb5, &(0x7f0000000000)={0x46, 0xfffffffffffffffd}) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000040)=@arm64_sys={0x603000000013df01, &(0x7f0000000600)=0xfffffffffffffff9}) 16m37.650297066s ago: executing program 4 (id=62): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x3}}], 0x68}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x4, 0x0, 0x0}) (async) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r6 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r5, 0x3, 0x11, r3, 0x0) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x80000, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async) r11 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000340)={0x0, 0x8000000, 0x4, r11, 0x1}) (async) syz_kvm_vgic_v3_setup(r8, 0x2000000000001, 0x60) (async) ioctl$KVM_RUN(r10, 0xae80, 0x0) syz_kvm_assert_syzos_uexit$arm64(r3, r6, 0xfffffffffffffffe) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_kvm_assert_syzos_uexit$arm64(r3, r6, 0xffffffffffffffff) 16m22.892010381s ago: executing program 5 (id=63): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x8}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x5, 0xfffffffe, 0x0, 0x0, 0x79}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x3, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 16m21.757756713s ago: executing program 4 (id=64): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x8}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x5, 0xfffffffe, 0x0, 0x0, 0x79}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x3, 0x100) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x28081, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000769000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000080)=[@featur2={0x1, 0x5}], 0x1) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000380)={0x0, &(0x7f0000000100)=[@smc={0x1e, 0x40, {0x84000004, [0x3, 0x3, 0x2, 0x3f8b, 0xf7b0]}}], 0x40}, &(0x7f00000000c0)=[@featur2={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 16m7.69840932s ago: executing program 5 (id=65): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x36) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) syz_kvm_vgic_v3_setup(r7, 0x2, 0x2e0) ioctl$KVM_RUN(r9, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000580000/0x4000)=nil, r5, 0x5, 0x12, r9, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x2e200, 0x0) r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04) r12 = mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, r11, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xe001, 0x0) r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r13, 0xae04) mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, r14, 0x3000002, 0x8a031, 0xffffffffffffffff, 0x0) ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, 0xffffffffffffffff, 0x3}) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) 16m5.768489449s ago: executing program 4 (id=66): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r1, 0x4010aeb5, &(0x7f0000000240)={0xc15}) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000040)=@arm64_sys={0x603000000013df01, &(0x7f0000000600)=0xfffffffffffffff9}) 15m52.685582576s ago: executing program 5 (id=67): munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000dff000/0x4000)=nil, 0x4000) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x35) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000300)=[@svc={0x122, 0x40, {0xca00024f, [0x7, 0x8000000000000, 0x4b, 0x8, 0x4]}}, @irq_setup={0x46, 0x18, {0x2, 0x2e8}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0xa0}}, @hvc={0x32, 0x40, {0x3f000000, [0x7, 0x1ff, 0x2c90000000, 0x9, 0xa2d]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x208, 0x0, 0x4}}, @uexit={0x0, 0x18, 0x6}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x11a}}, @irq_setup={0x46, 0x18, {0x1, 0x148}}, @code={0xa, 0x6c, {"c0059cd20080b0f2a10080d2020180d2230080d2240180d2020000d4007008d5000028d5007008d50048201e007008d540d89fd20000b8f2010080d2820080d2430180d2640080d2020000d4008008d50000c00c008008d5"}}, @svc={0x122, 0x40, {0xc4000004, [0x9, 0x0, 0x800, 0x98f, 0xc]}}, @hvc={0x32, 0x40, {0x84000004, [0x5ef, 0xd, 0x3, 0x40, 0x5ec6]}}], 0x234}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x180) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0xc0001, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x25) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[@its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x0, 0xe, 0x0, 0x5, 0x1}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)=0x7}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee2, 0x0) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000) munmap(&(0x7f0000f40000/0x4000)=nil, 0x4000) 15m39.719684581s ago: executing program 4 (id=68): syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2c) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) r5 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r6, 0x4010aeab, &(0x7f0000000000)={0xbf4}) (async) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r6, 0x4010aeab, &(0x7f0000000000)={0xbf4}) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000000)={0x0, &(0x7f0000000540)}, 0x0, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2) openat$kvm(0xffffffffffffff9c, 0x0, 0x8a902, 0x0) (async) r10 = openat$kvm(0xffffffffffffff9c, 0x0, 0x8a902, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) (async) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) (async) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_GSI_ROUTING(r11, 0x4008ae6a, 0x0) r13 = syz_kvm_add_vcpu$arm64(r12, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r13, 0xae80, 0x0) (async) ioctl$KVM_RUN(r13, 0xae80, 0x0) ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_RUN(r9, 0xae80, 0x0) syz_kvm_vgic_v3_setup(r8, 0x4, 0x2e0) r14 = openat$kvm(0xffffffffffffff9c, 0x0, 0x161642, 0x0) ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) 15m34.645259539s ago: executing program 5 (id=69): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000240)={0x8}) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffc000/0x1000)=nil, r4, 0x1000000, 0x4010, r3, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x400001, 0x20}}], 0x18}, 0x0, 0x0) r10 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000340)={0x1a64afb6, 0x8000000, 0x4, r10}) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x28) write$eventfd(0xffffffffffffffff, &(0x7f00000001c0)=0x3, 0xfdef) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) ioctl$KVM_RUN(r14, 0xae80, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r14, 0x4040aea0, &(0x7f0000000000)=@x86={0x9, 0xe, 0x3, 0x0, 0x1b2, 0x99, 0xc, 0x9, 0x4, 0xa, 0x5, 0x0, 0x0, 0x6, 0x1, 0x11, 0x1, 0x9, 0xfb, '\x00', 0x97, 0x9}) ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18}) close(0x5) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) ioctl$KVM_RUN(r9, 0xae80, 0x0) 14m56.711114212s ago: executing program 36 (id=68): syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2c) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) r5 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r6, 0x4010aeab, &(0x7f0000000000)={0xbf4}) (async) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r6, 0x4010aeab, &(0x7f0000000000)={0xbf4}) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000000)={0x0, &(0x7f0000000540)}, 0x0, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2) openat$kvm(0xffffffffffffff9c, 0x0, 0x8a902, 0x0) (async) r10 = openat$kvm(0xffffffffffffff9c, 0x0, 0x8a902, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) (async) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) (async) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_GSI_ROUTING(r11, 0x4008ae6a, 0x0) r13 = syz_kvm_add_vcpu$arm64(r12, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r13, 0xae80, 0x0) (async) ioctl$KVM_RUN(r13, 0xae80, 0x0) ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_RUN(r9, 0xae80, 0x0) syz_kvm_vgic_v3_setup(r8, 0x4, 0x2e0) r14 = openat$kvm(0xffffffffffffff9c, 0x0, 0x161642, 0x0) ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) 14m45.083383367s ago: executing program 37 (id=69): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000240)={0x8}) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffc000/0x1000)=nil, r4, 0x1000000, 0x4010, r3, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x400001, 0x20}}], 0x18}, 0x0, 0x0) r10 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000340)={0x1a64afb6, 0x8000000, 0x4, r10}) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x28) write$eventfd(0xffffffffffffffff, &(0x7f00000001c0)=0x3, 0xfdef) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) ioctl$KVM_RUN(r14, 0xae80, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r14, 0x4040aea0, &(0x7f0000000000)=@x86={0x9, 0xe, 0x3, 0x0, 0x1b2, 0x99, 0xc, 0x9, 0x4, 0xa, 0x5, 0x0, 0x0, 0x6, 0x1, 0x11, 0x1, 0x9, 0xfb, '\x00', 0x97, 0x9}) ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18}) close(0x5) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) ioctl$KVM_RUN(r9, 0xae80, 0x0) 2m45.863155901s ago: executing program 6 (id=92): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0x40086602, 0x110ca32000) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async, rerun: 32) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x80000001}) (async, rerun: 32) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) (async, rerun: 64) r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x100000044) (rerun: 64) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r4, r5, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000180)=@arm64_sys={0x603000000013e080, &(0x7f00000000c0)=0x7}) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async) ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, 0x0) (async) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x18100, 0x0) (async) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = ioctl$KVM_CREATE_GUEST_MEMFD(r10, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3}) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2000003, 0x2013, r11, 0x0) (async) r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04) (async) munmap(&(0x7f0000000000/0x4000)=nil, 0x4000) ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x2000)=nil, r12, 0x3000003, 0x2011, r11, 0x0) (async, rerun: 64) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (rerun: 64) r13 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1) r14 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x1800002, 0x11, r13, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f0000000180)="f3011813013c36000000004ee28398f8964346cbd98700000001908b9463d139887a01002e25000000000000ffff00", 0x0, 0x48) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r13, 0x0) 2m33.620243734s ago: executing program 7 (id=93): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3d) r2 = eventfd2(0x6, 0x80801) r3 = eventfd2(0xb6c, 0x100000) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x37) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r4, 0x4010ae74, &(0x7f0000000080)={0xbfde, 0x7, 0x5}) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2, 0x2, 0x0, r3}) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000073000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@svc={0x122, 0x40, {0x0, [0x75074e1d, 0xff, 0xf5da, 0x50, 0x4]}}], 0x40}, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0) syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000180)=[@hvc={0x32, 0x40, {0x31000000, [0x0, 0x3, 0x1, 0x8000, 0x9]}}, @svc={0x122, 0x40, {0x0, [0x5, 0x3, 0x1, 0x9, 0x10000]}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x293}}, @code={0xa, 0x84, {"007008d5007008d50080000de09c89d200e0b8f2610180d2e20080d2030180d2640080d2020000d420f297d20020b8f2a10080d2620080d2430180d2c40080d2020000d400f399d20060b0f2a10080d2020180d2e30180d2440180d2020000d40084e00d00d0005f000028d5008008d5"}}, @smc={0x1e, 0x40, {0x40, [0x9, 0x8, 0x1, 0x1, 0x9]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x8000, 0x6}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0xe0}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x80, 0x8, 0x1}}, @msr={0x14, 0x20, {0x603000000013c00b, 0x6}}, @uexit={0x0, 0x18, 0x8}, @msr={0x14, 0x20, {0x2778, 0x8}}, @hvc={0x32, 0x40, {0x84000007, [0xffffffff, 0x5, 0x7, 0x3, 0xd4]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x88, 0xfffffffffffffffe, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013df10}}, @smc={0x1e, 0x40, {0x80000000, [0x6, 0x5, 0x7fff, 0x6, 0x5]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xc00, 0x9, 0xa}}, @hvc={0x32, 0x40, {0x84000004, [0x3ff, 0x8, 0x3, 0xd2]}}, @memwrite={0x6e, 0x30, @generic={0x8000000, 0x7af, 0x7, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013c640}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x20b}}, @msr={0x14, 0x20, {0x603000000013c029, 0xeb}}, @uexit={0x0, 0x18, 0x6}, @hvc={0x32, 0x40, {0x8000, [0x80, 0x7fff, 0x400, 0x0, 0x69e0]}}, @svc={0x122, 0x40, {0x8000, [0x100000001, 0x7, 0x4ab, 0x0, 0x1]}}, @hvc={0x32, 0x40, {0x84000002, [0x7f, 0xffffffff, 0xffffffffffffffff, 0x72, 0x401]}}], 0x4ec}, &(0x7f0000000680)=[@featur1={0x1, 0xd8}], 0x1) 2m17.563999179s ago: executing program 6 (id=94): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6) r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4360ae82, &(0x7f0000000240)={[0x9, 0x9, 0x7fffffffffffffff, 0x9, 0x8, 0x5, 0xd92, 0x43, 0x8, 0xd00, 0x1, 0x3ff, 0x0, 0x83c4, 0xf9a, 0x90c], 0xffff1000, 0x304442}) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000b2e000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000300)=[@irq_setup={0x46, 0x18, {0x0, 0xb2}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xc0, 0x0, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x14, 0x3, 0x1}}, @msr={0x14, 0x20, {0x603000000013deb6, 0x5}}, @smc={0x1e, 0x40, {0x80000000, [0xffffffffffffffff, 0x8, 0x4c6e, 0x7f, 0x4]}}, @smc={0x1e, 0x40, {0x40000000, [0x3, 0x5, 0x1, 0x3, 0x3d]}}], 0x118}], 0x1, 0x0, &(0x7f0000000080)=[@featur2={0x1, 0x21}], 0x1) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000200)={0x0, &(0x7f0000000100)=[@mrs={0xbe, 0x18, {0x603000000013c522}}], 0x18}, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x109272, 0x1f01) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000780), 0x1, 0x0) ioctl$KVM_CHECK_EXTENSION(r8, 0xae03, 0x10) 2m9.170554962s ago: executing program 7 (id=95): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x23) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 64) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0) (async, rerun: 64) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) (async) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000180)=[@svc={0x122, 0x40, {0x84000012, [0x1, 0x3, 0x0, 0x75, 0x7e]}}, @svc={0x122, 0x40, {0x84000006, [0xbf, 0xd9, 0x6, 0x0, 0xffffffffffffffff]}}, @eret={0xe6, 0x18, 0x8}, @irq_setup={0x46, 0x18, {0x1, 0x3c8}}, @irq_setup={0x46, 0x18, {0x1, 0x305}}, @uexit={0x0, 0x18}, @svc={0x122, 0x40, {0x84000013, [0x0, 0x0, 0x40, 0x5, 0x9]}}, @irq_setup={0x46, 0x18, {0x1, 0x195}}, @uexit={0x0, 0x18, 0xb6}, @uexit={0x0, 0x18, 0x1}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x2, 0x6, 0x7, 0x9}}], 0x190}, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) (async) r7 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000700)={0x9}) (async, rerun: 64) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 64) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_vgic_v3_setup(r9, 0x1, 0x40) (async) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r12, 0x2, 0x100) (async, rerun: 32) r13 = eventfd2(0x10000, 0x0) (rerun: 32) ioctl$KVM_IRQFD(r12, 0x4020ae76, &(0x7f0000000000)={r13, 0x3}) (async) ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f0000000100)={r13, 0xb16b, 0x2, r13}) ioctl$KVM_GET_DEVICE_ATTR(r10, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x1, 0x8, &(0x7f0000000140)=0x1ff}) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x46cc00, 0x0) (async) r14 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)}, 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xb6) (async) ioctl$KVM_RUN(r14, 0xae80, 0x0) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) 1m54.799075875s ago: executing program 6 (id=96): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x200, 0x0) ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xef) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r3, 0xc0189436, 0x100000000000000) r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x7c, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x80000, 0xa, 0x0, 0x0, 0x3}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x2) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r5, 0xae80, 0x0) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x200, 0x0) (async) ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xef) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CHECK_EXTENSION(r3, 0xc0189436, 0x100000000000000) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x7c, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x80000, 0xa, 0x0, 0x0, 0x3}}], 0x50}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8}) (async) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x2) (async) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_RUN(r5, 0xae80, 0x0) (async) 1m51.27607859s ago: executing program 7 (id=97): mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x3, 0x10000000004}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000005}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x6, 0x86, 0x6, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x0, 0x0, 0x0, 0x6, 0x5, 0x8, '\x00', 0x1, 0xe48}) write$eventfd(r7, &(0x7f00000001c0)=0x3, 0x50) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1m34.968911051s ago: executing program 6 (id=98): ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r2 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x25) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x1}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x3ee}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r6, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r8, 0xae80, 0x0) syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x0, 0x60) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000000000/0x400000)=nil) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r9 = ioctl$KVM_GET_STATS_FD_cpu(r8, 0xaece) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x39) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@smc={0x1e, 0x40, {0x80000001, [0x3f, 0x9, 0x5, 0x6, 0x7]}}], 0x40}, 0x0, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f0000000000)=0xf4020000}) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) 1m30.950949913s ago: executing program 7 (id=99): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=[@msr={0x14, 0x20, {0x603000000013c600, 0xfefefee0}}], 0x20}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c600, &(0x7f0000000140)}) (async) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000ae9000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000b80)={0x0, 0x0}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1) (async) r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000140)=@arm64_fw={0x6030000000140000, &(0x7f0000000200)=0x1}) r7 = syz_kvm_vgic_v3_setup(r2, 0x0, 0x220) ioctl$KVM_HAS_DEVICE_ATTR(r7, 0x4018aee3, &(0x7f00000001c0)=@attr_riscv64=@attr_aplic={0x0, 0x1, @any=0x8, &(0x7f0000000180)=0x1}) 1m10.932272342s ago: executing program 7 (id=100): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000040)=@arm64_extra={0x603000000013c033, 0xffffffffffffffff}) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000000c0)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000000)=0x400000000}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000100)=0x8010000000000001}) (async) r7 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000a75000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000200)={0x0, 0x0}, 0x0, 0x0) 1m9.532016979s ago: executing program 6 (id=101): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x40200, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0x80111500, 0xfffffffffffff000) 54.803631076s ago: executing program 6 (id=102): munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x8080000, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r7, 0x401054d5, 0x16) r8 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000300)="fb4149dd033b8986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67525673312b01040000000000002627e7000000000000000200", 0x0, 0xfffffffffffffe73) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r2, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) munmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000) 51.47001738s ago: executing program 7 (id=103): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2e) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000180), 0x80, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000b0d000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x60b0000000160003, 0x0}) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@msr={0x14, 0x20, {0x603000000013df40, 0x8000}}], 0x20}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000140)=@attr_pmu_init) ioctl$KVM_RUN(r12, 0xae80, 0x0) r13 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) r15 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) r17 = syz_kvm_setup_syzos_vm$arm64(r16, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r17, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7fff}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) r18 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x840, 0x0) r19 = ioctl$KVM_CREATE_VM(r18, 0xae01, 0x0) r20 = ioctl$KVM_CREATE_VCPU(r19, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r20, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_SET_ONE_REG(r20, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x5}) 6.380066045s ago: executing program 38 (id=102): munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x8080000, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r7, 0x401054d5, 0x16) r8 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000300)="fb4149dd033b8986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67525673312b01040000000000002627e7000000000000000200", 0x0, 0xfffffffffffffe73) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r2, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) munmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000) 0s ago: executing program 39 (id=103): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2e) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000180), 0x80, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000b0d000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x60b0000000160003, 0x0}) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@msr={0x14, 0x20, {0x603000000013df40, 0x8000}}], 0x20}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000140)=@attr_pmu_init) ioctl$KVM_RUN(r12, 0xae80, 0x0) r13 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) r15 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) r17 = syz_kvm_setup_syzos_vm$arm64(r16, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r17, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7fff}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) r18 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x840, 0x0) r19 = ioctl$KVM_CREATE_VM(r18, 0xae01, 0x0) r20 = ioctl$KVM_CREATE_VCPU(r19, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r20, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_SET_ONE_REG(r20, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x5}) kernel console output (not intermixed with test programs): [ 453.871480][ T3170] eql: remember to turn off Van-Jacobson compression on your slave devices Warning: Permanently added '[localhost]:22969' (ED25519) to the list of known hosts. [ 617.660596][ T24] audit: type=1400 audit(616.850:61): avc: denied { name_bind } for pid=3329 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 618.546880][ T24] audit: type=1400 audit(617.740:62): avc: denied { execute } for pid=3330 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 618.574233][ T24] audit: type=1400 audit(617.760:63): avc: denied { execute_no_trans } for pid=3330 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 645.829374][ T24] audit: type=1400 audit(645.020:64): avc: denied { mounton } for pid=3330 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 645.870802][ T24] audit: type=1400 audit(645.060:65): avc: denied { mount } for pid=3330 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 645.965693][ T3330] cgroup: Unknown subsys name 'net' [ 646.021508][ T24] audit: type=1400 audit(645.210:66): avc: denied { unmount } for pid=3330 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 646.430032][ T3330] cgroup: Unknown subsys name 'cpuset' [ 646.568275][ T3330] cgroup: Unknown subsys name 'rlimit' [ 647.452288][ T24] audit: type=1400 audit(646.640:67): avc: denied { setattr } for pid=3330 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 647.471360][ T24] audit: type=1400 audit(646.660:68): avc: denied { mounton } for pid=3330 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 647.495553][ T24] audit: type=1400 audit(646.680:69): avc: denied { mount } for pid=3330 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 648.586673][ T3333] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 648.605166][ T24] audit: type=1400 audit(647.790:70): avc: denied { relabelto } for pid=3333 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 648.629104][ T24] audit: type=1400 audit(647.820:71): avc: denied { write } for pid=3333 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 648.798620][ T24] audit: type=1400 audit(647.990:72): avc: denied { read } for pid=3330 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 648.816816][ T24] audit: type=1400 audit(648.000:73): avc: denied { open } for pid=3330 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 648.856601][ T3330] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 706.077898][ T24] audit: type=1400 audit(705.270:74): avc: denied { execmem } for pid=3334 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 709.890015][ T24] audit: type=1400 audit(709.080:76): avc: denied { read } for pid=3336 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 709.905194][ T24] audit: type=1400 audit(709.070:75): avc: denied { read } for pid=3337 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 709.929698][ T24] audit: type=1400 audit(709.120:77): avc: denied { open } for pid=3336 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 709.992479][ T24] audit: type=1400 audit(709.180:78): avc: denied { mounton } for pid=3336 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 710.221081][ T24] audit: type=1400 audit(709.390:79): avc: denied { module_request } for pid=3336 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 711.259796][ T24] audit: type=1400 audit(710.440:80): avc: denied { sys_module } for pid=3336 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 734.290360][ T3336] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 734.445596][ T3336] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 735.979440][ T3337] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 736.139927][ T3337] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 747.426420][ T3336] hsr_slave_0: entered promiscuous mode [ 747.471858][ T3336] hsr_slave_1: entered promiscuous mode [ 749.426116][ T3337] hsr_slave_0: entered promiscuous mode [ 749.449187][ T3337] hsr_slave_1: entered promiscuous mode [ 749.462644][ T3337] debugfs: 'hsr0' already exists in 'hsr' [ 749.474588][ T3337] Cannot create hsr debugfs directory [ 755.032091][ T24] audit: type=1400 audit(754.220:81): avc: denied { create } for pid=3336 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 755.095274][ T24] audit: type=1400 audit(754.280:82): avc: denied { write } for pid=3336 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 755.134817][ T24] audit: type=1400 audit(754.320:83): avc: denied { read } for pid=3336 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 755.297734][ T3336] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 755.582637][ T3336] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 756.016247][ T3336] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 756.390824][ T3336] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 759.027963][ T3337] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 759.328094][ T3337] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 759.568460][ T3337] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 759.835736][ T3337] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 776.421851][ T3336] 8021q: adding VLAN 0 to HW filter on device bond0 [ 779.069208][ T3337] 8021q: adding VLAN 0 to HW filter on device bond0 [ 833.856256][ T3336] veth0_vlan: entered promiscuous mode [ 834.730162][ T3336] veth1_vlan: entered promiscuous mode [ 838.707472][ T3337] veth0_vlan: entered promiscuous mode [ 838.928618][ T3336] veth0_macvtap: entered promiscuous mode [ 839.692028][ T3336] veth1_macvtap: entered promiscuous mode [ 840.367136][ T3337] veth1_vlan: entered promiscuous mode [ 843.672757][ T3475] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 843.679787][ T3475] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 843.777093][ T3475] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 843.780845][ T3475] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 844.298226][ T3337] veth0_macvtap: entered promiscuous mode [ 844.906134][ T3337] veth1_macvtap: entered promiscuous mode [ 847.314950][ T24] audit: type=1400 audit(846.460:84): avc: denied { mount } for pid=3336 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 847.456358][ T24] audit: type=1400 audit(846.640:85): avc: denied { mounton } for pid=3336 comm="syz-executor" path="/syzkaller.mrD6At/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 847.726023][ T24] audit: type=1400 audit(846.910:86): avc: denied { mount } for pid=3336 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 848.146673][ T24] audit: type=1400 audit(847.310:87): avc: denied { mounton } for pid=3336 comm="syz-executor" path="/syzkaller.mrD6At/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 848.251762][ T3390] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 848.256735][ T3390] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 848.269249][ T3390] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 848.281031][ T3390] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 848.311532][ T24] audit: type=1400 audit(847.500:88): avc: denied { mounton } for pid=3336 comm="syz-executor" path="/syzkaller.mrD6At/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3750 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 848.937505][ T24] audit: type=1400 audit(848.120:89): avc: denied { unmount } for pid=3336 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 849.207567][ T24] audit: type=1400 audit(848.390:90): avc: denied { mounton } for pid=3336 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 849.402212][ T24] audit: type=1400 audit(848.590:91): avc: denied { mount } for pid=3336 comm="syz-executor" name="/" dev="gadgetfs" ino=3761 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 849.842715][ T24] audit: type=1400 audit(849.030:92): avc: denied { mount } for pid=3336 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 849.967972][ T24] audit: type=1400 audit(849.130:93): avc: denied { mounton } for pid=3336 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 851.231397][ T3336] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 852.382084][ T24] kauditd_printk_skb: 3 callbacks suppressed [ 852.389937][ T24] audit: type=1400 audit(851.570:97): avc: denied { ioctl } for pid=3336 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 861.705130][ T24] audit: type=1400 audit(860.890:98): avc: denied { execute } for pid=3494 comm="syz.0.1" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3800 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 864.150125][ T24] audit: type=1400 audit(863.250:99): avc: denied { read } for pid=3496 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 864.151343][ T24] audit: type=1400 audit(863.340:100): avc: denied { open } for pid=3496 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 864.394005][ T24] audit: type=1400 audit(863.570:101): avc: denied { ioctl } for pid=3496 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0x5820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 869.225356][ T24] audit: type=1400 audit(868.410:102): avc: denied { write } for pid=3502 comm="syz.0.3" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 941.785145][ T24] audit: type=1400 audit(940.920:103): avc: denied { append } for pid=3544 comm="syz.1.17" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1103.638641][ T24] audit: type=1400 audit(1102.810:104): avc: denied { create } for pid=3633 comm="syz.1.44" anonclass=[kvm-gmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 1103.777642][ T24] audit: type=1400 audit(1102.960:105): avc: denied { map } for pid=3633 comm="syz.1.44" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=6207 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 1103.861608][ T24] audit: type=1400 audit(1103.020:106): avc: denied { read } for pid=3633 comm="syz.1.44" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=6207 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 1161.367541][ T24] audit: type=1400 audit(1160.550:107): avc: denied { module_request } for pid=3655 comm="syz-executor" kmod="netdev-nr2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 1220.196253][ T3655] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1220.428886][ T3655] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1226.375121][ T3659] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1226.618947][ T3659] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1246.089633][ T3655] hsr_slave_0: entered promiscuous mode [ 1246.169688][ T3655] hsr_slave_1: entered promiscuous mode [ 1246.259221][ T3655] debugfs: 'hsr0' already exists in 'hsr' [ 1246.262191][ T3655] Cannot create hsr debugfs directory [ 1256.592626][ T3659] hsr_slave_0: entered promiscuous mode [ 1256.689913][ T3659] hsr_slave_1: entered promiscuous mode [ 1256.775128][ T3659] debugfs: 'hsr0' already exists in 'hsr' [ 1256.783855][ T3659] Cannot create hsr debugfs directory [ 1270.628352][ T3655] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1271.516250][ T3655] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1271.881146][ T3655] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1272.375027][ T3655] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1277.587604][ T3659] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1277.959794][ T3659] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1278.380611][ T3659] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1278.971626][ T3659] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1299.937767][ T3655] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1306.977173][ T3659] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1346.387775][ T3738] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1348.766185][ T3738] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1350.750210][ T3738] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1352.527984][ T3738] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1375.106255][ T3738] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1375.700171][ T3738] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1375.979492][ T3738] bond0 (unregistering): Released all slaves [ 1378.346681][ T3738] hsr_slave_0: left promiscuous mode [ 1378.457124][ T3738] hsr_slave_1: left promiscuous mode [ 1378.930602][ T3738] veth1_macvtap: left promiscuous mode [ 1378.975145][ T3738] veth0_macvtap: left promiscuous mode [ 1378.995532][ T3738] veth1_vlan: left promiscuous mode [ 1379.007622][ T3738] veth0_vlan: left promiscuous mode [ 1402.319807][ T3738] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1403.649764][ T3738] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1405.142542][ T3738] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1406.250520][ T3738] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1422.842505][ T3738] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1423.125621][ T3738] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1423.274831][ T3738] bond0 (unregistering): Released all slaves [ 1424.805364][ T3738] hsr_slave_0: left promiscuous mode [ 1424.956879][ T3738] hsr_slave_1: left promiscuous mode [ 1425.738409][ T3738] veth1_macvtap: left promiscuous mode [ 1425.741597][ T3738] veth0_macvtap: left promiscuous mode [ 1425.756679][ T3738] veth1_vlan: left promiscuous mode [ 1425.793576][ T3738] veth0_vlan: left promiscuous mode [ 1470.975212][ T3655] veth0_vlan: entered promiscuous mode [ 1471.818474][ T3655] veth1_vlan: entered promiscuous mode [ 1474.610866][ T3655] veth0_macvtap: entered promiscuous mode [ 1474.981254][ T3655] veth1_macvtap: entered promiscuous mode [ 1477.725301][ T48] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1477.744666][ T3748] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1477.745531][ T3748] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1477.746235][ T3748] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1483.855400][ T3659] veth0_vlan: entered promiscuous mode [ 1484.897821][ T3659] veth1_vlan: entered promiscuous mode [ 1488.711326][ T3659] veth0_macvtap: entered promiscuous mode [ 1489.668276][ T3659] veth1_macvtap: entered promiscuous mode [ 1493.861593][ T21] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1493.870033][ T21] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1493.894226][ T21] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1493.942011][ T21] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1657.960019][ T3882] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1658.362620][ T3882] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1668.108795][ T3889] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1668.549560][ T3889] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1703.091428][ T3882] hsr_slave_0: entered promiscuous mode [ 1703.229752][ T3882] hsr_slave_1: entered promiscuous mode [ 1710.721879][ T3889] hsr_slave_0: entered promiscuous mode [ 1710.828280][ T3889] hsr_slave_1: entered promiscuous mode [ 1710.905473][ T3889] debugfs: 'hsr0' already exists in 'hsr' [ 1710.909337][ T3889] Cannot create hsr debugfs directory [ 1737.577233][ T3882] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1738.839789][ T3882] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1739.806595][ T3882] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1742.055483][ T3882] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1750.097769][ T3889] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 1750.759285][ T3889] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 1751.605815][ T3889] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 1752.249960][ T3889] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 1789.249641][ T3882] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1796.592469][ T3889] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1909.416337][ T3738] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1911.698947][ T3738] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1914.250159][ T3738] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1916.452565][ T3738] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1942.511261][ T3738] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1942.826615][ T3738] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1942.990820][ T3738] bond0 (unregistering): Released all slaves [ 1945.429526][ T3738] hsr_slave_0: left promiscuous mode [ 1946.077390][ T3738] hsr_slave_1: left promiscuous mode [ 1947.234913][ T3738] veth1_macvtap: left promiscuous mode [ 1947.251119][ T3738] veth0_macvtap: left promiscuous mode [ 1947.285940][ T3738] veth1_vlan: left promiscuous mode [ 1947.310239][ T3738] veth0_vlan: left promiscuous mode [ 1979.460055][ T3738] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1982.040496][ T3738] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1984.089099][ T3738] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1986.005239][ T3738] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2007.515751][ T3738] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2007.801165][ T3738] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2007.990346][ T3738] bond0 (unregistering): Released all slaves [ 2009.657100][ T3738] hsr_slave_0: left promiscuous mode [ 2009.744984][ T3738] hsr_slave_1: left promiscuous mode [ 2010.481966][ T3738] veth1_macvtap: left promiscuous mode [ 2010.505334][ T3738] veth0_macvtap: left promiscuous mode [ 2010.509877][ T3738] veth1_vlan: left promiscuous mode [ 2010.528200][ T3738] veth0_vlan: left promiscuous mode [ 2043.236082][ T3882] veth0_vlan: entered promiscuous mode [ 2044.568667][ T3882] veth1_vlan: entered promiscuous mode [ 2047.906215][ T3882] veth0_macvtap: entered promiscuous mode [ 2048.639324][ T3882] veth1_macvtap: entered promiscuous mode [ 2052.460388][ T3748] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2052.469628][ T3748] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2052.470680][ T3748] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2052.471394][ T3748] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2059.945633][ T3889] veth0_vlan: entered promiscuous mode [ 2061.477741][ T3889] veth1_vlan: entered promiscuous mode [ 2065.097742][ T3889] veth0_macvtap: entered promiscuous mode [ 2065.898862][ T3889] veth1_macvtap: entered promiscuous mode [ 2069.801419][ T4108] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2069.909466][ T3390] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2069.939852][ T3390] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2069.948689][ T3390] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2305.707709][ T4260] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2308.024288][ T4260] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2309.740292][ T4260] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2311.287187][ T4260] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2333.106090][ T4260] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2333.337567][ T4260] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2333.557721][ T4260] bond0 (unregistering): Released all slaves [ 2335.736116][ T4260] hsr_slave_0: left promiscuous mode [ 2335.916302][ T4260] hsr_slave_1: left promiscuous mode [ 2336.731950][ T4260] veth1_macvtap: left promiscuous mode [ 2336.746016][ T4260] veth0_macvtap: left promiscuous mode [ 2336.765603][ T4260] veth1_vlan: left promiscuous mode [ 2336.785173][ T4260] veth0_vlan: left promiscuous mode [ 2370.087589][ T4260] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2371.435937][ T4260] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2372.838708][ T4260] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2374.121726][ T4260] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2395.446307][ T4260] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2395.996140][ T4260] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2396.146540][ T4260] bond0 (unregistering): Released all slaves [ 2398.888143][ T4260] hsr_slave_0: left promiscuous mode [ 2398.964852][ T4260] hsr_slave_1: left promiscuous mode [ 2399.596731][ T4260] veth1_macvtap: left promiscuous mode [ 2399.614862][ T4260] veth0_macvtap: left promiscuous mode [ 2399.635162][ T4260] veth1_vlan: left promiscuous mode [ 2399.646690][ T4260] veth0_vlan: left promiscuous mode [ 2440.378168][ T4249] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2440.707458][ T4249] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2444.620308][ T4256] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2444.956136][ T4256] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2474.672599][ T4249] hsr_slave_0: entered promiscuous mode [ 2474.766852][ T4249] hsr_slave_1: entered promiscuous mode [ 2479.807959][ T4256] hsr_slave_0: entered promiscuous mode [ 2479.849445][ T4256] hsr_slave_1: entered promiscuous mode [ 2479.888184][ T4256] debugfs: 'hsr0' already exists in 'hsr' [ 2479.906718][ T4256] Cannot create hsr debugfs directory [ 2496.421642][ T4249] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 2497.130559][ T4249] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 2497.759098][ T4249] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 2498.408336][ T4249] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 2504.272450][ T4256] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 2504.829441][ T4256] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 2505.319161][ T4256] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 2505.986627][ T4256] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 2537.441657][ T4249] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2544.557482][ T4256] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2693.756857][ T4249] veth0_vlan: entered promiscuous mode [ 2695.086910][ T4249] veth1_vlan: entered promiscuous mode [ 2699.557311][ T4249] veth0_macvtap: entered promiscuous mode [ 2700.817500][ T4249] veth1_macvtap: entered promiscuous mode [ 2704.265313][ T4256] veth0_vlan: entered promiscuous mode [ 2706.958208][ T4256] veth1_vlan: entered promiscuous mode [ 2708.260638][ T4041] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2708.348328][ T4262] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2708.424262][ T21] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2708.426976][ T21] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2715.608108][ T4256] veth0_macvtap: entered promiscuous mode [ 2717.089886][ T4256] veth1_macvtap: entered promiscuous mode [ 2722.671883][ T3947] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2722.691904][ T3475] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2722.768352][ T3475] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2722.779837][ T3475] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2997.915686][ T24] audit: type=1400 audit(2996.940:108): avc: denied { setattr } for pid=4616 comm="syz.6.92" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 3215.286575][ T4041] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3217.871559][ T4041] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3220.180752][ T4041] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3222.841628][ T4041] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3254.287513][ T4041] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3254.809381][ T4041] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3255.997963][ T4041] bond0 (unregistering): Released all slaves [ 3259.434091][ T4041] hsr_slave_0: left promiscuous mode [ 3259.625023][ T4041] hsr_slave_1: left promiscuous mode [ 3260.675953][ T4041] veth1_macvtap: left promiscuous mode [ 3260.728304][ T4041] veth0_macvtap: left promiscuous mode [ 3260.731161][ T4041] veth1_vlan: left promiscuous mode [ 3260.764690][ T4041] veth0_vlan: left promiscuous mode [ 3309.110114][ T4041] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3311.336517][ T4041] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3313.036320][ T4041] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3315.418724][ T4041] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3344.131157][ T4041] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3344.656801][ T4041] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3344.950153][ T4041] bond0 (unregistering): Released all slaves [ 3348.827204][ T4041] hsr_slave_0: left promiscuous mode [ 3348.969437][ T4041] hsr_slave_1: left promiscuous mode [ 3349.816100][ T4041] veth1_macvtap: left promiscuous mode [ 3349.824574][ T4041] veth0_macvtap: left promiscuous mode [ 3349.832305][ T4041] veth1_vlan: left promiscuous mode [ 3349.944705][ T4041] veth0_vlan: left promiscuous mode [ 3418.487797][ T4689] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3418.919865][ T4689] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3423.390037][ T4692] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3423.768552][ T4692] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3456.522621][ T4689] hsr_slave_0: entered promiscuous mode [ 3456.641251][ T4689] hsr_slave_1: entered promiscuous mode [ 3461.772626][ T4692] hsr_slave_0: entered promiscuous mode [ 3461.860025][ T4692] hsr_slave_1: entered promiscuous mode [ 3462.010115][ T4692] debugfs: 'hsr0' already exists in 'hsr' [ 3462.015171][ T4692] Cannot create hsr debugfs directory [ 3488.800966][ T4689] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 3489.832497][ T4689] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 3490.402375][ T4689] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 3491.432427][ T4689] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 3500.890459][ T4692] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 3501.465405][ T4692] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 3502.036735][ T4692] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 3502.750800][ T4692] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 3535.148165][ T4689] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3543.372105][ T4692] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3719.117278][ T4689] veth0_vlan: entered promiscuous mode [ 3720.502057][ T4689] veth1_vlan: entered promiscuous mode [ 3726.735384][ T4692] veth0_vlan: entered promiscuous mode [ 3727.951435][ T4689] veth0_macvtap: entered promiscuous mode [ 3729.420147][ T4689] veth1_macvtap: entered promiscuous mode [ 3729.900908][ T4692] veth1_vlan: entered promiscuous mode [ 3737.447037][ T4041] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3737.464618][ T4041] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3737.508953][ T4041] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3737.544665][ T4041] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3738.269813][ T4692] veth0_macvtap: entered promiscuous mode [ 3739.840487][ T4692] veth1_macvtap: entered promiscuous mode [ 3748.356663][ T4262] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3748.378102][ T4262] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3748.692624][ T4262] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3748.826643][ T4262] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3787.657929][ T4540] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3790.728720][ T4540] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3793.431355][ T4540] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3797.705220][ T4540] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3825.565869][ T4540] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3825.805658][ T4540] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3826.000751][ T4540] bond0 (unregistering): Released all slaves [ 3828.595456][ T4540] hsr_slave_0: left promiscuous mode [ 3829.405091][ T4540] hsr_slave_1: left promiscuous mode [ 3830.819340][ T4540] veth1_macvtap: left promiscuous mode [ 3830.845844][ T4540] veth0_macvtap: left promiscuous mode [ 3830.875823][ T4540] veth1_vlan: left promiscuous mode [ 3830.908435][ T4540] veth0_vlan: left promiscuous mode [ 3879.277892][ T4540] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3881.322436][ T4540] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3883.301888][ T4540] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3885.130890][ T4540] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3911.797734][ T4540] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3912.134122][ T4540] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3912.357570][ T4540] bond0 (unregistering): Released all slaves [ 3916.208751][ T4540] hsr_slave_0: left promiscuous mode [ 3916.576455][ T4540] hsr_slave_1: left promiscuous mode [ 3917.601602][ T4540] veth1_macvtap: left promiscuous mode [ 3917.611615][ T4540] veth0_macvtap: left promiscuous mode [ 3917.655379][ T4540] veth1_vlan: left promiscuous mode [ 3917.668262][ T4540] veth0_vlan: left promiscuous mode [ 4002.120469][ T4988] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4003.266619][ T4988] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4005.767634][ T4984] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4006.141688][ T4984] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link VM DIAGNOSIS: 23:11:30 Registers: info registers vcpu 0 CPU#0 PC=ffff80008691936c X00=ffff80008c9077b8 X01=ffff80008c9077d0 X02=ffff80008c9077d0 X03=0000000000000010 X04=0000000000000001 X05=0000000000000001 X06=0000000000000000 X07=ffff800080d462c0 X08=fff07fffed22c000 X09=0000000000000000 X10=0000000000ff0100 X11=0000000000000062 X12=b0f000001d29e000 X13=00000000000000f5 X14=0000000000002000 X15=ffff80008c9076a0 X16=ffff800080010528 X17=0000000000000070 X18=fff0000074d3a8c8 X19=0000000000000000 X20=62f0000012e826b8 X21=ffff80008776112b X22=62f0000012e81bc8 X23=0000000000000062 X24=fff0000074cc5d40 X25=0000000000000001 X26=0000000003ffffff X27=0000000000000004 X28=0000000000000012 X29=ffff80008c9077d0 X30=ffff80008691a7e0 SP=ffff80008c907860 PSTATE=604020c9 -ZC- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000 P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000 FFR=0000 Z00=2c2c2c2c2c2c2c2c:2c2c2c2c2c2c2c2c Z01=6564752f6374652f:0000000000006572 Z02=0000000000000000:cccccccccccc0000 Z03=0000000000000000:0000000000000000 Z04=3333333333333333:3333333333333333 Z05=0000000000000000:00000000cccccc00 Z06=0000ffffd25b46fe:0000ffffd25b46f0 Z07=0000ffffd25b4719:0000ffffd25b470b Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000 Z16=0000ffffd259ffb0:0000ffffd259ffb0 Z17=ffffff80ffffffd0:0000ffffd259ff80 Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000