last executing test programs:

1h19m26.471337653s ago: executing program 32 (id=343):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x6)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000040)={0x7, <r2=>0xffffffffffffffff})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000100)=@arm64_fp={0x60400000001001a4, 0x0})
r8 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
ioctl$KVM_IRQFD(r9, 0x4020ae76, &(0x7f0000000140)={r2, 0x7cfb, 0x3})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r12, 0xae03, 0x24)
r13 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x27)
syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000bfe000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r13, 0x4010ae67, &(0x7f0000000000)={0x80a0000, 0x2000})
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r15, 0xae03, 0x58)
syz_kvm_vgic_v3_setup(r13, 0x40000000000004, 0xc0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vm(r4, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x1, 0x4, &(0x7f00000000c0)=0xebd})
r16 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f00000001c0)={0x100000, 0x100000, 0x400, 0x0, 0x7})
ioctl$KVM_SET_MP_STATE(r16, 0x4004ae99, 0x0)

1h19m14.640885236s ago: executing program 33 (id=345):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x48, 0xdddd1000, 0x0, r2})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000200)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f0000000000)=@x86={0x0, 0x3, 0xb, 0x0, 0xe09, 0x6, 0x0, 0x3, 0x9, 0x2, 0xd5, 0x8, 0x0, 0x0, 0x6, 0x2, 0x4, 0xd0, 0xf8, '\x00', 0x51, 0xfffffffffffffffc})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
close(r2)
close(r1)

1h13m59.971097317s ago: executing program 3 (id=347):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x10800, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r6, 0x3, 0xa0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000100)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000300)=@attr_arm64={0x0, 0x4, 0x1, 0x0}) (async, rerun: 64)
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
r10 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r12, 0x3, 0x11, r10, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r10, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r16, 0xc00caee0, &(0x7f0000000140)={0x4, <r17=>0xffffffffffffffff, 0x1})
write$eventfd(r17, &(0x7f00000001c0), 0xf001)
ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000140)={0x4, <r18=>0xffffffffffffffff, 0x1})
write$eventfd(r18, &(0x7f00000000c0)=0x8, 0x8)
r19 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000000)=[@featur2={0x1, 0x48}], 0x10000081)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r19, 0x4018aee1, &(0x7f00000011c0)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f00000000c0)=0x8})

1h13m46.488275751s ago: executing program 3 (id=350):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_vgic_v3_setup(r1, 0x2, 0x220)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r5, 0x4018aee2, &(0x7f0000000140)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x7})
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x20)
ioctl$KVM_IOEVENTFD(r7, 0xc0189436, &(0x7f0000000180)={0x0, 0xd000, 0x8, 0xffffffffffffffff, 0x5})
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1})

1h13m31.460478384s ago: executing program 3 (id=352):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r5 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r4, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000001c0)="04198bd844c9e8a7b82d748f0f0244293d28bd9440bfc2ed44db9969759357abab8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b2e5c3ad3c9952305abf0", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0x3000)=nil, 0x930, 0x1000001, 0x20010, r4, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = eventfd2(0x3, 0x800)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000080)={0x1ff, 0x1000, 0x2, r8, 0x1})
r9 = eventfd2(0x0, 0x80000)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000001340)={0x6, 0x0, 0x2, r9, 0x2})
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000140)={0x9, 0x0, 0x2, r9, 0xf})
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)

1h12m44.631786904s ago: executing program 34 (id=352):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r5 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r4, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000001c0)="04198bd844c9e8a7b82d748f0f0244293d28bd9440bfc2ed44db9969759357abab8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b2e5c3ad3c9952305abf0", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0x3000)=nil, 0x930, 0x1000001, 0x20010, r4, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = eventfd2(0x3, 0x800)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000080)={0x1ff, 0x1000, 0x2, r8, 0x1})
r9 = eventfd2(0x0, 0x80000)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000001340)={0x6, 0x0, 0x2, r9, 0x2})
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000140)={0x9, 0x0, 0x2, r9, 0xf})
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)

1h9m24.688141488s ago: executing program 2 (id=371):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x4200, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x7, <r3=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x2, &(0x7f00000001c0)=0x4})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000000)={0xffffffffffffffff, 0x5, 0x2})
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r5, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x16, 0x4, 0x1}})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000240)=[@hvc={0x32, 0x40, {0x84000050, [0x7, 0x9, 0x8, 0xfffffffffffffff8, 0x100]}}], 0x40}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r8, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
syz_kvm_vgic_v3_setup(r8, 0x2, 0x0)
close(r8)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000140)=@arm64_bitmap={0x6070000000160002, 0x0})

1h9m11.360384545s ago: executing program 2 (id=372):
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x230240, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bff000/0x400000)=nil)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r1, 0x4068aea3, 0x0)

1h9m3.025262927s ago: executing program 2 (id=373):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x78)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xb}}], 0x50}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r3, 0x4, 0x220) (async)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0xe) (async)
openat$kvm(0xffffffffffffff9c, 0x0, 0x84440, 0x0) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1h8m50.910299615s ago: executing program 2 (id=374):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x200004, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2b)
syz_kvm_vgic_v3_setup(r5, 0x1, 0x140)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1h8m38.620790473s ago: executing program 2 (id=375):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x4000000000014)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x28)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@mrs={0xbe, 0x18, {0x603000000013df6d}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1h8m28.942975023s ago: executing program 2 (id=376):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x28)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r5 = eventfd2(0x0, 0x0)
close(r5)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
write$eventfd(r5, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x28)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r6, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000})
ioctl$KVM_GET_DIRTY_LOG(r6, 0x4010ae42, &(0x7f0000000080)={0x10004, 0x0, &(0x7f0000c82000/0x4000)=nil})
r7 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x8080000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000)
syz_kvm_setup_cpu$arm64(r3, r8, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000c40)=ANY=[], 0x318}], 0x1, 0x0, &(0x7f0000000080)=[@featur2={0x1, 0x2}], 0x1)
r11 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000000)={0x48, 0xdddd1000})
ioctl$KVM_CREATE_VM(r11, 0x401c5820, 0x20000000)
r12 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f00000001c0)=@arm64_sys={0x603000000013c00a, &(0x7f0000000140)=0x20000000009})
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x2132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)

1h7m41.444687006s ago: executing program 35 (id=376):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x28)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r5 = eventfd2(0x0, 0x0)
close(r5)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
write$eventfd(r5, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x28)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r6, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000})
ioctl$KVM_GET_DIRTY_LOG(r6, 0x4010ae42, &(0x7f0000000080)={0x10004, 0x0, &(0x7f0000c82000/0x4000)=nil})
r7 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x8080000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000)
syz_kvm_setup_cpu$arm64(r3, r8, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000c40)=ANY=[], 0x318}], 0x1, 0x0, &(0x7f0000000080)=[@featur2={0x1, 0x2}], 0x1)
r11 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000000)={0x48, 0xdddd1000})
ioctl$KVM_CREATE_VM(r11, 0x401c5820, 0x20000000)
r12 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f00000001c0)=@arm64_sys={0x603000000013c00a, &(0x7f0000000140)=0x20000000009})
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x2132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)

1h2m44.864663562s ago: executing program 4 (id=388):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
r3 = eventfd2(0x9, 0x1)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000080)={r2, 0x4, 0x0, r3})
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
r4 = eventfd2(0x8, 0x80800)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000000c0)={r4, 0x3})
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r4, 0x9, 0x3, r4})

1h2m32.673929535s ago: executing program 4 (id=389):
openat$kvm(0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x7}) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000}) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000000c0)={0x8}) (async)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000000)={0x1fff, 0x0, 0x0, 0x1, 0xda}) (async)
r2 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x14)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r3, 0x4068aea3, &(0x7f0000000140))
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x29) (async)
r5 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
r8 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r7, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0) (async)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) (async)
r9 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r9, 0x4b47, 0xfffffffffffffffe) (async)
r10 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
r12 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r11, 0x0, 0x10010, r10, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f00000002c0)="fb016bddfb405ee52cc6a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb2070000000000000000000000c20cecfa0a97ab7800", 0x0, 0x48) (async)
r13 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)

1h2m18.223814901s ago: executing program 4 (id=390):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x29)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
r6 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0x84000001, [0x8, 0x939, 0xe, 0x7f, 0x4]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r5, 0x2, 0x12, r4, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r13, 0x3, 0xa0)
r14 = eventfd2(0x6, 0x800)
ioctl$KVM_IRQFD(r13, 0x4020ae76, &(0x7f0000000280)={r14, 0x9})
ioctl$KVM_IRQFD(r13, 0x4020ae76, 0x0)
close(r13)
r15 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r15, 0x3, 0x11, r10, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r10, 0x0)

1h2m0.313533982s ago: executing program 4 (id=391):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = eventfd2(0xeffffffd, 0x801)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000000)={0x200, 0x4000, 0x4, r4, 0x1}) (async)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r4, 0x3})
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f00000000c0)={0x3, 0x0, 0x2, r4, 0xf}) (async)
r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) (async)
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013df1a, &(0x7f0000000040)=0xffffffffffffffff}) (async)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x5}) (async)
r10 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000140)={0x0, &(0x7f0000000200)=[@smc={0x1e, 0x40, {0xef000000, [0x0, 0x1, 0x2, 0x3, 0x4]}}, @hvc={0x32, 0x40, {0xc4000053, [0x0, 0x1, 0x2, 0x3, 0x6]}}], 0x80}, 0x0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0) (async)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r12, 0x3, 0xa0) (async)
r13 = eventfd2(0x6, 0x800)
ioctl$KVM_IRQFD(r12, 0x4020ae76, &(0x7f0000000280)={r13, 0x9}) (async)
close(r12)
ioctl$KVM_RUN(r10, 0xae80, 0x0)

1h1m47.051264946s ago: executing program 4 (id=392):
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r1, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x2a040, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xd8) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r4, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0) (async, rerun: 32)
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000) (rerun: 32)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
r5 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18}) (async)
ioctl$KVM_GET_REG_LIST(r8, 0xc008aeb0, 0x0) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000000c0)="85dbb245f8e8a0a41600bb81c659880bde7ff8d6cce60ea9dc9adf2e59054e1228ecb25fc5da8a0c3e5e5d4c8f49dfb093abcd05f66b20749a2c649ec019210a39cffb1f1b0d740f", 0x0, 0x48)

1h1m37.043704335s ago: executing program 4 (id=393):
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000100)=@arm64_fw={0x6030000000140002, &(0x7f00000000c0)=0x372})
r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r6 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000040)={0x4, 0xffda, 0x1}})
r11 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r11, 0xae80, 0x0)

1h0m46.557984288s ago: executing program 36 (id=393):
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000100)=@arm64_fw={0x6030000000140002, &(0x7f00000000c0)=0x372})
r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r6 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000040)={0x4, 0xffda, 0x1}})
r11 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r11, 0xae80, 0x0)

53m44.345541371s ago: executing program 5 (id=425):
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000639000/0x1000)=nil, 0x1000) (async)
munmap(&(0x7f0000639000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x1000000)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f00000001c0), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f00009ab000/0x400000)=nil)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000080)={0x8000000, 0xf000, 0x6, 0x0, 0x5})
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r3, 0x4068aea3, &(0x7f0000000000)) (async)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r3, 0x4068aea3, &(0x7f0000000000))

53m32.23155638s ago: executing program 5 (id=426):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = eventfd2(0x8, 0x80800)
r4 = eventfd2(0x8, 0x80800)
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f00000000c0)={0x7ffffffffffffffe, 0xeeee0000, 0x8, r4})
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x0, r3, 0x2})
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, r3, 0x3})
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
r7 = syz_kvm_vgic_v3_setup(r6, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r7, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x1, 0x300, &(0x7f0000000080)=0x4})
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xc00, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x0, r12, 0x2})
r13 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013d000, 0x8000}}], 0x20}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r16, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r16, 0xae80, 0x0)
ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f0000000000)={0x1, 0x0, 0x0, r12, 0x6})
syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r17 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r17, 0xae01, 0x0)

53m8.533526623s ago: executing program 5 (id=427):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x29)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f00000003c0)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x14, 0x8, 0xc}}, @uexit={0x0, 0x18}, @code={0xa, 0x84, {"20be8bd200a0b8f2210080d2220080d2030080d2c40180d2020000d40004005e000028d51f0000ea209e95d20060b0f2410080d2e20080d2830080d2240180d2020000d400c0601e80dd87d200a0b0f2c10180d2620080d2a30080d2e40080d2020000d40094000f008008d5000c000e"}}, @hvc={0x32, 0x40, {0xc4000053, [0x3, 0x3, 0x0, 0x8, 0x4]}}], 0x10c}, &(0x7f0000000040)=[@featur2={0x1, 0x20}], 0x1)
ioctl$KVM_DIRTY_TLB(r1, 0x4010aeaa, &(0x7f0000000100)={0x1d68, 0xa8})
munmap(&(0x7f000049b000/0x400000)=nil, 0x400000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r4 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r3, 0x2, 0x11, r2, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x8)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000340)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x0, 0x4, 0x1}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r6, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)

52m54.892776669s ago: executing program 5 (id=428):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x4, 0x220)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f0000000040)=[@msr={0x14, 0x20, {0x603000000013c65f, 0x8001}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

52m39.127874334s ago: executing program 5 (id=429):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000b97000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000280)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013c090, &(0x7f00000000c0)=0xfffffffffffffffe})
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0xebe)

52m26.954719149s ago: executing program 5 (id=430):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000001000/0x2000)=nil, 0x930, 0x2000003, 0x4120932, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x20000000)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000000000)={0x30000, 0x0, &(0x7f0000ffe000/0x1000)=nil})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)

51m38.181431298s ago: executing program 37 (id=430):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000001000/0x2000)=nil, 0x930, 0x2000003, 0x4120932, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x20000000)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000000000)={0x30000, 0x0, &(0x7f0000ffe000/0x1000)=nil})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)

46m21.932785237s ago: executing program 6 (id=453):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000581000/0x1000)=nil, 0x930, 0x0, 0x4020131, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)

46m8.067184787s ago: executing program 6 (id=454):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x27)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, 0xfffffffffffffffe)
ioctl$KVM_GET_DEVICE_ATTR_vm(r2, 0x4018aee2, &(0x7f0000000040)=@attr_other={0x0, 0xfffffff8, 0x3, &(0x7f0000000000)=0x800})
ioctl$KVM_CREATE_VM(r0, 0x5452, 0x2000fdfd)

45m55.161638279s ago: executing program 6 (id=455):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r4, 0x4018aee2, &(0x7f0000000040)=@attr_other={0x0, 0x2})
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1d)
ioctl$KVM_CAP_HALT_POLL(r6, 0x4068aea3, &(0x7f0000000000)={0xb6, 0x0, 0x1000000008006})
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r8, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0xd)

45m29.520751404s ago: executing program 6 (id=456):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x100004})
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000180)={0x3, 0x0, [{0xd, 0x4, 0x1, 0x0, @irqchip={0x4, 0x5}}, {0x3f9, 0x2, 0x0, 0x0, @msi={0xffffff50, 0x0, 0x4}}, {0xd3, 0x1, 0x0, 0x0, @adapter={0x8000, 0x10, 0xb, 0x79, 0xb}}]})
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, 0x0})

45m5.610850031s ago: executing program 6 (id=457):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f000083c000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x0, 0x100000a, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0x40086602, 0x110e22ffff)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)
r4 = eventfd2(0xfffffff7, 0x80001)
write$eventfd(r4, &(0x7f0000000200)=0x8, 0x8)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="37d3116035d7513e9a000200018000", 0x0, 0x43)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x20000000)
ioctl$KVM_CHECK_EXTENSION(r3, 0x40086602, 0x110e227ffe)
mmap$KVM_VCPU(&(0x7f00005f7000/0x3000)=nil, r1, 0x0, 0x28031, 0xffffffffffffffff, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x88280, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x28)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_cpu$arm64(r6, r8, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="aa00000000000000280000000000000003010400000000000000090000000e0000000000000000003200000000000000400000000000000000000006000000000000000000000000f7780000000000000800000000000000030000000000000009000000000000001e0000000000000040000000000000000900008400000000050000000000000010000000000000007f0d0000000000000010000000000000050000000000000046000000000000000000005a000000be00000000000000180000000000000028981300000030601400000000000000200000000000000085c01300000030600100000001000000320000000000000040000000000000000d0000c400000000ffffffff000000000001000000000000060000000000000007000000000000000000000000000080320000000000000040000000000000000b000084000000000400000000000000080000000000000006000000000000000600000000000000dd00000000000000be000000000000001800000000000000fe77000000000000"], 0x190}], 0x1, 0x0, 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
r9 = mmap$KVM_VCPU(&(0x7f0000799000/0x4000)=nil, r1, 0x1000004, 0x30, r8, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000080)="8939ad56eba664ab9c2b3a07d590586fa74d3e42c76405cc0cdbcbb10350317cb4c2ae0f16df8381984b0b31323bf7356a6fbb1c20a32bd61180e3a522927b0e3c4cceef480dd493", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)

44m47.50273154s ago: executing program 6 (id=458):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
r2 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000000000)={0x3ff, 0x6})
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x39)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r3, 0x4068aea3, &(0x7f00000001c0)={0xa8, 0x0, 0x1}) (async)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) (async)
r8 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000000)=@arm64_sys={0xf0780000002e2172, 0x0}) (async)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r11, 0x4018aee3, &(0x7f0000000940)=@attr_arm64={0x0, 0x0, 0x4, 0x0}) (async)
ioctl$KVM_CREATE_VM(r8, 0x401c5820, 0x20000001) (async)
ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f0000000100)={0xb6, 0x0, 0x7a})
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)

43m59.347876108s ago: executing program 38 (id=458):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
r2 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000000000)={0x3ff, 0x6})
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x39)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r3, 0x4068aea3, &(0x7f00000001c0)={0xa8, 0x0, 0x1}) (async)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) (async)
r8 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000000)=@arm64_sys={0xf0780000002e2172, 0x0}) (async)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r11, 0x4018aee3, &(0x7f0000000940)=@attr_arm64={0x0, 0x0, 0x4, 0x0}) (async)
ioctl$KVM_CREATE_VM(r8, 0x401c5820, 0x20000001) (async)
ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f0000000100)={0xb6, 0x0, 0x7a})
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)

37m4.683678182s ago: executing program 7 (id=475):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
r4 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000000)={0x0, &(0x7f0000000080)=[@its_setup={0x82, 0x28, {0x1, 0x0, 0xbd}}, @msr={0x14, 0x20, {0x603000000013deab, 0x5b}}, @msr={0x14, 0x20, {0x603000000013df5c, 0x3}}, @mrs={0xbe, 0x18, {0x603000000013df7c}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x1b3}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x36c}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x106}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x0, 0x0, 0xf52d, 0x3, 0x3}}, @smc={0x1e, 0x40, {0xc4000007, [0x9, 0xfb96, 0x2, 0x2, 0x8]}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x0, 0x0, 0xf, 0x9}}, @hvc={0x32, 0x40, {0xc4000001, [0xff, 0xea5f, 0x100000001, 0x9, 0x658d]}}, @svc={0x122, 0x40, {0x3f000000, [0x5, 0xff, 0xfff, 0x8, 0x5]}}, @code={0xa, 0x9c, {"000028d5007008d5000008d51f0020ebe0b78ad20040b8f2c10180d2c20180d2830180d2440080d2020000d400dc9ed20040b0f2210180d2220180d2830180d2c40180d2020000d40000591e40528cd200e0b8f2610180d2220080d2830080d2a40180d2020000d40048216e609993d200c0b0f2210080d2e20180d2430180d2440080d2020000d4"}}, @svc={0x122, 0x40, {0x8400000b, [0x80000001, 0xfffffffeffffffff, 0x80000000, 0x3, 0x200]}}, @hvc={0x32, 0x40, {0x32000000, [0x9, 0x200, 0x1, 0x4, 0x8]}}, @code={0xa, 0x3c, {"0000619e007008d5008008d5007008d5007008d5007008d5000028d5007008d5007008d5007008d5"}}, @hvc={0x32, 0x40, {0x80000000, [0x64c1, 0xe, 0xb26e, 0x101, 0xffffffff]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1800, 0x6, 0x8}}, @msr={0x14, 0x20, {0x603000000013c028}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x3c5}}, @memwrite={0x6e, 0x30, @generic={0xffff1000, 0x3ef, 0x3, 0x4}}, @smc={0x1e, 0x40, {0x84000009, [0x9, 0x7, 0xcc, 0x9b, 0x10000]}}, @svc={0x122, 0x40, {0x0, [0xd, 0x6, 0x4, 0x79fe4bc, 0x200]}}, @irq_setup={0x46, 0x18, {0x3, 0x245}}, @smc={0x1e, 0x40, {0xc4000053, [0x200, 0x4, 0x70, 0x101, 0x8]}}, @mrs={0xbe, 0x18, {0x603000000013e669}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x69}}, @msr={0x14, 0x20, {0x603000000013c000}}, @memwrite={0x6e, 0x30, @generic={0x6000, 0xb4d, 0xb, 0x1}}], 0x5b0}, &(0x7f0000000640)=[@featur2={0x1, 0x20}], 0x1)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0x80111500, 0x20000000)
write$eventfd(r6, &(0x7f0000000000), 0xfffffdef)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0x80111500, 0x20000000)
write$eventfd(r8, &(0x7f0000000040), 0x8)
mmap$KVM_VCPU(&(0x7f0000d26000/0x1000)=nil, r3, 0x5, 0x4000010, r4, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0xc3)

36m46.572932571s ago: executing program 7 (id=476):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_API_VERSION(r2, 0x2, 0x1000000000000)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000040)=@arm64_ccsidr={0x6020000000110000, &(0x7f0000000000)=0x3})
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, r5, 0x200000c, 0x12, r4, 0x0)

36m31.764643939s ago: executing program 7 (id=477):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xf)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r0, 0x4068aea3, &(0x7f0000000040)={0xa8, 0x0, 0x1}) (async, rerun: 32)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (rerun: 32)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x80)
r5 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000280)={0x14, 0xff, 0x1}})

36m17.668217434s ago: executing program 7 (id=478):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r3=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0})
r4 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000140)=@arm64_sys={0x603000000013df64, &(0x7f0000000000)=0x1})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r14 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r14, 0x3, 0xa0)
r15 = eventfd2(0x6, 0x800)
ioctl$KVM_IRQFD(r14, 0x4020ae76, &(0x7f0000000280)={r15, 0x9})
close(r14)
r16 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r17 = syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100), 0x1)
ioctl$KVM_SET_ONE_REG(r17, 0x4010aeac, &(0x7f0000000080)=@arm64_sys={0x603000000013c4f1, &(0x7f00000001c0)=0x3})

35m49.474145904s ago: executing program 7 (id=479):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x9)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x30401, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000140000, &(0x7f0000000000)=0x7})
ioctl$KVM_GET_STATS_FD_cpu(r7, 0xaece)
r8 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000080)=@arm64_extra={0x603000000013c103, &(0x7f0000000000)=0x2})
r12 = ioctl$KVM_GET_STATS_FD_vm(r3, 0xaece)
close(r12)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00000000c0)={0xb, 0xffffffffffffffff, 0x1})
r13 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f0000000000)={0xeeef0000, 0x37d03030d7a82616, 0x3})
r16 = syz_kvm_add_vcpu$arm64(r13, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x5, 0x2, 0x4}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r16, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xdddd1000, 0x2000, &(0x7f0000fa4000/0x2000)=nil})
ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000ffb000/0x3000)=nil})

35m25.910806576s ago: executing program 7 (id=480):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x20100, 0x0) (async)
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x300000c, 0x4f832, 0xffffffffffffffff, 0x1000000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000d5b000/0x4000)=nil, r4, 0x1000008, 0x24132, r3, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000240)=@arm64_sys={0x603000000013c015, &(0x7f0000000200)=0xae})

34m37.850661399s ago: executing program 39 (id=480):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x20100, 0x0) (async)
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x300000c, 0x4f832, 0xffffffffffffffff, 0x1000000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000d5b000/0x4000)=nil, r4, 0x1000008, 0x24132, r3, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000240)=@arm64_sys={0x603000000013c015, &(0x7f0000000200)=0xae})

34m36.121882889s ago: executing program 8 (id=459):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000100)=ANY=[], 0x30}], 0x1, 0x0, 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) (async)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) (async)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r8, 0x0) (async)
r9 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r8, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r8, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0)
r11 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
close(r11)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
close(r1)
close(r2)

33m59.605434416s ago: executing program 8 (id=482):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000000)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000080)=0x1d})
r5 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

33m42.938242255s ago: executing program 8 (id=483):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x20}, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x302, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000000)={0x8ed, 0xeeef0000, 0x0, 0xffffffffffffffff, 0x4000000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

32m54.441705711s ago: executing program 40 (id=483):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x20}, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x302, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000000)={0x8ed, 0xeeef0000, 0x0, 0xffffffffffffffff, 0x4000000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

20m47.379755106s ago: executing program 1 (id=494):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r2, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x3, 0xfffffffe}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r5=>0xffffffffffffffff})
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae03, 0xbb)
ioctl$KVM_IOEVENTFD(r7, 0xc0189436, &(0x7f0000000080)={0x0, 0x0, 0x5dabdef0cbf6a717, 0xffffffffffffffff, 0x5})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000100)={0x9, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0})

20m26.461050507s ago: executing program 1 (id=495):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x27)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x5, 0x1}}], 0x28}, 0x0, 0x0) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000000)={0x80a0000, 0x2000}) (async)
syz_kvm_vgic_v3_setup(r3, 0x40000000000004, 0xc0)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4040aea0, &(0x7f0000000100)=@arm64={0x4e, 0x2, 0x0, '\x00', 0x4}) (async)
ioctl$KVM_GET_VCPU_EVENTS(r7, 0x8040ae9f, &(0x7f0000000000)=@arm64)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000040)={0x7}) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0})
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f0000000040)=@arm64_fw={0x6030000000160006, &(0x7f0000000000)=0x8}) (async)
ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f00000000c0)={0x3, 0x400, 0x240, &(0x7f0000000140)=[0x7fffffffffffffff, 0xce, 0x7f, 0x1, 0x1, 0x3, 0x38, 0x0, 0x4c, 0x5, 0xa, 0x1000, 0x8, 0x1, 0x60000000000, 0x8, 0x1, 0x4, 0xd, 0x10, 0x7, 0x1, 0x80000001, 0x80000001, 0x6, 0x6, 0x8, 0xf8de, 0x8, 0x1, 0x3, 0x9cc, 0x7e12, 0x8, 0xcd7b, 0xfffffffffffffeff, 0x6, 0x7, 0x400, 0xa, 0xfffffffffffff25d, 0x9, 0x80, 0xc, 0x9, 0x9, 0x1, 0x8000000080000000, 0x80000001, 0x0, 0x100000000, 0x8000000000000000, 0x1, 0x6, 0x57, 0x800, 0x0, 0x5, 0x8, 0x6, 0xb674, 0x100, 0x5, 0x10000, 0x17f6, 0x401, 0x3, 0x9c, 0x7, 0xe, 0xb6f, 0x0, 0x6, 0x9, 0x8, 0x9, 0x2393, 0xffffffffffffffff, 0x3, 0x8000000000000000, 0xe138, 0x1, 0x3ff, 0x8000000000000001, 0x3, 0x200, 0xffffffffffffffff, 0xf9, 0xff, 0x6, 0x1000, 0xfffffffffffffff9, 0x2, 0x100, 0x6, 0x23, 0x323, 0x12, 0x9, 0x8e3e, 0x5, 0x0, 0x1, 0x7fffffff, 0xfffffffffffff6ba, 0x45bd, 0x7, 0x9, 0xd6, 0x3, 0x8, 0x7, 0xffffffffffffffff, 0x4, 0x9, 0x2, 0xbd, 0x1, 0xc3, 0x80, 0x0, 0x81, 0x7fff, 0x2, 0x8, 0x6, 0x1000, 0x9]})

20m11.323603516s ago: executing program 1 (id=496):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xb}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0xffffffff, 0x7f3, &(0x7f0000000000)=0x2})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

19m57.728503556s ago: executing program 1 (id=497):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x948) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, r3, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async)
r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@hvc={0x32, 0x40, {0xc4000053, [0xa, 0x2, 0xfffffffffffffa3a, 0x1000, 0x1]}}], 0x40}, 0x0, 0x0)
close(0xffffffffffffffff) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

19m43.300008166s ago: executing program 1 (id=498):
r0 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000600)={0x0, &(0x7f0000000000)=[@msr={0x14, 0x20, {0x603000000013c299, 0x8}}, @hvc={0x32, 0x40, {0x3000000, [0x6, 0x80, 0x720, 0xfffffffffffffffd, 0xf]}}, @code={0xa, 0x84, {"007008d560c09dd200a0b8f2210180d2820180d2e30080d2c40180d2020000d4007008d50048201e00a0ff0d80e08fd200a0b8f2810180d2420180d2630180d2c40180d2020000d40020df0c008008d5001786d20020b0f2410180d2820080d2830080d2240180d2020000d4000030d5"}}, @smc={0x1e, 0x40, {0x84000007, [0x5, 0x4, 0xc, 0x3, 0x5]}}, @mrs={0xbe, 0x18, {0x603000000013da10}}, @hvc={0x32, 0x40, {0x84000050, [0x9, 0x0, 0x1, 0x5, 0x4]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1d04, 0x8, 0x4}}, @svc={0x122, 0x40, {0x0, [0x61, 0xffffffffffffffff, 0x6, 0xffffffff, 0x9]}}, @smc={0x1e, 0x40, {0x84000009, [0x1, 0x2, 0x101, 0x7f, 0x6]}}, @svc={0x122, 0x40, {0x32000000, [0xfd9, 0x7f, 0x7fffffff, 0x7f, 0x3]}}, @svc={0x122, 0x40, {0x84000008, [0x1, 0x6, 0x9, 0xa0, 0x400]}}, @smc={0x1e, 0x40, {0x2000, [0x5, 0xd, 0xde, 0x6, 0xffffffffffff0000]}}, @mrs={0xbe, 0x18, {0x603000000013df00}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x3000, 0x4, 0xa}}, @code={0xa, 0x9c, {"000040bd40af86d200c0b8f2810080d2c20180d2a30080d2840180d2020000d40000429e000008d50078210e000008d50004002fa05799d200a0b8f2610080d2e20080d2e30080d2e40180d2020000d400d998d200a0b0f2810180d2e20180d2430180d2240180d2020000d4e0848bd20040b8f2c10180d2e20080d2030080d2e40080d2020000d4"}}, @irq_setup={0x46, 0x18, {0x1, 0x17c}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x300, 0x7, 0x6}}, @msr={0x14, 0x20, {0x603000000013e08f, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x3, 0x6, 0x4, 0xffff, 0x4}}, @hvc={0x32, 0x40, {0x3f000000, [0x10, 0x5, 0x4, 0x6, 0x7]}}, @its_send_cmd={0xaa, 0x28, {0x12, 0x1, 0x3, 0x3, 0x4, 0x7fffffff, 0x2}}, @irq_setup={0x46, 0x18, {0x4, 0x2ae}}, @code={0xa, 0xb4, {"a00d8cd20020b8f2410080d2e20180d2230080d2a40080d2020000d40000691e000028d580568bd20000b8f2610180d2a20080d2230180d2840180d2020000d400048cd20020b8f2a10080d2620080d2630080d2440080d2020000d4007008d5008008d5007008d5203697d200c0b0f2a10180d2e20080d2030080d2a40180d2020000d4202c9dd20060b0f2a10180d2220080d2230180d2840180d2020000d4"}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x10040, 0x2, 0x2}}], 0x5c4}, &(0x7f0000000640)=[@featur2={0x1, 0xa0}], 0x1)
ioctl$KVM_S390_VCPU_FAULT(r0, 0x4008ae52, &(0x7f0000000680)) (async)
r1 = ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b40)={0x0, &(0x7f00000006c0)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x2bd}}, @irq_setup={0x46, 0x18, {0x4, 0x256}}, @svc={0x122, 0x40, {0x800, [0x4, 0x2, 0x75, 0x9, 0x7fffffff]}}, @eret={0xe6, 0x18, 0x10}, @msr={0x14, 0x20, {0x603000000013e6d7, 0xf}}, @msr={0x14, 0x20, {0x603000000013c4c9, 0x9}}, @irq_setup={0x46, 0x18, {0x1, 0xef}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0xdb}}, @msr={0x14, 0x20, {0x603000000013df58, 0x4}}, @smc={0x1e, 0x40, {0x80008000, [0x1, 0x3, 0xfffffffffffffffd, 0x3, 0x9]}}, @uexit={0x0, 0x18, 0x9}, @eret={0xe6, 0x18, 0x3ff}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x200, 0x7, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013c643}}, @svc={0x122, 0x40, {0xc4000053, [0x3, 0x8, 0x8, 0xa, 0x8]}}, @smc={0x1e, 0x40, {0x84000004, [0x3, 0x7ff, 0x4, 0x9, 0x59e0]}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x4e}}, @mrs={0xbe, 0x18, {0x603000000013e66a}}, @eret={0xe6, 0x18}, @msr={0x14, 0x20, {0x603000000013c032, 0x9}}, @code={0xa, 0xb4, {"80748cd200e0b8f2e10080d2820080d2030180d2c40180d2020000d4007008d50000199e40f895d200c0b0f2410180d2020180d2e30180d2840180d2020000d4000008d560dc9bd20060b8f2610180d2420080d2830180d2c40180d2020000d4a0a38ed20020b0f2c10080d2420180d2030080d2640180d2020000d4008008d5c09a8fd20000b0f2c10180d2420180d2c30180d2a40180d2020000d4007008d5"}}, @code={0xa, 0x84, {"007008d5008008d500e0df0d608584d20060b0f2c10080d2c20180d2c30080d2840080d2020000d4000028d5005c200e809d84d200c0b8f2210080d2020180d2e30080d2640180d2020000d40004005e00a8302ea05a88d20000b0f2a10180d2020180d2230180d2440080d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x2, 0x5, 0x1470, 0x1}}], 0x448}, &(0x7f0000000b80)=[@featur2={0x1, 0x80}], 0x1) (async)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000bc0)={0xe4, 0x0, 0x8000000000000001}) (async)
r4 = syz_kvm_vgic_v3_setup(r1, 0x0, 0x200)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000c80)=@attr_arm64={0x0, 0x0, 0x2, &(0x7f0000000c40)})
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x4000)=nil, r5, 0x1000000, 0x100010, r1, 0x0) (async)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x4) (async)
r6 = syz_kvm_vgic_v3_setup(r1, 0x2, 0x120)
ioctl$KVM_HAS_DEVICE_ATTR(r6, 0x4018aee3, &(0x7f0000000d00)=@attr_arm64={0x0, 0x6, 0x3, &(0x7f0000000cc0)=0x8f}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000d40), 0x109000, 0x0) (async)
ioctl$KVM_SET_SREGS(r3, 0x4000ae84, &(0x7f0000000d80)={{0x100000, 0x0, 0x9, 0x65, 0x8, 0x81, 0x60, 0x9, 0x7, 0x7, 0x15, 0x1}, {0x2, 0x2000, 0x8, 0x80, 0x1, 0x1, 0x8, 0x5, 0xf, 0x81, 0x1, 0xff}, {0x5000, 0x100000, 0x3, 0x10, 0x5, 0x3, 0x4, 0xff, 0x9, 0xd, 0x9, 0x7f}, {0x1, 0x6000, 0x64859cf016422340, 0x6, 0x7, 0x2, 0x94, 0x7, 0x3, 0x5, 0xfa, 0x3c}, {0xeafba000, 0xf000, 0x4, 0xa, 0xfb, 0x2, 0x26, 0x0, 0xd3, 0x0, 0x7}, {0x80a0000, 0xdddd0000, 0x8, 0x10, 0x1, 0x6a, 0x1, 0x7, 0x5, 0x7, 0x3, 0xf9}, {0x6002, 0x0, 0x4, 0x3, 0x2, 0x1, 0x8, 0x3, 0x6, 0x4, 0x6, 0x5}, {0x10000, 0x111000, 0x0, 0xd1, 0x6, 0x7, 0x4a, 0x7, 0x6a, 0x8, 0x2, 0x31}, {0x0, 0x6}, {0x3000, 0x1}, 0x40000021, 0x0, 0xf000, 0x100300, 0x9, 0x1, 0x2000, [0x4, 0x9, 0x100, 0x6]})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r1, 0x4018aee1, &(0x7f0000000f00)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000ec0)={0xfffb, 0x2, 0x1}})
ioctl$KVM_GET_API_VERSION(0xffffffffffffffff, 0xae00, 0x0) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000001440)={0x0, &(0x7f0000000f40)=[@hvc={0x32, 0x40, {0x40000000, [0x963, 0x0, 0x40, 0xeaea, 0x3]}}, @mrs={0xbe, 0x18, {0x2f6}}, @eret={0xe6, 0x18, 0x8}, @code={0xa, 0x6c, {"0000007c000028d50008e03c000008d5a02993d20080b0f2810080d2420080d2430180d2040080d2020000d400629dd20080b8f2a10180d2220080d2030080d2440180d2020000d4000000ad000c803c007008d5007008d5"}}, @smc={0x1e, 0x40, {0x84000007, [0x3d7b, 0x7fffffff, 0x2, 0x9a, 0x6]}}, @msr={0x14, 0x20, {0x603000000013df77, 0xfffffffffffffff8}}, @svc={0x122, 0x40, {0xc5be41c054d6145b, [0x400, 0x1, 0xd5d, 0x80, 0x400]}}, @svc={0x122, 0x40, {0x5000000, [0xffff, 0x0, 0x1, 0x3, 0x800]}}, @its_setup={0x82, 0x28, {0xf, 0x1, 0x248}}, @hvc={0x32, 0x40, {0x1000000, [0x5, 0x5, 0x5, 0x4]}}, @uexit={0x0, 0x18, 0x3}, @svc={0x122, 0x40, {0xc4000011, [0x6, 0x7, 0x31f, 0x62, 0xfff]}}, @uexit={0x0, 0x18, 0x8000000000000000}, @msr={0x14, 0x20, {0x603000000013c090, 0x6}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x194}}, @svc={0x122, 0x40, {0x84000011, [0x5, 0x10001, 0xb92300000, 0x10000, 0xffffffff8697b741]}}, @hvc={0x32, 0x40, {0x84000006, [0x3, 0x0, 0x5, 0xfffffffffffff001, 0x9]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x70, 0x6, 0x7}}, @svc={0x122, 0x40, {0x32000000, [0x4, 0xfe7, 0x5, 0x5, 0x64e2]}}, @eret={0xe6, 0x18}, @hvc={0x32, 0x40, {0x84000005, [0x5, 0x3, 0x3, 0x5, 0xfffffffffffffffd]}}, @irq_setup={0x46, 0x18, {0x1, 0x37a}}, @irq_setup={0x46, 0x18, {0x2, 0x135}}, @uexit={0x0, 0x18, 0x4}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x3, 0x7, 0x1, 0x6f60, 0x1}}, @uexit={0x0, 0x18, 0xb}, @msr={0x14, 0x20, {0x603000000013c00e, 0x7}}], 0x4cc}, &(0x7f0000001480)=[@featur1={0x1, 0x8}], 0x1) (async)
r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000001780)={0x0, &(0x7f00000014c0)=[@code={0xa, 0x9c, {"000008d51820601e000008d50000381ee0649ed20020b8f2210080d2420180d2430180d2640180d2020000d4e0fc82d20060b8f2a10180d2820180d2e30080d2c40180d2020000d40068214e801b82d200a0b0f2610180d2220080d2c30180d2840180d2020000d4000028d5603d97d20000b8f2210180d2420180d2c30180d2040180d2020000d4"}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x22f}}, @its_setup={0x82, 0x28, {0x4, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x3, 0x7, 0xef7, 0x4, 0x3}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x376}}, @memwrite={0x6e, 0x30, @generic={0x8080000, 0x208, 0x0, 0xd}}, @msr={0x14, 0x20, {0x603000000013e664, 0x3}}, @svc={0x122, 0x40, {0x8400000c, [0x3, 0x8000, 0x6, 0xe9, 0x9]}}, @smc={0x1e, 0x40, {0x8400000a, [0x10, 0xfffffffffffffff7, 0x8, 0xa0000000, 0x9]}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0xaf}}, @irq_setup={0x46, 0x18, {0x0, 0x21a}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x1, 0x0, 0x5, 0x2, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013f2b0}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x1, 0x8, 0x9, 0x4, 0x2}}], 0x2b4}, &(0x7f00000017c0)=[@featur1={0x1, 0x80}], 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r7, 0xc040aed5, &(0x7f0000001800)={0xffff1000, 0x10b000}) (async)
r8 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x2)
syz_kvm_setup_cpu$arm64(r9, r0, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000001e40)=[{0x0, &(0x7f0000001840)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe4, 0x3, 0x4}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x367}}, @uexit={0x0, 0x18, 0xd1a}, @code={0xa, 0x84, {"e07a92d200a0b0f2210080d2420080d2630180d2a40180d2020000d4007008d50054205e007008d5e003002a000008d5203c84d20020b8f2210080d2020080d2e30180d2240180d2020000d4000028d5208c9cd20080b0f2810180d2e20180d2c30080d2c40080d2020000d40000006a"}}, @smc={0x1e, 0x40, {0xc4000001, [0x6, 0x87f, 0xa22e, 0x0, 0x9]}}, @smc={0x1e, 0x40, {0x84000013, [0x9b5, 0x2, 0x93c, 0x6da, 0xff]}}, @smc={0x1e, 0x40, {0x4003fb5, [0x6, 0x225c, 0x100000001, 0x5, 0x4]}}, @eret={0xe6, 0x18, 0xfffffffffffffff0}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x2, 0xb, 0x5, 0x8, 0x2}}, @eret={0xe6, 0x18, 0x5}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x3, 0x0, 0x0, 0x425}}, @msr={0x14, 0x20, {0x603000000013da11, 0x3}}, @uexit={0x0, 0x18, 0x1ff}, @svc={0x122, 0x40, {0x8000, [0x100, 0x99, 0xb1b2, 0x5, 0xc000000000000]}}, @mrs={0xbe, 0x18, {0x60300000001383c6}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x0, 0x2, 0x7, 0x4, 0x1}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x6e}}, @smc={0x1e, 0x40, {0x0, [0x7fff, 0x6, 0x2, 0x2, 0x8000000000000001]}}, @irq_setup={0x46, 0x18, {0x1, 0xd8}}, @svc={0x122, 0x40, {0xc4000014, [0x3ff, 0x3, 0x2, 0x1]}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x37a}}, @irq_setup={0x46, 0x18, {0x1, 0x1d6}}, @irq_setup={0x46, 0x18, {0x4, 0x76}}, @svc={0x122, 0x40, {0x8600ff01, [0x6, 0x29b, 0x7fffffff, 0x0, 0xce0c]}}, @memwrite={0x6e, 0x30, @generic={0x10000, 0x497, 0x1, 0x4}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1000, 0x1, 0x2}}, @svc={0x122, 0x40, {0x84000053, [0x6, 0x6, 0x6, 0x6, 0x5]}}, @mrs={0xbe, 0x18, {0x603000000013c038}}, @smc={0x1e, 0x40, {0x6000000, [0x4, 0x4, 0x2, 0x80, 0x10000]}}, @hvc={0x32, 0x40, {0xc400000e, [0x6, 0xffffffff, 0x9, 0x9, 0x8]}}, @code={0xa, 0x84, {"007008d50000002b000008d5205599d200e0b0f2210080d2e20080d2a30180d2a40080d2020000d400b4205ee0ad92d20000b8f2a10180d2c20080d2430180d2c40080d2020000d40004000e008008d5007008d580508fd20040b0f2610080d2a20080d2430180d2a40180d2020000d4"}}], 0x600}], 0x1, 0x0, &(0x7f0000001e80), 0x1)
syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000bfe000/0x400000)=nil) (async)
ioctl$KVM_SET_REGS(r3, 0x4360ae82, &(0x7f0000001ec0)={[0x3, 0x9, 0x6, 0xff, 0x7f, 0x8, 0x8000000000000000, 0x5, 0x8, 0x1, 0x1, 0xffffffffffffffff, 0x4, 0xc51d, 0x80, 0xc554], 0x6000, 0x200}) (async)
r10 = ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r10, 0x4010aeab, &(0x7f0000001f80)={0x4, 0x5000})
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000002000)=@attr_other={0x0, 0xb5b, 0xc, &(0x7f0000001fc0)=0x3}) (async)
munmap(&(0x7f0000d03000/0x2000)=nil, 0x2000)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r0, 0x4018aee1, &(0x7f0000002040)=@attr_pvtime_ipa)

19m31.344562225s ago: executing program 1 (id=499):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100020, &(0x7f00000000c0)=0xc})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100020, &(0x7f00000000c0)=0xc}) (async)

18m40.470931149s ago: executing program 41 (id=499):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100020, &(0x7f00000000c0)=0xc})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100020, &(0x7f00000000c0)=0xc}) (async)

2m42.749934426s ago: executing program 9 (id=525):
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xc00000)=nil, 0x930, 0x0, 0x110, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
r3 = syz_kvm_vgic_v3_setup(r2, 0x1, 0x40)
syz_kvm_vgic_v3_setup(r2, 0x4, 0x80)
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x1, 0x4, &(0x7f00000004c0)=0x1})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r4, r5, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0x80087601, 0x0)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000140)=@arm64_sys={0x603000000013c518, &(0x7f00000000c0)=0x1})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x15, 0x5, &(0x7f0000000000)=0xb})
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xc00000)=nil, 0x930, 0x0, 0x110, 0xffffffffffffffff, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) (async)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x40) (async)
syz_kvm_vgic_v3_setup(r2, 0x4, 0x80) (async)
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x1, 0x4, &(0x7f00000004c0)=0x1}) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e) (async)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
syz_kvm_setup_cpu$arm64(r4, r5, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r6, 0x80087601, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000140)=@arm64_sys={0x603000000013c518, &(0x7f00000000c0)=0x1}) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x15, 0x5, &(0x7f0000000000)=0xb}) (async)

2m38.502138478s ago: executing program 0 (id=526):
r0 = openat$kvm(0x0, &(0x7f0000000740), 0x5e2601, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@code={0xa, 0x9c, {"a0cd94d200c0b0f2610180d2020080d2230180d2a40080d2020000d4e0088fd20060b8f2010080d2220180d2230080d2e40180d2020000d40000204b000008d5606c8bd20060b0f2610080d2220080d2230180d2a40180d2020000d400c0df0d007008d5a0ab8bd200a0b0f2e10180d2620080d2030180d2a40080d2020000d4000020ab007008d5"}}, @irq_setup={0x46, 0x18, {0x2, 0x1a4}}, @eret={0xe6, 0x18, 0xe0}, @eret={0xe6, 0x18, 0xd}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0xd00, 0xb, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x0, 0x6, 0x7, 0x8, 0x1}}, @eret={0xe6, 0x18, 0xab}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x3, 0x8, 0x1, 0x8, 0x2}}, @svc={0x122, 0x40, {0x1000, [0x0, 0x1, 0x1, 0x200000000000000, 0x7]}}, @memwrite={0x6e, 0x30, @generic={0xd000, 0x6dc, 0x100000000000005}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x6, 0xf, 0xd21, 0x8000, 0x4}}, @memwrite={0x6e, 0x30, @generic={0x2, 0x941, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x4, 0x10000010, 0x101, 0x9}}, @msr={0x14, 0x20, {0x603000000013df6f, 0x2}}, @hvc={0x32, 0x40, {0xc400000e, [0x8c, 0xffffffffffff35ef, 0x9, 0x5, 0x2]}}, @hvc={0x32, 0x40, {0x2000000, [0x5, 0xb0c, 0x7, 0x56, 0x8000000000000001]}}, @eret={0xe6, 0x18, 0x8}, @svc={0x122, 0x40, {0x31000000, [0xb, 0x0, 0x3, 0x8, 0x9]}}, @memwrite={0x6e, 0x30, @generic={0x1, 0x9, 0x2, 0x8}}, @memwrite={0x6e, 0x30, @generic={0xf000, 0x155, 0xc, 0x8}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x0, 0x4, 0x9, 0x800, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013c663}}], 0x404}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x220)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r3=>0xffffffffffffffff})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x21)
close(0xffffffffffffffff)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
r7 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000080)="fb4149dd033be3ac2ca5a22332a70000000000000071b14c94a6ab8031d1dfd90f05000000010000521ce16f8f1f449a7a8356733169d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x10, r6, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x4c4882, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000700)=@attr_other={0x0, 0x5, 0x8, &(0x7f00000001c0)=0x8})
r8 = openat$kvm(0x0, &(0x7f00000006c0), 0x2082, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000040)=@arm64_fw={0x6030000000140000, &(0x7f0000000000)=0x8})
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r13, 0x4010aeb5, &(0x7f0000000100)={0x80000002, 0x8})
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r16, 0xc00caee0, &(0x7f0000000680)={0x8, <r17=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r17, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_SET_DEVICE_ATTR(r17, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x8, 0x4, &(0x7f0000000040)=0x800})

2m25.551316697s ago: executing program 9 (id=527):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x60cc1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x4, <r2=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0x401c5820, 0xffff98600fff)
ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000000000)=@attr_other={0x0, 0x1, 0x200, 0x0})

2m12.646017551s ago: executing program 9 (id=528):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xe6) (async)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
r8 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r7, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r7, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x200000, 0x0) (async)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r10, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9, 0x0, 0x1}}) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r11 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2000000017)
syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 32)
r12 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x9}], 0x1) (rerun: 32)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f00000011c0)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000140)=0xffff})
r13 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r13, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r14, 0xae04) (async, rerun: 32)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x22a200, 0x0) (rerun: 32)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r16, 0x4008ae6a, &(0x7f00000002c0)=ANY=[@ANYBLOB="04dd52ab6f26b00f"]) (async, rerun: 64)
ioctl$KVM_GET_STATS_FD_vm(r2, 0xaece) (rerun: 64)

2m12.044068255s ago: executing program 0 (id=529):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
r3 = mmap$KVM_VCPU(&(0x7f0000ffc000/0x1000)=nil, 0x0, 0x1000000, 0x110, r2, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(r3, 0x20, &(0x7f0000000080)="5b47a7f386170b95addae38129685fb7f20984a7568b372c", 0x0, 0x18) (async)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18})
ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0)

1m56.700009968s ago: executing program 0 (id=530):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x8100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x0, 0x11, r2, 0x0) (async)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r2, &(0x7f0000009000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x341302, 0x0)

1m48.41377161s ago: executing program 9 (id=531):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0xeffffffd, 0x801)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x200, 0x4000, 0x4, r2, 0x1})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r2, 0x3})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x3, 0x0, 0x2, r2, 0xf})
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r5 = mmap$KVM_VCPU(&(0x7f0000eb8000/0x2000)=nil, r3, 0x4, 0x80010, r4, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000000c0)="e98bfb374343501a046b097d091e59c8ced9b864a13463296cb269e1122c37f92f5ee3a090520a15f334e3389fbc3b911ef0f622ba642782a1c418227c7dbce6979eee477624b3ca", 0x0, 0x48)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x31)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000000140)={0x0, 0x4})
syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f00008d3000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r11, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)

1m41.300088927s ago: executing program 0 (id=532):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x3, 0xfffffffd, 0x0, 0x0, 0x2}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r1, 0x4018aee3, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0xffffef45, 0x1}})
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f0000000340)={0xdf, 0x0, 0x1000})
r4 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
r6 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f0000000240)={0x3800000000000000, 0x9})
ioctl$KVM_SET_USER_MEMORY_REGION2(r5, 0x40a0ae49, &(0x7f0000000280)={0x10002, 0x5, 0x6000, 0x1000, &(0x7f0000cae000/0x1000)=nil, 0xe2, r6})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1m24.288442018s ago: executing program 9 (id=533):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2441, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6e0000000000000030000000000000000000dddd0080"], 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r8, 0xc008ae67, 0xfffffffffffffffe)
ioctl$KVM_SET_REGS(r3, 0x4360ae82, &(0x7f00000000c0)={[0x10000a9, 0x2, 0x3, 0x401, 0x1, 0x2, 0xffffffffffff6eab, 0x1, 0x8, 0x9, 0x5, 0x0, 0x2, 0x4, 0x0, 0x6], 0x10000, 0x40})
r9 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=[@its_setup={0x82, 0x28, {0x4, 0x2, 0xe6}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x280, 0x7, 0x2}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x2d6}}, @irq_setup={0x46, 0x18, {0x3, 0x1c1}}, @svc={0x122, 0x40, {0x84000002, [0x2, 0x154, 0x80000000, 0xbe65, 0x5]}}, @msr={0x14, 0x20, {0x603000000013f602, 0x400}}, @msr={0x14, 0x20, {0x2019e24b977b1d85, 0x400}}], 0x118}, &(0x7f0000000180)=[@featur1={0x1, 0x12}], 0x1)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r10 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0xc)
syz_kvm_vgic_v3_setup(r10, 0x0, 0x2b0)
r11 = openat$kvm(0x0, &(0x7f0000000100), 0x82001, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x3000007, 0x2012, r11, 0x0)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r13, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f932, 0xffffffffffffffff, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_GET_REG_LIST(r16, 0xc008aeb0, &(0x7f0000000200)={0x3, [0x0, 0x9, 0xb]})

1m18.493301075s ago: executing program 0 (id=534):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_vgic_v3_setup(r3, 0x3, 0xa0)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x9, 0x1, &(0x7f0000000180)=0x807fffe})
r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xf)
ioctl$KVM_PPC_ALLOCATE_HTAB(r6, 0xc004aea7, &(0x7f0000000000)=0x4)
r7 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffe}}, @msr={0x14, 0x20, {0x603000000013dce5, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

55.121953042s ago: executing program 0 (id=535):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@mrs={0xbe, 0x18, {0x603000000013802c}}], 0x18}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

54.774974558s ago: executing program 9 (id=536):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x28)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c024, &(0x7f00000000c0)})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x101fd, 0x2, 0xdddd1000, 0x1000, &(0x7f0000ecd000/0x1000)=nil})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x2, 0x3, 0xdddd0000, 0x1000, &(0x7f0000e8f000/0x1000)=nil})
syz_kvm_setup_cpu$arm64(r1, r9, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
munmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
syz_kvm_setup_cpu$arm64(r3, r8, &(0x7f0000a00000/0x400000)=nil, &(0x7f0000000240)=[{0x0, &(0x7f0000000180)=[@uexit={0x0, 0x18, 0x1000}, @mrs={0xbe, 0x18, {0x603000000013df7f}}, @uexit={0x0, 0x18, 0x100}], 0x48}], 0x1, 0x0, &(0x7f0000000280)=[@featur2={0x1, 0x22}], 0x1)
ioctl$KVM_S390_VCPU_FAULT(r9, 0x4008ae52, &(0x7f0000000000)=0x3)

6.788719952s ago: executing program 42 (id=535):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@mrs={0xbe, 0x18, {0x603000000013802c}}], 0x18}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

0s ago: executing program 43 (id=536):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x28)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c024, &(0x7f00000000c0)})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x101fd, 0x2, 0xdddd1000, 0x1000, &(0x7f0000ecd000/0x1000)=nil})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x2, 0x3, 0xdddd0000, 0x1000, &(0x7f0000e8f000/0x1000)=nil})
syz_kvm_setup_cpu$arm64(r1, r9, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
munmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
syz_kvm_setup_cpu$arm64(r3, r8, &(0x7f0000a00000/0x400000)=nil, &(0x7f0000000240)=[{0x0, &(0x7f0000000180)=[@uexit={0x0, 0x18, 0x1000}, @mrs={0xbe, 0x18, {0x603000000013df7f}}, @uexit={0x0, 0x18, 0x100}], 0x48}], 0x1, 0x0, &(0x7f0000000280)=[@featur2={0x1, 0x22}], 0x1)
ioctl$KVM_S390_VCPU_FAULT(r9, 0x4008ae52, &(0x7f0000000000)=0x3)

kernel console output (not intermixed with test programs):

[  385.297540][ T3151] 8021q: adding VLAN 0 to HW filter on device bond0
[  435.891367][ T3151] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:6174' (ED25519) to the list of known hosts.
[  600.947796][   T25] audit: type=1400 audit(600.160:60): avc:  denied  { name_bind } for  pid=3310 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  601.888204][   T25] audit: type=1400 audit(601.110:61): avc:  denied  { execute } for  pid=3311 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  601.926232][   T25] audit: type=1400 audit(601.130:62): avc:  denied  { execute_no_trans } for  pid=3311 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  624.620033][   T25] audit: type=1400 audit(623.840:63): avc:  denied  { mounton } for  pid=3311 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  624.652653][   T25] audit: type=1400 audit(623.870:64): avc:  denied  { mount } for  pid=3311 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  624.737152][ T3311] cgroup: Unknown subsys name 'net'
[  624.791283][   T25] audit: type=1400 audit(624.010:65): avc:  denied  { unmount } for  pid=3311 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  625.168575][ T3311] cgroup: Unknown subsys name 'cpuset'
[  625.278510][ T3311] cgroup: Unknown subsys name 'rlimit'
[  626.209273][   T25] audit: type=1400 audit(625.430:66): avc:  denied  { setattr } for  pid=3311 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  626.229873][   T25] audit: type=1400 audit(625.440:67): avc:  denied  { mounton } for  pid=3311 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  626.262293][   T25] audit: type=1400 audit(625.470:68): avc:  denied  { mount } for  pid=3311 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  627.473374][ T3314] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  627.493399][   T25] audit: type=1400 audit(626.710:69): avc:  denied  { relabelto } for  pid=3314 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  627.520168][   T25] audit: type=1400 audit(626.740:70): avc:  denied  { write } for  pid=3314 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  627.710421][   T25] audit: type=1400 audit(626.930:71): avc:  denied  { read } for  pid=3311 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  627.732901][   T25] audit: type=1400 audit(626.940:72): avc:  denied  { open } for  pid=3311 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  627.781366][ T3311] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  678.949187][   T25] audit: type=1400 audit(678.170:73): avc:  denied  { execmem } for  pid=3315 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  683.612508][   T25] audit: type=1400 audit(682.830:74): avc:  denied  { read } for  pid=3317 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  683.640228][   T25] audit: type=1400 audit(682.860:75): avc:  denied  { open } for  pid=3317 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  683.727543][   T25] audit: type=1400 audit(682.920:76): avc:  denied  { mounton } for  pid=3317 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  683.968292][   T25] audit: type=1400 audit(683.180:78): avc:  denied  { module_request } for  pid=3317 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  684.014209][   T25] audit: type=1400 audit(683.170:77): avc:  denied  { module_request } for  pid=3318 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  685.096913][   T25] audit: type=1400 audit(684.310:79): avc:  denied  { sys_module } for  pid=3318 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  713.726107][ T3318] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  714.431544][ T3318] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  714.508137][ T3317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  714.870877][ T3317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  726.912777][ T3318] hsr_slave_0: entered promiscuous mode
[  726.942682][ T3318] hsr_slave_1: entered promiscuous mode
[  727.387805][ T3317] hsr_slave_0: entered promiscuous mode
[  727.409531][ T3317] hsr_slave_1: entered promiscuous mode
[  727.428956][ T3317] debugfs: 'hsr0' already exists in 'hsr'
[  727.432963][ T3317] Cannot create hsr debugfs directory
[  733.147000][   T25] audit: type=1400 audit(732.360:80): avc:  denied  { create } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  733.200746][   T25] audit: type=1400 audit(732.400:81): avc:  denied  { write } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  733.276742][   T25] audit: type=1400 audit(732.430:82): avc:  denied  { read } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  733.381340][ T3318] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  733.731396][ T3318] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  734.043325][ T3318] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  734.407492][ T3318] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  735.927533][ T3317] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  736.158017][ T3317] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  736.339755][ T3317] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  736.500219][ T3317] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  749.141197][ T3318] 8021q: adding VLAN 0 to HW filter on device bond0
[  751.608850][ T3317] 8021q: adding VLAN 0 to HW filter on device bond0
[  807.408796][ T3318] veth0_vlan: entered promiscuous mode
[  807.881565][ T3318] veth1_vlan: entered promiscuous mode
[  809.799455][ T3318] veth0_macvtap: entered promiscuous mode
[  810.271818][ T3318] veth1_macvtap: entered promiscuous mode
[  810.398605][ T3317] veth0_vlan: entered promiscuous mode
[  811.110685][ T3317] veth1_vlan: entered promiscuous mode
[  812.757867][   T49] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  812.766991][   T49] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  812.770724][   T49] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  812.846956][   T49] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  813.830496][ T3317] veth0_macvtap: entered promiscuous mode
[  814.500946][ T3317] veth1_macvtap: entered promiscuous mode
[  815.185941][   T25] audit: type=1400 audit(814.400:83): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  815.460409][   T25] audit: type=1400 audit(814.680:84): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.kiRvsD/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  815.768278][   T25] audit: type=1400 audit(814.970:85): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  816.060285][   T25] audit: type=1400 audit(815.280:86): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.kiRvsD/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  816.231218][   T25] audit: type=1400 audit(815.440:87): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.kiRvsD/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3775 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  816.810500][   T25] audit: type=1400 audit(815.970:88): avc:  denied  { unmount } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  816.896901][ T3411] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  816.898969][ T3411] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  816.910915][ T3411] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  816.948884][ T3411] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  817.288630][   T25] audit: type=1400 audit(816.470:89): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  817.434102][   T25] audit: type=1400 audit(816.600:90): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="gadgetfs" ino=3784 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  817.936342][   T25] audit: type=1400 audit(817.110:91): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  818.036920][   T25] audit: type=1400 audit(817.240:92): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  820.161927][ T3318] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  820.900115][   T25] kauditd_printk_skb: 1 callbacks suppressed
[  820.919172][   T25] audit: type=1400 audit(820.120:94): avc:  denied  { read write } for  pid=3318 comm="syz-executor" name="loop1" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  820.936023][   T25] audit: type=1400 audit(820.150:95): avc:  denied  { open } for  pid=3318 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  821.037909][   T25] audit: type=1400 audit(820.210:96): avc:  denied  { ioctl } for  pid=3318 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=638 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  832.643211][   T25] audit: type=1400 audit(831.810:97): avc:  denied  { read append } for  pid=3470 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  832.739149][   T25] audit: type=1400 audit(831.950:98): avc:  denied  { open } for  pid=3470 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  833.511304][   T25] audit: type=1400 audit(832.730:99): avc:  denied  { ioctl } for  pid=3470 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  859.822803][ T3493] kvm [3493]: Failed to find VMA for hva 0x21016000
[  903.604278][   T25] audit: type=1400 audit(902.800:100): avc:  denied  { execute } for  pid=3514 comm="syz.0.13" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4323 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[ 1002.043799][   T25] audit: type=1400 audit(1001.240:101): avc:  denied  { write } for  pid=3575 comm="syz.0.31" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1040.740570][ T3602] kvm [3602]: Failed to find VMA for hva 0x21016000
[ 1161.782836][ T3681] kvm [3681]: Failed to find VMA for hva 0x20d8d000
[ 1268.971031][   T25] audit: type=1400 audit(1268.180:102): avc:  denied  { setattr } for  pid=3766 comm="syz.0.90" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1416.532330][ T3871] kvm [3871]: Failed to find VMA for hva 0x20e8b000
[ 1614.583307][   T25] audit: type=1400 audit(1613.800:103): avc:  denied  { ioctl } for  pid=4006 comm="syz.0.163" path="net:[4026532615]" dev="nsfs" ino=4026532615 ioctlcmd=0x5829 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1644.067807][ T4031] kvm [4031]: Failed to find VMA for hva 0x21016000
[ 1697.797697][ T4064] kvm [4064]: Failed to find VMA for hva 0x20e8a000
[ 1719.884099][   T25] audit: type=1400 audit(1719.100:104): avc:  denied  { map } for  pid=4082 comm="syz.0.185" path="pipe:[2797]" dev="pipefs" ino=2797 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 2078.251335][ T4296] kvm [4296]: Failed to find VMA for hva 0x21016000
[ 2318.489401][ T4460] debugfs: 'vgic-its-state@8080000' already exists in '4460-5'
[ 2634.163617][ T4597] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2634.789405][ T4597] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2657.440429][ T4607] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2657.627801][ T4607] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2661.738780][ T4597] hsr_slave_0: entered promiscuous mode
[ 2661.799749][ T4597] hsr_slave_1: entered promiscuous mode
[ 2661.857198][ T4597] debugfs: 'hsr0' already exists in 'hsr'
[ 2661.860332][ T4597] Cannot create hsr debugfs directory
[ 2675.524231][ T4597] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 2675.871678][ T4597] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 2676.143730][ T4597] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 2676.507160][ T4597] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 2683.113562][ T4607] hsr_slave_0: entered promiscuous mode
[ 2683.191428][ T4607] hsr_slave_1: entered promiscuous mode
[ 2683.247629][ T4607] debugfs: 'hsr0' already exists in 'hsr'
[ 2683.250872][ T4607] Cannot create hsr debugfs directory
[ 2701.880623][ T4607] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 2702.659141][ T4607] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 2703.360450][ T4607] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 2703.774309][ T4607] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 2708.970205][ T4597] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2727.503645][ T3285] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2728.743098][ T3285] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2729.962098][ T3285] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2730.951625][ T3285] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2743.074518][ T3285] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2743.200789][ T3285] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2743.273741][ T3285] bond0 (unregistering): Released all slaves
[ 2744.561364][ T3285] hsr_slave_0: left promiscuous mode
[ 2744.648154][ T3285] hsr_slave_1: left promiscuous mode
[ 2745.116217][ T3285] veth1_macvtap: left promiscuous mode
[ 2745.128816][ T3285] veth0_macvtap: left promiscuous mode
[ 2745.139847][ T3285] veth1_vlan: left promiscuous mode
[ 2745.151760][ T3285] veth0_vlan: left promiscuous mode
[ 2769.101251][ T4607] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2770.737407][ T3285] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2772.113472][ T3285] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2773.683303][ T3285] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2775.054143][ T3285] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2792.912497][ T3285] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2793.150453][ T3285] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2793.324139][ T3285] bond0 (unregistering): Released all slaves
[ 2794.715966][ T3285] hsr_slave_0: left promiscuous mode
[ 2794.759440][ T3285] hsr_slave_1: left promiscuous mode
[ 2795.476504][ T3285] veth1_macvtap: left promiscuous mode
[ 2795.477842][ T3285] veth0_macvtap: left promiscuous mode
[ 2795.491382][ T3285] veth1_vlan: left promiscuous mode
[ 2795.517587][ T3285] veth0_vlan: left promiscuous mode
[ 2864.969946][ T4597] veth0_vlan: entered promiscuous mode
[ 2865.728702][ T4597] veth1_vlan: entered promiscuous mode
[ 2868.199936][ T4597] veth0_macvtap: entered promiscuous mode
[ 2868.629786][ T4597] veth1_macvtap: entered promiscuous mode
[ 2871.357147][ T3702] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2871.361263][ T3702] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2871.437485][ T3702] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2871.491662][ T3702] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2886.143630][ T4607] veth0_vlan: entered promiscuous mode
[ 2887.005513][ T4607] veth1_vlan: entered promiscuous mode
[ 2890.872335][ T4607] veth0_macvtap: entered promiscuous mode
[ 2891.522822][ T4607] veth1_macvtap: entered promiscuous mode
[ 2895.498177][ T4163] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2895.518560][ T4163] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2895.647626][ T4163] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2895.677663][ T3285] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3003.849509][ T4163] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3006.004092][ T4163] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3008.244640][ T4163] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3010.808497][ T4163] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3036.617161][ T4163] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3037.004385][ T4163] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3037.251254][ T4163] bond0 (unregistering): Released all slaves
[ 3039.623505][ T4163] hsr_slave_0: left promiscuous mode
[ 3039.752164][ T4163] hsr_slave_1: left promiscuous mode
[ 3040.537255][ T4163] veth1_macvtap: left promiscuous mode
[ 3040.540678][ T4163] veth0_macvtap: left promiscuous mode
[ 3040.561357][ T4163] veth1_vlan: left promiscuous mode
[ 3040.587339][ T4163] veth0_vlan: left promiscuous mode
[ 3119.693954][ T4850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3120.142104][ T4850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3157.340582][ T4850] hsr_slave_0: entered promiscuous mode
[ 3157.473351][ T4850] hsr_slave_1: entered promiscuous mode
[ 3176.453520][ T4850] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 3177.008940][ T4850] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 3177.350244][ T4850] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 3177.762260][ T4850] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 3213.789126][ T4850] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3318.801585][ T5053] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3320.902451][ T5053] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3322.868603][ T5053] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3324.705927][ T5053] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3345.996224][ T5053] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3346.467553][ T5053] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3346.749149][ T5053] bond0 (unregistering): Released all slaves
[ 3348.697267][ T5053] hsr_slave_0: left promiscuous mode
[ 3348.757505][ T5053] hsr_slave_1: left promiscuous mode
[ 3349.180498][ T5053] veth1_macvtap: left promiscuous mode
[ 3349.185498][ T5053] veth0_macvtap: left promiscuous mode
[ 3349.197055][ T5053] veth1_vlan: left promiscuous mode
[ 3349.221154][ T5053] veth0_vlan: left promiscuous mode
[ 3391.613141][ T4850] veth0_vlan: entered promiscuous mode
[ 3392.567602][ T4850] veth1_vlan: entered promiscuous mode
[ 3398.269565][ T4850] veth0_macvtap: entered promiscuous mode
[ 3398.690024][ T4850] veth1_macvtap: entered promiscuous mode
[ 3401.291830][ T4673] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3401.293001][ T4673] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3401.313371][ T4673] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3401.489697][ T4674] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3414.349961][ T5040] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3414.913197][ T5040] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3455.068556][ T5040] hsr_slave_0: entered promiscuous mode
[ 3455.157700][ T5040] hsr_slave_1: entered promiscuous mode
[ 3455.190793][ T5040] debugfs: 'hsr0' already exists in 'hsr'
[ 3455.195941][ T5040] Cannot create hsr debugfs directory
[ 3473.264269][ T5040] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 3473.703057][ T5040] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 3474.162853][ T5040] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 3474.596898][ T5040] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 3512.703936][ T5040] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3680.287903][ T5040] veth0_vlan: entered promiscuous mode
[ 3681.408426][ T5040] veth1_vlan: entered promiscuous mode
[ 3685.028471][ T5040] veth0_macvtap: entered promiscuous mode
[ 3685.618952][ T5040] veth1_macvtap: entered promiscuous mode
[ 3689.472376][ T4524] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3689.480717][ T4524] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3689.497186][ T4524] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3689.859937][ T4524] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3742.811832][ T4163] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3745.351727][ T4163] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3747.902277][ T4163] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3750.831499][ T4163] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3777.292006][ T4163] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3777.816921][ T4163] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3778.117507][ T4163] bond0 (unregistering): Released all slaves
[ 3781.617788][ T4163] hsr_slave_0: left promiscuous mode
[ 3781.782869][ T4163] hsr_slave_1: left promiscuous mode
[ 3782.727973][ T4163] veth1_macvtap: left promiscuous mode
[ 3782.729364][ T4163] veth0_macvtap: left promiscuous mode
[ 3782.769378][ T4163] veth1_vlan: left promiscuous mode
[ 3782.807678][ T4163] veth0_vlan: left promiscuous mode
[ 3894.092774][ T5306] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3894.452733][ T5306] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3940.490320][ T5306] hsr_slave_0: entered promiscuous mode
[ 3940.627065][ T5306] hsr_slave_1: entered promiscuous mode
[ 3963.516970][ T5306] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 3963.952713][ T5306] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 3964.413643][ T5306] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 3964.823811][ T5306] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 4007.012728][ T5306] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4196.119352][ T5306] veth0_vlan: entered promiscuous mode
[ 4197.888035][ T5306] veth1_vlan: entered promiscuous mode
[ 4202.512456][ T5306] veth0_macvtap: entered promiscuous mode
[ 4203.422671][ T5306] veth1_macvtap: entered promiscuous mode
[ 4208.658951][ T4163] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4208.664301][ T4163] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4208.697503][ T4163] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4208.698464][ T4163] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4299.709389][ T3702] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4302.319895][ T3702] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4305.069560][ T3702] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4307.522962][ T3702] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4338.237590][ T3702] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4338.742421][ T3702] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4339.102436][ T3702] bond0 (unregistering): Released all slaves
[ 4343.466230][ T3702] hsr_slave_0: left promiscuous mode
[ 4343.552204][ T3702] hsr_slave_1: left promiscuous mode
[ 4344.339094][ T3702] veth1_macvtap: left promiscuous mode
[ 4344.342455][ T3702] veth0_macvtap: left promiscuous mode
[ 4344.370026][ T3702] veth1_vlan: left promiscuous mode
[ 4344.394494][ T3702] veth0_vlan: left promiscuous mode
[ 4449.844398][ T5620] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4450.492427][ T5620] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4496.872797][ T5620] hsr_slave_0: entered promiscuous mode
[ 4496.991019][ T5620] hsr_slave_1: entered promiscuous mode
[ 4497.127444][ T5620] debugfs: 'hsr0' already exists in 'hsr'
[ 4497.138845][ T5620] Cannot create hsr debugfs directory
[ 4524.947564][ T5620] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 4525.688308][ T5620] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 4526.381886][ T5620] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 4527.228363][ T5620] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 4541.198906][   T25] audit: type=1400 audit(4540.400:105): avc:  denied  { map } for  pid=5770 comm="syz.6.451" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 4541.260654][   T25] audit: type=1400 audit(4540.420:106): avc:  denied  { execute } for  pid=5770 comm="syz.6.451" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 4570.479982][ T5620] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4750.283000][ T4673] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4752.980196][ T4673] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4755.529891][ T4673] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4757.877714][ T4673] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4784.133426][ T4673] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4784.413512][ T4673] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4784.502145][ T4673] bond0 (unregistering): Released all slaves
[ 4785.609103][ T5620] veth0_vlan: entered promiscuous mode
[ 4786.727657][ T4673] hsr_slave_0: left promiscuous mode
[ 4787.060582][ T4673] hsr_slave_1: left promiscuous mode
[ 4787.531086][ T4673] veth1_macvtap: left promiscuous mode
[ 4787.587431][ T4673] veth0_macvtap: left promiscuous mode
[ 4787.598775][ T4673] veth1_vlan: left promiscuous mode
[ 4787.600333][ T4673] veth0_vlan: left promiscuous mode
[ 4816.360410][ T5620] veth1_vlan: entered promiscuous mode
[ 4823.501959][ T5620] veth0_macvtap: entered promiscuous mode
[ 4824.141393][ T5620] veth1_macvtap: entered promiscuous mode
[ 4829.688600][ T3702] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4829.691960][ T3702] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4829.728561][ T3702] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4829.986714][ T3702] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4882.049495][ T5866] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4882.572157][ T5866] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4938.408196][ T5866] hsr_slave_0: entered promiscuous mode
[ 4938.540699][ T5866] hsr_slave_1: entered promiscuous mode
[ 4969.331927][ T5866] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 4969.892107][ T5866] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 4970.618286][ T5866] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 4971.198735][ T5866] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 5020.246718][ T5866] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5242.999225][ T5866] veth0_vlan: entered promiscuous mode
[ 5244.420943][ T5866] veth1_vlan: entered promiscuous mode
[ 5248.821371][ T5866] veth0_macvtap: entered promiscuous mode
[ 5249.742528][ T5866] veth1_macvtap: entered promiscuous mode
[ 5254.497622][ T5820] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5254.507048][ T5820] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5254.536748][ T5820] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5254.547152][ T5325] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5333.823742][ T4524] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5336.922257][ T4524] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5339.713462][ T4524] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5342.283152][ T4524] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5380.516347][ T4524] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5381.021802][ T4524] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5381.432616][ T4524] bond0 (unregistering): Released all slaves
[ 5385.448797][ T4524] hsr_slave_0: left promiscuous mode
[ 5385.676845][ T4524] hsr_slave_1: left promiscuous mode
[ 5386.851994][ T4524] veth1_macvtap: left promiscuous mode
[ 5386.862868][ T4524] veth0_macvtap: left promiscuous mode
[ 5386.919863][ T4524] veth1_vlan: left promiscuous mode
[ 5386.947640][ T4524] veth0_vlan: left promiscuous mode
[ 5467.672732][ T5325] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5469.682811][ T5325] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5472.024107][ T5325] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5474.719432][ T5325] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5504.623754][ T5325] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5504.933765][ T5325] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5505.391869][ T5325] bond0 (unregistering): Released all slaves
[ 5510.847536][ T5325] hsr_slave_0: left promiscuous mode
[ 5511.018742][ T5325] hsr_slave_1: left promiscuous mode
[ 5512.043344][ T5325] veth1_macvtap: left promiscuous mode
[ 5512.118194][ T5325] veth0_macvtap: left promiscuous mode
[ 5512.123545][ T5325] veth1_vlan: left promiscuous mode
[ 5512.149635][ T5325] veth0_vlan: left promiscuous mode
[ 5544.830868][ T6127] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5545.320589][ T6127] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5579.492093][ T6165] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5579.929666][ T6165] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5586.367131][ T6127] hsr_slave_0: entered promiscuous mode
[ 5586.492508][ T6127] hsr_slave_1: entered promiscuous mode
[ 5613.290396][ T6127] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 5614.021595][ T6127] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 5614.728438][ T6127] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 5615.387499][ T6127] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 5628.559755][ T6165] hsr_slave_0: entered promiscuous mode
[ 5628.651488][ T6165] hsr_slave_1: entered promiscuous mode
[ 5628.788097][ T6165] debugfs: 'hsr0' already exists in 'hsr'
[ 5628.814394][ T6165] Cannot create hsr debugfs directory
[ 5666.604388][ T6127] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5671.950986][ T6165] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 5672.939282][ T6165] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 5673.374601][ T6165] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 5674.109025][ T6165] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 5716.096758][ T6165] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5853.224341][ T6127] veth0_vlan: entered promiscuous mode
[ 5854.658974][ T6127] veth1_vlan: entered promiscuous mode
[ 5859.173470][ T6127] veth0_macvtap: entered promiscuous mode
[ 5859.941217][ T6127] veth1_macvtap: entered promiscuous mode
[ 5864.507640][ T3702] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5864.573397][ T5290] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5864.597645][ T5290] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5864.656883][ T5290] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5874.163966][ T6165] veth0_vlan: entered promiscuous mode
[ 5876.525711][ T6165] veth1_vlan: entered promiscuous mode
[ 5885.703681][ T6165] veth0_macvtap: entered promiscuous mode
[ 5887.934095][ T6165] veth1_macvtap: entered promiscuous mode
[ 5896.829087][ T5325] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5896.872997][ T6134] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5896.924484][ T5043] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5896.991008][ T5325] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5931.363457][ T3702] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5933.794342][ T3702] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5936.223264][ T3702] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5939.032691][ T3702] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5978.070715][ T3702] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5978.726686][ T3702] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5979.168311][ T3702] bond0 (unregistering): Released all slaves
[ 5983.442089][ T3702] hsr_slave_0: left promiscuous mode
[ 5983.591672][ T3702] hsr_slave_1: left promiscuous mode
[ 5984.878488][ T3702] veth1_macvtap: left promiscuous mode
[ 5984.897666][ T3702] veth0_macvtap: left promiscuous mode
[ 5984.899757][ T3702] veth1_vlan: left promiscuous mode
[ 5984.901214][ T3702] veth0_vlan: left promiscuous mode
[ 6134.930398][ T6403] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6135.482402][ T6403] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6194.046406][ T6403] hsr_slave_0: entered promiscuous mode
[ 6194.171534][ T6403] hsr_slave_1: entered promiscuous mode
[ 6239.811138][ T6403] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 6241.307329][ T6403] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 6242.283100][ T6403] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 6243.458992][ T6403] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 6294.380591][ T6403] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6328.511472][ T6134] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6331.389123][ T6134] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6335.518518][ T6134] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6338.311637][ T6134] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6374.313392][ T6134] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 6374.868172][ T6134] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 6375.738566][ T6134] bond0 (unregistering): Released all slaves
[ 6379.356440][ T6134] hsr_slave_0: left promiscuous mode
[ 6379.472398][ T6134] hsr_slave_1: left promiscuous mode
[ 6380.263712][ T6134] veth1_macvtap: left promiscuous mode
[ 6380.266206][ T6134] veth0_macvtap: left promiscuous mode
[ 6380.268221][ T6134] veth1_vlan: left promiscuous mode
[ 6380.269660][ T6134] veth0_vlan: left promiscuous mode
[ 6439.300467][ T6561] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6439.791835][ T6561] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6491.597506][ T6561] hsr_slave_0: entered promiscuous mode
[ 6491.779692][ T6561] hsr_slave_1: entered promiscuous mode
[ 6492.120334][ T6561] debugfs: 'hsr0' already exists in 'hsr'
[ 6492.140119][ T6561] Cannot create hsr debugfs directory
[ 6558.803712][ T3285] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 6559.022053][ T3285] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 6559.190633][ T3285] bond0 (unregistering): Released all slaves
[ 6561.866131][ T3285] hsr_slave_0: left promiscuous mode
[ 6561.959161][ T3285] hsr_slave_1: left promiscuous mode
[ 6587.237388][ T6561] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 6588.671363][ T6561] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 6589.341042][ T6561] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 6590.134092][ T6561] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 6630.661117][ T6561] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6646.811362][ T6663] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6647.208055][ T6663] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6690.441390][ T6663] hsr_slave_0: entered promiscuous mode
[ 6690.641252][ T6663] hsr_slave_1: entered promiscuous mode
[ 6722.552715][ T6663] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 6723.158602][ T6663] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 6723.621142][ T6663] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 6724.190655][ T6663] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 6765.863921][ T6663] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6774.490431][ T6561] veth0_vlan: entered promiscuous mode
[ 6775.919131][ T6561] veth1_vlan: entered promiscuous mode
[ 6779.651489][ T6561] veth0_macvtap: entered promiscuous mode
[ 6780.370731][ T6561] veth1_macvtap: entered promiscuous mode
[ 6784.668884][ T5325] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 6784.690858][ T4673] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 6784.731410][ T6134] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 6784.732635][ T6134] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 6990.585581][ T6663] veth0_vlan: entered promiscuous mode
[ 6992.420685][ T6663] veth1_vlan: entered promiscuous mode
[ 6997.824341][ T6663] veth0_macvtap: entered promiscuous mode
[ 6998.773793][ T6663] veth1_macvtap: entered promiscuous mode
[ 7004.910815][ T4163] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 7004.964575][ T4673] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 7005.133923][ T4674] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 7005.222340][ T6595] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 7305.091422][ T7057] kvm [7057]: Failed to find VMA for hva 0x21016000
[ 7524.771091][ T7076] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7527.012014][ T7076] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7530.773580][ T7079] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7531.458688][ T7079] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7589.203888][ T7076] hsr_slave_0: entered promiscuous mode
[ 7589.361655][ T7076] hsr_slave_1: entered promiscuous mode
[ 7589.514484][ T7076] debugfs: 'hsr0' already exists in 'hsr'
[ 7589.521255][ T7076] Cannot create hsr debugfs directory
[ 7595.889305][ T7079] hsr_slave_0: entered promiscuous mode
[ 7596.030701][ T7079] hsr_slave_1: entered promiscuous mode
[ 7596.229305][ T7079] debugfs: 'hsr0' already exists in 'hsr'
[ 7596.259568][ T7079] Cannot create hsr debugfs directory
[ 7662.240906][ T7076] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 7663.758838][ T7076] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 7664.839580][ T7076] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 7667.209893][ T7076] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 7676.151056][ T7079] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 7676.827881][ T7079] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 7677.607976][ T7079] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 7678.243804][ T7079] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 7726.230693][ T7076] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7735.093393][ T7079] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7751.022829][   T27] INFO: task syz.9.536:7054 blocked for more than 430 seconds.
[ 7751.024026][   T27]       Not tainted syzkaller #0
[ 7751.026209][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 7751.026773][   T27] task:syz.9.536       state:D stack:0     pid:7054  tgid:7054  ppid:6663   task_flags:0x400040 flags:0x00000019
[ 7751.028260][   T27] Call trace:
[ 7751.028774][   T27]  __switch_to+0x584/0xb20 (T)
[ 7751.030871][   T27]  __schedule+0x1eec/0x33a4
[ 7751.031469][   T27]  schedule+0xac/0x27c
[ 7751.031974][   T27]  schedule_timeout+0x5c/0x1e4
[ 7751.032437][   T27]  do_wait_for_common+0x28c/0x444
[ 7751.032940][   T27]  wait_for_completion+0x44/0x5c
[ 7751.033461][   T27]  __synchronize_srcu+0x2a4/0x320
[ 7751.033968][   T27]  synchronize_srcu+0x3cc/0x4f0
[ 7751.034475][   T27]  mmu_notifier_unregister+0x320/0x42c
[ 7751.257581][   T27]  kvm_put_kvm+0x6a0/0xfa8
[ 7751.258201][   T27]  kvm_vm_release+0x58/0x78
[ 7751.258726][   T27]  __fput+0x4ac/0x980
[ 7751.259177][   T27]  ____fput+0x20/0x58
[ 7751.259643][   T27]  task_work_run+0x1bc/0x254
[ 7751.260068][   T27]  do_notify_resume+0x1bc/0x270
[ 7751.260542][   T27]  el0_svc+0xb8/0x164
[ 7751.260961][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 7751.261406][   T27]  el0t_64_sync+0x198/0x19c
[ 7751.262923][   T27] 
[ 7751.262923][   T27] Showing all locks held in the system:
[ 7751.263441][   T27] 1 lock held by khungtaskd/27:
SYZFAIL: failed to recv rpc
[ 7751.263834][   T27]  #0: ffff800087806858 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[ 7751.429155][   T27] 1 lock held by klogd/3114:
[ 7751.429589][   T27] 1 lock held by dhcpcd/3150:
[ 7751.429953][   T27] 2 locks held by getty/3180:
[ 7751.430316][   T27]  #0: 5ef0000011d0a8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 7751.432035][   T27]  #1: 4fff80008c54b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8
[ 7751.433735][   T27] 2 locks held by kworker/u4:1/3285:
[ 7751.434104][   T27]  #0: 32f000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 7751.577615][   T27]  #1: ffff80008ec67c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 7751.579461][   T27] 2 locks held by syz-executor/3311:
[ 7751.579809][   T27] 3 locks held by kworker/u4:3/3702:
[ 7751.580118][   T27] 3 locks held by kworker/u4:2/4163:
[ 7751.580448][   T27] 2 locks held by kworker/u4:7/4673:
[ 7751.580758][   T27]  #0: 32f000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 7751.582498][   T27]  #1: ffff80008e8d7c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 7751.584210][   T27] 3 locks held by kworker/u4:0/5043:
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 7751.764086][   T27] 3 locks held by kworker/u4:13/5820:
[ 7751.777833][   T27]  #0: fff0000072d80d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x2f0/0x33a4
[ 7751.779896][   T27]  #1: fff0000072d6c548 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x6c/0x6e8
[ 7751.781588][   T27]  #2: fff0000072d6de58 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x5c8/0xe7c
[ 7751.783340][   T27] 3 locks held by kworker/u4:11/6134:
[ 7751.783701][   T27] 2 locks held by kworker/0:2/6273:
[ 7751.784083][   T27] 2 locks held by syz.0.535/7053:
[ 7751.910518][   T27] 
[ 7751.911138][   T27] =============================================
[ 7751.911138][   T27] 
[ 7751.912002][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[ 7751.918881][   T27] CPU: 0 UID: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT 
[ 7751.920466][   T27] Hardware name: linux,dummy-virt (DT)
[ 7751.921491][   T27] Call trace:
[ 7751.922405][   T27]  show_stack+0x2c/0x3c (C)
[ 7751.923485][   T27]  __dump_stack+0x30/0x40
[ 7751.924375][   T27]  dump_stack_lvl+0x30/0x12c
[ 7751.925293][   T27]  dump_stack+0x1c/0x28
[ 7751.926180][   T27]  vpanic+0x22c/0x59c
[ 7751.927044][   T27]  vpanic+0x0/0x59c
[ 7751.927902][   T27]  hung_task_panic+0x0/0x2c
[ 7751.928832][   T27]  kthread+0x794/0x9a0
[ 7751.929723][   T27]  ret_from_fork+0x10/0x20
[ 7751.931616][   T27] Kernel Offset: disabled
[ 7751.932385][   T27] CPU features: 0x000000,0001a300,5f7c67c1,057ffe1f
[ 7751.933597][   T27] Memory Limit: none
[ 7751.935949][   T27] Rebooting in 86400 seconds..

VM DIAGNOSIS:
19:49:52  Registers:
info registers vcpu 0

CPU#0
 PC=ffff8000800e2ffc X00=ffff8000800076a0 X01=ffff800080cabbd8
X02=0000000000000010 X03=0000000000000010 X04=0000000000000001
X05=0000000000000000 X06=0000000000000000 X07=ffff800085339500
X08=58f000000d9b9d80 X09=0000000000000000 X10=ffff800080007678
X11=0000000000000094 X12=00000000000000ff X13=0000000000000094
X14=0ffff80008000768 X15=ffff8000800076a0 X16=0000000000000000
X17=fff07fffeb6e6000 X18=00000000000000ff X19=ffff800080007f80
X20=ffff800080551244 X21=0000000000000010 X22=ffff800080007fe0
X23=ffff80008c477b00 X24=ffff800080008000 X25=ffff8000800075b8
X26=ffff8000876b5000 X27=00000000000000ff X28=0000000000000000
X29=ffff800080007620 X30=ffff8000800e309c  SP=ffff800080007560
PSTATE=60402009 -ZC- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=2525252525252525:2525252525252525 Z01=6572207265767265:730073250a0d0a0d
Z02=742065726f6d2072:6f662064656b636f Z03=0000000000000000:00ff00ff00000000
Z04=0000000000000000:000000000f0f0000 Z05=726f6d20726f6620:64656b636f6c6220
Z06=203a29315f657661:6c735f646e6f6220 Z07=206e612073612067:6e6976616c736e45
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000fffff7a32f30:0000fffff7a32f30 Z17=ffffff80ffffffd8:0000fffff7a32f00
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000