last executing test programs:

28m25.267584427s ago: executing program 1 (id=324):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, &(0x7f00000000c0)}, &(0x7f0000000100)=[@featur2={0x1, 0x41}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000140)=@attr_pmu_init)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r7, 0x3, 0x11, r6, 0x0)
r8 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r7, 0x280000b, 0x12, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f0000000040)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0})

28m17.448644402s ago: executing program 1 (id=326):
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r3, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x9)
ioctl$KVM_CHECK_EXTENSION_VM(r4, 0xae03, 0x7)
munmap(&(0x7f0000e9d000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r1, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x0, 0x23ac5f9b426e84b2, 0xffffffffffffffff, 0x0)

28m11.038779055s ago: executing program 1 (id=328):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
r5 = openat$kvm(0x0, &(0x7f0000000200), 0x2021c0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x3c)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x1800002, 0x11, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000180)="f30138dd033be3ac4a44a256bf00e2004b584bd92e00000f00000000000100010000020000000003f4ff000000235acbd98700000000000200", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x40305829, &(0x7f0000000240)=@attr_other={0x0, 0x6, 0x8000008, 0x0})
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000000)={0x7, <r8=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r8, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x5, 0x0})
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000bde000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r9, 0x4, 0x220)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r12, 0xae04)

28m9.051543882s ago: executing program 0 (id=329):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0xfffffffe, 0x0, 0x6, 0x0, 0x20000004}}], 0x50}, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f0000000080)={0xdddd1000, 0x2000, 0x1})
r6 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
syz_kvm_vgic_v3_setup(r6, 0x2001, 0x380)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x4040, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x28)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
openat$kvm(0x0, &(0x7f0000000000), 0x72483, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_GET_REGS(r11, 0x8360ae81, 0x0)

28m0.266924165s ago: executing program 1 (id=330):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000cde000/0x4000)=nil, 0x930, 0x1000002, 0x110, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000d3d000/0x1000)=nil, 0x1000)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x50, 0x6243, 0x5}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x2000000000001, 0x120)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
syz_kvm_setup_cpu$arm64(r2, r4, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000840)=[@its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x1, 0x8, 0x2, 0x2, 0x1}}, @code={0xa, 0xb4, {"008008d50020000f60b881d20040b0f2010080d2220080d2e30080d2e40180d2020000d4008008d5409e9bd20020b8f2810080d2820180d2630180d2440080d2020000d4000028d5e0639ed20060b0f2010080d2020180d2e30080d2840080d2020000d4000028d5e0659bd20080b8f2210080d2620080d2a30080d2c40180d2020000d4407584d200a0b8f2210080d2620180d2a30180d2c40180d2020000d4"}}, @mrs={0xbe, 0x18, {0x603000000013d921}}, @code={0xa, 0x6c, {"0040e21e00800088000285d20020b8f2c10080d2c20180d2030080d2440080d2020000d4007008d500086078007008d5200d95d20040b8f2410180d2020080d2030080d2c40180d2020000d4007008d50004000f000008d5"}}, @mrs={0xbe, 0x18, {0x603000000013df49}}, @uexit={0x0, 0x18, 0x6}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x3, 0x6, 0x8, 0x0, 0x2}}, @eret={0xe6, 0x18, 0xe}, @code={0xa, 0x9c, {"205c97d200c0b0f2a10180d2220080d2e30080d2040080d2020000d4007008d5000008d5008008d5008040c8a0d78fd20000b8f2810080d2420080d2630080d2c40180d2020000d4000028d5a0118ed20000b0f2c10080d2620080d2830180d2240080d2020000d4c0089bd20020b8f2e10180d2c20080d2830080d2240080d2020000d4007008d5"}}, @eret={0xe6, 0x18, 0xfffffffffffffff8}, @msr={0x14, 0x20, {0x603000000013f600, 0x6}}, @hvc={0x32, 0x40, {0x80008000, [0x30, 0x7, 0x8000, 0x40c88235, 0xa]}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x3db}}, @hvc={0x32, 0x40, {0x8400000d, [0xd, 0x100000000, 0xe47, 0x4, 0x9]}}, @mrs={0xbe, 0x18, {0x5cc4}}, @mrs={0xbe, 0x18, {0x603000000013df7e}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x800, 0x9}}, @mrs={0xbe, 0x18, {0x603000000013df02}}, @smc={0x1e, 0x40, {0x80007fff, [0x5, 0x9, 0x3, 0x654a, 0x5c5c]}}, @code={0xa, 0xcc, {"00f49ed20000b0f2010080d2c20180d2430080d2a40180d2020000d4008060c8c0e586d20000b0f2e10180d2020080d2c30180d2240080d2020000d4000028d540b486d20000b0f2e10080d2020180d2030080d2440180d2020000d4000c200e008008d5c0ab86d200e0b0f2c10080d2c20180d2a30080d2040180d2020000d4c00f97d200c0b0f2010180d2620180d2e30180d2840180d2020000d4e0f196d20000b8f2e10180d2c20180d2030180d2240180d2020000d4"}}, @uexit={0x0, 0x18, 0xc9}, @smc={0x1e, 0x40, {0x1000000, [0x101, 0x8, 0xf, 0x2, 0x22]}}, @smc={0x1e, 0x40, {0x8600ff01, [0x7, 0x71, 0x44f, 0x3ff, 0x7]}}, @hvc={0x32, 0x40, {0x6000000, [0x100000000, 0x4, 0x9, 0x8, 0x900000000000]}}, @mrs={0xbe, 0x18, {0x603000000013e6cc}}, @eret={0xe6, 0x18, 0x81}], 0x5d8}], 0x1, 0x0, &(0x7f00000001c0)=[@featur2={0x1, 0x81}], 0x1)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x27)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r9, 0x3, 0xa0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000100)={0x8})
r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000800)={0x0, &(0x7f0000000100)}, 0x0, 0x0)

27m59.403841103s ago: executing program 0 (id=331):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x8}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x3, 0xfffffffd, 0xf}}], 0x50}, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r5, 0x4010ae74, &(0x7f0000000240)={0xfffffc76, 0xfc000000, 0x9})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000040)=@arm64_sys={0x603000000013c006, &(0x7f0000000000)=0x3})
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x3, 0x1, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

27m50.958099986s ago: executing program 0 (id=332):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r3, 0x0) (async)
r4 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r3, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
ioctl$KVM_CHECK_EXTENSION_VM(r5, 0xae03, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CAP_ARM_MTE(r5, 0x4068aea3, &(0x7f0000000180))
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) (async)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000280)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000000)={0x0, &(0x7f0000000340)=[@smc={0x1e, 0x40, {0x84000009, [0x4, 0x486a, 0x0, 0xffffffffffffff01, 0xd7]}}, @svc={0x122, 0x40, {0xc400000c, [0x1, 0x0, 0x8, 0x8, 0x617f]}}, @code={0xa, 0x6c, {"403591d200a0b8f2c10080d2020180d2430080d2040180d2020000d4e00300b2007008d5003c000e80c98ed200c0b0f2810080d2220080d2630080d2c40180d2020000d40000df0c00c8a12e007008d5007008d5000028d5"}}, @hvc={0x32, 0x40, {0x84000052, [0x7f, 0x9, 0x7f, 0x1, 0x37]}}, @eret={0xe6, 0x18, 0x6}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x3, 0x2, 0x27, 0xffff61b0, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013df64}}, @uexit={0x0, 0x18}, @smc={0x1e, 0x40, {0x200ffef, [0x8, 0x7, 0x10000, 0x100000000, 0x1]}}, @hvc={0x32, 0x40, {0xc4000001, [0x7, 0x8000000000000000, 0x0, 0xa, 0x2]}}, @uexit={0x0, 0x18, 0x3}], 0x234}, &(0x7f0000000100)=[@featur1={0x1, 0xc0}], 0x1) (async)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000000)={0x0, &(0x7f0000000340)=[@smc={0x1e, 0x40, {0x84000009, [0x4, 0x486a, 0x0, 0xffffffffffffff01, 0xd7]}}, @svc={0x122, 0x40, {0xc400000c, [0x1, 0x0, 0x8, 0x8, 0x617f]}}, @code={0xa, 0x6c, {"403591d200a0b8f2c10080d2020180d2430080d2040180d2020000d4e00300b2007008d5003c000e80c98ed200c0b0f2810080d2220080d2630080d2c40180d2020000d40000df0c00c8a12e007008d5007008d5000028d5"}}, @hvc={0x32, 0x40, {0x84000052, [0x7f, 0x9, 0x7f, 0x1, 0x37]}}, @eret={0xe6, 0x18, 0x6}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x3, 0x2, 0x27, 0xffff61b0, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013df64}}, @uexit={0x0, 0x18}, @smc={0x1e, 0x40, {0x200ffef, [0x8, 0x7, 0x10000, 0x100000000, 0x1]}}, @hvc={0x32, 0x40, {0xc4000001, [0x7, 0x8000000000000000, 0x0, 0xa, 0x2]}}, @uexit={0x0, 0x18, 0x3}], 0x234}, &(0x7f0000000100)=[@featur1={0x1, 0xc0}], 0x1)
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000140)=@arm64_sve_vls={0x606000000015ffff, &(0x7f0000000080)=0x727})
ioctl$KVM_CHECK_EXTENSION_VM(r5, 0xae03, 0x3) (async)
ioctl$KVM_CHECK_EXTENSION_VM(r5, 0xae03, 0x3)

27m46.748932225s ago: executing program 1 (id=333):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000000)={0x7, <r3=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x5, 0x0})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000bde000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r9, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2100, 0x0)
r11 = eventfd2(0x0, 0x0)
close(r11)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
r12 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
write$eventfd(r11, &(0x7f0000000180)=0x5, 0xfffffde3)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

27m42.469554352s ago: executing program 0 (id=334):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x27)
r1 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000bfd000/0x400000)=nil)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee2, &(0x7f0000000000)=@attr_pmu_init)
r2 = ioctl$KVM_GET_STATS_FD_vm(r0, 0xaece)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r2, 0x4068aea3, &(0x7f0000000040))
ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f00000000c0)={0x3, 0x0, &(0x7f0000d64000/0x4000)=nil})
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000100)={0x1, 0x0, [{0xe097, 0x2, 0x0, 0x0, @irqchip={0x7f, 0x8}}]})
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x7, <r3=>0xffffffffffffffff, 0x1})
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r0, 0x4068aea3, &(0x7f0000000180)={0xdf, 0x0, 0x1000})
syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000580)={0x0, &(0x7f0000000200)=[@msr={0x14, 0x20, {0x603000000013f088}}, @eret={0xe6, 0x18, 0x9c6c}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x1, 0x7, 0x7d, 0xd}}, @smc={0x1e, 0x40, {0xc5000038, [0x0, 0x3ff, 0x5, 0xffffffffffffffff, 0xbe9e]}}, @hvc={0x32, 0x40, {0x84000053, [0x1000, 0x8137, 0x4, 0x8000, 0x200]}}, @memwrite={0x6e, 0x30, @generic={0x6000, 0x475, 0x7, 0x6}}, @mrs={0xbe, 0x18, {0x603000000013e6d1}}, @eret={0xe6, 0x18, 0xff}, @code={0xa, 0x54, {"60e582d20080b0f2210080d2020180d2c30080d2e40080d2020000d4000028d5008008d50000659e000008d5002cc09a0000009000c8b07e000008d5007008d5"}}, @code={0xa, 0x84, {"60858bd20060b0f2a10080d2420180d2830180d2840180d2020000d40020005e000008d5008008d5000008d5409489d20080b8f2810180d2820180d2830080d2040180d2020000d4007008d5a0c896d200e0b0f2a10080d2e20180d2630180d2840080d2020000d4bf2003d5000008d5"}}, @svc={0x122, 0x40, {0x0, [0x6, 0x7, 0x7, 0x1, 0x8]}}, @svc={0x122, 0x40, {0xc400000d, [0x2, 0x9d6, 0x5, 0x2, 0x8000000000000001]}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x263}}, @memwrite={0x6e, 0x30, @generic={0x2, 0x1ef, 0x9}}, @irq_setup={0x46, 0x18, {0x2, 0x12a}}, @smc={0x1e, 0x40, {0x84000002, [0x7f, 0x2, 0xfffffffffffffffd, 0x1000, 0x200]}}, @mrs={0xbe, 0x18, {0x603000000013e6c2}}, @mrs={0xbe, 0x18, {0xc06000000027c114}}], 0x378}, &(0x7f00000005c0)=[@featur2={0x1, 0x82}], 0x1)
munmap(&(0x7f0000c7c000/0x3000)=nil, 0x3000)
r4 = eventfd2(0x417, 0x0)
close(r4)
syz_kvm_add_vcpu$arm64(r1, &(0x7f00000007c0)={0x0, &(0x7f0000000600)=[@irq_setup={0x46, 0x18, {0x0, 0x334}}, @svc={0x122, 0x40, {0xc4000053, [0x1, 0x2, 0x7ff, 0x3, 0xffffffffffffff01]}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x36c}}, @svc={0x122, 0x40, {0x42000000, [0x2, 0xdeb, 0x2, 0x3, 0x1]}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x318}}, @eret={0xe6, 0x18, 0x583c}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x199}}, @eret={0xe6, 0x18, 0x2}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xffd0, 0x80}}, @mrs={0xbe, 0x18, {0x6030000000138037}}], 0x188}, &(0x7f0000000800)=[@featur2={0x1, 0x20}], 0x1)
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000840)={0x2})
ioctl$KVM_GET_API_VERSION(r2, 0xae00, 0x0)
munmap(&(0x7f0000e2e000/0x4000)=nil, 0x4000)
r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x34)
r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4360ae82, &(0x7f0000000880)={[0x1, 0x4, 0xfffffffffffffffd, 0x85bc, 0x1, 0x8, 0x1, 0x7, 0xc2a, 0x10001, 0x8, 0x4, 0x9, 0x5, 0x200, 0x6], 0xeeee8000, 0x70484})
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000940)={0x10201, 0x3, 0x6000, 0x1000, &(0x7f0000f22000/0x1000)=nil})
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000980)={0x4, 0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000a00)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f00000009c0)={0x3, 0xb, 0x1}})
syz_kvm_setup_cpu$arm64(r0, r6, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000c80)=[{0x0, &(0x7f0000000a40)=[@eret={0xe6, 0x18, 0x6}, @svc={0x122, 0x40, {0x6000000, [0x1, 0xdad, 0xb, 0x0, 0x7]}}, @eret={0xe6, 0x18, 0x6}, @smc={0x1e, 0x40, {0xb3f11e6676add481, [0x7, 0x8, 0xb, 0x8, 0x2]}}, @msr={0x14, 0x20, {0x603000000013e609, 0xfffffffffffffffd}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x13b}}, @its_send_cmd={0xaa, 0x28, {0x0, 0x1, 0x3, 0x7, 0x2, 0xa}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x400, 0x9, 0x1}}, @smc={0x1e, 0x40, {0x8400000e, [0x4, 0x499, 0xffffffff, 0x9a2c, 0x600]}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x4, 0x8, 0x9, 0x8, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x0, 0x1, 0x7, 0x0, 0x2}}, @msr={0x14, 0x20, {0x603000000013dce3, 0xfffffffffffffff9}}, @eret={0xe6, 0x18, 0x2}, @mrs={0xbe, 0x18, {0x6030000000131a02}}], 0x230}], 0x1, 0x0, &(0x7f0000000cc0)=[@featur1={0x1, 0xc0}], 0x1)
ioctl$KVM_CREATE_GUEST_MEMFD(r5, 0xc040aed4, &(0x7f0000000d00)={0xb, 0xa2})
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000000d40)={0x101ff, 0x0, &(0x7f0000feb000/0x1000)=nil})
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x6)
syz_kvm_vgic_v3_setup(r7, 0x0, 0x0)
syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000fc0)={0x0, &(0x7f0000000d80)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xe00, 0x2, 0x2}}, @uexit={0x0, 0x18, 0x101}, @irq_setup={0x46, 0x18, {0x4, 0x2bf}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x18d}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x4, 0x3, 0x1, 0x7f, 0x4}}, @svc={0x122, 0x40, {0x31000000, [0xfff, 0x2, 0x8, 0x7, 0x7fff]}}, @mrs={0xbe, 0x18, {0x603000000013deb2}}, @memwrite={0x6e, 0x30, @generic={0x8080000, 0x5f, 0x7, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013e080}}, @svc={0x122, 0x40, {0x80008000, [0xfffffffffffffff8, 0xf2, 0x81, 0x7f, 0x102f]}}, @mrs={0xbe, 0x18, {0x603000000013e304}}, @uexit={0x0, 0x18, 0x1}, @msr={0x14, 0x20, {0x6030000000138046, 0x10}}, @memwrite={0x6e, 0x30, @generic={0x10001, 0x4f0, 0xbd1, 0x2}}], 0x210}, &(0x7f0000001000)=[@featur1={0x1, 0x4}], 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000001040), 0x2, 0x0)

27m35.578171536s ago: executing program 0 (id=335):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, 0xffffffffffffffff)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x3)
r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000040)=@arm64_fw={0x6030000000160003, &(0x7f0000000000)=0x8})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x9)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
close(r9)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000240)=@arm64_ccsidr={0x6020000000110005, &(0x7f00000001c0)})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04)
r12 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r11, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)

27m26.375833382s ago: executing program 1 (id=336):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x300, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x300, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x28)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r2, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x2012, r3, 0x40000)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = eventfd2(0xffff10c0, 0x801)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000100)={0xf09, 0x8080000, 0x0, r6})
syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) (async)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x34)
syz_kvm_vgic_v3_setup(r8, 0x1, 0x100)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r9 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1) (async)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) (async)
r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r11, 0x3, 0x11, r10, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r11, 0x3, 0x11, r10, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x200, 0x0) (async)
openat$kvm(0xffffffffffffff9c, 0x0, 0x200, 0x0)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x0, 0x0)
close(0x4) (async)
close(0x4)
close(0x5)
mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, 0x0, 0x2000003, 0x11, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, 0x0, 0x2000003, 0x11, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1) (async)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)

27m22.816858346s ago: executing program 0 (id=337):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CLEAR_DIRTY_LOG(r3, 0xc018aec0, &(0x7f0000000000)={0x1, 0x300, 0x2c0, 0x0}) (async)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r1, 0x4068aea3, &(0x7f0000000180))

26m40.033395346s ago: executing program 32 (id=336):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x300, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x300, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x28)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r2, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x2012, r3, 0x40000)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = eventfd2(0xffff10c0, 0x801)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000100)={0xf09, 0x8080000, 0x0, r6})
syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) (async)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x34)
syz_kvm_vgic_v3_setup(r8, 0x1, 0x100)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r9 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1) (async)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) (async)
r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r11, 0x3, 0x11, r10, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r11, 0x3, 0x11, r10, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x200, 0x0) (async)
openat$kvm(0xffffffffffffff9c, 0x0, 0x200, 0x0)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x0, 0x0)
close(0x4) (async)
close(0x4)
close(0x5)
mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, 0x0, 0x2000003, 0x11, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, 0x0, 0x2000003, 0x11, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1) (async)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)

26m36.048020155s ago: executing program 33 (id=337):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CLEAR_DIRTY_LOG(r3, 0xc018aec0, &(0x7f0000000000)={0x1, 0x300, 0x2c0, 0x0}) (async)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r1, 0x4068aea3, &(0x7f0000000180))

19m21.759839304s ago: executing program 2 (id=356):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r1, 0x4068aea3, &(0x7f00000000c0)={0xa8, 0x0, 0x3})
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x20)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000a67000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000240), 0x22ac2, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000100)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080700})
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000080)=@arm64_core={0x6030000000100032, &(0x7f0000000040)=0x40})
r10 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x280000a, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_RESET_DIRTY_RINGS(r4, 0xaec7)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x3)
ioctl$KVM_GET_API_VERSION(r11, 0xae00, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r13, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18})
ioctl$KVM_ARM_VCPU_FINALIZE(r13, 0x4004aec2, &(0x7f0000000180)=0x4)
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f0000000100)=@arm64_sve_vls={0x606000000015ffff, &(0x7f00000000c0)=0x80000001})
openat$kvm(0x0, &(0x7f0000000040), 0x125b02, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r2, 0x4004ae8b, &(0x7f0000000280)={0x1000, "7c57bdd78e1d0aaa572f074e6a93125bf3ca6b717e86020614290b48e301e39612cc4bb2c9c9872b43e366aed95ec11f14e23d3462ac4ecc40d05fe155b276ef0335569d313b5ef01b315ea442d257a36a1353aaf29d8707ca85bbe8d3d0dc253b2b04bf5856e62b7b13c608a88e7c22e938d21e22c82ce11e17a4b958e1c88d753020b318950c97b86c216c6663328937c0a04151f2aa086040aca4bd8c05eaa8c4f2634d602c39acd776b4ebdda00ee30795428b73944883ec28d117c1a604551e23fd0309a9bf387af35a285f1bea762e45576118b020c796bbd6856285e01d39430390d67db479478f22d684a86f72d400dfc27af26f96270abbfd8df3d156e2a0c1204d81cbf406e087c8e4ade2735dd7c7587ae66e0085a8d6ae43dfbedc86c8db06b6432ff7e974623dd91e840f0060233d7e57975ce3ad05685b6998ff21db7676691dcfbce5db3eec77f76e30941cf74cda797ba302bd7f5b68f7cce7939057f9b0592aae4a65f175ff0eb8d628c71f9009f1a94076793bb94569bde4e69208a8e069a50051b339d4a7327a2bc33b516e0c3efc9bb626c330f8a25c7a82bab5632fc19ee3b61fe2a11425a50ac56f3adfc86d56d0565e88eddeb4be313aa20570c09103264bd6beb86249c777bae0db775c4f6238b8044998c37eb421ffcce4584d8d20b8f93598096700cfc7fee44f45b3040482fa071d29686670c11250e0b998d8ebab3dd9967afd9d70f1bb46c00ec5ac19af296b030acb1d506c7891a435b06db8a95e860c22a6545957276bb44eb35fd4b265257b71b3958093dcb74aad1157650c2759ccfe61ebe7ecffe15aa10b06e0e4efca2e8c23c074c5ed6baa145684d1abaa5127136ec4eb9653050fddfbb66d54b99248f35996208521db91e81835358ca725539a7a657da0221bf5b4f6adaa755f3308eb4a9636af82606d8ccdfd5a2ef95b6995889c0d6fcd2cad52ea378c249f9ef3b37d3961d00f85c891c6f3e96a975f061769009df60358c4cd9da1af1aca052ea081efbef7986ef97083f307ce59246bacca4cb675c2411dd70356ed61649ef3250e51a893b96132af71ecb1dcf9aff3faca7649785754dc544ee05bd7d30ef0582101f38e15b94acab784e494a383936225b5937eb2cff3bde6d1344e64340c6fa88772939b2afc8bcb67d91b4187fbff1922075593bc79c4a080ed8c17e3565af13342c98dc001a822d6fbe7c5769213390633d19db5c325fbc585565381ff6bf22da0715f2f0bc5212bae56c81ccf2211dea521e645191040af91183aac8dae0412649e7b98925ed2c6698f519d1f7fe3b9c6cbcc79ac480548a05deb79b6d28d5584a10024265eab15e5d68a9014f2c2360f89982e15d18370335fe4d2184c8027e584890c00a43643a101ce03dad5d3fb1a8233e9dd06af808fbef41d55644f27c6383078a44d99a239a4804740074bb35c6e03f441fa1dc8bd083a829cd1af88a7831a5cc49ce55106a7ad92c752a1e879ad6ff030a61a19bd9d98ec1b56e1dad7934a9728404a06892e83fd3d736f784f7077ea6faf90cfead3235eb164658ae41aa57475129c8b2b2b65ae5e54f76225fd104ecfc7543c862452c9815e308a73ab6341ea7392b46ee3dd60a3a6bf4c84c7dd147dbf25f5de137b438d82b7927182d830f32a67a5bcb87107aaef9aebff647fd6399d65b2ab585a802a433f577fb336768e03ccd7f44bae128c259678ecd7a60f02211419699f68d3846d88e2bb31652a172d06b8fddb85376d92b1fec7079f7ec1f752e1b90034d6ef256c09ab9de2a176aa0309ae88195eb3dd005c969365ddca8f8525c7d94273fbbd40ac846bf3cb8607ee06325468419a05d24c7fabdcde29623d956cd1addc32484260e0121c6961b49a22e817c10498e6a3974f99d4686e2b963867eecd77224cc4180c09d1aa9ae19c41abe48316587bdaaf023b6e82c8c4f2f863ff3956067f56eaf13bb75a19874c39d029a8e62ca613c408267a56fed145c602d217e9cf4c2e32df20f2d99f4827fe111f9b7742a7a4bfe7043e51f494aa5531d49cc8619c23dcb48d25817e5c74619a70cfed94644973291d68fa9c89c9512e47ccae7d7f5236ea4b06b2d5244dc37031bb38f5954b2e04a1777e3a57dd97d0378712e671a5159d43a031dd93bdbc700b9e5455d2de32d577168fe97cf3a3669902d030403285fd97b88b3b76a46afc516a5666bdf450361d99099d097722661727818d1b2db7d108b7dd8360a5df963ad587b105445de214fcf96f103429e0dc341668e80e69d07f1179b607ced0dce8350d7e6e0021860ffe13a4b8a9594ae6671fe8070482331d97331eae15f9a0109200a9a868d098602be80133a009d66916c43d0d80ea5753bda39749d7cef586cf555d3fc57da2570b62892f1811d2347e4ddca83288d98d78b3649120d6809782fa1d59fe48d9c5dbf448d299fa86ed39514bc4eebd1e8d5f536e2e3d38350ba870553dcbd7fec7608471fa192bd7ec7549baad28bdb0dcd16aa8a2fc9a50423e3202805ca5791d19dacf43466914ca8bc897952a5ee60beea493b653e7ef15ac8ef5c6b81e5ca4a7baad50900e0a6524eec4efa0af819c47b136a4c274fdeb4e94143f19f4bf718778d4d6415edfcb10c4ac1e0feffac5b572a4721ae3b2fa3be7f46944a5fd355cdc083b2d95a91f5c30cbbe1b848c7adb841a93bfdcadb3270125bb54842e0ffcc1955c4382cb4decc549eb0949e2b5ca8d9c9b558820986dafabe1a5d0842bbc2cce2d823fbcc2fdf2a12258d1867401a6432571c4f6554bd7c9b75735c3480f4178578a83d6baed887a7344ef83911ff47b940c69242ed365f85e88f7e399e35e24b3f5400a4df577bd836fabf7f0a1ffcd99f92b4b7364b8f15f6d0fc1ee2ec6fe53f82e6eed0a9fce255d11329e9e973643a4e0d9e4b71f2de108537c4e068a2e5d07812fbcc4290d48fda26a63577cdffa13013fc59d1a84101da450f81a8208143c92ac85fe3506b955b6375fa3640c9292b2697e1f66978b50e46610559fee9816807cb4cb6b2727ee423cb5c09853aca62ae71476c2edbf0f52a22683788e92b526f3d434b51c5273268de6ec80213a3cdabca0d59ecb8e48eb5edfaf399ed1c5366555afd697b94a754f96a472339dfe5e28f2cf7b60a143dfe08487a65eec7fbbab5d7434dfce3a8b535b7b2ef08d512a9469ba9731e344dd50af7921271c9ee2d23af311737949df4ba03c7aa7fc81eac6daa252b78200110203522b2ee5aacb60c9c0406023e7469c3aa292571e2979c5f0e727f8cd6e37d60d93e76ad03d2acd133502e41c9e27e0dba274b86c953d8dd72d1967d920fb6acae7c977f825eaedb50f57c7accdcd802163c22405ae8cd4eab701b6625fced4503972a852fba77cf547b7fbc1ea36f054b5e955428005952843c131e0464be7e3706de8e4bab08f0b023bb18d6e91eee9d7ba1c5007b211426948f436463297145fc15663991ca5cd6482bcdb7e43b1145154abb8b47830a13da33fdb5e48aaac72adae6132a87e84229a3a7c26cf59bb09a2391dc92c6ed35e9aef3452689a4f1c108b34101c78802e03833a2c27921a3d15bc7da5bf7b40e99ef21849cd0b07cc0ba8293b3eadc4cd44740f53878604a99650a0aaa021aba18af7b859ab8fac7c1ae9e2a2ff33b379629b3cbcf2c8f6020e7c76396159a1792e606d1382c1c439c628aeaca08a824fea9cd68417ec0ccab4627024705e526d00b634bc8fbcaee762161d331c79df8a86261374916d73e76fb54c33d58c3315749803156785f7dee3465dc3afc2595250092f83b1ae3e604f68fbe5fa762c26864bcf32bf8a086ce0ce58e3b33710776f0249ed7e913a796b54e915039ac433fc0e0dc0e45406b340ecc239312cfc0c64cb2e1e9afe6b44c65a548b19bcf547105a49cec8f5dc349735ef43bc01a3887bec625adf4e87d03e4bc70eccbc4e1ffa92cb258b064253dce782b30a142a1680573d8d9963b07a00a8a68864307d402ee5b7ee340b0eab0783d05c55fe96e080583243ac070ada6da83a0d3669ed4baa45df190da241172a2a1a590c9c4db3eca7a94c5f22fd3fe1c2a998737a2cd5076c9de8871b3f37f99a0c3c843a1e92ce249e7b58c95e413f813f96f90d61068353954a4a9f015a523ff37700e9c236f990372bf542276b974fdb9a5087ef73b92a292aed7c9507d7488de6d3b08584ee33189db2e0edcb91e57ce5b79eef112ed26118c1cecaac21bd509092f8e17b2ebdf943b13909ef08826cc8cf596fbd3e451179057e6fd82caa14051a25be30f99ec8dabcb2cd9651e73ca155fe6aeb7cb23294f1f4ad4926a2e4e3b39921d1dcd5100ed79f5796ff959cfae4ab51cd565bb5863845d65d2862db4e07e953187aaa0c8748f014b0e5254cfccb285d30d0b5aa9adefb231a65a1b85786b797f1cee47206ac27e057d4a7d0dad44d85eba605f0775866ef09e70bfee8463747704a17c0246e8cc4d5889945ad5d30dca88a877d4a0a0446792b22233fc9ac86c3a2c010871241a210d7c87955d1a262f09767a4b9ecba7cee9345fc7b24d3d7d91090af4117f9464a69486dfe44251d863b23efa75961c84fe1ae19995f972876384146f38634b63a626ef0251cc60e551432d260c9a818ed3666451c8a28acc0c76dc8c22743debf4028900f7c474c457bc8d08764c41ead65aacbefd96676daeec69fb1262b6d189d0fb8e77d78cd1ddfe996f562de539782c1cecd27e1b8b69884795084a3899db77dedf50bfc306472c478d57d2524ace5d46909fd6eb1d81c330f8ae865cc62662daf8514d4d79283990afd0dee7bbc3e565bdaeefe630542e39389db08e0f0b28e946319c37876560205f4307d38cc5958f59babf3105c01bccb2a5115dfb322662f5aa8b7f8310981da1d2a5458cc3bf22186f11e564f9741b403dceaf95db13dde6ff651a8df46ad78365c563140e47685f13963b7ecaada9f4871b8a208d0214412a7c19daccace8c9193878f087956e6f10fdefc08e64b5dc8a2f114b03d110096a4799b65ebf198b63ebd4ab607ce0e63bf02cc3a79946683685290b093e28f838ec978a4ac50de617ff0d88fd6eda04ae05ef4fcdbd82d472e6cce5c1aef8a9d27979ef6fbaafd7fcef37cb647cc83081bc92c2a023b9f34874abc76932276bf08685a2e8b4fc8017e96aff2054a10631f36a5b36894a8e19d64847b51da51408640ccba60f869cbcfb16509528edd9b4c6cdbf32063894ee4442d1df1a555c0c40823e112ab57a92575304554dbbdb51140a8c6157b8886450aab2d740bccf6d3760afc5588b80c6accf3e069b02624a73ec2f2f606d2e7c3212cb9d92a24e321150c42732824aa4db732cd2af4610ebf2e843f6cda569fd2359767d1f3abb89472cf936f8a054a821fe0a7f5398d25697c53acf69a33afb08507b4fe74cd5388dd88075d683bc0e431a1725eac7cef1ab73fb0e6f2436495362a3bfdc713bd10efb4082eae38f6f0475904c2600b14c6d3576664c46c25c2acb2bdded7dcff4f670fa7f3d3c204f9a6f821205f124f257e4248f42b00ee2decaf4c02bd328edcec54849cfe890bbff0fc073d20a878213ff6653eda49ee6f594f1d874083e8987dd04db79838067309f113f15baf532f75e140142236400ff1d796720460d289e8d22c5f20789675c0c7e984d0e5bbf4377c4de0e81193154abca66ffd133fe71fb419f4fcfb0364fbed8512cfc5d0d632720dff3e5275bf2c"})

19m13.806426127s ago: executing program 3 (id=357):
r0 = eventfd2(0xfffffffa, 0x80001)
write$eventfd(r0, 0x0, 0x0) (async)
write$eventfd(r0, 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2c)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x90)

19m5.855436029s ago: executing program 2 (id=358):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0xc0980, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1e)
close(r2)

19m1.926129494s ago: executing program 3 (id=359):
r0 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x0, 0x1, 0x4000010, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000000)="fc2fc0cae24b8f63fef8aac54f931f616c088f35324b8ecda7becbb54b5e39754860431e497c835af281e6d5dfd8e3c8fa32cc95651096af32f60fef2c12173870d44aa2008ca416", 0x0, 0x48)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x32)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000500)=[{0x0, &(0x7f0000000080)=[@uexit={0x0, 0x18, 0x3}, @code={0xa, 0x9c, {"0040611ea01987d20040b8f2e10180d2820180d2830080d2040180d2020000d4007008d50000c03800638bd200c0b0f2610080d2c20180d2430080d2040180d2020000d40040206e007008d50000206bc07992d20000b8f2a10080d2020180d2630080d2e40080d2020000d480af94d20000b0f2e10080d2e20080d2c30080d2e40180d2020000d4"}}, @msr={0x14, 0x20, {0x0, 0x8000000000000001}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x209}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x2, 0x8, 0x4, 0x10001, 0x2}}, @its_setup={0x82, 0x28, {0x4, 0x3, 0x347}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe4, 0x6}}, @its_send_cmd={0xaa, 0x28, {0x1fa42f188aff3911, 0x0, 0x1, 0x3, 0x0, 0x1, 0x1}}, @irq_setup={0x46, 0x18, {0x4, 0x5}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x359}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x180}}, @code={0xa, 0xcc, {"007008d50040c01aa0618bd200a0b8f2210180d2620080d2a30180d2640180d2020000d4008008d5600794d200c0b0f2010180d2020180d2230080d2240080d2020000d420e09bd20020b8f2010080d2220180d2a30180d2240180d2020000d400a8a17e60c885d20040b0f2410080d2820080d2030180d2040180d2020000d4e0d48cd20080b8f2210180d2c20180d2430080d2640080d2020000d400fa95d20000b0f2010180d2620180d2c30080d2440180d2020000d4"}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x20020, 0x2}}, @code={0xa, 0x84, {"000000ea0004000f007008d5000028d5000008d50028201e008008d520b48fd200a0b8f2e10180d2220180d2630080d2840180d2020000d4603681d200a0b0f2010180d2c20180d2830080d2840180d2020000d4c0de83d20000b0f2810180d2220080d2230180d2e40080d2020000d4"}}, @mrs={0xbe, 0x18, {0x603000000013fdd0}}, @irq_setup={0x46, 0x18, {0x1, 0xab}}, @mrs={0xbe, 0x18, {0x603000000013df60}}, @eret={0xe6, 0x18, 0x100}, @irq_setup={0x46, 0x18, {0x3, 0x244}}, @uexit={0x0, 0x18, 0x4}, @eret={0xe6, 0x18, 0x3}, @eret={0xe6, 0x18}], 0x44c}], 0x1, 0x0, &(0x7f0000000540)=[@featur2={0x1, 0x3}], 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000580)={0x2710, 0x6, 0x1, 0x2000, &(0x7f0000f00000/0x2000)=nil})
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000600)=@arm64_sys={0x603000000013df4a, &(0x7f00000005c0)=0x6})
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000f45000/0x1000)=nil, r3, 0x4, 0x40010, r4, 0x0)
close(r4)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000640)=0x8)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r5, 0x4004ae99, &(0x7f0000000680)=0x7)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f00000006c0)={0x101ff, 0x0, 0x1000, 0x1000, &(0x7f0000d90000/0x1000)=nil, 0x0, r5})
r6 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000780)={0x3, 0x4, 0x8000000, 0x1000, &(0x7f0000c1a000/0x1000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000800)=@arm64_extra={0x603000000013c023, &(0x7f00000007c0)=0xffffffffffff0000})
r8 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000b40)={0x0, &(0x7f0000000840)=[@mrs={0xbe, 0x18, {0x603000000013e601}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x0, 0x4, 0xa60, 0x2, 0x3}}, @hvc={0x32, 0x40, {0x0, [0x7, 0x5, 0x3, 0x1, 0x5]}}, @uexit={0x0, 0x18, 0x6}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x144}}, @mrs={0xbe, 0x18, {0x4fa2bbf9c6869f1}}, @uexit={0x0, 0x18, 0x5fc}, @hvc={0x32, 0x40, {0xc4000014, [0x7, 0xa, 0x3, 0x80, 0x8001]}}, @irq_setup={0x46, 0x18, {0x4, 0x37e}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1a00, 0x2, 0x8}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x92}}, @irq_setup={0x46, 0x18, {0x4, 0x3aa}}, @mrs={0xbe, 0x18, {0x603000000013806d}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x9, 0x4, 0xb, 0x0, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x4, 0x5, 0x4, 0x9, 0x3}}, @irq_setup={0x46, 0x18, {0x1, 0xe9}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0xb4, 0x1, 0x2}}, @irq_setup={0x46, 0x18, {0x4, 0x2b8}}, @uexit={0x0, 0x18, 0x3eb3}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x4, 0xd, 0x8, 0x81}}, @mrs={0xbe, 0x18, {0x603000000013da20}}, @irq_setup={0x46, 0x18, {0x3, 0xc1}}], 0x2f0}, &(0x7f0000000b80)=[@featur1={0x1, 0x10}], 0x1)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r9, 0x4018aee2, &(0x7f0000000c00)=@attr_irq_timer={0x0, 0x1, 0x0, &(0x7f0000000bc0)=0x1e})
ioctl$KVM_ARM_PREFERRED_TARGET(r9, 0x8020aeaf, &(0x7f0000000c40))
munmap(&(0x7f0000c45000/0x2000)=nil, 0x2000)
ioctl$KVM_GET_REG_LIST(r9, 0xc008aeb0, &(0x7f0000000c80)={0x6, [0x4b48a354, 0x8, 0x6, 0xa529, 0x3, 0x5]})
ioctl$KVM_ARM_VCPU_FINALIZE(r6, 0x4004aec2, &(0x7f0000000cc0)=0x4)
r10 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000001040)={0x0, &(0x7f0000000d00)=[@smc={0x1e, 0x40, {0x84000051, [0x8001, 0x1, 0x9, 0x9, 0x5]}}, @memwrite={0x6e, 0x30, @generic={0xf000, 0x81, 0x200, 0x3}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x4, 0xb, 0x96, 0x1, 0x4}}, @hvc={0x32, 0x40, {0x84000012, [0x7f, 0x8, 0xfffffffffffffff9, 0x4a, 0x80000001]}}, @uexit={0x0, 0x18, 0x7}, @uexit={0x0, 0x18, 0x7fffffff}, @svc={0x122, 0x40, {0x2000, [0x9, 0xb96, 0x1000, 0x7, 0x9]}}, @mrs={0xbe, 0x18, {0x603000000013df7e}}, @eret={0xe6, 0x18, 0x1}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x10, 0x8000000000000000, 0x9}}, @smc={0x1e, 0x40, {0x84000013, [0x985c, 0x7, 0x4, 0x59d, 0x4]}}, @code={0xa, 0x9c, {"007008d50070c00ce0b596d200a0b8f2e10180d2e20180d2830180d2240180d2020000d4007008d560729ed20040b8f2410080d2c20180d2e30180d2840080d2020000d4a06a94d200e0b0f2210180d2c20080d2030080d2c40080d2020000d4007008d560ae82d20040b0f2410080d2620080d2430080d2a40080d2020000d4007008d5007008d5"}}, @hvc={0x32, 0x40, {0xc5000021, [0x5, 0x3, 0x4, 0x100000001, 0x400]}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x399}}, @uexit={0x0, 0x18, 0xfffffffffffffffe}, @mrs={0xbe, 0x18, {0x50280000001a1e9b}}], 0x31c}, &(0x7f0000001080)=[@featur2={0x1, 0x32}], 0x1)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_DIRTY_TLB(r7, 0x4010aeaa, &(0x7f00000010c0)={0x401, 0x7})

18m56.846903525s ago: executing program 2 (id=360):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000240)=0x1000008080000})
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r6, 0x0) (async)
r7 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r6, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x101300, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) (async)
syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r11, 0xae03, 0x90) (async)
ioctl$KVM_CHECK_EXTENSION_VM(r11, 0xae03, 0x90)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000100)={0x7}) (async)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000100)={0x7, <r12=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x2, &(0x7f0000000280)=0x400000080a0000})
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x401c5820, &(0x7f00000000c0)=@attr_other={0x0, 0x8dc, 0xfffffffffffffffd, 0x0})

18m53.088416972s ago: executing program 3 (id=361):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x40000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="be00000000000000180000000000000001c8"], 0x18}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r4, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0x40086602, 0x110e22ffff)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)
r6 = eventfd2(0xfffffffa, 0x80001)
write$eventfd(r6, &(0x7f0000000200)=0x8, 0x8)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="37d3116035d7513e9a000200018000", 0x0, 0x43)
ioctl$KVM_CHECK_EXTENSION(r5, 0x40086602, 0x110e227ffe)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x28)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_cpu$arm64(r8, r10, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f00000005c0)=[@irq_setup={0x46, 0x18, {0x2, 0x80}}, @svc={0x122, 0x40, {0x6400ffea, [0x7ff, 0x80, 0x3, 0xcc, 0xd]}}, @hvc={0x32, 0x40, {0x6000000, [0x0, 0x78f7, 0x8, 0x3, 0x9]}}, @smc={0x1e, 0x40, {0x84000009, [0x5, 0x10, 0xd7f, 0x1000, 0x5]}}, @irq_setup={0x46, 0x18, {0x0, 0x5a}}, @mrs={0xbe, 0x18, {0x6030000000139828}}, @msr={0x14, 0x20, {0x603000000013c085, 0x100000001}}, @hvc={0x32, 0x40, {0x8400000b, [0x4, 0x8, 0x6, 0x6, 0xdd]}}, @mrs={0xbe, 0x18, {0x77fe}}], 0x180}], 0x1, 0x0, 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)

18m38.498805351s ago: executing program 2 (id=362):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r1, 0x4004ae8b, &(0x7f0000000380)=ANY=[@ANYBLOB='\b\x00'])

18m37.21442485s ago: executing program 3 (id=363):
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1b)
syz_kvm_vgic_v3_setup(r1, 0x4, 0x200)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x9, 0xffffffffffffffff, 0x1})
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000040)={0x2, 0x10})
syz_kvm_setup_cpu$arm64(r1, r0, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000440)=[{0x0, &(0x7f0000000080)=[@code={0xa, 0x9c, {"0024002f000028d5007008d5008008d5000028d520f598d20040b8f2e10080d2a20080d2030180d2440180d2020000d400ce9dd200a0b0f2010180d2820180d2a30080d2640180d2020000d4007008d5801e9fd200e0b8f2a10080d2020180d2e30080d2840180d2020000d4e0c48ad20000b8f2210180d2a20080d2a30180d2e40180d2020000d4"}}, @svc={0x122, 0x40, {0x84000012, [0x9, 0x3, 0x8000000000000000, 0x0, 0x4]}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x3, 0x6, 0x2, 0x1e0, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe4, 0x79, 0x4}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x1c8}}, @msr={0x14, 0x20, {0x603000000013e664, 0x1}}, @hvc={0x32, 0x40, {0x80008000, [0x8, 0xfffffffffffffff9, 0x94e, 0x10, 0xfffffffffffffffb]}}, @uexit={0x0, 0x18, 0x1000}, @eret={0xe6, 0x18, 0x3}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x3, 0x2, 0x1, 0x8, 0x2}}, @code={0xa, 0x9c, {"007008d5406090d200e0b8f2210180d2e20080d2e30080d2c40180d2020000d4403b86d200c0b8f2010080d2a20080d2c30180d2440180d2020000d4a09a93d20060b8f2e10180d2620080d2e30180d2e40080d2020000d4000080da000028d5e0e19bd20040b0f2410080d2820180d2830180d2240180d2020000d40070200e00b0204e000008d5"}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x2ff}}, @hvc={0x32, 0x40, {0x80, [0xd8, 0x7, 0x10001, 0x1, 0x10]}}, @eret={0xe6, 0x18, 0x401}, @mrs={0xbe, 0x18, {0x6030000000138034}}, @smc={0x1e, 0x40, {0x7, [0x10000, 0xad, 0x2, 0x2, 0x7]}}], 0x388}], 0x1, 0x0, &(0x7f0000000480)=[@featur2={0x1, 0x8}], 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f00000004c0)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x7fff})
munmap(&(0x7f0000dfd000/0x4000)=nil, 0x4000)
close(r1)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000500)={0x8, 0x4})
ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000540)={0xc0, 0x0, 0x24000})
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f00000005c0)={0xffffff80, 0x80000001})
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x39)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000600)={0x10001, 0x4, 0x10000, 0x2000, &(0x7f0000db0000/0x2000)=nil})
r4 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x26)
ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000000640)=0x1)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000ac0)=[{0x0, &(0x7f0000000680)=[@msr={0x14, 0x20, {0x603000000013e66d, 0x800}}, @code={0xa, 0x6c, {"000008d500000079000028d520fa9cd20080b8f2c10180d2a20080d2c30080d2e40180d2020000d4007008d5000008d5c0c68ed20020b8f2e10080d2a20180d2a30180d2240180d2020000d4007008d50040601e008008d5"}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x1, 0x3, 0x3, 0x101, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x4, 0x5, 0x7fffffff, 0xe1, 0x1}}, @eret={0xe6, 0x18}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x2f0}}, @msr={0x14, 0x20, {0x603000000013f099, 0xffffffffffffffff}}, @eret={0xe6, 0x18, 0x1}, @mrs={0xbe, 0x18, {0x603000000013debd}}, @mrs={0xbe, 0x18, {0x603000000013d921}}, @hvc={0x32, 0x40, {0x2000, [0xfffffffffffffffe, 0x9, 0x8, 0x100000000, 0x1]}}, @msr={0x14, 0x20, {0x603000000013c684, 0xe}}, @mrs={0xbe, 0x18, {0x603000000013e6cf}}, @hvc={0x32, 0x40, {0xc5000021, [0x4, 0x0, 0x10000, 0x7fca, 0x7]}}, @irq_setup={0x46, 0x18, {0x0, 0x371}}, @hvc={0x32, 0x40, {0xc4000003, [0x5, 0x57, 0xfffffffffffff001, 0x33a, 0x8a]}}, @msr={0x14, 0x20, {0x603000000013c660, 0x101}}, @mrs={0xbe, 0x18, {0x603000000013c602}}, @memwrite={0x6e, 0x30, @generic={0x6000, 0x5e2, 0x7, 0xa}}, @hvc={0x32, 0x40, {0xc4000014, [0x3, 0x0, 0x5, 0x200, 0x5]}}, @mrs={0xbe, 0x18, {0x603000000013e520}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x850, 0xfff, 0xb}}, @smc={0x1e, 0x40, {0x84000005, [0x2, 0x97f4, 0x2, 0x7e6, 0x3]}}, @mrs={0xbe, 0x18, {0x6030000000138010}}, @smc={0x1e, 0x40, {0xc5000020, [0x7989a8d5, 0xab, 0x74e3, 0x1]}}], 0x41c}], 0x1, 0x0, &(0x7f0000000b00)=[@featur2], 0x1)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000b40)={0x100000, 0x191000})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000b80)={0x10001, 0x1, 0x2, 0x1000, &(0x7f0000d15000/0x1000)=nil})
ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000000bc0)={0x3, 0x0, &(0x7f0000ce5000/0xb000)=nil})
r6 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x13)
close(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000c00)={0x10001, 0x2, 0x10000, 0x1000, &(0x7f0000f28000/0x1000)=nil})
ioctl$KVM_CAP_ARM_MTE(r5, 0x4068aea3, &(0x7f0000000c40))
ioctl$KVM_CAP_ARM_USER_IRQ(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000cc0))
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000001000)={0x0, &(0x7f0000000d40)=[@msr={0x14, 0x20, {0x603000000013c665, 0xfe00000000000000}}, @msr={0x14, 0x20, {0x603000000013e6d4, 0x7a}}, @irq_setup={0x46, 0x18, {0x2, 0x285}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x2, 0x8, 0xffff2188, 0xd5}}, @hvc={0x32, 0x40, {0x400, [0x9, 0xfffffffffffffff7, 0x100, 0x1000, 0x9]}}, @mrs={0xbe, 0x18, {0x6030000000138006}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x400, 0x8, 0x9}}, @irq_setup={0x46, 0x18, {0x0, 0x91}}, @msr={0x14, 0x20, {0x603000000013dead, 0x6}}, @msr={0x14, 0x20, {0x3a21, 0x9}}, @memwrite={0x6e, 0x30, @generic={0x100000, 0x85e, 0x6, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013808c}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x9f}}, @code={0xa, 0x6c, {"008008d5000028d5008008d5000008d5206c86d200a0b0f2210080d2e20180d2430180d2e40080d2020000d40028212e804683d20060b8f2c10180d2620180d2c30180d2040080d2020000d4008008d5007008d50098a12e"}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x2, 0x5, 0x9, 0x6}}, @mrs={0xbe, 0x18, {0x603000000013c2a5}}, @mrs={0xbe, 0x18, {0x603000000013e6d0}}], 0x294}, &(0x7f0000001040), 0x1)

18m29.049101894s ago: executing program 2 (id=364):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r5, 0x4018aee2, &(0x7f0000000040)=@attr_set_pmu={0x0, 0x0, 0x3, 0x0})
ioctl$KVM_SET_SIGNAL_MASK(r5, 0x4004ae8b, &(0x7f0000000080)={0x2d, "989d25a083a4455b666b342489a1986a226d2d1dd4646d92fcb032f8fa5e24195a6c752e462c1e05b229daa5bc"})
r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r7 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
r10 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r9, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610f3ff67521cd66f8f1f447d35b20700000000000000000000000100", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xb00f2, 0x0)
r11 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f0000000040)=[@mrs={0xbe, 0x18, {0x603000000013df61}}], 0x18}, &(0x7f0000000000)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r11, 0xae80, 0x0)

18m26.67635967s ago: executing program 3 (id=365):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r1, 0x4068aea3, &(0x7f00000000c0))
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r1, 0x4068aea3, &(0x7f0000000040)={0xe4, 0x0, 0x1000})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r4=>0xffffffffffffffff, 0x1})
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000080)=@arm64_ccsidr={0x6020000000110005, &(0x7f0000000040)=0x2})
ioctl$KVM_CREATE_VM(r4, 0x400454ca, 0xd8ffffffffff0f00)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000000)={0x7, <r11=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r11, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x9, 0xfffffffffffffff9, 0x0})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)

18m11.425958839s ago: executing program 2 (id=366):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2e)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x1b})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x4, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
munmap(&(0x7f0000ca3000/0x4000)=nil, 0x4000)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
close(r8)
ioctl$KVM_SET_GSI_ROUTING(r6, 0x4008ae6a, &(0x7f0000000240)=ANY=[@ANYBLOB="a400"])
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil})

18m8.91404271s ago: executing program 3 (id=367):
openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (rerun: 64)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000140)=@arm64_core={0x6030000000100010, &(0x7f0000000100)=0x2})
openat$kvm(0x0, 0x0, 0x940, 0x0) (async)
openat$kvm(0x0, 0x0, 0x940, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000000340)={0x5}) (async)
ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000000340)={0x5})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0xffffffd3)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x2e0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x422300, 0x0)
r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r11, 0x1000004, 0x4010, 0xffffffffffffffff, 0x0)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r12, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r13, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)

17m24.160438061s ago: executing program 34 (id=366):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2e)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x1b})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x4, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
munmap(&(0x7f0000ca3000/0x4000)=nil, 0x4000)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
close(r8)
ioctl$KVM_SET_GSI_ROUTING(r6, 0x4008ae6a, &(0x7f0000000240)=ANY=[@ANYBLOB="a400"])
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil})

17m18.896281988s ago: executing program 35 (id=367):
openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (rerun: 64)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000140)=@arm64_core={0x6030000000100010, &(0x7f0000000100)=0x2})
openat$kvm(0x0, 0x0, 0x940, 0x0) (async)
openat$kvm(0x0, 0x0, 0x940, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000000340)={0x5}) (async)
ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000000340)={0x5})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0xffffffd3)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x2e0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x422300, 0x0)
r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r11, 0x1000004, 0x4010, 0xffffffffffffffff, 0x0)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r12, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r13, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)

11m6.286980922s ago: executing program 5 (id=369):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x400]}}], 0x40}, 0x0, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r4, 0x3, 0x40b2811, r3, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r1, 0x4068aea3, &(0x7f0000000000))

11m0.866121619s ago: executing program 4 (id=368):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x11, r0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f7c000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r3, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x1000)=nil, r1, 0x1000002, 0x20010, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_GUEST_MEMFD(0xffffffffffffffff, 0xc040aed4, &(0x7f0000000000)={0x1, 0x4})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0xc3033, 0xffffffffffffffff, 0x0)

10m52.742574724s ago: executing program 5 (id=370):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1})
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000140)=@arm64_sys={0x603000000013d801, &(0x7f0000000000)=0x8005})
ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x20000000)

10m49.096507552s ago: executing program 4 (id=371):
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000})
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000080)={0x10004, 0x0, &(0x7f0000c82000/0x4000)=nil})
ioctl$KVM_S390_VCPU_FAULT(0xffffffffffffffff, 0x4008ae52, &(0x7f0000000000)=0x2d5)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28) (async)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000}) (async)
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000080)={0x10004, 0x0, &(0x7f0000c82000/0x4000)=nil}) (async)
ioctl$KVM_S390_VCPU_FAULT(0xffffffffffffffff, 0x4008ae52, &(0x7f0000000000)=0x2d5) (async)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0) (async)

10m40.307750208s ago: executing program 5 (id=372):
r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
ioctl$KVM_CLEAR_DIRTY_LOG(r0, 0xc018aec0, &(0x7f0000000400)={0x1fd, 0x380, 0x300, &(0x7f0000000000)=[0x54, 0x5, 0x9, 0x8001, 0xffffffff, 0x1, 0x9, 0x5, 0x2, 0x8, 0x9, 0xfff, 0x4, 0x8, 0x8, 0x4, 0xdcb, 0x7, 0xd, 0x7, 0x7, 0x5, 0x401, 0x7, 0x1200000, 0xffffffffffffffbc, 0x7, 0x9, 0x9, 0xf, 0x8001, 0x9, 0x1, 0x295f082c, 0x7, 0x0, 0x7, 0x24000000000, 0x100, 0x80000001, 0x799655a5, 0xe1a, 0x100000001, 0x401, 0x800, 0xffffffffffffffff, 0xfffffffffffffffb, 0x2, 0x6, 0x6, 0x3, 0x100000000, 0x8, 0x4e, 0x8, 0x9, 0x9, 0xd, 0xe, 0x22646d97, 0x9, 0x8, 0x6, 0x8000, 0x4, 0x2, 0x4, 0x7f, 0x7, 0x6e2, 0x9, 0x3, 0x7, 0x8, 0x80000001, 0x8, 0x6, 0x3, 0xf, 0x7c4, 0x9, 0x9, 0x2, 0x2, 0x8, 0x11e9, 0x70000000000, 0x7f, 0xe1, 0x5, 0xda, 0x4, 0x2, 0xb722, 0x5, 0x9, 0x0, 0x1, 0x8, 0x77, 0xab, 0x5, 0x3, 0x5, 0x3, 0x3, 0xfffffffffffffffa, 0x40, 0x9, 0x3, 0xfffffffffffffffb, 0x2, 0x8, 0x5, 0x0, 0x1, 0xfffffffffffffffe, 0x4, 0x401, 0x7, 0x4, 0x400, 0x650, 0x7fffffff, 0x9, 0x845, 0x101]})
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r0, 0x4068aea3, &(0x7f0000000440)={0xdf, 0x0, 0xa000})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x16)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r1, 0x4068aea3, &(0x7f00000004c0))
ioctl$KVM_HAS_DEVICE_ATTR_vm(r1, 0x4018aee3, &(0x7f0000000580)=@attr_other={0x0, 0x1, 0x8000000000000001, &(0x7f0000000540)=0xffffffffffffc33f})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
close(r1)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xe)
r4 = ioctl$KVM_GET_STATS_FD_vm(r3, 0xaece)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000600)=@arm64_sve_vls={0x606000000015ffff, &(0x7f00000005c0)=0x8000})
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r4, 0x4068aea3, &(0x7f0000000640)={0xa8, 0x0, 0x2})
ioctl$KVM_CLEAR_DIRTY_LOG(r3, 0xc018aec0, &(0x7f0000000ac0)={0x3, 0xc0, 0x400, &(0x7f00000006c0)=[0x0, 0x10001, 0x3, 0x10a2, 0x7, 0xfb72, 0x8, 0x0, 0x4, 0x8e, 0x7, 0x5, 0xcc91, 0x8, 0x9ab6, 0x400, 0x400, 0x3, 0x9, 0x0, 0x4, 0x2, 0x8, 0xf, 0x9, 0x4, 0x9fa2, 0x555, 0x2, 0x7, 0x9, 0xfff, 0x2, 0x0, 0xd2d6, 0x9, 0x51b0, 0x9, 0x3, 0x100, 0x7, 0x5, 0x5, 0xa, 0x60, 0x4723, 0x80000001, 0x6, 0x3, 0x400, 0x9, 0xf, 0x2, 0x9, 0xe6, 0x1, 0x7, 0xc4e8, 0x81, 0x7, 0x14, 0x7, 0x5de, 0x8, 0x7, 0x7, 0x7, 0x6, 0x9, 0x2, 0x4, 0xfff, 0x19dc0a14, 0x9, 0x5, 0x0, 0xffffffffffffffd3, 0x8000000000000000, 0x7, 0x80000000, 0xe69, 0x4d88, 0x4, 0x9, 0x4, 0x6, 0x1ff, 0x80000001, 0x295, 0x8, 0x80, 0x64, 0x6, 0x98, 0x1, 0x5, 0x7, 0xfff, 0x9, 0x9, 0x771035f7, 0x41, 0x100000001, 0x4, 0x6, 0x7, 0x80, 0x8bd, 0x7, 0x5, 0x100000001, 0x8, 0xc, 0x200, 0x1, 0x19f6, 0x5, 0xd87d, 0x1, 0x101, 0x0, 0x4, 0xfffffffffffffff7, 0x1ff, 0x7, 0xfff, 0x5, 0x2]})
ioctl$KVM_CAP_ARM_MTE(r4, 0x4068aea3, &(0x7f0000000b00))
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r3, 0x4010aeb5, &(0x7f0000000b80)={0x2, 0xee})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000bc0), 0x208001, 0x0)
r5 = ioctl$KVM_GET_STATS_FD_vm(r3, 0xaece)
write$eventfd(r5, &(0x7f0000000c00), 0x8)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000c40)={0x3000, 0x102000})
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000cc0)=@arm64_fp={0x604000000010007a, &(0x7f0000000c80)=0x5})
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r4, 0x4068aea3, &(0x7f0000000d00)={0xa8, 0x0, 0x1})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x8040ae9f, &(0x7f0000000d80)=@arm64)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000dc0), 0x101100, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vm(0xffffffffffffffff, 0x4018aee2, &(0x7f0000000e40)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000e00)={0x3ff, 0x4, 0x1}})
close(r6)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x4000)=nil, r7, 0x1000004, 0x4010, r0, 0x0)

10m36.240299201s ago: executing program 4 (id=373):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0x5421, 0xfffffffefffffffe) (async)
ioctl$KVM_CHECK_EXTENSION(r0, 0x5421, 0xfffffffefffffffe)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
r1 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, &(0x7f0000000180)}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae03, 0xc3)

10m27.944248684s ago: executing program 5 (id=374):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8}) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r2=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000000140)=@attr_other={0x0, 0x8, 0x288, 0x0})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0) (async)
syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r7, 0x4000ae84, 0xfffffffffffffffe) (async)
ioctl$KVM_SET_SREGS(r7, 0x4000ae84, 0xfffffffffffffffe)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x300, 0x0) (async)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x300, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x28) (async)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x28)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r9, 0x4068aea3, &(0x7f0000000140)={0xdf, 0x0, 0x1b000})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1a)
syz_kvm_vgic_v3_setup(r10, 0x1, 0x100)
ioctl$KVM_SIGNAL_MSI(r10, 0x4020aea5, &(0x7f0000000200)={0x8090040, 0x0, 0x0, 0x1})
r11 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x2012, r11, 0x40000) (async)
mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x2012, r11, 0x40000)
r12 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) (async)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = mmap$KVM_VCPU(&(0x7f00004d8000/0x3000)=nil, 0x0, 0x0, 0x110, r7, 0x0)
syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000000000/0x400000)=nil)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf84757baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x48)
ioctl$KVM_CHECK_EXTENSION(r8, 0xae03, 0x6)
close(r13) (async)
close(r13)

10m23.794141245s ago: executing program 4 (id=375):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r2=>0xffffffffffffffff})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0xf)
ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000000940)=@attr_arm64={0x0, 0x0, 0x4, 0x0}) (async)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) (async, rerun: 64)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 64)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000b80)={0x0, 0x0}, &(0x7f0000000280)=[@featur2={0x1, 0xf}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0x0, 0x4, &(0x7f0000000080)=0xbced}) (async, rerun: 64)
r9 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (rerun: 64)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
r11 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x0, 0x1000001, 0x2010, r13, 0x0) (async)
syz_kvm_setup_cpu$arm64(r9, r10, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000640)=@arm64_sys={0x603000000013c028, 0x0}) (async)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r10, 0x4010aeab, &(0x7f0000000000)={0x81, 0x8000000}) (async)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x8) (async, rerun: 64)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee2, &(0x7f00000000c0)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x9}) (rerun: 64)
syz_kvm_setup_syzos_vm$arm64(r16, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_CREATE_DEVICE(r16, 0xc018aec0, &(0x7f00000000c0)={0x1})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r15, 0x4018aee1, &(0x7f0000000340)=@attr_other={0x0, 0x2, 0x287, 0x0})

10m9.317086345s ago: executing program 4 (id=376):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x40, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=[@msr={0x14, 0x20, {0x139f, 0x7}}, @svc={0x122, 0x40, {0x40, [0x5, 0x8, 0x1, 0x8c, 0x100]}}, @memwrite={0x6e, 0x0, @vgic_gicd={0x8000000, 0xffd0, 0x7, 0x6}}, @hvc={0x32, 0xfffffffffffffe79, {0x84000001, [0x3, 0x1, 0x0, 0x4, 0x17]}}, @eret={0xe6, 0x18, 0x6}], 0xd0}, &(0x7f0000000100)=[@featur1={0x1, 0xa1}], 0x1)
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013c00b}}], 0x18}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2)
r12 = eventfd2(0x0, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x302, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r14, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xeeef0000, 0x0, r15})
ioctl$KVM_IOEVENTFD(r14, 0x4040ae79, &(0x7f0000000000)={0x3, 0xff0d77deeb9aad17, 0x0, r12, 0x4})
r16 = syz_kvm_vgic_v3_setup(r11, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r16, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x1, 0x5, &(0x7f0000000080)=0x4})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r17 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000008, [0x99b, 0x100000003, 0x5, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r17, 0xae80, 0x0)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000540)={0x0, 0x0, 0xdf287785d4362b58}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x2000)

10m6.051107893s ago: executing program 5 (id=377):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x8}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x3, 0xfffffffd, 0xf}}], 0x50}, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1d)
ioctl$KVM_GET_STATS_FD_cpu(r3, 0xaece)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x1e0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r5=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR_vm(r1, 0x4018aee2, &(0x7f0000000040)=@attr_other={0x0, 0x11d7ff9d, 0x80000000, &(0x7f0000000000)=0x3499})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0xa})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2, 0x23ac5f9b426ec4b1, 0xffffffffffffffff, 0xc007000000000000)

9m51.744180014s ago: executing program 5 (id=378):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x28)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0) (async)
close(r3) (async, rerun: 32)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2e) (async, rerun: 32)
close(r3) (async)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x38)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe4, 0x7fffffff, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x2, 0x9, 0x0, 0x80}}], 0x58}, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8})
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000100)={0x7, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x4, 0x3, 0x0})
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r12, 0x1, 0x100) (async)
ioctl$KVM_IRQ_LINE(r12, 0x4008ae61, &(0x7f0000000100)={0x100001f, 0x1}) (async)
r13 = syz_kvm_vgic_v3_setup(r12, 0x0, 0x1e0)
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x6, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

9m45.893575276s ago: executing program 4 (id=379):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x3a50c0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_ARM_MTE(r2, 0x4068aea3, &(0x7f0000000140))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000000)={0x5, 0x3, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000000000/0x400000)=nil)
r6 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x29)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0xfffffffffffffffd)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r8 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
close(r8)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r12, 0x4018aee3, 0x0)
r13 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r10, 0x2000000, 0x1010, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x31)
syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil)

9m4.214325346s ago: executing program 36 (id=378):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x28)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0) (async)
close(r3) (async, rerun: 32)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2e) (async, rerun: 32)
close(r3) (async)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x38)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe4, 0x7fffffff, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x2, 0x9, 0x0, 0x80}}], 0x58}, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8})
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000100)={0x7, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x4, 0x3, 0x0})
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r12, 0x1, 0x100) (async)
ioctl$KVM_IRQ_LINE(r12, 0x4008ae61, &(0x7f0000000100)={0x100001f, 0x1}) (async)
r13 = syz_kvm_vgic_v3_setup(r12, 0x0, 0x1e0)
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x6, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

8m56.508126484s ago: executing program 37 (id=379):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x3a50c0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_ARM_MTE(r2, 0x4068aea3, &(0x7f0000000140))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000000)={0x5, 0x3, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000000000/0x400000)=nil)
r6 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x29)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0xfffffffffffffffd)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r8 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
close(r8)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r12, 0x4018aee3, 0x0)
r13 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r10, 0x2000000, 0x1010, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x31)
syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil)

1m27.455470819s ago: executing program 6 (id=380):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000b80)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000002, [0x99b, 0x100000001, 0x5, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2e)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x6)
syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x10})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r9, 0xae03, 0x58)
syz_kvm_vgic_v3_setup(r1, 0x0, 0x0)
close(0x4)
close(0x5)

1m14.139420606s ago: executing program 7 (id=381):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, <r3=>0xffffffffffffffff, 0x1})
r4 = ioctl$KVM_CREATE_VM(r3, 0x894c, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0x80111500, 0x20000000)
ioctl$KVM_CREATE_VM(r6, 0x541b, 0x2000001c)
ioctl$KVM_RESET_DIRTY_RINGS(r4, 0xaec7)
ioctl$KVM_CREATE_VCPU(r4, 0x8004b707, 0x0)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x2, 0x3, 0x7c}}], 0x28}, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000000)=0x8090000})
ioctl$KVM_SET_GSI_ROUTING(r7, 0x4008ae6a, &(0x7f00000003c0)=ANY=[@ANYBLOB="0300000000000000070000000300000001000000000000000300000001000080070000000600000000000000000000000000000000000000feffffff030000000100000000000000f7ffffffffffffff0f00000000000000ffffffffffffffff060000000400000033000000050000000000000000000000141d0000070000000000000000000000000000000000000000000000000000000dbbb987b84a701bbf74c4f3aebd402721cb77892a1664ceaf8b83d7eece424784533eeaba439082f99b210e3b65bcd885693f9c74ed79027f2424e0f7b1e5f352caacea6ac64ca2f80a995eeb860d26697f3c19e9a276c8d644813c1efb35529a97f441a99dfb35dbb1616cbf6a8ddb6bbc79d1a38082e59f6df90358ced858630cea37e87d6ba7d06735344208850d957445aa008bbee261ef7a2347ae64baa4914a41146afa566cfdb8b68baa94bdff7f4687f9bbc7af2009fe4887c3e1d799f1aca4e2dc4cb453a7ccb11c2a"])
ioctl$KVM_RUN(r9, 0xae80, 0x0)

56.513820909s ago: executing program 6 (id=382):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x2, 0x380)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r5, 0x4010aeb5, &(0x7f0000000100)={0x55}) (async)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013e08d, &(0x7f00000000c0)=0x6db})
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000100)={0x0, 0x0}, &(0x7f00000001c0)=[@featur2={0x1, 0x24}], 0x1)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) (async)
syz_kvm_vgic_v3_setup(r10, 0x1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000040)=0xe7})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000080)=0x30})
r13 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x34)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r13, 0x4018aee3, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000140)={0x7, 0x323}}) (async)
r14 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000180)={0x8, <r15=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x0, &(0x7f0000000000)=0x10})

54.92462067s ago: executing program 7 (id=383):
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000480)={0x1, 0x3c0, 0x80, &(0x7f0000000080)=[0x8, 0x594b, 0x7f, 0x400, 0x3ff, 0x2, 0x4, 0x5, 0x7, 0xd95, 0x6fee659d, 0x5, 0x4, 0x1973, 0x60000000000000, 0x9, 0x9868, 0x5, 0x16, 0x0, 0xc71, 0x1, 0x5f, 0x1, 0x78a, 0x6, 0xfffffffffffffff9, 0x100000001, 0x8761, 0x9, 0xff, 0x7f, 0x4ee, 0xb2, 0x0, 0x9, 0xdb56, 0x200, 0x332, 0x2, 0x4, 0xb09, 0x81, 0x10, 0xfffff80000000000, 0xfffffffffffffff3, 0xffffffff, 0x0, 0xffffffff, 0x9, 0x9, 0x7ff, 0x869b, 0x1, 0x3, 0x8, 0x81, 0x4, 0x1, 0x4, 0x7, 0xffffffffffffffff, 0xf, 0x0, 0x9, 0x100000000, 0x444a, 0x9af, 0x7ff, 0x9, 0x3, 0x7ff, 0x40, 0x5, 0x400, 0xb92a, 0x9, 0x7fffffff, 0x637, 0x8001, 0x20000, 0x6, 0x7fffffffffffffff, 0x7, 0x322b, 0x8, 0x8, 0xad8, 0x8, 0x113e, 0x6, 0x1, 0x6e, 0x7, 0x7ff, 0x80000001, 0x400, 0xf7, 0x6, 0x3, 0x37, 0x8001, 0x5, 0x8, 0x6, 0x4, 0x2, 0x0, 0x3, 0x1, 0x53, 0x10001, 0x5eb, 0x4, 0x8000000000000000, 0x7, 0x0, 0x6, 0x3, 0x9, 0x6, 0x77df, 0xd, 0x6, 0x6, 0xff, 0xe71, 0x5]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x0, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)

8.145581893s ago: executing program 38 (id=382):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x2, 0x380)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r5, 0x4010aeb5, &(0x7f0000000100)={0x55}) (async)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013e08d, &(0x7f00000000c0)=0x6db})
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000100)={0x0, 0x0}, &(0x7f00000001c0)=[@featur2={0x1, 0x24}], 0x1)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) (async)
syz_kvm_vgic_v3_setup(r10, 0x1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000040)=0xe7})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000080)=0x30})
r13 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x34)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r13, 0x4018aee3, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000140)={0x7, 0x323}}) (async)
r14 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000180)={0x8, <r15=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x0, &(0x7f0000000000)=0x10})

0s ago: executing program 39 (id=383):
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000480)={0x1, 0x3c0, 0x80, &(0x7f0000000080)=[0x8, 0x594b, 0x7f, 0x400, 0x3ff, 0x2, 0x4, 0x5, 0x7, 0xd95, 0x6fee659d, 0x5, 0x4, 0x1973, 0x60000000000000, 0x9, 0x9868, 0x5, 0x16, 0x0, 0xc71, 0x1, 0x5f, 0x1, 0x78a, 0x6, 0xfffffffffffffff9, 0x100000001, 0x8761, 0x9, 0xff, 0x7f, 0x4ee, 0xb2, 0x0, 0x9, 0xdb56, 0x200, 0x332, 0x2, 0x4, 0xb09, 0x81, 0x10, 0xfffff80000000000, 0xfffffffffffffff3, 0xffffffff, 0x0, 0xffffffff, 0x9, 0x9, 0x7ff, 0x869b, 0x1, 0x3, 0x8, 0x81, 0x4, 0x1, 0x4, 0x7, 0xffffffffffffffff, 0xf, 0x0, 0x9, 0x100000000, 0x444a, 0x9af, 0x7ff, 0x9, 0x3, 0x7ff, 0x40, 0x5, 0x400, 0xb92a, 0x9, 0x7fffffff, 0x637, 0x8001, 0x20000, 0x6, 0x7fffffffffffffff, 0x7, 0x322b, 0x8, 0x8, 0xad8, 0x8, 0x113e, 0x6, 0x1, 0x6e, 0x7, 0x7ff, 0x80000001, 0x400, 0xf7, 0x6, 0x3, 0x37, 0x8001, 0x5, 0x8, 0x6, 0x4, 0x2, 0x0, 0x3, 0x1, 0x53, 0x10001, 0x5eb, 0x4, 0x8000000000000000, 0x7, 0x0, 0x6, 0x3, 0x9, 0x6, 0x77df, 0xd, 0x6, 0x6, 0xff, 0xe71, 0x5]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x0, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)

kernel console output (not intermixed with test programs):

[  378.681715][ T3156] 8021q: adding VLAN 0 to HW filter on device bond0
[  413.971409][ T3156] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:44714' (ED25519) to the list of known hosts.
[  590.563944][   T25] audit: type=1400 audit(589.760:61): avc:  denied  { name_bind } for  pid=3312 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  591.492194][   T25] audit: type=1400 audit(590.690:62): avc:  denied  { execute } for  pid=3313 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  591.517885][   T25] audit: type=1400 audit(590.710:63): avc:  denied  { execute_no_trans } for  pid=3313 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  614.317808][   T25] audit: type=1400 audit(613.520:64): avc:  denied  { mounton } for  pid=3313 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  614.352255][   T25] audit: type=1400 audit(613.550:65): avc:  denied  { mount } for  pid=3313 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  614.438827][ T3313] cgroup: Unknown subsys name 'net'
[  614.486476][   T25] audit: type=1400 audit(613.690:66): avc:  denied  { unmount } for  pid=3313 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  614.885714][ T3313] cgroup: Unknown subsys name 'cpuset'
[  615.008551][ T3313] cgroup: Unknown subsys name 'rlimit'
[  615.923828][   T25] audit: type=1400 audit(615.130:67): avc:  denied  { setattr } for  pid=3313 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  615.943406][   T25] audit: type=1400 audit(615.140:68): avc:  denied  { mounton } for  pid=3313 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  615.967481][   T25] audit: type=1400 audit(615.170:69): avc:  denied  { mount } for  pid=3313 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  617.136826][ T3316] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  617.156867][   T25] audit: type=1400 audit(616.360:70): avc:  denied  { relabelto } for  pid=3316 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  617.184728][   T25] audit: type=1400 audit(616.390:71): avc:  denied  { write } for  pid=3316 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  617.356733][   T25] audit: type=1400 audit(616.560:72): avc:  denied  { read } for  pid=3313 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  617.377158][   T25] audit: type=1400 audit(616.580:73): avc:  denied  { open } for  pid=3313 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  617.422866][ T3313] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  667.387862][   T25] audit: type=1400 audit(666.590:74): avc:  denied  { execmem } for  pid=3317 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  671.977496][   T25] audit: type=1400 audit(671.180:75): avc:  denied  { read } for  pid=3319 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  672.018747][   T25] audit: type=1400 audit(671.210:76): avc:  denied  { open } for  pid=3319 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  672.134059][   T25] audit: type=1400 audit(671.320:77): avc:  denied  { mounton } for  pid=3319 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  672.360666][   T25] audit: type=1400 audit(671.560:78): avc:  denied  { module_request } for  pid=3319 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  672.396378][   T25] audit: type=1400 audit(671.590:79): avc:  denied  { module_request } for  pid=3320 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  673.472614][   T25] audit: type=1400 audit(672.670:80): avc:  denied  { sys_module } for  pid=3319 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  698.294135][ T3320] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  698.738054][ T3320] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  698.837283][ T3319] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  699.340919][ T3319] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  714.720600][ T3320] hsr_slave_0: entered promiscuous mode
[  714.752022][ T3320] hsr_slave_1: entered promiscuous mode
[  715.780895][ T3319] hsr_slave_0: entered promiscuous mode
[  715.807696][ T3319] hsr_slave_1: entered promiscuous mode
[  715.836511][ T3319] debugfs: 'hsr0' already exists in 'hsr'
[  715.853765][ T3319] Cannot create hsr debugfs directory
[  720.961611][   T25] audit: type=1400 audit(720.160:81): avc:  denied  { create } for  pid=3320 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  720.991356][   T25] audit: type=1400 audit(720.190:82): avc:  denied  { write } for  pid=3320 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  721.050454][   T25] audit: type=1400 audit(720.250:83): avc:  denied  { read } for  pid=3320 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  721.226875][ T3320] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  721.693209][ T3320] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  721.898715][ T3320] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  722.240820][ T3320] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  723.656588][ T3319] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  723.848176][ T3319] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  724.052552][ T3319] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  724.276872][ T3319] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  736.557295][ T3320] 8021q: adding VLAN 0 to HW filter on device bond0
[  738.933194][ T3319] 8021q: adding VLAN 0 to HW filter on device bond0
[  794.108820][ T3320] veth0_vlan: entered promiscuous mode
[  794.544272][ T3320] veth1_vlan: entered promiscuous mode
[  796.547374][ T3320] veth0_macvtap: entered promiscuous mode
[  796.674576][ T3319] veth0_vlan: entered promiscuous mode
[  797.094218][ T3320] veth1_macvtap: entered promiscuous mode
[  797.594782][ T3319] veth1_vlan: entered promiscuous mode
[  799.435379][ T3401] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  799.556311][ T3401] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  799.561648][ T3401] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  799.626847][ T3401] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  800.676144][ T3319] veth0_macvtap: entered promiscuous mode
[  801.208078][ T3319] veth1_macvtap: entered promiscuous mode
[  801.903216][   T25] audit: type=1400 audit(801.100:84): avc:  denied  { mount } for  pid=3320 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  802.175898][   T25] audit: type=1400 audit(801.380:85): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/syzkaller.9MRG3j/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  802.336603][   T25] audit: type=1400 audit(801.540:86): avc:  denied  { mount } for  pid=3320 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  802.691068][   T25] audit: type=1400 audit(801.840:87): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/syzkaller.9MRG3j/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  802.786801][   T25] audit: type=1400 audit(801.990:88): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/syzkaller.9MRG3j/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3759 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  803.367004][ T3401] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  803.374896][ T3401] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  803.384582][ T3401] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  803.398912][ T3401] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  803.536798][   T25] audit: type=1400 audit(802.630:89): avc:  denied  { unmount } for  pid=3320 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  803.775010][   T25] audit: type=1400 audit(802.960:90): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  803.847355][   T25] audit: type=1400 audit(803.050:91): avc:  denied  { mount } for  pid=3320 comm="syz-executor" name="/" dev="gadgetfs" ino=3769 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  804.177052][   T25] audit: type=1400 audit(803.380:92): avc:  denied  { mount } for  pid=3320 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  804.295078][   T25] audit: type=1400 audit(803.490:93): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  805.823033][ T3320] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  815.344659][   T25] kauditd_printk_skb: 4 callbacks suppressed
[  815.364914][   T25] audit: type=1400 audit(814.550:98): avc:  denied  { read } for  pid=3473 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  815.423488][   T25] audit: type=1400 audit(814.610:99): avc:  denied  { open } for  pid=3473 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  815.601930][   T25] audit: type=1400 audit(814.800:100): avc:  denied  { ioctl } for  pid=3473 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  816.923622][   T25] audit: type=1400 audit(816.040:101): avc:  denied  { setattr } for  pid=3473 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  819.087420][   T25] audit: type=1400 audit(818.290:102): avc:  denied  { write } for  pid=3475 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  882.814717][   T25] audit: type=1400 audit(882.010:103): avc:  denied  { execute } for  pid=3524 comm="syz.1.16" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4512 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  885.021466][   T25] audit: type=1400 audit(884.220:104): avc:  denied  { append } for  pid=3524 comm="syz.1.16" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  887.988059][ T3521] kvm [3521]: Failed to find VMA for hva 0x20c01000
[  899.174601][ T3530] kvm [3529]: Unsupported guest access at: eeef0000
[  899.174601][ T3530]  { Op0( 2), Op1( 0), CRn( 0), CRm( 0), Op2( 2), func_write },
[ 1012.467392][   T25] audit: type=1400 audit(1011.670:105): avc:  denied  { ioctl } for  pid=3594 comm="syz.1.36" path="net:[4026532625]" dev="nsfs" ino=4026532625 ioctlcmd=0xb707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1117.018491][ T3665] kvm [3665]: Failed to find VMA for hva 0x21016000
[ 1178.835673][ T3707] kvm [3707]: Failed to find VMA for hva 0x21016000
[ 1267.776494][ T3769] kvm [3769]: Failed to find VMA for hva 0x20e94000
[ 1419.985723][   T25] audit: type=1400 audit(1419.190:106): avc:  denied  { map } for  pid=3869 comm="syz.0.121" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1420.054949][   T25] audit: type=1400 audit(1419.260:107): avc:  denied  { execute } for  pid=3869 comm="syz.0.121" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1451.240537][   T25] audit: type=1400 audit(1450.340:108): avc:  denied  { execute } for  pid=3886 comm="syz.0.126" path="/63/T" dev="tmpfs" ino=335 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 1568.613335][ T3978] KVM: debugfs: duplicate directory 3978-7
[ 1873.757770][ T4175] kvm [4175]: Failed to find VMA for hva 0x20c01000
[ 1935.006307][ T4214] KVM: debugfs: duplicate directory 4214-5
[ 2011.871990][ T4259] debugfs: 'vgic-its-state@8080000' already exists in '4259-4'
[ 2159.245735][ T4350] kvm [4350]: Failed to find VMA for hva 0x21016000
[ 2171.887077][ T4358] kvm [4358]: Failed to find VMA for hva 0x20c01000
[ 2646.400976][ T4592] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2646.734480][ T4592] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2651.624365][ T4595] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2651.961620][ T4595] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2671.908656][ T4592] hsr_slave_0: entered promiscuous mode
[ 2672.008996][ T4592] hsr_slave_1: entered promiscuous mode
[ 2672.073305][ T4592] debugfs: 'hsr0' already exists in 'hsr'
[ 2672.095834][ T4592] Cannot create hsr debugfs directory
[ 2676.094407][ T4595] hsr_slave_0: entered promiscuous mode
[ 2676.134459][ T4595] hsr_slave_1: entered promiscuous mode
[ 2676.161513][ T4595] debugfs: 'hsr0' already exists in 'hsr'
[ 2676.164525][ T4595] Cannot create hsr debugfs directory
[ 2692.098097][ T4592] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 2692.996745][ T4592] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 2695.212509][ T4592] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 2696.104176][ T4592] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 2697.464270][ T3368] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2699.026370][ T3368] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2700.278386][ T3368] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2701.404646][ T3368] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2703.235783][ T4595] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 2704.445294][ T4595] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 2705.421656][ T4595] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 2705.759049][ T4595] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 2717.347551][ T3368] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2717.566126][ T3368] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2717.696980][ T3368] bond0 (unregistering): Released all slaves
[ 2719.862923][ T3368] hsr_slave_0: left promiscuous mode
[ 2720.093171][ T3368] hsr_slave_1: left promiscuous mode
[ 2720.625585][ T3368] veth1_macvtap: left promiscuous mode
[ 2720.672191][ T3368] veth0_macvtap: left promiscuous mode
[ 2720.677599][ T3368] veth1_vlan: left promiscuous mode
[ 2720.685511][ T3368] veth0_vlan: left promiscuous mode
[ 2740.014105][ T3368] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2741.365663][ T3368] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2742.616116][ T3368] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2743.534684][ T3368] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2763.735508][ T3368] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2764.005664][ T3368] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2764.194355][ T3368] bond0 (unregistering): Released all slaves
[ 2766.502360][ T3368] hsr_slave_0: left promiscuous mode
[ 2766.702492][ T3368] hsr_slave_1: left promiscuous mode
[ 2767.280984][ T3368] veth1_macvtap: left promiscuous mode
[ 2767.282253][ T3368] veth0_macvtap: left promiscuous mode
[ 2767.295901][ T3368] veth1_vlan: left promiscuous mode
[ 2767.306533][ T3368] veth0_vlan: left promiscuous mode
[ 2783.115629][ T4592] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2787.391432][ T4595] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2871.747065][ T4592] veth0_vlan: entered promiscuous mode
[ 2872.686338][ T4592] veth1_vlan: entered promiscuous mode
[ 2876.204050][ T4595] veth0_vlan: entered promiscuous mode
[ 2877.128413][ T4592] veth0_macvtap: entered promiscuous mode
[ 2877.897239][ T4592] veth1_macvtap: entered promiscuous mode
[ 2878.107580][ T4595] veth1_vlan: entered promiscuous mode
[ 2882.142521][ T3714] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2882.166289][ T3714] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2882.175320][ T3714] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2882.184027][ T3714] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2883.273428][ T4595] veth0_macvtap: entered promiscuous mode
[ 2883.963910][ T4595] veth1_macvtap: entered promiscuous mode
[ 2888.608381][ T4600] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2888.611432][ T4600] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2888.712441][ T4600] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2888.714338][ T4600] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3157.643990][ T4670] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3158.896684][ T4670] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3160.038225][ T4670] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3161.168739][ T4670] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3181.164297][ T4670] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3181.338191][ T4670] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3181.493195][ T4670] bond0 (unregistering): Released all slaves
[ 3184.825113][ T4670] hsr_slave_0: left promiscuous mode
[ 3184.952624][ T4670] hsr_slave_1: left promiscuous mode
[ 3185.992832][ T4670] veth1_macvtap: left promiscuous mode
[ 3186.016808][ T4670] veth0_macvtap: left promiscuous mode
[ 3186.028288][ T4670] veth1_vlan: left promiscuous mode
[ 3186.053829][ T4670] veth0_vlan: left promiscuous mode
[ 3207.878951][ T4670] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3209.277993][ T4670] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3210.432850][ T4670] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3211.509259][ T4670] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3226.795548][ T4670] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3226.946940][ T4670] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3227.072853][ T4670] bond0 (unregistering): Released all slaves
[ 3228.731939][ T4670] hsr_slave_0: left promiscuous mode
[ 3228.842245][ T4670] hsr_slave_1: left promiscuous mode
[ 3229.262113][ T4670] veth1_macvtap: left promiscuous mode
[ 3229.266641][ T4670] veth0_macvtap: left promiscuous mode
[ 3229.291626][ T4670] veth1_vlan: left promiscuous mode
[ 3229.297623][ T4670] veth0_vlan: left promiscuous mode
[ 3279.213949][ T4952] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3279.989077][ T4952] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3281.787811][ T4949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3282.065350][ T4949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3306.982454][ T4952] hsr_slave_0: entered promiscuous mode
[ 3307.038109][ T4952] hsr_slave_1: entered promiscuous mode
[ 3310.295538][ T4949] hsr_slave_0: entered promiscuous mode
[ 3310.356503][ T4949] hsr_slave_1: entered promiscuous mode
[ 3310.463923][ T4949] debugfs: 'hsr0' already exists in 'hsr'
[ 3310.467932][ T4949] Cannot create hsr debugfs directory
[ 3324.298224][ T4952] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 3324.888484][ T4952] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 3325.277753][ T4952] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 3325.853381][ T4952] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 3330.553461][ T4949] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 3330.923661][ T4949] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 3331.158004][ T4949] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 3331.472244][ T4949] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 3353.935116][ T4952] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3359.777881][ T4949] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3488.524059][ T4952] veth0_vlan: entered promiscuous mode
[ 3489.423538][ T4952] veth1_vlan: entered promiscuous mode
[ 3493.902269][ T4952] veth0_macvtap: entered promiscuous mode
[ 3494.853071][ T4952] veth1_macvtap: entered promiscuous mode
[ 3495.915312][ T4949] veth0_vlan: entered promiscuous mode
[ 3498.023507][ T4949] veth1_vlan: entered promiscuous mode
[ 3500.927939][ T3714] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3500.961265][ T3714] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3500.967253][ T3714] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3501.020773][ T4968] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3504.666676][ T4949] veth0_macvtap: entered promiscuous mode
[ 3505.853947][ T4949] veth1_macvtap: entered promiscuous mode
[ 3510.852533][ T3714] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3510.876274][ T4659] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3510.877160][ T4659] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3510.877868][ T4659] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3675.017388][ T4600] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3679.324592][ T4600] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3681.188197][ T4600] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3683.567246][ T4600] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3708.095563][ T4600] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3708.387758][ T4600] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3708.562773][ T4600] bond0 (unregistering): Released all slaves
[ 3712.015723][ T4600] hsr_slave_0: left promiscuous mode
[ 3712.331108][ T4600] hsr_slave_1: left promiscuous mode
[ 3713.273240][ T4600] veth1_macvtap: left promiscuous mode
[ 3713.284712][ T4600] veth0_macvtap: left promiscuous mode
[ 3713.287061][ T4600] veth1_vlan: left promiscuous mode
[ 3713.288541][ T4600] veth0_vlan: left promiscuous mode
[ 3746.476762][ T4600] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3747.515885][ T4600] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3748.565690][ T4600] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3749.558098][ T4600] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3769.197647][ T4600] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3769.353401][ T4600] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3769.484352][ T4600] bond0 (unregistering): Released all slaves
[ 3771.583581][ T4600] hsr_slave_0: left promiscuous mode
[ 3771.697474][ T4600] hsr_slave_1: left promiscuous mode
[ 3772.098266][ T4600] veth1_macvtap: left promiscuous mode
[ 3772.109029][ T4600] veth0_macvtap: left promiscuous mode
[ 3772.121888][ T4600] veth1_vlan: left promiscuous mode
[ 3772.125617][ T4600] veth0_vlan: left promiscuous mode
[ 3820.458494][ T5278] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3820.726611][ T5278] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3828.772700][ T5284] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3829.105784][ T5284] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3853.062885][ T5278] hsr_slave_0: entered promiscuous mode
[ 3853.145062][ T5278] hsr_slave_1: entered promiscuous mode
[ 3865.177731][ T5284] hsr_slave_0: entered promiscuous mode
[ 3865.268460][ T5284] hsr_slave_1: entered promiscuous mode
[ 3865.333008][ T5284] debugfs: 'hsr0' already exists in 'hsr'
[ 3865.340956][ T5284] Cannot create hsr debugfs directory
[ 3875.971958][ T5278] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 3877.391439][ T5278] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 3878.622227][ T5278] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 3879.213185][ T5278] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 3886.486254][ T5284] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 3886.968682][ T5284] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 3887.495164][ T5284] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 3887.962265][ T5284] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 3912.525940][ T5278] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3922.198518][ T5284] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4067.858955][ T5278] veth0_vlan: entered promiscuous mode
[ 4068.912875][ T5278] veth1_vlan: entered promiscuous mode
[ 4072.307165][ T5278] veth0_macvtap: entered promiscuous mode
[ 4072.944838][ T5278] veth1_macvtap: entered promiscuous mode
[ 4077.320074][ T5284] veth0_vlan: entered promiscuous mode
[ 4077.728649][ T4670] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4077.757151][ T4670] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4077.912993][ T4686] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4077.914305][ T4686] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4079.916813][ T5284] veth1_vlan: entered promiscuous mode
[ 4087.698644][ T5284] veth0_macvtap: entered promiscuous mode
[ 4088.842675][ T5284] veth1_macvtap: entered promiscuous mode
[ 4093.464782][ T4967] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4093.472168][ T4967] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4093.503860][ T4967] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4093.607690][ T3368] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4333.581955][ T5567] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4334.115626][ T5567] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4341.324336][ T5571] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4341.867197][ T5571] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4389.028951][ T5567] hsr_slave_0: entered promiscuous mode
[ 4389.254809][ T5567] hsr_slave_1: entered promiscuous mode
[ 4389.422984][ T5567] debugfs: 'hsr0' already exists in 'hsr'
[ 4389.442261][ T5567] Cannot create hsr debugfs directory
[ 4397.072703][ T5571] hsr_slave_0: entered promiscuous mode
[ 4397.185460][ T5571] hsr_slave_1: entered promiscuous mode
[ 4397.267817][ T5571] debugfs: 'hsr0' already exists in 'hsr'
[ 4397.338324][ T5571] Cannot create hsr debugfs directory
[ 4430.011333][ T5567] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 4430.837748][ T5567] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 4431.807282][ T5567] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 4433.023065][ T5567] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 4443.761977][ T5571] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 4444.384093][ T5571] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 4445.173086][ T5571] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 4446.208469][ T5571] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 4495.689011][ T5567] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4504.944326][ T5571] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4586.912197][   T27] INFO: task syz.7.383:5545 blocked for more than 430 seconds.
[ 4586.962253][   T27]       Not tainted syzkaller #0
[ 4586.993867][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 4587.008702][   T27] task:syz.7.383       state:D stack:0     pid:5545  tgid:5545  ppid:5284   task_flags:0x400040 flags:0x00000019
[ 4587.060959][   T27] Call trace:
[ 4587.061620][   T27]  __switch_to+0x584/0xb20 (T)
[ 4587.063707][   T27]  __schedule+0x1eec/0x33a4
[ 4587.064324][   T27]  schedule+0xac/0x27c
[ 4587.064832][   T27]  schedule_timeout+0x5c/0x1e4
[ 4587.065261][   T27]  do_wait_for_common+0x28c/0x444
[ 4587.065672][   T27]  wait_for_completion+0x44/0x5c
[ 4587.066143][   T27]  __synchronize_srcu+0x2a4/0x320
[ 4587.066626][   T27]  synchronize_srcu+0x3cc/0x4f0
[ 4587.067060][   T27]  mmu_notifier_unregister+0x320/0x42c
[ 4587.067533][   T27]  kvm_put_kvm+0x6a0/0xfa8
[ 4587.067954][   T27]  kvm_vm_release+0x58/0x78
[ 4587.068418][   T27]  __fput+0x4ac/0x980
[ 4587.068813][   T27]  ____fput+0x20/0x58
[ 4587.069237][   T27]  task_work_run+0x1bc/0x254
SYZFAIL: failed to recv rpc
[ 4587.351421][   T27]  do_notify_resume+0x1bc/0x270
[ 4587.352060][   T27]  el0_svc+0xb8/0x164
[ 4587.352544][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 4587.352982][   T27]  el0t_64_sync+0x198/0x19c
[ 4587.354584][   T27] 
[ 4587.354584][   T27] Showing all locks held in the system:
[ 4587.355065][   T27] 1 lock held by khungtaskd/27:
[ 4587.355466][   T27]  #0: ffff800087876d18 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[ 4587.357962][   T27] 2 locks held by getty/3185:
[ 4587.358345][   T27]  #0: 35f0000011c4e8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 4587.516616][   T27]  #1: 60ff80008c5cb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8
[ 4587.518399][   T27] 3 locks held by kworker/u4:6/3368:
[ 4587.518743][   T27] 2 locks held by kworker/u4:2/3714:
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 4587.519032][   T27]  #0: 07f000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 4587.603158][   T27]  #1: ffff8000a8ed7c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 4587.604914][   T27] 3 locks held by kworker/u4:3/4600:
[ 4587.605272][   T27] 3 locks held by kworker/u4:8/4659:
[ 4587.605587][   T27] 3 locks held by kworker/u4:10/4686:
[ 4587.605902][   T27] 3 locks held by kworker/u4:5/4967:
[ 4587.606201][   T27] 3 locks held by kworker/u4:7/4968:
[ 4587.606572][   T27] 3 locks held by kworker/u4:11/5138:
[ 4587.606867][   T27] 2 locks held by kworker/0:0/5167:
[ 4587.607179][   T27] 3 locks held by kworker/u4:12/5285:
[ 4587.607543][   T27] 2 locks held by syz.6.382/5547:
[ 4587.607918][   T27] 3 locks held by kworker/u4:14/5680:
[ 4587.608279][   T27] 2 locks held by kworker/u4:15/5710:
[ 4587.608608][   T27] 1 lock held by modprobe/5738:
[ 4587.608910][   T27] 2 locks held by dhcpcd-run-hook/5739:
[ 4587.765818][   T27] 
[ 4587.792317][   T27] =============================================
[ 4587.792317][   T27] 
[ 4608.043805][   T27] INFO: task syz.7.383:5545 blocked for more than 451 seconds.
[ 4608.091781][   T27]       Not tainted syzkaller #0
[ 4608.115493][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 4608.116067][   T27] task:syz.7.383       state:D stack:0     pid:5545  tgid:5545  ppid:5284   task_flags:0x400040 flags:0x00000019
[ 4608.116862][   T27] Call trace:
[ 4608.117120][   T27]  __switch_to+0x584/0xb20 (T)
[ 4608.117685][   T27]  __schedule+0x1eec/0x33a4
[ 4608.118170][   T27]  schedule+0xac/0x27c
[ 4608.118660][   T27]  schedule_timeout+0x5c/0x1e4
[ 4608.119068][   T27]  do_wait_for_common+0x28c/0x444
[ 4608.190912][   T27]  wait_for_completion+0x44/0x5c
[ 4608.191659][   T27]  __synchronize_srcu+0x2a4/0x320
[ 4608.192171][   T27]  synchronize_srcu+0x3cc/0x4f0
[ 4608.192656][   T27]  mmu_notifier_unregister+0x320/0x42c
[ 4608.193106][   T27]  kvm_put_kvm+0x6a0/0xfa8
[ 4608.193530][   T27]  kvm_vm_release+0x58/0x78
[ 4608.193958][   T27]  __fput+0x4ac/0x980
[ 4608.194360][   T27]  ____fput+0x20/0x58
[ 4608.194742][   T27]  task_work_run+0x1bc/0x254
[ 4608.195140][   T27]  do_notify_resume+0x1bc/0x270
[ 4608.195594][   T27]  el0_svc+0xb8/0x164
[ 4608.196026][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 4608.196474][   T27]  el0t_64_sync+0x198/0x19c
[ 4608.197180][   T27] 
[ 4608.197180][   T27] Showing all locks held in the system:
[ 4608.197502][   T27] 1 lock held by khungtaskd/27:
[ 4608.197806][   T27]  #0: ffff800087876d18 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[ 4608.376634][   T27] 2 locks held by getty/3185:
[ 4608.377071][   T27]  #0: 35f0000011c4e8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 4608.378755][   T27]  #1: 60ff80008c5cb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8
[ 4608.434519][   T27] 3 locks held by kworker/u4:2/3714:
[ 4608.434866][   T27] 3 locks held by kworker/u4:3/4600:
[ 4608.435161][   T27] 2 locks held by kworker/u4:8/4659:
[ 4608.435519][   T27] 3 locks held by kworker/u4:5/4967:
[ 4608.435834][   T27] 3 locks held by kworker/u4:7/4968:
[ 4608.436147][   T27] 3 locks held by kworker/u4:11/5138:
[ 4608.436486][   T27] 2 locks held by kworker/0:0/5167:
[ 4608.436802][   T27] 3 locks held by kworker/u4:12/5285:
[ 4608.437096][   T27] 3 locks held by kworker/u4:13/5290:
[ 4608.437451][   T27] 3 locks held by kworker/u4:1/5502:
[ 4608.437755][   T27] 2 locks held by syz.6.382/5547:
[ 4608.438045][   T27] 1 lock held by syz-executor/5567:
[ 4608.438374][   T27] 1 lock held by syz-executor/5571:
[ 4608.438718][   T27] 3 locks held by kworker/u4:14/5680:
[ 4608.439029][   T27] 1 lock held by rm/5746:
[ 4608.553114][   T27] 
[ 4608.553487][   T27] =============================================
[ 4608.553487][   T27] 

VM DIAGNOSIS:
07:10:18  Registers:
info registers vcpu 0

CPU#0
 PC=ffff8000865a61ec X00=ffff800087b215a0 X01=0000000000000000
X02=0000000000000000 X03=ffff80008056d5cc X04=0000000000000001
X05=0000000000000001 X06=0000000000000000 X07=ffff80008056d5c0
X08=ffff8000865a61e4 X09=0000000000010101 X10=0000000000ff0100
X11=ffff800087fe5a20 X12=0000000000010102 X13=0000000000000001
X14=0000000000000061 X15=00000000000000ff X16=ffff800080000000
X17=fff07fffeb67d000 X18=00000000000000ff X19=efff800000000000
X20=ffff80008c260f00 X21=ffff80008c260f38 X22=efff800000000000
X23=00000000000000a5 X24=fff0000072d68050 X25=ffff80008c260000
X26=ffff80008c260f50 X27=00000000000dfce6 X28=0000042bc2e6a400
X29=ffff800080007990 X30=ffff800084acf4d8  SP=ffff800080007990
PSTATE=004020c9 ---- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=0a0a0a0a0a0a0a0a:0a0a0a0a0a0a0a0a Z01=73203a316d697376:656474656e203700
Z02=6e69617420746f4e:202020202020205d Z03=0000000000000000:00000000000000ff
Z04=0000000000000000:000000000000000f Z05=726f6d20726f6620:64656b636f6c6220
Z06=203a29315f657661:6c735f646e6f6220 Z07=206e612073612067:6e6976616c736e45
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000ffffc2ce3900:0000ffffc2ce3900 Z17=ffffff80ffffffd8:0000ffffc2ce38d0
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000