last executing test programs:

48m16.790663981s ago: executing program 0 (id=1):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="4600000000000000180000000000000001000800"], 0x18}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r4})
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
r5 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0xa)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000005c0)={0x0, &(0x7f0000000000)=[@svc={0x122, 0x40, {0x40000000, [0x40, 0x200, 0x26eff0a7, 0x6, 0x8]}}, @msr={0x14, 0x20, {0x603000000013e100, 0x7fffffffffffffff}}, @code={0xa, 0x6c, {"00a0002f000c40f8007008d5e0639ad20020b8f2010180d2e20080d2c30180d2e40180d2020000d4407d8dd20060b8f2210080d2220180d2630080d2440080d2020000d400849f0d0084200e0000c0790004002f004c207e"}}, @irq_setup={0x46, 0x18, {0x0, 0x1a0}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x78, 0x5, 0x6}}, @code={0xa, 0xb4, {"e0119fd200a0b0f2c10080d2c20080d2630180d2e40180d2020000d4007008d5008008d5806599d200e0b0f2410080d2020080d2230180d2040080d2020000d4c0db9fd200a0b8f2210180d2820080d2230080d2c40180d2020000d4a08989d200e0b0f2c10180d2220180d2630080d2a40080d2020000d460218ad200a0b8f2210180d2220080d2230080d2040180d2020000d40000a00d008008d5000040b8"}}, @smc={0x1e, 0x40, {0x80008200, [0x6, 0x4, 0x1, 0x8001, 0x80]}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0xb6}}, @code={0xa, 0x84, {"0040600d007008d5001c0053008008d5c01386d200a0b8f2410080d2620180d2230080d2240180d2020000d400c0211e000028d5e0e48cd20040b8f2c10180d2220180d2630080d2040080d2020000d4005d82d20000b8f2410180d2620180d2430180d2440180d2020000d40060c00c"}}, @svc={0x122, 0x40, {0xc4000004, [0x3, 0x8abd, 0x4, 0xda, 0x3]}}, @mrs={0xbe, 0x18, {0x603000000013c016}}, @svc={0x122, 0x40, {0xc4000014, [0x9, 0x9, 0x6, 0x0, 0x2]}}, @hvc={0x32, 0x40, {0x84000050, [0x5, 0x4, 0xffffffffffffffff, 0x0, 0x1fc]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x4, 0x2, 0x2, 0x3, 0x3}}, @svc={0x122, 0x40, {0x112, [0x1, 0x3, 0xf, 0xca8, 0x2]}}, @svc={0x122, 0x40, {0xc400000c, [0x18000000, 0x4, 0x0, 0x5, 0x4]}}, @smc={0x1e, 0x40, {0x8400000d, [0x0, 0x10001, 0xfffffffffffffffd, 0x885, 0x6]}}, @mrs={0xbe, 0x18, {0x603000000013e528}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x4, 0x6, 0xe, 0x2, 0x4}}, @smc={0x1e, 0x40, {0x2, [0xc7d, 0xe, 0x6, 0x475, 0x80]}}, @svc={0x122, 0x40, {0x84000004, [0x6, 0xa, 0xbe, 0x3, 0x43]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x20020, 0x3}}, @svc={0x122, 0x40, {0xc5000021, [0x7, 0x6, 0x1, 0x5]}}], 0x5a4}, &(0x7f0000000600)=[@featur2], 0x1)
ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, <r9=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r9, 0x800454e1, 0x110c230004)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x2c)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3b)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)

48m13.230703815s ago: executing program 1 (id=2):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x4, <r4=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r4, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0xf81e, 0x200, 0x0})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r5, 0x400454d9, 0x0)

47m55.771504832s ago: executing program 1 (id=3):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, r4, 0x2000003, 0x110, r2, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async)
close(0xffffffffffffffff)
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000000)={0x1, 0x6000, 0x0, 0xffffffffffffffff, 0x8}) (async)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r9, 0xae03, 0xc6) (async)
mmap$KVM_VCPU(&(0x7f0000009000/0x2000)=nil, r4, 0x2000009, 0x11, r2, 0x0) (async)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r1, 0x4068aea3, &(0x7f0000000080)) (async)
r10 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)

47m54.78033145s ago: executing program 0 (id=4):
r0 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r1 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0xfffffffff4000000)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)

47m47.370961947s ago: executing program 1 (id=5):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x4, 0x220)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f0000000040)=[@msr={0x14, 0x20, {0x603000000013c65f, 0x8001}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xdddd1000, 0x0, r9})
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000000)={0xc, 0xeeef0000, 0x2, r9})
close(r8)

47m44.513725272s ago: executing program 0 (id=6):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x27)
ioctl$KVM_SIGNAL_MSI(r3, 0x4020aea5, &(0x7f00000000c0)={0xeeee8000, 0x1000, 0x9, 0x0, 0x3})
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000080)=@arm64_core={0x6030000000100042, &(0x7f0000000100)=0xc5c5})

47m36.277829051s ago: executing program 0 (id=7):
r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r0, 0x4068aea3, &(0x7f0000000000))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r0, 0x4208ae9b, &(0x7f0000000100)={0x20001, 0x0, {[0x0, 0x6, 0x6, 0x2, 0x7, 0x6, 0x6a20, 0x401, 0xa61, 0x5, 0x0, 0x100000001, 0x5, 0x5, 0x80000001, 0xbf0000000], [0x6, 0x10001, 0x7f, 0x0, 0xb, 0x4, 0xf, 0x5, 0x60000, 0x7, 0x8de, 0x5, 0x100000001, 0x4, 0x3, 0x7], [0xffffffffffff7e6e, 0x0, 0x40, 0x1, 0xf, 0x14000, 0x0, 0xffff, 0x3dee, 0x5, 0x8001, 0x6, 0x0, 0xfffffffffffffff7, 0x1, 0x1], [0x2, 0x3fc0000000, 0xf5, 0x4, 0x5, 0xfffffffffffffffb, 0x10000, 0x9, 0x6, 0x60000000, 0x1, 0x6, 0x9, 0x5, 0x9, 0x9ea4]}})
mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, 0x0, 0x2000001, 0x11, 0xffffffffffffffff, 0x0)
close(r1)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x26)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000380)=@arm64_extra={0x603000000013c035, &(0x7f0000000340)=0x9})
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f00000003c0)={0x0, 0x1, 0x8000000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
ioctl$KVM_GET_DEVICE_ATTR(r0, 0x4018aee2, &(0x7f0000000440)=@attr_arm64={0x0, 0x8, 0x5, &(0x7f0000000400)=0x1000})
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, r5, 0xe, 0x4010, r2, 0x0)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_PTP_KVM(r4, 0x4068aea3, &(0x7f0000000480))
r6 = ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece)
ioctl$KVM_SIGNAL_MSI(r6, 0x4020aea5, &(0x7f0000000500)={0xd000, 0xe6ee6000, 0x7fff, 0x0, 0x3})
r7 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2c)
write$eventfd(r6, &(0x7f0000000540)=0x8, 0x8)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r8 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x33)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000580)={0x5})
ioctl$KVM_HAS_DEVICE_ATTR_vm(0xffffffffffffffff, 0x4018aee3, &(0x7f0000000600)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000005c0)={0x1, 0xffff3436}})
ioctl$KVM_KVMCLOCK_CTRL(0xffffffffffffffff, 0xaead)
ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f0000000680)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000640)={0x0, 0x5, 0x2}})
ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f00000006c0)={r0, 0x1ff, 0x2, r0})
mmap$KVM_VCPU(&(0x7f0000dff000/0x4000)=nil, r5, 0x300000c, 0x10010, r0, 0x0)
syz_kvm_setup_cpu$arm64(r4, r6, &(0x7f0000b2a000/0x400000)=nil, &(0x7f0000000bc0)=[{0x0, &(0x7f0000000700)=[@its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x0, 0x7, 0x0, 0xa51b, 0x3}}, @memwrite={0x6e, 0x30, @generic={0x5000, 0x415}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x4, 0xac, 0xb}}, @code={0xa, 0xb4, {"00c8302e402b8dd20020b8f2c10080d2220180d2030080d2240080d2020000d440a28ed20000b0f2410180d2420180d2830180d2040180d2020000d40024c09a009c004f008008d5e0209fd200e0b0f2210080d2020180d2230080d2a40080d2020000d4a0529cd200c0b0f2010180d2220080d2230180d2e40180d2020000d4803d9ed20040b8f2610080d2620080d2a30180d2040080d2020000d4007008d5"}}, @msr={0x14, 0x20, {0x603000000013df6d, 0xffff}}, @eret={0xe6, 0x18, 0xff}, @code={0xa, 0x54, {"007008d50000803c008008d5000008d5000008d5000c80780058202e000028d50020200d804d9ad20040b8f2a10080d2c20180d2030080d2240180d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x7f, 0x4, 0xc, 0x1, 0x8, 0x1}}, @msr={0x14, 0x20, {0x603000000013deb7, 0x5}}, @svc={0x122, 0x40, {0x84000052, [0xf494, 0x7, 0x2, 0x3d, 0x2]}}, @irq_setup={0x46, 0x18, {0x4, 0x3c6}}, @smc={0x1e, 0x40, {0x84000053, [0x5, 0x6, 0x21]}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x9, 0x3, 0x5, 0x8000, 0x1}}, @eret={0xe6, 0x18, 0x9}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe0, 0x318b, 0x1}}, @msr={0x14, 0x20, {0x603000000013e665, 0x9c51000000}}, @mrs={0xbe, 0x18, {0x603000000013ff11}}, @hvc={0x32, 0x40, {0x80000000, [0x8cf, 0x8, 0xff, 0x4, 0x2]}}, @memwrite={0x6e, 0x30, @generic={0xdddd1000, 0x7e, 0x3}}, @msr={0x14, 0x20, {0x603000000013e6c0, 0x67c8}}, @memwrite={0x6e, 0x30, @generic={0xeeee8000, 0xc42, 0x9, 0x2}}, @irq_setup={0x46, 0x18, {0x2, 0x28}}, @mrs={0xbe, 0x18, {0x603000000013c2a3}}, @smc={0x1e, 0x40, {0x1000030, [0x4, 0x8158, 0x1, 0x88, 0x401]}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x4, 0xb, 0x6b, 0x6, 0x2}}], 0x4a8}], 0x1, 0x0, &(0x7f0000000c00)=[@featur2={0x1, 0x72}], 0x1)
ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, &(0x7f0000000c80)=@attr_arm64={0x0, 0x2, 0x5, &(0x7f0000000c40)=0xd2})

47m32.989300458s ago: executing program 1 (id=8):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x20600, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x2)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x3}}], 0x68}, 0x0, 0x0)
r4 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x6, 0x4, 0x0})

46m50.183878078s ago: executing program 32 (id=7):
r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r0, 0x4068aea3, &(0x7f0000000000))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r0, 0x4208ae9b, &(0x7f0000000100)={0x20001, 0x0, {[0x0, 0x6, 0x6, 0x2, 0x7, 0x6, 0x6a20, 0x401, 0xa61, 0x5, 0x0, 0x100000001, 0x5, 0x5, 0x80000001, 0xbf0000000], [0x6, 0x10001, 0x7f, 0x0, 0xb, 0x4, 0xf, 0x5, 0x60000, 0x7, 0x8de, 0x5, 0x100000001, 0x4, 0x3, 0x7], [0xffffffffffff7e6e, 0x0, 0x40, 0x1, 0xf, 0x14000, 0x0, 0xffff, 0x3dee, 0x5, 0x8001, 0x6, 0x0, 0xfffffffffffffff7, 0x1, 0x1], [0x2, 0x3fc0000000, 0xf5, 0x4, 0x5, 0xfffffffffffffffb, 0x10000, 0x9, 0x6, 0x60000000, 0x1, 0x6, 0x9, 0x5, 0x9, 0x9ea4]}})
mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, 0x0, 0x2000001, 0x11, 0xffffffffffffffff, 0x0)
close(r1)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x26)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000380)=@arm64_extra={0x603000000013c035, &(0x7f0000000340)=0x9})
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f00000003c0)={0x0, 0x1, 0x8000000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
ioctl$KVM_GET_DEVICE_ATTR(r0, 0x4018aee2, &(0x7f0000000440)=@attr_arm64={0x0, 0x8, 0x5, &(0x7f0000000400)=0x1000})
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, r5, 0xe, 0x4010, r2, 0x0)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_PTP_KVM(r4, 0x4068aea3, &(0x7f0000000480))
r6 = ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece)
ioctl$KVM_SIGNAL_MSI(r6, 0x4020aea5, &(0x7f0000000500)={0xd000, 0xe6ee6000, 0x7fff, 0x0, 0x3})
r7 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2c)
write$eventfd(r6, &(0x7f0000000540)=0x8, 0x8)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r8 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x33)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000580)={0x5})
ioctl$KVM_HAS_DEVICE_ATTR_vm(0xffffffffffffffff, 0x4018aee3, &(0x7f0000000600)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000005c0)={0x1, 0xffff3436}})
ioctl$KVM_KVMCLOCK_CTRL(0xffffffffffffffff, 0xaead)
ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f0000000680)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000640)={0x0, 0x5, 0x2}})
ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f00000006c0)={r0, 0x1ff, 0x2, r0})
mmap$KVM_VCPU(&(0x7f0000dff000/0x4000)=nil, r5, 0x300000c, 0x10010, r0, 0x0)
syz_kvm_setup_cpu$arm64(r4, r6, &(0x7f0000b2a000/0x400000)=nil, &(0x7f0000000bc0)=[{0x0, &(0x7f0000000700)=[@its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x0, 0x7, 0x0, 0xa51b, 0x3}}, @memwrite={0x6e, 0x30, @generic={0x5000, 0x415}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x4, 0xac, 0xb}}, @code={0xa, 0xb4, {"00c8302e402b8dd20020b8f2c10080d2220180d2030080d2240080d2020000d440a28ed20000b0f2410180d2420180d2830180d2040180d2020000d40024c09a009c004f008008d5e0209fd200e0b0f2210080d2020180d2230080d2a40080d2020000d4a0529cd200c0b0f2010180d2220080d2230180d2e40180d2020000d4803d9ed20040b8f2610080d2620080d2a30180d2040080d2020000d4007008d5"}}, @msr={0x14, 0x20, {0x603000000013df6d, 0xffff}}, @eret={0xe6, 0x18, 0xff}, @code={0xa, 0x54, {"007008d50000803c008008d5000008d5000008d5000c80780058202e000028d50020200d804d9ad20040b8f2a10080d2c20180d2030080d2240180d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x7f, 0x4, 0xc, 0x1, 0x8, 0x1}}, @msr={0x14, 0x20, {0x603000000013deb7, 0x5}}, @svc={0x122, 0x40, {0x84000052, [0xf494, 0x7, 0x2, 0x3d, 0x2]}}, @irq_setup={0x46, 0x18, {0x4, 0x3c6}}, @smc={0x1e, 0x40, {0x84000053, [0x5, 0x6, 0x21]}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x9, 0x3, 0x5, 0x8000, 0x1}}, @eret={0xe6, 0x18, 0x9}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe0, 0x318b, 0x1}}, @msr={0x14, 0x20, {0x603000000013e665, 0x9c51000000}}, @mrs={0xbe, 0x18, {0x603000000013ff11}}, @hvc={0x32, 0x40, {0x80000000, [0x8cf, 0x8, 0xff, 0x4, 0x2]}}, @memwrite={0x6e, 0x30, @generic={0xdddd1000, 0x7e, 0x3}}, @msr={0x14, 0x20, {0x603000000013e6c0, 0x67c8}}, @memwrite={0x6e, 0x30, @generic={0xeeee8000, 0xc42, 0x9, 0x2}}, @irq_setup={0x46, 0x18, {0x2, 0x28}}, @mrs={0xbe, 0x18, {0x603000000013c2a3}}, @smc={0x1e, 0x40, {0x1000030, [0x4, 0x8158, 0x1, 0x88, 0x401]}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x4, 0xb, 0x6b, 0x6, 0x2}}], 0x4a8}], 0x1, 0x0, &(0x7f0000000c00)=[@featur2={0x1, 0x72}], 0x1)
ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, &(0x7f0000000c80)=@attr_arm64={0x0, 0x2, 0x5, &(0x7f0000000c40)=0xd2})

46m46.33961158s ago: executing program 33 (id=8):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x20600, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x2)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x3}}], 0x68}, 0x0, 0x0)
r4 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x6, 0x4, 0x0})

31m56.872704269s ago: executing program 3 (id=102):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@mrs={0xbe, 0x18, {0x603000000013808c}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r5, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x9)
r9 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04) (async)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r10, 0xb, 0x11, r8, 0x0)
r11 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000180)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0xfffffffffffffeb0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)

31m46.531449868s ago: executing program 2 (id=103):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_vgic_v3_setup(r2, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f00000000c0)}) (async)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) (async)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c024, &(0x7f00000000c0)})
syz_kvm_vgic_v3_setup(r4, 0x2, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) (async)
close(r4) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)

31m44.032791644s ago: executing program 3 (id=104):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f00000001c0)=[@uexit, @its_send_cmd={0xaa, 0x0, {0x1, 0x1, 0x4, 0xe, 0x7fff, 0x9, 0x3}}, @eret={0xe6, 0x0, 0xe4}, @hvc={0x32, 0x0, {0x30000010, [0x3, 0x4c5b, 0x800, 0x401, 0x7]}}, @eret={0xe6, 0x0, 0x3}, @hvc={0x32, 0x0, {0x86000046, [0x0, 0x5, 0xffffffff, 0x7ff, 0x9]}}, @irq_setup={0x46, 0x0, {0x0, 0x1fc}}, @smc={0x1e, 0x0, {0x84000008, [0x6, 0x4, 0x80000001, 0x6, 0x6]}}, @memwrite={0x6e, 0x0, @vgic_gits={0x8080000, 0xffe4, 0x6, 0x4}}, @svc={0x122, 0x0, {0x200, [0x7, 0xc8db, 0x6, 0x2, 0xffffffffffffffff]}}, @code={0xa, 0x0, {"e0aa83d200a0b8f2c10180d2020180d2230180d2640180d2020000d4007008d5c0e59ed20060b0f2a10080d2820180d2030080d2e40080d2020000d4e0c087d20000b0f2610080d2e20080d2830180d2040080d2020000d40080201f000c40fce03987d20000b8f2a10180d2a20180d2430080d2640080d2020000d4e0759fd200e0b0f2610180d2420180d2e30080d2440080d2020000d4007008d5805884d200c0b8f2a10180d2620080d2030080d2840180d2020000d4"}}, @uexit={0x0, 0x0, 0x4}, @memwrite={0x6e, 0x0, @vgic_gicr={0x80a0000, 0x0, 0x5, 0x4}}, @irq_setup={0x46, 0x0, {0x3, 0x16}}, @its_send_cmd={0xaa, 0x0, {0x9, 0x1, 0x33, 0x5, 0x6, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x0, {0x0, 0x1, 0x0, 0x6, 0x10000, 0x7ff, 0x3}}, @hvc={0x32, 0x0, {0x84000009, [0x8, 0xd31, 0x7, 0x1, 0x1]}}, @code={0xa, 0x0, {"0084000d0048214e00308ed200c0b0f2810180d2020080d2830180d2440180d2020000d4605393d20020b8f2c10080d2a20080d2a30080d2840080d2020000d400d4200e404482d200a0b8f2c10180d2c20080d2230080d2a40180d2020000d4007008d50070204e40bb93d20020b8f2610180d2020180d2630180d2040080d2020000d40040200d"}}, @code={0xa, 0x0, {"806a95d200c0b8f2a10180d2820080d2230080d2840080d2020000d460a59dd20080b0f2c10080d2820180d2030080d2c40080d2020000d4c0f788d20060b8f2c10180d2e20080d2030180d2440180d2020000d4000040bc007008d5e003004b007008d50020c01a801583d20040b8f2410080d2420180d2a30180d2a40180d2020000d4000028d5"}}, @memwrite={0x6e, 0x0, @vgic_gicd={0x8000000, 0x180, 0x3744, 0x4}}, @svc={0x122, 0x0, {0x84000053, [0x4cfb, 0x40, 0x3, 0xc, 0xfffffffffffffff8]}}, @smc={0x1e, 0x0, {0xac7a052f239ce878, [0x9, 0x6, 0x4, 0x0, 0x2]}}], 0x50}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r5, 0x4068aea3, &(0x7f0000000180)={0xa8, 0x0, 0x2})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f00000000c0)=@arm64_fw={0x6030000000140003, &(0x7f0000000000)=0x4})

31m35.148544094s ago: executing program 2 (id=105):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x40480, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0) (async)
r3 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0x80111500, 0xfffffffffffff000)
ioctl$KVM_IRQ_LINE(r4, 0x4008ae61, &(0x7f0000000100)={0x1002000, 0x1}) (async)
r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x2, 0x1, 0xf000, 0x1000, &(0x7f0000c02000/0x1000)=nil})
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@hvc={0x32, 0x40, {0x3f000000, [0xd, 0x5, 0x2, 0x0, 0x7c]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

31m29.923135914s ago: executing program 3 (id=106):
r0 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00000000000000000200", 0x0, 0xffffffffffffff32)
r1 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)

31m25.370402031s ago: executing program 2 (id=107):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r0, 0x2, 0x0) (async)
ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) (async)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000180)={0x3000, 0x0, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000380)={0x2, 0x25000, 0x1}) (async)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r4, 0x4010ae68, &(0x7f0000000240)={0xffff1000, 0xa000}) (async)
r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
syz_kvm_setup_cpu$arm64(r7, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 32)
r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (rerun: 32)
syz_kvm_setup_cpu$arm64(r5, r8, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="4600000000000000180000000000000001000000a0"], 0x18}], 0x1, 0x0, 0x0, 0x0)
r9 = ioctl$KVM_GET_STATS_FD_vm(r5, 0xaece)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x13) (async, rerun: 32)
syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) (async, rerun: 32)
r10 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x15)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r10, 0x4010ae68, 0x0) (async)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x82203, 0x0) (async)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r12, r13, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x18}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f0000000140)=@arm64_sve={0x60800000001500e6, 0x0})

31m19.280083535s ago: executing program 3 (id=108):
openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r0, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r0, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100044, &(0x7f0000000000)=0x3ff})

31m17.040594986s ago: executing program 2 (id=109):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000240)=@arm64_fp={0x6040000000100081, &(0x7f0000000080)=0x2})
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000000)={0x101ff, 0x0, &(0x7f0000000000/0x2000)=nil})
r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0xfffffffe, 0x0, 0x6, 0x0, 0x20000004}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000040)={0x8, <r5=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

31m13.83367022s ago: executing program 3 (id=110):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
ioctl$KVM_GET_SREGS(r2, 0x8000ae83, 0x0)
r3 = openat$kvm(0x0, &(0x7f00000001c0), 0x80, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r7, 0x4018aee2, &(0x7f0000000140)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f00000000c0)=0x19})
ioctl$KVM_SET_DEVICE_ATTR_vm(r5, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0x100, 0x518, &(0x7f0000000240)})
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0xfffffffffffffffe)
r11 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)
ioctl$KVM_CHECK_EXTENSION(r13, 0xae03, 0x6)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x11)
ioctl$KVM_SET_USER_MEMORY_REGION(r14, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r14, 0x4020ae46, &(0x7f0000000100)={0x0, 0x2, 0xdddd1000, 0x2000, &(0x7f0000000000/0x2000)=nil})

31m8.130733301s ago: executing program 2 (id=111):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_HALT_POLL(r2, 0x4068aea3, &(0x7f0000000100)={0xb6, 0x0, 0x81}) (async)
ioctl$KVM_CAP_HALT_POLL(r2, 0x4068aea3, &(0x7f0000000100)={0xb6, 0x0, 0x81})
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x18, {"7f2003d5"}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
r7 = syz_kvm_vgic_v3_setup(r6, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r7, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x1, 0x800000000008, &(0x7f00000004c0)=0x1})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x27) (async)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x27)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8}) (async)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x8, 0x0, 0x0})
r11 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000040)={0x7, 0xffffffffffffffff, 0x1})

31m3.266510176s ago: executing program 3 (id=112):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x24a282, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000000080)={0xeeee8000, 0xa000})
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2f)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000500)={0x7, <r4=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000580)=@attr_other={0x0, 0x1, 0xd3, &(0x7f0000000540)=0x7})
close(r2)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x1)
close(r3)
ioctl$KVM_CLEAR_DIRTY_LOG(r2, 0xc018aec0, &(0x7f00000004c0)={0x10201, 0x400, 0x80, &(0x7f00000000c0)=[0x4, 0x79f84123, 0x7, 0x4, 0x1, 0x400, 0x1b60000, 0x3, 0x80000001, 0x1, 0xd, 0x7fff, 0x1ff, 0x5, 0x8000, 0xffffffffffffffff, 0x8, 0xfffffffffffffffe, 0x0, 0x6, 0x200, 0x448, 0xffffffffffffffff, 0x4, 0x1, 0x6, 0x8c, 0x6, 0x68ac, 0x1, 0x81, 0x6, 0x1, 0x4, 0x3, 0x100, 0x40, 0x3, 0x3, 0x40, 0x90c0000000000000, 0x7, 0x3, 0x4, 0x6, 0x3, 0x6, 0x1ff, 0xe, 0x1, 0xffff, 0x1, 0x6, 0x4, 0x81b8, 0x8, 0x8, 0xee, 0xfffffffffffffffe, 0x5, 0x6, 0x400, 0xceb, 0x200, 0x0, 0x7fffffff, 0xffffffffffff7fff, 0xff, 0x2, 0x3ff, 0x3, 0x8, 0x1, 0x51f4, 0x9, 0x4, 0xffffffff, 0xc75, 0x8, 0xf53, 0x7909bc3c, 0x946c, 0x2f00000000, 0x7, 0x9, 0x401, 0x9, 0x4, 0x0, 0x4, 0xffffffffffffff7f, 0x4, 0x7190, 0x6, 0xff, 0xae, 0x9, 0x58fa, 0x0, 0x8, 0x9, 0x7, 0x1, 0x4, 0x0, 0x7fffffffffffffff, 0x7, 0x401, 0xe, 0x7, 0x2, 0x0, 0x8, 0x9, 0x8b9, 0xfffffffffffffffd, 0xf, 0x4, 0x4, 0x5, 0x1ff, 0x41db, 0x2, 0x80, 0xe, 0xffffffffffffb3f1, 0x1dfa000, 0xfffffffffffffffd]})

30m57.139459354s ago: executing program 2 (id=113):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x0, 0x7d7b465c1d30afba, 0xffffffffffffffff, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r6, 0x4208ae9b, &(0x7f0000000240)={0x20003, 0x0, {[0x97ab, 0x10001, 0x3, 0xc08d, 0x8, 0xffffffff00000001, 0x3b880, 0x400, 0x5, 0x2, 0x6, 0x5, 0x2, 0x8, 0x6, 0x7fff], [0x45e1, 0x8000, 0x5d2, 0xfff, 0xbb9, 0x0, 0x8, 0xe, 0x51bb, 0x8, 0x4d681830, 0x9, 0x3, 0x10000, 0x7, 0xfffffffffffffff6], [0x80000001, 0xfffffffffffffffe, 0xa3, 0x0, 0x8, 0x81, 0x6, 0xfda8, 0x401, 0x5fd6, 0x3, 0x0, 0x40, 0x4, 0xffffffff, 0x9], [0x3, 0x6, 0xe99, 0xe, 0x9, 0x7, 0x8, 0x0, 0xb, 0x2, 0x10, 0x4, 0x9, 0x9, 0xc, 0x6]}})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r7, 0xae03, 0x24)
r8 = eventfd2(0x5, 0x800)
write$eventfd(r8, &(0x7f0000000000)=0xffffffffffffffff, 0x8)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000000)={0x7, 0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)

30m16.77088532s ago: executing program 34 (id=112):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x24a282, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000000080)={0xeeee8000, 0xa000})
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2f)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000500)={0x7, <r4=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000580)=@attr_other={0x0, 0x1, 0xd3, &(0x7f0000000540)=0x7})
close(r2)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x1)
close(r3)
ioctl$KVM_CLEAR_DIRTY_LOG(r2, 0xc018aec0, &(0x7f00000004c0)={0x10201, 0x400, 0x80, &(0x7f00000000c0)=[0x4, 0x79f84123, 0x7, 0x4, 0x1, 0x400, 0x1b60000, 0x3, 0x80000001, 0x1, 0xd, 0x7fff, 0x1ff, 0x5, 0x8000, 0xffffffffffffffff, 0x8, 0xfffffffffffffffe, 0x0, 0x6, 0x200, 0x448, 0xffffffffffffffff, 0x4, 0x1, 0x6, 0x8c, 0x6, 0x68ac, 0x1, 0x81, 0x6, 0x1, 0x4, 0x3, 0x100, 0x40, 0x3, 0x3, 0x40, 0x90c0000000000000, 0x7, 0x3, 0x4, 0x6, 0x3, 0x6, 0x1ff, 0xe, 0x1, 0xffff, 0x1, 0x6, 0x4, 0x81b8, 0x8, 0x8, 0xee, 0xfffffffffffffffe, 0x5, 0x6, 0x400, 0xceb, 0x200, 0x0, 0x7fffffff, 0xffffffffffff7fff, 0xff, 0x2, 0x3ff, 0x3, 0x8, 0x1, 0x51f4, 0x9, 0x4, 0xffffffff, 0xc75, 0x8, 0xf53, 0x7909bc3c, 0x946c, 0x2f00000000, 0x7, 0x9, 0x401, 0x9, 0x4, 0x0, 0x4, 0xffffffffffffff7f, 0x4, 0x7190, 0x6, 0xff, 0xae, 0x9, 0x58fa, 0x0, 0x8, 0x9, 0x7, 0x1, 0x4, 0x0, 0x7fffffffffffffff, 0x7, 0x401, 0xe, 0x7, 0x2, 0x0, 0x8, 0x9, 0x8b9, 0xfffffffffffffffd, 0xf, 0x4, 0x4, 0x5, 0x1ff, 0x41db, 0x2, 0x80, 0xe, 0xffffffffffffb3f1, 0x1dfa000, 0xfffffffffffffffd]})

30m10.391088233s ago: executing program 35 (id=113):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x0, 0x7d7b465c1d30afba, 0xffffffffffffffff, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r6, 0x4208ae9b, &(0x7f0000000240)={0x20003, 0x0, {[0x97ab, 0x10001, 0x3, 0xc08d, 0x8, 0xffffffff00000001, 0x3b880, 0x400, 0x5, 0x2, 0x6, 0x5, 0x2, 0x8, 0x6, 0x7fff], [0x45e1, 0x8000, 0x5d2, 0xfff, 0xbb9, 0x0, 0x8, 0xe, 0x51bb, 0x8, 0x4d681830, 0x9, 0x3, 0x10000, 0x7, 0xfffffffffffffff6], [0x80000001, 0xfffffffffffffffe, 0xa3, 0x0, 0x8, 0x81, 0x6, 0xfda8, 0x401, 0x5fd6, 0x3, 0x0, 0x40, 0x4, 0xffffffff, 0x9], [0x3, 0x6, 0xe99, 0xe, 0x9, 0x7, 0x8, 0x0, 0xb, 0x2, 0x10, 0x4, 0x9, 0x9, 0xc, 0x6]}})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r7, 0xae03, 0x24)
r8 = eventfd2(0x5, 0x800)
write$eventfd(r8, &(0x7f0000000000)=0xffffffffffffffff, 0x8)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000000)={0x7, 0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)

23m27.71262504s ago: executing program 4 (id=117):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000000), 0x72483, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, r1, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x5, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async)
r5 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000100)={0x0, &(0x7f0000000140), 0x18}, 0x0, 0x7416003e0d8ed291)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, 0x930, 0x2000000, 0x10, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000a1e000/0x400000)=nil)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae03, 0xbb)
ioctl$KVM_IOEVENTFD(r9, 0xc0189436, &(0x7f0000000080)={0x0, 0x0, 0x5dabdef0cbf6a717, 0xffffffffffffffff, 0x5})
r10 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r7, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000240)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000aef000/0x2000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x2, 0x100) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
ioctl$KVM_GET_STATS_FD_cpu(r4, 0xaece)

23m25.603031579s ago: executing program 5 (id=115):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x34)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r0, 0x4068aea3, &(0x7f0000000000)) (async)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r0, 0x4068aea3, &(0x7f0000000000))
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce4, 0x8000}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

23m16.274985326s ago: executing program 5 (id=118):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x3}}], 0x68}, 0x0, 0x0)
r4 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r5 = eventfd2(0x2, 0x80803)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0xb, 0x6000, 0x8, r5, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x6, 0x4, 0x0})

23m10.187716513s ago: executing program 4 (id=119):
openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r0, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r0, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100044, &(0x7f0000000000)=0x3ff})

23m4.305440594s ago: executing program 5 (id=120):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2d)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r4, 0x400454d0, 0x32)
r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000000)=@arm64_sve={0x60800000001504cb, 0x0})

23m2.369525791s ago: executing program 4 (id=121):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000d9c000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0xc3033, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) (async)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) (async)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) (async)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0) (async)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000cd3000/0x3000)=nil, r2, 0x0, 0x10, r3, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8521, 0x0)
ioctl$KVM_CREATE_VM(r4, 0x5452, 0x3a) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x20a584, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000100)=@arm64_extra={0x603000000013c035, &(0x7f0000000000)=0x8000000000000001})

22m45.622515516s ago: executing program 4 (id=122):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r1, 0x4010aeb5, &(0x7f00000002c0)={0x200})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r5, 0x400454cc, 0xffffffffffffffff)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
write$eventfd(0xffffffffffffffff, &(0x7f0000000040)=0x8000, 0x8)
r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r8, 0x2, 0x100)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r8, 0x4010aeb5, &(0x7f0000000100)={0x55})
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x0, 0x7d7b465c1d30afba, 0xffffffffffffffff, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r6, 0x1, 0x120)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
r13 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r14, 0xae03, 0x51)
syz_kvm_setup_cpu$arm64(r6, r12, &(0x7f00009a7000/0x400000)=nil, &(0x7f0000000300)=[{0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="82000000000000002800000000000000000000000000000004000000000000004400000000000000e6000000000000001800000000000000ff0f00000000000046000000000000001800000000000000000000006201000022010000000000004000000000000000010000860000000000000000002400000200000000000000090000000000000040000000000000004000000000000000be00000000000000180000000000000000c2130000003060460000000000000018000000000000000300000014010000820000000000000028000000000000000000000000000000010000000000000000300000000000000000000000000000000c0c000000000000040000000000000000000000000000001e0000000000000040000000000000000d00000800000000a009000000000000feffffffffffffffff0f0000000000000c00000000000000004000000000000000538000800000000005000000000000004000000000000000ff03000000000000e7d90000000000000000000000000000be00000000000000180000000000000001d8130000003060"], 0x1b8}], 0x1, 0x0, &(0x7f0000000340)=[@featur2={0x1, 0x1}], 0x1)

22m41.720140991s ago: executing program 5 (id=123):
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r1, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x1ff)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
r4 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r3, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0xffffffffffffffff}}], 0x20}, &(0x7f00000000c0)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000040)=[{0x0, &(0x7f00000001c0)=[@uexit={0x0, 0x18}], 0x18}], 0x1, 0x0, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)

22m27.849242197s ago: executing program 5 (id=124):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x9)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r0, 0x4068aea3, &(0x7f0000000000)={0xdf, 0x0, 0x11000})
ioctl$KVM_CAP_ARM_MTE(r0, 0x4068aea3, &(0x7f0000000080))
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000100)={0x2, 0x7})
ioctl$KVM_SIGNAL_MSI(r0, 0x4020aea5, &(0x7f0000000140)={0x8080000, 0xeeef0000, 0x7f000000, 0x0, 0x1})
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r1, 0x4018aee2, &(0x7f0000000180)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x1})
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
r2 = eventfd2(0xe4, 0x1)
ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x3)
ioctl$KVM_CAP_ARM_MTE(r0, 0x4068aea3, &(0x7f00000001c0))
ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x80)
ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000240)={0xa, 0x0, [{0xba0, 0x5, 0x0, 0x0, @irqchip={0x6, 0x9}}, {0x81, 0x1, 0x0, 0x0, @adapter={0x6, 0x3, 0xff, 0x3, 0x401}}, {0x4, 0x3, 0x1, 0x0, @adapter={0x0, 0x1, 0x5, 0x7f, 0x2}}, {0xab9b, 0x3, 0x0, 0x0, @irqchip={0xa, 0xdecf}}, {0x3, 0x4, 0x1, 0x0, @sint={0x4, 0x6}}, {0xe, 0x2, 0x1, 0x0, @sint={0xf, 0xd}}, {0x1, 0x4, 0x0, 0x0, @sint={0x5, 0x4}}, {0x3, 0x5, 0x1, 0x0, @sint={0x9, 0x3}}, {0x4, 0x3, 0x1, 0x0, @adapter={0x4, 0x4, 0x5, 0x7fffffff, 0x6}}, {0x3, 0x3, 0x1, 0x0, @adapter={0x86e, 0x800, 0x2, 0x5, 0x8}}]})
r3 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f0000000440)={0x3, 0x0, &(0x7f0000c9e000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SIGNAL_MSI(r4, 0x4020aea5, &(0x7f0000000480)={0x100000, 0x0, 0xd010, 0x0, 0x80})
r5 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000940)={0x0, &(0x7f00000004c0)=[@its_setup={0x82, 0x28, {0x2, 0x2, 0x132}}, @eret={0xe6, 0x18, 0x6}, @smc={0x1e, 0x40, {0x84000006, [0x7, 0x0, 0x4, 0x4, 0x2]}}, @code={0xa, 0x84, {"0000319e20b895d20040b0f2810080d2c20180d2430080d2640080d2020000d4000008d50000002be0479fd20020b8f2610180d2e20180d2430180d2240080d2020000d4007008d5007008d5000008d5000008d5a0099fd20020b0f2410180d2020180d2a30180d2240180d2020000d4"}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x200, 0x3a884a1a, 0x8}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x39f}}, @svc={0x122, 0x40, {0x80000a00, [0x2, 0x1, 0xf, 0x4, 0x1]}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x1, 0x7, 0x5, 0x5, 0x4}}, @code={0xa, 0xb4, {"1f2003d5000008d5000028d5000c007c400287d20040b0f2410080d2c20080d2230180d2640080d2020000d4005d99d20080b0f2810180d2420180d2630080d2640080d2020000d4404f89d200c0b0f2610080d2e20180d2630080d2040080d2020000d4005895d200a0b8f2a10080d2220080d2830080d2e40080d2020000d40084df0d602487d200c0b8f2410080d2220080d2230080d2640180d2020000d4"}}, @irq_setup={0x46, 0x18, {0x9, 0x2dd}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x4, 0xa, 0x800, 0x9, 0x4}}, @eret={0xe6, 0x18, 0xe}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x225}}, @msr={0x14, 0x20, {0x603000000013803d, 0x1}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x80}}, @code={0xa, 0x9c, {"000028d500e4a07e80789bd20040b0f2a10080d2a20180d2630080d2840180d2020000d4c01a94d20040b0f2010180d2a20180d2830080d2c40180d2020000d40010206e0070206e0090205ea0ce9cd200a0b8f2e10080d2e20180d2c30180d2840080d2020000d4007008d5602e85d200e0b8f2a10080d2020080d2430180d2e40080d2020000d4"}}, @msr={0x14, 0x20, {0x603000000013c2a5, 0x1}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x200, 0x30000000, 0xa}}, @svc={0x122, 0x40, {0x2000000, [0x30b6, 0x6, 0x100000001, 0x5, 0x7]}}], 0x46c}, &(0x7f0000000980)=[@featur1={0x1, 0x5}], 0x1)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r5, 0x4018aee3, &(0x7f0000000a00)=@attr_other={0x0, 0x8001, 0xff, &(0x7f00000009c0)=0x6})
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r4, 0x4068aea3, &(0x7f0000000a40)={0xdf, 0x0, 0x1000})
ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f0000000ac0)={0x9, 0x8000000, 0x8, r2})
ioctl$KVM_IRQ_LINE(r4, 0x4008ae61, &(0x7f0000000b00)={0x1326, 0x8})
ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f0000000b40)={0x5, 0x8000000, 0x0, r2, 0x1})
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000b80)={0x200, 0x2, 0x0, r4, 0x41711cf2afb9b4b2})
r6 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000f40)={0x0, &(0x7f0000000bc0)=[@mrs={0xbe, 0x18, {0x603000000013c2aa}}, @hvc={0x32, 0x40, {0x80000000, [0xfe, 0x4, 0x0, 0x80, 0x4]}}, @svc={0x122, 0x40, {0x40, [0x3, 0x1, 0x7, 0x6, 0x7fffffffffffffff]}}, @code={0xa, 0x3c, {"0000206a007008d50000c03c008008d50098200e000c4038000000080080000f007008d5007008d5"}}, @uexit={0x0, 0x18, 0x8}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1200, 0xfffffffffffffffe, 0xa}}, @code={0xa, 0x6c, {"000028d5007008d5007008d5001e98d20040b0f2410180d2a20080d2e30180d2e40080d2020000d4001ce00e0040000c008008d5601d9fd20080b0f2610080d2420080d2230180d2040080d2020000d4000820fc0068a038"}}, @memwrite={0x6e, 0x30, @generic={0x9460643ba1930fdb, 0x52, 0x4}}, @eret={0xe6, 0x18, 0x8001}, @hvc={0x32, 0x40, {0x84000012, [0x0, 0x755, 0x7, 0x0, 0x7]}}, @smc={0x1e, 0x40, {0x8400000b, [0x6, 0x1, 0x6, 0xf, 0x10000]}}, @eret={0xe6, 0x18, 0x8001}, @code={0xa, 0x9c, {"c01d85d200a0b0f2810180d2a20080d2830180d2c40180d2020000d4202a93d200a0b8f2010080d2a20180d2630180d2040180d2020000d460b688d200c0b0f2810080d2420180d2230080d2840080d2020000d40000206b007008d5000008d580159dd200c0b0f2010080d2a20180d2a30080d2440080d2020000d40008601e000c80380000581e"}}, @hvc={0x32, 0x40, {0x84000013, [0x4, 0x8, 0x100000000, 0x2, 0x661]}}, @eret={0xe6, 0x18, 0x9}], 0x35c}, &(0x7f0000000f80)=[@featur2={0x1, 0x28}], 0x1)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000fc0), 0x86180, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x32)

22m19.110236976s ago: executing program 4 (id=125):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r0, r1, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r1, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100044, &(0x7f0000000000)=0x3ff})

22m17.151493813s ago: executing program 5 (id=126):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2f)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000700)={0x0, &(0x7f0000000040)=[@hvc={0x32, 0x40, {0xc400000c, [0x1, 0x3, 0x7, 0x2, 0x6]}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x10}}, @hvc={0x32, 0x40, {0xc4000014, [0x7, 0x0, 0xffffffffffffffff, 0x9, 0x3]}}, @smc={0x1e, 0x40, {0x80003fff, [0x16b, 0x6, 0x7, 0x3df0, 0x26b]}}, @code={0xa, 0x9c, {"40158ad20040b8f2810080d2e20080d2230180d2240080d2020000d4000028d5600581d200a0b0f2a10180d2820080d2630180d2c40080d2020000d4605b86d200c0b0f2210080d2020080d2430080d2040080d2020000d4008008d5007008d5008008d5007008d5007008d520a682d20080b8f2210080d2e20180d2030180d2440180d2020000d4"}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe8, 0x6, 0x8}}, @uexit={0x0, 0x18, 0x6}, @irq_setup={0x46, 0x18, {0x4, 0x69}}, @memwrite={0x6e, 0x30, @generic={0xdddd0000, 0xd2c, 0x8000000000000001, 0xe}}, @code={0xa, 0x6c, {"007008d5000008d50000381e0068e038000840bae0d58dd20040b8f2c10180d2c20180d2630180d2c40080d2020000d4007008d5007008d5007008d5e0f987d200c0b0f2410080d2a20080d2c30080d2840080d2020000d4"}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x3fd}}, @mrs={0xbe, 0x18, {0x603000000013df19}}, @uexit={0x0, 0x18, 0xfffffffffffffff7}, @memwrite={0x6e, 0x30, @generic={0x3000, 0x548, 0x4, 0x4}}, @code={0xa, 0xb4, {"00b69ed20040b0f2e10180d2a20180d2430180d2e40180d2020000d4000028d5000028d5000008d5008020c8203688d200a0b0f2210080d2620180d2830180d2640080d2020000d4c0fe80d200a0b0f2210080d2e20080d2830180d2640080d2020000d480079ed20040b8f2410180d2420180d2430080d2c40180d2020000d40078000e200089d20040b0f2010180d2220180d2030180d2840180d2020000d4"}}, @code={0xa, 0xcc, {"e06884d200c0b8f2010180d2e20180d2e30080d2e40180d2020000d4002094d20080b0f2410180d2a20080d2430180d2640080d2020000d480ac8ad200e0b8f2c10180d2a20080d2430180d2e40180d2020000d4008008d5007008d500ac202e207290d20060b8f2210080d2020080d2c30180d2c40080d2020000d4e07c8fd200a0b0f2e10180d2220180d2a30080d2a40180d2020000d4008008d5a0939ad20060b0f2e10180d2e20180d2c30080d2640180d2020000d4"}}, @code={0xa, 0x6c, {"007008d5008008d5e0db87d200c0b0f2e10080d2220180d2230080d2c40180d2020000d47f2003d5000480780000002b008008d50000803800006088404481d20020b0f2610080d2c20080d2230080d2240180d2020000d4"}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1000, 0x1, 0x6}}, @mrs={0xbe, 0x18, {0x603000000013c648}}, @hvc={0x32, 0x40, {0xc4000005, [0x77, 0x3, 0x4eaf, 0xa, 0x4]}}, @irq_setup={0x46, 0x18, {0x1, 0x266}}, @mrs={0xbe, 0x18, {0x603000000013c65f}}, @its_send_cmd={0xaa, 0x28, {0x0, 0x1, 0x2, 0xf, 0x4, 0x8, 0x1}}, @its_setup={0x82, 0x28, {0x4, 0x3, 0xe6}}, @irq_setup={0x46, 0x18, {0x0, 0xf8}}, @irq_setup={0x46, 0x18, {0x4, 0x2fc}}, @code={0xa, 0x3c, {"0080000d000860fc000008d5000028d5000028d5000028d5007008d5000008d5007008d5000008d5"}}, @memwrite={0x6e, 0x30, @generic={0xeeee0000, 0xb93, 0x6, 0x1}}, @irq_setup={0x46, 0x18, {0x4, 0x1ae}}], 0x6b0}, &(0x7f0000000740)=[@featur2={0x1, 0x80}], 0x1)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000780)={0x4})
munmap(&(0x7f0000e43000/0x2000)=nil, 0x2000)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000800)=@arm64_sve_vls={0x606000000015ffff, &(0x7f00000007c0)=0x400})
ioctl$KVM_SET_SREGS(r3, 0x4000ae84, &(0x7f0000000840)={{0x8000000, 0x100000, 0x4, 0x1, 0x5, 0xc5, 0xce, 0x0, 0x7, 0xa, 0x49, 0x9}, {0x4000, 0xf000, 0x4, 0x2, 0x2, 0x6, 0x7, 0x5f, 0xbc, 0x5e, 0x6, 0x8}, {0xdddd0000, 0x3000, 0xa, 0x7, 0xe, 0xa, 0x46, 0x5, 0x9, 0x40, 0x9, 0x6}, {0x4000, 0x6000, 0xd, 0x7f, 0x9, 0x8, 0x1, 0x2, 0xa, 0x9, 0x5, 0xfb}, {0xf000, 0x4, 0xb, 0x0, 0x2, 0x3, 0x5, 0x2, 0x40, 0x9, 0x7, 0x3}, {0xffff1000, 0xdddd0000, 0xf, 0x8, 0x1, 0x3, 0x2, 0x2, 0xea, 0x6, 0x5, 0x81}, {0x1, 0xdddd0000, 0x0, 0x3, 0x6, 0x1, 0x93, 0x6, 0x40, 0x3, 0x1, 0x5}, {0xd000, 0x100000, 0x4, 0x9f, 0x0, 0x8c, 0x6d, 0x1, 0x6, 0x3, 0x1, 0x3}, {0x2, 0x10}, {0x0, 0x1}, 0xc0000000, 0x0, 0xdddd1000, 0x0, 0xf, 0x3500, 0x0, [0x2b5, 0x7, 0x0, 0x6]})
ioctl$KVM_ARM_SET_DEVICE_ADDR(r3, 0x4010aeab, &(0x7f0000000980)={0x4, 0x4})
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f00000009c0)={0x4000, 0x5000})
ioctl$KVM_DIRTY_TLB(r3, 0x4010aeaa, &(0x7f0000000a00)={0x5b9d5e2b, 0xffffff81})
r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000ec0)={0x0, &(0x7f0000000a40)=[@eret={0xe6, 0x18, 0xffffffffffff8001}, @svc={0x122, 0x40, {0x80, [0x3bd5, 0x84cc, 0x1, 0x18, 0x3]}}, @smc={0x1e, 0x40, {0x5000000, [0xdf0c, 0x5, 0xffffffffffffffff, 0x3, 0x4]}}, @hvc={0x32, 0x40, {0x84000014, [0x2, 0x2, 0x1, 0x8, 0x6]}}, @uexit={0x0, 0x18, 0xffff}, @msr={0x14, 0x20, {0x603000000013e65d, 0x6}}, @mrs={0xbe, 0x18, {0x603000000013def3}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x39e}}, @uexit={0x0, 0x18, 0x3bef}, @hvc={0x32, 0x40, {0x84000003, [0x2, 0x81, 0x9, 0x40, 0x400]}}, @hvc={0x32, 0x40, {0x84000052, [0x3, 0x0, 0x7, 0xd, 0xffffffffffffff7f]}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x2, 0xe, 0xcf, 0x81, 0x3}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0xfd}}, @code={0xa, 0x9c, {"007008d5c08981d20020b0f2e10080d2620080d2830180d2e40180d2020000d4007008d560549fd20040b0f2610080d2020180d2230080d2840180d2020000d400a8a12ea07189d200a0b0f2010180d2420180d2430180d2040080d2020000d400c0201e00086078008008d5e00a9cd200a0b0f2410080d2620180d2630080d2240180d2020000d4"}}, @irq_setup={0x46, 0x18, {0x3, 0x5c}}, @hvc={0x32, 0x40, {0x4000, [0x3b49, 0x5, 0x2, 0x5, 0x7f]}}, @code={0xa, 0xcc, {"80c88cd20080b0f2410180d2a20180d2c30180d2040180d2020000d4a0b581d20020b8f2610080d2a20180d2430080d2c40080d2020000d440e397d200c0b8f2a10080d2820180d2a30180d2e40080d2020000d4a06898d20060b8f2810180d2c20180d2a30080d2040080d2020000d4007008d5400b9cd20000b0f2610080d2a20080d2030080d2840180d2020000d4a0c19ed20020b0f2410080d2620080d2430180d2840180d2020000d4007008d50084c00d0080e00d"}}, @uexit={0x0, 0x18, 0x8000000000000001}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x87}}, @uexit={0x0, 0x18, 0xfffffffffffffffe}], 0x450}, &(0x7f0000000f00)=[@featur1={0x1, 0xe0}], 0x1)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r5, 0x4208ae9b, &(0x7f0000000f40)={0x1, 0x0, {[0x2, 0x916, 0x2, 0x4, 0x5, 0x7f, 0x2a2, 0x5, 0x6, 0xffffffff, 0x473d, 0x8000000000000000, 0x6, 0x40, 0x0, 0x80000001], [0x5f9a, 0x100000001, 0x101, 0x1, 0x7fff, 0x4, 0xb, 0x0, 0x400, 0x3, 0x7, 0x2, 0x8, 0x1, 0xc, 0x3], [0xd4, 0x8ee, 0x0, 0xef, 0x100000000, 0x40, 0x800, 0x7, 0x2, 0xe00000, 0x48000, 0x7, 0x3ff, 0x2, 0x9, 0x7], [0x6, 0x8, 0xfff, 0x5, 0x4, 0x9, 0x7, 0xfff, 0x4000000000000, 0x6, 0x3, 0x9, 0x7, 0x80, 0x9, 0x7f]}})
r6 = eventfd2(0x1, 0x80801)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
r8 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000001600)={0x0, &(0x7f0000001180)=[@hvc={0x32, 0x40, {0x84000053, [0xd8, 0x0, 0x8, 0xa, 0x7]}}, @irq_setup={0x46, 0x18, {0x0, 0x3ca}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x0, 0xd, 0x3d61, 0x3, 0x4}}, @svc={0x122, 0x40, {0x8400000d, [0x7ff, 0x7, 0x76e2, 0x2]}}, @irq_setup={0x46, 0x18, {0x0, 0x22f}}, @hvc={0x32, 0x40, {0x1000, [0x5, 0x0, 0x10000, 0x8, 0x7fffffffffffffff]}}, @code={0xa, 0x84, {"207493d200a0b0f2e10080d2420180d2830180d2440080d2020000d4000040a8607d9fd20040b8f2010180d2420080d2630180d2440180d2020000d40004000fe0e190d20060b0f2e10180d2220080d2c30180d2640080d2020000d40024000f0088207e0000c069000040b3000028d5"}}, @uexit={0x0, 0x18, 0x7}, @uexit={0x0, 0x18, 0x7f}, @code={0xa, 0xb4, {"802e8dd200e0b8f2a10080d2220180d2630180d2c40080d2020000d4007008d5007008d5c0e696d20000b0f2010080d2020180d2a30180d2e40180d2020000d40044205e20c999d20080b0f2c10080d2420080d2230180d2240180d2020000d4007008d5e0bd9fd200c0b0f2010180d2820180d2230180d2640080d2020000d4e01089d20000b0f2410080d2e20080d2e30080d2040180d2020000d400000094"}}, @irq_setup={0x46, 0x18, {0x1, 0x122}}, @uexit={0x0, 0x18, 0x7}, @msr={0x14, 0x20, {0x603000000013dea4, 0x1}}, @eret={0xe6, 0x18, 0x9}, @smc={0x1e, 0x40, {0x84000005, [0x9, 0x1, 0x1000, 0x6, 0x7fffffffffffffff]}}, @irq_setup={0x46, 0x18, {0x1, 0x1f5}}, @msr={0x14, 0x20, {0x603000000013deff, 0x3}}, @svc={0x122, 0x40, {0x1, [0x8000, 0x7fffffff, 0x9, 0x4, 0x9]}}, @eret={0xe6, 0x18, 0x5}, @msr={0x14, 0x20, {0x603000000013e108, 0xffffffffffffffff}}, @uexit={0x0, 0x18, 0x4}, @hvc={0x32, 0x40, {0x4100002a, [0x6, 0x8, 0x5, 0x4, 0x7]}}, @eret={0xe6, 0x18, 0x9}], 0x448}, &(0x7f0000001640)=[@featur1={0x1, 0x5}], 0x1)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x1000)=nil, r7, 0x100000e, 0x10010, r8, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4360ae82, &(0x7f0000001680)={[0x5, 0x80000001, 0x7ff, 0xa, 0x2, 0x5, 0x8, 0x40, 0x8, 0x7b62, 0x4, 0xfffffffffffffffa, 0x8, 0x88, 0x4, 0x80], 0xd000, 0x48000})
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000001740)={0x80000001, 0x0, 0x1, r6, 0x4})
mmap$KVM_VCPU(&(0x7f0000d7f000/0x4000)=nil, r7, 0x0, 0x8010, r8, 0x0)
ioctl$KVM_GET_MP_STATE(r5, 0x8004ae98, &(0x7f0000001780))
ioctl$KVM_SET_SIGNAL_MASK(r5, 0x4004ae8b, &(0x7f00000017c0)={0xa5, "61e161ef37eb53bb96dfe3a569fc81d6ba445555964807e1fd24d86a2eeb11a115895e920482a109cfa077485adcf02869235f23e687d0919fd240aa49bb3c93959840121b6b9b80f5787a74653a651322f5d63554088ffe192b3451d5db40d030a406c9c13875ad0bcbe2650a03c43afd52294a2d688610a408e60834a5b889dfc59c604ecee1de4fba2ea84e192454dc32ce4ebff31b6448df99cc6268372b461cc5f8d9"})
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000018c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000001880)={0x0, 0x8}})
ioctl$KVM_ARM_VCPU_FINALIZE(r5, 0x4004aec2, &(0x7f0000001900)=0x6)
ioctl$KVM_GET_STATS_FD_cpu(r4, 0xaece)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000001f40)={0x0, &(0x7f0000001940)=[@hvc={0x32, 0x40, {0x84000001, [0x4, 0x5, 0x0, 0x3, 0x6]}}, @mrs={0xbe, 0x18, {0x603000000013deb9}}, @svc={0x122, 0x40, {0xc400000c, [0x5, 0x78a, 0x4, 0x100000000, 0x1]}}, @svc={0x122, 0x40, {0x2, [0x0, 0x6182, 0x4, 0x7, 0x8]}}, @msr={0x14, 0x20, {0x0, 0x80000001}}, @msr={0x14, 0x20, {0x603000000013c643, 0x2}}, @smc={0x1e, 0x40, {0x8, [0x7, 0x1, 0x9, 0x4, 0x8]}}, @irq_setup={0x46, 0x18, {0x0, 0x318}}, @msr={0x14, 0x20, {0x603000000013d921, 0x3}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x382, 0x6, 0xe}}, @hvc={0x32, 0x40, {0x80000000, [0xd, 0x3, 0x3, 0x9, 0x7bf2]}}, @svc={0x122, 0x40, {0xc400000e, [0x1, 0x8000000000000000, 0x10001, 0x8, 0x5be]}}, @svc={0x122, 0x40, {0x84000052, [0x89b, 0x8, 0x81, 0x10000, 0x4023]}}, @memwrite={0x6e, 0x30, @generic={0x53d9ba8e3452023d, 0xe01, 0x10001, 0x2}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x2ab}}, @hvc={0x32, 0x40, {0x8, [0x7, 0xd, 0x8, 0x0, 0xa]}}, @uexit={0x0, 0x18, 0x8}, @smc={0x1e, 0x40, {0xc4000005, [0x3, 0x7fff, 0x8, 0x100000000, 0x200]}}, @code={0xa, 0x84, {"008c207e800f92d20040b8f2210180d2e20080d2230080d2a40180d2020000d40000406c001ca00e000008d5007008d5000008d5e00385d20080b0f2c10080d2020080d2e30080d2840080d2020000d40000402ca0eb90d20040b0f2c10080d2220180d2a30180d2240080d2020000d4"}}, @code={0xa, 0xb4, {"007008d5007008d5007008d500008078c0898ad20000b0f2210080d2e20180d2a30080d2240080d2020000d4000008d5601483d200e0b0f2010180d2e20080d2430180d2c40080d2020000d4201694d20020b8f2010180d2020180d2e30080d2440080d2020000d4403c81d20000b0f2c10180d2620180d2430080d2040080d2020000d4a00b90d20020b0f2210080d2420080d2a30180d2040080d2020000d4"}}, @uexit={0x0, 0x18, 0xfff}, @mrs={0xbe, 0x18, {0x603000000013e706}}, @smc={0x1e, 0x40, {0x80008000, [0x3, 0x3, 0x800, 0x1, 0x100]}}, @smc={0x1e, 0x40, {0xc4000011, [0x4, 0x6, 0xfffffffffffffffd, 0x0, 0x1]}}, @smc={0x1e, 0x40, {0x40000013, [0xe, 0x8, 0xd4b6, 0x2, 0x81]}}, @mrs={0xbe, 0x18, {0x603000000013c527}}, @mrs={0xbe, 0x18, {0x603000000013d801}}], 0x5c8}, &(0x7f0000001f80)=[@featur2={0x1, 0xa0}], 0x1)
ioctl$KVM_GET_SREGS(r5, 0x8000ae83, &(0x7f0000001fc0))
ioctl$KVM_SET_SREGS(r3, 0x4000ae84, &(0x7f0000002100)={{0xeeee8000, 0x3000, 0x3, 0x3, 0x9, 0x0, 0x7, 0x84, 0x6, 0x7, 0xe, 0x8}, {0x3b331001, 0x0, 0x4, 0xd, 0x2, 0xe, 0x1, 0x4, 0x1, 0x1, 0x80, 0x5}, {0xeeee8000, 0x6000, 0x8, 0xe, 0x4, 0x1, 0x9, 0x5, 0x1, 0x2, 0xb0, 0x2}, {0xdddd0000, 0x80a0000, 0xd, 0x8, 0x2, 0x0, 0x8, 0x1, 0x8, 0xe, 0x5, 0x5}, {0x2, 0x4, 0x4, 0x1, 0x6, 0xd3, 0x4, 0xa, 0x4, 0x0, 0x45, 0xb7}, {0xeeee0000, 0x100000, 0xa, 0xc1, 0x2f, 0x1, 0xfc, 0x5, 0x6, 0x6, 0x6, 0x6}, {0x8080000, 0xdddd1000, 0x8, 0xbd, 0x7, 0x1, 0x9, 0x8, 0xf4, 0x3, 0x6}, {0xf000, 0xdddd1000, 0x10, 0x1, 0xb6, 0xd4, 0x66, 0x7, 0x4, 0xff, 0xbd, 0x4}, {0xffff1000, 0x1000}, {0xffff1000, 0x200}, 0x32, 0x0, 0xf000, 0x100000, 0x9, 0x101, 0x4, [0x7, 0x9, 0x4, 0x8]})
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee3, &(0x7f0000002280)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000002240)=0x80})

22m12.71770767s ago: executing program 4 (id=127):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
r4 = eventfd2(0x0, 0x0) (async)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r7, 0x4068aea3, &(0x7f00000002c0)={0xe1, 0x0, 0x10000})
r8 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0xa, 0x4}})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r10, 0x4018aee3, &(0x7f0000000100)=@attr_pmu_init) (async)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
close(r4)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) (async)
write$eventfd(r4, &(0x7f0000000180)=0x5, 0xfffffde3) (async)
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)

21m30.260902619s ago: executing program 36 (id=126):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2f)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000700)={0x0, &(0x7f0000000040)=[@hvc={0x32, 0x40, {0xc400000c, [0x1, 0x3, 0x7, 0x2, 0x6]}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x10}}, @hvc={0x32, 0x40, {0xc4000014, [0x7, 0x0, 0xffffffffffffffff, 0x9, 0x3]}}, @smc={0x1e, 0x40, {0x80003fff, [0x16b, 0x6, 0x7, 0x3df0, 0x26b]}}, @code={0xa, 0x9c, {"40158ad20040b8f2810080d2e20080d2230180d2240080d2020000d4000028d5600581d200a0b0f2a10180d2820080d2630180d2c40080d2020000d4605b86d200c0b0f2210080d2020080d2430080d2040080d2020000d4008008d5007008d5008008d5007008d5007008d520a682d20080b8f2210080d2e20180d2030180d2440180d2020000d4"}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe8, 0x6, 0x8}}, @uexit={0x0, 0x18, 0x6}, @irq_setup={0x46, 0x18, {0x4, 0x69}}, @memwrite={0x6e, 0x30, @generic={0xdddd0000, 0xd2c, 0x8000000000000001, 0xe}}, @code={0xa, 0x6c, {"007008d5000008d50000381e0068e038000840bae0d58dd20040b8f2c10180d2c20180d2630180d2c40080d2020000d4007008d5007008d5007008d5e0f987d200c0b0f2410080d2a20080d2c30080d2840080d2020000d4"}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x3fd}}, @mrs={0xbe, 0x18, {0x603000000013df19}}, @uexit={0x0, 0x18, 0xfffffffffffffff7}, @memwrite={0x6e, 0x30, @generic={0x3000, 0x548, 0x4, 0x4}}, @code={0xa, 0xb4, {"00b69ed20040b0f2e10180d2a20180d2430180d2e40180d2020000d4000028d5000028d5000008d5008020c8203688d200a0b0f2210080d2620180d2830180d2640080d2020000d4c0fe80d200a0b0f2210080d2e20080d2830180d2640080d2020000d480079ed20040b8f2410180d2420180d2430080d2c40180d2020000d40078000e200089d20040b0f2010180d2220180d2030180d2840180d2020000d4"}}, @code={0xa, 0xcc, {"e06884d200c0b8f2010180d2e20180d2e30080d2e40180d2020000d4002094d20080b0f2410180d2a20080d2430180d2640080d2020000d480ac8ad200e0b8f2c10180d2a20080d2430180d2e40180d2020000d4008008d5007008d500ac202e207290d20060b8f2210080d2020080d2c30180d2c40080d2020000d4e07c8fd200a0b0f2e10180d2220180d2a30080d2a40180d2020000d4008008d5a0939ad20060b0f2e10180d2e20180d2c30080d2640180d2020000d4"}}, @code={0xa, 0x6c, {"007008d5008008d5e0db87d200c0b0f2e10080d2220180d2230080d2c40180d2020000d47f2003d5000480780000002b008008d50000803800006088404481d20020b0f2610080d2c20080d2230080d2240180d2020000d4"}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1000, 0x1, 0x6}}, @mrs={0xbe, 0x18, {0x603000000013c648}}, @hvc={0x32, 0x40, {0xc4000005, [0x77, 0x3, 0x4eaf, 0xa, 0x4]}}, @irq_setup={0x46, 0x18, {0x1, 0x266}}, @mrs={0xbe, 0x18, {0x603000000013c65f}}, @its_send_cmd={0xaa, 0x28, {0x0, 0x1, 0x2, 0xf, 0x4, 0x8, 0x1}}, @its_setup={0x82, 0x28, {0x4, 0x3, 0xe6}}, @irq_setup={0x46, 0x18, {0x0, 0xf8}}, @irq_setup={0x46, 0x18, {0x4, 0x2fc}}, @code={0xa, 0x3c, {"0080000d000860fc000008d5000028d5000028d5000028d5007008d5000008d5007008d5000008d5"}}, @memwrite={0x6e, 0x30, @generic={0xeeee0000, 0xb93, 0x6, 0x1}}, @irq_setup={0x46, 0x18, {0x4, 0x1ae}}], 0x6b0}, &(0x7f0000000740)=[@featur2={0x1, 0x80}], 0x1)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000780)={0x4})
munmap(&(0x7f0000e43000/0x2000)=nil, 0x2000)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000800)=@arm64_sve_vls={0x606000000015ffff, &(0x7f00000007c0)=0x400})
ioctl$KVM_SET_SREGS(r3, 0x4000ae84, &(0x7f0000000840)={{0x8000000, 0x100000, 0x4, 0x1, 0x5, 0xc5, 0xce, 0x0, 0x7, 0xa, 0x49, 0x9}, {0x4000, 0xf000, 0x4, 0x2, 0x2, 0x6, 0x7, 0x5f, 0xbc, 0x5e, 0x6, 0x8}, {0xdddd0000, 0x3000, 0xa, 0x7, 0xe, 0xa, 0x46, 0x5, 0x9, 0x40, 0x9, 0x6}, {0x4000, 0x6000, 0xd, 0x7f, 0x9, 0x8, 0x1, 0x2, 0xa, 0x9, 0x5, 0xfb}, {0xf000, 0x4, 0xb, 0x0, 0x2, 0x3, 0x5, 0x2, 0x40, 0x9, 0x7, 0x3}, {0xffff1000, 0xdddd0000, 0xf, 0x8, 0x1, 0x3, 0x2, 0x2, 0xea, 0x6, 0x5, 0x81}, {0x1, 0xdddd0000, 0x0, 0x3, 0x6, 0x1, 0x93, 0x6, 0x40, 0x3, 0x1, 0x5}, {0xd000, 0x100000, 0x4, 0x9f, 0x0, 0x8c, 0x6d, 0x1, 0x6, 0x3, 0x1, 0x3}, {0x2, 0x10}, {0x0, 0x1}, 0xc0000000, 0x0, 0xdddd1000, 0x0, 0xf, 0x3500, 0x0, [0x2b5, 0x7, 0x0, 0x6]})
ioctl$KVM_ARM_SET_DEVICE_ADDR(r3, 0x4010aeab, &(0x7f0000000980)={0x4, 0x4})
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f00000009c0)={0x4000, 0x5000})
ioctl$KVM_DIRTY_TLB(r3, 0x4010aeaa, &(0x7f0000000a00)={0x5b9d5e2b, 0xffffff81})
r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000ec0)={0x0, &(0x7f0000000a40)=[@eret={0xe6, 0x18, 0xffffffffffff8001}, @svc={0x122, 0x40, {0x80, [0x3bd5, 0x84cc, 0x1, 0x18, 0x3]}}, @smc={0x1e, 0x40, {0x5000000, [0xdf0c, 0x5, 0xffffffffffffffff, 0x3, 0x4]}}, @hvc={0x32, 0x40, {0x84000014, [0x2, 0x2, 0x1, 0x8, 0x6]}}, @uexit={0x0, 0x18, 0xffff}, @msr={0x14, 0x20, {0x603000000013e65d, 0x6}}, @mrs={0xbe, 0x18, {0x603000000013def3}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x39e}}, @uexit={0x0, 0x18, 0x3bef}, @hvc={0x32, 0x40, {0x84000003, [0x2, 0x81, 0x9, 0x40, 0x400]}}, @hvc={0x32, 0x40, {0x84000052, [0x3, 0x0, 0x7, 0xd, 0xffffffffffffff7f]}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x2, 0xe, 0xcf, 0x81, 0x3}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0xfd}}, @code={0xa, 0x9c, {"007008d5c08981d20020b0f2e10080d2620080d2830180d2e40180d2020000d4007008d560549fd20040b0f2610080d2020180d2230080d2840180d2020000d400a8a12ea07189d200a0b0f2010180d2420180d2430180d2040080d2020000d400c0201e00086078008008d5e00a9cd200a0b0f2410080d2620180d2630080d2240180d2020000d4"}}, @irq_setup={0x46, 0x18, {0x3, 0x5c}}, @hvc={0x32, 0x40, {0x4000, [0x3b49, 0x5, 0x2, 0x5, 0x7f]}}, @code={0xa, 0xcc, {"80c88cd20080b0f2410180d2a20180d2c30180d2040180d2020000d4a0b581d20020b8f2610080d2a20180d2430080d2c40080d2020000d440e397d200c0b8f2a10080d2820180d2a30180d2e40080d2020000d4a06898d20060b8f2810180d2c20180d2a30080d2040080d2020000d4007008d5400b9cd20000b0f2610080d2a20080d2030080d2840180d2020000d4a0c19ed20020b0f2410080d2620080d2430180d2840180d2020000d4007008d50084c00d0080e00d"}}, @uexit={0x0, 0x18, 0x8000000000000001}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x87}}, @uexit={0x0, 0x18, 0xfffffffffffffffe}], 0x450}, &(0x7f0000000f00)=[@featur1={0x1, 0xe0}], 0x1)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r5, 0x4208ae9b, &(0x7f0000000f40)={0x1, 0x0, {[0x2, 0x916, 0x2, 0x4, 0x5, 0x7f, 0x2a2, 0x5, 0x6, 0xffffffff, 0x473d, 0x8000000000000000, 0x6, 0x40, 0x0, 0x80000001], [0x5f9a, 0x100000001, 0x101, 0x1, 0x7fff, 0x4, 0xb, 0x0, 0x400, 0x3, 0x7, 0x2, 0x8, 0x1, 0xc, 0x3], [0xd4, 0x8ee, 0x0, 0xef, 0x100000000, 0x40, 0x800, 0x7, 0x2, 0xe00000, 0x48000, 0x7, 0x3ff, 0x2, 0x9, 0x7], [0x6, 0x8, 0xfff, 0x5, 0x4, 0x9, 0x7, 0xfff, 0x4000000000000, 0x6, 0x3, 0x9, 0x7, 0x80, 0x9, 0x7f]}})
r6 = eventfd2(0x1, 0x80801)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
r8 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000001600)={0x0, &(0x7f0000001180)=[@hvc={0x32, 0x40, {0x84000053, [0xd8, 0x0, 0x8, 0xa, 0x7]}}, @irq_setup={0x46, 0x18, {0x0, 0x3ca}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x0, 0xd, 0x3d61, 0x3, 0x4}}, @svc={0x122, 0x40, {0x8400000d, [0x7ff, 0x7, 0x76e2, 0x2]}}, @irq_setup={0x46, 0x18, {0x0, 0x22f}}, @hvc={0x32, 0x40, {0x1000, [0x5, 0x0, 0x10000, 0x8, 0x7fffffffffffffff]}}, @code={0xa, 0x84, {"207493d200a0b0f2e10080d2420180d2830180d2440080d2020000d4000040a8607d9fd20040b8f2010180d2420080d2630180d2440180d2020000d40004000fe0e190d20060b0f2e10180d2220080d2c30180d2640080d2020000d40024000f0088207e0000c069000040b3000028d5"}}, @uexit={0x0, 0x18, 0x7}, @uexit={0x0, 0x18, 0x7f}, @code={0xa, 0xb4, {"802e8dd200e0b8f2a10080d2220180d2630180d2c40080d2020000d4007008d5007008d5c0e696d20000b0f2010080d2020180d2a30180d2e40180d2020000d40044205e20c999d20080b0f2c10080d2420080d2230180d2240180d2020000d4007008d5e0bd9fd200c0b0f2010180d2820180d2230180d2640080d2020000d4e01089d20000b0f2410080d2e20080d2e30080d2040180d2020000d400000094"}}, @irq_setup={0x46, 0x18, {0x1, 0x122}}, @uexit={0x0, 0x18, 0x7}, @msr={0x14, 0x20, {0x603000000013dea4, 0x1}}, @eret={0xe6, 0x18, 0x9}, @smc={0x1e, 0x40, {0x84000005, [0x9, 0x1, 0x1000, 0x6, 0x7fffffffffffffff]}}, @irq_setup={0x46, 0x18, {0x1, 0x1f5}}, @msr={0x14, 0x20, {0x603000000013deff, 0x3}}, @svc={0x122, 0x40, {0x1, [0x8000, 0x7fffffff, 0x9, 0x4, 0x9]}}, @eret={0xe6, 0x18, 0x5}, @msr={0x14, 0x20, {0x603000000013e108, 0xffffffffffffffff}}, @uexit={0x0, 0x18, 0x4}, @hvc={0x32, 0x40, {0x4100002a, [0x6, 0x8, 0x5, 0x4, 0x7]}}, @eret={0xe6, 0x18, 0x9}], 0x448}, &(0x7f0000001640)=[@featur1={0x1, 0x5}], 0x1)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x1000)=nil, r7, 0x100000e, 0x10010, r8, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4360ae82, &(0x7f0000001680)={[0x5, 0x80000001, 0x7ff, 0xa, 0x2, 0x5, 0x8, 0x40, 0x8, 0x7b62, 0x4, 0xfffffffffffffffa, 0x8, 0x88, 0x4, 0x80], 0xd000, 0x48000})
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000001740)={0x80000001, 0x0, 0x1, r6, 0x4})
mmap$KVM_VCPU(&(0x7f0000d7f000/0x4000)=nil, r7, 0x0, 0x8010, r8, 0x0)
ioctl$KVM_GET_MP_STATE(r5, 0x8004ae98, &(0x7f0000001780))
ioctl$KVM_SET_SIGNAL_MASK(r5, 0x4004ae8b, &(0x7f00000017c0)={0xa5, "61e161ef37eb53bb96dfe3a569fc81d6ba445555964807e1fd24d86a2eeb11a115895e920482a109cfa077485adcf02869235f23e687d0919fd240aa49bb3c93959840121b6b9b80f5787a74653a651322f5d63554088ffe192b3451d5db40d030a406c9c13875ad0bcbe2650a03c43afd52294a2d688610a408e60834a5b889dfc59c604ecee1de4fba2ea84e192454dc32ce4ebff31b6448df99cc6268372b461cc5f8d9"})
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000018c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000001880)={0x0, 0x8}})
ioctl$KVM_ARM_VCPU_FINALIZE(r5, 0x4004aec2, &(0x7f0000001900)=0x6)
ioctl$KVM_GET_STATS_FD_cpu(r4, 0xaece)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000001f40)={0x0, &(0x7f0000001940)=[@hvc={0x32, 0x40, {0x84000001, [0x4, 0x5, 0x0, 0x3, 0x6]}}, @mrs={0xbe, 0x18, {0x603000000013deb9}}, @svc={0x122, 0x40, {0xc400000c, [0x5, 0x78a, 0x4, 0x100000000, 0x1]}}, @svc={0x122, 0x40, {0x2, [0x0, 0x6182, 0x4, 0x7, 0x8]}}, @msr={0x14, 0x20, {0x0, 0x80000001}}, @msr={0x14, 0x20, {0x603000000013c643, 0x2}}, @smc={0x1e, 0x40, {0x8, [0x7, 0x1, 0x9, 0x4, 0x8]}}, @irq_setup={0x46, 0x18, {0x0, 0x318}}, @msr={0x14, 0x20, {0x603000000013d921, 0x3}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x382, 0x6, 0xe}}, @hvc={0x32, 0x40, {0x80000000, [0xd, 0x3, 0x3, 0x9, 0x7bf2]}}, @svc={0x122, 0x40, {0xc400000e, [0x1, 0x8000000000000000, 0x10001, 0x8, 0x5be]}}, @svc={0x122, 0x40, {0x84000052, [0x89b, 0x8, 0x81, 0x10000, 0x4023]}}, @memwrite={0x6e, 0x30, @generic={0x53d9ba8e3452023d, 0xe01, 0x10001, 0x2}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x2ab}}, @hvc={0x32, 0x40, {0x8, [0x7, 0xd, 0x8, 0x0, 0xa]}}, @uexit={0x0, 0x18, 0x8}, @smc={0x1e, 0x40, {0xc4000005, [0x3, 0x7fff, 0x8, 0x100000000, 0x200]}}, @code={0xa, 0x84, {"008c207e800f92d20040b8f2210180d2e20080d2230080d2a40180d2020000d40000406c001ca00e000008d5007008d5000008d5e00385d20080b0f2c10080d2020080d2e30080d2840080d2020000d40000402ca0eb90d20040b0f2c10080d2220180d2a30180d2240080d2020000d4"}}, @code={0xa, 0xb4, {"007008d5007008d5007008d500008078c0898ad20000b0f2210080d2e20180d2a30080d2240080d2020000d4000008d5601483d200e0b0f2010180d2e20080d2430180d2c40080d2020000d4201694d20020b8f2010180d2020180d2e30080d2440080d2020000d4403c81d20000b0f2c10180d2620180d2430080d2040080d2020000d4a00b90d20020b0f2210080d2420080d2a30180d2040080d2020000d4"}}, @uexit={0x0, 0x18, 0xfff}, @mrs={0xbe, 0x18, {0x603000000013e706}}, @smc={0x1e, 0x40, {0x80008000, [0x3, 0x3, 0x800, 0x1, 0x100]}}, @smc={0x1e, 0x40, {0xc4000011, [0x4, 0x6, 0xfffffffffffffffd, 0x0, 0x1]}}, @smc={0x1e, 0x40, {0x40000013, [0xe, 0x8, 0xd4b6, 0x2, 0x81]}}, @mrs={0xbe, 0x18, {0x603000000013c527}}, @mrs={0xbe, 0x18, {0x603000000013d801}}], 0x5c8}, &(0x7f0000001f80)=[@featur2={0x1, 0xa0}], 0x1)
ioctl$KVM_GET_SREGS(r5, 0x8000ae83, &(0x7f0000001fc0))
ioctl$KVM_SET_SREGS(r3, 0x4000ae84, &(0x7f0000002100)={{0xeeee8000, 0x3000, 0x3, 0x3, 0x9, 0x0, 0x7, 0x84, 0x6, 0x7, 0xe, 0x8}, {0x3b331001, 0x0, 0x4, 0xd, 0x2, 0xe, 0x1, 0x4, 0x1, 0x1, 0x80, 0x5}, {0xeeee8000, 0x6000, 0x8, 0xe, 0x4, 0x1, 0x9, 0x5, 0x1, 0x2, 0xb0, 0x2}, {0xdddd0000, 0x80a0000, 0xd, 0x8, 0x2, 0x0, 0x8, 0x1, 0x8, 0xe, 0x5, 0x5}, {0x2, 0x4, 0x4, 0x1, 0x6, 0xd3, 0x4, 0xa, 0x4, 0x0, 0x45, 0xb7}, {0xeeee0000, 0x100000, 0xa, 0xc1, 0x2f, 0x1, 0xfc, 0x5, 0x6, 0x6, 0x6, 0x6}, {0x8080000, 0xdddd1000, 0x8, 0xbd, 0x7, 0x1, 0x9, 0x8, 0xf4, 0x3, 0x6}, {0xf000, 0xdddd1000, 0x10, 0x1, 0xb6, 0xd4, 0x66, 0x7, 0x4, 0xff, 0xbd, 0x4}, {0xffff1000, 0x1000}, {0xffff1000, 0x200}, 0x32, 0x0, 0xf000, 0x100000, 0x9, 0x101, 0x4, [0x7, 0x9, 0x4, 0x8]})
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee3, &(0x7f0000002280)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000002240)=0x80})

21m23.870196504s ago: executing program 37 (id=127):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
r4 = eventfd2(0x0, 0x0) (async)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r7, 0x4068aea3, &(0x7f00000002c0)={0xe1, 0x0, 0x10000})
r8 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0xa, 0x4}})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r10, 0x4018aee3, &(0x7f0000000100)=@attr_pmu_init) (async)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
close(r4)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) (async)
write$eventfd(r4, &(0x7f0000000180)=0x5, 0xfffffde3) (async)
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)

13m17.420596822s ago: executing program 6 (id=128):
openat$kvm(0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0xffffffffffffffff}}], 0x20}, &(0x7f00000000c0)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x27)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000300)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x4, 0xd}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x0, 0x7, 0x6, 0x0, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r13, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000180)={0x8, <r16=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x1, 0x4, &(0x7f0000000200)=0x807fffd})
ioctl$KVM_RUN(r15, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1a)

12m55.227668579s ago: executing program 6 (id=130):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013e641, 0x0})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x28)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f0000000040)=@arm64_sys={0x603000000013e000, 0x0})
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x3, 0x200)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x210140, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r13, 0x4020ae46, &(0x7f0000000000)={0x0, 0x6, 0x2000, 0x2000, &(0x7f0000ec1000/0x2000)=nil})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil)
r17 = syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r17, 0x4010aeac, &(0x7f0000000140)=@arm64_bitmap={0x6070000000160002, 0x0})
r18 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r19 = ioctl$KVM_CREATE_VM(r18, 0xae01, 0x0)
r20 = syz_kvm_setup_syzos_vm$arm64(r19, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r20, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x4, 0x1, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x2, 0x2, 0x9, 0x0, 0x80}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r19, 0x20000000001, 0x100)

12m54.170363096s ago: executing program 7 (id=129):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000780), 0x1, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x10)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000000)={0x7, <r5=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r5, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x7, 0x7fffffffffffffff, 0x0})
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x58)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0xd)

12m36.421948553s ago: executing program 7 (id=131):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r0, r1, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r1, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100044, &(0x7f0000000000)=0x3ff})

12m25.502102128s ago: executing program 7 (id=132):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x62)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0x80111500, 0x20000000)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x6000, 0x4, 0xa}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000000)={0x1, 0x8000000, 0x2, 0xffffffffffffffff, 0x20}) (async)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000000)={0x1, 0x8000000, 0x2, 0xffffffffffffffff, 0x20})
write$eventfd(r2, &(0x7f0000000000), 0xfffffdef) (async)
write$eventfd(r2, &(0x7f0000000000), 0xfffffdef)
munmap(&(0x7f0000008000/0x2000)=nil, 0x2000)

12m6.798430807s ago: executing program 38 (id=130):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013e641, 0x0})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x28)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f0000000040)=@arm64_sys={0x603000000013e000, 0x0})
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x3, 0x200)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x210140, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r13, 0x4020ae46, &(0x7f0000000000)={0x0, 0x6, 0x2000, 0x2000, &(0x7f0000ec1000/0x2000)=nil})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil)
r17 = syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r17, 0x4010aeac, &(0x7f0000000140)=@arm64_bitmap={0x6070000000160002, 0x0})
r18 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r19 = ioctl$KVM_CREATE_VM(r18, 0xae01, 0x0)
r20 = syz_kvm_setup_syzos_vm$arm64(r19, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r20, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x4, 0x1, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x2, 0x2, 0x9, 0x0, 0x80}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r19, 0x20000000001, 0x100)

11m36.011274221s ago: executing program 39 (id=132):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x62)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0x80111500, 0x20000000)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x6000, 0x4, 0xa}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000000)={0x1, 0x8000000, 0x2, 0xffffffffffffffff, 0x20}) (async)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000000)={0x1, 0x8000000, 0x2, 0xffffffffffffffff, 0x20})
write$eventfd(r2, &(0x7f0000000000), 0xfffffdef) (async)
write$eventfd(r2, &(0x7f0000000000), 0xfffffdef)
munmap(&(0x7f0000008000/0x2000)=nil, 0x2000)

2m38.507729693s ago: executing program 9 (id=137):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0xffffffffffffffff}}], 0x20}, &(0x7f00000000c0)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2m16.433947319s ago: executing program 9 (id=139):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r1, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xb01b)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_setup_cpu$arm64(r3, 0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000000900)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r8, 0xae03, 0x9)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000040)=@arm64_fw={0x6030000000160003, &(0x7f0000000000)=0x8})
close(0xffffffffffffffff)
r9 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013c523}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x2f1}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1600, 0x1, 0xd}}, @hvc={0x32, 0x40, {0x8600ff01, [0x5, 0xb4, 0x7, 0x6064993e, 0x6]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x4, 0x4, 0x10, 0x3, 0x3}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x1, 0xb, 0xe, 0x0, 0x1}}, @msr={0x14, 0x20, {0x6030000000138037, 0x3846}}, @hvc={0x32, 0x40, {0xc4000001, [0x80, 0xffffffff00000001, 0xd78c, 0xfffffffffffffff9, 0x3]}}, @hvc={0x32, 0x40, {0x8600ff01, [0x1, 0x4, 0x0, 0x8]}}, @eret={0xe6, 0x18, 0x8000000000000000}, @svc={0x122, 0x40, {0x84000001, [0x10, 0x8000000000000000, 0x1ff, 0x6, 0xa06]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x88, 0x2}}, @code={0xa, 0xc8, {"0074202e009c9bd200e0b0f2410080d2420180d2c30080d2a40080d2020000d420e295d20040b8f2210180d2220180d2430080d2640080d2020000d4000020cb00449ad20060b8f2a10080d2620080d2830180d2240180d2020000d4a0cc8ad20060b8f2c10080d2820180d2030080d2a40180d2020000d400000091007008d5806a8ad200a0b0f2410080d2220180d2630080d2440080d2020000d420348dd20020b0f2620180d2830180d2840180d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x3, 0x1, 0x100, 0x80000000}}, @memwrite={0x6e, 0x30, @generic={0x2, 0x6e8, 0x78, 0xd}}], 0x348}, &(0x7f0000000040)=[@featur2={0x1, 0x40}], 0x1)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000b80)={0x0, 0x0}, &(0x7f0000000280)=[@featur2={0x1, 0xf}], 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0x0, 0x4, 0x0})
mmap$KVM_VCPU(&(0x7f0000c61000/0x3000)=nil, 0x930, 0x100000f, 0x4019032, 0xffffffffffffffff, 0x0)

2m14.689733107s ago: executing program 8 (id=140):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x5)
ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil}) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2) (async)
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x603000000010000a, &(0x7f0000000000)=0x10000})

1m59.125363989s ago: executing program 8 (id=141):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r1, 0x4010aeb5, &(0x7f0000000100)={0x25, 0x4})
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100006, &(0x7f00000000c0)=0x7ffffffc})

1m46.80046712s ago: executing program 9 (id=142):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0) (async, rerun: 32)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_sys={0x603000000013debc, &(0x7f0000000100)=0x2}) (async, rerun: 32)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000000)=0x1b})

1m42.764512316s ago: executing program 8 (id=143):
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000000)={0x48, 0xdddd1000})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0x500000f, 0x10, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r0, 0x401c5820, 0x20000000)

1m28.620617283s ago: executing program 9 (id=144):
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x36)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x66)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)

1m28.219443606s ago: executing program 8 (id=145):
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) (async)
munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000) (async)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async)
r0 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000cf1000/0x3000)=nil, r0, 0x2000000, 0x100010, 0xffffffffffffffff, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r2, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0) (async)
r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000300)={0x0, &(0x7f0000000080)=[@uexit={0x0, 0x18, 0x5}, @memwrite={0x6e, 0x30, @generic={0xf000, 0xff5, 0xfffffffffffffffc, 0x1}}, @msr={0x14, 0x20, {0x5f10, 0x68cc5be4}}, @svc={0x122, 0x40, {0x84000050, [0xa, 0x7, 0xfffffffffffffff7, 0x8]}}, @hvc={0x32, 0x40, {0xffff, [0x5, 0x77, 0x7, 0x81, 0x81]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1600, 0x7, 0x2}}, @eret={0xe6, 0x18, 0xffffffffffffffff}, @smc={0x1e, 0x40, {0x2000, [0x4, 0x2, 0x2, 0x2, 0x4]}}, @eret={0xe6, 0x18, 0xfffffffffffffffc}, @eret={0xe6, 0x18, 0x800}, @eret={0xe6, 0x18, 0x8}, @mrs={0xbe, 0x18, {0x6030000000138055}}, @uexit={0x0, 0x18, 0x8}, @its_send_cmd={0xaa, 0x28, {0x0, 0x1, 0x3, 0x2, 0xf, 0x6000, 0x1}}, @irq_setup={0x46, 0x18, {0x0, 0x356}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x8, 0x4, 0x2, 0x3, 0x3}}], 0x250}, &(0x7f0000000340)=[@featur1={0x1, 0x190}], 0x1)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r3, 0x4208ae9b, &(0x7f0000000380)={0x0, 0x0, {[0x8000000000000001, 0xffffffffffffffff, 0x7, 0x3, 0x2, 0x6, 0xfffffffffffffff9, 0x3, 0x1, 0x8, 0x32a6, 0x95a, 0x6, 0x10001, 0x3, 0x5], [0x5, 0x1, 0x2, 0x3, 0xfc, 0x3, 0x4, 0x8000000000000000, 0xfffffffffffffff7, 0x9, 0x3, 0x2, 0x5, 0x80000000, 0xea, 0x3ff], [0x7, 0x6, 0x4, 0x401, 0xffff, 0xffffffffffffd590, 0xad67, 0x7, 0xfffffffffffffffe, 0x1, 0x7, 0xeb, 0x1, 0xb34, 0xff, 0x6], [0x8, 0x4, 0x2, 0x5, 0x5, 0x5, 0x6, 0xb7, 0x4, 0x756c, 0x5, 0x4, 0x0, 0x200000000, 0x6, 0x5]}})

1m12.532699019s ago: executing program 8 (id=146):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c000}) (async)
ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c000})
r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x3, 0xfffffffd}}], 0x50}, 0x0, 0x0)
syz_kvm_setup_cpu$arm64(r1, r6, &(0x7f0000bfd000/0x400000)=nil, &(0x7f00000003c0)=[{0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0a00000000000000b400000000000000a01b9ad20000b0f2410180d2e20180d2a30180d2240080d2020000d4a0e887d20080b0f2410080d2e20080c2830080d2640180d2020000d40000229e0084200d402e9ad20060b8f2810180d2420080d2430080d2e40180d2020000d40000c00c206f9ed200c0b0f2410180d2620180d2e30080d2040180d2020000d400000072000008d5407182d20040b0f2210180d2a20180d2430180d2240180d2020000d4c0035fd61e0000000000000040000000000000804000000000000000240000000000000001000000000000800000000006000000ffffffff00000000ffff00000000000082000000000000002800000000000000010000000000000001000000000000004203000000000000220100001900000040000000000000000a26b0250000000009000000000000000500000000000000070000000000000009000000000000000f00000000000000"], 0x15c}], 0x1, 0x0, &(0x7f0000000400)=[@featur2={0x1, 0x4}], 0x1)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_vgic_v3_setup(r8, 0x1, 0x100)
ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f0000000000)={0xffffffffffffffff, 0x6, 0x2, r9})
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000200)={0x0, 0x0}, 0x0, 0x0) (async)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000200)={0x0, 0x0}, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000140)={0x4, <r14=>0xffffffffffffffff, 0x1})
write$eventfd(r14, &(0x7f00000001c0)=0x7ffffff, 0xfdef) (async)
write$eventfd(r14, &(0x7f00000001c0)=0x7ffffff, 0xfdef)
ioctl$KVM_SET_VCPU_EVENTS(r11, 0x4040aea0, &(0x7f0000000000)=@x86={0x0, 0x3, 0xb, 0x0, 0xe09, 0x6, 0x0, 0x3, 0x9, 0x2, 0xf5, 0x8, 0x0, 0x0, 0x6, 0x2, 0x4, 0xd0, 0xf8, '\x00', 0x51, 0xfffffffffffffffc})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)

1m11.562464604s ago: executing program 9 (id=147):
r0 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r1 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc0000000000000400", 0x0, 0xffffffffffffff32)

54.650229908s ago: executing program 8 (id=148):
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r0, 0x4018aee2, &(0x7f0000000000)=@attr_pmu_init)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r0, 0x4018aee3, &(0x7f0000000080)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000040)=0x15})
ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f00000000c0))
ioctl$KVM_GET_REGS(r0, 0x8360ae81, &(0x7f0000000100))
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r0, 0x4018aee3, &(0x7f00000001c0)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x1})
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x38)
syz_kvm_setup_cpu$arm64(r1, r0, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000580)=[{0x0, &(0x7f0000000200)=[@mrs={0xbe, 0x18, {0x603000000013c523}}, @smc={0x1e, 0x40, {0x80000002, [0x100000001, 0x3ff, 0x9, 0x9, 0x200]}}, @smc={0x1e, 0x40, {0x86000001, [0x4, 0x7380000000000000, 0xa00000000000, 0xfffffffffffffffb]}}, @mrs={0xbe, 0x18, {0x6030000000138007}}, @hvc={0x32, 0x40, {0x8400000c, [0xff, 0x774, 0x9, 0x4, 0x2]}}, @msr={0x14, 0x20, {0x603000000013df43, 0x1ff}}, @uexit={0x0, 0x18, 0x9}, @eret={0xe6, 0x18, 0xfffffffffffffffb}, @memwrite={0x6e, 0x30, @generic={0x100000, 0xceb, 0x2, 0x4}}, @msr={0x14, 0x20, {0x603000000013deb0, 0x6527}}, @smc={0x1e, 0x40, {0x30000000, [0x9, 0x4, 0xfcef, 0x2]}}, @irq_setup={0x46, 0x18, {0x4, 0x156}}, @svc={0x122, 0x40, {0x8400000c, [0xffff, 0x3, 0x8, 0x3, 0xd]}}, @svc={0x122, 0x40, {0x84000005, [0x80000001, 0xd, 0x7, 0x100000001, 0xf]}}, @uexit={0x0, 0x18, 0x33d3}, @eret={0xe6, 0x18, 0x800}, @uexit={0x0, 0x18, 0x1}, @memwrite={0x6e, 0x30, @generic={0xdddd1000, 0x9af, 0x7fffffffffffffff, 0x3}}, @irq_setup={0x46, 0x18, {0x2, 0x346}}, @smc={0x1e, 0x40, {0x80000000, [0x3, 0x1ff, 0x100000001, 0x75be8ab3, 0x9]}}, @msr={0x14, 0x20, {0x603000000013800c, 0x100000001}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x4, 0xb, 0x4c, 0x0, 0x2}}], 0x380}], 0x1, 0x0, &(0x7f00000005c0)=[@featur1={0x1, 0x2}], 0x1)
ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f0000000600)={0xff, 0x2})
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r1, 0x4068aea3, &(0x7f0000000640)={0xa8, 0x0, 0x2})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000006c0)={0x4, <r2=>0xffffffffffffffff, 0x1})
close(r2)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000700)={0x5, <r3=>0xffffffffffffffff})
ioctl$KVM_ARM_VCPU_FINALIZE(r0, 0x4004aec2, &(0x7f0000000740))
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x11)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000780), 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000800)=@attr_other={0x0, 0x3, 0x0, &(0x7f00000007c0)=0x8})
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x7)
ioctl$KVM_SET_SIGNAL_MASK(r0, 0x4004ae8b, &(0x7f0000000840)={0xe2, "5923ab473905f8ce950c49d830534efea153aa001697eaa4ae1b153d093f2b6179d47e1484af4435a816f2cc80007a83cbb4db6262f012b5f29a3c73515ed82b8e958a9f17713d36e3c8f167aaa91faf77116dcf966c32029883866fe6300ff5b15e5c9d929db7851f5f5cc2a3b8984b606f3347877512bd4dfc353922bcfe1ef62899491dd77d1e83568f04ee3713043ec9774361f4527b91218cb897d3074190b0807b5928769b910c20fae9ea69c1c97c3f2b080190556d78667ce5171f8798f224decbeccc8f0cf44c5fa62a1458e1768f9816c31c33d0456b14082da6732701"})
r6 = ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f0000000940)={0x9, 0xb01})
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000980)={0x101ff, 0x3, 0xf000, 0x2000, &(0x7f0000ffe000/0x2000)=nil, 0x3, r6})
r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x34)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r7, 0x4018aee3, &(0x7f0000000a80)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000a40)={0x72, 0x80000001, 0x2}})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000ac0)={0x2, 0x1, 0x8080000, 0x1000, &(0x7f0000f54000/0x1000)=nil})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000b00), 0xc00, 0x0)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r4, 0x4068aea3, &(0x7f0000000b40))
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r1, 0x4068aea3, &(0x7f0000000bc0))
syz_kvm_setup_cpu$arm64(r7, r0, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000001140)=[{0x0, &(0x7f0000000c40)=[@hvc={0x32, 0x40, {0x4000, [0x9, 0x40, 0x0, 0x0, 0x800]}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x1fe}}, @smc={0x1e, 0x40, {0x84000007, [0x6, 0x1, 0x7, 0x2, 0x4]}}, @uexit={0x0, 0x18, 0x4}, @smc={0x1e, 0x40, {0x3f000000, [0x9, 0xb1, 0x1ff, 0x1, 0x9]}}, @code={0xa, 0xe4, {"00e28dd20020b0f2a10180d2e20180d2630080d2440180d2020000d40034202e00d085d20020b8f2210080d2020080d2e30080d2a40180d2020000d4a03b8cd200e0b8f2010080d2020080d2c30180d2c40180d2020000d4807184d20080b0f2210180d2a20080d2a30080d2c40180d2020000d4000c207ee0b086d20040b0f2810180d2a20180d2c30080d2440080d2020000d4008008d500168fd200e0b0f2610080d2020080d2230180d2840080d2020000d4c0db8bd20080b0f2e10080d2820080d2030080d2a40080d2020000d4"}}, @hvc={0x32, 0x40, {0x80000001, [0xc15d, 0x8, 0x10001, 0x5c06, 0x8]}}, @uexit={0x0, 0x18, 0x2}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x2b}}, @svc={0x122, 0x40, {0x1000000, [0x9, 0x7, 0x100, 0x7, 0x7]}}, @code={0xa, 0xfc, {"0000791e60d099d200a0b0f2810180d2020180d2a30080d2440080d2020000d4e0e19ed20060b8f2e10180d2a20180d2430080d2040180d2020000d4007008d5803088d200c0b8f2610180d2220180d2230180d2e40180d2020000d460649fd20080b8f2810180d2820180d2e30080d2240180d2020000d4e04c99d200c0b0f2e10180d2e20180d2c30180d2a40180d2020000d4203495d20040b8f2a10080d2020080d2a30180d2240180d2020000d4604f80d20020b8f2210080d2220180d2e30080d2240180d2020000d420a59cd200e0b0f2210080d2420180d2c30180d2c40080d2020000d4"}}, @hvc={0x32, 0x40, {0x80003fff, [0x3ff, 0x0, 0x4, 0x6]}}, @code={0xa, 0x84, {"c0599cd20040b0f2a10180d2a20080d2430080d2a40180d2020000d40020005e0074007f0050206e0000309ec03191d200c0b8f2a10180d2a20180d2c30080d2440180d2020000d4007008d5402781d200a0b8f2c10180d2820080d2830180d2040180d2020000d400682038007008d5"}}, @irq_setup={0x46, 0x18, {0x0, 0x2d1}}, @hvc={0x32, 0x40, {0xc4000005, [0xfffffffffffffffa, 0x7fffffff, 0x4, 0x6, 0x3c0]}}, @eret={0xe6, 0x18, 0x8}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x368}}], 0x4fc}], 0x1, 0x0, &(0x7f0000001180)=[@featur2={0x1, 0xa6}], 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000011c0)={0x4, 0x2, 0xdddd1000, 0x1000, &(0x7f0000f23000/0x1000)=nil})

52.494897141s ago: executing program 9 (id=149):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x140, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x28)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0xc018ae85, &(0x7f00000011c0)=@arm64={0x5, 0xff, 0xc, '\x00', 0x1e00000000000})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000ac0)={0x0, 0x0, 0x3d}, 0x0, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async)
r8 = eventfd2(0x0, 0x80000) (async)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x35)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000080)={0xb, 0xffffffffffffffff, 0x75eb223f4670a61}) (async)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x2, r8, 0x3})
r10 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xeeef0000, 0x0, r10}) (async)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, 0x0) (async)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000000)={0x203, 0x0, 0x2, r8, 0xf}) (async)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000100)={0x0, &(0x7f0000000700)=[@code={0xa, 0x6c, {"007008d5007008d5808c93d20060b0f2a10180d2220180d2a30080d2240180d2020000d4000028d5206088d20060b8f2010180d2020180d2630180d2840080d2020000d400a4a00d007008d50024c09a00dc202e000028d5"}}, @svc={0x122, 0x40, {0x84000053, [0x3, 0x2, 0x1, 0x5, 0x9]}}, @smc={0x1e, 0x40, {0x84000000, [0x5, 0x4, 0x101, 0x6, 0xffffffffffffffff]}}, @eret={0xe6, 0x18, 0x5}, @mrs={0xbe, 0x18, {0x6030000000138027}}, @smc={0x1e, 0x40, {0x0, [0x5, 0xa, 0x8, 0x9, 0x8000]}}, @mrs={0xbe, 0x18, {0x603000000013df54}}, @uexit={0x0, 0x18, 0x7}, @hvc={0x32, 0x40, {0x80000002, [0x8, 0x4, 0x3, 0x0, 0xfffffffffffffffb]}}, @irq_setup={0x46, 0x18, {0x3, 0xaa}}, @eret={0xe6, 0x18, 0x1f8bc22}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x18, 0x400}}, @code={0xa, 0x9c, {"007008d5e05784d200a0b8f2810080d2e20080d2030080d2040080d2020000d40000001ca0c898d200e0b0f2410080d2420180d2230180d2240080d2020000d400dc97d20000b8f2410180d2420080d2830080d2040080d2020000d4007008d5008008d5007008d5a00a82d200e0b0f2610080d2620080d2230080d2a40080d2020000d4000028d5"}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x3eb}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff0, 0x3, 0x8}}, @irq_setup={0x46, 0x18, {0x2, 0x107}}, @msr={0x14, 0x20, {0x603000000013e6d2, 0x1}}, @mrs={0xbe, 0x18, {0xdaa865515f20f5bd}}, @its_setup={0x82, 0x28, {0x1, 0x9, 0x319}}], 0x398}, &(0x7f0000000140)=[@featur2={0x1, 0x8}], 0x1) (async)
r11 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000000)={0x0, &(0x7f0000000240)=[@uexit={0x0, 0x18, 0x80000000}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x15a}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x55}}, @msr={0x14, 0x20, {0x603000000013deb1, 0x5}}, @svc={0x122, 0x40, {0x4000, [0x0, 0xa, 0x6, 0x8, 0x5]}}, @hvc={0x32, 0x40, {0x84000009, [0x6, 0x8000000000000001, 0x6, 0x5, 0x9]}}, @svc={0x122, 0x40, {0x1000000, [0x7d08df6f, 0x3, 0x18e12fb9, 0x4bee61e, 0x26af]}}, @hvc={0x32, 0x40, {0xc5000021, [0x81, 0x2, 0x100000, 0x3, 0x7ff]}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x25}}, @svc={0x122, 0x40, {0x4, [0x2, 0xfffffffffffffff7, 0x7fffffff, 0xfffffffffffffff8, 0x9]}}, @hvc={0x32, 0x40, {0x80000000, [0x7744, 0x7, 0x100, 0x10, 0x6]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x0, 0x4, 0x4, 0xdc44}}, @eret={0xe6, 0x18}, @code={0xa, 0xe4, {"0034002f000008d5e08c8dd20040b8f2010080d2420180d2a30080d2840180d2020000d4202598d20020b0f2a10080d2c20180d2e30080d2040080d2020000d40020206ee0049ad200e0b0f2210180d2220180d2030180d2240180d2020000d420c898d200c0b8f2c10180d2e20080d2230080d2a40080d2020000d4c00b86d200c0b8f2610080d2220180d2e30180d2240180d2020000d480b589d20060b8f2410080d2420080d2830180d2c40180d2020000d4a0b788d200c0b8f2610180d2420180d2e30080d2640180d2020000d4"}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1c00, 0x62d3, 0x1}}, @memwrite={0x6e, 0x30, @generic={0x4000, 0x102, 0x2, 0x4bc754b796d696d9}}, @msr={0x14, 0x20, {0x603000000013807f, 0x1}}, @smc={0x1e, 0x40, {0xc400000d, [0x2000000000fff, 0x1, 0x3b9, 0x3, 0x7]}}, @mrs={0xbe, 0x18, {0x603000000013deb1}}, @hvc={0x32, 0x40, {0x400, [0x4, 0xe0e, 0x1, 0x3, 0x99]}}, @eret={0xe6, 0x18, 0xc00}], 0x484}, &(0x7f00000000c0)=[@featur2={0x1, 0x21}], 0x1)
ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f0000000180)=@arm64_extra={0x603000000013c03c, 0x0})

6.621101846s ago: executing program 40 (id=148):
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r0, 0x4018aee2, &(0x7f0000000000)=@attr_pmu_init)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r0, 0x4018aee3, &(0x7f0000000080)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000040)=0x15})
ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f00000000c0))
ioctl$KVM_GET_REGS(r0, 0x8360ae81, &(0x7f0000000100))
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r0, 0x4018aee3, &(0x7f00000001c0)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x1})
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x38)
syz_kvm_setup_cpu$arm64(r1, r0, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000580)=[{0x0, &(0x7f0000000200)=[@mrs={0xbe, 0x18, {0x603000000013c523}}, @smc={0x1e, 0x40, {0x80000002, [0x100000001, 0x3ff, 0x9, 0x9, 0x200]}}, @smc={0x1e, 0x40, {0x86000001, [0x4, 0x7380000000000000, 0xa00000000000, 0xfffffffffffffffb]}}, @mrs={0xbe, 0x18, {0x6030000000138007}}, @hvc={0x32, 0x40, {0x8400000c, [0xff, 0x774, 0x9, 0x4, 0x2]}}, @msr={0x14, 0x20, {0x603000000013df43, 0x1ff}}, @uexit={0x0, 0x18, 0x9}, @eret={0xe6, 0x18, 0xfffffffffffffffb}, @memwrite={0x6e, 0x30, @generic={0x100000, 0xceb, 0x2, 0x4}}, @msr={0x14, 0x20, {0x603000000013deb0, 0x6527}}, @smc={0x1e, 0x40, {0x30000000, [0x9, 0x4, 0xfcef, 0x2]}}, @irq_setup={0x46, 0x18, {0x4, 0x156}}, @svc={0x122, 0x40, {0x8400000c, [0xffff, 0x3, 0x8, 0x3, 0xd]}}, @svc={0x122, 0x40, {0x84000005, [0x80000001, 0xd, 0x7, 0x100000001, 0xf]}}, @uexit={0x0, 0x18, 0x33d3}, @eret={0xe6, 0x18, 0x800}, @uexit={0x0, 0x18, 0x1}, @memwrite={0x6e, 0x30, @generic={0xdddd1000, 0x9af, 0x7fffffffffffffff, 0x3}}, @irq_setup={0x46, 0x18, {0x2, 0x346}}, @smc={0x1e, 0x40, {0x80000000, [0x3, 0x1ff, 0x100000001, 0x75be8ab3, 0x9]}}, @msr={0x14, 0x20, {0x603000000013800c, 0x100000001}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x4, 0xb, 0x4c, 0x0, 0x2}}], 0x380}], 0x1, 0x0, &(0x7f00000005c0)=[@featur1={0x1, 0x2}], 0x1)
ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f0000000600)={0xff, 0x2})
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r1, 0x4068aea3, &(0x7f0000000640)={0xa8, 0x0, 0x2})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000006c0)={0x4, <r2=>0xffffffffffffffff, 0x1})
close(r2)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000700)={0x5, <r3=>0xffffffffffffffff})
ioctl$KVM_ARM_VCPU_FINALIZE(r0, 0x4004aec2, &(0x7f0000000740))
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x11)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000780), 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000800)=@attr_other={0x0, 0x3, 0x0, &(0x7f00000007c0)=0x8})
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x7)
ioctl$KVM_SET_SIGNAL_MASK(r0, 0x4004ae8b, &(0x7f0000000840)={0xe2, "5923ab473905f8ce950c49d830534efea153aa001697eaa4ae1b153d093f2b6179d47e1484af4435a816f2cc80007a83cbb4db6262f012b5f29a3c73515ed82b8e958a9f17713d36e3c8f167aaa91faf77116dcf966c32029883866fe6300ff5b15e5c9d929db7851f5f5cc2a3b8984b606f3347877512bd4dfc353922bcfe1ef62899491dd77d1e83568f04ee3713043ec9774361f4527b91218cb897d3074190b0807b5928769b910c20fae9ea69c1c97c3f2b080190556d78667ce5171f8798f224decbeccc8f0cf44c5fa62a1458e1768f9816c31c33d0456b14082da6732701"})
r6 = ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f0000000940)={0x9, 0xb01})
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000980)={0x101ff, 0x3, 0xf000, 0x2000, &(0x7f0000ffe000/0x2000)=nil, 0x3, r6})
r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x34)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r7, 0x4018aee3, &(0x7f0000000a80)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000a40)={0x72, 0x80000001, 0x2}})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000ac0)={0x2, 0x1, 0x8080000, 0x1000, &(0x7f0000f54000/0x1000)=nil})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000b00), 0xc00, 0x0)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r4, 0x4068aea3, &(0x7f0000000b40))
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r1, 0x4068aea3, &(0x7f0000000bc0))
syz_kvm_setup_cpu$arm64(r7, r0, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000001140)=[{0x0, &(0x7f0000000c40)=[@hvc={0x32, 0x40, {0x4000, [0x9, 0x40, 0x0, 0x0, 0x800]}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x1fe}}, @smc={0x1e, 0x40, {0x84000007, [0x6, 0x1, 0x7, 0x2, 0x4]}}, @uexit={0x0, 0x18, 0x4}, @smc={0x1e, 0x40, {0x3f000000, [0x9, 0xb1, 0x1ff, 0x1, 0x9]}}, @code={0xa, 0xe4, {"00e28dd20020b0f2a10180d2e20180d2630080d2440180d2020000d40034202e00d085d20020b8f2210080d2020080d2e30080d2a40180d2020000d4a03b8cd200e0b8f2010080d2020080d2c30180d2c40180d2020000d4807184d20080b0f2210180d2a20080d2a30080d2c40180d2020000d4000c207ee0b086d20040b0f2810180d2a20180d2c30080d2440080d2020000d4008008d500168fd200e0b0f2610080d2020080d2230180d2840080d2020000d4c0db8bd20080b0f2e10080d2820080d2030080d2a40080d2020000d4"}}, @hvc={0x32, 0x40, {0x80000001, [0xc15d, 0x8, 0x10001, 0x5c06, 0x8]}}, @uexit={0x0, 0x18, 0x2}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x2b}}, @svc={0x122, 0x40, {0x1000000, [0x9, 0x7, 0x100, 0x7, 0x7]}}, @code={0xa, 0xfc, {"0000791e60d099d200a0b0f2810180d2020180d2a30080d2440080d2020000d4e0e19ed20060b8f2e10180d2a20180d2430080d2040180d2020000d4007008d5803088d200c0b8f2610180d2220180d2230180d2e40180d2020000d460649fd20080b8f2810180d2820180d2e30080d2240180d2020000d4e04c99d200c0b0f2e10180d2e20180d2c30180d2a40180d2020000d4203495d20040b8f2a10080d2020080d2a30180d2240180d2020000d4604f80d20020b8f2210080d2220180d2e30080d2240180d2020000d420a59cd200e0b0f2210080d2420180d2c30180d2c40080d2020000d4"}}, @hvc={0x32, 0x40, {0x80003fff, [0x3ff, 0x0, 0x4, 0x6]}}, @code={0xa, 0x84, {"c0599cd20040b0f2a10180d2a20080d2430080d2a40180d2020000d40020005e0074007f0050206e0000309ec03191d200c0b8f2a10180d2a20180d2c30080d2440180d2020000d4007008d5402781d200a0b8f2c10180d2820080d2830180d2040180d2020000d400682038007008d5"}}, @irq_setup={0x46, 0x18, {0x0, 0x2d1}}, @hvc={0x32, 0x40, {0xc4000005, [0xfffffffffffffffa, 0x7fffffff, 0x4, 0x6, 0x3c0]}}, @eret={0xe6, 0x18, 0x8}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x368}}], 0x4fc}], 0x1, 0x0, &(0x7f0000001180)=[@featur2={0x1, 0xa6}], 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000011c0)={0x4, 0x2, 0xdddd1000, 0x1000, &(0x7f0000f23000/0x1000)=nil})

0s ago: executing program 41 (id=149):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x140, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x28)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0xc018ae85, &(0x7f00000011c0)=@arm64={0x5, 0xff, 0xc, '\x00', 0x1e00000000000})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000ac0)={0x0, 0x0, 0x3d}, 0x0, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async)
r8 = eventfd2(0x0, 0x80000) (async)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x35)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000080)={0xb, 0xffffffffffffffff, 0x75eb223f4670a61}) (async)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x2, r8, 0x3})
r10 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xeeef0000, 0x0, r10}) (async)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, 0x0) (async)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000000)={0x203, 0x0, 0x2, r8, 0xf}) (async)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000100)={0x0, &(0x7f0000000700)=[@code={0xa, 0x6c, {"007008d5007008d5808c93d20060b0f2a10180d2220180d2a30080d2240180d2020000d4000028d5206088d20060b8f2010180d2020180d2630180d2840080d2020000d400a4a00d007008d50024c09a00dc202e000028d5"}}, @svc={0x122, 0x40, {0x84000053, [0x3, 0x2, 0x1, 0x5, 0x9]}}, @smc={0x1e, 0x40, {0x84000000, [0x5, 0x4, 0x101, 0x6, 0xffffffffffffffff]}}, @eret={0xe6, 0x18, 0x5}, @mrs={0xbe, 0x18, {0x6030000000138027}}, @smc={0x1e, 0x40, {0x0, [0x5, 0xa, 0x8, 0x9, 0x8000]}}, @mrs={0xbe, 0x18, {0x603000000013df54}}, @uexit={0x0, 0x18, 0x7}, @hvc={0x32, 0x40, {0x80000002, [0x8, 0x4, 0x3, 0x0, 0xfffffffffffffffb]}}, @irq_setup={0x46, 0x18, {0x3, 0xaa}}, @eret={0xe6, 0x18, 0x1f8bc22}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x18, 0x400}}, @code={0xa, 0x9c, {"007008d5e05784d200a0b8f2810080d2e20080d2030080d2040080d2020000d40000001ca0c898d200e0b0f2410080d2420180d2230180d2240080d2020000d400dc97d20000b8f2410180d2420080d2830080d2040080d2020000d4007008d5008008d5007008d5a00a82d200e0b0f2610080d2620080d2230080d2a40080d2020000d4000028d5"}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x3eb}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff0, 0x3, 0x8}}, @irq_setup={0x46, 0x18, {0x2, 0x107}}, @msr={0x14, 0x20, {0x603000000013e6d2, 0x1}}, @mrs={0xbe, 0x18, {0xdaa865515f20f5bd}}, @its_setup={0x82, 0x28, {0x1, 0x9, 0x319}}], 0x398}, &(0x7f0000000140)=[@featur2={0x1, 0x8}], 0x1) (async)
r11 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000000)={0x0, &(0x7f0000000240)=[@uexit={0x0, 0x18, 0x80000000}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x15a}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x55}}, @msr={0x14, 0x20, {0x603000000013deb1, 0x5}}, @svc={0x122, 0x40, {0x4000, [0x0, 0xa, 0x6, 0x8, 0x5]}}, @hvc={0x32, 0x40, {0x84000009, [0x6, 0x8000000000000001, 0x6, 0x5, 0x9]}}, @svc={0x122, 0x40, {0x1000000, [0x7d08df6f, 0x3, 0x18e12fb9, 0x4bee61e, 0x26af]}}, @hvc={0x32, 0x40, {0xc5000021, [0x81, 0x2, 0x100000, 0x3, 0x7ff]}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x25}}, @svc={0x122, 0x40, {0x4, [0x2, 0xfffffffffffffff7, 0x7fffffff, 0xfffffffffffffff8, 0x9]}}, @hvc={0x32, 0x40, {0x80000000, [0x7744, 0x7, 0x100, 0x10, 0x6]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x0, 0x4, 0x4, 0xdc44}}, @eret={0xe6, 0x18}, @code={0xa, 0xe4, {"0034002f000008d5e08c8dd20040b8f2010080d2420180d2a30080d2840180d2020000d4202598d20020b0f2a10080d2c20180d2e30080d2040080d2020000d40020206ee0049ad200e0b0f2210180d2220180d2030180d2240180d2020000d420c898d200c0b8f2c10180d2e20080d2230080d2a40080d2020000d4c00b86d200c0b8f2610080d2220180d2e30180d2240180d2020000d480b589d20060b8f2410080d2420080d2830180d2c40180d2020000d4a0b788d200c0b8f2610180d2420180d2e30080d2640180d2020000d4"}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1c00, 0x62d3, 0x1}}, @memwrite={0x6e, 0x30, @generic={0x4000, 0x102, 0x2, 0x4bc754b796d696d9}}, @msr={0x14, 0x20, {0x603000000013807f, 0x1}}, @smc={0x1e, 0x40, {0xc400000d, [0x2000000000fff, 0x1, 0x3b9, 0x3, 0x7]}}, @mrs={0xbe, 0x18, {0x603000000013deb1}}, @hvc={0x32, 0x40, {0x400, [0x4, 0xe0e, 0x1, 0x3, 0x99]}}, @eret={0xe6, 0x18, 0xc00}], 0x484}, &(0x7f00000000c0)=[@featur2={0x1, 0x21}], 0x1)
ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f0000000180)=@arm64_extra={0x603000000013c03c, 0x0})

kernel console output (not intermixed with test programs):

[  379.866146][ T3151] 8021q: adding VLAN 0 to HW filter on device bond0
[  425.446731][ T3151] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:48060' (ED25519) to the list of known hosts.
[  597.941209][   T25] audit: type=1400 audit(597.160:60): avc:  denied  { name_bind } for  pid=3310 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  599.833000][   T25] audit: type=1400 audit(599.080:61): avc:  denied  { execute } for  pid=3311 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  599.868078][   T25] audit: type=1400 audit(599.090:62): avc:  denied  { execute_no_trans } for  pid=3311 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  620.337173][   T25] audit: type=1400 audit(619.580:63): avc:  denied  { mounton } for  pid=3311 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  620.372845][   T25] audit: type=1400 audit(619.610:64): avc:  denied  { mount } for  pid=3311 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  620.454506][ T3311] cgroup: Unknown subsys name 'net'
[  620.503345][   T25] audit: type=1400 audit(619.750:65): avc:  denied  { unmount } for  pid=3311 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  620.887857][ T3311] cgroup: Unknown subsys name 'cpuset'
[  620.988098][ T3311] cgroup: Unknown subsys name 'rlimit'
[  621.924312][   T25] audit: type=1400 audit(621.170:66): avc:  denied  { setattr } for  pid=3311 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  621.943429][   T25] audit: type=1400 audit(621.180:67): avc:  denied  { mounton } for  pid=3311 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  621.968365][   T25] audit: type=1400 audit(621.210:68): avc:  denied  { mount } for  pid=3311 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  623.164226][ T3314] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  623.185429][   T25] audit: type=1400 audit(622.420:69): avc:  denied  { relabelto } for  pid=3314 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  623.212488][   T25] audit: type=1400 audit(622.450:70): avc:  denied  { write } for  pid=3314 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  623.392898][   T25] audit: type=1400 audit(622.630:71): avc:  denied  { read } for  pid=3311 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  623.411703][   T25] audit: type=1400 audit(622.650:72): avc:  denied  { open } for  pid=3311 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  623.453900][ T3311] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  674.344806][   T25] audit: type=1400 audit(673.590:73): avc:  denied  { execmem } for  pid=3315 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  678.921125][   T25] audit: type=1400 audit(678.160:74): avc:  denied  { read } for  pid=3317 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  678.927560][   T25] audit: type=1400 audit(678.160:75): avc:  denied  { open } for  pid=3317 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  679.042137][   T25] audit: type=1400 audit(678.270:76): avc:  denied  { mounton } for  pid=3317 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  679.310271][   T25] audit: type=1400 audit(678.550:77): avc:  denied  { module_request } for  pid=3318 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  679.323508][   T25] audit: type=1400 audit(678.570:78): avc:  denied  { module_request } for  pid=3317 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  680.431708][   T25] audit: type=1400 audit(679.670:79): avc:  denied  { sys_module } for  pid=3317 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  708.605595][ T3318] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  709.015396][ T3318] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  709.868115][ T3317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  710.117934][ T3317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  721.957952][ T3318] hsr_slave_0: entered promiscuous mode
[  721.985126][ T3318] hsr_slave_1: entered promiscuous mode
[  722.688172][ T3317] hsr_slave_0: entered promiscuous mode
[  722.743849][ T3317] hsr_slave_1: entered promiscuous mode
[  722.783526][ T3317] debugfs: 'hsr0' already exists in 'hsr'
[  722.801796][ T3317] Cannot create hsr debugfs directory
[  728.216915][   T25] audit: type=1400 audit(727.460:80): avc:  denied  { create } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  728.275350][   T25] audit: type=1400 audit(727.510:81): avc:  denied  { write } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  728.344619][   T25] audit: type=1400 audit(727.590:82): avc:  denied  { read } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  728.465946][ T3318] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  728.940432][ T3318] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  729.163755][ T3318] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  729.297624][ T3318] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  731.142389][ T3317] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  731.363941][ T3317] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  731.506351][ T3317] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  731.767287][ T3317] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  743.908092][ T3318] 8021q: adding VLAN 0 to HW filter on device bond0
[  746.561294][ T3317] 8021q: adding VLAN 0 to HW filter on device bond0
[  802.269821][ T3318] veth0_vlan: entered promiscuous mode
[  802.687455][ T3318] veth1_vlan: entered promiscuous mode
[  804.554758][ T3318] veth0_macvtap: entered promiscuous mode
[  804.912760][ T3318] veth1_macvtap: entered promiscuous mode
[  805.634109][ T3317] veth0_vlan: entered promiscuous mode
[  806.214017][ T3317] veth1_vlan: entered promiscuous mode
[  807.178585][ T3356] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  807.316530][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  807.341833][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  807.353244][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  809.485662][   T25] audit: type=1400 audit(808.680:83): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  809.583173][ T3317] veth0_macvtap: entered promiscuous mode
[  809.641383][   T25] audit: type=1400 audit(808.860:84): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.GcJsYx/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  809.825693][   T25] audit: type=1400 audit(809.070:85): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  809.941349][ T3317] veth1_macvtap: entered promiscuous mode
[  810.207362][   T25] audit: type=1400 audit(809.450:86): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.GcJsYx/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  810.354456][   T25] audit: type=1400 audit(809.570:87): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.GcJsYx/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3767 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  810.926733][   T25] audit: type=1400 audit(810.170:88): avc:  denied  { unmount } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  811.073992][   T25] audit: type=1400 audit(810.310:89): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  811.255728][   T25] audit: type=1400 audit(810.450:90): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="gadgetfs" ino=3776 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  811.535143][   T25] audit: type=1400 audit(810.660:91): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  811.625581][   T25] audit: type=1400 audit(810.870:92): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  812.078036][   T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  812.083775][   T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  812.201954][   T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  812.207907][   T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  813.086372][ T3318] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  825.835656][   T25] kauditd_printk_skb: 4 callbacks suppressed
[  825.884776][   T25] audit: type=1400 audit(825.080:97): avc:  denied  { read } for  pid=3471 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  825.941634][   T25] audit: type=1400 audit(825.180:98): avc:  denied  { open } for  pid=3471 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  826.080742][   T25] audit: type=1400 audit(825.320:99): avc:  denied  { ioctl } for  pid=3471 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  861.324943][   T25] audit: type=1400 audit(860.560:100): avc:  denied  { append } for  pid=3498 comm="syz.1.8" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  922.988485][ T3422] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  923.857556][ T3422] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  924.773037][ T3422] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  925.777741][ T3422] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  938.014934][ T3422] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  938.097960][ T3422] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  938.166233][ T3422] bond0 (unregistering): Released all slaves
[  939.613325][ T3422] hsr_slave_0: left promiscuous mode
[  939.653681][ T3422] hsr_slave_1: left promiscuous mode
[  939.938611][ T3422] veth1_macvtap: left promiscuous mode
[  939.944635][ T3422] veth0_macvtap: left promiscuous mode
[  939.972179][ T3422] veth1_vlan: left promiscuous mode
[  939.979749][ T3422] veth0_vlan: left promiscuous mode
[  963.392422][ T3422] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  964.357322][ T3422] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  965.133203][ T3422] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  966.075411][ T3422] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  979.044848][ T3422] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  979.116847][ T3422] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  979.176156][ T3422] bond0 (unregistering): Released all slaves
[  980.961231][ T3422] hsr_slave_0: left promiscuous mode
[  981.147273][ T3422] hsr_slave_1: left promiscuous mode
[  981.852013][ T3422] veth1_macvtap: left promiscuous mode
[  981.864558][ T3422] veth0_macvtap: left promiscuous mode
[  981.891014][ T3422] veth1_vlan: left promiscuous mode
[  981.900776][ T3422] veth0_vlan: left promiscuous mode
[ 1008.106172][ T3504] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1008.343287][ T3504] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1011.932057][ T3507] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1012.151992][ T3507] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1031.861436][ T3504] hsr_slave_0: entered promiscuous mode
[ 1031.940382][ T3504] hsr_slave_1: entered promiscuous mode
[ 1034.376020][ T3507] hsr_slave_0: entered promiscuous mode
[ 1034.398142][ T3507] hsr_slave_1: entered promiscuous mode
[ 1034.417246][ T3507] debugfs: 'hsr0' already exists in 'hsr'
[ 1034.422488][ T3507] Cannot create hsr debugfs directory
[ 1045.457235][ T3504] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1045.972968][ T3504] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1046.236711][ T3504] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1046.668392][ T3504] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1050.521722][ T3507] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1050.857522][ T3507] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1051.125476][ T3507] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1051.337692][ T3507] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1071.715717][ T3504] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1077.374503][ T3507] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1169.183950][ T3504] veth0_vlan: entered promiscuous mode
[ 1170.028535][ T3504] veth1_vlan: entered promiscuous mode
[ 1172.933042][ T3504] veth0_macvtap: entered promiscuous mode
[ 1173.782870][ T3504] veth1_macvtap: entered promiscuous mode
[ 1174.322720][ T3507] veth0_vlan: entered promiscuous mode
[ 1175.916587][ T3507] veth1_vlan: entered promiscuous mode
[ 1178.016102][ T3251] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1178.024629][ T3251] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1178.141333][ T3251] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1178.152049][ T3251] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1181.482963][ T3507] veth0_macvtap: entered promiscuous mode
[ 1182.093008][ T3507] veth1_macvtap: entered promiscuous mode
[ 1186.235335][ T2125] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1186.242125][ T2125] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1186.374994][ T2125] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1186.376555][ T2125] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1246.470133][   T25] audit: type=1400 audit(1245.680:101): avc:  denied  { write } for  pid=3762 comm="syz.3.16" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1249.215872][   T25] audit: type=1400 audit(1248.290:102): avc:  denied  { execute } for  pid=3768 comm="syz.2.17" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=6101 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[ 1320.214586][   T25] audit: type=1400 audit(1319.370:103): avc:  denied  { setattr } for  pid=3816 comm="syz.3.27" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1601.058159][   T25] audit: type=1400 audit(1600.300:104): avc:  denied  { map } for  pid=3997 comm="syz.3.70" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1611.812871][ T4003] kvm [4003]: Failed to find VMA for hva 0x20c01000
[ 1693.898095][ T4045] kvm [4045]: Failed to find VMA for hva 0x21016000
[ 1694.153691][ T4045] kvm [4045]: Failed to find VMA for hva 0x21016000
[ 1974.365353][ T4143] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1974.701420][ T4143] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1986.146668][ T4150] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1986.528201][ T4150] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2006.014192][ T4143] hsr_slave_0: entered promiscuous mode
[ 2006.097585][ T4143] hsr_slave_1: entered promiscuous mode
[ 2006.171366][ T4143] debugfs: 'hsr0' already exists in 'hsr'
[ 2006.190865][ T4143] Cannot create hsr debugfs directory
[ 2016.345129][ T4150] hsr_slave_0: entered promiscuous mode
[ 2016.414380][ T4150] hsr_slave_1: entered promiscuous mode
[ 2016.472309][ T4150] debugfs: 'hsr0' already exists in 'hsr'
[ 2016.490643][ T4150] Cannot create hsr debugfs directory
[ 2024.240549][ T4143] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2025.047567][ T4143] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2025.844016][ T4143] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2026.187574][ T4143] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2038.995032][ T4150] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2039.466984][ T4150] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2039.987397][ T4150] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2040.537868][ T4150] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2068.146152][ T4143] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2076.930990][ T4145] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2078.092501][ T4145] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2078.956148][ T4145] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2080.294730][ T4145] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2084.305265][ T4150] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2100.584431][ T4145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2100.853795][ T4145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2101.123438][ T4145] bond0 (unregistering): Released all slaves
[ 2104.117497][ T4145] hsr_slave_0: left promiscuous mode
[ 2104.291969][ T4145] hsr_slave_1: left promiscuous mode
[ 2105.052274][ T4145] veth1_macvtap: left promiscuous mode
[ 2105.087307][ T4145] veth0_macvtap: left promiscuous mode
[ 2105.122080][ T4145] veth1_vlan: left promiscuous mode
[ 2105.144662][ T4145] veth0_vlan: left promiscuous mode
[ 2130.467363][ T3362] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2132.168493][ T3362] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2133.468184][ T3362] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2135.048420][ T3362] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2158.091450][ T3362] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2159.067152][ T3362] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2159.663884][ T3362] bond0 (unregistering): Released all slaves
[ 2162.457754][ T3362] hsr_slave_0: left promiscuous mode
[ 2162.652479][ T3362] hsr_slave_1: left promiscuous mode
[ 2163.209779][ T3362] veth1_macvtap: left promiscuous mode
[ 2163.213162][ T3362] veth0_macvtap: left promiscuous mode
[ 2163.240767][ T3362] veth1_vlan: left promiscuous mode
[ 2163.244464][ T3362] veth0_vlan: left promiscuous mode
[ 2262.327995][ T4143] veth0_vlan: entered promiscuous mode
[ 2263.402581][ T4143] veth1_vlan: entered promiscuous mode
[ 2266.254973][ T4143] veth0_macvtap: entered promiscuous mode
[ 2266.783600][ T4143] veth1_macvtap: entered promiscuous mode
[ 2270.177889][   T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2270.179809][   T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2270.191816][   T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2270.283545][ T3411] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2285.793636][ T4150] veth0_vlan: entered promiscuous mode
[ 2287.283553][ T4150] veth1_vlan: entered promiscuous mode
[ 2291.103574][ T4150] veth0_macvtap: entered promiscuous mode
[ 2291.922450][ T4150] veth1_macvtap: entered promiscuous mode
[ 2295.882595][ T4250] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2295.895275][ T4250] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2295.972616][ T4250] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2296.003195][ T4250] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2552.908574][ T4428] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2553.433996][ T4428] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2560.297292][ T4433] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2560.936701][ T4433] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2602.363022][   T12] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2604.446415][   T12] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2608.445484][   T12] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2609.638573][ T4428] hsr_slave_0: entered promiscuous mode
[ 2609.805737][ T4428] hsr_slave_1: entered promiscuous mode
[ 2610.463038][   T12] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2615.342501][ T4433] hsr_slave_0: entered promiscuous mode
[ 2615.435444][ T4433] hsr_slave_1: entered promiscuous mode
[ 2615.541530][ T4433] debugfs: 'hsr0' already exists in 'hsr'
[ 2615.543405][ T4433] Cannot create hsr debugfs directory
[ 2642.150379][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2642.546476][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2642.897751][   T12] bond0 (unregistering): Released all slaves
[ 2645.622629][   T12] hsr_slave_0: left promiscuous mode
[ 2645.678289][   T12] hsr_slave_1: left promiscuous mode
[ 2646.082734][   T12] veth1_macvtap: left promiscuous mode
[ 2646.086115][   T12] veth0_macvtap: left promiscuous mode
[ 2646.131143][   T12] veth1_vlan: left promiscuous mode
[ 2646.153874][   T12] veth0_vlan: left promiscuous mode
[ 2673.156912][ T3362] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2674.364006][ T3362] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2675.593375][ T3362] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2676.930466][ T3362] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2677.380770][ T4428] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 2677.906059][ T4428] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 2678.640225][ T4428] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 2680.051391][ T4428] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 2686.561787][ T4433] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 2687.474220][ T4433] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 2704.187078][ T3362] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2704.531168][ T3362] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2704.788078][ T3362] bond0 (unregistering): Released all slaves
[ 2705.908600][ T4433] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 2706.497029][ T4433] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 2707.655424][ T3362] hsr_slave_0: left promiscuous mode
[ 2707.740009][ T3362] hsr_slave_1: left promiscuous mode
[ 2708.471182][ T3362] veth1_macvtap: left promiscuous mode
[ 2708.531104][ T3362] veth0_macvtap: left promiscuous mode
[ 2708.536613][ T3362] veth1_vlan: left promiscuous mode
[ 2708.538117][ T3362] veth0_vlan: left promiscuous mode
[ 2745.175781][ T4428] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2763.585598][ T4433] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2895.969772][ T4428] veth0_vlan: entered promiscuous mode
[ 2897.386376][ T4428] veth1_vlan: entered promiscuous mode
[ 2901.361484][ T4428] veth0_macvtap: entered promiscuous mode
[ 2901.942005][ T4428] veth1_macvtap: entered promiscuous mode
[ 2905.830984][ T4145] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2905.841750][ T4145] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2905.875444][ T4145] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2905.881023][ T4145] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2916.238151][ T4433] veth0_vlan: entered promiscuous mode
[ 2917.685110][ T4433] veth1_vlan: entered promiscuous mode
[ 2921.876922][ T4433] veth0_macvtap: entered promiscuous mode
[ 2922.597085][ T4433] veth1_macvtap: entered promiscuous mode
[ 2926.647504][ T4564] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2926.704968][ T3984] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2926.841534][ T4250] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2926.845745][ T4250] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3039.980143][ T4564] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3043.065907][ T4564] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3044.706082][ T4564] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3046.557017][ T4564] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3078.115705][ T4564] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3078.893491][ T4564] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3079.202187][ T4564] bond0 (unregistering): Released all slaves
[ 3082.573045][ T4564] hsr_slave_0: left promiscuous mode
[ 3082.800488][ T4564] hsr_slave_1: left promiscuous mode
[ 3083.991523][ T4564] veth1_macvtap: left promiscuous mode
[ 3083.994884][ T4564] veth0_macvtap: left promiscuous mode
[ 3084.032739][ T4564] veth1_vlan: left promiscuous mode
[ 3084.072697][ T4564] veth0_vlan: left promiscuous mode
[ 3110.858189][ T4564] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3112.894301][ T4564] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3115.634646][ T4564] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3117.472126][ T4564] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3147.131195][ T4564] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3147.392510][ T4564] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3147.493331][ T4564] bond0 (unregistering): Released all slaves
[ 3149.423300][ T4564] hsr_slave_0: left promiscuous mode
[ 3149.473555][ T4564] hsr_slave_1: left promiscuous mode
[ 3150.100146][ T4564] veth1_macvtap: left promiscuous mode
[ 3150.101398][ T4564] veth0_macvtap: left promiscuous mode
[ 3150.126132][ T4564] veth1_vlan: left promiscuous mode
[ 3150.151726][ T4564] veth0_vlan: left promiscuous mode
[ 3193.098520][ T4715] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3193.494819][ T4715] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3216.765106][ T4730] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3217.084620][ T4730] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3227.435050][ T4715] hsr_slave_0: entered promiscuous mode
[ 3227.612251][ T4715] hsr_slave_1: entered promiscuous mode
[ 3250.674511][ T4715] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 3251.248039][ T4715] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 3251.761910][ T4715] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 3252.502096][ T4715] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 3257.733670][ T4730] hsr_slave_0: entered promiscuous mode
[ 3257.836684][ T4730] hsr_slave_1: entered promiscuous mode
[ 3257.944616][ T4730] debugfs: 'hsr0' already exists in 'hsr'
[ 3257.970475][ T4730] Cannot create hsr debugfs directory
[ 3279.934711][ T4730] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 3280.466166][ T4730] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 3281.051121][ T4730] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 3281.548032][ T4730] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 3291.684367][ T4715] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3322.143118][ T4730] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3471.583468][ T4715] veth0_vlan: entered promiscuous mode
[ 3472.895438][ T4715] veth1_vlan: entered promiscuous mode
[ 3477.287162][ T4715] veth0_macvtap: entered promiscuous mode
[ 3477.983852][ T4715] veth1_macvtap: entered promiscuous mode
[ 3482.583315][ T3411] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3482.632148][   T49] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3482.652657][   T49] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3482.653561][   T49] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3507.902254][ T4730] veth0_vlan: entered promiscuous mode
[ 3509.664240][ T4730] veth1_vlan: entered promiscuous mode
[ 3514.582968][ T4730] veth0_macvtap: entered promiscuous mode
[ 3515.513780][ T4730] veth1_macvtap: entered promiscuous mode
[ 3520.995959][   T49] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3521.003403][   T49] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3521.007370][   T49] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3521.008143][   T49] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3883.432077][ T5069] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3883.964669][ T5069] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3890.062748][ T5072] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3890.570759][ T5072] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3945.232545][ T5069] hsr_slave_0: entered promiscuous mode
[ 3945.307963][ T5069] hsr_slave_1: entered promiscuous mode
[ 3945.492435][ T5069] debugfs: 'hsr0' already exists in 'hsr'
[ 3945.503257][ T5069] Cannot create hsr debugfs directory
[ 3952.428293][ T5072] hsr_slave_0: entered promiscuous mode
[ 3952.656165][ T5072] hsr_slave_1: entered promiscuous mode
[ 3952.837490][ T5072] debugfs: 'hsr0' already exists in 'hsr'
[ 3952.859547][ T5072] Cannot create hsr debugfs directory
[ 4016.048552][ T5069] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 4017.696818][ T5069] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 4018.868322][ T5069] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 4021.576478][ T5069] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 4031.020651][ T5072] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 4031.627368][ T5072] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 4032.316749][ T5072] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 4033.257941][ T5072] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 4083.510932][ T5069] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4092.696511][ T5072] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4101.726518][   T27] INFO: task syz.9.149:5049 blocked for more than 430 seconds.
[ 4101.811267][   T27]       Not tainted syzkaller #0
[ 4101.840616][   T27]       Blocked by coredump.
[ 4101.841075][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 4101.841538][   T27] task:syz.9.149       state:D stack:0     pid:5049  tgid:5047  ppid:4730   task_flags:0x40044c flags:0x00000018
[ 4101.843000][   T27] Call trace:
[ 4101.843521][   T27]  __switch_to+0x584/0xb20 (T)
[ 4101.845623][   T27]  __schedule+0x1eec/0x33a4
[ 4101.846224][   T27]  schedule+0xac/0x27c
[ 4101.846730][   T27]  schedule_timeout+0x5c/0x1e4
[ 4101.847158][   T27]  do_wait_for_common+0x28c/0x444
[ 4101.847710][   T27]  wait_for_completion+0x44/0x5c
[ 4101.848194][   T27]  __synchronize_srcu+0x2a4/0x320
[ 4101.848670][   T27]  synchronize_srcu+0x3cc/0x4f0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 4102.038580][   T27]  __mmu_notifier_release+0x424/0x614
[ 4102.091367][   T27]  exit_mmap+0xb8/0xbb8
[ 4102.091975][   T27]  __mmput+0x10c/0x528
[ 4102.092462][   T27]  mmput+0x70/0xac
[ 4102.092960][   T27]  exit_mm+0x158/0x258
[ 4102.093408][   T27]  do_exit+0x788/0x2378
[ 4102.093886][   T27]  do_group_exit+0x1d4/0x2ac
[ 4102.094343][   T27]  get_signal+0x1440/0x1554
[ 4102.094835][   T27]  do_signal+0x23c/0x4dd0
[ 4102.095359][   T27]  do_notify_resume+0xb0/0x270
[ 4102.095837][   T27]  el0_svc+0xb8/0x164
[ 4102.096263][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 4102.096712][   T27]  el0t_64_sync+0x198/0x19c
[ 4102.098273][   T27] 
[ 4102.098273][   T27] Showing all locks held in the system:
[ 4102.276506][   T27] 2 locks held by kworker/u4:0/12:
[ 4102.301869][   T27]  #0: bdf000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 4102.304490][   T27]  #1: ffff80008c557c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 4102.306494][   T27] 1 lock held by khungtaskd/27:
[ 4102.306896][   T27]  #0: ffff800087806858 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[ 4102.467243][   T27] 2 locks held by getty/3179:
[ 4102.468061][   T27]  #0: 21f0000011d828a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 4102.522156][   T27]  #1: c6ff80008c54b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8
[ 4102.523938][   T27] 2 locks held by syz-executor/3311:
[ 4102.524282][   T27] 2 locks held by kworker/u4:3/3356:
[ 4102.524582][   T27]  #0: bdf000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 4102.526293][   T27]  #1: ffff80008fe07c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 4102.528055][   T27] 2 locks held by kworker/u4:5/3362:
[ 4102.528375][   T27] 3 locks held by kworker/u4:7/3411:
[ 4102.660924][   T27]  #0: fff0000072d80d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x2f0/0x33a4
[ 4102.682790][   T27]  #1: fff0000072d6c548 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x6c/0x6e8
[ 4102.684512][   T27]  #2: ffff80008c352000 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0x7c/0x51c
[ 4102.686288][   T27] 3 locks held by kworker/u4:9/4147:
[ 4102.686668][   T27] 3 locks held by kworker/u4:13/4564:
[ 4102.687054][   T27] 2 locks held by syz.8.148/5046:
[ 4102.687406][   T27] 3 locks held by kworker/u4:10/5091:
[ 4102.687788][   T27] 3 locks held by kworker/u4:15/5210:
[ 4102.688107][   T27] 1 lock held by modprobe/5211:
[ 4102.688410][   T27] 1 lock held by modprobe/5212:
[ 4102.847550][   T27] 
[ 4102.858311][   T27] =============================================
[ 4102.858311][   T27] 
[ 4102.871707][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[ 4102.876672][   T27] CPU: 0 UID: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT 
[ 4102.878175][   T27] Hardware name: linux,dummy-virt (DT)
[ 4102.879136][   T27] Call trace:
[ 4102.879996][   T27]  show_stack+0x2c/0x3c (C)
[ 4102.880918][   T27]  __dump_stack+0x30/0x40
[ 4102.881766][   T27]  dump_stack_lvl+0x30/0x12c
[ 4102.882627][   T27]  dump_stack+0x1c/0x28
[ 4102.883435][   T27]  vpanic+0x22c/0x59c
[ 4102.884267][   T27]  vpanic+0x0/0x59c
[ 4102.885039][   T27]  hung_task_panic+0x0/0x2c
[ 4102.885865][   T27]  kthread+0x794/0x9a0
[ 4102.886743][   T27]  ret_from_fork+0x10/0x20
[ 4102.888557][   T27] Kernel Offset: disabled
[ 4102.889271][   T27] CPU features: 0x000000,0001a300,5f7c67c1,057ffe1f
[ 4102.890377][   T27] Memory Limit: none
[ 4102.892651][   T27] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:24:56  Registers:
info registers vcpu 0

CPU#0
 PC=ffff800085b269f8 X00=0000000000000000 X01=ffff8000870e1ad0
X02=0000000000000006 X03=0000000000000002 X04=0000000000000000
X05=0000000000000000 X06=0000000000000000 X07=ffff800085a0a12c
X08=62f000000d9bbb00 X09=0000000040000000 X10=0000000000000062
X11=0000000000000062 X12=0fff000000d9bbf0 X13=0000000000000028
X14=0000000000002000 X15=ffff800080007680 X16=ffff800080010e20
X17=00000000000000db X18=00000000000000ff X19=e6f0000023db2f00
X20=efff800000000000 X21=000000000000004e X22=bdf00000264fd300
X23=0000000000000001 X24=0000000000000068 X25=00000000000000bd
X26=0000000061c88647 X27=cef0000015db1f01 X28=bdf00000264fd37f
X29=ffff800080007690 X30=ffff800085b27564  SP=ffff800080007560
PSTATE=60402009 -ZC- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=0000ffffa9c39960:0000ffffa9c39370 Z01=0000ffffa9c08060:0000ffffa9c070c0
Z02=0000ffffa99516e0:0000ffffa99510d0 Z03=0000ffffa9c38d10:0000ffffa9c07600
Z04=0000ffffa9c085a0:0000ffffa9c07b30 Z05=0000ffffa99510d0:0000ffffa9c08ad0
Z06=0000000000000000:0000000000000000 Z07=0000000000000000:0000000000000000
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000000000000000:0000000000000000 Z17=0000000000000000:0000000000000000
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000