last executing test programs:

55.390592811s ago: executing program 0 (id=387):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000240), 0xca680, 0x0)
r2 = openat$kvm(0x0, &(0x7f00000000c0), 0x200, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, &(0x7f0000000240)={0x5, 0x11})
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000080)=@arm64_bitmap={0x6030000000160000, &(0x7f0000000100)})
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="8200000000000000"], 0x61}, 0x0, 0x0)
r8 = syz_kvm_vgic_v3_setup(r5, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x141480, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2)
r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
r14 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, r13, 0x2800002, 0x11, r12, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f0000000300)="fb4149dd033b8986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67525673312b01040000000000002627e7000000000000000200", 0x0, 0xfffffffffffffe73)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0xd, 0x200)
openat$kvm(0x0, 0x0, 0x70102, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x5, 0x0, &(0x7f0000000080)=0x400})
r15 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r16 = ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r15, r16, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000004000000000000000000000800000000020000000000000000200000000000000020000000000000004001500000000000400000000000000"], 0x40}], 0x1, 0x0, 0x0, 0x0)
r17 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r17, 0xae01, 0x0)

44.971935298s ago: executing program 1 (id=389):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, 0xfffffffffffffffe)
r2 = mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000100)={0x5, 0x0, [{0x9, 0x1, 0x0, 0x0, @adapter={0x1, 0x3, 0x4, 0xd7, 0xf055}}, {0xc, 0x1, 0x0, 0x0, @adapter={0x1, 0x8c, 0x1170, 0x4, 0x8}}, {0x1f, 0x6, 0x0, 0x0, @sint={0x7, 0x3}}, {0x7, 0x2, 0x0, 0x0, @sint={0xfffffffc, 0x8001}}, {0x2, 0x4, 0x0, 0x0, @sint={0x2, 0xdb6b}}]})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1})
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, 0xfffffffffffffffe) (async)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000100)={0x5, 0x0, [{0x9, 0x1, 0x0, 0x0, @adapter={0x1, 0x3, 0x4, 0xd7, 0xf055}}, {0xc, 0x1, 0x0, 0x0, @adapter={0x1, 0x8c, 0x1170, 0x4, 0x8}}, {0x1f, 0x6, 0x0, 0x0, @sint={0x7, 0x3}}, {0x7, 0x2, 0x0, 0x0, @sint={0xfffffffc, 0x8001}}, {0x2, 0x4, 0x0, 0x0, @sint={0x2, 0xdb6b}}]}) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async)

41.667683668s ago: executing program 0 (id=390):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000280)=ANY=[], 0x488}, &(0x7f0000000200)=[@featur1={0x1, 0x7}], 0x1)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4208ae9b, &(0x7f0000000740)={0x10000, 0x0, [0x9, 0x7, 0x81, 0xa3, 0x5, 0x7]})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = openat$kvm(0x0, &(0x7f00000000c0), 0x909483, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x4)
ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000080)={0x2, 0x3})
r7 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="820000000000000028000000000000000134a80000e20000010000000000003d21ce98cf1bf182a4d8dd63b262582f5280"], 0x28}, 0x0, 0x0)
r9 = syz_kvm_vgic_v3_setup(r3, 0x4, 0x100)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x8, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x82, 0x28, {0x1, 0x2001, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r13, 0x4, 0x100)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000100)={0x8, <r16=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_RUN(r15, 0xae80, 0x0)
ioctl$KVM_SIGNAL_MSI(r13, 0x4020aea5, &(0x7f0000000200)={0x8090040, 0x0, 0x100000, 0x1, 0x1})
r17 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r17, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0x3, 0x1000, 0x2}})
r18 = ioctl$KVM_CREATE_VCPU(r17, 0xae41, 0x0)
syz_kvm_add_vcpu$arm64(r7, &(0x7f00000001c0)={0x0, &(0x7f0000000e40)=ANY=[@ANYBLOB="14000000000000002000000000000000a4801300000030600200000000000000aa00000000000000280000000000000006000400000005000000050000000700000003000000000001000000000000004000000000000000ffff0000000000000100008000000000ff03000000000000000000000000000004000000000000000700000000000000220100000000000040000000000000002000000000000000050000000000000000010000ff00000007000000000000000100000000000000030000000000000000000000000000001800000000000000c6000000000000001e0000000000000040000000000000000200008400000000ff070000000000000500000000000000080000000000000001000000000000000600000000000000820000000000000028000000000000000100000000000000010000000000000016000000000000001e000000000000004000000000000000ff7f008000000000001000000000000007000000000000732f000000000000000800000000000000010000000000000082000000000000002800000000000000040000000000000001000000000000002302000000000000aa0000000000000028000000000000000900010000000e40000009000000fcffffff0200000000000a000000000000009c00000008207c008008d520709ed20020b0f2010080d2620180d2630080d2a40080d2020000d4000080f2007008d50054002f607390d20080b0f2c1008075020180d2a30180d2040080d2020000d480068ad20000b8f2a10080d2820080d2030180d2e40180d2020000d4c0c28ad20080b0f2c10180d2820180d2830080d2c40080d2020000d4c0035fd60000000000000000180000000000000005000000000000006e0000000000000030000000000000000080eeee00000000c90d00000000000008000000000002000000000000e10000000000000000180000000000000000000a00000000000000568400000000000000e0af8dd20080b8f2c10180d2020080d2a30180d2840080d2020000d4000040d30034000f000008d50068601e60f281d20040b8f2010080d2e20080d2e30080d2440180d2020000d4007008d50038000ea03994d200a0b0f2c10180d2e20180d2830080d2a40180d2020000d4007008d5c0035fd60000000000000000180000000000000005000000000000001e0000000000000040000000000000000f0000840000000002000000000000000800000000000000050000000000000003000000000000000000000000000000e60000000000000018000000000000000f000000000000001e00000000000000400000000000000007000084000000000800000000000000e7050000000000000000000000000000ffffffffffffff7f03000000000000000a000000000000009c00000000000000000040bd007008d5008008d5002d95d200e0b0f2a10180d2620180d2a30080d2c40180d2020000d4005c205ec0b899d200e0b0f2410080d2e20080d2030180d2a40080d2020000d4007008d5c01e91d20080b0f2410080d2420080d2e30180d2a40180d2020000d4200886d200e0b8f2210180d2e20180d2c30180d2840080d2020000d40000c06dc0035fd6140000000000000020000000000000003d80130000003060040000000000000022fff14765c8df6d146f7883afce91e49d132f8d11353195fd74c4b47bbce8cc6bd248ae6c3f70cf21a475c0f419a44c4ee59b5d589d000000000000c08e18836ff22958496bd8a5111749342dd975e9fb844e4d4c66f181bb644a71aa18be0800cdd7c754cc74fc62b11c3baa3321a1e352a2bbecab7bd5e6ddcf8aef9c73d6dd2c7ad7af121d9cc46015082bde64e2bfd85c5aba6ad38d832ccae372e23f353867a2b37fd1c28527f16167f36ed02c838454383782f08a7a4ad64426ffed508b594a60be2d7e0634aeae628b3bd963d5a75c1c8fb0ab13fabd3dcbd7f6e0b9a12d1d406b975d3d19ed26c7f4b0fca2af54e01dc49cb866a1962dddeb61aa515df313fb15a5c58b6054e0225c992cf25b713ccf0c2333d0b94a6da633a2fcc0ca1839fa559f2df371b13a78a67be7eea3b9421bbc5030a147f07cf84d5c847fb90d66131dc3de90ca"], 0x4c4}, &(0x7f0000000cc0)=[@featur2={0x1, 0x21}], 0x1)
syz_kvm_setup_cpu$arm64(r1, r18, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000001440)=ANY=[@ANYRESHEX=r3, @ANYBLOB="622ac12ef940b4850703ca119562bfcb7cfccbc0b8fb99693aac3d901c16ace12287e4d5d5d67e449faa487d8a3fc5b436f004e916f0aff240bb29f57984553401d8cb4720cf3821153175048d769574abad9cdf7fb1bb5c8ad9223023e5d2605a495af0542e0288d1d209126e04bc6c35d12f24841a570beb1f5c4d1836b85a7d0614ff421939b1da0595ad5aedab429a5b71ba0d21c406ccd73cefd65549183745e1df52f5221a3ad7156939b566c93394432692f7a60ec518b1a340431e16baaa74ffd8ebd7183014e41d04d949641fa532ebf87d3634c2399f84e4328173a1442a452372e1c11e2fba1ed254a897934ab621a04b25da948172d380bb82ddd909a455f171cdaa011801a94dd0b0229dbb732c069e52cccf3c31a3877f5e431aca4832b239b6fdb3ac56564fd8907ab8ea4ecec42aa3f240025b65b83573e7561a43a7a5029c2bc72799f9806921c80adf04451ecfe155bdda918a0cb954f9576a86f939391b8fe90d06ed1396c8129592b1fda4d3ffc50ef9c46a7a61738d99b855835dbb9d4795666a32923f36a6aa09605f600146b8b80fb44310e62984a56f02cdd69dd2701ac6957abbad4b29d2d973ff1fbe8d7f5853c53c302e65626be2e8234356945e7567aedf802ca4c967179e88fbed909da39168c53f607275577b166fbb26719398cc8985de7a9b8324e023c41b847e05f5efe9048c78884a945414ce5b9aa1c50887f3240ef962fdc5c7ac5e980c2e1edaa360f226461d0da61d7480921abc16ab5f07bfd8ac3b06100750ce06676721dec6a9ce8cb0828d74996c43099d608844d531bf00a5d952237a552a189ff9756de25ce53aafdd84f3cc0dfe86d354e95988ec27edcb85d1f6222a3ef4d2a3563b279e2204c077eb9a7a6787d322189f7056764faa4016aa7d9da26b740daedd03bf5be4b7e774377f7650802e98235cea2d1441baa55bd432424f817f92fa5c493cf7b8608d0da6732cc9c72d22475f5262653340ed9b9b349a076c3e9b62807ed1b4c715398622d07c17e0a1359f6aa2383ec3b2eba30cd0c83524917f2d3d6ad5bb60da2793d3c905bf76ba3e9fb9dd0a5823baf241bbded77aa7c601a966ddb92a33672d101da83ac7844970245f33bfc064cb6fab3db2d9096dfec94e7e4f4ae4ebf25a20dd4a3a4c7340e829855199e57c23354816d82abb0d8e2f77f409b7a9b17b8383b25bc7cf479ce64afa8e6e8caab6ead17a3f66f8149dd9a024258a2c73a64b0f9f9b3f55dd78aad05603927eeefb943b30d5e8482cb1761458a1ccbb2f841d276dc4c044486e103875049cb8dc4dd8b07f1684bb6f4f10eee1377cb821fb0e9fb23fb83b88bb9b21e36a4f2a0a4e28a0a338242a6d9b2ce7555817cce095b47a3453891e6428dce2f8e6e80346074be0302b30db77e2e8ee577a577c4faadc70497cd2960cc163ef4704ff4f770d265065ac3c04de3548bef80ca24689511f55ac9ec7fbbefe5b601ecd8c99ab5f0cf6773546c2c372d90dc8f09b8400c53ee502b9c849c4936f5ce74ad9cfc2658ddd45bd6eff68f8bfed1e753b9e71f4ab80dc6aedf916a72ff47f7cfddcb7abde81487a08256853ca04259dee61b2f0d4f77898b4e78b2e59ef4b842c4a0420e2521fa6eb0d5c44e0ccaf1dac610b9e7d22afca422b52c912ff592ed28bbcd45e6f4ae71aeb5de86786a5586082f28c2a5da34b24824242a4f9486923a3a6ec80df95d469f72f5b5ef15d0b09722ecac6143a1ea0acfe8fb3cc58accf667720ac5ef8d1f6f59271d6b9e5b742ccbb2d7b8360a67cb00a100544d8858e9937f405b1a28bcb54159fbcbf3884fbb8b0051bccc392760432017ca7115a72d68777ecbb8947a5343a5960dbdeef8254aee5e52fc6f44c2764f81243b0012f5f37eb684bb6caeeedda43c0adc7bd0639aae9f961a74a7ce5b9a79778ca28ce5e586336665fb4e594bf185196d239a63044e5bbfb2983418d6ed8772937e45d522d229b11aa52a121e6547dd83f9568183c5f41bf9d5af25f4e446e661e4902288440e793fad9854fba8140070811d784073f5810cb12b761874332611414e40a38dc5ea59c0a4338201be2c91fd395974af2fb1f7bd42a4770da2cb5f4f089f76dc206f6e92267cd5d75a40c6e2468ffeb94481a22b8163e63a2aa4cbd826f1e1a93ddfa9ae462eb001affe77b553eaf944593b7f05ac65410b1c1a02a88ae0607d8a5be05e8bce39f5fe9d1002827536b3bf1210e13650a5c163b58c1c6f3c95bfac6165bf7cfc40a4ce76abe077d7e09135bb1c78961fbae3e3308b1c70d7e46d1395e0de44f5b1a016690856d6f58b078b9e20526afa3921a786f645fd2529050dc33307045050047e53f1ad3685e186b079eca739b66b455b0642318652a7dca3d867d0c595b570e328ddb5ae7741d2fc1c4fee7d29cf7e976c08305ed8f30e5c0a08ad43720b4524857ff027696fb0cd4d63e51f2ce677a0b2e4d4b1d9ab72c441bc666e2868b50a7dbd3a1519596eae5b5c12b4eb9967074fd3a41b024d3490492023da47326ca294fa41d0561ab44f18145bf67a52ea51447519ef8e49c1525298c5a52f6b06fa21fab33fadcd1cdeddfdda694ba73532b417ecf8f9e731899eaf20408f77b32cf210f0393aef7d67e26bdd7a8d9d51090bfef4ca0b4730ec4fd3d93de779a6bfe6c8cad7fbd83629dfdf084e8815c97a977ebf843f6cf9d33422aaa5ae9fcf3f6565ee7b381387680a3277d98aafd128b95414932a04981b7be69b96076aa750378212a510f13772be4d0faf21202ef87fdb5aab840d853962079e37c92b4488048f92a363174ece1ea23cc61a6f82c7b803c5d55a3b8961e7f28df72d822e4524bc3b56359faf8ece275b9c631cbfab6c625d5cad6d67e7edf8f467b083ad7777d0f12c5b7632b5ad0a4b99e2bb6582c3d6488283d3e09ea8d8b88f787c1116e331be73542d69834a1feb6a1c2d1dc24970f352a679fd7c4d6024474f23017609965e6ce7b33bc32bca208436c9a257e8da47f22ad42d4d0180a20c3a8f4d4f70c142efb34fa07c5b45804e8ee285b0b28f43bb386962921a3e5ad6788e04568a9a0124bae31c1be42558fb4b700384cb71c52b00e7bfe8cdb9af742a3f6e57c499cbec73cb4a4327f47cab40fb4dd7db43f2ea898e04dd539c820550c14697f0c6a240268b891369b4628860fad2db7e5a8cb7cc782511f115b69d161eede6c9653a5bb6e0fc035e9f2c446272ed348766428e0e124377f69eece141d3ffd8792200c4ae70697427cc761e373f2b198fa82fca1f69d24cce5a4dcda537efeb02c40da1f234a13df28df7d575f01cd3fbc7f3881ed6f1bb3fb08e03d2d1278b8f73961cac052848c850251fd0a63a4159ada150aa2c5384f34f9467c6937c37523aba9e1cdf2335516d771c5f14e091c48aa0d1298492030520fabfa995dcb7ab65bef1785548308fe4a7a68dbdc0c87e7782fb1bfc6caabb1475e8630e9cf5a5cbbb000a7e5fa2449b342d117b387a56c963d733a4a78a2701226414e7ab34a0a62beeb2cfa7e4ac6bdb1a1b2a3bde06a05ad1bd105ecd46046a1128302a38316cc5b4db53d02f4478ff314cf747974addf864504efc67f9ea2523af09c314b6aa0b638f4594f1c5063e0e1170cc6fa3d3cd84c223b9cb7bb5f43f498bb73fa9124b92e16e27e0ef0b10682d280fa7fec8a967ed7ba6992080851557a4354180372e3927ce65bfd29b4ce110827c93edecd0438a03ed1641ccc7e5938e2da2124aca0cc6ece1f08f4ee987232c16401daabd3e71fd6ddc1e19fcff98603bc3c372fe050e9307ec12e08b06dcb7682638aec8657b75c18590b42be6d98f23ca5eccd47abe47bf9874eba8aca2156685cffdbde5d437cb5122f6976ebc6ecaa93b99a92716e41102dfb74fb146aaa85dc3e45164582551b223073253982f80c66807d505c4c93c42e29effa5812bc4e5ba0687d6ac8b3c9de8f3fd1970ab4f0c3116ca7c2f9a92245c7685761efce1ae68b99494e19412e89e570b9edf6808bd365623e4105b37138fee4e652a2c57358a25da180b0670190695a836870b0ec90d29145048d98ef5284cc4e78834e8bca7c2c52c5b6b365c4ecf7c8eb5106af5b5fea17ec3e38814d2c7daff14cea7ad4a4214e9669929b04add0c8ecf131729042b5caf73233b605a05ef62efb534379bc70b1cdbf05e379c90f46dd80442f799decb746a93be99d5c5c40c9d03c08d78001d8ea701ccb2d809536f301e4cc8b08a9bcac5076d2cbeaa12f6839cf08f33dc7ac2abb8f72633ca66e957135253c382e5d9b99055e1a6caadc00158e7ff3dfb02e1023173e757688762b42e217aa175069244fc3d81391d110e84a91595c5a4ee0e10d724c9258edaaa6dca318254849847549978bf54696126b91b461f6d8127d1047f287d27ea0f76a5545498a25feaa56bdb35b491f5d6e53dcea259a6f59d74af354178df5d7073f15b599f66a3264471e06d0b627cdd9e0f71700ec9738373927daef3dad6f7248adc0e40cf95e4f6478e8a08cb6b4539a6cebb05e1bd833a2b19bc5bf0ef2b470714f6c46eb9f022db41b030d2d98214e0549830d47a12458857ba0056adab679abaa5e2d8421ce46b99025bf1b190868b566e6a637db90dc822d38b36aba9ab66bf60c3f231e17965a3a50a16cec133a0bf399af28be8514f8b15f695c2b1874f352346cc1275b128c1c9e8d2f00539781ab3f1686f5aeaca105d5077d08bdd6d4f52513f6ecc04e231ea0470654011450617f576a5f8f07ca65babc686bd095649e1be173296ec9a30b21b1c279f80a27a3a1e9f3a268730a8792ea88f0f47908cdae3606161cd1f41599dff64c39f70d309b258fb3817d884d8fb526e0bad06183eb664ed57a3ded9913ee2194c2140d2018866a9bde00cb7a780ae63a1cc34b597b83f061dcc13ba1ed4a8c5c6a38bffd1ae9733e65b9e11adfef04f6837254b4a5e2f85e8d629007c8cc831acc0363267f024fd2b738d85595d38fe405f99a27f6285c02d2c20f3932d81261e9950aaf6fc8b0d4ecd79b3eb31ab1b2ca947e3a6d369bdf052f50e24fbbc69df4e8b1fc29b56e9912cc2f57491f2265f4547c4d3647bf42a1fe2373d1c0a9ac70f6a5dde863dba3177bdd9681dced74e9734a759db785c7fa280c287f2666456ce624e492fb92a23a91e1e281973938a43bec3e4eb8395cc7b736e29b24bc99d93e0b622a0884e6f82a4340a8f2cca0f3159a2655e36f1429cb151442d54b394c4c84c27ac478cbe6c12f756b918e19fe175a56aa3e8514f29cb427c49767558df9ae71f3ebddc8abd016532ee221939b80ed58f4841cd78583bfb2d007bcded77b8a55a03c1a2f98b53d8044753cf66279c3473379619e36302079e14b88e37f71e44b86110190a5845ed5f841cac6d25be576f65a68b202a0f29e4be1b3d200cfde0148b4d7bf388baaf0e8b9967c16a0930f29aed63cdfcc5c551665382aceaaba63f46e23501f242b5b273c7b4362dcecb21d0b81f33a71b52e37edc900aff467e325c6750bdcf3da6b92dc527fb95f3859515322edb5c6ad7f6fb0988cd025e62c55d4ade80968bc0cea182c7a6fae33307621f445351c49e387ae46ceb54376197dbf42fe1bf431cfd0ab411bceb1ea9fa4eeeee69589cd50262e0a872325bbfb409de0ed88fc2447124c885bce95c65ca7fa02f999a0e6b032252f5a8ba9b0887d83389e550dd04e67f6e877af38ff76bbee12946c864e506e6609fe", @ANYBLOB="8f2ca79fb05f8689288e63ee838d4264db26657cc4b46159443d7dc4201527dff47162d05730c5d57c5bf8dcfeb52b95d591fb274e94f6b97751106532f480960830eddfc9ed915660c3fb3b78b1c64696615cafd2ad489e37396dc3abaf7cc98bce1da3ed832b09bb2e51e8e118de98ccb27eb1f9ab1a815894ce3e0a2dc5454e6e71a484c5b6ea51cdc6ddd6f5e62e4c354db69f9e98e901df9e3fafd0d9b00cef4cc96e3f48af9d6d33cac4cee7c25599de5dc1c81fd866929c77babdcb9f7a2fae100e02ea7bbbc685d763e8b26fcfdec732e86fd33809d8549fccd92d0f3565a806896469a14e2610c2", @ANYRESDEC=r5, @ANYRES8=r4, @ANYRES64=r9], 0x40}], 0x1, 0x0, 0x0, 0x0)

33.031280758s ago: executing program 1 (id=391):
openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x18b400, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)

25.055446375s ago: executing program 1 (id=392):
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f0000000000))
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000380)={0x0, &(0x7f0000000040)=[@hvc={0x32, 0x40, {0x1000000, [0x7, 0x3ff, 0x5, 0x2d2ca0c2, 0x80000000]}}, @hvc={0x32, 0x40, {0x80, [0x81, 0x4, 0x3ff, 0x8, 0x4]}}, @svc={0x122, 0x40, {0xc400000d, [0x5, 0x5, 0x2f7, 0x5, 0xffffffff00000000]}}, @memwrite={0x6e, 0x30, @generic={0x5000, 0x718, 0x7, 0x4}}, @mrs={0xbe, 0x18, {0x6723}}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x330}}, @hvc={0x32, 0x40, {0x84000012, [0xfffffffffffffffa, 0x80000000000, 0x0, 0x5, 0x5]}}, @eret={0xe6, 0x18, 0x6000000000000000}, @smc={0x1e, 0x40, {0x84000010, [0x0, 0x2, 0xfffffffffffffffb, 0x1000, 0x8000]}}, @irq_setup={0x46, 0x18, {0x4, 0x94}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x4, 0x8, 0xc, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013df4f}}, @uexit={0x0, 0x18, 0x7}, @uexit={0x0, 0x18, 0xffffffffffffffca}, @msr={0x14, 0x20, {0x603000000013e648, 0x4}}, @svc={0x122, 0x40, {0x80008000, [0x6e37, 0x94dd, 0xf3, 0x0, 0x7]}}, @mrs={0xbe, 0x18, {0x6030000000138065}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0xc0, 0x8, 0x1}}, @svc={0x122, 0x40, {0x8600ff01, [0x3, 0x5, 0x7fffffff, 0x9, 0xbf4]}}], 0x338}, &(0x7f00000003c0)=[@featur2={0x1, 0x10}], 0x1)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000840)=[{0x0, &(0x7f0000000400)=[@irq_setup={0x46, 0x18, {0x4, 0x2eb}}, @irq_setup={0x46, 0x18, {0x1, 0x36d}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x9c}}, @irq_setup={0x46, 0x18, {0x3, 0xd1}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x11d}}, @mrs={0xbe, 0x18, {0x603000000013802e}}, @irq_setup={0x46, 0x18, {0x1, 0x6d}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x40, 0x6, 0x1}}, @its_setup={0x82, 0x28, {0x0, 0x6, 0x2d8}}, @eret={0xe6, 0x18, 0xb16e}, @hvc={0x32, 0x40, {0x84000012, [0x0, 0x1, 0xfff, 0x7, 0xecd]}}, @svc={0x122, 0x40, {0x84000012, [0x7, 0x7fffffff, 0x3eb9, 0xd, 0xf1a]}}, @eret={0xe6, 0x18, 0x2}, @smc={0x1e, 0x40, {0x80, [0x100, 0x0, 0x2, 0x1, 0xfffffffffffff184]}}, @mrs={0xbe, 0x18, {0x603000000013e66c}}, @hvc={0x32, 0x40, {0x31000000, [0x0, 0x6, 0x7, 0xfffffffffffffffc, 0x4]}}, @mrs={0xbe, 0x18, {0x603000000013e520}}, @mrs={0xbe, 0x18, {0x603000000013df79}}, @uexit={0x0, 0x18, 0x778}, @mrs={0xbe, 0x18, {0x603000000013deec}}, @code={0xa, 0x84, {"007008d5004c81d20080b0f2010080d2020080d2230080d2a40080d2020000d4402987d20040b0f2810180d2c20180d2e30080d2a40180d2020000d400409f0d000400b8008008d5008008d50020c09a80688fd20040b0f2610180d2c20080d2230180d2640080d2020000d400a4002f"}}, @code={0xa, 0x84, {"007008d5808b85d200c0b0f2e10080d2a20180d2030080d2240080d2020000d400a480d20080b0f2810180d2220080d2230080d2a40180d2020000d41f0020ab008008d5000cc038007008d5c00594d200a0b8f2210180d2420180d2a30180d2240180d2020000d40050202e008008d5"}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffd0, 0x0, 0x5}}, @irq_setup={0x46, 0x18, {0x0, 0xd0}}], 0x418}], 0x1, 0x0, &(0x7f0000000880)=[@featur1={0x1, 0x46}], 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000008c0)={0x10002, 0x2, 0x8080000, 0x1000, &(0x7f0000d5d000/0x1000)=nil})
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x271d)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000900)={0x7, 0x0, [{0xaf, 0x5, 0x1, 0x0, @irqchip={0x0, 0x9}}, {0x8, 0x1, 0x0, 0x0, @sint={0x1, 0x9}}, {0x2, 0x1, 0x2, 0x0, @msi={0x3c, 0x3, 0x8, 0x137f}}, {0x0, 0x1, 0x1, 0x0, @irqchip={0x4}}, {0xda, 0x5, 0x0, 0x0, @msi={0x8, 0x5, 0xc97, 0x3ff}}, {0x1548, 0xdd69d0c7a5f87ea2, 0x1, 0x0, @msi={0x137, 0x7f, 0x6, 0x8}}, {0xfea, 0x5, 0x0, 0x0, @msi={0x0, 0x471, 0x7, 0xb}}]})
ioctl$KVM_SET_SIGNAL_MASK(r2, 0x4004ae8b, &(0x7f0000000a80)={0x1000, "0a843630d06de2e8f688042a20f2c4be7855bc8ecf817931351d6e1d1a7aa70994fed991f3a9b90d2974523041efd66954e711e3073b216ccfc23a0443d82fb05f79f8a9485490db53c7a2948b2fba4f360f10260355a8286d8ed33763087562ebc4b7d7960dfeffc376c51569eab7d5b27b9f9d68b8943562e702c64bfdb30891fa4d115e29040ae480b4a8b4747330275884d5ab2e18fa1023495b6858d232e99de1bd1806d3567328df8e5c96eb99d8bce4301861ccf6b8c01af71a99a19a7b744e563bdd04a051e37cdfdaf01e78550c2b05f7ba0cecbb5a08db6e0f896ad611971a312be0319c7652ed2c21e0b488dab1e513edbee7cf5355fc95839618a4e3b924255a7de19fad5c9d32fcdc84b3d0e9e200c6d1177e35a848271adcd4ef82805a2d591d4cccbe6e02afe2b9d5e006a6c6e048d4f3939785bfa73b40a8beef4526681f3550b967deccf313e9d388eb83d036afb8b92ceef10028d834a97555250a2e99a95e59ca56df3dd8ba90e2845ba6bcadcd1cafd6a780ec023973e6fb2e6f31c8c190e9c10e380cc0955d424d6564fe0aa734585316a17330c6b3fc07ee20c45223dbe156b7c1e21391a9101ff8935fa30cf735171c5cf49bc663b52212b7e95ddadf5aaf44e7c65b369c4afff5a501870fb618153245366e02e308403803881bddf5b39617ae1d85b619eb63da7c880b3c8d8edfb66a8067708c1700ccc3db026e43c8e7fb9c59749851d225816e5cec7693a8402aa5ce9950c9756f5a83423bb07db31b5bb65e3c4d67f7388ff70c46fb8575107221476d438c424a9441edc271124400b97c79102e9d4341bab5b1b4656800da8c32143f36f357bf1b533d1997af42301811f3ed97acff31e3f48ca8cbdf7bc7e77159e4e24f8fbc164e5076baf7910207e970c26b8d5bf8de35ab5234915323c552103b70f4d73af7adb98ee5fafbfbe7a1d02e7ffdc30d2ef1766d7b916ab58d1aca58757d6dc7f68fa05da3cf6efb2c8546ac7078df54bf7b707d923cc75c7590e57963c896981154cf0592f436ccbde6baaa9e2a3c8d16e332a116ed18fcf27f06f0b7a0b7cd20f2835c62b0b56e6d12006c014949fc30e425a8f92703e2de1535fa0f14c6217cbd4b618cc877241f0596ed11a5d5a075523d4f276cd7bcf7cac5e7a623788f53c022ec7897fcc8fd9e432821cb66f430a72facaa40659afc4eff0f28d380fc65df0f2e9504155c78be2ef0c3eac341a11c190f3116e4ea783f2ccfc1862f7f8c114ea9f4979eeac9965413bac3563683f697256a4e8e16c1af24b06b2a7da11f4754e0a3eef831efb865f90ff9e05b0b2d5c714811e9ecfb107a04d8f552e8175c8b20cbd45bc094cbf384e95702c96eb33c6e7a52a6167c1987801f57740dc4f043310e7bfed59582507bd7a616fcfd0f5e773aea474d6e3117815d9b312aaedb35557cf844cfbed5929799c8c0af617f968f5498c8d2ca62aec6d0b66b5bb31a41008753d648caa5716c965a13bbc77d455b17a5dda96a557398d11ae60da3fe6e1b44db02ef6a154f7c019287530bdbcc5f7a0776b3327e06b4b538cc32b70ca99eef7228613655c29761fbf8026ac2cc86c23e45400246587fba38591ec5e457ca8de4323fa1d77b7a36b9bfbe769858492f6aa8100b1103989ffc0eea7870b90837ae4e47923abf534eae6b3756d0fcba48a3c8846304f79bed67b8fcaf4947f4218a4201feeefd11b1d72735dda40456ff479c4232eeb0d5d378141817bf2af6650b54adffeddcf30d7b4f53436f4278c2619ec427a5bdc170afe00da9b69e447235e62eee3e60977e20a8601b2448b1e7e6add1e9882d0715078fb73e02dc395fc293f457110e1f3faf0b2ad62398d43c4eaf4bd8b01fd5352df224109783d74f4e719b9024ff12c20da8fcf1d69f84095dd8f56f7005071cb85fa7458e382e103075e4c633eb07fdfe34fc17ddb4a2c5f25507766c50d1ac271c75bfb623584e3963644698346a248fd8cf7003347f3665a1290967be229eaf48127e9984d0e12b32a6ae4e3a256406f03e91a71c63499d484b95924ae726ceabd11665ff92bf5eff404392f5bb86b0a85a18c858780a0575bb412bbebf98e057b3462c4df9ed9d3166d886026a9929ae970fafe49445f421155c249d471d8a1c6e9b9750e566bb938e7d8d9fcdba500aeb3b0628e7555b22e13f6943388cd009c0bda645148642a7429ddd0c175f17d0fe6b7b70578b05d9100edf912d76b4bdcf1a1a55a64f3b2444cd292bf67b4b29f0346f0ebdc2969bdfcda7a65cadf43756d8272c1c7c4d2c96ca02089fcfdc68c126dc1e8cc6d802404674fabbbd695ae81658dd3bf59b3b20ade8d9e72bbfe3e4f305113bfe2be2cdb9ba3105840a9d7ccdde1e795a39540b3f59e3c0b4250254ee4bf9fed758de6524b402ef5d3039a84a3a450bd671fe7fa1582aace21fd11693e2ebc1d0049f02879b11aff4dfcf6e3f7093e55d3c451792bda5f578589fcd4b9e767c6395ae3d78dc1fa267a7142607c9b71b42943bb44f1b78ebf588c2733f975298892f40f79375298d34734db93482fb4972975c21cf3d7bf40fb405e764c1fc455c2284d9304db3e08f742fe8bd9572d662e0b2d9fdead29fa8c608003f5d931808eeff4cea8bea9ba65c59d3a7d3b380f3a8c58a1e2d3e247d5555527b21d813022a1e161ef80a1da65e94a7c303167d4f5acd595155933a6ac993310cae2c1a8aa5e713d0ccbd0e151ee4f47b76dc618a6fc773f2b8ccf4122d078f526c6327d6322fc37c4560ff7914cc48e22679092e4d3ca49810bc00ed922c5086ffdc0bfe2c7975ebf12ad6d3ff9491ccb73b3afa3368e59abb05353fccaf3f7173efca4afe664f7e51df43a5c16a1e67d06f57a7953b5c8bb20183a858e5a5ce242c00b98bdfd1469a039ebaa15ad8d93e2a11f7887084898830af3edcce66828cfa054fe7539e4c8efc13d566674c13b1bbe9e38e895d6033b74c0a3e0b3e97a129b7ca83f50efe9a31ef29c534a3988f43f9d49b7d7cd98a58a5ecb04794dad0ba08db158904f36165caf4861512f8c1355f55aa6cbbf32b0f6a34775dff22345ba282286adb38e38209ee2899ae4b61557c55aeeab53dfbc339593e0f19638a349ef8264f941a98157ae94984dfb77f88e07403c8f9c684e42fdce1d5f32501b23fe1308d831892cb7969477b43a8643bd2a6394c265dc4d85596b7e38796def33966dd01229fcbc08a40dd497c1e8fed49049f0aa5a861119468a715596960ce47af86fa60118ea15fb4e10030df14300372b70a802a7046e5bd8cb7eebbc4fffa16968af81f9b38248f0d4b0dd61572584294ffe55cf183756b7434b3eb892d1f7f91cc023980d51ff31e6513084fbd6c4b0637452a76862778ec38743bea28cc29149210f102178d183a697c16d51a2ca0383659416e56757efa6d79d4f5069281da849c09a60b9fde64601a94940abd82350167c50b822bcff628d80bde795d6b55fad44127976995b212b6ec160a2747beb06dc158bd93cf3e9b00008f928b0a9219e6f1d0a28b8e718899f73b7e019aae8aded8accc3643fc7887f2d57ec5778e4d1cf21bd2ee747bab5ffe72407da92d50f4db6cbfd3b8476c9ce882b6c37b336286eb08618aa835f0f87fe369fd94ec2b9370cd8e8ff2e1318730bc202f2fec2df67154471ae4511d84a5f7fff92e7e7c25b325d078f13e4dbc81c5dfbc56a9e37d363c342836d6939c835be0d5b4bbee58b43a037d77d9c33437345076f72ad87edf2d1440c8d2c411b265fc1f549a981c9922b1556ae6a0ec0911db6914f3d782e83e822cdce647812a8fdfe9210b37e4d0c1f216dde9a3f8bcbe4bd5417843ff02f7faacf1049ac0684ed84df8e8d1d45f9acc8419dd47ed87a61fe63cd0c3a4cf2723b119e55094c136eee735764e0d12013ad603eb70abcd52dd012a0489c3c25bb6bb5edcabc4e84751d47361438a18b6542c2d84940fe9321138a3f9c16a8df0e6a81c3c27241b71622ac6442c290acf383e6b7e2916f932234b2e227044253c47f7d76d24daeb6b8fc6687c128bba4aaaddd1c8d9b362993165d62fa11cf074b011553bba6b4b6e0ee35b604f8cde48d09dd04c2ffcfc52a38f5baf1b00e6569ab75f780aa3496838c32e02aa02ee2613d1cc80c080d6b26012b6df92b8b7d2474063b5f476017b691efe13d933736bb4eea11199330a58ae5e7bed0d7064a5e0e63543fcab48792a97db79bd6e75881f73982a79d6ab901a02628bf9c3d67727e5be83595ec2a1d2bf1e732a0513269da2ac875e2489c7c870c1b91358b41da0193a6306043fd80f60362b6b4fce458785b287b5b6a362a4bc296e3685b2af1feadf3f3a8025f35958f7546783c34a83b5e6b83c27b3adfc6dbde02b1ef9ac5bc6aff41720517834bdfab90148f0f2728af450f417af6a300655b69805a78d381e587d27d726a317da9227247c88b0476958c2d7a3ee01328a17bee63a9440d279d3c144afdf6650377b86438ccd75e58c9891ff3a60699767af5cf81c563540f723ea046677d6ac8e91320545de884a387eb071753ce138c0c7e2900f6fa894ebc434ad1d8eea2d63196945c2ab682357bff97834e098f022c2b3f79d9b89c9e7455d3b2c3ca7b06f9cfba793e588cc91cc5e6f636f9e0ae6b3f5f5124395537989f30889b468b1ea7cf89ee319a7347e02dd5cc2c38bad51d87a2a6e47c9f1788a4c481d057baf9da5fb42951f7e3339c7272cc12645da9529baf836aae7fc9d9a374cfe5ea29532e30cee3d2034835eb21f9fe5722f7a5ec1847cc3a4a6add1669f14dd5e013fa4689840b0bcfbba65a3ec8d110a38dbbbd45491b16d6e5964a57fe6f314502bf9ce43e7f10acc7e3ef8fcd73ee202b27e59ebcb68c8156dbdf9bd6beba5ef30ffe3c2e7b367001312c0fc9d6700a83b83be324ff6ba8f99a074391cbce44ac59420166e6f573f466437f431a970317a881335692b18452083cfc99cc19c185b1f256cb5e6c3ae5b966806dd12de9dba674f2eb35e652cc93046c0d571dfd9bc09fa8c29697ef784f48b232613e163c72dd78a690389f98d69c1ff89a43cee2288ca96e99ff6663c8aa20423f3ae207e12289ebe190c4664f2bd2185ef63f905f90954bf0c5d488aa825f95cd6c5271356ecf764a35bc04dbec2b824dfbd828fb18a2dd34b082b2c5f581b56b83f03bd68129e1ef360dce69aa5dd6db3056390d30f3bd755fcf124401ce2a79aa011bde8dafa62e19e65932d33101c29b617bfac385a34bb5a3ba0610deed41a56d5f585b67cc88e41a01f6c90e8d4c40a1783cdaae3afd7a602f8f1634bdc0abd16d5dc53075103af2ab919257ba41010c069f60f56c237a1fed2b914ce04fd2a33800b7b1d890c1c04a67e806c6d55e88a2b4b9a557492e6b06548e0b7361153179983eb8a9c981212e249293841b4fe0ec6e0971c4c156bac504d633a34693d2d10e43bc1338429bf4e82e8de30609b5f901a0dcf31a4a2d9d730502d84f58d6de0b8eefe6702a1b0c1139b2e82103e7711904f8adb7d4a8f3f509c1f7ae76a6ad4682cb49b1a14faa4b7aca0395c34efa0636355343d719415adc1d29f93f8dff9ba8d0872823cf88fbf7769e0053d3544a1f4c837821522c4454cd2f58f5931758130b41ed962070c060122cb331c95795e1ef72d848afb06c2581df9dffce6d257213b941c46ff669e71493ff15be80fa4203bf85bcf2d68b115fdba8613c23fc3e2dbbf8a4c0ebbcb767f"})
r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000001c40)={0x0, &(0x7f0000001ac0)=[@its_setup={0x82, 0x28, {0x1, 0x2, 0x8b}}, @mrs={0xbe, 0x18, {0x603000000013c522}}, @msr={0x14, 0x20, {0x6030000000139828, 0x7}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x1, 0x3, 0x4, 0x0, 0x4}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x90, 0x0, 0xa}}, @svc={0x122, 0x40, {0x84000007, [0xfffffffffffffffd, 0x1, 0xfffffffffffffffd, 0xa, 0x7]}}, @eret={0xe6, 0x18, 0x7}, @msr={0x14, 0x20, {0x603000000013dea9, 0x6}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x0, 0x2, 0x8001, 0x3ff}}, @eret={0xe6, 0x18, 0x895a}], 0x170}, &(0x7f0000001c80)=[@featur2], 0x1)
r5 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000002180)={0x0, &(0x7f0000001cc0)=[@irq_setup={0x46, 0x18, {0x4, 0x294}}, @msr={0x14, 0x20, {0x603000000013e663, 0x6}}, @mrs={0xbe, 0x18, {0x603000000013e537}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x4, 0x4, 0xa}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x3, 0x0, 0xa, 0xe, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013e72a}}, @mrs={0xbe, 0x18, {0x603000000013dcea}}, @smc={0x1e, 0x40, {0x8400000e, [0x8, 0x4, 0x7, 0x4, 0x2e0109d5]}}, @mrs={0xbe, 0x18, {0x603000000013df6b}}, @smc={0x1e, 0x40, {0x84000007, [0x6c25, 0x4, 0x10001, 0x1ff, 0x1]}}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x31c}}, @eret={0xe6, 0x18, 0x2}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x1, 0x6, 0x40, 0x4, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x400, 0x15ba, 0x1}}, @uexit={0x0, 0x18, 0x80000001}, @msr={0x14, 0x20, {0x603000000013e648, 0x80000001}}, @uexit={0x0, 0x18, 0x4}, @uexit={0x0, 0x18, 0x40}, @smc={0x1e, 0x40, {0x84000007, [0x4, 0x2, 0xfffffffffffffff8, 0x77c]}}, @uexit={0x0, 0x18, 0x5}, @uexit={0x0, 0x18, 0x8}, @mrs={0xbe, 0x18, {0x603000000013c648}}, @irq_setup={0x46, 0x18, {0x0, 0x2ba}}, @hvc={0x32, 0x40, {0x84000005, [0x3, 0x400, 0x1, 0xffffffff, 0x45]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xf20, 0xffffffff, 0x4}}, @code={0xa, 0x6c, {"004183d20000b0f2210180d2a20180d2430080d2e40080d2020000d4007008d50000600d00b8205e0038205e40198fd200e0b0f2e10080d2c20180d2a30080d2440180d2020000d4000008d50040c00c007008d5007008d5"}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x255}}, @code={0xa, 0x84, {"a03088d20020b8f2e10180d2620080d2230180d2640180d2020000d4000028d5000028d5000028d5809f8cd20000b0f2210080d2c20180d2630080d2240080d2020000d4007008d5000080f860c89bd20020b8f2c10080d2c20080d2c30080d2c40180d2020000d40010c0da0050800f"}}], 0x498}, &(0x7f00000021c0)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_ARM_VCPU_FINALIZE(r5, 0x4004aec2, &(0x7f0000002200)=0x7)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000002240), 0x200000, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000002280)={0x1ff, 0x4, 0xf000, 0x2000, &(0x7f0000de1000/0x2000)=nil})
ioctl$KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f0000002300)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f00000022c0)=0xf})
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000002380)=@arm64_fp_extra={0x60200000001000d4, &(0x7f0000002340)=0x401})
syz_kvm_setup_cpu$arm64(r1, r4, &(0x7f0000aad000/0x400000)=nil, &(0x7f0000002880)=[{0x0, &(0x7f00000023c0)=[@code={0xa, 0x84, {"0088212e000080d280ab83d20040b0f2010180d2420080d2a30180d2240180d2020000d4a08484d20080b8f2e10080d2a20080d2c30180d2e40080d2020000d4a0aa8fd20060b0f2010180d2a20180d2830080d2240080d2020000d4000028d5007008d50020a00d000028d50000031e"}}, @smc={0x1e, 0x40, {0xc5000021, [0x7, 0x4, 0xc, 0x0, 0x2bf]}}, @mrs={0xbe, 0x18, {0x603000000013e208}}, @mrs={0xbe, 0x18, {0x603000000013c110}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xffe8, 0x3, 0x4}}, @code={0xa, 0x84, {"007008d5000800f880cf81d20060b8f2c10180d2020080d2a30180d2840080d2020000d4008008d5e06387d20080b8f2e10180d2620180d2c30080d2040180d2020000d4c03e84d200e0b0f2a10080d2220180d2630180d2040180d2020000d4008008d5007008d5007008d50004005f"}}, @svc={0x122, 0x40, {0x80, [0xc, 0x7fffffff, 0x3, 0xa5a6, 0x5]}}, @svc={0x122, 0x40, {0x8400000b, [0x8, 0x1, 0xd, 0xffffffffffffffff, 0x80]}}, @mrs={0xbe, 0x18, {0x603000000013e180}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x0, 0x2, 0x3}}, @smc={0x1e, 0x40, {0x0, [0xffffffffffffffff, 0x3, 0x800, 0x7, 0x9]}}, @irq_setup={0x46, 0x18, {0x0, 0xdd}}, @irq_setup={0x46, 0x18, {0x1, 0x14a}}, @hvc={0x32, 0x40, {0x8400000b, [0x8, 0x4, 0x4, 0x9, 0x8]}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x284}}, @hvc={0x32, 0x40, {0x10, [0x5571, 0x4, 0x8, 0xa4, 0xa00000000000]}}, @smc={0x1e, 0x40, {0xc4000004, [0x8, 0x3, 0x6, 0x8]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x4, 0xe, 0x3}}, @irq_setup={0x46, 0x18, {0x4, 0x262}}, @svc={0x122, 0x40, {0x40, [0x6, 0x3, 0xfffffffffffffff7, 0xd, 0x5]}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x166}}, @msr={0x14, 0x20, {0x6030000000138016, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x4, 0xc, 0x8, 0x100, 0x4}}], 0x4c0}], 0x1, 0x0, &(0x7f00000028c0)=[@featur2={0x1, 0x24}], 0x1)
r8 = syz_kvm_vgic_v3_setup(r1, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000002940)=@attr_other={0x0, 0x9, 0x7fff, &(0x7f0000002900)=0x719})
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f00000029c0)=@arm64_extra={0x603000000013c026, &(0x7f0000002980)})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000002a00)={0x0, 0x14000, 0x1})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f0000002a40)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x81})
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000002a80)={0x4, 0x28})
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000002ac0)={0x10000, 0x0, 0x2000, 0x2000, &(0x7f0000d16000/0x2000)=nil})
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000002b40)=@arm64_extra={0x603000000013c027, &(0x7f0000002b00)=0x3})

20.519627445s ago: executing program 0 (id=393):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0xcd)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_ccsidr={0x6020000000110006, &(0x7f0000000000)=0x2})

17.528785902s ago: executing program 1 (id=394):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000000), 0x480, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, &(0x7f0000000000)={0x5, 0xa})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, <r3=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x54e3, 0x0)
munmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000584000/0x800000)=nil, 0x800000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000c00000/0x400000)=nil, 0x400000)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000000)={0x8, <r6=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x541b, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x15)

13.126060598s ago: executing program 0 (id=395):
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000000)=0x4)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f0000000040)=@x86={0x9, 0x6, 0x8, 0x0, 0xfff, 0x4, 0x6, 0xff, 0x10, 0x4, 0xbc, 0x6, 0x0, 0x9, 0xb, 0x4, 0x9, 0x1, 0x4, '\x00', 0xff, 0x3})
ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f0000000080)=@arm64={0x1, 0xd, 0x9, '\x00', 0xa})
ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f00000000c0)=@arm64={0x4, 0x0, 0x7, '\x00', 0x7})
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f0000000100)=@arm64={0x10, 0xf3, 0x80, '\x00', 0x4})
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_SET_SIGNAL_MASK(r1, 0x4004ae8b, &(0x7f0000000140)={0x72, "0ffabb600bc0c17f50cc8e62c48f3097fb19fe5850f97d686420cf52f7b4ce31d73e0b4b17b5dfcc531825cad52585c47ca7fef38552f0bf1cb87c535aadfd9399c755f63a52bb06989782cbe3bc9a6c98321c360e20d6bd1f6ea76c285723f067c0c42bcf912c93feb36d9a7971f6a37387"})
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x0, 0x4, 0x13, r1, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_RESET_DIRTY_RINGS(r2, 0xaec7)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
syz_kvm_vgic_v3_setup(r2, 0x2, 0x2e0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_kvm_setup_cpu$arm64(r2, r0, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000700)=[{0x0, &(0x7f00000001c0)=[@irq_setup={0x46, 0x18, {0x1, 0x67}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x1e8}}, @smc={0x1e, 0x40, {0x100, [0x4, 0x9, 0x5, 0xffffffffffffffff, 0x101]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x14, 0xd, 0x2}}, @code={0xa, 0x9c, {"005d98d20000b0f2410180d2620180d2230180d2840180d2020000d4008008d5000008d5204b95d20040b0f2a10080d2420180d2430180d2440080d2020000d4000c200e0084c00d00a4004f007008d5803080d20060b0f2e10180d2420180d2e30180d2440080d2020000d4808d90d20080b0f2a10080d2420180d2630180d2640080d2020000d4"}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xd00, 0x800}}, @hvc={0x32, 0x40, {0x200, [0x9, 0x2, 0x9, 0x8, 0x1ff]}}, @irq_setup={0x46, 0x18, {0x4, 0x29}}, @code={0xa, 0x9c, {"a0329dd20060b8f2a10180d2820180d2a30080d2840080d2020000d400a4800d008008d5008008d5607396d20080b8f2010180d2c20080d2430180d2e40080d2020000d4206a95d20000b0f2610180d2620080d2230180d2a40080d2020000d4000028d50000c093000028d5600781d200a0b8f2c10180d2420180d2630180d2640080d2020000d4"}}, @svc={0x122, 0x40, {0x6000000, [0xff2, 0x5, 0x40, 0x3, 0x2]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffd0, 0xfffffffffffff001, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x0, 0xb, 0x7, 0xfffffff7, 0x3}}, @eret={0xe6, 0x18, 0x400}, @irq_setup={0x46, 0x18, {0x0, 0x31f}}, @eret={0xe6, 0x18, 0x19aa}, @hvc={0x32, 0x40, {0xffff, [0x0, 0x8, 0xbe5, 0xc3b, 0x2]}}, @code={0xa, 0x9c, {"20d984d200a0b0f2c10080d2620180d2a30180d2e40180d2020000d4008008d50000319e007008d5007008d5000008d5204a84d200e0b8f2610080d2020180d2230080d2440080d2020000d400e28ad20080b8f2210080d2c20180d2430180d2440180d2020000d40040621ec0e398d200c0b8f2010180d2420180d2430180d2840080d2020000d4"}}, @smc={0x1e, 0x40, {0x10, [0x1, 0x7ff, 0x5, 0x0, 0x10000]}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x9, 0x4, 0x0, 0x5, 0x5, 0x4}}, @svc={0x122, 0x40, {0x4000, [0x7, 0xffffffffffffffa5, 0x5, 0x100, 0x68]}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x1, 0xd, 0x1ba5, 0xfac, 0x1}}, @msr={0x14, 0x20, {0x603000000013c288, 0x6}}], 0x51c}], 0x1, 0x0, &(0x7f0000000740)=[@featur2={0x1, 0x8c}], 0x1)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c2d000/0x3000)=nil, r5, 0xc, 0x2010, r0, 0x0)
munmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000780), 0x290800, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f00000007c0)=@x86={0x72, 0x0, 0xfd, 0x0, 0xffffdedd, 0x2, 0xcb, 0x51, 0x10, 0x9, 0x8, 0x0, 0x0, 0xd, 0xe0, 0x5, 0x10, 0x1, 0x6, '\x00', 0x0, 0x9})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000800), 0x101000, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x204000, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000880)={0x4, 0x0, [{0x2, 0x1, 0x0, 0x0, @msi={0x8, 0x7, 0x4c, 0xd23}}, {0x2, 0x1, 0x0, 0x0, @msi={0x80000001, 0x5, 0x7fffffff, 0x9}}, {0xfc05, 0x2, 0x0, 0x0, @msi={0x6, 0x2, 0x4, 0x9}}, {0xffffffff, 0x0, 0x1, 0x0, @msi={0x9, 0xe30, 0xa, 0x6}}]})
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0x7)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r1, 0x4018aee2, &(0x7f00000009c0)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000980)={0x3, 0x5}})
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000a00)=@x86={0x0, 0x10, 0x25, 0x0, 0x7, 0x80, 0x2, 0x8, 0x2, 0x8, 0x50, 0xa8, 0x0, 0x35, 0x9, 0x0, 0x5, 0x5, 0x3, '\x00', 0x2, 0x2})
r7 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000a40)={0x5, 0x95})

8.302552302s ago: executing program 1 (id=396):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x109901, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) (async)
r5 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x13)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x401, 0x3c0)
r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000000)={0x101, 0x1}) (async)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0xa3a}}, @msr={0x14, 0x20, {0x603000000013dce2, 0x4}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000040)={0x4000, 0xe6ee0000, 0x7485, 0x1, 0x1})
ioctl$KVM_RUN(r7, 0xae80, 0x0)

7.452404078s ago: executing program 0 (id=397):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521c180c7f93448c9114707cd24b7eebb20700", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, r5, 0x100000b, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)

1.271162336s ago: executing program 0 (id=398):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000200)=@arm64={0x81, 0x3, 0x6, '\x00', 0x3d93}) (async, rerun: 64)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) (rerun: 64)
ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1}) (async, rerun: 32)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 32)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r10, 0x4020aeae, &(0x7f00000001c0)={0x5, 0x1f})
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f00000000c0)=@arm64_core={0x603000000010003e, &(0x7f0000000180)=0xfff}) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x1000)=nil, 0x0, 0x1, 0x10, r10, 0x0) (async, rerun: 32)
ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000080)={0x5, 0x8}) (async, rerun: 32)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f00000000c0)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0xffffffffffff692c}) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000100)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000000)=0xb}) (async, rerun: 64)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100004, &(0x7f00000000c0)=0xa83}) (rerun: 64)

0s ago: executing program 1 (id=399):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x20000000)
write$eventfd(r1, &(0x7f0000000000), 0xfffffdef)
mmap$KVM_VCPU(&(0x7f00006b5000/0x2000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000200), 0x222c00, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000002c0)={0x2, 0x0, 0x0, 0x1000, &(0x7f0000ff9000/0x1000)=nil})
ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, &(0x7f0000000080)={0x3, 0x3})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000140)={0x10000, 0x3, 0xeeee0000, 0x1000, &(0x7f0000ff9000/0x1000)=nil})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000240), 0x2400, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000180)={0x1fe, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000000340)={0x5})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000180)={0x1fe, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f0000000100)=@attr_other={0x0, 0x7541, 0x4, &(0x7f00000000c0)=0x2})
r10 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x100000b, 0x28031, r9, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f00000001c0)={0x5, 0x71})
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r11, 0x4018aee3, &(0x7f0000000280)=@attr_pmu_init)
munmap(&(0x7f0000647000/0x1000)=nil, 0x1000)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r12, 0x300000f, 0x32, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

[  378.920839][ T3133] 8021q: adding VLAN 0 to HW filter on device bond0
[  425.873055][ T3133] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:40939' (ED25519) to the list of known hosts.
[  587.688939][   T25] audit: type=1400 audit(586.840:61): avc:  denied  { name_bind } for  pid=3290 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  589.741945][   T25] audit: type=1400 audit(588.890:62): avc:  denied  { execute } for  pid=3291 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  589.780740][   T25] audit: type=1400 audit(588.930:63): avc:  denied  { execute_no_trans } for  pid=3291 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  611.765858][   T25] audit: type=1400 audit(610.900:64): avc:  denied  { mounton } for  pid=3291 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  611.789441][   T25] audit: type=1400 audit(610.930:65): avc:  denied  { mount } for  pid=3291 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  611.875072][ T3291] cgroup: Unknown subsys name 'net'
[  611.922061][   T25] audit: type=1400 audit(611.070:66): avc:  denied  { unmount } for  pid=3291 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  612.298760][ T3291] cgroup: Unknown subsys name 'cpuset'
[  612.401439][ T3291] cgroup: Unknown subsys name 'rlimit'
[  613.327742][   T25] audit: type=1400 audit(612.480:67): avc:  denied  { setattr } for  pid=3291 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  613.352869][   T25] audit: type=1400 audit(612.490:68): avc:  denied  { mounton } for  pid=3291 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  613.371097][   T25] audit: type=1400 audit(612.520:69): avc:  denied  { mount } for  pid=3291 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  614.550798][ T3294] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  614.571008][   T25] audit: type=1400 audit(613.720:70): avc:  denied  { relabelto } for  pid=3294 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  614.591053][   T25] audit: type=1400 audit(613.740:71): avc:  denied  { write } for  pid=3294 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  614.782976][   T25] audit: type=1400 audit(613.930:72): avc:  denied  { read } for  pid=3291 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  614.807408][   T25] audit: type=1400 audit(613.950:73): avc:  denied  { open } for  pid=3291 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  614.850127][ T3291] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  662.349093][   T25] audit: type=1400 audit(661.470:74): avc:  denied  { execmem } for  pid=3295 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  665.838287][   T25] audit: type=1400 audit(664.990:75): avc:  denied  { read } for  pid=3297 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  665.858082][   T25] audit: type=1400 audit(665.000:76): avc:  denied  { open } for  pid=3297 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  665.942750][   T25] audit: type=1400 audit(665.090:77): avc:  denied  { mounton } for  pid=3297 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  666.200256][   T25] audit: type=1400 audit(665.350:78): avc:  denied  { module_request } for  pid=3298 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  667.319804][   T25] audit: type=1400 audit(666.470:79): avc:  denied  { sys_module } for  pid=3297 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  691.110847][ T3297] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  691.352494][ T3297] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  691.413083][ T3298] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  691.805552][ T3298] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  709.802297][ T3297] hsr_slave_0: entered promiscuous mode
[  709.915735][ T3297] hsr_slave_1: entered promiscuous mode
[  712.291019][ T3298] hsr_slave_0: entered promiscuous mode
[  712.350016][ T3298] hsr_slave_1: entered promiscuous mode
[  712.397549][ T3298] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  712.416857][ T3298] Cannot create hsr debugfs directory
[  719.256698][   T25] audit: type=1400 audit(718.400:80): avc:  denied  { create } for  pid=3297 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  719.310634][   T25] audit: type=1400 audit(718.460:81): avc:  denied  { write } for  pid=3297 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  719.368173][   T25] audit: type=1400 audit(718.520:82): avc:  denied  { read } for  pid=3297 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  719.511733][ T3297] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  719.829767][ T3297] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  720.062443][ T3297] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  720.529666][ T3297] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  721.917642][ T3298] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  722.197494][ T3298] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  722.372601][ T3298] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  722.521661][ T3298] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  734.748690][ T3297] 8021q: adding VLAN 0 to HW filter on device bond0
[  737.177659][ T3298] 8021q: adding VLAN 0 to HW filter on device bond0
[  792.525185][ T3297] veth0_vlan: entered promiscuous mode
[  792.978895][ T3297] veth1_vlan: entered promiscuous mode
[  794.627702][ T3298] veth0_vlan: entered promiscuous mode
[  795.300308][ T3297] veth0_macvtap: entered promiscuous mode
[  795.588345][ T3298] veth1_vlan: entered promiscuous mode
[  795.728339][ T3297] veth1_macvtap: entered promiscuous mode
[  797.936754][ T3297] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  797.941486][ T3297] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  797.953130][ T3297] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  797.962517][ T3297] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  798.287015][ T3298] veth0_macvtap: entered promiscuous mode
[  798.759618][ T3298] veth1_macvtap: entered promiscuous mode
[  800.823457][   T25] audit: type=1400 audit(799.970:83): avc:  denied  { mount } for  pid=3297 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  801.063711][   T25] audit: type=1400 audit(800.200:84): avc:  denied  { mounton } for  pid=3297 comm="syz-executor" path="/syzkaller.11n4He/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  801.270569][   T25] audit: type=1400 audit(800.420:85): avc:  denied  { mount } for  pid=3297 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  801.321511][ T3298] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  801.356739][ T3298] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  801.372407][ T3298] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  801.383333][ T3298] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  801.696503][   T25] audit: type=1400 audit(800.840:86): avc:  denied  { mounton } for  pid=3297 comm="syz-executor" path="/syzkaller.11n4He/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  801.833592][   T25] audit: type=1400 audit(800.980:87): avc:  denied  { mounton } for  pid=3297 comm="syz-executor" path="/syzkaller.11n4He/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  802.441336][   T25] audit: type=1400 audit(801.590:88): avc:  denied  { unmount } for  pid=3297 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  802.739406][   T25] audit: type=1400 audit(801.890:89): avc:  denied  { mounton } for  pid=3297 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  802.817396][   T25] audit: type=1400 audit(801.960:90): avc:  denied  { mount } for  pid=3297 comm="syz-executor" name="/" dev="gadgetfs" ino=3276 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  803.338469][   T25] audit: type=1400 audit(802.360:91): avc:  denied  { mount } for  pid=3297 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  803.432826][   T25] audit: type=1400 audit(802.580:92): avc:  denied  { mounton } for  pid=3297 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  804.400417][ T3297] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  808.485324][   T25] kauditd_printk_skb: 4 callbacks suppressed
[  808.497584][   T25] audit: type=1400 audit(807.600:97): avc:  denied  { read } for  pid=3454 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  808.556741][   T25] audit: type=1400 audit(807.670:98): avc:  denied  { open } for  pid=3454 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  809.209229][   T25] audit: type=1400 audit(808.350:99): avc:  denied  { ioctl } for  pid=3454 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  810.810100][   T25] audit: type=1400 audit(809.930:100): avc:  denied  { append } for  pid=3454 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  839.477440][   T25] audit: type=1400 audit(838.620:101): avc:  denied  { write } for  pid=3478 comm="syz.0.7" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  845.156230][   T25] audit: type=1400 audit(844.280:102): avc:  denied  { execute } for  pid=3474 comm="syz.1.6" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3658 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  861.858507][   T25] audit: type=1400 audit(860.970:103): avc:  denied  { setattr } for  pid=3491 comm="syz.1.11" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  969.527236][ T3566] kvm [3566]: Failed to find VMA for hva 0x20c01000
[ 1024.451633][ T3609] kvm [3609]: Failed to find VMA for hva 0x21016000
[ 1176.347450][ T3712] kvm [3712]: Failed to find VMA for hva 0x20d8d000
[ 1217.093467][ T3747] kvm [3746]: Unsupported guest access at: eeef0000
[ 1217.093467][ T3747]  { Op0( 2), Op1( 0), CRn( 0), CRm( 0), Op2( 2), func_write },
[ 1348.840820][ T3841] kvm [3841]: Failed to find VMA for hva 0x20d8d000
[ 1361.520723][ T3849] kvm [3849]: Failed to find VMA for hva 0x20c01000
[ 1374.070471][   T25] audit: type=1400 audit(1373.170:104): avc:  denied  { map } for  pid=3859 comm="syz.1.113" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1388.636773][ T3863] kvm [3863]: Failed to find VMA for hva 0x20c01000
[ 1511.210100][ T3956] kvm [3956]: Failed to find VMA for hva 0x20e8a000
[ 1704.138739][ T4090] kvm [4090]: Failed to find VMA for hva 0x21016000
[ 2058.410941][ T4347] kvm [4347]: Failed to find VMA for hva 0x20c01000
[ 2130.396848][ T4396] kvm [4396]: Failed to find VMA for hva 0x20d8d000
[ 2552.513681][   T25] audit: type=1400 audit(2551.630:105): avc:  denied  { ioctl } for  pid=4713 comm="syz.0.362" path="net:[4026531840]" dev="nsfs" ino=4026531840 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 2571.061509][ T4723] kvm [4723]: Failed to find VMA for hva 0x20d3f000
[ 2593.891922][ T4741] kvm [4736]: Unsupported guest access at: eeef0000
[ 2593.891922][ T4741]  { Op0( 2), Op1( 0), CRn( 0), CRm( 0), Op2( 2), func_write },
[ 2724.932844][   T25] audit: type=1400 audit(2724.040:106): avc:  denied  { getattr } for  pid=4822 comm="syz.1.394" path="net:[4026532626]" dev="nsfs" ino=4026532626 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 2738.691627][ T4834] ------------[ cut here ]------------
[ 2738.692538][ T4834] WARNING: CPU: 0 PID: 4834 at arch/arm64/kvm/inject_fault.c:63 pend_sync_exception+0x198/0x5ac
[ 2738.696441][ T4834] Modules linked in:
[ 2738.699205][ T4834] CPU: 0 UID: 0 PID: 4834 Comm: syz.0.398 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT 
[ 2738.701001][ T4834] Hardware name: linux,dummy-virt (DT)
[ 2738.702435][ T4834] pstate: 81402009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
[ 2738.703833][ T4834] pc : pend_sync_exception+0x198/0x5ac
[ 2738.704927][ T4834] lr : pend_sync_exception+0x198/0x5ac
[ 2738.705953][ T4834] sp : ffff80008e7d78c0
[ 2738.706784][ T4834] x29: ffff80008e7d78c0 x28: 0000000000000028 x27: 28f0000017b62028
[ 2738.708805][ T4834] x26: 0000000000000028 x25: 0000000000000000 x24: 0000000000000000
[ 2738.710372][ T4834] x23: 0000000000000000 x22: 0000000000000028 x21: 28f0000017b62c01
[ 2738.712058][ T4834] x20: 0000000000000007 x19: efff800000000000 x18: 0000000000000000
[ 2738.713663][ T4834] x17: 0000000000000047 x16: ffff800080011d9c x15: 0000000020000200
[ 2738.715326][ T4834] x14: ffffffffffffffff x13: 0000000000000028 x12: 0000000000000081
[ 2738.717096][ T4834] x11: 81f000000d38ede4 x10: 0000000000ff0100 x9 : 0000000000000000
[ 2738.718957][ T4834] x8 : 81f000000d38d880 x7 : ffff800080b08704 x6 : ffff80008e7d7a88
[ 2738.720592][ T4834] x5 : ffff80008e7d7a88 x4 : 0000000000000001 x3 : ffff8000801a2e80
[ 2738.722260][ T4834] x2 : 0000000000000000 x1 : 0000000000000002 x0 : 0000000000000000
[ 2738.724119][ T4834] Call trace:
[ 2738.725213][ T4834]  pend_sync_exception+0x198/0x5ac (P)
[ 2738.726596][ T4834]  __kvm_inject_sea+0x268/0x96c
[ 2738.727702][ T4834]  kvm_inject_sea+0x98/0x72c
[ 2738.728772][ T4834]  __kvm_arm_vcpu_set_events+0x134/0x238
[ 2738.729870][ T4834]  kvm_arch_vcpu_ioctl+0xed8/0x16b0
[ 2738.730954][ T4834]  kvm_vcpu_ioctl+0x5c4/0xc2c
[ 2738.732034][ T4834]  __arm64_sys_ioctl+0x18c/0x244
[ 2738.733022][ T4834]  invoke_syscall+0x90/0x2b4
[ 2738.734123][ T4834]  el0_svc_common+0x180/0x2f4
[ 2738.735154][ T4834]  do_el0_svc+0x58/0x74
[ 2738.736209][ T4834]  el0_svc+0x58/0x160
[ 2738.737223][ T4834]  el0t_64_sync_handler+0x78/0x108
[ 2738.738166][ T4834]  el0t_64_sync+0x198/0x19c
[ 2738.739430][ T4834] irq event stamp: 930
[ 2738.740340][ T4834] hardirqs last  enabled at (929): [<ffff80008653cb88>] _raw_read_unlock_irqrestore+0x44/0xbc
[ 2738.741725][ T4834] hardirqs last disabled at (930): [<ffff800086517e08>] el1_dbg+0x24/0x80
[ 2738.742987][ T4834] softirqs last  enabled at (896): [<ffff8000800c988c>] local_bh_enable+0x10/0x34
[ 2738.744407][ T4834] softirqs last disabled at (894): [<ffff8000800c9858>] local_bh_disable+0x10/0x34
[ 2738.745872][ T4834] ---[ end trace 0000000000000000 ]---
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 2756.906746][ T4666] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2757.736747][ T4666] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2758.297776][ T4666] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2759.030109][ T4666] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2768.422841][ T4666] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2768.511079][ T4666] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2768.588097][ T4666] bond0 (unregistering): Released all slaves

VM DIAGNOSIS:
04:00:42  Registers:
info registers vcpu 0

CPU#0
 PC=ffff800080481390 X00=0000000000000000 X01=0000000000000080
X02=0000000000000001 X03=ffff80008045b084 X04=ffff80008e7d7000
X05=0000000000000020 X06=0000000000000000 X07=ffff80008652e834
X08=81f000000d38d880 X09=0000000000000000 X10=0000000000ff0100
X11=0000000000000004 X12=0000000000000005 X13=0000000000000002
X14=00000000000000c8 X15=ffff800087f39a30 X16=ffff800080011d9c
X17=0000000000000047 X18=0000000000000000 X19=ffff80008047fbb8
X20=0000000000000000 X21=00000000000003c0 X22=00000000000003c0
X23=ffff80008e7d7368 X24=00000000ffffffff X25=0000000000000000
X26=00000000ffffffff X27=00000000000012e2 X28=00000000000000ff
X29=ffff80008e7d7280 X30=ffff80008048138c  SP=ffff80008e7d7280
PSTATE=804023c9 N--- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=0000000000000000:0000000000000000 Z01=0000ffffe7785200:dfaa8b1cd6ca9d00
Z02=0000ffffe77851e0:ffffff80ffffffd8 Z03=0000ffffe7785290:0000ffffe7785290
Z04=0000ffffe7785290:0000ffffbd336d08 Z05=0000ffffe7785260:0000ffffe7785290
Z06=6edc4d3a2914b135:d8e9c869e2695c88 Z07=b20fae707afde253:388e9c6c4fa85ca0
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000ffffe77854b0:0000ffffe77854b0 Z17=ffffff80ffffffd0:0000ffffe7785480
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000