last executing test programs:

1h4m43.360037941s ago: executing program 32 (id=252):
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) (async)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x6030000000100016, &(0x7f0000000000)=0x4}) (async)
ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x6030000000100016, &(0x7f0000000000)=0x4})
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) (async)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x3000)=nil, r1, 0x3000007, 0x10110, r0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3a) (async)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3a)
syz_kvm_vgic_v3_setup(r2, 0x2, 0x0)
ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f00000000c0)=@arm64_fp={0x604000000010007b, &(0x7f0000000080)=0x5})
r3 = ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, &(0x7f0000000100)={0x1, 0x6306})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x501801, 0x0)
close(r4)
ioctl$KVM_GET_STATS_FD_vm(r2, 0xaece) (async)
r5 = ioctl$KVM_GET_STATS_FD_vm(r2, 0xaece)
ioctl$KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f00000001c0)=@attr_other={0x0, 0x8, 0x101, &(0x7f0000000180)=0x5})
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) (async)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x3c)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000200)={0x9, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000200)={0x9, 0xffffffffffffffff, 0x1})
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000240)={0xd6a1, 0x4000, 0x8, r5, 0x9})
ioctl$KVM_SET_USER_MEMORY_REGION2(r6, 0x40a0ae49, &(0x7f0000000280)={0x1, 0x0, 0x2, 0x2000, &(0x7f0000ffd000/0x2000)=nil, 0x6, r3}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION2(r6, 0x40a0ae49, &(0x7f0000000280)={0x1, 0x0, 0x2, 0x2000, &(0x7f0000ffd000/0x2000)=nil, 0x6, r3})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x102, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee2, &(0x7f00000003c0)=@attr_other={0x0, 0x9, 0x1ff, &(0x7f0000000380)=0xc6})
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r5, 0x4010aeb5, &(0x7f0000000400)={0xffffffffffff8000, 0x10001})
ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000440))
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x34) (async)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x34)
ioctl$KVM_GET_STATS_FD_vm(r8, 0xaece)
r9 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x8)
ioctl$KVM_CAP_PTP_KVM(r9, 0x4068aea3, &(0x7f0000000480)) (async)
ioctl$KVM_CAP_PTP_KVM(r9, 0x4068aea3, &(0x7f0000000480))
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r0, 0x4018aee2, &(0x7f0000000500)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x10001})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000580)=@attr_other={0x0, 0x6, 0x50, &(0x7f0000000540)=0x82})
syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1a)

1h4m37.66297784s ago: executing program 33 (id=253):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
r4 = eventfd2(0x0, 0x0)
close(r4)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
write$eventfd(r4, &(0x7f0000000180)=0x5, 0xfffffde3)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r0, 0x4018aee3, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0xc, 0xc87}})
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)

59m21.50116716s ago: executing program 2 (id=254):
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x2132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
write$eventfd(r2, &(0x7f00000001c0)=0x7ffffff, 0xfdef) (async)
write$eventfd(r2, &(0x7f00000001c0)=0x7ffffff, 0xfdef)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x820c0, 0x0)
r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, &(0x7f0000000040)=[@hvc={0x32, 0x40, {0x84000013, [0x9, 0x1, 0x3, 0x6, 0xa]}}], 0x40}, &(0x7f00000000c0)=[@featur2={0x1, 0x69}], 0x1)
ioctl$KVM_GET_STATS_FD_cpu(r3, 0xaece)

59m9.445096194s ago: executing program 2 (id=256):
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil)
r0 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r2, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x810, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2040, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x76d107, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil) (async)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) (async)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r2, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x810, 0xffffffffffffffff, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2040, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x76d107, 0x0) (async)

58m55.214745337s ago: executing program 2 (id=257):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0xa0200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000ffb000/0x3000)=nil})

58m49.612192288s ago: executing program 3 (id=255):
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil) (async)
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil) (async)
r1 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) (async)
r4 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000000000/0x400000)=nil) (async)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x2}) (async)
syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000040)={0x0, &(0x7f0000000240)=[@uexit={0x0, 0x18, 0x5}, @smc={0x1e, 0x40, {0xc400000d, [0x9, 0x9, 0x6, 0x103e, 0x40]}}, @smc={0x1e, 0x40, {0xc4000010, [0xfffffffffffffff9, 0x91, 0xd8, 0x7]}}, @svc={0x122, 0x40, {0x100, [0x7fff, 0x2, 0x5, 0x6]}}, @hvc={0x32, 0x40, {0xc8000007, [0x4, 0x5, 0x8, 0x10, 0xffff]}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x0, 0x4, 0x4, 0xb191, 0x3}}, @its_send_cmd={0xaa, 0x28, {0x397b2fc232eb955c, 0x0, 0x3, 0xa, 0x67d4313f, 0x10001, 0x2}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x3b9}}, @irq_setup={0x46, 0x18, {0x1ff, 0x3c7}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x8c}}], 0x1d0}, &(0x7f0000000080)=[@featur1={0x1, 0x4}], 0x1) (async)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r3, 0x300000a, 0x16831, r6, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)

58m7.723709864s ago: executing program 34 (id=257):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0xa0200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000ffb000/0x3000)=nil})

58m0.010779996s ago: executing program 35 (id=255):
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil) (async)
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil) (async)
r1 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) (async)
r4 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000000000/0x400000)=nil) (async)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x2}) (async)
syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000040)={0x0, &(0x7f0000000240)=[@uexit={0x0, 0x18, 0x5}, @smc={0x1e, 0x40, {0xc400000d, [0x9, 0x9, 0x6, 0x103e, 0x40]}}, @smc={0x1e, 0x40, {0xc4000010, [0xfffffffffffffff9, 0x91, 0xd8, 0x7]}}, @svc={0x122, 0x40, {0x100, [0x7fff, 0x2, 0x5, 0x6]}}, @hvc={0x32, 0x40, {0xc8000007, [0x4, 0x5, 0x8, 0x10, 0xffff]}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x0, 0x4, 0x4, 0xb191, 0x3}}, @its_send_cmd={0xaa, 0x28, {0x397b2fc232eb955c, 0x0, 0x3, 0xa, 0x67d4313f, 0x10001, 0x2}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x3b9}}, @irq_setup={0x46, 0x18, {0x1ff, 0x3c7}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x8c}}], 0x1d0}, &(0x7f0000000080)=[@featur1={0x1, 0x4}], 0x1) (async)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r3, 0x300000a, 0x16831, r6, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)

49m55.720722832s ago: executing program 5 (id=268):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xb}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x7, <r7=>0xffffffffffffffff})
r8 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r11})
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r10, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f0000000080)={0x4, 0x80a0000, 0x4, r11})
r12 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0})
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r3, 0x4068aea3, &(0x7f0000000240)={0xe4, 0x0, 0x6})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)
r13 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_ONE_REG(r15, 0x4010aeac, &(0x7f0000000080)=@arm64_sys={0x603000000013c4f1, &(0x7f00000001c0)=0x3})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r15, 0x4018aee1, &(0x7f0000000080)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0xd2})

49m30.632554028s ago: executing program 5 (id=270):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xdddd1000, 0x0, r2})
close(r1)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x3, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8800, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = eventfd2(0x40000000, 0x80000)
ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x2, r10, 0x3})
ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f0000000080)={0x5, 0x0, 0x2, r10, 0xa})
r11 = ioctl$KVM_CREATE_VM(r7, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r11, 0xb703, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r4, r12, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)

49m29.584218896s ago: executing program 4 (id=271):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r4, 0x4018aee2, &(0x7f0000000140)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f00000000c0)=0x19})
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x7a)

49m19.364800393s ago: executing program 4 (id=272):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x21)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_GET_STATS_FD_vm(r3, 0xaece)
r4 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
r7 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000001c0)="04198bd844c9e8a7b82d748f0f0244293d28bd9440bfc2ed44db9969759357abab8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b2e5c3ad3c9952305abf0", 0x0, 0x48) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) (async)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) (async)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x28)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0x80086601, 0x20000000)
r10 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, 0x0}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION2(r8, 0x40a0ae49, &(0x7f0000000100)={0x3, 0x2, 0x8000000, 0x2000, &(0x7f0000c0c000/0x2000)=nil, 0xfffffffffffffff0}) (async)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100)
syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) (async)
syz_kvm_setup_cpu$arm64(r3, r13, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="22010000000000004000000000000000c545958500000000050000000000000085c1f03a0000000003000000000000000e00000000000000b90a0000000000001400000000000000200000000000000020e713000000306074000000000000000a000000000000008400000000000000000028d5c0c28fd20080b8f2e10080d2420180d2030080d2640080d2020000d400a8200e0020c09a0000c0280008207c008008d50000c07860cd9bd200a0b8f2610080d2620180d2c30180d2e40180d2020000d4802891d20080b8f2410180d2020180d2630180d2840080d2020000d4c0035fd66e00000000000000300000000000000000f00000000000008c0b000000000000090000000000000004000000000000000000000000000000180000000000000006000000000000004600000000000000180000000000000003000000c101000014000000000000002000000000000000d8e613000000306001000000000000006e00000000000000300000000000000000000a0800000000c000000000000000000000000000000006000000000000004600000000000000180000000000000001000000c403000000000000000000001800000000000000a7d3000000000000140000000000000020000000000000007fdf130000003060330000000000000046000000000000001800000000000000030000007d0300008200000000000000280000000000000000000000000000000300000000000000f30300000000000014000000000000002000000000000000d2e6130000003060ff03000000000000e6000000000000001800000000000000fcffffffffffffff140000000000000020000000010000000000000000003060ffffffffffffffffe6000000000000001800000000000000f84b0000000000001e00000000000000400000000000000011000084000000000a870000000000004000000000000000feffffffffffffff0500000000000000b9990000000000006e0000000000000030000000000000000000000800000033dd0200000000000006000000000000000100000000000000be000000000000001800000000000000a0e2130000003060e600000000000000180000000000000002000000000000000a000000000000009c00000000000000001c4093002c202e007008d500c980d20000b0f2e10080d2620180d2230080d2440080d2020000d4007008d5407187d20040b8f2a10080d2820080d2430080d2840180d2020000d420f99cd200e0b0f2610180d2820180d2430180d2240080d2020000d4c08687d20020b0f2c10080d2420180d2a30080d2c40080d2020000d4000028d50080000fc0035fd614000000000000002000000000000000e2dc1300000030605bd50000000000008200000000000000280000000000000004000000000000000100000000000000f70300000000000032000000000000004000000000000000020000800000000004000000000000004142020000000000000000000000000003000000000000000e00000000000000460000000000000018000000000000000300000082020000000000000000000018000000000000000300000000000000"], 0x488}], 0x1, 0x0, &(0x7f0000000080)=[@featur2={0x1, 0xfd}], 0x1)

49m4.833112656s ago: executing program 5 (id=273):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000080)={0x9, 0x4})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r5 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r4, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r4, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x200000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x64c943, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
ioctl$KVM_RUN(r13, 0x8000ae8c, 0x0)
ioctl$KVM_KVMCLOCK_CTRL(r13, 0xaead)
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0x0, 0x7, &(0x7f0000000100)=0x5})
r14 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000140)={0x4, <r15=>0xffffffffffffffff})
r16 = ioctl$KVM_CREATE_VM(r15, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r16, 0x8004b709, 0x0)

49m2.839156742s ago: executing program 4 (id=274):
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x66)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r5, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CLEAR_DIRTY_LOG(r7, 0xc018aec0, &(0x7f0000000000)={0x1, 0x300, 0x2c0, 0x0})
munmap(&(0x7f0000e9d000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000140)={0x4, <r10=>0xffffffffffffffff, 0x1})
r11 = ioctl$KVM_CREATE_VM(r10, 0x894c, 0x24)
ioctl$KVM_CREATE_VCPU(r11, 0xb703, 0x0)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r3, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0)

48m27.198350945s ago: executing program 5 (id=275):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1c)
close(r0)
ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x9)
ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000000)={0x5, 0x0, [{0x6, 0x1, 0x1, 0x0, @irqchip={0x2, 0x2}}, {0x5, 0x4, 0x1, 0x0, @sint={0x8, 0xa2b5}}, {0x7, 0x3, 0x0, 0x0, @irqchip={0x401, 0xffffffff}}, {0x334, 0x1, 0x0, 0x0, @adapter={0x4, 0xd563, 0x8, 0x401, 0x1}}, {0x5, 0x8, 0x1, 0x0, @irqchip={0x1, 0x5}}]})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f0000000100)={0x5000, 0x4000, 0x1})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r0, 0x4068aea3, &(0x7f0000000180)={0xc0, 0x0, 0xc000})
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r0, 0x4068aea3, &(0x7f0000000200)={0xa8, 0x0, 0x1})
ioctl$KVM_CAP_ARM_USER_IRQ(r0, 0x4068aea3, &(0x7f0000000280))
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000640)={0x0, &(0x7f0000000300)=[@msr={0x14, 0x20, {0x603000000013c602, 0x6}}, @hvc={0x32, 0x40, {0x80000001, [0x4, 0x9, 0x4, 0x7, 0x225f]}}, @uexit={0x0, 0x18, 0x8}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x2dc}}, @memwrite={0x6e, 0x30, @generic={0xeeef0000, 0x639, 0x9, 0xf}}, @hvc={0x32, 0x40, {0xc4000004, [0x9, 0x3357, 0xfffffffffffffff9, 0xfff, 0x2c]}}, @code={0xa, 0xb4, {"00f4000f205191d200c0b0f2810180d2220180d2230080d2240180d2020000d4007008d5000000f220a281d200c0b8f2210080d2420180d2630180d2a40180d2020000d4200585d20020b0f2e10080d2a20080d2c30080d2c40080d2020000d40000af9e0020000d80c490d200c0b0f2810080d2c20180d2230180d2640180d2020000d440fc86d200e0b8f2010080d2820080d2a30080d2440180d2020000d4"}}, @smc={0x1e, 0x40, {0x84000050, [0x9, 0xbe, 0x0, 0x5, 0x4f]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xe00, 0xc43, 0x8}}, @svc={0x122, 0x40, {0x84000004, [0x7ff, 0x0, 0x5, 0x4bf503aa, 0x8]}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x21e}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x3, 0x0, 0x2, 0x2, 0x3}}, @irq_setup={0x46, 0x18, {0x0, 0x40}}, @irq_setup={0x46, 0x18, {0x2, 0x23f}}, @uexit={0x0, 0x18, 0xfe45}], 0x30c}, &(0x7f0000000680)=[@featur2={0x1, 0xeb}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f0000000700)=@attr_irq_timer={0x0, 0x1, 0x0, &(0x7f00000006c0)=0x1f})
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r0, 0x4068aea3, &(0x7f0000000740))
r3 = eventfd2(0x4, 0x80800)
write$eventfd(r3, &(0x7f00000007c0)=0x5, 0x8)
ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x9)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r0, 0x4068aea3, &(0x7f0000000800))
ioctl$KVM_GET_DEVICE_ATTR_vm(r0, 0x4018aee2, &(0x7f00000008c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000880)={0x9, 0x9, 0x1}})
ioctl$KVM_CAP_DIRTY_LOG_RING(r0, 0x4068aea3, &(0x7f0000000900))
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
r5 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, r4, 0x5000007, 0x80010, r5, 0x0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x17)
ioctl$KVM_CAP_PTP_KVM(r6, 0x4068aea3, &(0x7f0000000980))
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000000a00)={0xdddd0000, 0x101000})
ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r6, 0x4008ae73, &(0x7f0000000a40)={0x7, 0x80})
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000d3c000/0x1000)=nil, r4, 0x0, 0x100010, r2, 0x0)
ioctl$KVM_RESET_DIRTY_RINGS(r0, 0xaec7)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bc4000/0x400000)=nil)

48m26.715022915s ago: executing program 4 (id=276):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x7e)
r1 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x20000000)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x4)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
r8 = ioctl$KVM_CREATE_VM(r7, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xb704, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000000)={0x7})
r9 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000080)={0x0, 0xf000, 0x0, r9})
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000})
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f00000000c0)={0x8})
ioctl$KVM_SIGNAL_MSI(r4, 0x4020aea5, &(0x7f0000000000)={0x6000})
r10 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r11 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000573000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, &(0x7f0000000800)=[@msr={0x14, 0x20, {0x603000000013f600, 0x3}}, @uexit={0x0, 0x18, 0x1}, @eret={0xe6, 0x18, 0x6}, @memwrite={0x6e, 0x30, @generic={0x0, 0xf13, 0x3, 0x4}}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x2f1}}, @irq_setup={0x46, 0x18, {0x2, 0x2ca}}, @uexit={0x0, 0x18, 0x2}, @svc={0x122, 0x40, {0x8, [0x7, 0x100, 0x8000000000000001, 0xd, 0x8]}}, @code={0xa, 0x9c, {"003794d200a0b0f2810080d2220080d2c30080d2640080d2020000d480f09ed200c0b8f2210080d2420080d2630080d2840180d2020000d4007008d5c00291d20020b0f2e10180d2620180d2830080d2a40180d2020000d4000028d5007008d500d4a00e003c005300e4000f60d89fd200e0b8f2e10080d2620180d2030080d2640080d2020000d4"}}, @eret={0xe6, 0x18, 0x4}, @eret={0xe6, 0x18, 0x1}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x4, 0x3, 0x7eb, 0x8}}, @irq_setup={0x46, 0x18, {0x2, 0x338}}, @smc={0x1e, 0x40, {0x84000050, [0x1, 0xfffffffffffffeff, 0x3, 0x8001, 0x5]}}, @svc={0x122, 0x40, {0x84000000, [0x5, 0x40, 0x5a8, 0x9, 0x10000]}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x0, 0x3, 0xfffffff9, 0xdc9, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x0, 0x1, 0x6, 0x6f82, 0x3}}, @code={0xa, 0x9c, {"c0358cd20040b8f2c10180d2220080d2630180d2440180d2020000d40038601e007008d5007008d500c0241e007008d5c0b19dd20080b0f2410180d2220180d2030080d2640180d2020000d4007008d5e0de85d200a0b0f2210180d2c20080d2830080d2640080d2020000d4e04580d200c0b0f2a10180d2c20180d2e30080d2c40180d2020000d4"}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x3fa}}, @mrs={0xbe, 0x18, {0x603000000013804d}}, @msr={0x14, 0x20, {0x50280000001a0500, 0x5}}, @msr={0x14, 0x20, {0x603000000013e664, 0xfffffffffffffff7}}, @smc={0x1e, 0x40, {0x4000000, [0x80000000, 0xfffffffffffffff9, 0x6]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x10, 0x5, 0x1}}, @uexit={0x0, 0x18, 0x5}, @uexit={0x0, 0x18, 0x9}, @svc={0x122, 0x40, {0x2, [0x7f, 0x75e, 0x7, 0x1, 0x9]}}], 0x4f0}, &(0x7f00000001c0)=[@featur2={0x1, 0x40}], 0x1)
r12 = eventfd2(0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000000)={r12, 0x0, 0x3, r12})
r13 = eventfd2(0x0, 0x0)
ioctl$KVM_CREATE_VM(r13, 0x4020940d, 0x20000000)
r14 = openat$kvm(0xffffffffffffff9c, 0x0, 0x341, 0x0)
ioctl$KVM_CHECK_EXTENSION(r14, 0xae03, 0x59)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)

48m15.43218324s ago: executing program 5 (id=277):
r0 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xcd)
ioctl$KVM_CHECK_EXTENSION(r1, 0x40086602, 0x110e227ffe)

48m3.633123459s ago: executing program 4 (id=278):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x16, 0x4, 0x1}})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x11, r5, 0x40000)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000100)="b7fd70886788e8e0e522022a69832d0435b8dd45f22344477a3b4c9464506ced90a91e573a3ffae3de1fc5cd2dd6f1294366d73f78a3bf8c268782fc65b9a6b4f9aa43c1777b7837", 0x0, 0x48)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000240)=[@hvc={0x32, 0x40, {0x8600ff01, [0x7, 0x9, 0x8, 0xfffffffffffffff8, 0x100]}}], 0x40}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

47m57.860587015s ago: executing program 5 (id=279):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000c6a000/0x3000)=nil, 0x930, 0xf, 0xa35c3fe962aeff5, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000c6c000/0x2000)=nil, 0x930, 0x280000b, 0x11, r7, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (rerun: 64)
openat$kvm(0x0, 0x0, 0x940, 0x0) (async)
openat$kvm(0x0, 0x0, 0x940, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
syz_kvm_vgic_v3_setup(r9, 0x1, 0x100) (async)
syz_kvm_vgic_v3_setup(r9, 0x1, 0x100)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)

47m47.571435917s ago: executing program 4 (id=280):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xb8000, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x42)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x2f)
r3 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r4 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r7, 0x4018aee3, &(0x7f0000000100)=@attr_pmu_irq={0x0, 0x0, 0x0, 0x0})
syz_memcpy_off$KVM_EXIT_MMIO(r3, 0x20, 0x0, 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x400002, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f0000000040)=@arm64_ccsidr={0x6020000000110000, &(0x7f0000000000)=0x3})
r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x2)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
r17 = ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r17, 0x4004ae8b, &(0x7f0000000380)=ANY=[@ANYBLOB='\b\x00'])
r18 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r14, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r18, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)

47m10.04518135s ago: executing program 36 (id=279):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000c6a000/0x3000)=nil, 0x930, 0xf, 0xa35c3fe962aeff5, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000c6c000/0x2000)=nil, 0x930, 0x280000b, 0x11, r7, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (rerun: 64)
openat$kvm(0x0, 0x0, 0x940, 0x0) (async)
openat$kvm(0x0, 0x0, 0x940, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
syz_kvm_vgic_v3_setup(r9, 0x1, 0x100) (async)
syz_kvm_vgic_v3_setup(r9, 0x1, 0x100)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)

46m56.09365111s ago: executing program 37 (id=280):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xb8000, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x42)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x2f)
r3 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r4 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r7, 0x4018aee3, &(0x7f0000000100)=@attr_pmu_irq={0x0, 0x0, 0x0, 0x0})
syz_memcpy_off$KVM_EXIT_MMIO(r3, 0x20, 0x0, 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x400002, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f0000000040)=@arm64_ccsidr={0x6020000000110000, &(0x7f0000000000)=0x3})
r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x2)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
r17 = ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r17, 0x4004ae8b, &(0x7f0000000380)=ANY=[@ANYBLOB='\b\x00'])
r18 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r14, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r18, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)

39m27.302086887s ago: executing program 6 (id=281):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000100)={0x0, 0x5000, 0x0, 0xffffffffffffffff, 0xc})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_RESET_DIRTY_RINGS(r3, 0xaec7)

39m9.850214279s ago: executing program 6 (id=283):
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r0 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r1, 0x4018aee3, 0xffffffffffffffff)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, &(0x7f00000011c0)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x5})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0)
r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x3, <r6=>0xffffffffffffffff})
ioctl$KVM_CREATE_VM(r6, 0x400454ce, 0x110c230008)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000180)=ANY=[@ANYRESOCT=r6], 0x80}], 0x1, 0x0, 0x0, 0x29)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x3b)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f00000000c0)=@arm64_core={0x603000000010000a, &(0x7f0000000100)=0x8b})
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)

38m21.43114509s ago: executing program 38 (id=283):
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r0 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r1, 0x4018aee3, 0xffffffffffffffff)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, &(0x7f00000011c0)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x5})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0)
r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x3, <r6=>0xffffffffffffffff})
ioctl$KVM_CREATE_VM(r6, 0x400454ce, 0x110c230008)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000180)=ANY=[@ANYRESOCT=r6], 0x80}], 0x1, 0x0, 0x0, 0x29)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x3b)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f00000000c0)=@arm64_core={0x603000000010000a, &(0x7f0000000100)=0x8b})
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)

36m53.894224395s ago: executing program 7 (id=291):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x2, 0x0, 0x1, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000002990450e9f9f8314bd4511deadc4d3c95118459035cc9a44ce8af932d7276713fc51fc2952cca291d844731cbf4e16f1ecab7e586fb6cccb58a8fd9230817aef3157d919a3dbadb5d7f5d34b94c61dd374698736e8fe2b29652fbdf0b9c62b812d260338027ee1ef6f83a7d2b80614df06498b9f21d00b4dcb81924c3d8f9482afbab5"])

36m42.260094548s ago: executing program 7 (id=292):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0x40086602, 0x110e22ffff)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)
r4 = eventfd2(0xfffffffa, 0x80001)
write$eventfd(r4, &(0x7f0000000200)=0x8, 0x8)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="37d3116035d7513e9a000200018000", 0x0, 0x43)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x20000000)
ioctl$KVM_CHECK_EXTENSION(r3, 0x40086602, 0x110e227ffe)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x28)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_cpu$arm64(r6, r8, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000240)=[@its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x4, 0x0, 0x9, 0x3}}, @eret={0xe6, 0x18, 0x1}, @smc={0x1e, 0x40, {0x84000009, [0x5, 0x10, 0xd7f, 0x1000, 0x5]}}, @irq_setup={0x46, 0x18, {0x0, 0x5a}}, @mrs={0xbe, 0x18, {0x6030000000139828}}, @msr={0x14, 0x20, {0x603000000013c085, 0x100000001}}, @hvc={0x32, 0x40, {0xc400000d, [0xffffffff, 0x100, 0x6, 0x7, 0x8000000000000000]}}, @hvc={0x32, 0x40, {0x84000003, [0x4, 0x8, 0x6, 0x6, 0xe1]}}, @mrs={0xbe, 0x18, {0x77fe}}], 0x168}], 0x1, 0x0, 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r9 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)

36m27.476940665s ago: executing program 7 (id=293):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2b)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x1, 0xe000, 0x1})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000001480)={0xfffffffffffffdfd, 0x13000, 0x1})
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
ioctl$KVM_CREATE_VM(r2, 0x40049409, 0xf)

36m17.313867068s ago: executing program 7 (id=294):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138002, 0x7ffc}}], 0x20}, 0x0, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x6, 0x2, 0x1}}], 0x28}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r6, 0x3, 0xa0) (async)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000100)={0x8, <r9=>0xffffffffffffffff}) (async)
r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@uexit={0x0, 0x18, 0x4}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000300)=@attr_arm64={0x0, 0x4, 0x1, 0x0}) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r14 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000040)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x110c230000}) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0) (async)
r15 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
close(r16)
r17 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r18 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r17, 0xae04)
r19 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r18, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r19, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)

36m1.964849003s ago: executing program 7 (id=295):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f00000002c0)={0x2710, 0x0, &(0x7f0000dc2000/0x4000)=nil})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x1}}], 0x28}, 0x0, 0x0)
r9 = syz_kvm_vgic_v3_setup(r1, 0x3, 0xa0)
r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x7, 0x0, &(0x7f0000000140)=0x4})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x8, <r12=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000000280)=@attr_other={0x0, 0x2000000, 0xffffffffffffffff, &(0x7f0000000240)})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000300)=@attr_arm64={0x0, 0x4, 0x1, 0x0})

35m34.230319008s ago: executing program 7 (id=296):
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r0 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c74000/0x4000)=nil, r0, 0x1000006, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_FINALIZE(r5, 0x4004aec2, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r6 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e1d000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000080)=@arm64_fw={0x6030000000140002, &(0x7f0000000000)=0x5})
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)

34m46.171196137s ago: executing program 39 (id=296):
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r0 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c74000/0x4000)=nil, r0, 0x1000006, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_FINALIZE(r5, 0x4004aec2, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r6 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e1d000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000080)=@arm64_fw={0x6030000000140002, &(0x7f0000000000)=0x5})
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)

27m33.181889959s ago: executing program 8 (id=301):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x420100, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x40}, 0x0, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r5, 0x3, 0x11, r4, 0x0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r7, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0)
mmap$KVM_VCPU(&(0x7f0000e9b000/0x2000)=nil, r5, 0x2, 0x1010, r7, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0x40086602, 0x20000000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x7)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000500)={0x10002, 0x2, 0x4000, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)

27m19.096139871s ago: executing program 8 (id=302):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x185f02, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x4000003c)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9, 0x0, 0x1}})

27m7.130703022s ago: executing program 8 (id=303):
r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x5)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r1, 0x4068aea3, &(0x7f0000000280)={0xa8, 0x0, 0x3})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x300, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x28)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r3, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000200)={0x0, &(0x7f0000000500)=[@mrs={0xbe, 0x18, {0x6030000000138056}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x13, r4, 0x40000)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x7)

26m46.655360754s ago: executing program 8 (id=304):
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r0, 0x4208ae9b, &(0x7f00000001c0)={0x10000, 0x0, {[0x1, 0xb, 0x1, 0x2, 0xfff, 0x1, 0x2, 0xcfa, 0xfffffffffffffffb, 0xfffffffffffff801, 0x1, 0x0, 0x10000, 0x9, 0x8336, 0x8], [0x8001, 0x2, 0x4, 0x9, 0x80000001, 0x6, 0xc, 0x80, 0x7, 0xf776, 0x8, 0xffffffff, 0x3, 0x7, 0x8000000000000000, 0x1], [0x6, 0x7, 0xb, 0x9, 0x2, 0x6, 0x1000, 0x9, 0xb1c, 0xfffffffffffff7f8, 0x2, 0x40, 0x2ba38750, 0x8, 0x7, 0x200], [0x1, 0x1, 0x8, 0x8, 0x8000, 0x4, 0x3e1, 0x8000007f, 0xfffffffffffffffa, 0x28a, 0xfb, 0x8225, 0x34c, 0x0, 0x3, 0x7]}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f0000000000)={0x4, 0x0, &(0x7f0000c34000/0x4000)=nil})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c030})
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, 0x930, 0x2000007, 0x13, r0, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f00000000c0)={0xffffffffffffffff, 0x8, 0x3, r6})
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000d37000/0x2000)=nil, 0x930, 0x2, 0x8010, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, r0, 0x0)
r7 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$KVM_SET_USER_MEMORY_REGION2(r7, 0x40a0ae49, &(0x7f0000000100)={0x3, 0x2, 0x4, 0x2000, &(0x7f0000c0c000/0x2000)=nil, 0x4})
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000ea2000/0x3000)=nil, 0x930, 0xa, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
r8 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000040)={0x7, 0xffffffffffffffff, 0x1})

26m22.408912614s ago: executing program 8 (id=305):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_GET_REGS(r3, 0x8360ae81, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x47430d12b34c1f25, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000d70000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)

26m20.344012694s ago: executing program 9 (id=297):
r0 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) (async)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000640)={0x0, &(0x7f0000000600)=[@its_setup={0x82, 0x28, {0x2, 0x1, 0x3c6}}], 0x28}, &(0x7f0000000680)=[@featur1={0x1, 0x10}], 0x1)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x1000)=nil, r0, 0x2, 0x48010, r1, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2e)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x11}) (async)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) (async, rerun: 64)
munmap(&(0x7f0000fff000/0x1000)=nil, 0x1000) (async, rerun: 64)
syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000c00000/0x400000)=nil, &(0x7f00000000c0)=[{0x0, &(0x7f0000000180)=[@irq_setup={0x46, 0x18, {0x4, 0x24d}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x0, 0xffffffff, 0x8}}, @hvc={0x32, 0x40, {0x4000, [0x8, 0x4c95a229, 0x6, 0x2, 0xffffffffffffffff]}}, @smc={0x1e, 0x40, {0x80000002, [0x1, 0x6, 0x8, 0x7a, 0xd]}}, @irq_setup={0x46, 0x18, {0x2, 0xb3}}, @irq_setup={0x46, 0x18, {0x1, 0x302}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x10, 0x1, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013e6d9}}, @eret={0xe6, 0x18, 0xfffffffffffffff7}, @hvc={0x32, 0x40, {0x84000002, [0xbfd, 0x40, 0xf2, 0x9, 0x8]}}, @hvc={0x32, 0x40, {0x84000051, [0x5, 0xfffffffffffffff9, 0x8, 0x7, 0x87b4]}}, @mrs={0xbe, 0x18, {0x603000000013c10b}}, @hvc={0x32, 0x40, {0x3f000000, [0x0, 0x4, 0x9, 0x3]}}, @smc={0x1e, 0x40, {0xc400000d, [0x10000, 0xfffffffffffffc00, 0x3, 0x95, 0x80]}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x36e}}, @eret={0xe6, 0x18, 0x6}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff8, 0x8000, 0x7}}, @msr={0x14, 0x20, {0x603000000013df1a, 0x200}}, @eret={0xe6, 0x18, 0x5}, @uexit={0x0, 0x18, 0x8000000000000000}, @msr={0x14, 0x20, {0x603000000013806e, 0xa8e}}, @irq_setup={0x46, 0x18, {0x0, 0x159}}, @svc={0x122, 0x40, {0x84000052, [0x6, 0x8, 0xb5, 0x3a]}}, @code={0xa, 0x54, {"20388ed200a0b8f2c10080d2820080d2c30080d2240180d2020000d4000028d5007008d50014007f000008d5007008d5007008d5007008d5000000310000601f"}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x6000, 0x6}}, @hvc={0x32, 0x40, {0x2000000, [0x3, 0xec0, 0x7, 0xb, 0x81]}}], 0x46c}], 0x1, 0x0, &(0x7f0000000100)=[@featur2={0x1, 0xc}], 0x1) (async, rerun: 32)
munmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000) (rerun: 32)

25m54.480549876s ago: executing program 8 (id=306):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x2, 0x9, 0x0, 0x80}}], 0x50}, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x21)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r7, 0x0)
ioctl$KVM_GET_REGS(0xffffffffffffffff, 0x8360ae81, &(0x7f0000000600))
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil})
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)

25m54.094396034s ago: executing program 9 (id=307):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x6000, 0x2000, 0x1})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000700)={0x7, 0x0})
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_IRQ_LINE(r4, 0x4008ae61, &(0x7f0000000240)={0x200002f})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x10000, 0x5, 0xeeef0000, 0x1000, &(0x7f0000ffc000/0x1000)=nil})
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x2, 0x1}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x62}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = syz_kvm_vgic_v3_setup(r12, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r13, 0x4018aee2, &(0x7f0000000080)=@attr_other={0x0, 0x9, 0x5660b638, 0x0})
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013df1a, &(0x7f0000000040)=0xffffffffffffffff})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

25m6.852607779s ago: executing program 40 (id=306):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x2, 0x9, 0x0, 0x80}}], 0x50}, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x21)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r7, 0x0)
ioctl$KVM_GET_REGS(0xffffffffffffffff, 0x8360ae81, &(0x7f0000000600))
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil})
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)

24m59.311676032s ago: executing program 41 (id=307):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x6000, 0x2000, 0x1})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000700)={0x7, 0x0})
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_IRQ_LINE(r4, 0x4008ae61, &(0x7f0000000240)={0x200002f})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x10000, 0x5, 0xeeef0000, 0x1000, &(0x7f0000ffc000/0x1000)=nil})
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x2, 0x1}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x62}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = syz_kvm_vgic_v3_setup(r12, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r13, 0x4018aee2, &(0x7f0000000080)=@attr_other={0x0, 0x9, 0x5660b638, 0x0})
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013df1a, &(0x7f0000000040)=0xffffffffffffffff})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

2m55.740427757s ago: executing program 1 (id=379):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000040)=0xe7})
syz_kvm_vgic_v3_setup(r2, 0x2, 0x100)
close(r2)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)

2m31.358839135s ago: executing program 0 (id=380):
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000240)={0xdddd1000, 0x1000})
r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0xa5)
munmap(&(0x7f0000ff5000/0x1000)=nil, 0x1000)

2m29.976854754s ago: executing program 1 (id=381):
r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000001c0)={0x8}) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000001c0)={0x8, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4})
r3 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x1fe, 0x2, 0xffff1000, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000340)=0x8000000000000000}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000340)=0x8000000000000000})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x4, 0x1, 0x0})
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x40, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_vgic_v3_setup(r5, 0x3, 0xa0)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000140)=@attr_other={0x0, 0x4, 0x3, 0x0}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000140)=@attr_other={0x0, 0x4, 0x3, 0x0})
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x1000000, 0x5c1fd1b656592f1, r1, 0x0)

2m13.841229021s ago: executing program 1 (id=382):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x4, <r2=>0xffffffffffffffff, 0x1})
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x0, 0x7d7b465c1d30afba, 0xffffffffffffffff, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0xf81e, 0x200, 0x0})

2m12.131559033s ago: executing program 0 (id=383):
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f0000000000)={0x76dc8650, 0x4})
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0x40086602, 0x20000000)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_API_VERSION(r2, 0xae00, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x440, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x59)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
eventfd2(0x5, 0x800)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r10, r11, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c000})
r12 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
ioctl$KVM_ARM_VCPU_INIT(r12, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8})
ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000140)=@arm64_sys={0x603000000013dce0, &(0x7f0000000080)=0xffffffffffff0001})
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r6, 0x0)
syz_kvm_setup_cpu$arm64(r1, r6, &(0x7f0000009000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x10002, 0x4, 0xdddd0000, 0x1000, &(0x7f0000157000/0x1000)=nil})

1m57.474337591s ago: executing program 1 (id=384):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x20000000021)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r3, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f1, 0x8000}}, @msr={0x14, 0x20, {0x603000000013c4f2, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}, @msr={0x14, 0x20, {0x603000000013dce1, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce2, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce3, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce5, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x120}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r6, 0x3, 0x11, r5, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8400, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0xfffffffffffffffd)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000002c0)={0x0, &(0x7f0000000380)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x100, 0x1005, 0x9}}], 0x30}, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, <r13=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1m48.592949927s ago: executing program 0 (id=385):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000040)=0xe7})
syz_kvm_vgic_v3_setup(r2, 0x2, 0x100)
close(r2)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)

1m28.622499301s ago: executing program 1 (id=386):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2b)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000240)={0x1, 0xe000, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f00000000c0)={0x3000, 0x122000, 0x1})
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x26542, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_vgic_v3_setup(r7, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r8, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0xffffffff, 0x4, 0x0})
r9 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x42}], 0x1)
syz_kvm_vgic_v3_setup(r5, 0x1, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f00000005c0)=@attr_pmu_irq={0x0, 0x0, 0x0, 0x0})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r3, 0x4010ae68, &(0x7f0000001480)={0x0, 0x13000, 0x1})
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0xfffffffffffffffd)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x3d)
r12 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000200)={0x0, &(0x7f0000000500)=[@mrs={0xbe, 0x18, {0x6030000000138056}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(0xffffffffffffffff, 0xae03, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r13, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)

1m23.554270012s ago: executing program 0 (id=387):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x1a8}}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x2, 0x100)
r4 = eventfd2(0x1, 0x80001)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r4, 0x3})
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1})
syz_kvm_setup_cpu$arm64(r4, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, &(0x7f00000001c0)=[@irq_setup={0x46, 0x18, {0x4003, 0x39f}}, @code={0xa, 0x84, {"000c4078009c005f401d9dd20040b8f2a10180d2620080d2230180d2640180d2020000d4a06c94d20060b8f2e10080d2c20080d2e30180d2c40080d2020000d40004000f0028000e60cf9ed20040b8f2410080d2e20080d2a30080d2e40180d2020000d40060800d007008d5008008d5"}}, @msr={0x14, 0x20, {0x603000000013e200, 0x1}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff8, 0x4}}, @svc={0x122, 0x40, {0x5000000, [0x0, 0x5, 0x1, 0x3f, 0xb]}}, @eret={0xe6, 0x18, 0x400000000000009}, @eret={0xe6, 0x18, 0x3}, @hvc={0x32, 0x40, {0x6000000, [0x1, 0xd, 0x0, 0x1, 0x100]}}, @eret={0xe6, 0x18, 0x8}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x1, 0x4, 0x8, 0xfffffffc, 0x2}}, @hvc={0x32, 0x40, {0x84000003, [0x8, 0xa387, 0x2, 0x6, 0x4]}}, @svc={0x122, 0x40, {0x80000000, [0x0, 0x3, 0x7, 0x9, 0x9]}}, @mrs={0xbe, 0x18, {0x603000000013df5b}}], 0x274}], 0x1, 0x0, &(0x7f0000000140)=[@featur1={0x1, 0x1}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1m8.482415652s ago: executing program 1 (id=388):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x5) (async)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x5)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r2, 0x4018aee3, &(0x7f0000000080)=@attr_other={0x0, 0x3, 0x800, &(0x7f0000000000)=0x6})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31) (async)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2b)
ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000240)={0x1, 0xe000, 0x1}) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000240)={0x1, 0xe000, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000080)={0x3000, 0x122000, 0x1})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r7, 0x4010ae68, &(0x7f0000001480)={0xfdfd, 0x13000, 0x1})
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async)
r8 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0) (async)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x2e)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r12, r13, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000700)={0x0, 0x0}, 0x0, 0x0)

1m7.498737951s ago: executing program 0 (id=389):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x0, r3, 0x2}) (async)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x0, r3, 0x2})
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000000)={0x1, 0x0, 0x4, r3, 0x6}) (async)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000000)={0x1, 0x0, 0x4, r3, 0x6})
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x1, 0x100)
r6 = eventfd2(0x8, 0x80800)
ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f00000000c0)={r6, 0x3}) (async)
ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f00000000c0)={r6, 0x3})
ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f0000000000)={r6, 0x9, 0x3, r6})
ioctl$KVM_IRQ_LINE(r5, 0x4008ae61, &(0x7f0000000100)={0x6, 0x1})
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r7, 0x4018aee3, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x8, 0x7, 0x1}})
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xf10, 0x6243, 0x5}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r7, 0x1, 0x100)
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

50.068923549s ago: executing program 0 (id=390):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000100)={0x3, 0x2, 0xeeef0000, 0x2000, &(0x7f0000c0c000/0x2000)=nil, 0xfffffffffffffff0})
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013df64, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df7f, 0x8000}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
r6 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000240)={0x4, 0x9, 0x1}})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x2, 0x9, 0x0, 0x80}}], 0x50}, 0x0, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000100)={0x8, <r14=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x7, 0x1, 0x0})
syz_kvm_vgic_v3_setup(r9, 0x1, 0x100)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_CHECK_EXTENSION(r8, 0xae03, 0xa)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8, <r15=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r11, 0xae80, 0x0)

21.132317868s ago: executing program 42 (id=388):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x5) (async)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x5)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r2, 0x4018aee3, &(0x7f0000000080)=@attr_other={0x0, 0x3, 0x800, &(0x7f0000000000)=0x6})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31) (async)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2b)
ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000240)={0x1, 0xe000, 0x1}) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000240)={0x1, 0xe000, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000080)={0x3000, 0x122000, 0x1})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r7, 0x4010ae68, &(0x7f0000001480)={0xfdfd, 0x13000, 0x1})
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async)
r8 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0) (async)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x2e)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r12, r13, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000700)={0x0, 0x0}, 0x0, 0x0)

0s ago: executing program 43 (id=390):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000100)={0x3, 0x2, 0xeeef0000, 0x2000, &(0x7f0000c0c000/0x2000)=nil, 0xfffffffffffffff0})
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013df64, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df7f, 0x8000}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
r6 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000240)={0x4, 0x9, 0x1}})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x2, 0x9, 0x0, 0x80}}], 0x50}, 0x0, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000100)={0x8, <r14=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x7, 0x1, 0x0})
syz_kvm_vgic_v3_setup(r9, 0x1, 0x100)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_CHECK_EXTENSION(r8, 0xae03, 0xa)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8, <r15=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r11, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

[  389.350831][ T3151] 8021q: adding VLAN 0 to HW filter on device bond0
[  439.282217][ T3151] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:35639' (ED25519) to the list of known hosts.
[  603.331810][   T25] audit: type=1400 audit(602.560:61): avc:  denied  { name_bind } for  pid=3304 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  604.381338][   T25] audit: type=1400 audit(603.620:62): avc:  denied  { execute } for  pid=3305 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  604.419743][   T25] audit: type=1400 audit(603.640:63): avc:  denied  { execute_no_trans } for  pid=3305 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  630.192411][   T25] audit: type=1400 audit(629.430:64): avc:  denied  { mounton } for  pid=3305 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  630.227091][   T25] audit: type=1400 audit(629.460:65): avc:  denied  { mount } for  pid=3305 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  630.313969][ T3305] cgroup: Unknown subsys name 'net'
[  630.364123][   T25] audit: type=1400 audit(629.600:66): avc:  denied  { unmount } for  pid=3305 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  630.738372][ T3305] cgroup: Unknown subsys name 'cpuset'
[  630.842442][ T3305] cgroup: Unknown subsys name 'rlimit'
[  631.770141][   T25] audit: type=1400 audit(631.010:67): avc:  denied  { setattr } for  pid=3305 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  631.789840][   T25] audit: type=1400 audit(631.020:68): avc:  denied  { mounton } for  pid=3305 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  631.818023][   T25] audit: type=1400 audit(631.050:69): avc:  denied  { mount } for  pid=3305 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  633.028785][ T3313] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  633.047589][   T25] audit: type=1400 audit(632.280:70): avc:  denied  { relabelto } for  pid=3313 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  633.072530][   T25] audit: type=1400 audit(632.310:71): avc:  denied  { write } for  pid=3313 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  633.260131][   T25] audit: type=1400 audit(632.490:72): avc:  denied  { read } for  pid=3305 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  633.278173][   T25] audit: type=1400 audit(632.510:73): avc:  denied  { open } for  pid=3305 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  633.323700][ T3305] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  683.869340][   T25] audit: type=1400 audit(683.080:74): avc:  denied  { execmem } for  pid=3314 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  688.319712][   T25] audit: type=1400 audit(687.540:75): avc:  denied  { read } for  pid=3316 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  688.337256][   T25] audit: type=1400 audit(687.570:76): avc:  denied  { open } for  pid=3316 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  688.416489][   T25] audit: type=1400 audit(687.650:77): avc:  denied  { mounton } for  pid=3316 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  688.688902][   T25] audit: type=1400 audit(687.930:79): avc:  denied  { module_request } for  pid=3317 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  688.707099][   T25] audit: type=1400 audit(687.910:78): avc:  denied  { module_request } for  pid=3316 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  689.798186][   T25] audit: type=1400 audit(689.030:80): avc:  denied  { sys_module } for  pid=3317 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  717.938377][ T3317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  718.072679][ T3317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  719.808832][ T3316] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  719.971454][ T3316] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  731.544405][ T3317] hsr_slave_0: entered promiscuous mode
[  731.604305][ T3317] hsr_slave_1: entered promiscuous mode
[  732.977716][ T3316] hsr_slave_0: entered promiscuous mode
[  733.009957][ T3316] hsr_slave_1: entered promiscuous mode
[  733.034749][ T3316] debugfs: 'hsr0' already exists in 'hsr'
[  733.051628][ T3316] Cannot create hsr debugfs directory
[  738.256626][   T25] audit: type=1400 audit(737.480:81): avc:  denied  { create } for  pid=3317 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  738.258040][   T25] audit: type=1400 audit(737.490:82): avc:  denied  { write } for  pid=3317 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  738.306609][   T25] audit: type=1400 audit(737.540:83): avc:  denied  { read } for  pid=3317 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  738.477849][ T3317] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  738.735027][ T3317] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  739.013964][ T3317] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  739.468716][ T3317] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  740.918063][ T3316] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  741.210026][ T3316] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  741.380840][ T3316] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  741.543897][ T3316] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  754.122701][ T3317] 8021q: adding VLAN 0 to HW filter on device bond0
[  756.672075][ T3316] 8021q: adding VLAN 0 to HW filter on device bond0
[  813.281971][ T3317] veth0_vlan: entered promiscuous mode
[  813.695058][ T3317] veth1_vlan: entered promiscuous mode
[  815.370131][ T3316] veth0_vlan: entered promiscuous mode
[  816.059518][ T3317] veth0_macvtap: entered promiscuous mode
[  816.347964][ T3316] veth1_vlan: entered promiscuous mode
[  816.520254][ T3317] veth1_macvtap: entered promiscuous mode
[  819.809577][ T3316] veth0_macvtap: entered promiscuous mode
[  819.940483][ T3360] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  819.988037][ T3360] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  820.073360][ T3360] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  820.078231][ T3360] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  820.620006][ T3316] veth1_macvtap: entered promiscuous mode
[  823.333863][   T25] audit: type=1400 audit(822.550:84): avc:  denied  { mount } for  pid=3317 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  823.741953][   T25] audit: type=1400 audit(822.980:85): avc:  denied  { mounton } for  pid=3317 comm="syz-executor" path="/syzkaller.FAzKX5/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  824.008606][   T25] audit: type=1400 audit(823.240:86): avc:  denied  { mount } for  pid=3317 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  824.273726][   T35] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  824.289980][   T35] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  824.317029][   T35] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  824.357876][   T35] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  824.543429][   T25] audit: type=1400 audit(823.700:87): avc:  denied  { mounton } for  pid=3317 comm="syz-executor" path="/syzkaller.FAzKX5/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  824.723030][   T25] audit: type=1400 audit(823.960:88): avc:  denied  { mounton } for  pid=3317 comm="syz-executor" path="/syzkaller.FAzKX5/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3784 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  825.841431][   T25] audit: type=1400 audit(825.080:89): avc:  denied  { unmount } for  pid=3317 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  826.132821][   T25] audit: type=1400 audit(825.370:90): avc:  denied  { mounton } for  pid=3317 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  826.384398][   T25] audit: type=1400 audit(825.620:91): avc:  denied  { mount } for  pid=3317 comm="syz-executor" name="/" dev="gadgetfs" ino=3796 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  826.747030][   T25] audit: type=1400 audit(825.960:92): avc:  denied  { mount } for  pid=3317 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  826.996525][   T25] audit: type=1400 audit(826.220:93): avc:  denied  { mounton } for  pid=3317 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  828.384877][ T3317] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  829.499906][   T25] kauditd_printk_skb: 1 callbacks suppressed
[  829.513212][   T25] audit: type=1400 audit(828.730:95): avc:  denied  { read write } for  pid=3317 comm="syz-executor" name="loop0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  829.589880][   T25] audit: type=1400 audit(828.800:96): avc:  denied  { open } for  pid=3317 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  829.631461][   T25] audit: type=1400 audit(828.860:97): avc:  denied  { ioctl } for  pid=3317 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=637 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  842.009731][   T25] audit: type=1400 audit(841.190:98): avc:  denied  { read } for  pid=3469 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  842.032834][   T25] audit: type=1400 audit(841.270:99): avc:  denied  { open } for  pid=3469 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  842.229061][   T25] audit: type=1400 audit(841.450:100): avc:  denied  { ioctl } for  pid=3469 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae03 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  853.992483][   T25] audit: type=1400 audit(853.230:101): avc:  denied  { write } for  pid=3482 comm="syz.1.4" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  871.754129][   T25] audit: type=1400 audit(870.940:102): avc:  denied  { setattr } for  pid=3494 comm="syz.0.7" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  876.632087][   T25] audit: type=1400 audit(875.820:103): avc:  denied  { execute } for  pid=3498 comm="syz.1.8" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4139 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  902.788377][   T25] audit: type=1400 audit(902.020:104): avc:  denied  { ioctl } for  pid=3516 comm="syz.1.13" path="net:[4026532616]" dev="nsfs" ino=4026532616 ioctlcmd=0xb709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  919.268773][   T25] audit: type=1400 audit(918.500:105): avc:  denied  { append } for  pid=3526 comm="syz.0.16" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1403.898221][ T3809] KVM: debugfs: duplicate directory 3809-11
[ 1561.420944][   T25] audit: type=1400 audit(1560.590:106): avc:  denied  { map } for  pid=3922 comm="syz.0.135" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1561.433319][   T25] audit: type=1400 audit(1560.660:107): avc:  denied  { execute } for  pid=3922 comm="syz.0.135" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2252.827980][ T4304] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2253.059116][ T4304] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2261.899924][ T4309] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2262.109156][ T4309] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2280.462065][ T4304] hsr_slave_0: entered promiscuous mode
[ 2280.573099][ T4304] hsr_slave_1: entered promiscuous mode
[ 2280.634287][ T4304] debugfs: 'hsr0' already exists in 'hsr'
[ 2280.688849][ T4304] Cannot create hsr debugfs directory
[ 2291.528887][ T4309] hsr_slave_0: entered promiscuous mode
[ 2291.572769][ T4309] hsr_slave_1: entered promiscuous mode
[ 2291.617262][ T4309] debugfs: 'hsr0' already exists in 'hsr'
[ 2291.620414][ T4309] Cannot create hsr debugfs directory
[ 2300.602819][ T4304] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 2301.387619][ T4304] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 2302.567963][ T4304] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 2304.044809][ T4304] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 2307.964800][ T3704] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2309.484088][ T3704] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2310.441669][ T3704] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2312.501028][ T3704] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2316.889020][ T4309] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 2317.201650][ T4309] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 2318.177893][ T4309] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 2319.160370][ T4309] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 2335.664173][ T3704] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2336.097127][ T3704] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2336.338529][ T3704] bond0 (unregistering): Released all slaves
[ 2339.322181][ T3704] hsr_slave_0: left promiscuous mode
[ 2339.417285][ T3704] hsr_slave_1: left promiscuous mode
[ 2340.041794][ T3704] veth1_macvtap: left promiscuous mode
[ 2340.050211][ T3704] veth0_macvtap: left promiscuous mode
[ 2340.068953][ T3704] veth1_vlan: left promiscuous mode
[ 2340.090468][ T3704] veth0_vlan: left promiscuous mode
[ 2370.380617][ T4304] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2392.753349][ T4309] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2492.921614][ T4304] veth0_vlan: entered promiscuous mode
[ 2493.831495][ T4304] veth1_vlan: entered promiscuous mode
[ 2497.229028][ T4304] veth0_macvtap: entered promiscuous mode
[ 2497.859478][ T4304] veth1_macvtap: entered promiscuous mode
[ 2501.042123][ T4378] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2501.058324][ T4387] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2501.059215][ T4387] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2501.059925][ T4387] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2519.624284][ T4309] veth0_vlan: entered promiscuous mode
[ 2521.303145][ T4309] veth1_vlan: entered promiscuous mode
[ 2525.441817][ T4309] veth0_macvtap: entered promiscuous mode
[ 2526.308994][ T4309] veth1_macvtap: entered promiscuous mode
[ 2531.254606][   T52] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2531.260060][   T52] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2531.358539][   T52] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2531.362607][   T52] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2622.151009][ T4007] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2623.711497][ T4007] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2625.835028][ T4007] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2627.631493][ T4007] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2652.069390][ T4007] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2652.957127][ T4007] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2653.681583][ T4007] bond0 (unregistering): Released all slaves
[ 2656.369051][ T4007] hsr_slave_0: left promiscuous mode
[ 2656.497706][ T4007] hsr_slave_1: left promiscuous mode
[ 2657.069743][ T4007] veth1_macvtap: left promiscuous mode
[ 2657.071625][ T4007] veth0_macvtap: left promiscuous mode
[ 2657.090559][ T4007] veth1_vlan: left promiscuous mode
[ 2657.100163][ T4007] veth0_vlan: left promiscuous mode
[ 2680.672965][ T4007] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2682.110653][ T4007] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2682.794750][ T4007] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2683.702323][ T4007] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2698.337879][ T4007] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2701.322221][ T4007] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2703.130002][ T4007] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2704.764730][ T4007] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2726.007429][ T4007] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2726.360523][ T4007] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2726.574020][ T4007] bond0 (unregistering): Released all slaves
[ 2729.810691][ T4007] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2729.891114][ T4007] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2729.960463][ T4007] bond0 (unregistering): Released all slaves
[ 2731.653367][ T4007] hsr_slave_0: left promiscuous mode
[ 2731.674904][ T4007] hsr_slave_1: left promiscuous mode
[ 2731.802803][ T4007] hsr_slave_0: left promiscuous mode
[ 2731.823551][ T4007] hsr_slave_1: left promiscuous mode
[ 2732.100471][ T4007] veth1_macvtap: left promiscuous mode
[ 2732.103944][ T4007] veth0_macvtap: left promiscuous mode
[ 2732.125861][ T4007] veth1_vlan: left promiscuous mode
[ 2732.129707][ T4007] veth0_vlan: left promiscuous mode
[ 2732.172688][ T4007] veth1_macvtap: left promiscuous mode
[ 2732.199183][ T4007] veth0_macvtap: left promiscuous mode
[ 2732.203492][ T4007] veth1_vlan: left promiscuous mode
[ 2732.214755][ T4007] veth0_vlan: left promiscuous mode
[ 2772.811237][ T4532] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2773.837320][ T4532] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2773.977966][ T4536] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2774.634494][ T4536] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2796.354949][ T4532] hsr_slave_0: entered promiscuous mode
[ 2796.391747][ T4532] hsr_slave_1: entered promiscuous mode
[ 2798.078557][ T4536] hsr_slave_0: entered promiscuous mode
[ 2798.104388][ T4536] hsr_slave_1: entered promiscuous mode
[ 2798.162197][ T4536] debugfs: 'hsr0' already exists in 'hsr'
[ 2798.170441][ T4536] Cannot create hsr debugfs directory
[ 2812.511225][ T4532] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2813.267696][ T4532] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2813.771670][ T4532] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2814.404413][ T4532] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2820.312231][ T4536] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2820.718300][ T4536] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2821.301532][ T4536] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2821.777120][ T4536] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2844.189093][ T4532] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2848.982318][ T4536] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2970.560048][ T4532] veth0_vlan: entered promiscuous mode
[ 2971.440370][ T4532] veth1_vlan: entered promiscuous mode
[ 2974.670465][ T4532] veth0_macvtap: entered promiscuous mode
[ 2975.824711][ T4532] veth1_macvtap: entered promiscuous mode
[ 2976.189374][ T4536] veth0_vlan: entered promiscuous mode
[ 2977.839460][ T4536] veth1_vlan: entered promiscuous mode
[ 2980.237500][ T4007] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2980.242744][ T4007] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2980.262187][ T4007] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2980.272811][ T4007] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2983.228898][ T4536] veth0_macvtap: entered promiscuous mode
[ 2984.369584][ T4536] veth1_macvtap: entered promiscuous mode
[ 2988.927756][   T52] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2988.958404][   T52] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2988.987497][   T52] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2988.989546][   T52] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3273.813885][ T4311] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3277.910545][ T4311] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3279.659434][ T4311] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3281.220442][ T4311] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3304.699531][ T4311] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3305.164993][ T4311] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3305.480586][ T4311] bond0 (unregistering): Released all slaves
[ 3307.800485][ T4311] hsr_slave_0: left promiscuous mode
[ 3307.867509][ T4311] hsr_slave_1: left promiscuous mode
[ 3308.558374][ T4311] veth1_macvtap: left promiscuous mode
[ 3308.618189][ T4311] veth0_macvtap: left promiscuous mode
[ 3308.628843][ T4311] veth1_vlan: left promiscuous mode
[ 3308.630381][ T4311] veth0_vlan: left promiscuous mode
[ 3333.810076][ T4311] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3335.484818][ T4311] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3336.964596][ T4311] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3338.163328][ T4311] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3361.702526][ T4311] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3361.891684][ T4311] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3362.031680][ T4311] bond0 (unregistering): Released all slaves
[ 3364.249371][ T4311] hsr_slave_0: left promiscuous mode
[ 3364.307161][ T4311] hsr_slave_1: left promiscuous mode
[ 3364.667103][ T4311] veth1_macvtap: left promiscuous mode
[ 3364.670484][ T4311] veth0_macvtap: left promiscuous mode
[ 3364.679503][ T4311] veth1_vlan: left promiscuous mode
[ 3364.692316][ T4311] veth0_vlan: left promiscuous mode
[ 3421.821649][ T4933] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3422.158335][ T4933] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3425.530117][ T4940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3425.938167][ T4940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3453.302829][ T4933] hsr_slave_0: entered promiscuous mode
[ 3453.411157][ T4933] hsr_slave_1: entered promiscuous mode
[ 3457.021150][ T4940] hsr_slave_0: entered promiscuous mode
[ 3457.083003][ T4940] hsr_slave_1: entered promiscuous mode
[ 3457.194458][ T4940] debugfs: 'hsr0' already exists in 'hsr'
[ 3457.207923][ T4940] Cannot create hsr debugfs directory
[ 3475.488299][ T4933] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 3476.233544][ T4933] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 3477.013106][ T4933] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 3477.999939][ T4933] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 3485.353892][ T4940] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 3485.913608][ T4940] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 3486.444580][ T4940] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 3487.034556][ T4940] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 3515.922414][ T4933] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3522.131605][ T4940] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3675.401181][ T4933] veth0_vlan: entered promiscuous mode
[ 3676.611232][ T4933] veth1_vlan: entered promiscuous mode
[ 3681.510794][ T4940] veth0_vlan: entered promiscuous mode
[ 3683.035024][ T4933] veth0_macvtap: entered promiscuous mode
[ 3684.340708][ T4940] veth1_vlan: entered promiscuous mode
[ 3684.625007][ T4933] veth1_macvtap: entered promiscuous mode
[ 3691.539324][ T4940] veth0_macvtap: entered promiscuous mode
[ 3691.703170][ T4949] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3691.733905][ T4949] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3691.744787][ T4949] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3691.862716][ T4949] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3692.393935][ T4940] veth1_macvtap: entered promiscuous mode
[ 3698.802896][ T4544] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3698.810572][ T4544] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3698.832205][ T4544] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3698.950830][ T3410] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3800.611053][ T5098] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3804.111642][ T5098] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3806.849487][ T5098] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3809.738049][ T5098] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3845.163461][ T5098] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3845.593313][ T5098] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3846.061406][ T5098] bond0 (unregistering): Released all slaves
[ 3849.767576][ T5098] hsr_slave_0: left promiscuous mode
[ 3849.890060][ T5098] hsr_slave_1: left promiscuous mode
[ 3850.747786][ T5098] veth1_macvtap: left promiscuous mode
[ 3850.771486][ T5098] veth0_macvtap: left promiscuous mode
[ 3850.796013][ T5098] veth1_vlan: left promiscuous mode
[ 3850.838856][ T5098] veth0_vlan: left promiscuous mode
[ 3984.667996][ T5222] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3985.601221][ T5222] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4022.510898][ T4942] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4024.610570][ T4942] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4026.539653][ T4942] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4028.609351][ T4942] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4041.277838][ T5222] hsr_slave_0: entered promiscuous mode
[ 4041.390754][ T5222] hsr_slave_1: entered promiscuous mode
[ 4056.100497][ T4942] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4056.298051][ T4942] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4056.418408][ T4942] bond0 (unregistering): Released all slaves
[ 4059.414440][ T4942] hsr_slave_0: left promiscuous mode
[ 4059.659524][ T4942] hsr_slave_1: left promiscuous mode
[ 4060.503453][ T4942] veth1_macvtap: left promiscuous mode
[ 4060.588457][ T4942] veth0_macvtap: left promiscuous mode
[ 4060.603189][ T4942] veth1_vlan: left promiscuous mode
[ 4060.651048][ T4942] veth0_vlan: left promiscuous mode
[ 4101.690839][ T5222] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 4102.177087][ T5222] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 4102.643667][ T5222] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 4103.284208][ T5222] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 4136.130569][ T5222] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4145.471305][ T5316] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4145.949763][ T5316] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4189.734447][ T5316] hsr_slave_0: entered promiscuous mode
[ 4189.882267][ T5316] hsr_slave_1: entered promiscuous mode
[ 4189.982997][ T5316] debugfs: 'hsr0' already exists in 'hsr'
[ 4189.991407][ T5316] Cannot create hsr debugfs directory
[ 4215.920500][ T5316] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 4216.581235][ T5316] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 4217.322018][ T5316] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 4217.894939][ T5316] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 4255.150879][ T5316] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4314.739583][ T5222] veth0_vlan: entered promiscuous mode
[ 4316.222896][ T5222] veth1_vlan: entered promiscuous mode
[ 4320.408067][ T5222] veth0_macvtap: entered promiscuous mode
[ 4321.203315][ T5222] veth1_macvtap: entered promiscuous mode
[ 4325.598714][   T12] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4325.603019][   T12] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4325.631770][ T4007] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4325.764284][ T4311] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4464.400147][ T5316] veth0_vlan: entered promiscuous mode
[ 4465.920484][ T5316] veth1_vlan: entered promiscuous mode
[ 4471.210091][ T5316] veth0_macvtap: entered promiscuous mode
[ 4472.010474][ T5316] veth1_macvtap: entered promiscuous mode
[ 4477.790085][   T12] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4477.792844][   T12] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4477.821251][   T12] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4477.921498][   T12] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4621.870451][ T4274] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4624.932950][ T4274] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4627.713707][ T4274] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4630.563734][ T4274] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4666.033935][ T4274] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4666.544216][ T4274] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4666.840209][ T4274] bond0 (unregistering): Released all slaves
[ 4669.399701][ T4274] hsr_slave_0: left promiscuous mode
[ 4669.538684][ T4274] hsr_slave_1: left promiscuous mode
[ 4670.342123][ T4274] veth1_macvtap: left promiscuous mode
[ 4670.437251][ T4274] veth0_macvtap: left promiscuous mode
[ 4670.440832][ T4274] veth1_vlan: left promiscuous mode
[ 4670.458341][ T4274] veth0_vlan: left promiscuous mode
[ 4720.020476][ T4274] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4722.184429][ T4274] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4724.029560][ T4274] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4725.932975][ T4274] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4752.397578][ T4274] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4753.321370][ T4274] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4753.778503][ T4274] bond0 (unregistering): Released all slaves
[ 4758.080099][ T4274] hsr_slave_0: left promiscuous mode
[ 4758.249285][ T4274] hsr_slave_1: left promiscuous mode
[ 4759.159856][ T4274] veth1_macvtap: left promiscuous mode
[ 4759.163654][ T4274] veth0_macvtap: left promiscuous mode
[ 4759.209426][ T4274] veth1_vlan: left promiscuous mode
[ 4759.228927][ T4274] veth0_vlan: left promiscuous mode
[ 4832.621087][ T5599] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4832.991411][ T5599] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4837.111168][ T5602] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4837.475006][ T5602] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4876.754003][ T5599] hsr_slave_0: entered promiscuous mode
[ 4876.922146][ T5599] hsr_slave_1: entered promiscuous mode
[ 4882.743477][ T5602] hsr_slave_0: entered promiscuous mode
[ 4882.900572][ T5602] hsr_slave_1: entered promiscuous mode
[ 4882.977882][ T5602] debugfs: 'hsr0' already exists in 'hsr'
[ 4882.980984][ T5602] Cannot create hsr debugfs directory
[ 4925.410454][ T5599] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 4926.430507][ T5599] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 4927.357291][ T5599] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 4928.158673][ T5599] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 4935.903210][ T5602] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 4936.699839][ T5602] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 4937.439690][ T5602] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 4938.284013][ T5602] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 4968.759216][ T5599] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4976.491070][ T5602] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5115.328215][ T5599] veth0_vlan: entered promiscuous mode
[ 5116.602986][ T5599] veth1_vlan: entered promiscuous mode
[ 5120.659372][ T5599] veth0_macvtap: entered promiscuous mode
[ 5121.899136][ T5599] veth1_macvtap: entered promiscuous mode
[ 5124.858320][ T5602] veth0_vlan: entered promiscuous mode
[ 5127.698578][ T5602] veth1_vlan: entered promiscuous mode
[ 5129.492049][ T4007] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5129.523320][ T3788] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5129.550764][ T3788] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5129.570029][ T3788] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5135.791325][ T5602] veth0_macvtap: entered promiscuous mode
[ 5137.074093][ T5602] veth1_macvtap: entered promiscuous mode
[ 5141.787820][ T4949] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5141.909086][ T4395] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5142.262298][ T4378] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5142.498838][ T4378] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5383.124876][ T5973] KVM: debugfs: duplicate directory 5973-5
[ 6200.856673][ T6292] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6201.450506][ T6292] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6225.289853][ T6303] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6225.751239][ T6303] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6259.828725][ T6292] hsr_slave_0: entered promiscuous mode
[ 6259.985023][ T6292] hsr_slave_1: entered promiscuous mode
[ 6260.177321][ T6292] debugfs: 'hsr0' already exists in 'hsr'
[ 6260.178233][ T6292] Cannot create hsr debugfs directory
[ 6285.489969][ T6303] hsr_slave_0: entered promiscuous mode
[ 6285.610585][ T6303] hsr_slave_1: entered promiscuous mode
[ 6285.667325][ T6303] debugfs: 'hsr0' already exists in 'hsr'
[ 6285.670357][ T6303] Cannot create hsr debugfs directory
[ 6321.256968][ T6292] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 6322.528956][ T6292] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 6326.037330][ T6292] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 6329.047098][ T6292] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 6344.279696][ T6303] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 6344.891927][ T6303] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 6345.714401][ T6303] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 6346.533244][ T6303] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 6379.551503][ T6292] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6394.540585][ T6303] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6487.007157][   T27] INFO: task syz.0.390:6280 blocked for more than 430 seconds.
[ 6487.010661][   T27]       Not tainted syzkaller #0
[ 6487.034177][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 6487.034936][   T27] task:syz.0.390       state:D stack:0     pid:6280  tgid:6280  ppid:5602   task_flags:0x400040 flags:0x00000019
[ 6487.119209][   T27] Call trace:
[ 6487.119748][   T27]  __switch_to+0x584/0xb20 (T)
[ 6487.121804][   T27]  __schedule+0x1eec/0x33a4
[ 6487.122361][   T27]  schedule+0xac/0x27c
[ 6487.122856][   T27]  schedule_timeout+0x5c/0x1e4
[ 6487.123268][   T27]  do_wait_for_common+0x28c/0x444
[ 6487.123763][   T27]  wait_for_completion+0x44/0x5c
[ 6487.124232][   T27]  __synchronize_srcu+0x2a4/0x320
[ 6487.124724][   T27]  synchronize_srcu+0x3cc/0x4f0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 6487.296925][   T27]  mmu_notifier_unregister+0x320/0x42c
[ 6487.297840][   T27]  kvm_put_kvm+0x6a0/0xfa8
[ 6487.298309][   T27]  kvm_vm_release+0x58/0x78
[ 6487.298782][   T27]  __fput+0x4ac/0x980
[ 6487.299219][   T27]  ____fput+0x20/0x58
[ 6487.299650][   T27]  task_work_run+0x1bc/0x254
[ 6487.300066][   T27]  do_notify_resume+0x1bc/0x270
[ 6487.300490][   T27]  el0_svc+0xb8/0x164
[ 6487.300936][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 6487.301374][   T27]  el0t_64_sync+0x198/0x19c
[ 6487.302921][   T27] 
[ 6487.302921][   T27] Showing all locks held in the system:
[ 6487.303374][   T27] 2 locks held by kworker/u4:0/12:
[ 6487.303789][   T27]  #0: 2ff000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 6487.468029][   T27]  #1: ffff80008c557c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 6487.470317][   T27] 1 lock held by khungtaskd/27:
[ 6487.470757][   T27]  #0: ffff800087806858 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[ 6487.472551][   T27] 2 locks held by getty/3180:
[ 6487.472908][   T27]  #0: c7f00000121068a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 6487.474565][   T27]  #1: 14ff80008c54b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8
[ 6487.648298][   T27] 2 locks held by syz-executor/3305:
[ 6487.648842][   T27] 3 locks held by kworker/u4:8/4378:
[ 6487.649170][   T27] 3 locks held by kworker/u4:10/4395:
[ 6487.649521][   T27] 2 locks held by kworker/0:0/4787:
[ 6487.649858][   T27] 3 locks held by kworker/u4:3/4908:
[ 6487.650259][   T27] 3 locks held by kworker/u4:4/5794:
[ 6487.650560][   T27] 2 locks held by kworker/u4:5/6136:
[ 6487.650892][   T27]  #0: 2ff000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 6487.652602][   T27]  #1: ffff80008f567c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 6487.654383][   T27] 2 locks held by syz.1.388/6271:
[ 6487.654746][   T27] 3 locks held by kworker/u4:14/6345:
[ 6487.786181][   T27] 1 lock held by rm/6467:
[ 6487.786886][   T27] 4 locks held by modprobe/6468:
[ 6487.811691][   T27] 
[ 6487.812162][   T27] =============================================
[ 6487.812162][   T27] 
[ 6487.812994][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[ 6487.819422][   T27] CPU: 0 UID: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT 
[ 6487.820997][   T27] Hardware name: linux,dummy-virt (DT)
[ 6487.821999][   T27] Call trace:
[ 6487.822867][   T27]  show_stack+0x2c/0x3c (C)
[ 6487.823957][   T27]  __dump_stack+0x30/0x40
[ 6487.824834][   T27]  dump_stack_lvl+0x30/0x12c
[ 6487.825770][   T27]  dump_stack+0x1c/0x28
[ 6487.826668][   T27]  vpanic+0x22c/0x59c
[ 6487.827550][   T27]  vpanic+0x0/0x59c
[ 6487.828408][   T27]  hung_task_panic+0x0/0x2c
[ 6487.829323][   T27]  kthread+0x794/0x9a0
[ 6487.830242][   T27]  ret_from_fork+0x10/0x20
[ 6487.832212][   T27] Kernel Offset: disabled
[ 6487.832991][   T27] CPU features: 0x000000,0001a300,5f7c67c1,057ffe1f
[ 6487.834280][   T27] Memory Limit: none
[ 6487.836524][   T27] Rebooting in 86400 seconds..

VM DIAGNOSIS:
02:07:27  Registers:
info registers vcpu 0

CPU#0
 PC=ffff80008656cbac X00=ffff800080007568 X01=ffff800080007578
X02=0000000000000010 X03=0000000000000010 X04=0000000000000001
X05=0000000000000000 X06=0000000000000000 X07=ffff800085338d00
X08=000000000000000e X09=efff800000000000 X10=000000000000000d
X11=00000000b2f4e571 X12=0000000051c3318f X13=000000004bf6f193
X14=00000000ffff8000 X15=ffff800080007708 X16=ffff800080010e20
X17=000000000000005f X18=00000000000000ff X19=fff00000719973a0
X20=95f000000d9b9d80 X21=32f000000d8fe500 X22=0000000007b40102
X23=32f000000d8fe500 X24=ffff800087699120 X25=fff0000072d7f120
X26=ffff8000876b5000 X27=00000000000000ff X28=0000000000000000
X29=ffff800080007830 X30=ffff80008070efa8  SP=ffff800080007860
PSTATE=40402009 -Z-- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=63696d6f74616269:6c2f343662696c2f Z01=00312e6f732e6369:6d6f746162696c2f
Z02=0000000000000000:fffffffffff00000 Z03=0000000000000000:0000000000000000
Z04=3333333333333333:3333333333333333 Z05=0000000000000000:0000000c00000000
Z06=0000000000000000:0000000000000000 Z07=0000000000000000:0000000000000000
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000000000000000:0000000000000000 Z17=0000000000000000:0000000000000000
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000