last executing test programs:

2h34m12.150574264s ago: executing program 1 (id=2):
eventfd2(0x0, 0x0)

2h33m55.636962297s ago: executing program 1 (id=3):
mmap(&(0x7efffffff000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x1000000)=nil, 0x1000000, 0x7, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0001000000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0)

55m47.139486657s ago: executing program 32 (id=1317):
r0 = eventfd2(0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000004000/0x4000)=nil, 0x930, 0x0, 0x11, r0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
eventfd2(0xfffffffa, 0x800)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000140)={0x80, 0x2, 0x2})
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000180)={0x10000, 0x4000})
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000001c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0x0)
r7 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x48202, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r10, r11, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f0000000100)=@arm64_fp={0x60400000001001a4, 0x0})
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x33)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r14, 0x4018aee3, &(0x7f0000000100)=@attr_pmu_irq={0x0, 0x0, 0x0, 0x0})

55m38.046633933s ago: executing program 33 (id=1319):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x240, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000000100)={0x5, 0x0, &(0x7f0000d99000/0x4000)=nil})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x50, 0x6243, 0x5}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x1, 0x100)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x6832, 0xffffffffffffffff, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r9, 0x4018aee3, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0x80111500, 0x20000000)
write$eventfd(r11, &(0x7f0000000000), 0xfffffdef)
munmap(&(0x7f0000008000/0x1000)=nil, 0x200000)
r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1)
ioctl$KVM_IRQ_LINE(r8, 0x4008ae61, &(0x7f0000000000)={0x0, 0x2})
ioctl$KVM_IRQ_LINE_STATUS(r12, 0xc008ae67, &(0x7f0000000040)={0x10100, 0x10001})

49m26.787168011s ago: executing program 4 (id=1332):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x17)
ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f0000000000)={0x10004, 0x0, &(0x7f0000f1e000/0x4000)=nil})
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x0, 0x200000000000001}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x2, 0x9}}], 0x50}, 0x0, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, &(0x7f0000000240)=[@irq_setup={0x5, 0x18}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r11, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105})
ioctl$KVM_RUN(r11, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r12=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

49m9.91952508s ago: executing program 4 (id=1334):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21)
eventfd2(0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0)
r4 = openat$kvm(0x7000000, &(0x7f0000000040), 0x4c4882, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0x40086602, 0x110e227ffe)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
eventfd2(0xfffffffa, 0x80001)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, 0x0, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0x40086602, 0x110e227ffe)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)

48m56.894357042s ago: executing program 4 (id=1336):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
r3 = eventfd2(0x9, 0x801) (async)
r4 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f00000001c0)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1) (async)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)}) (async)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000000)=0xc000000000000000}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) (async)
r7 = eventfd2(0x0, 0x800)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000000c0)={r3, 0x8, 0x3, r7}) (async)
r8 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138010, 0x8000}}, @msr={0x14, 0x20, {0x6030000000138012, 0x8000}}, @msr={0x14, 0x20, {0x6030000000138004, 0x8000}}, @msr={0x14, 0x20, {0x603000000013800c, 0x8000}}, @msr={0x14, 0x20, {0x6030000000138014, 0x8000}}, @msr={0x14, 0x20, {0x603000000013801c, 0x8000}}, @msr={0x14, 0x20, {0x6030000000138024, 0x8000}}, @msr={0x14, 0x20, {0x603000000013802c, 0x8000}}, @msr={0x14, 0x20, {0x6030000000138005, 0x8000}}, @msr={0x14, 0x20, {0x603000000013800d, 0x8000}}], 0x140}, 0x0, 0x0) (async)
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r9, 0x3, 0x11, r8, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
syz_kvm_assert_syzos_uexit$arm64(r10, 0xffffffffffffffff)
syz_kvm_assert_reg(r8, 0x6030000000138010, 0x8000) (async)
syz_kvm_assert_reg(r8, 0x6030000000138012, 0x8000) (async)
syz_kvm_assert_reg(r8, 0x6030000000138004, 0x8000) (async)
syz_kvm_assert_reg(r8, 0x603000000013800c, 0x8000)
syz_kvm_assert_reg(r8, 0x6030000000138014, 0x8000) (async)
syz_kvm_assert_reg(r8, 0x603000000013801c, 0x8000)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r12, r13, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)

48m54.588486s ago: executing program 3 (id=1337):
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000040)=@arm64_fw={0x6030000000140000, &(0x7f0000000000)=0x10002})
ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, &(0x7f00000001c0)={0x8, [0x0, 0x7941, 0x67, 0x7, 0xba, 0x99, 0x4, 0x8]})
r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f00000000c0)=@arm64_core={0x603000000010004e, &(0x7f0000000080)=0x2})
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f0000000040)=@attr_arm64={0x0, 0x4, 0x5, &(0x7f0000000000)=0x100})
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000100)={0x40, 0x5})

48m44.348459289s ago: executing program 4 (id=1338):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
r4 = eventfd2(0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0xa, 0x4}})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r8, 0x4018aee3, &(0x7f0000000100)=@attr_pmu_init)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
close(r4)
openat$kvm(0xffffff9c, 0x0, 0x1a17f2, 0x1f01)
write$eventfd(r4, &(0x7f0000000180)=0x5, 0xfffffde3)
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)

48m40.071602116s ago: executing program 3 (id=1339):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x83, 0x8000, 0x2, 0x0, 0xffffffff, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

48m30.291376933s ago: executing program 4 (id=1340):
ioctl$KVM_DIRTY_TLB(0xffffffffffffffff, 0x4010aeaa, &(0x7f0000000000)={0xc, 0x4})
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x40402, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x7)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x18)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1f)

48m28.722982667s ago: executing program 3 (id=1341):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x10000000102a)
r3 = syz_kvm_vgic_v3_setup(r2, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0xffffffff, 0x4, 0x0})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0xa0401, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, <r8=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r8, 0x4018aee3, &(0x7f00000001c0)=@attr_other={0x0, 0x1, 0x1, 0x0})
r9 = mmap$KVM_VCPU(&(0x7f0000f37000/0x3000)=nil, 0x0, 0x9, 0x40010, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000080)="9a2ec2a460fbcea9d9686f5ae1111e2664ea37d2058538886ea53f4094ff3b347f712cde7558cc2613fe1c5016cf96b7653da2a9b1f3dcf9a12d04ed5f063522a87e7ee336d64abe", 0x0, 0x48)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r13, 0x4040aea0, &(0x7f0000000000)=@x86={0x79, 0x2, 0xed, 0x0, 0x8, 0x3c, 0x6, 0x1, 0x2, 0x8, 0xfc, 0x40, 0x0, 0x0, 0x0, 0x1, 0x6, 0x6, 0x35, '\x00', 0x7, 0xde3e})
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x3)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0xf)
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r15, 0x4008ae6a, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000000000000fdffffff02000000010000ef00000000bb0e0000020000007f000000010800"/56])
r16 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000140)={0x0, &(0x7f0000000200)=[@code={0xa, 0x84, {"000028d5401695d20000b8f2610080d2220180d2e30080d2840180d2020000d40010204e40e789d20040b8f2210080d2c20180d2430080d2640080d2020000d460d693d20004201ea10080d2220080d2830180d2e40180d2020000d4000cc078000008d5000040b3008008d5001c004e"}}], 0xd6}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r16, 0x4018aee1, 0x0)
r17 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r18 = ioctl$KVM_CREATE_VM(r17, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r18, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_GET_DEVICE_ATTR_vm(r2, 0x4018aee2, &(0x7f0000000180)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x200, 0xfffffff5, 0x2}})

48m17.652222213s ago: executing program 4 (id=1342):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x2710, 0x2, 0x2000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r4 = openat$kvm(0x0, &(0x7f0000000180), 0x21ac00, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f00000000c0)=@arm64_fw={0x6030000000140001})
r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f00000011c0)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000140)=0xffff})

48m10.218474741s ago: executing program 3 (id=1343):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r2, 0x4068aea3, &(0x7f0000000180))
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x601, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000200)={0x1fd, 0x2, 0x8000000, 0x1000, &(0x7f0000c42000/0x1000)=nil})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r7, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, 0x0, 0x0, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000100)="4bead90a8a524c79f126541ba60686d7378e2f7235828bcf3fa4a80d5e3c6753e0fbf42973da38e59cd4b2dc174f7f7ed37dd8abc6a52715ea2d8a070028857f943eed4506eaf7a1", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x151400, 0x0)
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r9, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000280), 0x4acb42, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000180)={0x8, <r12=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r12, 0x4018aee3, &(0x7f00000000c0)=@attr_pmu_init)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r14, r15, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r15, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013c038, &(0x7f0000000200)=0x3})

47m30.84058659s ago: executing program 34 (id=1342):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x2710, 0x2, 0x2000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r4 = openat$kvm(0x0, &(0x7f0000000180), 0x21ac00, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f00000000c0)=@arm64_fw={0x6030000000140001})
r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f00000011c0)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000140)=0xffff})

47m29.63958935s ago: executing program 3 (id=1345):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0)

47m19.658470998s ago: executing program 3 (id=1346):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f0000000240)=[@code={0xa, 0x84, {"007008d50060000d008008d5201e8ad20060b8f2010080d2220080d2a30180d2040180d2020000d4008008d50058602e007008d5008008d5603880d200c0b0f2010180d2e20080d2a30180d2640180d2020000d4809e91d20020b0f2a10080d2820180d2a30080d2840080d2020000d4"}}], 0x84}, 0x0, 0x0)
r4 = syz_kvm_vgic_v3_setup(r1, 0x3, 0xa0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c85000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
syz_kvm_vgic_v3_setup(r6, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, <r9=>0xffffffffffffffff})
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x31)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000700)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000440)=@arm64_fp_extra={0x60200000001000d4, &(0x7f0000000200)=0x677})
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f00000007c0)=@arm64_core={0x6030000000100046, &(0x7f0000000780)=0x6e})
ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8000ae83, &(0x7f0000000300))
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x0, 0x9, &(0x7f0000000140)=0x80000000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r14 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x15)
ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000100)={0xb, <r15=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

46m32.220334843s ago: executing program 35 (id=1346):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f0000000240)=[@code={0xa, 0x84, {"007008d50060000d008008d5201e8ad20060b8f2010080d2220080d2a30180d2040180d2020000d4008008d50058602e007008d5008008d5603880d200c0b0f2010180d2e20080d2a30180d2640180d2020000d4809e91d20020b0f2a10080d2820180d2a30080d2840080d2020000d4"}}], 0x84}, 0x0, 0x0)
r4 = syz_kvm_vgic_v3_setup(r1, 0x3, 0xa0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c85000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
syz_kvm_vgic_v3_setup(r6, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, <r9=>0xffffffffffffffff})
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x31)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000700)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000440)=@arm64_fp_extra={0x60200000001000d4, &(0x7f0000000200)=0x677})
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f00000007c0)=@arm64_core={0x6030000000100046, &(0x7f0000000780)=0x6e})
ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8000ae83, &(0x7f0000000300))
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x0, 0x9, &(0x7f0000000140)=0x80000000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r14 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x15)
ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000100)={0xb, <r15=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

37m41.363080986s ago: executing program 6 (id=1368):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0x7, <r1=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x5, 0x0})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000bde000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r5=>0xffffffffffffffff})
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r8, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r8, 0x0)
r10 = eventfd2(0x0, 0x0)
close(r10)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
r11 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, 0x0, 0x0, 0x0)
write$eventfd(r10, &(0x7f0000000180)=0x5, 0xfffffde3)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, 0x0})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

37m34.954204968s ago: executing program 5 (id=1369):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f00000000c0), 0xc0083, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x11, r3, 0x0)
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138015, 0x8000}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x6, 0x40010, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
r5 = openat$kvm(0x0, &(0x7f0000000100), 0xc0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0xffffffffffffffff)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f2a000/0x4000)=nil, 0x930, 0xf, 0x32, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000bff000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, &(0x7f00000001c0)}, 0x0, 0x1b)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r6, 0x4068aea3, &(0x7f0000000000)={0xa8, 0x0, 0x1})
eventfd2(0x8, 0x1)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

37m21.510373843s ago: executing program 6 (id=1370):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x3, 0x1000, 0x0, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={0xffffffffffffffff, 0x9, 0x0, r0})
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

37m19.340587333s ago: executing program 5 (id=1371):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x5)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r0, 0x4068aea3, &(0x7f0000000000)={0xa8, 0x0, 0x1})
r1 = ioctl$KVM_GET_STATS_FD_vm(r0, 0xaece)
ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000080)={0xc0, 0x0, 0x12000})
ioctl$KVM_CAP_ARM_MTE(r1, 0x4068aea3, &(0x7f0000000100))
ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000180)={0x2, 0x0, [{0xfff, 0x5, 0x1, 0x0, @sint={0x8, 0x2}}, {0xc, 0x2, 0x1, 0x0, @msi={0x9, 0x3, 0x6, 0x4}}]})
ioctl$KVM_CAP_DIRTY_LOG_RING(r0, 0x4068aea3, &(0x7f0000000200)={0xc0, 0x0, 0x1000})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x1)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1a)
r3 = eventfd2(0x5, 0x0)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000280)={0x2, 0xffff1000, 0x4, r3})
syz_kvm_setup_cpu$arm64(r1, r1, &(0x7f0000bfd000/0x400000)=nil, &(0x7f00000005c0)=[{0x0, &(0x7f00000002c0)=[@irq_setup={0x46, 0x18, {0x0, 0x20c}}, @memwrite={0x6e, 0x30, @generic={0x4, 0x53f, 0xcade, 0xb}}, @code={0xa, 0x6c, {"00c8a02e006e80d200e0b8f2e10080d2820180d2230080d2240180d2020000d420d087d20060b0f2010180d2a20180d2e30180d2240180d2020000d4000008d50080600d000008d50058000e0018601e007008d5000c40bc"}}, @hvc={0x32, 0x40, {0x84000006, [0x80, 0x5, 0x12, 0x5, 0x8000000000000001]}}, @smc={0x1e, 0x40, {0x2000, [0x8001, 0x1, 0x7ff, 0x9, 0x7fffffff]}}, @mrs={0xbe, 0x18, {0x603000000013de96}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfffc, 0x5, 0x1}}, @irq_setup={0x46, 0x18, {0x4, 0x8d}}, @hvc={0x32, 0x40, {0x30000000, [0x80000000, 0x6, 0x7, 0x6, 0x2]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x200, 0x81, 0xc}}, @hvc={0x32, 0x40, {0x200, [0x2, 0x3, 0x7, 0x9, 0x80]}}, @uexit={0x0, 0x18, 0x8}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff0, 0x6, 0x9}}, @svc={0x122, 0x40, {0xc400000d, [0x6, 0x4, 0xffffffffffffa25a, 0xfffffffffffffff8, 0x6]}}], 0x2cc}], 0x1, 0x0, &(0x7f0000000600)=[@featur2={0x1, 0xa}], 0x1)
ioctl$KVM_CAP_PTP_KVM(r0, 0x4068aea3, &(0x7f0000000640))
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2a)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000006c0), 0x400002, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x3e)
syz_kvm_setup_cpu$arm64(r2, r1, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000dc0)=[{0x0, &(0x7f0000000700)=[@its_send_cmd={0xaa, 0x28, {0x2, 0x1, 0x3, 0x4, 0x9, 0x2, 0x3}}, @uexit={0x0, 0x18, 0x2}, @svc={0x122, 0x40, {0x8400000f, [0x5, 0x7fff, 0x1, 0x1, 0x5]}}, @memwrite={0x6e, 0x30, @generic={0x1, 0xe3e, 0x0, 0xb}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1800, 0x8, 0x9}}, @irq_setup={0x46, 0x18, {0x2, 0x313}}, @code={0xa, 0xb4, {"c0df9ad20020b0f2c10180d2a20080d2830080d2640080d2020000d4000010d500eb8dd20020b0f2810180d2820180d2230080d2640180d2020000d41f2003d5e0af95d20020b0f2e10080d2020180d2230180d2040080d2020000d420c082d20020b0f2e10080d2820080d2430080d2840180d2020000d4008008d5007008d5e0ac92d20040b8f2a10180d2220080d2e30080d2440180d2020000d4000000b4"}}, @hvc={0x32, 0x40, {0x40000000, [0x0, 0x0, 0x1, 0x1, 0x2]}}, @mrs={0xbe, 0x18, {0x6030000000139828}}, @msr={0x14, 0x20, {0x603000000013807d, 0x4}}, @mrs={0xbe, 0x18, {0x3a4b}}, @code={0xa, 0x9c, {"007008d580368fd20020b0f2e10180d2a20080d2e30080d2c40080d2020000d4007008d500082038007008d5008008d5a02d98d200e0b0f2610080d2a20080d2430080d2840080d2020000d40094002fa04196d20060b0f2a10180d2020080d2e30080d2240180d2020000d4e0c782d20060b0f2810180d2220180d2c30180d2240080d2020000d4"}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x62}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe8, 0x8000000000000000}}, @hvc={0x32, 0x40, {0xc4000005, [0x1, 0x80000001, 0x7083, 0x7, 0x553]}}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x167}}, @smc={0x1e, 0x40, {0x2000, [0x4, 0x1, 0x9, 0x100000000, 0x80]}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x16c}}, @hvc={0x32, 0x40, {0xc4000053, [0x10000, 0x2, 0x9c, 0x7ec]}}, @svc={0x122, 0x40, {0x0, [0x864, 0x1, 0x6, 0xe2d, 0x7f]}}, @uexit={0x0, 0x18, 0xd}, @smc={0x1e, 0x40, {0xc400000c, [0x7, 0x9, 0x6, 0x8000000000000000, 0x5]}}, @smc={0x1e, 0x40, {0x4000, [0x8, 0x286, 0x5, 0x0, 0x9]}}, @code={0xa, 0x6c, {"000028d500d8a07e008008d5007008d5000028d50000001300a39dd200a0b8f2410180d2c20080d2030080d2040180d2020000d4606185d20020b0f2a10080d2c20180d2430080d2240180d2020000d4007008d5002c207e"}}, @its_setup={0x82, 0x28, {0x3, 0x8, 0x1dc}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x334}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x0, 0xf, 0x5, 0x2, 0x4}}, @smc={0x1e, 0x40, {0xc4000004, [0xffff, 0x5, 0x5, 0x99f6, 0xa]}}, @code={0xa, 0x84, {"0000000a0054007f00c383d20060b0f2410080d2620080d2230180d2a40080d2020000d4000028d5002087d200a0b0f2410180d2820180d2030080d2e40080d2020000d4000028d540bd88d200a0b8f2410080d2e20080d2430180d2e40080d2020000d49f2003d5000028d5000008d5"}}], 0x6c0}], 0x1, 0x0, &(0x7f0000000e00)=[@featur1={0x1, 0x2}], 0x1)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000e40)={0x4000, 0x109000})
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r2, 0x4010ae74, &(0x7f0000000e80)={0x8, 0x81, 0x5})
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r2, 0x4068aea3, &(0x7f0000000ec0))
ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000f40)={0x3, 0x4})
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x38)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r6, 0x4068aea3, &(0x7f0000000f80)={0xe4, 0x0, 0x3a})
syz_kvm_setup_cpu$arm64(r2, r1, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000001500)=[{0x0, &(0x7f0000001000)=[@eret={0xe6, 0x18, 0x4}, @svc={0x122, 0x40, {0x5000000, [0x1, 0x6, 0x7, 0xffffffffffffad0f, 0x7f]}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x0, 0x10, 0xfffffffe, 0x0, 0x1}}, @irq_setup={0x46, 0x18, {0x4, 0x11f}}, @uexit={0x0, 0x18, 0x13}, @eret={0xe6, 0x18, 0x3}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x40, 0x7, 0x9}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x3bd}}, @hvc={0x32, 0x40, {0xffff, [0x9, 0x9, 0x3306, 0x800, 0x6]}}, @mrs={0xbe, 0x18, {0x603000000013c609}}, @eret={0xe6, 0x18, 0x4}, @mrs={0xbe, 0x18, {0x603000000013e35e}}, @mrs={0xbe, 0x18, {0x603000000013805d}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x200, 0x1, 0x4}}, @irq_setup={0x46, 0x18}, @msr={0x14, 0x20, {0x603000000013c665, 0x9}}, @msr={0x14, 0x20, {0x603000000013c032, 0x5}}, @svc={0x122, 0x40, {0x20, [0x8, 0xfff, 0x2, 0x1cceecde, 0x3]}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x3, 0x2, 0x34a8, 0x70, 0x3}}, @msr={0x14, 0x20, {0x603000000013e289, 0x9}}, @hvc={0x32, 0x40, {0x1000, [0x6, 0x1, 0x5, 0xcf, 0x6a29]}}, @hvc={0x32, 0x40, {0x2, [0x2, 0x10001, 0xe041, 0xfffffffffffffc04, 0x8]}}, @msr={0x14, 0x20, {0x603000000013d000, 0x2}}, @msr={0x14, 0x20, {0x603000000013e530, 0x8}}, @smc={0x1e, 0x40, {0x84000014, [0x3, 0xe, 0x401, 0x8, 0x1]}}, @mrs={0xbe, 0x18, {0x603000000013deba}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x305}}, @smc={0x1e, 0x40, {0x84000050, [0x0, 0x3ce, 0x2, 0x0, 0xfffffffffffffff9]}}, @hvc={0x32, 0x40, {0x84000053, [0x1ff, 0x1, 0x8, 0x9, 0x1]}}, @uexit={0x0, 0x18, 0x10}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x1d6}}], 0x4d0}], 0x1, 0x0, &(0x7f0000001540)=[@featur2={0x1, 0x21}], 0x1)
ioctl$KVM_CREATE_GUEST_MEMFD(r6, 0xc040aed4, &(0x7f0000001580)={0xfffffffffffffffc, 0x214})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000015c0), 0xc00, 0x0)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f0000e15000/0x2000)=nil, r8, 0x0, 0x13, r1, 0x0)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000001600)={0x7, 0x3000, 0x8, r1, 0xb})

37m9.480565112s ago: executing program 5 (id=1372):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x3, 0xa0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
r10 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r9, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x6832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)

37m7.661500721s ago: executing program 6 (id=1373):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, <r3=>0xffffffffffffffff, 0x1})
r4 = ioctl$KVM_CREATE_VM(r3, 0x894c, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1}) (async)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f00000001c0)=@arm64_sys={0x6030000000138064, &(0x7f00000000c0)=0x8000})
ioctl$KVM_CREATE_VCPU(r4, 0xb702, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000080), 0x141001, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000100))
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x5, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async)
r11 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r8, 0x2, 0x100) (async)
ioctl$KVM_RUN(r11, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r10, 0xae80, 0x0)

36m49.286900758s ago: executing program 6 (id=1374):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000869000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x0, 0x5}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

36m48.861024487s ago: executing program 5 (id=1375):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0x4020940d, 0x20)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r1, 0x4068aea3, &(0x7f00000001c0)={0xa8, 0x0, 0x3})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2c)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r8 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000100)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0)
r9 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x8000, 0xffff1000, 0x1, 0xffffffffffffffff, 0x3})
ioctl$KVM_CREATE_VM(r9, 0x401c5820, 0x20000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

36m34.368681354s ago: executing program 6 (id=1376):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r6 = syz_kvm_vgic_v3_setup(r4, 0x3, 0xa0)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x6, 0x4, &(0x7f0000000000)=0x4})
r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x83, 0x8000, 0x0, 0x0, 0xffffffff, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_ARM_SET_DEVICE_ADDR(r7, 0x4010aeab, &(0x7f0000000280)={0x7c29e7ed, 0x1})
r9 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000c6a000/0x3000)=nil, 0x930, 0x1000003, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_REG_LIST(r12, 0xc008aeb0, &(0x7f0000000000))
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
r13 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x15)
ioctl$KVM_GET_REG_LIST(r7, 0xc008aeb0, &(0x7f0000000240)={0x6, [0x0, 0x7, 0x487, 0x100000000, 0x7fff, 0x1]})
ioctl$KVM_CAP_ARM_USER_IRQ(r13, 0x4068aea3, &(0x7f0000000000))
ioctl$KVM_RUN(r7, 0xae80, 0x0)

36m26.809485382s ago: executing program 5 (id=1377):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x21)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001})
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x7)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x40305828, &(0x7f0000000040)=@attr_arm64={0x1000000, 0x7, 0x2, &(0x7f00000000c0)=0xfffffffffffffff7})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x1}}], 0x28}, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xeeee0000, 0x1000, &(0x7f0000fd1000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f00000000c0)={0x1ff, 0x0, 0x6000, 0x1000, &(0x7f0000ec2000/0x1000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000100)={0x1ff, 0x0, 0x0, 0x1000, &(0x7f0000fff000/0x1000)=nil})
syz_kvm_vgic_v3_setup(r3, 0x3, 0xa0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x8})
r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r12, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
r13 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)

36m9.190778522s ago: executing program 6 (id=1378):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f00000000c0)=@arm64_core={0x6030000000100038, &(0x7f0000000140)=0x7})
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x2f) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x2f)
r4 = mmap$KVM_VCPU(&(0x7f0000e74000/0x2000)=nil, 0x930, 0x100000c, 0x10, r3, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x2000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000300)=[@featur2={0x1, 0x40}], 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
syz_memcpy_off$KVM_EXIT_MMIO(r4, 0x20, 0x0, 0x0, 0x0) (async)
syz_memcpy_off$KVM_EXIT_MMIO(r4, 0x20, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
r11 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r10, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000280)="e601000000e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b54865801ba2af023314cc4bf610d6a743ab8364e5f73ea00", 0x0, 0x48) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000280)="e601000000e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b54865801ba2af023314cc4bf610d6a743ab8364e5f73ea00", 0x0, 0x48)
syz_memcpy_off$KVM_EXIT_MMIO(r4, 0x20, &(0x7f0000000000)="43afb48cee29ad699ecb88da1eb87ec5b879ed642449c905", 0x0, 0x18)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r13, 0x2, 0x160)
ioctl$KVM_IRQ_LINE(r13, 0x4008ae61, &(0x7f0000000200)={0x0, 0xffffffff})
openat$kvm(0x0, &(0x7f0000000380), 0x0, 0x0)

36m3.014701589s ago: executing program 5 (id=1379):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, <r3=>0xffffffffffffffff, 0x1})
r4 = ioctl$KVM_CREATE_VM(r3, 0x894c, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1}) (async)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f00000001c0)=@arm64_sys={0x6030000000138064, &(0x7f00000000c0)=0x8000})
ioctl$KVM_CREATE_VCPU(r4, 0xb702, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000080), 0x141001, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000100))
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x5, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async)
r11 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r8, 0x2, 0x100) (async)
ioctl$KVM_RUN(r11, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r10, 0xae80, 0x0)

35m25.026776247s ago: executing program 36 (id=1378):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f00000000c0)=@arm64_core={0x6030000000100038, &(0x7f0000000140)=0x7})
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x2f) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x2f)
r4 = mmap$KVM_VCPU(&(0x7f0000e74000/0x2000)=nil, 0x930, 0x100000c, 0x10, r3, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x2000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000300)=[@featur2={0x1, 0x40}], 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
syz_memcpy_off$KVM_EXIT_MMIO(r4, 0x20, 0x0, 0x0, 0x0) (async)
syz_memcpy_off$KVM_EXIT_MMIO(r4, 0x20, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
r11 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r10, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000280)="e601000000e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b54865801ba2af023314cc4bf610d6a743ab8364e5f73ea00", 0x0, 0x48) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000280)="e601000000e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b54865801ba2af023314cc4bf610d6a743ab8364e5f73ea00", 0x0, 0x48)
syz_memcpy_off$KVM_EXIT_MMIO(r4, 0x20, &(0x7f0000000000)="43afb48cee29ad699ecb88da1eb87ec5b879ed642449c905", 0x0, 0x18)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r13, 0x2, 0x160)
ioctl$KVM_IRQ_LINE(r13, 0x4008ae61, &(0x7f0000000200)={0x0, 0xffffffff})
openat$kvm(0x0, &(0x7f0000000380), 0x0, 0x0)

35m13.540950076s ago: executing program 37 (id=1379):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, <r3=>0xffffffffffffffff, 0x1})
r4 = ioctl$KVM_CREATE_VM(r3, 0x894c, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1}) (async)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f00000001c0)=@arm64_sys={0x6030000000138064, &(0x7f00000000c0)=0x8000})
ioctl$KVM_CREATE_VCPU(r4, 0xb702, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000080), 0x141001, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000100))
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x5, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async)
r11 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r8, 0x2, 0x100) (async)
ioctl$KVM_RUN(r11, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r10, 0xae80, 0x0)

27m48.070282614s ago: executing program 7 (id=1380):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000869000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x0, 0x5}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

27m33.637319286s ago: executing program 8 (id=1381):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000100)="3108e3dcda727dc1915f051fd6c6c2f2e9375df87e96815d61d15d9486ff9023dbaede6f1938adc7befee9d742312bd76c85b021554abc4cb72595c6e12f025cf0d600b249c982b5", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, <r6=>0xffffffffffffffff, 0x1})
write$eventfd(r6, &(0x7f00000001c0), 0xff3c)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r8, 0x4068aea3, &(0x7f0000000000)={0xe4, 0x0, 0x698665c8})
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x400]}}], 0x40}, 0x0, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r12, 0x3, 0x40b2811, r11, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)

27m30.920951905s ago: executing program 7 (id=1382):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x8, 0x80800)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f0000000240)={0xdddd0000, 0x1000})
r6 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x48, 0xdddd1000, 0x0, r2})
close(r2)
close(r1)

27m14.108974958s ago: executing program 8 (id=1383):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x101800, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x59)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r3, 0xae03, 0x81) (async)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x0, 0x7d7b465c1d30afba, 0xffffffffffffffff, 0x0) (async)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r7, 0x4018aee3, &(0x7f0000000100)=@attr_irq_timer={0x0, 0x1, 0x0, 0x0}) (async)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ff9000/0x4000)=nil, r8, 0x100000b, 0x80010, r7, 0x0)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r4, 0x4010aeb5, 0x0) (async)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r4, 0x4068aea3, &(0x7f0000000080)={0xe4, 0x0, 0xd8})

27m1.031475598s ago: executing program 7 (id=1384):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f00000001c0), 0x100, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0x80111500, 0x20000000)
close(r5)
close(0x3)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0xcd)
r7 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="7cfaa2bfd6dd76375aa1bde04fceeb33743b07d73b3e9aac", 0x0, 0xffffffffffffff94)
r8 = eventfd2(0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0x4020940d, 0x20000000)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000140)={0x4, <r11=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r11, 0x400454cc, 0xffffffffffffffff)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000080)="4776f2db7955b65cfc739711fa2e4a37c61bae2e88a262eaa9a44fafb1772c167cd26dd5e8979097ecb7615e7ff2262b1c728d14018f21f2b99840e790f444cfdc2ae271ae4eac93", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x4c4882, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

26m55.776909177s ago: executing program 8 (id=1385):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
eventfd2(0x82a5, 0x80800)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000140)=[@its_send_cmd={0xaa, 0x28, {0x0, 0x1, 0x0, 0x3, 0x100000, 0xfff, 0x1}}], 0x28}, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0xe)
ioctl$KVM_SIGNAL_MSI(r4, 0x4020aea5, &(0x7f0000000000)={0x4000, 0x2, 0xdd77, 0x2, 0x80000000})
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0xe7)
r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_HALT_POLL(r7, 0x4068aea3, &(0x7f00000001c0)={0xb6, 0x0, 0x7fffffff})
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x894c, 0x0)
ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xb702, 0xfffffffffffffffc) (async)
r12 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000240)={0x0, 0x0}, 0x0, 0x0) (async)
r15 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r7, 0xffffe, 0x20) (async)
ioctl$KVM_RUN(r15, 0xae80, 0x0)
ioctl$KVM_RUN(r14, 0xae80, 0x0)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, &(0x7f0000000280)=[@hvc={0x32, 0x40, {0x4000, [0x87d, 0x80000001, 0x3, 0x1000, 0x10000]}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x0, 0x7, 0x6a92, 0x9}}, @smc={0x1e, 0x40, {0x0, [0x5, 0x2, 0x5257abcd, 0xbff8, 0x8000000000000000]}}, @hvc={0x32, 0x40, {0xc4000010, [0x5, 0x1, 0x73b0, 0x87, 0x8]}}, @msr={0x14, 0x20, {0x603000000013c641, 0xffffffffffffffff}}, @memwrite={0x6e, 0x30, @generic={0x0, 0xe4c, 0x9d, 0x1c}}, @memwrite={0x6e, 0xfffffffffffffcff, @vgic_gicd={0x8000000, 0x6000, 0x10001, 0x8}}, @msr={0x14, 0x20, {0x603000000013c665, 0x7d}}, @eret={0xe6, 0x18, 0x4}, @code={0xa, 0x9c, {"e05c82d200a0b0f2810180d2220180d2e30080d2c40180d2020000d4000020ea007c209be06c8fd20020b8f2810080d2020080d2a30080d2040180d2020000d4000010d5007008d5e0ec82d20080b0f2410180d2020080d2030180d2c40180d2020000d40080608880e78cd200c0b8f2c10080d2220080d2430180d2040180d2020000d4007008d5"}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff4, 0xc, 0xd}}, @code={0xa, 0xcc, {"008008d5407680d20020b8f2e10080d2e20180d2a30080d2c40180d2020000d4007008d5809291d20040b0f2610180d2e20180d2030080d2240080d2020000d4204090d20080b0f2e10080d2e20080d2a30080d2e40180d2020000d4c00e9bd200a0b0f2210180d2e20180d2a30180d2c40180d2020000d4801983d200c0b0f2410180d2620180d2630180d2c40180d2020000d4a0499cd200a0b0f2810180d2620080d2230180d2640180d2020000d4000028d5008008d5"}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x167}}, @mrs={0xbe, 0x18, {0x603000000013e66c}}, @code={0xa, 0x9c, {"40a285d200e0b0f2810180d2a20080d2a30180d2840180d2020000d400c39dd20000b0f2210180d2e20180d2e30080d2640180d2020000d4007008d5a03192d200a0b0f2010080d2820180d2430180d2e40180d2020000d40000600d0054000f008008d560f098d20060b0f2c10180d2c20180d2630080d2640180d2020000d4007008d5003c000e"}}, @msr={0x14, 0x20, {0x603000000013801e, 0x2}}, @irq_setup={0x46, 0x18, {0x0, 0x212}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x4, 0x3, 0x1}}, @msr={0x14, 0x20, {0x603000000013df61, 0x8001}}, @svc={0x122, 0x40, {0x6000000, [0x3, 0xa72f, 0x8000000000000001, 0x7fffffffffffffff, 0xfffffffffffffc00]}}, @mrs={0xbe, 0x18, {0xa050000000340223}}, @uexit={0x0, 0x18, 0x5a7}, @irq_setup={0x46, 0x18, {0x2, 0x114}}, @smc={0x1e, 0x40, {0xc4000003, [0x5, 0x0, 0xfffffffffffffffd, 0x2e, 0x1]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x40, 0x9}}], 0x594}, 0x0, 0x0)

26m35.953103078s ago: executing program 7 (id=1386):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000040)={0x0, 0x0}, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x21)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r14, 0x4040ae79, &(0x7f0000000080)={0x4, 0x80a0000, 0x4, r15})
ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f0000000000)={0x1, 0x3000, 0x8, r15, 0x1})
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r12, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r12, 0x0)
r16 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
r17 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r17, 0x3, 0x11, r9, 0x0)
mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r17, 0x3, 0x11, r16, 0x0)

26m28.641746602s ago: executing program 8 (id=1387):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@eret={0xe6, 0x18, 0xb8}, @irq_setup={0x46, 0x18, {0x3, 0x159}}, @smc={0x1e, 0x40, {0x8300000c, [0x6, 0x5, 0x7b87, 0x3, 0x1ff]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x5d0bcbad586f86a2, 0x3cc, 0x8}}, @uexit={0x0, 0x18, 0x8}, @uexit={0x0, 0x18, 0x6}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x18, 0xfffffffffffffffc, 0x8}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x234}}, @smc={0x1e, 0x40, {0xc5000020, [0x3, 0x8, 0x80000000, 0x8, 0x8]}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x0, 0x10, 0x10000, 0xf, 0x4}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x10040, 0x7, 0x8}}, @code={0xa, 0x6c, {"008008d500f8a00e60b383d200c0b0f2210180d2220180d2e30080d2640180d2020000d400e4200e0008407a00c68fd200a0b0f2e10180d2c20180d2e30180d2240080d2020000d4008008d5008008d5007008d5007008d5"}}, @eret={0xe6, 0x18, 0x4}, @smc={0x1e, 0x40, {0x8, [0xfff, 0x1ffe, 0x2, 0xb, 0x6]}}, @svc={0x122, 0x40, {0x4, [0xfffffffffffffff7, 0xd, 0x9, 0xd9, 0x6]}}], 0x2c4}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

26m12.658465679s ago: executing program 7 (id=1388):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x2, 0x6}}], 0x50}, 0x0, 0x0) (async)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x2, 0x6}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) (async)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8}) (async)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

26m12.372237671s ago: executing program 8 (id=1389):
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x27)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x275}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x0, 0x1, 0x6, 0x0, 0x4}}], 0x40}, 0x0, 0x0) (async)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x275}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x0, 0x1, 0x6, 0x0, 0x4}}], 0x40}, 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) (async)
r7 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
close(r6)
syz_kvm_vgic_v3_setup(r2, 0x40000000000004, 0xc0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = eventfd2(0xeffffffd, 0x801)
ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r10, 0x3}) (async)
ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r10, 0x3})
ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f0000000140)={0x3, 0x0, 0x2, r10, 0xb})
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil)
r13 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r15 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r14, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r15, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)

25m53.138943344s ago: executing program 8 (id=1390):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x4, 0x1, 0x0, 0x1000, &(0x7f0000ee6000/0x1000)=nil})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x4, 0x1, 0x0, 0x1000, &(0x7f0000ee6000/0x1000)=nil}) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, 0x0) (async)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async)

25m49.968553732s ago: executing program 7 (id=1391):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@hvc={0x32, 0x40, {0xc400000e, [0x3, 0xffffffffffffff00, 0x1, 0x80000001, 0x7]}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x5f}}], 0x68}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

25m5.126682012s ago: executing program 38 (id=1390):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x4, 0x1, 0x0, 0x1000, &(0x7f0000ee6000/0x1000)=nil})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x4, 0x1, 0x0, 0x1000, &(0x7f0000ee6000/0x1000)=nil}) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, 0x0) (async)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async)

24m56.871113397s ago: executing program 39 (id=1391):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@hvc={0x32, 0x40, {0xc400000e, [0x3, 0xffffffffffffff00, 0x1, 0x80000001, 0x7]}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x5f}}], 0x68}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

16m34.140051326s ago: executing program 1 (id=1393):
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f7c000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r0 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r0, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0x1, 0x1001, 0x2}})
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9e, 0x7fffffff, 0x2}})
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0)

16m11.23891543s ago: executing program 1 (id=1394):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1ff, 0x1, 0x4000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2c)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x6030000000100018, &(0x7f0000000000)=0x7fffffffffffffff})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000d70000/0x3000)=nil, 0x3000)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1ff, 0x1, 0x4000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2c) (async)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x6030000000100018, &(0x7f0000000000)=0x7fffffffffffffff}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) (async)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) (async)
munmap(&(0x7f0000d70000/0x3000)=nil, 0x3000) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)

15m44.551165483s ago: executing program 9 (id=1392):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x80000000000002c)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r1, 0x4068aea3, &(0x7f0000000140))
ioctl$KVM_CAP_ARM_USER_IRQ(r1, 0x4068aea3, &(0x7f0000000000))
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r4, 0x3, 0x11, r3, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000002000/0x400000)=nil)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

15m29.839797473s ago: executing program 9 (id=1395):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x27)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r3, 0x4010ae68, 0xfffffffffffffffe)
r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000b8e000/0x400000)=nil)
r5 = eventfd2(0xffff10c0, 0x801)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000100)={0xf09, 0x8080000, 0x0, r5})
r6 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

15m21.517224755s ago: executing program 40 (id=1394):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1ff, 0x1, 0x4000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2c)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x6030000000100018, &(0x7f0000000000)=0x7fffffffffffffff})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000d70000/0x3000)=nil, 0x3000)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1ff, 0x1, 0x4000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2c) (async)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x6030000000100018, &(0x7f0000000000)=0x7fffffffffffffff}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) (async)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) (async)
munmap(&(0x7f0000d70000/0x3000)=nil, 0x3000) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)

14m39.300991948s ago: executing program 41 (id=1395):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x27)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r3, 0x4010ae68, 0xfffffffffffffffe)
r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000b8e000/0x400000)=nil)
r5 = eventfd2(0xffff10c0, 0x801)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000100)={0xf09, 0x8080000, 0x0, r5})
r6 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

3m36.229528192s ago: executing program 2 (id=1405):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}], 0x1, 0x0, 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
r8 = ioctl$KVM_CREATE_VM(r7, 0x894c, 0x0)
close(r8)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r6, 0x4008ae73, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve_vls={0x606000000015ffff, &(0x7f0000000180)=0xd2})
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000100)={0x1000020, 0x1})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r10, 0xae03, 0x9e)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r2, &(0x7f0000a9b000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000280)=[@svc={0x122, 0x40, {0x84000009, [0xa25, 0x100000000, 0x7fffffffffffffff, 0x8, 0x8]}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x0, 0xa, 0x0, 0x2, 0x2}}], 0x68}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m9.802172764s ago: executing program 2 (id=1407):
r0 = mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x0, 0x2000000, 0x110, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000000)="db57debfd4492e3daa7c7bc59a122a457540e0b315a40a73738b87bb402e5c031682c9e7b9aadeb2846ab4310eaabf960d2b0994b69abe738662697ed03018b4ef54ba7a146e5b81", 0x0, 0x48)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r1, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000780)=[{0x0, &(0x7f0000000080)=[@eret={0xe6, 0x18, 0x80}, @code={0xa, 0x9c, {"a0ac89d20020b8f2010080d2020080d2030080d2840180d2020000d480ca96d20060b0f2010080d2620080d2a30080d2840080d2020000d4009c200e0044007f607b80d200a0b8f2410180d2820180d2430080d2840180d2020000d4007008d5a02290d20040b8f2410180d2220180d2430180d2240180d2020000d4007008d500b8210e0028214e"}}, @mrs={0xbe, 0x18, {0x603000000013deff}}, @smc={0x1e, 0x40, {0xc2000004, [0xfd1, 0xf646, 0x1c3, 0x6, 0x1000]}}, @hvc={0x32, 0x40, {0x84000012, [0xffff, 0x888, 0x5, 0x4, 0x7ff]}}, @svc={0x122, 0x40, {0x86000000, [0xf, 0x4, 0xffffffffffffffff, 0x7fffffffffffffff, 0x7fffffffffffffff]}}, @smc={0x1e, 0x40, {0x84000003, [0x9, 0x8000000000000001, 0x3, 0x8, 0xea]}}, @smc={0x1e, 0x40, {0x80003fff, [0x0, 0x1, 0x8, 0x7f, 0x2]}}, @code={0xa, 0x84, {"000008d50040000ee04f8cd20080b8f2a10080d2820080d2030180d2640180d2020000d4008008d5007008d5c0ae8ed200e0b0f2610080d2620080d2a30080d2a40180d2020000d4e09182d20000b8f2410080d2420080d2830180d2440080d2020000d40080001f007008d50040241e"}}, @uexit={0x0, 0x18, 0x1}, @svc={0x122, 0x40, {0x0, [0x87ef, 0x8, 0x3, 0x0, 0x4]}}, @irq_setup={0x46, 0x18, {0x4, 0x262}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe4, 0x7, 0x4}}, @uexit={0x0, 0x18, 0x100000000}, @msr={0x14, 0x20, {0x603000000013806e, 0x7}}, @memwrite={0x6e, 0x30, @generic={0x4, 0xc9a, 0x0, 0xc}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfffc, 0x59a, 0x3}}, @code={0xa, 0x9c, {"600086d20000b0f2610180d2820180d2830180d2640080d2020000d4000020ab000008d5a0d589d20080b8f2410180d2620180d2830180d2c40080d2020000d4002285d20060b0f2210080d2c20180d2430080d2040080d2020000d4000008d5007008d5007008d51f4000d5a0ce99d20040b8f2e10080d2020180d2430180d2240080d2020000d4"}}, @mrs={0xbe, 0x18, {0x603000000013da11}}, @smc={0x1e, 0x40, {0xc4000003, [0x1, 0x8, 0x10001, 0x5, 0x9]}}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x283}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x56}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x2, 0x0, 0x9, 0x2, 0x4, 0x4}}, @svc={0x122, 0x40, {0x84000052, [0x7f, 0x8000000000000000, 0x7, 0x6, 0x10000]}}, @uexit={0x0, 0x18, 0xfffffffffffffff7}, @code={0xa, 0x84, {"007008d50004000f003394d20060b0f2010180d2420080d2e30080d2040180d2020000d4000008d560169dd20040b0f2c10080d2420080d2430080d2a40080d2020000d4000008d5007008d50070202ea0959dd20020b0f2610180d2420180d2c30080d2840180d2020000d4000008d5"}}, @eret={0xe6, 0x18, 0x6}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x380, 0x8000}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x1, 0x6, 0x494, 0x9, 0x3}}, @eret={0xe6, 0x18, 0x6}, @memwrite={0x6e, 0x30, @generic={0x5000, 0xac6, 0x5, 0x9}}, @irq_setup={0x46, 0x18, {0x1, 0x58}}], 0x6e0}], 0x1, 0x0, &(0x7f00000007c0)=[@featur1={0x1, 0xf}], 0x1)
r2 = ioctl$KVM_GET_STATS_FD_cpu(r1, 0xaece)
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x4018aee1, &(0x7f0000000840)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000800)={0x6, 0x80, 0x1}})
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_GET_STATS_FD_cpu(r1, 0xaece)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r2, 0x4010aeb5, &(0x7f0000000880)={0xa, 0x80})
syz_kvm_vgic_v3_setup(r2, 0x1, 0x2c0)
ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, &(0x7f00000008c0)={0x8, 0x4})
munmap(&(0x7f0000f0f000/0x4000)=nil, 0x4000)
ioctl$KVM_CAP_ARM_MTE(r2, 0x4068aea3, &(0x7f0000000900))
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000980)={0x3, 0x0, [{0x9, 0x1, 0x1, 0x0, @msi={0x40, 0x7, 0x716, 0x3}}, {0x3, 0x1, 0x0, 0x0, @adapter={0x0, 0x816, 0x0, 0x401, 0x8}}, {0x8, 0x1, 0x1, 0x0, @irqchip={0x4, 0xb316}}]})
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0xf)
ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f0000000a80)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000a40)={0x101, 0x1, 0x1}})
ioctl$KVM_SET_USER_MEMORY_REGION2(r2, 0x40a0ae49, &(0x7f0000000ac0)={0x4, 0x5, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil, 0x1, r3})
ioctl$KVM_CLEAR_DIRTY_LOG(r2, 0xc018aec0, &(0x7f0000000f80)={0x10200, 0x1c0, 0x100, &(0x7f0000000b80)=[0xfffffffffffffe01, 0x0, 0x9ee, 0x7fff, 0x0, 0x5, 0x4, 0x2, 0x800, 0x4, 0x3, 0x1f38, 0x4, 0x7, 0x3, 0x752, 0x7ff, 0x5, 0x2, 0x6, 0x4, 0x689, 0x3, 0x81, 0x4f10, 0x4, 0x3, 0x0, 0x8001, 0x11, 0x101, 0x100000000, 0x0, 0xa193, 0x400, 0x3, 0xd5, 0x6, 0x9bbd, 0x9, 0xbf, 0x8001, 0x7, 0x10, 0xd1, 0x8, 0xffffffffffffff7f, 0x415bce74, 0x1da, 0xd8, 0x3, 0xffff, 0x73, 0x0, 0x10000, 0x0, 0x9, 0xffff, 0x6, 0x2, 0x9, 0x10000, 0x7, 0xd9, 0xfffffffffffffff7, 0x0, 0x38a, 0x6, 0xf, 0x6, 0xfffffffffffffc1d, 0xffff, 0x2772, 0x4, 0x1, 0x2, 0x0, 0x8, 0x2, 0xcbe9, 0x7, 0x9, 0x8, 0x766, 0x3, 0x6b55fb10, 0x1, 0xfffffffffffffffc, 0x8, 0x6, 0x7ff, 0x80000001, 0x9ade, 0x9, 0x4, 0xc3c1, 0xfff, 0x5, 0x401, 0x7f, 0x8, 0x4, 0x44e2, 0x1, 0x1, 0x1, 0xffffffff, 0x7fff, 0x7, 0x9, 0x81, 0x6, 0x81, 0xfffffffeffffffff, 0xe0, 0xd, 0x4, 0x7, 0x3a63, 0x0, 0x452, 0x2, 0x8, 0x40, 0x3, 0x800, 0x4, 0x6]})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000b65000/0x400000)=nil)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_GET_ONE_REG(r1, 0x4010aeab, &(0x7f0000001000)=@arm64_core={0x6030000000100044, &(0x7f0000000fc0)=0x9a25})
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_GET_SREGS(r5, 0x8000ae83, &(0x7f0000001040))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
syz_kvm_setup_cpu$arm64(r3, r6, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000001480)=[{0x0, &(0x7f0000001180)=[@msr={0x14, 0x20, {0x603000000013de94, 0xd83}}, @irq_setup={0x46, 0x18, {0x0, 0x190}}, @msr={0x14, 0x20, {0x603000000013def0, 0x5}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x6d}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x0, 0x3, 0x5}}, @irq_setup={0x46, 0x18, {0x3, 0x24}}, @smc={0x1e, 0x40, {0x6000000, [0x401, 0xe350, 0x7fffffff, 0x1, 0xf24]}}, @msr={0x14, 0x20, {0x603000000013df73, 0x1}}, @svc={0x122, 0x40, {0x0, [0x3ff, 0x8000000000000001, 0x8, 0x95c, 0x8]}}, @irq_setup={0x46, 0x18, {0x3, 0x23d}}, @irq_setup={0x46, 0x18, {0x2, 0x1c6}}, @smc={0x1e, 0x40, {0x84000009, [0x5, 0x1, 0x3, 0x1911749e, 0xffffffff]}}, @msr={0x14, 0x20, {0x603000000013df7f, 0x5}}, @hvc={0x32, 0x40, {0xf6000053, [0x2, 0x7fff, 0x4, 0x18a, 0xc]}}, @irq_setup={0x46, 0x18, {0x2, 0x3a3}}, @irq_setup={0x46, 0x18, {0x3, 0x92}}, @eret={0xe6, 0x18, 0x4594c5ee}, @hvc={0x32, 0x40, {0x2, [0x7, 0x1, 0x401, 0x0, 0x5]}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x216}}], 0x2e8}], 0x1, 0x0, &(0x7f00000014c0)=[@featur1={0x1, 0x10}], 0x1)
munmap(&(0x7f0000ec2000/0x3000)=nil, 0x3000)

2m54.14980179s ago: executing program 2 (id=1409):
r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000001c0)={0x8, <r2=>0xffffffffffffffff})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x322}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x3, 0xa0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000100)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0xfffffffffffffffd, 0x5}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r10, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, <r13=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r14 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x28)
r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x1)
r16 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r15, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r16, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r15, 0x0)

2m40.542760598s ago: executing program 0 (id=1410):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2c) (async)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2c)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000040)=@arm64_bitmap={0x6030000000160000, &(0x7f0000000000)=0xe})
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=[@msr={0x14, 0x20, {0x603000000013c600, 0xfefefee0}}], 0x20}], 0x1, 0x0, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async)
r7 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c600, &(0x7f0000000140)})

2m27.538939195s ago: executing program 2 (id=1411):
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x66)

2m14.037131679s ago: executing program 0 (id=1412):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x20000003)
write$eventfd(r1, &(0x7f0000000000), 0xfffffdef) (fail_nth: 23)
munmap(&(0x7f0000008000/0x1000)=nil, 0x200000)

2m10.267323296s ago: executing program 2 (id=1413):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x1000, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x7)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000180)={0x4, 0x0, &(0x7f0000f93000/0x1000)=nil})
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4360ae82, &(0x7f00000000c0)={[0xa9, 0x2, 0x3, 0x401, 0x1, 0x2, 0xffffffffffff6eab, 0x1, 0x8, 0x5, 0x5, 0x7f, 0x0, 0x4, 0x0, 0x2], 0x10000, 0x40})
r7 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r8 = eventfd2(0x5, 0x800)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r9, 0xae03, 0x24)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000040)={0x5, 0x8080000, 0x2, r8, 0x8})
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f00000000c0)={0x8000000008000800, 0x0, 0x0, r8, 0x2})
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r11, 0x2, 0x100) (async)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000000)={0x1, 0x0, 0x7000000, r8, 0x6})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)

1m59.009207582s ago: executing program 0 (id=1414):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000ab8000/0x400000)=nil)
munmap(&(0x7f0000f8f000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000b71000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000040)={0x7, <r5=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r5, 0x4018aee3, &(0x7f0000000180)=@attr_other={0x0, 0x1, 0x80, 0x0})
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
munmap(&(0x7f000049b000/0x400000)=nil, 0x400000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r7, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000040)={0x10001, 0x10001})

1m39.079070528s ago: executing program 2 (id=1415):
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000000)="2c25d4278d8c7653b3172560248c843908495e1005afc60007fb6f61f311ef15d8d1cfd5f27aeacfc15e0d043a158a9f9cfd59314aa23e07668abcf5b08f4f156ec43b09393e8d0c", 0x0, 0x48)
r0 = mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, 0x0, 0x200000a, 0x1010, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(r0, 0x20, &(0x7f0000000080)="854e7800abf6026f3804f4853d8e029771152b5ab81ca70b", 0x0, 0x18)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000180)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x84, {"0024c09a0020202e0008201e0080bf0d007008d5c04e83d20040b0f2010080d2420180d2430080d2e40080d2020000d4a03f87d20000b0f2e10080d2820080d2c30080d2e40080d2020000d4000040d3008008d560f585d20000b0f2e10180d2c20080d2c30180d2840180d2020000d4"}}, @msr={0x14, 0x20, {0x603000000013df51, 0x9}}], 0xa4}, &(0x7f00000001c0)=[@featur2={0x1, 0x80}], 0x1)
ioctl$KVM_GET_MP_STATE(r1, 0x8004ae98, &(0x7f0000000200))
munmap(&(0x7f0000ffa000/0x5000)=nil, 0x5000)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000380)={0x0, &(0x7f0000000240)=[@eret={0xe6, 0x18, 0x3a}, @uexit={0x0, 0x18, 0x98}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x6d}}, @hvc={0x32, 0x40, {0xc4000007, [0x3, 0x3, 0xc, 0xfffffffffffffffe, 0x400]}}, @irq_setup={0x46, 0x18, {0x2, 0x1b3}}, @uexit={0x0, 0x18, 0x5}, @smc={0x1e, 0x40, {0x84000007, [0xfffffffffffffeff, 0x90d, 0x6, 0x101, 0xffff]}}], 0x108}, &(0x7f00000003c0)=[@featur2={0x1, 0x11}], 0x1)
ioctl$KVM_DIRTY_TLB(r2, 0x4010aeaa, &(0x7f0000000400)={0x6, 0x5})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r4 = mmap$KVM_VCPU(&(0x7f0000ff7000/0x4000)=nil, r3, 0x1000002, 0x40010, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000440)="2a0a134916fa1f8175b89c148bd22125b91b06215ea6d55fae7682297fa10ee9ef0b9b09158f699f0b62d8724487e59d17fa2958b1688bd56f446b2fbdc88761839971f1df9a40a2", 0x0, 0x48)
r5 = syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x2, 0x3a0)
ioctl$KVM_HAS_DEVICE_ATTR(r5, 0x4018aee3, &(0x7f0000000500)=@attr_other={0x0, 0x400, 0x1, &(0x7f00000004c0)=0x4})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000540)="f305b25324f9f275a817203959aaaa92d2fa065f8ddc0ce686d97ce228d02592a0eda74afeaf9871ed8148e021f0fdfa11dfe2f7c8264c9c8100a48a455938cedd6f0ba260dae087", 0x0, 0x48)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x34)
ioctl$KVM_SET_GSI_ROUTING(r7, 0x4008ae6a, &(0x7f0000000600)={0x2, 0x0, [{0x1, 0x3, 0x1, 0x0, @msi={0x9, 0x4, 0x81}}, {0x1, 0x1, 0x0, 0x0, @sint={0x34, 0x3}}]})
r8 = eventfd2(0x1560676c, 0x80001)
r9 = eventfd2(0xe, 0x800)
ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f0000000680)={r8, 0x9, 0x1, r9})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r10 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000a40)={0x0, &(0x7f00000006c0)=[@hvc={0x32, 0x40, {0xc4000053, [0x4, 0xadf, 0x9, 0x8, 0x6]}}, @irq_setup={0x46, 0x18, {0x0, 0x1eb}}, @svc={0x122, 0x40, {0x84000010, [0xe, 0x8, 0x1e000000, 0x0, 0x84dc]}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x0, 0x9, 0x0, 0x9, 0x1}}, @uexit={0x0, 0x18, 0x8}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x2, 0x5, 0x9, 0x6, 0x4}}, @svc={0x122, 0x40, {0xc2000006, [0x6, 0xfffffffffffffffe, 0x9, 0xff, 0x6]}}, @uexit={0x0, 0x18, 0xea32}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x2, 0xb, 0x8, 0x5, 0x4}}, @msr={0x14, 0x20, {0x603000000013df7c, 0x5}}, @code={0xa, 0x84, {"00008039801282d20000b8f2210180d2220180d2e30180d2840180d2020000d4a0a796d20020b0f2e10180d2820180d2430080d2640180d2020000d4007008d5000040b90000c0ad00d896d20020b0f2010180d2220180d2c30180d2040180d2020000d40050200e0018200e00000013"}}, @msr={0x14, 0x20, {0x6030000000138036}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x332}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x3, 0x2, 0x1ff, 0x5, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013e536}}, @hvc={0x32, 0x40, {0x80, [0x9, 0x3058, 0x2, 0x2, 0x2]}}, @msr={0x14, 0x20, {0x603000000013deaf, 0xc9b}}, @smc={0x1e, 0x40, {0x0, [0x6, 0x8000000000, 0x0, 0x5, 0xbc3]}}], 0x34c}, &(0x7f0000000a80)=[@featur2={0x1, 0x1}], 0x1)
r11 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x24)
syz_kvm_setup_cpu$arm64(r11, r10, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000bc0)=[{0x0, &(0x7f0000000ac0)=[@irq_setup={0x46, 0x18, {0x3, 0x387}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x293}}, @smc={0x1e, 0x40, {0x40, [0xffffffffffff63f3, 0x7ca96f3d, 0x1, 0xffffffffffffffff, 0x800]}}, @smc={0x1e, 0x40, {0xc400000c, [0x9, 0x8, 0xfffffffffffffffd, 0x80000001, 0xfffffffffffffffa]}}, @irq_setup={0x46, 0x18, {0x1, 0x372}}, @irq_setup={0x46, 0x18, {0x0, 0x3bd}}], 0xf0}], 0x1, 0x0, &(0x7f0000000c00)=[@featur2={0x1, 0x1a}], 0x1)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r7, 0x4010aeb5, &(0x7f0000000c40)={0x43d9, 0xfffffffffffffff9})
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x2, 0x0)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000c80))
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000f7d000/0x4000)=nil, r12, 0x3000000, 0x10, r1, 0x0)

1m35.039291971s ago: executing program 0 (id=1416):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x101000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x15)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0xffffffffffffffff)
r4 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r3, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0)
r5 = eventfd2(0x0, 0x0)
close(r0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
r6 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r7 = openat$kvm(0x0, &(0x7f00000001c0), 0x80400, 0x0)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r8, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000fbf000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, r8, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x12, r3, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec0000/0x3000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0x1000004, 0x9032, r3, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
write$eventfd(r5, &(0x7f0000000180)=0x5, 0xfffffde3)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xc)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000080)={0x10003, 0x0, 0x8080000, 0x1000, &(0x7f0000cbc000/0x1000)=nil})

1m6.970955496s ago: executing program 0 (id=1417):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x20000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r1, 0x541b, 0x2000001c)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r4, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
mmap$KVM_VCPU(&(0x7f0000ed3000/0x4000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x12, 0xffffffffffffffff, 0x0)
r5 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, 0x0}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x2000)=nil, r4, 0x0, 0x10, r5, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000180)={0x3000, 0x0, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000380)={0x2, 0x25000, 0x1})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r6, 0x4010ae68, &(0x7f0000000240)={0xffff1000, 0xa000})

50.552460978s ago: executing program 42 (id=1415):
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000000)="2c25d4278d8c7653b3172560248c843908495e1005afc60007fb6f61f311ef15d8d1cfd5f27aeacfc15e0d043a158a9f9cfd59314aa23e07668abcf5b08f4f156ec43b09393e8d0c", 0x0, 0x48)
r0 = mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, 0x0, 0x200000a, 0x1010, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(r0, 0x20, &(0x7f0000000080)="854e7800abf6026f3804f4853d8e029771152b5ab81ca70b", 0x0, 0x18)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000180)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x84, {"0024c09a0020202e0008201e0080bf0d007008d5c04e83d20040b0f2010080d2420180d2430080d2e40080d2020000d4a03f87d20000b0f2e10080d2820080d2c30080d2e40080d2020000d4000040d3008008d560f585d20000b0f2e10180d2c20080d2c30180d2840180d2020000d4"}}, @msr={0x14, 0x20, {0x603000000013df51, 0x9}}], 0xa4}, &(0x7f00000001c0)=[@featur2={0x1, 0x80}], 0x1)
ioctl$KVM_GET_MP_STATE(r1, 0x8004ae98, &(0x7f0000000200))
munmap(&(0x7f0000ffa000/0x5000)=nil, 0x5000)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000380)={0x0, &(0x7f0000000240)=[@eret={0xe6, 0x18, 0x3a}, @uexit={0x0, 0x18, 0x98}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x6d}}, @hvc={0x32, 0x40, {0xc4000007, [0x3, 0x3, 0xc, 0xfffffffffffffffe, 0x400]}}, @irq_setup={0x46, 0x18, {0x2, 0x1b3}}, @uexit={0x0, 0x18, 0x5}, @smc={0x1e, 0x40, {0x84000007, [0xfffffffffffffeff, 0x90d, 0x6, 0x101, 0xffff]}}], 0x108}, &(0x7f00000003c0)=[@featur2={0x1, 0x11}], 0x1)
ioctl$KVM_DIRTY_TLB(r2, 0x4010aeaa, &(0x7f0000000400)={0x6, 0x5})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r4 = mmap$KVM_VCPU(&(0x7f0000ff7000/0x4000)=nil, r3, 0x1000002, 0x40010, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000440)="2a0a134916fa1f8175b89c148bd22125b91b06215ea6d55fae7682297fa10ee9ef0b9b09158f699f0b62d8724487e59d17fa2958b1688bd56f446b2fbdc88761839971f1df9a40a2", 0x0, 0x48)
r5 = syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x2, 0x3a0)
ioctl$KVM_HAS_DEVICE_ATTR(r5, 0x4018aee3, &(0x7f0000000500)=@attr_other={0x0, 0x400, 0x1, &(0x7f00000004c0)=0x4})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000540)="f305b25324f9f275a817203959aaaa92d2fa065f8ddc0ce686d97ce228d02592a0eda74afeaf9871ed8148e021f0fdfa11dfe2f7c8264c9c8100a48a455938cedd6f0ba260dae087", 0x0, 0x48)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x34)
ioctl$KVM_SET_GSI_ROUTING(r7, 0x4008ae6a, &(0x7f0000000600)={0x2, 0x0, [{0x1, 0x3, 0x1, 0x0, @msi={0x9, 0x4, 0x81}}, {0x1, 0x1, 0x0, 0x0, @sint={0x34, 0x3}}]})
r8 = eventfd2(0x1560676c, 0x80001)
r9 = eventfd2(0xe, 0x800)
ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f0000000680)={r8, 0x9, 0x1, r9})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r10 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000a40)={0x0, &(0x7f00000006c0)=[@hvc={0x32, 0x40, {0xc4000053, [0x4, 0xadf, 0x9, 0x8, 0x6]}}, @irq_setup={0x46, 0x18, {0x0, 0x1eb}}, @svc={0x122, 0x40, {0x84000010, [0xe, 0x8, 0x1e000000, 0x0, 0x84dc]}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x0, 0x9, 0x0, 0x9, 0x1}}, @uexit={0x0, 0x18, 0x8}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x2, 0x5, 0x9, 0x6, 0x4}}, @svc={0x122, 0x40, {0xc2000006, [0x6, 0xfffffffffffffffe, 0x9, 0xff, 0x6]}}, @uexit={0x0, 0x18, 0xea32}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x2, 0xb, 0x8, 0x5, 0x4}}, @msr={0x14, 0x20, {0x603000000013df7c, 0x5}}, @code={0xa, 0x84, {"00008039801282d20000b8f2210180d2220180d2e30180d2840180d2020000d4a0a796d20020b0f2e10180d2820180d2430080d2640180d2020000d4007008d5000040b90000c0ad00d896d20020b0f2010180d2220180d2c30180d2040180d2020000d40050200e0018200e00000013"}}, @msr={0x14, 0x20, {0x6030000000138036}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x332}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x3, 0x2, 0x1ff, 0x5, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013e536}}, @hvc={0x32, 0x40, {0x80, [0x9, 0x3058, 0x2, 0x2, 0x2]}}, @msr={0x14, 0x20, {0x603000000013deaf, 0xc9b}}, @smc={0x1e, 0x40, {0x0, [0x6, 0x8000000000, 0x0, 0x5, 0xbc3]}}], 0x34c}, &(0x7f0000000a80)=[@featur2={0x1, 0x1}], 0x1)
r11 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x24)
syz_kvm_setup_cpu$arm64(r11, r10, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000bc0)=[{0x0, &(0x7f0000000ac0)=[@irq_setup={0x46, 0x18, {0x3, 0x387}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x293}}, @smc={0x1e, 0x40, {0x40, [0xffffffffffff63f3, 0x7ca96f3d, 0x1, 0xffffffffffffffff, 0x800]}}, @smc={0x1e, 0x40, {0xc400000c, [0x9, 0x8, 0xfffffffffffffffd, 0x80000001, 0xfffffffffffffffa]}}, @irq_setup={0x46, 0x18, {0x1, 0x372}}, @irq_setup={0x46, 0x18, {0x0, 0x3bd}}], 0xf0}], 0x1, 0x0, &(0x7f0000000c00)=[@featur2={0x1, 0x1a}], 0x1)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r7, 0x4010aeb5, &(0x7f0000000c40)={0x43d9, 0xfffffffffffffff9})
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x2, 0x0)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000c80))
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000f7d000/0x4000)=nil, r12, 0x3000000, 0x10, r1, 0x0)

45.88188764s ago: executing program 0 (id=1419):
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, 0x0}) (async)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)

0s ago: executing program 43 (id=1419):
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, 0x0}) (async)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

[  378.107187][ T3156] 8021q: adding VLAN 0 to HW filter on device bond0
[  428.431234][ T3156] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:7375' (ED25519) to the list of known hosts.
[  587.486134][   T25] audit: type=1400 audit(586.760:61): avc:  denied  { name_bind } for  pid=3305 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  588.414531][   T25] audit: type=1400 audit(587.700:62): avc:  denied  { execute } for  pid=3306 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  588.440648][   T25] audit: type=1400 audit(587.730:63): avc:  denied  { execute_no_trans } for  pid=3306 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  611.374958][   T25] audit: type=1400 audit(610.660:64): avc:  denied  { mounton } for  pid=3306 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  611.408462][   T25] audit: type=1400 audit(610.690:65): avc:  denied  { mount } for  pid=3306 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  611.492464][ T3306] cgroup: Unknown subsys name 'net'
[  611.542729][   T25] audit: type=1400 audit(610.830:66): avc:  denied  { unmount } for  pid=3306 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  611.916753][ T3306] cgroup: Unknown subsys name 'cpuset'
[  612.017796][ T3306] cgroup: Unknown subsys name 'rlimit'
[  613.337422][   T25] audit: type=1400 audit(612.620:67): avc:  denied  { setattr } for  pid=3306 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  613.360491][   T25] audit: type=1400 audit(612.650:68): avc:  denied  { create } for  pid=3306 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  613.388242][   T25] audit: type=1400 audit(612.680:69): avc:  denied  { write } for  pid=3306 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  613.426839][   T25] audit: type=1400 audit(612.690:70): avc:  denied  { module_request } for  pid=3306 comm="syz-executor" kmod="net-pf-16-proto-16-family-nl802154" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  613.932538][   T25] audit: type=1400 audit(613.220:71): avc:  denied  { read } for  pid=3306 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  613.989842][   T25] audit: type=1400 audit(613.270:72): avc:  denied  { mounton } for  pid=3306 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  614.011206][   T25] audit: type=1400 audit(613.300:73): avc:  denied  { mount } for  pid=3306 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  615.183067][ T3310] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[  615.430464][ T3306] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  665.317915][   T25] kauditd_printk_skb: 4 callbacks suppressed
[  665.325867][   T25] audit: type=1400 audit(664.610:78): avc:  denied  { execmem } for  pid=3311 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  665.894645][   T25] audit: type=1400 audit(665.180:79): avc:  denied  { read } for  pid=3313 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  665.932148][   T25] audit: type=1400 audit(665.180:80): avc:  denied  { open } for  pid=3313 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  665.998174][   T25] audit: type=1400 audit(665.290:81): avc:  denied  { mounton } for  pid=3313 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  668.189252][   T25] audit: type=1400 audit(667.460:82): avc:  denied  { mount } for  pid=3313 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  668.259918][   T25] audit: type=1400 audit(667.550:83): avc:  denied  { mounton } for  pid=3313 comm="syz-executor" path="/syzkaller.JWYhjf/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  668.350926][   T25] audit: type=1400 audit(667.640:84): avc:  denied  { mount } for  pid=3313 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  668.544912][   T25] audit: type=1400 audit(667.780:85): avc:  denied  { mounton } for  pid=3313 comm="syz-executor" path="/syzkaller.JWYhjf/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  668.645329][   T25] audit: type=1400 audit(667.930:86): avc:  denied  { mounton } for  pid=3313 comm="syz-executor" path="/syzkaller.JWYhjf/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=2818 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  668.845083][   T25] audit: type=1400 audit(668.130:87): avc:  denied  { unmount } for  pid=3313 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  676.750610][ T3316] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  759.401164][   T25] kauditd_printk_skb: 8 callbacks suppressed
[  759.410791][   T25] audit: type=1400 audit(758.690:96): avc:  denied  { sys_module } for  pid=3341 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  786.337536][ T3341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  786.577364][ T3341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  787.095805][ T3343] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  787.377176][ T3343] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  799.270931][ T3341] hsr_slave_0: entered promiscuous mode
[  799.299829][ T3341] hsr_slave_1: entered promiscuous mode
[  800.269700][ T3343] hsr_slave_0: entered promiscuous mode
[  800.316646][ T3343] hsr_slave_1: entered promiscuous mode
[  800.359889][ T3343] debugfs: 'hsr0' already exists in 'hsr'
[  800.374412][ T3343] Cannot create hsr debugfs directory
[  805.798389][ T3341] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  806.122877][ T3341] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  806.512928][ T3341] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  806.872299][ T3341] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  808.321148][ T3343] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  808.489620][ T3343] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  808.688695][ T3343] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  808.837242][ T3343] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  823.078684][ T3341] 8021q: adding VLAN 0 to HW filter on device bond0
[  826.118832][ T3343] 8021q: adding VLAN 0 to HW filter on device bond0
[  880.189596][ T3341] veth0_vlan: entered promiscuous mode
[  880.686415][ T3341] veth1_vlan: entered promiscuous mode
[  883.345758][ T3343] veth0_vlan: entered promiscuous mode
[  883.889592][ T3341] veth0_macvtap: entered promiscuous mode
[  884.376747][ T3341] veth1_macvtap: entered promiscuous mode
[  884.556808][ T3343] veth1_vlan: entered promiscuous mode
[  887.712611][ T3431] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  887.874241][ T3431] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  887.878348][ T3431] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  887.891647][ T3431] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  888.087173][ T3343] veth0_macvtap: entered promiscuous mode
[  888.745582][ T3343] veth1_macvtap: entered promiscuous mode
[  892.447275][ T3490] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  892.448456][ T3490] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  892.499685][ T3490] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  892.510299][ T3490] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  908.378095][   T25] audit: type=1400 audit(907.660:97): avc:  denied  { read } for  pid=3503 comm="syz.0.10" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  908.465065][   T25] audit: type=1400 audit(907.740:98): avc:  denied  { open } for  pid=3503 comm="syz.0.10" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  909.074298][   T25] audit: type=1400 audit(908.290:99): avc:  denied  { ioctl } for  pid=3503 comm="syz.0.10" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae03 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  937.431261][   T25] audit: type=1400 audit(936.690:100): avc:  denied  { execute } for  pid=3527 comm="syz.0.22" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4181 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  941.726283][   T25] audit: type=1400 audit(941.010:101): avc:  denied  { write } for  pid=3529 comm="syz.2.23" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  948.538889][   T25] audit: type=1400 audit(947.810:102): avc:  denied  { map } for  pid=3533 comm="syz.2.25" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  948.606102][   T25] audit: type=1400 audit(947.860:103): avc:  denied  { execute } for  pid=3533 comm="syz.2.25" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1115.935667][   T25] audit: type=1400 audit(1115.220:104): avc:  denied  { setattr } for  pid=3661 comm="syz.2.88" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1126.727820][   T25] audit: type=1400 audit(1125.950:105): avc:  denied  { append } for  pid=3667 comm="syz.0.91" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2363.620872][   T25] audit: type=1400 audit(2362.870:106): avc:  denied  { ioctl } for  pid=4413 comm="syz.0.402" path="net:[4026532624]" dev="nsfs" ino=4026532624 ioctlcmd=0xb705 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 2797.187390][ T4660] kvm [4660]: Failed to find VMA for hva 0x21016000
[ 2811.272258][ T4667] KVM: debugfs: duplicate directory 4667-5
[ 3026.081166][ T4783] debugfs: 'vgic-its-state@8080000' already exists in '4783-4'
[ 3342.166349][ T4959] kvm [4959]: Failed to find VMA for hva 0x20ddd000
[ 3354.718272][ T4966] kvm [4966]: Failed to find VMA for hva 0x20c01000
[ 3505.882493][ T5049] kvm [5049]: Failed to find VMA for hva 0x20e08000
[ 3533.858194][ T5066] kvm [5066]: Failed to find VMA for hva 0x20c01000
[ 3534.015628][ T5067] kvm [5067]: Failed to find VMA for hva 0x20c01000
[ 4367.474275][   T25] audit: type=1400 audit(4366.720:107): avc:  denied  { map } for  pid=5582 comm="syz.2.877" path="/" dev="tmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 5156.709190][ T6023] kvm [6023]: Failed to find VMA for hva 0x20c01000
[ 5189.626470][ T6039] kvm [6039]: Failed to find VMA for hva 0x20c01000
[ 5549.649346][ T6237] kvm [6237]: Failed to find VMA for hva 0x20c01000
[ 5559.968495][ T6245] FAULT_INJECTION: forcing a failure.
[ 5559.968495][ T6245] name failslab, interval 1, probability 0, space 0, times 1
[ 5560.006583][ T6245] CPU: 0 UID: 0 PID: 6245 Comm: syz.2.1141 Not tainted syzkaller #0 PREEMPT 
[ 5560.007287][ T6245] Hardware name: linux,dummy-virt (DT)
[ 5560.007745][ T6245] Call trace:
[ 5560.008171][ T6245]  show_stack+0x2c/0x3c (C)
[ 5560.010035][ T6245]  __dump_stack+0x30/0x40
[ 5560.010324][ T6245]  dump_stack_lvl+0xd8/0x12c
[ 5560.010536][ T6245]  dump_stack+0x1c/0x28
[ 5560.010740][ T6245]  should_fail_ex+0x570/0x6e0
[ 5560.011022][ T6245]  should_failslab+0xb8/0xec
[ 5560.011279][ T6245]  __kmalloc_noprof+0xdc/0x4b8
[ 5560.011504][ T6245]  tomoyo_realpath_from_path+0xdc/0x628
[ 5560.011746][ T6245]  tomoyo_path_number_perm+0x13c/0x33c
[ 5560.012077][ T6245]  tomoyo_file_ioctl+0x2c/0x3c
[ 5560.012317][ T6245]  security_file_ioctl+0xe8/0x2f0
[ 5560.012591][ T6245]  __arm64_sys_ioctl+0xd0/0x244
[ 5560.012884][ T6245]  invoke_syscall+0x90/0x2b4
[ 5560.013187][ T6245]  el0_svc_common+0x180/0x2f4
[ 5560.013473][ T6245]  do_el0_svc+0x58/0x74
[ 5560.013758][ T6245]  el0_svc+0x58/0x164
[ 5560.014024][ T6245]  el0t_64_sync_handler+0x84/0x12c
[ 5560.014287][ T6245]  el0t_64_sync+0x198/0x19c
[ 5560.127495][ T6245] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 5572.728399][ T6249] kvm [6249]: Failed to find VMA for hva 0x20c01000
[ 5605.647457][ T6260] kvm [6260]: Failed to find VMA for hva 0x20c01000
[ 5614.658964][ T6270] FAULT_INJECTION: forcing a failure.
[ 5614.658964][ T6270] name failslab, interval 1, probability 0, space 0, times 0
[ 5614.685608][ T6270] CPU: 0 UID: 0 PID: 6270 Comm: syz.2.1149 Not tainted syzkaller #0 PREEMPT 
[ 5614.686029][ T6270] Hardware name: linux,dummy-virt (DT)
[ 5614.686145][ T6270] Call trace:
[ 5614.686228][ T6270]  show_stack+0x2c/0x3c (C)
[ 5614.686594][ T6270]  __dump_stack+0x30/0x40
[ 5614.686823][ T6270]  dump_stack_lvl+0xd8/0x12c
[ 5614.687046][ T6270]  dump_stack+0x1c/0x28
[ 5614.687253][ T6270]  should_fail_ex+0x570/0x6e0
[ 5614.687507][ T6270]  should_failslab+0xb8/0xec
[ 5614.687757][ T6270]  __kmalloc_noprof+0xdc/0x4b8
[ 5614.688011][ T6270]  tomoyo_realpath_from_path+0xdc/0x628
[ 5614.688262][ T6270]  tomoyo_path_number_perm+0x13c/0x33c
[ 5614.688611][ T6270]  tomoyo_file_ioctl+0x2c/0x3c
[ 5614.688868][ T6270]  security_file_ioctl+0xe8/0x2f0
[ 5614.689140][ T6270]  __arm64_sys_ioctl+0xd0/0x244
[ 5614.689410][ T6270]  invoke_syscall+0x90/0x2b4
[ 5614.689701][ T6270]  el0_svc_common+0x180/0x2f4
[ 5614.690000][ T6270]  do_el0_svc+0x58/0x74
[ 5614.690286][ T6270]  el0_svc+0x58/0x164
[ 5614.690526][ T6270]  el0t_64_sync_handler+0x84/0x12c
[ 5614.690763][ T6270]  el0t_64_sync+0x198/0x19c
[ 5614.769066][ T6270] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 5683.158127][ T6314] FAULT_INJECTION: forcing a failure.
[ 5683.158127][ T6314] name fail_usercopy, interval 1, probability 0, space 0, times 1
[ 5683.168891][ T6314] CPU: 0 UID: 0 PID: 6314 Comm: syz.2.1163 Not tainted syzkaller #0 PREEMPT 
[ 5683.169282][ T6314] Hardware name: linux,dummy-virt (DT)
[ 5683.169390][ T6314] Call trace:
[ 5683.169474][ T6314]  show_stack+0x2c/0x3c (C)
[ 5683.169840][ T6314]  __dump_stack+0x30/0x40
[ 5683.170064][ T6314]  dump_stack_lvl+0xd8/0x12c
[ 5683.170271][ T6314]  dump_stack+0x1c/0x28
[ 5683.170469][ T6314]  should_fail_ex+0x570/0x6e0
[ 5683.170709][ T6314]  should_fail+0x14/0x24
[ 5683.170962][ T6314]  should_fail_usercopy+0x20/0x30
[ 5683.171213][ T6314]  simple_read_from_buffer+0xd0/0x298
[ 5683.171433][ T6314]  proc_fail_nth_read+0x184/0x218
[ 5683.171645][ T6314]  vfs_read+0x220/0x9a8
[ 5683.171953][ T6314]  ksys_read+0x100/0x1f4
[ 5683.172231][ T6314]  __arm64_sys_read+0x98/0xcc
[ 5683.172541][ T6314]  invoke_syscall+0x90/0x2b4
[ 5683.172858][ T6314]  el0_svc_common+0x180/0x2f4
[ 5683.173181][ T6314]  do_el0_svc+0x58/0x74
[ 5683.173467][ T6314]  el0_svc+0x58/0x164
[ 5683.173705][ T6314]  el0t_64_sync_handler+0x84/0x12c
[ 5683.173972][ T6314]  el0t_64_sync+0x198/0x19c
[ 5699.761187][ T6326] FAULT_INJECTION: forcing a failure.
[ 5699.761187][ T6326] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 5699.784186][ T6326] CPU: 0 UID: 0 PID: 6326 Comm: syz.0.1168 Not tainted syzkaller #0 PREEMPT 
[ 5699.784616][ T6326] Hardware name: linux,dummy-virt (DT)
[ 5699.784727][ T6326] Call trace:
[ 5699.784817][ T6326]  show_stack+0x2c/0x3c (C)
[ 5699.785175][ T6326]  __dump_stack+0x30/0x40
[ 5699.785384][ T6326]  dump_stack_lvl+0xd8/0x12c
[ 5699.785604][ T6326]  dump_stack+0x1c/0x28
[ 5699.785817][ T6326]  should_fail_ex+0x570/0x6e0
[ 5699.786078][ T6326]  should_fail+0x14/0x24
[ 5699.786310][ T6326]  should_fail_usercopy+0x20/0x30
[ 5699.786570][ T6326]  _inline_copy_from_user+0x3c/0x18c
[ 5699.786852][ T6326]  kvm_vm_ioctl+0x504/0x944
[ 5699.787104][ T6326]  __arm64_sys_ioctl+0x18c/0x244
[ 5699.787368][ T6326]  invoke_syscall+0x90/0x2b4
[ 5699.787679][ T6326]  el0_svc_common+0x180/0x2f4
[ 5699.787977][ T6326]  do_el0_svc+0x58/0x74
[ 5699.788253][ T6326]  el0_svc+0x58/0x164
[ 5699.788535][ T6326]  el0t_64_sync_handler+0x84/0x12c
[ 5699.788787][ T6326]  el0t_64_sync+0x198/0x19c
[ 5699.901449][ T6324] kvm [6324]: Failed to find VMA for hva 0x21016000
[ 5739.937521][ T6350] FAULT_INJECTION: forcing a failure.
[ 5739.937521][ T6350] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 5739.965524][ T6350] CPU: 0 UID: 0 PID: 6350 Comm: syz.2.1176 Not tainted syzkaller #0 PREEMPT 
[ 5739.965958][ T6350] Hardware name: linux,dummy-virt (DT)
[ 5739.966075][ T6350] Call trace:
[ 5739.966160][ T6350]  show_stack+0x2c/0x3c (C)
[ 5739.966521][ T6350]  __dump_stack+0x30/0x40
[ 5739.966724][ T6350]  dump_stack_lvl+0xd8/0x12c
[ 5739.966965][ T6350]  dump_stack+0x1c/0x28
[ 5739.967178][ T6350]  should_fail_ex+0x570/0x6e0
[ 5739.967417][ T6350]  should_fail_alloc_page+0xd4/0xd8
[ 5739.967665][ T6350]  prepare_alloc_pages+0x20c/0x5e0
[ 5739.967936][ T6350]  __alloc_frozen_pages_noprof+0xd8/0x2d0
[ 5739.968195][ T6350]  alloc_pages_mpol+0x204/0x4c8
[ 5739.968456][ T6350]  alloc_pages_noprof+0x104/0x2ec
[ 5739.968687][ T6350]  __pmd_alloc+0x54/0x598
[ 5739.968945][ T6350]  handle_mm_fault+0x1d70/0x5778
[ 5739.969180][ T6350]  do_page_fault+0x55c/0x1508
[ 5739.969456][ T6350]  do_translation_fault+0xbc/0xfc
[ 5739.969723][ T6350]  do_mem_abort+0x50/0x110
[ 5739.970014][ T6350]  el1_abort+0x3c/0x5c
[ 5739.970254][ T6350]  el1h_64_sync_handler+0x50/0xfc
[ 5739.970487][ T6350]  el1h_64_sync+0x6c/0x70
[ 5739.970863][ T6350]  ioctl_setflags+0x178/0x278 (P)
[ 5739.971196][ T6350]  do_vfs_ioctl+0x964/0x1b70
[ 5739.971464][ T6350]  __arm64_sys_ioctl+0x10c/0x244
[ 5739.971719][ T6350]  invoke_syscall+0x90/0x2b4
[ 5739.972046][ T6350]  el0_svc_common+0x180/0x2f4
[ 5739.972337][ T6350]  do_el0_svc+0x58/0x74
[ 5739.972653][ T6350]  el0_svc+0x58/0x164
[ 5739.972912][ T6350]  el0t_64_sync_handler+0x84/0x12c
[ 5739.973173][ T6350]  el0t_64_sync+0x198/0x19c
[ 5749.571751][ T6358] FAULT_INJECTION: forcing a failure.
[ 5749.571751][ T6358] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 5749.600896][ T6358] CPU: 0 UID: 0 PID: 6358 Comm: syz.0.1178 Not tainted syzkaller #0 PREEMPT 
[ 5749.601306][ T6358] Hardware name: linux,dummy-virt (DT)
[ 5749.601416][ T6358] Call trace:
[ 5749.601498][ T6358]  show_stack+0x2c/0x3c (C)
[ 5749.601876][ T6358]  __dump_stack+0x30/0x40
[ 5749.602099][ T6358]  dump_stack_lvl+0xd8/0x12c
[ 5749.602306][ T6358]  dump_stack+0x1c/0x28
[ 5749.602506][ T6358]  should_fail_ex+0x570/0x6e0
[ 5749.602753][ T6358]  should_fail_alloc_page+0xd4/0xd8
[ 5749.603051][ T6358]  prepare_alloc_pages+0x20c/0x5e0
[ 5749.603296][ T6358]  __alloc_frozen_pages_noprof+0xd8/0x2d0
[ 5749.603542][ T6358]  alloc_pages_mpol+0x204/0x4c8
[ 5749.603763][ T6358]  alloc_pages_noprof+0x104/0x2ec
[ 5749.604009][ T6358]  get_free_pages_noprof+0x1c/0xc4
[ 5749.604252][ T6358]  __kvm_mmu_topup_memory_cache+0x328/0x6d8
[ 5749.604499][ T6358]  kvm_mmu_topup_memory_cache+0x2c/0x3c
[ 5749.604717][ T6358]  kvm_handle_guest_abort+0x1164/0x2e18
[ 5749.605028][ T6358]  handle_exit+0x21c/0x3dc
[ 5749.605252][ T6358]  kvm_arch_vcpu_ioctl_run+0x11f8/0x2610
[ 5749.605504][ T6358]  kvm_vcpu_ioctl+0x7dc/0xc2c
[ 5749.605767][ T6358]  __arm64_sys_ioctl+0x18c/0x244
[ 5749.606086][ T6358]  invoke_syscall+0x90/0x2b4
[ 5749.606387][ T6358]  el0_svc_common+0x180/0x2f4
[ 5749.606685][ T6358]  do_el0_svc+0x58/0x74
[ 5749.606995][ T6358]  el0_svc+0x58/0x164
[ 5749.607235][ T6358]  el0t_64_sync_handler+0x84/0x12c
[ 5749.607478][ T6358]  el0t_64_sync+0x198/0x19c
[ 5880.770793][ T6426] kvm [6426]: Failed to find VMA for hva 0x20c01000
[ 5893.280772][ T6435] FAULT_INJECTION: forcing a failure.
[ 5893.280772][ T6435] name failslab, interval 1, probability 0, space 0, times 0
[ 5893.325866][ T6435] CPU: 0 UID: 0 PID: 6435 Comm: syz.2.1208 Not tainted syzkaller #0 PREEMPT 
[ 5893.326266][ T6435] Hardware name: linux,dummy-virt (DT)
[ 5893.326374][ T6435] Call trace:
[ 5893.326457][ T6435]  show_stack+0x2c/0x3c (C)
[ 5893.326825][ T6435]  __dump_stack+0x30/0x40
[ 5893.327050][ T6435]  dump_stack_lvl+0xd8/0x12c
[ 5893.327258][ T6435]  dump_stack+0x1c/0x28
[ 5893.327457][ T6435]  should_fail_ex+0x570/0x6e0
[ 5893.327697][ T6435]  should_failslab+0xb8/0xec
[ 5893.327964][ T6435]  kmem_cache_alloc_lru_noprof+0x84/0x3f4
[ 5893.328204][ T6435]  shmem_alloc_inode+0x2c/0x48
[ 5893.328491][ T6435]  alloc_inode+0x80/0x23c
[ 5893.328717][ T6435]  new_inode+0x2c/0x1c4
[ 5893.328976][ T6435]  shmem_get_inode+0x334/0x1138
[ 5893.329228][ T6435]  shmem_tmpfile+0x74/0x1a0
[ 5893.329485][ T6435]  vfs_tmpfile+0x358/0x890
[ 5893.329691][ T6435]  do_tmpfile+0xe8/0x288
[ 5893.329948][ T6435]  path_openat+0x28a8/0x35f8
[ 5893.330164][ T6435]  do_filp_open+0x190/0x3cc
[ 5893.330373][ T6435]  do_sys_openat2+0xd4/0x158
[ 5893.330640][ T6435]  __arm64_sys_openat+0x154/0x1b8
[ 5893.330921][ T6435]  invoke_syscall+0x90/0x2b4
[ 5893.331235][ T6435]  el0_svc_common+0x180/0x2f4
[ 5893.331523][ T6435]  do_el0_svc+0x58/0x74
[ 5893.331813][ T6435]  el0_svc+0x58/0x164
[ 5893.332067][ T6435]  el0t_64_sync_handler+0x84/0x12c
[ 5893.332316][ T6435]  el0t_64_sync+0x198/0x19c
[ 6106.191851][ T6549] FAULT_INJECTION: forcing a failure.
[ 6106.191851][ T6549] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 6106.215981][ T6549] CPU: 0 UID: 0 PID: 6549 Comm: syz.2.1249 Not tainted syzkaller #0 PREEMPT 
[ 6106.216411][ T6549] Hardware name: linux,dummy-virt (DT)
[ 6106.216527][ T6549] Call trace:
[ 6106.216604][ T6549]  show_stack+0x2c/0x3c (C)
[ 6106.216980][ T6549]  __dump_stack+0x30/0x40
[ 6106.217193][ T6549]  dump_stack_lvl+0xd8/0x12c
[ 6106.217394][ T6549]  dump_stack+0x1c/0x28
[ 6106.217586][ T6549]  should_fail_ex+0x570/0x6e0
[ 6106.217842][ T6549]  should_fail+0x14/0x24
[ 6106.218085][ T6549]  should_fail_usercopy+0x20/0x30
[ 6106.218337][ T6549]  _inline_copy_from_user+0x3c/0x18c
[ 6106.218606][ T6549]  kvm_device_ioctl+0x208/0x418
[ 6106.218876][ T6549]  __arm64_sys_ioctl+0x18c/0x244
[ 6106.219168][ T6549]  invoke_syscall+0x90/0x2b4
[ 6106.219465][ T6549]  el0_svc_common+0x180/0x2f4
[ 6106.219754][ T6549]  do_el0_svc+0x58/0x74
[ 6106.220064][ T6549]  el0_svc+0x58/0x164
[ 6106.220302][ T6549]  el0t_64_sync_handler+0x84/0x12c
[ 6106.220576][ T6549]  el0t_64_sync+0x198/0x19c
[ 6474.868392][ T6733] FAULT_INJECTION: forcing a failure.
[ 6474.868392][ T6733] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 6474.900281][ T6733] CPU: 0 UID: 0 PID: 6733 Comm: syz.2.1307 Not tainted syzkaller #0 PREEMPT 
[ 6474.900711][ T6733] Hardware name: linux,dummy-virt (DT)
[ 6474.900845][ T6733] Call trace:
[ 6474.900941][ T6733]  show_stack+0x2c/0x3c (C)
[ 6474.901305][ T6733]  __dump_stack+0x30/0x40
[ 6474.901516][ T6733]  dump_stack_lvl+0xd8/0x12c
[ 6474.901723][ T6733]  dump_stack+0x1c/0x28
[ 6474.901964][ T6733]  should_fail_ex+0x570/0x6e0
[ 6474.902212][ T6733]  should_fail_alloc_page+0xd4/0xd8
[ 6474.902463][ T6733]  prepare_alloc_pages+0x20c/0x5e0
[ 6474.902705][ T6733]  __alloc_frozen_pages_noprof+0xd8/0x2d0
[ 6474.902993][ T6733]  alloc_pages_mpol+0x204/0x4c8
[ 6474.903226][ T6733]  alloc_pages_noprof+0x104/0x2ec
[ 6474.903446][ T6733]  get_free_pages_noprof+0x1c/0xc4
[ 6474.903688][ T6733]  __kvm_mmu_topup_memory_cache+0x328/0x6d8
[ 6474.903931][ T6733]  kvm_mmu_topup_memory_cache+0x2c/0x3c
[ 6474.904148][ T6733]  kvm_handle_guest_abort+0x1164/0x2e18
[ 6474.904460][ T6733]  handle_exit+0x21c/0x3dc
[ 6474.904681][ T6733]  kvm_arch_vcpu_ioctl_run+0x11f8/0x2610
[ 6474.904978][ T6733]  kvm_vcpu_ioctl+0x7dc/0xc2c
[ 6474.905246][ T6733]  __arm64_sys_ioctl+0x18c/0x244
[ 6474.905509][ T6733]  invoke_syscall+0x90/0x2b4
[ 6474.905825][ T6733]  el0_svc_common+0x180/0x2f4
[ 6474.906132][ T6733]  do_el0_svc+0x58/0x74
[ 6474.906414][ T6733]  el0_svc+0x58/0x164
[ 6474.906642][ T6733]  el0t_64_sync_handler+0x84/0x12c
[ 6474.906896][ T6733]  el0t_64_sync+0x198/0x19c
[ 6611.355994][ T6470] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6612.405641][ T6470] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6613.957631][ T6470] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6615.247358][ T6470] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6629.847241][ T6470] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 6629.947417][ T6470] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 6630.000246][ T6470] bond0 (unregistering): Released all slaves
[ 6631.330095][ T6470] hsr_slave_0: left promiscuous mode
[ 6631.368978][ T6470] hsr_slave_1: left promiscuous mode
[ 6631.676633][ T6470] veth1_macvtap: left promiscuous mode
[ 6631.681360][ T6470] veth0_macvtap: left promiscuous mode
[ 6631.698257][ T6470] veth1_vlan: left promiscuous mode
[ 6631.716593][ T6470] veth0_vlan: left promiscuous mode
[ 6650.450065][ T6470] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6651.610002][ T6470] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6652.811801][ T6470] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6653.812174][ T6470] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6669.010275][ T6470] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 6669.199830][ T6470] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 6669.311495][ T6470] bond0 (unregistering): Released all slaves
[ 6671.378120][ T6470] hsr_slave_0: left promiscuous mode
[ 6671.676075][ T6470] hsr_slave_1: left promiscuous mode
[ 6672.275588][ T6470] veth1_macvtap: left promiscuous mode
[ 6672.277008][ T6470] veth0_macvtap: left promiscuous mode
[ 6672.301353][ T6470] veth1_vlan: left promiscuous mode
[ 6672.309830][ T6470] veth0_vlan: left promiscuous mode
[ 6685.456624][ T6766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6685.820676][ T6766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6700.112422][ T6776] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6700.307081][ T6776] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6706.320423][ T6766] hsr_slave_0: entered promiscuous mode
[ 6706.368717][ T6766] hsr_slave_1: entered promiscuous mode
[ 6718.510013][ T6766] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 6718.802462][ T6766] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 6719.002826][ T6766] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 6719.266892][ T6766] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 6722.392025][ T6776] hsr_slave_0: entered promiscuous mode
[ 6722.439505][ T6776] hsr_slave_1: entered promiscuous mode
[ 6722.451592][ T6776] debugfs: 'hsr0' already exists in 'hsr'
[ 6722.497740][ T6776] Cannot create hsr debugfs directory
[ 6737.425161][ T6776] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 6737.837205][ T6776] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 6738.160687][ T6776] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 6738.535859][ T6776] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 6745.309380][ T6766] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6763.640371][ T6776] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6837.712104][ T6766] veth0_vlan: entered promiscuous mode
[ 6838.457994][ T6766] veth1_vlan: entered promiscuous mode
[ 6841.399060][ T6766] veth0_macvtap: entered promiscuous mode
[ 6841.791534][ T6766] veth1_macvtap: entered promiscuous mode
[ 6844.431457][ T6775] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 6844.455587][ T6775] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 6844.517037][ T6470] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 6844.520027][ T6470] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 6884.806228][ T6776] veth0_vlan: entered promiscuous mode
[ 6885.791133][ T6776] veth1_vlan: entered promiscuous mode
[ 6889.072026][ T6776] veth0_macvtap: entered promiscuous mode
[ 6889.520694][ T6776] veth1_macvtap: entered promiscuous mode
[ 6892.928883][ T6775] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 6892.937039][ T6775] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 6892.948428][ T6775] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 6892.975320][ T6787] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 7091.486402][ T6470] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7093.402344][ T6470] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7095.180769][ T6470] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7096.972279][ T6470] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7122.831851][ T6470] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 7123.657432][ T6470] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 7124.187120][ T6470] bond0 (unregistering): Released all slaves
[ 7126.728381][ T6470] hsr_slave_0: left promiscuous mode
[ 7126.807192][ T6470] hsr_slave_1: left promiscuous mode
[ 7127.287575][ T6470] veth1_macvtap: left promiscuous mode
[ 7127.294973][ T6470] veth0_macvtap: left promiscuous mode
[ 7127.297232][ T6470] veth1_vlan: left promiscuous mode
[ 7127.298644][ T6470] veth0_vlan: left promiscuous mode
[ 7162.720493][ T6470] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7164.516495][ T6470] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7165.716333][ T6470] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7167.002110][ T6470] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7185.517234][ T6470] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 7185.786193][ T6470] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 7185.919488][ T6470] bond0 (unregistering): Released all slaves
[ 7187.520293][ T6470] hsr_slave_0: left promiscuous mode
[ 7187.574925][ T6470] hsr_slave_1: left promiscuous mode
[ 7187.847976][ T6470] veth1_macvtap: left promiscuous mode
[ 7187.868411][ T6470] veth0_macvtap: left promiscuous mode
[ 7187.888942][ T6470] veth1_vlan: left promiscuous mode
[ 7187.908770][ T6470] veth0_vlan: left promiscuous mode
[ 7231.809791][ T7132] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7232.062925][ T7132] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7240.816627][ T7156] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7241.095487][ T7156] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7256.396526][ T7132] hsr_slave_0: entered promiscuous mode
[ 7256.517073][ T7132] hsr_slave_1: entered promiscuous mode
[ 7266.220467][ T7156] hsr_slave_0: entered promiscuous mode
[ 7266.275964][ T7156] hsr_slave_1: entered promiscuous mode
[ 7266.298253][ T7156] debugfs: 'hsr0' already exists in 'hsr'
[ 7266.315322][ T7156] Cannot create hsr debugfs directory
[ 7273.706477][ T7132] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 7274.696294][ T7132] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 7275.012210][ T7132] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 7276.118821][ T7132] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 7287.047867][ T7156] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 7287.458512][ T7156] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 7288.074884][ T7156] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 7288.529426][ T7156] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 7308.420540][ T7132] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7315.930294][ T7156] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7438.046855][ T7132] veth0_vlan: entered promiscuous mode
[ 7438.918106][ T7132] veth1_vlan: entered promiscuous mode
[ 7441.982087][ T7132] veth0_macvtap: entered promiscuous mode
[ 7442.445947][ T7132] veth1_macvtap: entered promiscuous mode
[ 7446.836602][ T7156] veth0_vlan: entered promiscuous mode
[ 7446.899216][ T6163] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 7447.042635][ T6632] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 7447.224726][ T6632] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 7447.232033][ T6632] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 7449.037389][ T7156] veth1_vlan: entered promiscuous mode
[ 7455.097227][ T7156] veth0_macvtap: entered promiscuous mode
[ 7456.162159][ T7156] veth1_macvtap: entered promiscuous mode
[ 7460.035090][ T6632] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 7460.037641][ T6632] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 7460.148042][ T4022] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 7460.177845][ T4022] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 7877.661112][ T7364] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7879.682119][ T7364] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7884.112017][ T7364] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7885.992725][ T7364] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7910.629762][ T7364] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 7910.771940][ T7364] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 7910.834751][ T7364] bond0 (unregistering): Released all slaves
[ 7914.117234][ T7364] hsr_slave_0: left promiscuous mode
[ 7914.231962][ T7364] hsr_slave_1: left promiscuous mode
[ 7914.602351][ T7364] veth1_macvtap: left promiscuous mode
[ 7914.650472][ T7364] veth0_macvtap: left promiscuous mode
[ 7914.677664][ T7364] veth1_vlan: left promiscuous mode
[ 7914.688319][ T7364] veth0_vlan: left promiscuous mode
[ 7939.018381][ T7135] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7940.889344][ T7135] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7942.519820][ T7135] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7944.322135][ T7135] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7958.979682][ T7573] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7960.009287][ T7573] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7970.968099][ T7135] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 7971.088326][ T7135] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 7971.160992][ T7135] bond0 (unregistering): Released all slaves
[ 7972.858202][ T7135] hsr_slave_0: left promiscuous mode
[ 7972.917442][ T7135] hsr_slave_1: left promiscuous mode
[ 7973.659436][ T7135] veth1_macvtap: left promiscuous mode
[ 7973.737510][ T7135] veth0_macvtap: left promiscuous mode
[ 7973.742043][ T7135] veth1_vlan: left promiscuous mode
[ 7973.756322][ T7135] veth0_vlan: left promiscuous mode
[ 7994.260089][ T7581] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7994.730414][ T7581] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8018.022616][ T7573] hsr_slave_0: entered promiscuous mode
[ 8018.158129][ T7573] hsr_slave_1: entered promiscuous mode
[ 8028.492333][ T7581] hsr_slave_0: entered promiscuous mode
[ 8028.577760][ T7581] hsr_slave_1: entered promiscuous mode
[ 8028.637926][ T7581] debugfs: 'hsr0' already exists in 'hsr'
[ 8028.641005][ T7581] Cannot create hsr debugfs directory
[ 8036.249232][ T7573] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 8037.198565][ T7573] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 8037.716102][ T7573] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 8038.522251][ T7573] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 8048.411621][ T7581] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 8049.006962][ T7581] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 8049.567326][ T7581] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 8050.031655][ T7581] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 8075.605241][ T7573] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8086.550963][ T7581] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8228.776590][ T7573] veth0_vlan: entered promiscuous mode
[ 8229.901574][ T7573] veth1_vlan: entered promiscuous mode
[ 8233.842840][ T7573] veth0_macvtap: entered promiscuous mode
[ 8234.566041][ T7573] veth1_macvtap: entered promiscuous mode
[ 8238.497560][ T4022] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8238.701934][ T7583] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8238.802177][ T5969] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8238.835566][ T5969] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8242.548053][ T7581] veth0_vlan: entered promiscuous mode
[ 8245.086325][ T7581] veth1_vlan: entered promiscuous mode
[ 8250.606226][ T7581] veth0_macvtap: entered promiscuous mode
[ 8251.360530][ T7581] veth1_macvtap: entered promiscuous mode
[ 8256.204822][ T5969] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8256.364497][ T6470] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8256.374789][ T6470] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8256.397947][ T6163] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8446.399652][ T6470] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8448.762045][ T6470] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8451.282520][ T6470] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8453.769441][ T6470] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8482.819416][ T6470] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 8483.748069][ T6470] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 8484.490929][ T6470] bond0 (unregistering): Released all slaves
[ 8488.004104][ T6470] hsr_slave_0: left promiscuous mode
[ 8488.134638][ T6470] hsr_slave_1: left promiscuous mode
[ 8489.098900][ T6470] veth1_macvtap: left promiscuous mode
[ 8489.175898][ T6470] veth0_macvtap: left promiscuous mode
[ 8489.218491][ T6470] veth1_vlan: left promiscuous mode
[ 8489.232734][ T6470] veth0_vlan: left promiscuous mode
[ 8528.902878][ T7583] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8530.799021][ T7583] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8532.697541][ T7583] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8534.511101][ T7583] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8562.075727][ T7583] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 8562.454797][ T7583] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 8562.678948][ T7583] bond0 (unregistering): Released all slaves
[ 8565.016630][ T7583] hsr_slave_0: left promiscuous mode
[ 8565.164403][ T7583] hsr_slave_1: left promiscuous mode
[ 8565.649484][ T7583] veth1_macvtap: left promiscuous mode
[ 8565.657892][ T7583] veth0_macvtap: left promiscuous mode
[ 8565.666280][ T7583] veth1_vlan: left promiscuous mode
[ 8565.696518][ T7583] veth0_vlan: left promiscuous mode
[ 8637.477347][ T7901] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8638.527182][ T7901] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8639.464989][ T7897] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8640.476533][ T7897] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8678.398102][ T7901] hsr_slave_0: entered promiscuous mode
[ 8678.508498][ T7901] hsr_slave_1: entered promiscuous mode
[ 8682.180406][ T7897] hsr_slave_0: entered promiscuous mode
[ 8682.279674][ T7897] hsr_slave_1: entered promiscuous mode
[ 8682.358543][ T7897] debugfs: 'hsr0' already exists in 'hsr'
[ 8682.410646][ T7897] Cannot create hsr debugfs directory
[ 8703.069522][ T7901] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 8704.128853][ T7901] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 8704.462322][ T7901] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 8705.177470][ T7901] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 8712.370451][ T7897] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 8713.030181][ T7897] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 8713.905483][ T7897] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 8714.466363][ T7897] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 8748.140765][ T7901] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8757.547485][ T7897] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8901.835578][ T7901] veth0_vlan: entered promiscuous mode
[ 8903.439462][ T7901] veth1_vlan: entered promiscuous mode
[ 8909.651148][ T7901] veth0_macvtap: entered promiscuous mode
[ 8910.880329][ T7901] veth1_macvtap: entered promiscuous mode
[ 8915.902284][ T7914] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8915.994692][ T7135] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8916.165709][ T7135] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8916.170006][ T7135] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8949.150393][ T7897] veth0_vlan: entered promiscuous mode
[ 8950.961181][ T7897] veth1_vlan: entered promiscuous mode
[ 8956.133985][ T7897] veth0_macvtap: entered promiscuous mode
[ 8957.250578][ T7897] veth1_macvtap: entered promiscuous mode
[ 8963.366597][ T6632] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8963.422331][ T7914] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8963.900764][ T7914] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8963.921894][ T6775] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 9074.401995][ T7914] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9079.952230][ T7914] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9082.836056][ T7914] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9085.720761][ T7914] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9124.300859][ T7914] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 9125.026850][ T7914] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 9125.238137][ T7914] bond0 (unregistering): Released all slaves
[ 9127.896632][ T7914] hsr_slave_0: left promiscuous mode
[ 9128.040926][ T7914] hsr_slave_1: left promiscuous mode
[ 9128.822805][ T7914] veth1_macvtap: left promiscuous mode
[ 9128.942293][ T7914] veth0_macvtap: left promiscuous mode
[ 9128.966404][ T7914] veth1_vlan: left promiscuous mode
[ 9128.985807][ T7914] veth0_vlan: left promiscuous mode
[ 9174.498521][ T4022] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9176.482821][ T4022] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9177.991757][ T4022] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9179.701654][ T4022] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9212.787431][ T4022] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 9213.209882][ T4022] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 9213.418399][ T4022] bond0 (unregistering): Released all slaves
[ 9217.519237][ T4022] hsr_slave_0: left promiscuous mode
[ 9217.826989][ T4022] hsr_slave_1: left promiscuous mode
[ 9218.682832][ T4022] veth1_macvtap: left promiscuous mode
[ 9218.718833][ T4022] veth0_macvtap: left promiscuous mode
[ 9218.765864][ T4022] veth1_vlan: left promiscuous mode
[ 9218.806034][ T4022] veth0_vlan: left promiscuous mode
[ 9274.212255][ T8170] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 9274.641017][ T8170] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 9286.240110][ T8185] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 9286.711041][ T8185] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 9320.032190][ T8170] hsr_slave_0: entered promiscuous mode
[ 9320.268101][ T8170] hsr_slave_1: entered promiscuous mode
[ 9329.872659][ T8185] hsr_slave_0: entered promiscuous mode
[ 9330.019765][ T8185] hsr_slave_1: entered promiscuous mode
[ 9330.084460][ T8185] debugfs: 'hsr0' already exists in 'hsr'
[ 9330.085245][ T8185] Cannot create hsr debugfs directory
[ 9372.800298][ T8170] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 9373.646387][ T8170] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 9374.049763][ T8170] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 9374.612261][ T8170] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 9381.288174][ T8185] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 9381.762458][ T8185] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 9382.516828][ T8185] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 9383.216919][ T8185] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 9418.631039][ T8170] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9427.159634][ T8185] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9569.934985][ T8170] veth0_vlan: entered promiscuous mode
[ 9571.062307][ T8170] veth1_vlan: entered promiscuous mode
[ 9576.250682][ T8170] veth0_macvtap: entered promiscuous mode
[ 9577.849658][ T8170] veth1_macvtap: entered promiscuous mode
[ 9578.747691][ T8185] veth0_vlan: entered promiscuous mode
[ 9581.160811][ T8185] veth1_vlan: entered promiscuous mode
[ 9584.947688][ T8071] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 9584.955599][ T8071] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 9584.996673][ T4022] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 9585.025503][ T5969] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 9589.425398][ T8185] veth0_macvtap: entered promiscuous mode
[ 9591.087502][ T8185] veth1_macvtap: entered promiscuous mode
[ 9597.356390][ T6632] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 9597.381198][ T6783] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 9597.411232][ T5969] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 9597.518759][ T8071] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 9795.566826][ T8494] FAULT_INJECTION: forcing a failure.
[ 9795.566826][ T8494] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 9795.592764][ T8494] CPU: 0 UID: 0 PID: 8494 Comm: syz.0.1412 Not tainted syzkaller #0 PREEMPT 
[ 9795.593225][ T8494] Hardware name: linux,dummy-virt (DT)
[ 9795.593337][ T8494] Call trace:
[ 9795.593422][ T8494]  show_stack+0x2c/0x3c (C)
[ 9795.593779][ T8494]  __dump_stack+0x30/0x40
[ 9795.594018][ T8494]  dump_stack_lvl+0xd8/0x12c
[ 9795.594216][ T8494]  dump_stack+0x1c/0x28
[ 9795.594410][ T8494]  should_fail_ex+0x570/0x6e0
[ 9795.594650][ T8494]  should_fail_alloc_page+0xd4/0xd8
[ 9795.594925][ T8494]  prepare_alloc_pages+0x20c/0x5e0
[ 9795.595167][ T8494]  __alloc_frozen_pages_noprof+0xd8/0x2d0
[ 9795.595411][ T8494]  alloc_pages_mpol+0x204/0x4c8
[ 9795.595634][ T8494]  alloc_pages_noprof+0x104/0x2ec
[ 9795.595876][ T8494]  anon_pipe_write+0xdcc/0x1224
[ 9795.596171][ T8494]  vfs_write+0xa34/0xb1c
[ 9795.596476][ T8494]  ksys_write+0x100/0x1f4
[ 9795.596750][ T8494]  __arm64_sys_write+0x98/0xcc
[ 9795.597059][ T8494]  invoke_syscall+0x90/0x2b4
[ 9795.597360][ T8494]  el0_svc_common+0x180/0x2f4
[ 9795.597646][ T8494]  do_el0_svc+0x58/0x74
[ 9795.597953][ T8494]  el0_svc+0x58/0x164
[ 9795.598195][ T8494]  el0t_64_sync_handler+0x84/0x12c
[ 9795.598440][ T8494]  el0t_64_sync+0x198/0x19c
[10035.551948][ T8531] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[10036.171239][ T8531] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[10091.617965][ T8547] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[10093.142015][ T8547] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[10101.172164][ T8531] hsr_slave_0: entered promiscuous mode
[10101.338648][ T8531] hsr_slave_1: entered promiscuous mode
[10101.497346][ T8531] debugfs: 'hsr0' already exists in 'hsr'
[10101.501305][ T8531] Cannot create hsr debugfs directory
[10156.606643][ T8531] netdevsim netdevsim4 netdevsim0: renamed from eth0
[10157.332847][ T8531] netdevsim netdevsim4 netdevsim1: renamed from eth1
[10158.839519][ T8547] hsr_slave_0: entered promiscuous mode
[10159.021388][ T8547] hsr_slave_1: entered promiscuous mode
[10159.136925][ T8547] debugfs: 'hsr0' already exists in 'hsr'
[10159.154645][ T8547] Cannot create hsr debugfs directory
[10159.331748][ T8531] netdevsim netdevsim4 netdevsim2: renamed from eth2
[10161.719852][ T8531] netdevsim netdevsim4 netdevsim3: renamed from eth3
[10209.950823][ T8547] netdevsim netdevsim3 netdevsim0: renamed from eth0
[10210.821629][ T8547] netdevsim netdevsim3 netdevsim1: renamed from eth1
[10212.056046][ T8547] netdevsim netdevsim3 netdevsim2: renamed from eth2
[10213.635691][ T8547] netdevsim netdevsim3 netdevsim3: renamed from eth3
[10224.318723][ T8531] 8021q: adding VLAN 0 to HW filter on device bond0
[10270.650103][ T8547] 8021q: adding VLAN 0 to HW filter on device bond0
[10318.655691][   T27] INFO: task syz.0.1419:8525 blocked for more than 430 seconds.
[10318.677351][   T27]       Not tainted syzkaller #0
[10318.720200][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[10318.747710][   T27] task:syz.0.1419      state:D stack:0     pid:8525  tgid:8525  ppid:8170   task_flags:0x400040 flags:0x00000019
[10318.789791][   T27] Call trace:
[10318.790399][   T27]  __switch_to+0x584/0xb20 (T)
[10318.791023][   T27]  __schedule+0x1eec/0x33a4
[10318.791553][   T27]  schedule+0xac/0x27c
[10318.792050][   T27]  schedule_timeout+0x5c/0x1e4
[10318.792526][   T27]  do_wait_for_common+0x28c/0x444
[10318.895010][   T27]  wait_for_completion+0x44/0x5c
[10318.895993][   T27]  __synchronize_srcu+0x2a4/0x320
[10318.896585][   T27]  synchronize_srcu+0x3cc/0x4f0
[10318.897090][   T27]  mmu_notifier_unregister+0x320/0x42c
[10318.897597][   T27]  kvm_put_kvm+0x6a0/0xfa8
[10318.898027][   T27]  kvm_vm_release+0x58/0x78
[10318.898495][   T27]  __fput+0x4ac/0x980
[10318.898920][   T27]  ____fput+0x20/0x58
[10318.899336][   T27]  task_work_run+0x1bc/0x254
[10318.899764][   T27]  do_notify_resume+0x1bc/0x270
[10318.900246][   T27]  el0_svc+0xb8/0x164
[10318.900722][   T27]  el0t_64_sync_handler+0x84/0x12c
[10318.901201][   T27]  el0t_64_sync+0x198/0x19c
[10319.027497][   T27] 
[10319.027497][   T27] Showing all locks held in the system:
[10319.100465][   T27] 1 lock held by khungtaskd/27:
[10319.108564][   T27]  #0: ffff800087876d18 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[10319.111303][   T27] 2 locks held by getty/3185:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[10319.111690][   T27]  #0: fdf0000011d0e8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[10319.225219][   T27]  #1: e0ff80008c5cb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8
[10319.227016][   T27] 1 lock held by sshd-session/3305:
[10319.227352][   T27] 1 lock held by syz-executor/3306:
[10319.227642][   T27] 3 locks held by kworker/u4:0/5969:
[10319.227971][   T27] 3 locks held by kworker/u4:1/6163:
[10319.228279][   T27] 3 locks held by kworker/u4:4/6783:
[10319.228621][   T27] 3 locks held by kworker/0:5/7011:
[10319.228981][   T27] 3 locks held by kworker/u4:5/7583:
[10319.229296][   T27] 3 locks held by kworker/u4:13/7717:
[10319.229604][   T27] 2 locks held by kworker/u4:14/7914:
[10319.229914][   T27]  #0: 64f000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[10319.231560][   T27]  #1: ffff80008e3c7c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[10319.426774][   T27] 2 locks held by syz.2.1415/8508:
[10319.427261][   T27] 2 locks held by kworker/u4:8/8561:
[10319.427599][   T27] 3 locks held by kworker/u4:10/8697:
[10319.427923][   T27] 1 lock held by rm/8698:
[10319.428221][   T27] 1 lock held by modprobe/8699:
[10319.428767][   T27] 
[10319.429062][   T27] =============================================
[10319.429062][   T27] 
[10339.806135][   T27] INFO: task syz.0.1419:8525 blocked for more than 451 seconds.
[10339.808647][   T27]       Not tainted syzkaller #0
[10339.809256][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[10339.809553][   T27] task:syz.0.1419      state:D stack:0     pid:8525  tgid:8525  ppid:8170   task_flags:0x400040 flags:0x00000019
[10339.810288][   T27] Call trace:
[10339.810542][   T27]  __switch_to+0x584/0xb20 (T)
[10339.811111][   T27]  __schedule+0x1eec/0x33a4
[10339.811594][   T27]  schedule+0xac/0x27c
[10339.812085][   T27]  schedule_timeout+0x5c/0x1e4
[10339.812531][   T27]  do_wait_for_common+0x28c/0x444
[10339.895530][   T27]  wait_for_completion+0x44/0x5c
[10339.900437][   T27]  __synchronize_srcu+0x2a4/0x320
[10339.901162][   T27]  synchronize_srcu+0x3cc/0x4f0
[10339.901639][   T27]  mmu_notifier_unregister+0x320/0x42c
[10339.902133][   T27]  kvm_put_kvm+0x6a0/0xfa8
[10339.902543][   T27]  kvm_vm_release+0x58/0x78
[10340.024748][   T27]  __fput+0x4ac/0x980
[10340.027326][   T27]  ____fput+0x20/0x58
[10340.027853][   T27]  task_work_run+0x1bc/0x254
[10340.028302][   T27]  do_notify_resume+0x1bc/0x270
[10340.028784][   T27]  el0_svc+0xb8/0x164
[10340.029243][   T27]  el0t_64_sync_handler+0x84/0x12c
[10340.029669][   T27]  el0t_64_sync+0x198/0x19c
[10340.030386][   T27] 
[10340.030386][   T27] Showing all locks held in the system:
[10340.030696][   T27] 1 lock held by khungtaskd/27:
[10340.031049][   T27]  #0: ffff800087876d18 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[10340.032850][   T27] 2 locks held by getty/3185:
[10340.116412][   T27]  #0: fdf0000011d0e8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[10340.118214][   T27]  #1: e0ff80008c5cb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8
[10340.119917][   T27] 3 locks held by kworker/u4:3/4022:
[10340.120252][   T27] 3 locks held by kworker/u4:0/5969:
[10340.120604][   T27] 3 locks held by kworker/u4:6/6632:
[10340.120937][   T27] 2 locks held by kworker/u4:4/6783:
[10340.121280][   T27] 3 locks held by kworker/u4:5/7583:
[10340.121590][   T27] 3 locks held by kworker/u4:15/7918:
[10340.121923][   T27] 3 locks held by kworker/u4:9/8071:
[10340.122278][   T27] 2 locks held by kworker/0:2/8409:
[10340.122572][   T27]  #0: 29f000000cc1a748 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[10340.298611][   T27]  #1: ffff80008ee07c78 (free_ipc_work){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[10340.300341][   T27] 2 locks held by syz.2.1415/8508:
[10340.300708][   T27] 1 lock held by syz-executor/8547:
[10340.301090][   T27] 3 locks held by kworker/u4:10/8697:
[10340.301398][   T27] 1 lock held by dhcpcd-run-hook/8704:
[10340.341192][   T27] 
[10340.368170][   T27] =============================================
[10340.368170][   T27] 

VM DIAGNOSIS:
12:07:57  Registers:
info registers vcpu 0

CPU#0
 PC=ffff800086500588 X00=aaf000000d8fe500 X01=0000000000000040
X02=70f000000d9b9d80 X03=0000000000000000 X04=0000000000000001
X05=0000000000000000 X06=0000000000000000 X07=ffff80008534d3c0
X08=0000000000000000 X09=0000000000000000 X10=0000000000ff0100
X11=00000000000000ff X12=00000000000000ff X13=00000000000000f0
X14=0ffff80008000768 X15=00000000000000f0 X16=0000000000000000
X17=fff07fffeb67d000 X18=00000000000000ff X19=ffff800080007920
X20=ffff800080550a50 X21=0000000000000010 X22=ffff800080007950
X23=ffff800082f664e0 X24=ffff800080007a90 X25=ffff8000800075b8
X26=ffff800087725000 X27=00000000000000ff X28=0000000000000000
X29=ffff800080007520 X30=ffff8000800e30b8  SP=ffff800080007520
PSTATE=40402009 -Z-- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=2525252525252525:2525252525252525 Z01=6572207265767265:730073250a0d0a0d
Z02=742065726f6d2072:6f662064656b636f Z03=0000000000000000:00ff00ff00000000
Z04=0000000000000000:000000000f0f0000 Z05=6f6d20726f662064:656b636f6c622035
Z06=203a29315f657661:6c735f646e6f6220 Z07=206e612073612067:6e6976616c736e45
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000ffffe9989740:0000ffffe9989740 Z17=ffffff80ffffffd8:0000ffffe9989710
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000