last executing test programs:

28m3.776101506s ago: executing program 1 (id=109):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1c)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r2, 0x4018aee3, &(0x7f00000001c0)=@attr_other={0x0, 0x2, 0x0, 0x0})
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000040)=0xe7})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000080)=0xe7})
ioctl$KVM_HAS_DEVICE_ATTR_vm(r0, 0x4018aee3, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x6, 0x4}})
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000200)={0x5})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000100)={0x7})
ioctl$KVM_RUN(r11, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(0x0, 0xffffffffffffffff)
ioctl$KVM_IRQ_LINE(r9, 0x4008ae61, 0x0)
r12 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r12, 0xae03, 0x83)
ioctl$KVM_CHECK_EXTENSION(r1, 0x4b47, 0x9)

27m55.876898221s ago: executing program 0 (id=110):
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r3, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f00000011c0)=@attr_set_pmu={0x0, 0x0, 0x3, 0x0})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x3000004, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000834000/0x3000)=nil, 0x930, 0x100000a, 0x8032, 0xffffffffffffffff, 0x0)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r9 = eventfd2(0xfffffffa, 0x0)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000180)={0x80, 0xd5d77004, 0x4, r9, 0x2})
syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r8, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})

27m53.89688631s ago: executing program 1 (id=111):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) (async)
syz_kvm_vgic_v3_setup(r1, 0x3, 0x180)
ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f0000000000)={0xb6, 0x0, 0x7})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async, rerun: 64)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (rerun: 64)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000300)=@attr_arm64={0x0, 0x0, 0x2, &(0x7f00000002c0)=0x5})
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r6, 0x4018aee3, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0})

27m47.27490585s ago: executing program 0 (id=112):
openat$kvm(0x0, &(0x7f0000000000), 0x72483, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9, 0x0, 0x1}})
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000040)={0x0, &(0x7f0000000340)=[@its_setup={0x82, 0x28, {0x0, 0x0, 0x15f}}, @hvc={0x32, 0x40, {0x84000011, [0x4, 0xf, 0x4, 0x3, 0x3]}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x0, 0xe, 0x5, 0x80, 0x1}}, @smc={0x1e, 0x40, {0x84000001, [0x1, 0x4, 0x3e3316f1, 0x9, 0x8000000000000000]}}, @svc={0x122, 0x40, {0xc4000007, [0x2, 0x1ff, 0x8e48, 0x0, 0x3ff]}}, @msr={0x14, 0x20, {0x603000000013ff12, 0xe}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x16}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x50}}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x183}}, @smc={0x1e, 0x40, {0x84000051, [0xe0de, 0x68, 0x401, 0x4, 0x4]}}, @svc={0x122, 0x40, {0x80000000, [0x4aa8, 0x4, 0x7, 0x2, 0x290]}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x99}}, @irq_setup={0x46, 0x18, {0x0, 0xbb}}, @svc={0x122, 0x40, {0x800, [0x8, 0xffffffffffffffff, 0x3, 0x7, 0x8]}}, @uexit={0x0, 0x18}, @smc={0x1e, 0x40, {0xc400000e, [0x1, 0x51, 0x200, 0x4, 0x56]}}, @msr={0x14, 0x20, {0x603000000013e4ec, 0x7}}, @svc={0x122, 0x40, {0x84000012, [0x8000000000000000, 0xc99, 0x8001, 0x1, 0x6]}}, @eret={0xe6, 0x18, 0x1}, @svc={0x122, 0x40, {0xc400000c, [0x4, 0x4, 0x51cc, 0x2, 0x66]}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x3a9}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0x251}}, @mrs={0xbe, 0x18, {0x603000000013ff10}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x126}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x80, 0xb2}}, @irq_setup={0x46, 0x18, {0x2, 0x379}}, @uexit={0x0, 0x18, 0x4}], 0x4a8}, &(0x7f00000000c0)=[@featur2={0x1, 0x40}], 0x1)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000200)={0x4000, 0x113000})
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r4, 0x4018aee3, &(0x7f0000000340)=@attr_arm64={0x0, 0x2, 0x0, 0x0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0xa0401, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r7, 0x4018aee3, &(0x7f00000001c0)=@attr_other={0x0, 0x1, 0x1, 0x0})
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x5})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)

27m44.474928986s ago: executing program 1 (id=113):
r0 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013e110, 0x0}) (async)
syz_kvm_vgic_v3_setup(r2, 0x2, 0x100) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r2, 0x4010aeb5, &(0x7f0000000100)={0x55})

27m38.295879479s ago: executing program 0 (id=114):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013e288, 0x7ffe}}, @msr={0x14, 0x20, {0x603000000013dce5, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

27m35.184427328s ago: executing program 1 (id=115):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r3, 0x4068aea3, &(0x7f0000000140))
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100018, &(0x7f0000000100)=0xffffffffffffffff})

27m28.465099997s ago: executing program 0 (id=116):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r1, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c61000/0x4000)=nil, r1, 0x1000007, 0x8010, 0xffffffffffffffff, 0x0)

27m26.376321938s ago: executing program 1 (id=117):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r4, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0)
r6 = eventfd2(0x0, 0x0)
close(r6)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
write$eventfd(r6, &(0x7f00000001c0)=0x87, 0x8)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000700)={0x7, 0x0})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000240)={0x200002f})

27m22.315769407s ago: executing program 0 (id=118):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x25)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r0, 0x4068aea3, &(0x7f0000000000))
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r0, 0x4068aea3, &(0x7f0000000080)={0xe4, 0x0, 0x200})
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x37)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
syz_kvm_vgic_v3_setup(r1, 0x2, 0x40)
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000100)={0x9, 0xffffffffffffffff, 0x1})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r3, 0x4018aee3, &(0x7f0000000180)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000140)={0x0, 0x1}})
r4 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f00000001c0)={0x101, 0xff})
ioctl$KVM_SET_USER_MEMORY_REGION2(r2, 0x40a0ae49, &(0x7f0000000200)={0x10003, 0x0, 0xdddd0000, 0x1000, &(0x7f0000f67000/0x1000)=nil, 0x9, r4})
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x38)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bff000/0x400000)=nil)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000300)=@arm64_fp={0x6040000000100059, &(0x7f00000002c0)=0x7})
ioctl$KVM_SET_USER_MEMORY_REGION2(r0, 0x40a0ae49, &(0x7f0000000340)={0x10003, 0x1, 0x8080000, 0x1000, &(0x7f0000c5f000/0x1000)=nil, 0x10, r4})
r6 = ioctl$KVM_GET_STATS_FD_cpu(r3, 0xaece)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r0, 0x4018aee3, &(0x7f0000000440)=@attr_other={0x0, 0x6bad5868, 0x3, &(0x7f0000000400)=0x1000})
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r0, 0x4010aeb5, &(0x7f0000000480)={0x0, 0x4})
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x19)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r7, 0x4068aea3, &(0x7f00000004c0))
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r4, 0xc004aea7, &(0x7f0000000540)=0xa)
ioctl$KVM_GET_VCPU_EVENTS(r6, 0x8040ae9f, &(0x7f0000000580)=@arm64)
openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0), 0x41, 0x0)

27m17.141925794s ago: executing program 1 (id=119):
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0xfffffffa, 0x80001)
r3 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2c)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f00000001c0)=@arm64_sys={0x603000000013c00a, &(0x7f0000000140)=0x20000000009})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x5)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000140)={0x4, <r10=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r10, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0x8004b709, 0x2)
r11 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r11, 0x4018aee3, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r2})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x2)
ioctl$KVM_CREATE_VM(r12, 0xae01, 0x34)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_add_vcpu$arm64(r14, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r13, 0x3, 0xa0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})

27m15.527219364s ago: executing program 0 (id=120):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x80002, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x2012, r3, 0x40000)
syz_memcpy_off$KVM_EXIT_MMIO(r4, 0x20, &(0x7f0000000040)="68d3d4a6759ba655d47872b6bf881ba5dbca1c84a0779749", 0x0, 0x18)
ioctl$KVM_SET_USER_MEMORY_REGION2(r2, 0x40a0ae49, &(0x7f00000000c0)={0x5, 0x5, 0x2, 0x1000, &(0x7f0000ffd000/0x1000)=nil, 0x8})
r5 = openat$kvm(0x0, 0xfffffffffffffffe, 0x0, 0x0)
write$eventfd(0xffffffffffffffff, 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
close(r5)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000340)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x0, 0x4, 0x1}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r9, 0x4, 0x220)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r11, 0xae80, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, r12, 0x300000a, 0x11, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffff9c, 0x0, 0xa00f2, 0x408)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})

26m30.981934868s ago: executing program 32 (id=119):
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0xfffffffa, 0x80001)
r3 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2c)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f00000001c0)=@arm64_sys={0x603000000013c00a, &(0x7f0000000140)=0x20000000009})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x5)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000140)={0x4, <r10=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r10, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0x8004b709, 0x2)
r11 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r11, 0x4018aee3, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r2})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x2)
ioctl$KVM_CREATE_VM(r12, 0xae01, 0x34)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_add_vcpu$arm64(r14, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r13, 0x3, 0xa0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})

26m27.073631721s ago: executing program 33 (id=120):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x80002, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x2012, r3, 0x40000)
syz_memcpy_off$KVM_EXIT_MMIO(r4, 0x20, &(0x7f0000000040)="68d3d4a6759ba655d47872b6bf881ba5dbca1c84a0779749", 0x0, 0x18)
ioctl$KVM_SET_USER_MEMORY_REGION2(r2, 0x40a0ae49, &(0x7f00000000c0)={0x5, 0x5, 0x2, 0x1000, &(0x7f0000ffd000/0x1000)=nil, 0x8})
r5 = openat$kvm(0x0, 0xfffffffffffffffe, 0x0, 0x0)
write$eventfd(0xffffffffffffffff, 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
close(r5)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000340)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x0, 0x4, 0x1}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r9, 0x4, 0x220)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r11, 0xae80, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, r12, 0x300000a, 0x11, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffff9c, 0x0, 0xa00f2, 0x408)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})

8m34.752584513s ago: executing program 3 (id=233):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x5, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4}}], 0x75}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x40000000000004, 0xc0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)
mmap$KVM_VCPU(&(0x7f0000007000/0x2000)=nil, r9, 0x3, 0x11, r7, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r7, 0x0)
r10 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r10, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
syz_kvm_vgic_v3_setup(r10, 0x2, 0x0)
close(r10)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000200)={0x7, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x6, 0x2, &(0x7f0000000080)=0x5})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x400)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@mrs={0xbe, 0x18, {0x603000000013c800}}], 0x14}, 0x0, 0xfffffffffffffffb)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x37)
ioctl$KVM_RUN(r14, 0xae80, 0x0)

8m17.176286s ago: executing program 3 (id=235):
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x8010, r2, 0x40000)

8m16.743162606s ago: executing program 2 (id=236):
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f0000000000)=@x86={0x8, 0xba, 0x0, 0x0, 0x5, 0x2, 0x4, 0xc, 0x5c, 0x7f, 0x6, 0xb, 0x0, 0x9, 0x401, 0x3, 0x4, 0x38, 0xfe, '\x00', 0x10, 0x7}) (async)
ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f0000000000)=@x86={0x8, 0xba, 0x0, 0x0, 0x5, 0x2, 0x4, 0xc, 0x5c, 0x7f, 0x6, 0xb, 0x0, 0x9, 0x401, 0x3, 0x4, 0x38, 0xfe, '\x00', 0x10, 0x7})
ioctl$KVM_GET_SREGS(r0, 0x8000ae83, &(0x7f0000000040))
ioctl$KVM_RUN(r0, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f0000000180))
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) (async)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r1, 0x4208ae9b, &(0x7f00000001c0)={0x10001, 0x0, {[0x4, 0x8, 0x3, 0x3, 0x2, 0x8, 0x9, 0x6, 0x3, 0x8000, 0xffffffffffffff7f, 0x800, 0x1, 0x8, 0x8, 0x400], [0x9, 0x80000000, 0x4, 0xeebd, 0x8, 0x0, 0x1, 0xfffffffffffffffa, 0x40, 0x9, 0x9a64, 0x6, 0x8, 0xfffffffffffffffe, 0x4f3, 0x4], [0x2, 0x0, 0x8, 0x100, 0x0, 0x1, 0x8, 0x75, 0xf8ed, 0xdcb, 0xd40, 0x8, 0xfffffffffffffe00, 0x1, 0x0, 0x84], [0x7, 0x0, 0x5, 0x8001, 0x4, 0x401, 0x2000000000000, 0xfff, 0x100, 0xffffffff, 0x4, 0x5, 0x1ff, 0x2, 0x7fff, 0x3]}}) (async)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r1, 0x4208ae9b, &(0x7f00000001c0)={0x10001, 0x0, {[0x4, 0x8, 0x3, 0x3, 0x2, 0x8, 0x9, 0x6, 0x3, 0x8000, 0xffffffffffffff7f, 0x800, 0x1, 0x8, 0x8, 0x400], [0x9, 0x80000000, 0x4, 0xeebd, 0x8, 0x0, 0x1, 0xfffffffffffffffa, 0x40, 0x9, 0x9a64, 0x6, 0x8, 0xfffffffffffffffe, 0x4f3, 0x4], [0x2, 0x0, 0x8, 0x100, 0x0, 0x1, 0x8, 0x75, 0xf8ed, 0xdcb, 0xd40, 0x8, 0xfffffffffffffe00, 0x1, 0x0, 0x84], [0x7, 0x0, 0x5, 0x8001, 0x4, 0x401, 0x2000000000000, 0xfff, 0x100, 0xffffffff, 0x4, 0x5, 0x1ff, 0x2, 0x7fff, 0x3]}})
ioctl$KVM_GET_SREGS(r1, 0x8000ae83, &(0x7f0000000400)) (async)
ioctl$KVM_GET_SREGS(r1, 0x8000ae83, &(0x7f0000000400))
close(0xffffffffffffffff)
ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f0000000540)={0x7, 0x5})
r2 = ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000580)={0x7})
ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x5)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r2, 0x4068aea3, &(0x7f00000005c0)={0xa8, 0x0, 0x1})
r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000a00)={0x0, &(0x7f0000000640)=[@eret={0xe6, 0x18, 0x5}, @irq_setup={0x46, 0x18, {0x3, 0x1a8}}, @irq_setup={0x46, 0x18, {0x2, 0x131}}, @msr={0x14, 0x20, {0x603000000013e703, 0x800}}, @irq_setup={0x46, 0x18, {0x2, 0x105}}, @irq_setup={0x46, 0x18, {0x0, 0x5d}}, @code={0xa, 0x6c, {"00fd83d20000b0f2410180d2420180d2630180d2640080d2020000d400a0e00d007008d5007008d50018200e008008d5007008d5007008d50000251e20a29dd200e0b8f2810180d2020180d2e30080d2c40180d2020000d4"}}, @eret={0xe6, 0x18}, @code={0xa, 0x6c, {"000008d50000211e007008d5000008d5a0fc93d200c0b0f2e10180d2620180d2430180d2240180d2020000d400cc9dd20060b0f2210080d2220180d2630080d2840180d2020000d4000028d5008008d50074202e00e4002f"}}, @uexit={0x0, 0x18}, @irq_setup={0x46, 0x18, {0x4, 0x312}}, @svc={0x122, 0x40, {0x84000051, [0x2, 0x2, 0x6, 0x5, 0x7]}}, @smc={0x1e, 0x40, {0x8000, [0x8, 0x4, 0x65d, 0x13, 0xb77c]}}, @smc={0x1e, 0x40, {0x84000007, [0x1, 0x6, 0x8000000000000001, 0x3c36, 0x800]}}, @svc={0x122, 0x40, {0x84000002, [0x5, 0x1, 0xfff, 0x0, 0x6]}}, @uexit={0x0, 0x18, 0xac}, @its_send_cmd={0xaa, 0x28, {0x0, 0x1, 0x1, 0xe, 0x9, 0x5, 0x2}}, @irq_setup={0x46, 0x18, {0x3, 0x2de}}, @svc={0x122, 0x40, {0x84000009, [0x40, 0xf, 0x4, 0x9, 0x2]}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x4, 0x8, 0x1ff, 0x0, 0x3}}, @eret={0xe6, 0x18, 0x80000000}], 0x390}, &(0x7f0000000a40)=[@featur2={0x1, 0x12}], 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r3, 0xc040aed5, &(0x7f0000000a80)={0xf000, 0x11000})
ioctl$KVM_GET_SREGS(r0, 0x8000ae83, &(0x7f0000000ac0))
syz_kvm_vgic_v3_setup(r2, 0x1, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) (async)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x3000)=nil, r4, 0x2000000, 0x10, r3, 0x0) (async)
r5 = mmap$KVM_VCPU(&(0x7f0000ffc000/0x3000)=nil, r4, 0x2000000, 0x10, r3, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x2)
ioctl$KVM_ARM_PREFERRED_TARGET(r1, 0x8020aeaf, &(0x7f0000000c00))
ioctl$KVM_HAS_DEVICE_ATTR_vm(r2, 0x4018aee3, &(0x7f0000000c80)=@attr_other={0x0, 0x5, 0x2, &(0x7f0000000c40)=0x2c2e000000})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000cc0)="5ed83c3680f70dc63f790cb5a487d15d958a47742c0c57bd5fdc57b06363f9a0fab90e55b7b731ce185de9bae765675bcf5150d25e1a5fdeb02455037a0832ca1e953329b2d87f7c", 0x0, 0x48)
ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000000d40)={0x672, 0x90f}) (async)
ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000000d40)={0x672, 0x90f})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) (async)
r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
close(r6)
r7 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x11)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r7, 0x4068aea3, &(0x7f0000000d80))
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2a) (async)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2a)

8m8.493127393s ago: executing program 3 (id=237):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r2})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000080)={0x4, 0x80a0000, 0x4, r2})
ioctl$KVM_RESET_DIRTY_RINGS(r1, 0xaec7)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)

8m8.255558298s ago: executing program 2 (id=238):
r0 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r2, 0x4068aea3, &(0x7f0000000180))
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x24)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r6 = syz_kvm_vgic_v3_setup(r4, 0x3, 0xa0)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x6, 0x4, &(0x7f0000000000)=0x4})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x100000c, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r2, 0x4068aea3, &(0x7f0000000180)) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x24) (async)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r4, 0x3, 0xa0) (async)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x6, 0x4, &(0x7f0000000000)=0x4}) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x100000c, 0x4d832, 0xffffffffffffffff, 0x0) (async)

7m57.745610802s ago: executing program 2 (id=239):
openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
r5 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r5}) (async)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616}) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000180)={0x5000})
r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)
r7 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@mrs={0xbe, 0x18, {0x603000000013df40}}], 0x18}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000140)=@attr_pmu_init) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async)
r9 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x0, 0x3, 0x12, r8, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r9, 0xffffffffffffffff) (async)
ioctl$KVM_GET_STATS_FD_cpu(r6, 0xaece)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) (async)
r10 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x440000000000a)
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000280)={0x0, &(0x7f0000000680)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x44, 0x8000, 0x5}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x3, 0x10, 0x10, 0x8, 0x4}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x3b2}}, @irq_setup={0x46, 0x18, {0x5, 0x223}}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x4}}, @eret={0xe6, 0x18}, @uexit={0x0, 0x18}, @its_setup={0x82, 0x28, {0x2, 0x4, 0xaa}}, @hvc={0x32, 0x40, {0xc4000005, [0x5, 0xff, 0x1, 0x1000, 0x1000]}}, @mrs={0xbe, 0x18, {0x6030000000131a01}}, @eret={0xe6, 0x18, 0x401}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x14, 0x8000000000000001, 0xd}}, @smc={0x1e, 0x40, {0x84008066, [0x100000000, 0x8, 0xf, 0x7, 0xdd]}}, @mrs={0xbe, 0x18, {0x603000000013c00e}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x1, 0x1, 0x82000000, 0x3, 0x3}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0xb2}}, @irq_setup={0x46, 0x18, {0x0, 0x1de}}, @irq_setup={0x46, 0x18, {0x3, 0x2c3}}, @msr={0x14, 0x20, {0x603000000013e304, 0x4}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x29d}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xf39a8fcc33ab54fa, 0x8d6, 0x6}}, @uexit={0x0, 0x18, 0x53}, @code={0xa, 0x84, {"602f89d20080b0f2a10180d2e20180d2a30180d2240080d2020000d4000028d50028210e008008d50000df0c0000003c008008d5204f9dd200e0b0f2210180d2620180d2030180d2840180d2020000d4007008d5204e93d200a0b8f2c10080d2a20180d2830080d2440180d2020000d4"}}, @eret={0xe6, 0x18, 0x6}, @irq_setup={0x46, 0x18, {0x4, 0xc3}}], 0x3d4}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r10, 0x1, 0x100) (async)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r11, 0xae03, 0x1e) (async)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, <r12=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})

7m56.450824018s ago: executing program 3 (id=240):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2, 0x23ac5f9b426ec4b1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0xdc032, 0xffffffffffffffff, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_ARM_VCPU_FINALIZE(r2, 0x4004aec2, &(0x7f0000000000)=0x4)

7m49.615152777s ago: executing program 2 (id=241):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x1, r2, 0x2})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x2, r2, 0x3})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc4, 0x0, r2})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
r6 = ioctl$KVM_CREATE_VM(r5, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0x8004b709, 0x0)

7m48.622671121s ago: executing program 3 (id=242):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x3, 0xa0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x8, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0xfffffffffffffffd, 0x5}}], 0x28}, 0x0, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000140), 0x40480, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000180)={0x0, &(0x7f00000003c0)=[@hvc={0x32, 0x40, {0x86000001, [0xc, 0x5, 0x2, 0x0, 0x52]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
syz_kvm_vgic_v3_setup(r7, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, <r14=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r15 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r15, 0x4008ae6a, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000000000000000000002000000ff"])

7m40.656883918s ago: executing program 2 (id=243):
r0 = eventfd2(0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3e)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0xffffffffffffff41, 0xeeee8000, 0x2, r0, 0x6})
r2 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x20000000)

7m35.568916573s ago: executing program 3 (id=244):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2c)
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31) (async)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000ab9000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x603000000010001a, 0x0})
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) (async)
r12 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_RUN(r13, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async)
r14 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r15, 0x4010aeac, &(0x7f0000000040)=@arm64_bitmap={0x6030000000160000, &(0x7f0000000000)=0xe})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, &(0x7f00000000c0)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0}) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, &(0x7f00000000c0)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0})
ioctl$KVM_CREATE_DEVICE(r3, 0xc018aec0, &(0x7f00000000c0)={0x1})
r16 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1a)
r17 = ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r17, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r17, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x9}) (async)
ioctl$KVM_SET_ONE_REG(r17, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x9})

7m32.345707912s ago: executing program 2 (id=245):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1e)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, <r8=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r8, 0x400454cd, 0x1)
r9 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013e641, 0x0})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8000ae83, &(0x7f0000000340))
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x18b080, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xc0189436, 0x20004000)
r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
syz_kvm_vgic_v3_setup(r13, 0x4, 0x3a0)
ioctl$KVM_RUN(r15, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3)
r16 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27)
syz_kvm_setup_syzos_vm$arm64(r16, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000200)={0x1fd, 0x2, 0x8000000, 0x1000, &(0x7f0000d3b000/0x1000)=nil})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x100000c, 0x4d832, 0xffffffffffffffff, 0x0)

6m49.719817471s ago: executing program 34 (id=244):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2c)
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31) (async)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000ab9000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x603000000010001a, 0x0})
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) (async)
r12 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_RUN(r13, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async)
r14 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r15, 0x4010aeac, &(0x7f0000000040)=@arm64_bitmap={0x6030000000160000, &(0x7f0000000000)=0xe})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, &(0x7f00000000c0)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0}) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, &(0x7f00000000c0)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0})
ioctl$KVM_CREATE_DEVICE(r3, 0xc018aec0, &(0x7f00000000c0)={0x1})
r16 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1a)
r17 = ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r17, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r17, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x9}) (async)
ioctl$KVM_SET_ONE_REG(r17, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x9})

6m45.35444877s ago: executing program 35 (id=245):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1e)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, <r8=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r8, 0x400454cd, 0x1)
r9 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013e641, 0x0})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8000ae83, &(0x7f0000000340))
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x18b080, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xc0189436, 0x20004000)
r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
syz_kvm_vgic_v3_setup(r13, 0x4, 0x3a0)
ioctl$KVM_RUN(r15, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3)
r16 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27)
syz_kvm_setup_syzos_vm$arm64(r16, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000200)={0x1fd, 0x2, 0x8000000, 0x1000, &(0x7f0000d3b000/0x1000)=nil})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x100000c, 0x4d832, 0xffffffffffffffff, 0x0)

46.382313727s ago: executing program 4 (id=246):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000000), 0x2}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

34.694687075s ago: executing program 5 (id=247):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
r4 = eventfd2(0xd, 0x1)
close(r4)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
write$eventfd(r4, 0x0, 0x500) (async, rerun: 64)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async, rerun: 64)
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, 0x0}) (async, rerun: 64)
r10 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (rerun: 64)
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) (async)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) (async)
r15 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r14, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x1, r15, 0x2}) (async, rerun: 32)
ioctl$KVM_IOEVENTFD(r14, 0x4040ae79, &(0x7f0000000040)={0x4, 0xd000, 0x8, r15, 0xa}) (async, rerun: 32)
ioctl$KVM_IOEVENTFD(r14, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x2, r15, 0x7ffffffe}) (async)
r16 = eventfd2(0x0, 0x0)
close(r16)

0s ago: executing program 36 (id=246):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000000), 0x2}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

[  397.526868][ T3151] 8021q: adding VLAN 0 to HW filter on device bond0
[  434.110109][ T3151] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:27894' (ED25519) to the list of known hosts.
[  620.376458][   T25] audit: type=1400 audit(619.590:61): avc:  denied  { name_bind } for  pid=3309 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  622.335554][   T25] audit: type=1400 audit(621.540:62): avc:  denied  { execute } for  pid=3310 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  622.367722][   T25] audit: type=1400 audit(621.590:63): avc:  denied  { execute_no_trans } for  pid=3310 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  647.752322][   T25] audit: type=1400 audit(646.980:64): avc:  denied  { mounton } for  pid=3310 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  647.790462][   T25] audit: type=1400 audit(647.010:65): avc:  denied  { mount } for  pid=3310 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  647.874506][ T3310] cgroup: Unknown subsys name 'net'
[  647.928655][   T25] audit: type=1400 audit(647.160:66): avc:  denied  { unmount } for  pid=3310 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  648.314014][ T3310] cgroup: Unknown subsys name 'cpuset'
[  648.420329][ T3310] cgroup: Unknown subsys name 'rlimit'
[  649.372237][   T25] audit: type=1400 audit(648.600:67): avc:  denied  { setattr } for  pid=3310 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  649.391177][   T25] audit: type=1400 audit(648.620:68): avc:  denied  { mounton } for  pid=3310 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  649.419430][   T25] audit: type=1400 audit(648.640:69): avc:  denied  { mount } for  pid=3310 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  650.663069][ T3314] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  650.686594][   T25] audit: type=1400 audit(649.910:70): avc:  denied  { relabelto } for  pid=3314 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  650.711893][   T25] audit: type=1400 audit(649.930:71): avc:  denied  { write } for  pid=3314 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  650.907288][   T25] audit: type=1400 audit(650.130:72): avc:  denied  { read } for  pid=3310 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  650.921950][   T25] audit: type=1400 audit(650.150:73): avc:  denied  { open } for  pid=3310 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  650.971792][ T3310] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  702.559991][   T25] audit: type=1400 audit(701.790:74): avc:  denied  { execmem } for  pid=3315 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  708.220723][   T25] audit: type=1400 audit(707.450:75): avc:  denied  { read } for  pid=3317 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  708.242517][   T25] audit: type=1400 audit(707.470:76): avc:  denied  { open } for  pid=3317 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  708.340440][   T25] audit: type=1400 audit(707.570:77): avc:  denied  { mounton } for  pid=3317 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  708.590213][   T25] audit: type=1400 audit(707.820:79): avc:  denied  { module_request } for  pid=3317 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  708.624749][   T25] audit: type=1400 audit(707.810:78): avc:  denied  { module_request } for  pid=3318 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  709.752142][   T25] audit: type=1400 audit(708.970:80): avc:  denied  { sys_module } for  pid=3317 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  734.651515][ T3318] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  735.054721][ T3318] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  735.379107][ T3317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  736.031330][ T3317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  748.638641][ T3318] hsr_slave_0: entered promiscuous mode
[  748.680201][ T3318] hsr_slave_1: entered promiscuous mode
[  749.882068][ T3317] hsr_slave_0: entered promiscuous mode
[  749.958942][ T3317] hsr_slave_1: entered promiscuous mode
[  749.997784][ T3317] debugfs: 'hsr0' already exists in 'hsr'
[  750.015298][ T3317] Cannot create hsr debugfs directory
[  755.325894][   T25] audit: type=1400 audit(754.550:81): avc:  denied  { create } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  755.378040][   T25] audit: type=1400 audit(754.610:82): avc:  denied  { write } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  755.415013][   T25] audit: type=1400 audit(754.630:83): avc:  denied  { read } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  755.579242][ T3318] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  756.017601][ T3318] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  756.301795][ T3318] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  756.756048][ T3318] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  759.405201][ T3317] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  759.621371][ T3317] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  759.847323][ T3317] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  760.095873][ T3317] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  777.711541][ T3318] 8021q: adding VLAN 0 to HW filter on device bond0
[  779.940086][ T3317] 8021q: adding VLAN 0 to HW filter on device bond0
[  838.093829][ T3318] veth0_vlan: entered promiscuous mode
[  838.836709][ T3318] veth1_vlan: entered promiscuous mode
[  840.876333][ T3317] veth0_vlan: entered promiscuous mode
[  840.998478][ T3318] veth0_macvtap: entered promiscuous mode
[  841.332185][ T3318] veth1_macvtap: entered promiscuous mode
[  841.551766][ T3317] veth1_vlan: entered promiscuous mode
[  844.121970][   T51] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  844.267656][   T51] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  844.271648][   T51] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  844.291041][   T51] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  844.436676][ T3317] veth0_macvtap: entered promiscuous mode
[  844.866691][ T3317] veth1_macvtap: entered promiscuous mode
[  846.649527][   T25] audit: type=1400 audit(845.880:84): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  846.867643][   T25] audit: type=1400 audit(846.060:85): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.gGO6oq/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  847.236279][   T25] audit: type=1400 audit(846.460:86): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  847.582026][   T25] audit: type=1400 audit(846.810:87): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.gGO6oq/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  847.692423][   T25] audit: type=1400 audit(846.920:88): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.gGO6oq/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3780 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  847.769372][ T3396] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  847.774633][ T3396] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  847.818541][ T3396] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  847.824780][ T3396] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  848.241957][   T25] audit: type=1400 audit(847.470:89): avc:  denied  { unmount } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  848.466419][   T25] audit: type=1400 audit(847.670:90): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  848.654776][   T25] audit: type=1400 audit(847.850:91): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="gadgetfs" ino=3791 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  848.949590][   T25] audit: type=1400 audit(848.180:92): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  849.079363][   T25] audit: type=1400 audit(848.310:93): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  850.630339][ T3318] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  859.856009][   T25] kauditd_printk_skb: 4 callbacks suppressed
[  859.866652][   T25] audit: type=1400 audit(859.070:98): avc:  denied  { read } for  pid=3471 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  859.909102][   T25] audit: type=1400 audit(859.140:99): avc:  denied  { open } for  pid=3471 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  860.281516][   T25] audit: type=1400 audit(859.510:100): avc:  denied  { ioctl } for  pid=3471 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  863.540575][   T25] audit: type=1400 audit(862.770:101): avc:  denied  { execute } for  pid=3473 comm="syz.1.2" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3879 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  870.540056][   T25] audit: type=1400 audit(869.720:102): avc:  denied  { write } for  pid=3481 comm="syz.1.4" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  870.646241][   T25] audit: type=1400 audit(869.870:103): avc:  denied  { map } for  pid=3481 comm="syz.1.4" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  875.669510][   T25] audit: type=1400 audit(874.900:104): avc:  denied  { append } for  pid=3484 comm="syz.1.5" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  919.794711][   T25] audit: type=1400 audit(919.000:105): avc:  denied  { setattr } for  pid=3510 comm="syz.0.13" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1174.367897][ T3666] kvm [3666]: Failed to find VMA for hva 0x20c01000
[ 1319.201217][ T3765] kvm [3765]: Failed to find VMA for hva 0x21016000
[ 1567.501124][ T3869] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1567.816773][ T3869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1570.738115][ T3871] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1570.976335][ T3871] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1591.777660][ T3869] hsr_slave_0: entered promiscuous mode
[ 1591.818646][ T3869] hsr_slave_1: entered promiscuous mode
[ 1591.896428][ T3869] debugfs: 'hsr0' already exists in 'hsr'
[ 1591.910674][ T3869] Cannot create hsr debugfs directory
[ 1595.137959][ T3871] hsr_slave_0: entered promiscuous mode
[ 1595.178824][ T3871] hsr_slave_1: entered promiscuous mode
[ 1595.224945][ T3871] debugfs: 'hsr0' already exists in 'hsr'
[ 1595.227985][ T3871] Cannot create hsr debugfs directory
[ 1618.047779][ T3454] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1619.096069][ T3454] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1620.117408][ T3454] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1620.496548][ T3869] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1620.992103][ T3869] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1621.790000][ T3454] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1622.015293][ T3869] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1622.388009][ T3869] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1636.519936][ T3454] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1636.621587][ T3454] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1636.717066][ T3454] bond0 (unregistering): Released all slaves
[ 1637.270964][ T3871] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1637.672245][ T3871] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1637.951955][ T3871] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1638.435469][ T3454] hsr_slave_0: left promiscuous mode
[ 1638.484835][ T3454] hsr_slave_1: left promiscuous mode
[ 1639.184677][ T3454] veth1_macvtap: left promiscuous mode
[ 1639.197987][ T3454] veth0_macvtap: left promiscuous mode
[ 1639.209369][ T3454] veth1_vlan: left promiscuous mode
[ 1639.226810][ T3454] veth0_vlan: left promiscuous mode
[ 1654.130757][ T3871] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1659.745355][ T3771] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1661.332628][ T3771] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1663.036576][ T3771] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1664.278568][ T3771] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1685.735329][ T3771] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1686.147426][ T3771] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1686.319927][ T3771] bond0 (unregistering): Released all slaves
[ 1688.985450][ T3771] hsr_slave_0: left promiscuous mode
[ 1689.288341][ T3771] hsr_slave_1: left promiscuous mode
[ 1690.027562][ T3771] veth1_macvtap: left promiscuous mode
[ 1690.060761][ T3771] veth0_macvtap: left promiscuous mode
[ 1690.079773][ T3771] veth1_vlan: left promiscuous mode
[ 1690.091771][ T3771] veth0_vlan: left promiscuous mode
[ 1704.532295][ T3869] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1709.901662][ T3871] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1800.733635][ T3869] veth0_vlan: entered promiscuous mode
[ 1801.679308][ T3869] veth1_vlan: entered promiscuous mode
[ 1804.826927][ T3869] veth0_macvtap: entered promiscuous mode
[ 1805.948190][ T3869] veth1_macvtap: entered promiscuous mode
[ 1807.516078][ T3871] veth0_vlan: entered promiscuous mode
[ 1809.340218][ T3871] veth1_vlan: entered promiscuous mode
[ 1810.885486][   T21] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1810.916816][   T21] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1810.934743][   T21] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1810.949763][   T21] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1814.096346][ T3871] veth0_macvtap: entered promiscuous mode
[ 1814.815623][ T3871] veth1_macvtap: entered promiscuous mode
[ 1818.336439][ T3939] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1818.347387][ T3939] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1818.359974][ T3939] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1818.532292][ T3939] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2025.146304][   T25] audit: type=1400 audit(2024.350:106): avc:  denied  { execute } for  pid=4201 comm="syz.2.147" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2421.925762][ T4453] kvm [4451]: Unsupported guest access at: eeef0000
[ 2421.925762][ T4453]  { Op0( 2), Op1( 0), CRn( 0), CRm( 0), Op2( 2), func_write },
[ 2756.679332][ T4588] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2757.027121][ T4588] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2766.167604][ T4591] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2766.538592][ T4591] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2792.361421][ T4588] hsr_slave_0: entered promiscuous mode
[ 2792.479890][ T4588] hsr_slave_1: entered promiscuous mode
[ 2804.320129][ T4591] hsr_slave_0: entered promiscuous mode
[ 2804.401913][ T4591] hsr_slave_1: entered promiscuous mode
[ 2804.490665][ T4591] debugfs: 'hsr0' already exists in 'hsr'
[ 2804.504546][ T4591] Cannot create hsr debugfs directory
[ 2819.654351][ T4588] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2820.874288][ T4588] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2821.172586][ T4588] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2822.496110][ T4588] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2832.238311][ T4591] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2832.681876][ T4591] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2833.070035][ T4591] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2833.545938][ T4591] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2856.269057][ T4588] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2864.218353][ T4591] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3011.813705][ T4588] veth0_vlan: entered promiscuous mode
[ 3012.927623][ T4588] veth1_vlan: entered promiscuous mode
[ 3016.736470][ T4588] veth0_macvtap: entered promiscuous mode
[ 3017.387505][ T4588] veth1_macvtap: entered promiscuous mode
[ 3022.096117][ T3396] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3022.162588][   T21] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3022.227507][   T21] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3022.272724][   T21] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3023.937382][ T4591] veth0_vlan: entered promiscuous mode
[ 3026.368907][ T4591] veth1_vlan: entered promiscuous mode
[ 3030.858176][ T4591] veth0_macvtap: entered promiscuous mode
[ 3031.408065][ T4591] veth1_macvtap: entered promiscuous mode
[ 3035.517649][ T4684] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3035.524758][ T4684] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3035.537943][ T4684] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3035.538821][ T4684] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3084.140952][   T27] INFO: task syz.2.245:4581 blocked for more than 430 seconds.
[ 3084.239662][   T27]       Not tainted syzkaller #0
[ 3084.248735][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 3084.249331][   T27] task:syz.2.245       state:D stack:0     pid:4581  tgid:4581  ppid:3869   task_flags:0x400040 flags:0x00000019
[ 3084.250814][   T27] Call trace:
[ 3084.251321][   T27]  __switch_to+0x584/0xb20 (T)
[ 3084.324513][   T27]  __schedule+0x1eec/0x33a4
[ 3084.328307][   T27]  schedule+0xac/0x27c
[ 3084.338379][   T27]  schedule_timeout+0x5c/0x1e4
[ 3084.347180][   T27]  do_wait_for_common+0x28c/0x444
[ 3084.368002][   T27]  wait_for_completion+0x44/0x5c
[ 3084.384162][   T27]  __synchronize_srcu+0x2a4/0x320
[ 3084.384995][   T27]  synchronize_srcu+0x3cc/0x4f0
[ 3084.385531][   T27]  mmu_notifier_unregister+0x320/0x42c
[ 3084.386056][   T27]  kvm_put_kvm+0x6a0/0xfa8
[ 3084.386501][   T27]  kvm_vm_release+0x58/0x78
[ 3084.386966][   T27]  __fput+0x4ac/0x980
[ 3084.387448][   T27]  ____fput+0x20/0x58
[ 3084.387893][   T27]  task_work_run+0x1bc/0x254
[ 3084.388314][   T27]  do_notify_resume+0x1bc/0x270
[ 3084.388791][   T27]  el0_svc+0xb8/0x164
[ 3084.389210][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 3084.389655][   T27]  el0t_64_sync+0x198/0x19c
[ 3084.391261][   T27] 
[ 3084.391261][   T27] Showing all locks held in the system:
[ 3084.391776][   T27] 1 lock held by khungtaskd/27:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 3084.392154][   T27]  #0: ffff800087806858 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[ 3084.517646][   T27] 2 locks held by kworker/u4:2/35:
[ 3084.518172][   T27] 2 locks held by getty/3179:
[ 3084.518554][   T27]  #0: fbf0000011c468a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 3084.520270][   T27]  #1: 0cff80008c54b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8
[ 3084.521920][   T27] 2 locks held by syz-executor/3310:
[ 3084.522244][   T27] 3 locks held by kworker/u4:4/3363:
[ 3084.522602][   T27] 3 locks held by kworker/u4:6/3939:
[ 3084.589633][   T27] 2 locks held by syz.3.244/4580:
[ 3084.596373][   T27] 3 locks held by kworker/u4:11/4690:
[ 3084.605998][   T27] 3 locks held by kworker/u4:12/4698:
[ 3084.606633][   T27] 2 locks held by syz-executor/4766:
[ 3084.607186][   T27] 
[ 3084.607497][   T27] =============================================
[ 3084.607497][   T27] 
[ 3084.608334][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[ 3084.614599][   T27] CPU: 0 UID: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT 
[ 3084.617941][   T27] Hardware name: linux,dummy-virt (DT)
[ 3084.618867][   T27] Call trace:
[ 3084.619748][   T27]  show_stack+0x2c/0x3c (C)
[ 3084.620773][   T27]  __dump_stack+0x30/0x40
[ 3084.621652][   T27]  dump_stack_lvl+0x30/0x12c
[ 3084.622551][   T27]  dump_stack+0x1c/0x28
[ 3084.623370][   T27]  vpanic+0x22c/0x59c
[ 3084.624197][   T27]  vpanic+0x0/0x59c
[ 3084.625043][   T27]  hung_task_panic+0x0/0x2c
[ 3084.625890][   T27]  kthread+0x794/0x9a0
[ 3084.626751][   T27]  ret_from_fork+0x10/0x20
[ 3084.628671][   T27] Kernel Offset: disabled
[ 3084.629434][   T27] CPU features: 0x000000,0001a300,5f7c67c1,057ffe1f
[ 3084.630560][   T27] Memory Limit: none
[ 3084.632862][   T27] Rebooting in 86400 seconds..

VM DIAGNOSIS:
06:25:26  Registers:
info registers vcpu 0

CPU#0
 PC=ffff80008656ede8 X00=0000000000000000 X01=0000000000000000
X02=0000000000000001 X03=ffff80008045cfc0 X04=0000000000000001
X05=0000000000000001 X06=0000000000000000 X07=ffff800081993aec
X08=00000000000000ad X09=efff800000000000 X10=0000000000000019
X11=93f000001e07ee08 X12=fffe800001982720 X13=0000000000000028
X14=0000000000002000 X15=00000000d86948a6 X16=00000000f70051da
X17=000000000ddb8f8a X18=00000000f7147af1 X19=efff800000000000
X20=adf000000cc38000 X21=0000000000000001 X22=adf000000cc38060
X23=0000000000000008 X24=0000000000000001 X25=0000000000000000
X26=ffff800087686570 X27=00000000000000c0 X28=0000000000000000
X29=ffff800080007a50 X30=ffff800080453b4c  SP=ffff800080007980
PSTATE=804020c9 N--- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=0000000000000000:0000000000000000 Z01=0000000000000000:0000000000000000
Z02=0000000000000000:0000000000000000 Z03=0000000000000000:0000000000000000
Z04=0000000000000000:0000000000000000 Z05=0000000000000000:0000000000000000
Z06=0000000000000000:0000000000000000 Z07=0000000000000000:0000000000000000
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000000000000000:0000000000000000 Z17=0000000000000000:0000000000000000
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000