last executing test programs:

1h56m58.824602343s ago: executing program 1 (id=450):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x4, <r4=>0xffffffffffffffff})
r5 = eventfd2(0x1, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000140)={r5, 0x401, 0x2, r5})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000100)={0x2, 0x8080000, 0x0, r5, 0x2})
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r8, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r9, 0xc0189436, 0x172)
r10 = eventfd2(0x0, 0x0)
close(r10)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, r11, 0x3000002, 0x13, r10, 0x0)
write$eventfd(r10, &(0x7f0000000180)=0x5, 0xfffffde3)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1h56m48.145951939s ago: executing program 1 (id=452):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb01db06033ce3c60100a29ea6ab8031d1dfd92f0000dc0320002c005a9610fbff67521c966f8f1f4408357070c2c7aadaebb20700000000040000000000000100", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
r4 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408)
ioctl$KVM_CHECK_EXTENSION(r4, 0x541b, 0x5)

1h56m40.872336774s ago: executing program 1 (id=453):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2e)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f00000003c0)=[@featur2={0x1, 0x17}], 0x1)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000300)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x12})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc9, 0x3}) (async)
r7 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x3c) (async)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, <r10=>0xffffffffffffffff, 0x1})
r11 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
ioctl$KVM_GET_API_VERSION(r3, 0xae00, 0x0)
r12 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x1800002, 0x11, r11, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f0000000280)="d6011813013c360000000000f4ff8000802346cbd98762c7795582ba3948ecff090001000000000000000000040000000100", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r11, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x40305828, &(0x7f0000000040)=@attr_other={0x0, 0x0, 0xfffffffffffffff7, 0x0}) (async)
r13 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000340)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x8}) (async)
ioctl$KVM_RUN(r14, 0xae80, 0x0) (async)
r15 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r15, 0x4018aee1, &(0x7f00000011c0)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f00000000c0)=0x8}) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)

1h56m26.550714345s ago: executing program 1 (id=454):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x4, 0x7f, 0x0})
ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000180)={0xc, "11029c14e50eaac9139c4595"})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2d)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bc2000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

1h56m19.346546373s ago: executing program 1 (id=456):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30) (async)
r2 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) (async)
ioctl$KVM_SET_USER_MEMORY_REGION2(r3, 0x40a0ae49, 0x0) (async)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000a67000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000080)=@arm64_sys={0x603000000013c807}) (async)
r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000a21000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x210}}], 0x18}, 0x0, 0x0) (async)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x1) (async)
r8 = eventfd2(0x8, 0x80801)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000140)={0x8000000}) (async)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000200)={0x100000000000006, 0x2000, 0x0, r8})
ioctl$KVM_RUN(r7, 0xae80, 0x0)

1h55m38.26403542s ago: executing program 32 (id=455):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x28380, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x33)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_SET_MP_STATE(r5, 0x4004ae99, &(0x7f0000000040))
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x9)
ioctl$KVM_IRQ_LINE(r6, 0x4008ae61, &(0x7f0000000080)={0x0, 0xffffff6f})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQ_LINE(r6, 0x4008ae61, &(0x7f00000001c0)={0x0, 0xffffffff})

1h55m31.093704042s ago: executing program 33 (id=456):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30) (async)
r2 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) (async)
ioctl$KVM_SET_USER_MEMORY_REGION2(r3, 0x40a0ae49, 0x0) (async)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000a67000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000080)=@arm64_sys={0x603000000013c807}) (async)
r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000a21000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x210}}], 0x18}, 0x0, 0x0) (async)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x1) (async)
r8 = eventfd2(0x8, 0x80801)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000140)={0x8000000}) (async)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000200)={0x100000000000006, 0x2000, 0x0, r8})
ioctl$KVM_RUN(r7, 0xae80, 0x0)

1h24m51.356097584s ago: executing program 2 (id=667):
r0 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000480)={0x0, &(0x7f0000000000)=[@eret={0xe6, 0x18, 0x4}, @code={0xa, 0x84, {"604886d20000b8f2e10180d2e20080d2630080d2440080d2020000d4608d97d20020b8f2c10180d2620180d2230080d2c40080d2020000d40084c00d803f90d20060b8f2610080d2620180d2c30180d2e40080d2020000d4000028d5007008d50078205e000c205e0000039e0054c01a"}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0xe7}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x0, 0xffffffffffffffff, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x3, 0x3, 0x8, 0x3, 0x4}}, @eret={0xe6, 0x18, 0x4}, @hvc={0x32, 0x40, {0x84000002, [0x3, 0x4c6aab72, 0x2, 0x5, 0x4]}}, @mrs={0xbe, 0x18, {0x603000000013e08b}}, @msr={0x14, 0x20, {0x603000000013dea2, 0x7fff}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x1, 0x2, 0x3, 0x6, 0x4}}, @irq_setup={0x46, 0x18, {0x4, 0x282}}, @code={0xa, 0x9c, {"80608dd200a0b0f2410080d2c20080d2c30180d2e40080d2020000d4000028d5801597d20080b8f2210180d2620080d2430180d2240080d2020000d4007008d5e0b086d20060b0f2a10080d2a20180d2030080d2e40180d2020000d4007008d5e05b97d200a0b8f2e10080d2e20180d2a30080d2040080d2020000d40084207e00a8215e000008d5"}}, @smc={0x1e, 0x40, {0x31000000, [0x4, 0x3, 0x40, 0x6, 0x7fffffff]}}, @eret={0xe6, 0x18}, @irq_setup={0x46, 0x18, {0x2, 0x161}}, @hvc={0x32, 0x40, {0xc4000004, [0x0, 0x2, 0x3, 0x1, 0x52bc]}}, @code={0xa, 0x84, {"007008d5007008d520ce99d200e0b8f2c10080d2e20080d2830180d2240180d2020000d400a0400d008008d5c0dd99d200a0b8f2e10080d2020180d2a30180d2640180d2020000d4e0079f1a60da87d200a0b0f2810180d2820080d2430180d2440180d2020000d4008008d5007008d5"}}, @uexit={0x0, 0x18, 0x7154}, @svc={0x122, 0x40, {0x84000009, [0x7f, 0x7, 0x3, 0x1, 0x35a]}}, @svc={0x122, 0x40, {0xffff, [0x8, 0x10, 0x3, 0xaa4, 0x8]}}], 0x454}, &(0x7f00000004c0)=[@featur1={0x1, 0x80}], 0x1)
ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000500)=0x4) (async)
r1 = mmap$KVM_VCPU(&(0x7f0000ffa000/0x4000)=nil, 0x0, 0x8, 0x20010, r0, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000540)="14220cdb5c79b07085071d25df0ad9027f8567e5e89a0a6092e9db0b33b0c52d516a071ce2218e8e7c00fe695a0eb6cda72b61c1edad1e99189097154aa3bef5a44c940ad7ce66c8", 0x0, 0x48) (async)
close(r0) (async)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x18)
syz_kvm_vgic_v3_setup(r2, 0x2, 0x20)
ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, &(0x7f00000005c0)={0x8, [0x7994, 0x0, 0x8, 0x6, 0x1, 0xfffffffffffffffa, 0x10000, 0x0]}) (async)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xb)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r3, 0x4010ae74, &(0x7f0000000640)={0x0, 0x2, 0xfff6})
r4 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000680), 0x401, 0x0) (async)
r5 = ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, &(0x7f00000006c0)={0x3, 0x1})
ioctl$KVM_SET_USER_MEMORY_REGION2(r2, 0x40a0ae49, &(0x7f0000000700)={0x10200, 0x5, 0xffff1000, 0x1000, &(0x7f0000dd3000/0x1000)=nil, 0x6, r5}) (async)
r6 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000c00)={0x0, &(0x7f00000007c0)=[@msr={0x14, 0x20, {0x603000000013c230, 0x7f}}, @smc={0x1e, 0x40, {0xc4000010, [0x61e4, 0x8, 0x2, 0x4, 0x2bc]}}, @code={0xa, 0x9c, {"c02c8fd200e0b0f2410180d2e20080d2e30180d2240080d2020000d4000040b30034207e0000599e008008d5404892d200c0b0f2610080d2e20180d2430080d2a40180d2020000d4000008d5c07b86d20040b0f2210180d2a20080d2630180d2840180d2020000d4a08d93d20080b0f2e10080d2820180d2030080d2240180d2020000d4000028d5"}}, @smc={0x1e, 0x40, {0x8400000e, [0xffff, 0xc, 0x9, 0xc, 0x8]}}, @smc={0x1e, 0x40, {0x4600803c, [0x1ff, 0x7fffffffffffffff, 0x5, 0x4, 0x3]}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x2, 0xd, 0x6, 0x0, 0x3}}, @irq_setup={0x46, 0x18, {0x4, 0x6a}}, @msr={0x14, 0x20, {0x603000000013df56, 0x8}}, @uexit={0x0, 0x18, 0x5}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x2d2}}, @msr={0x14, 0x20, {0x6030000000138065, 0xf5}}, @irq_setup={0x46, 0x18, {0x0, 0x16e}}, @irq_setup={0x46, 0x18, {0x4, 0x3b1}}, @code={0xa, 0xb4, {"0000289e000008d5a02594d200c0b8f2410180d2020180d2c30080d2440080d2020000d460ca96d20080b8f2210180d2020080d2a30180d2240180d2020000d4000986d20040b8f2210080d2e20080d2630080d2440180d2020000d4007008d5c04292d20000b0f2c10180d2820180d2c30080d2e40080d2020000d40060000fc01e98d20000b0f2210080d2620080d2230080d2440080d2020000d4007008d5"}}, @irq_setup={0x46, 0x18, {0x0, 0x7e}}, @eret={0xe6, 0x18, 0x7}, @code={0xa, 0xb4, {"e0648cd20040b0f2e10080d2420080d2e30080d2e40180d2020000d4c02594d20080b8f2010080d2e20180d2630180d2a40180d2020000d4001395d20060b8f2410180d2a20080d2c30080d2c40080d2020000d40000599e00b8200e007008d5007008d560a096d20060b8f2810180d2820180d2a30180d2240080d2020000d4007008d5406e92d20020b0f2810180d2220080d2830080d2440080d2020000d4"}}, @uexit={0x0, 0x18, 0x2}], 0x41c}, &(0x7f0000000c40)=[@featur2={0x1, 0x4}], 0x1)
ioctl$KVM_DIRTY_TLB(r6, 0x4010aeaa, &(0x7f0000000c80)={0x401, 0x6}) (async)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000d00)=@riscv64_timer={0x8030000004000000, &(0x7f0000000cc0)=0xb})
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000d80)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000d40)=0x13}) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r0, 0x4018aee1, &(0x7f0000000e00)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000dc0)=0x1a}) (async)
syz_kvm_vgic_v3_setup(r2, 0x2, 0x200) (async)
eventfd2(0x80000001, 0xc01) (async)
syz_kvm_setup_cpu$arm64(r3, r6, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000f80)=[{0x0, &(0x7f0000000e40)=[@mrs={0xbe, 0x18, {0x603000000013df42}}, @mrs={0xbe, 0x18, {0x603000000013df47}}, @mrs={0xbe, 0x18, {0x603000000013e66e}}, @eret={0xe6, 0x18, 0x1ff}, @its_send_cmd={0xaa, 0x28, {0x3, 0x7, 0x3, 0xe, 0xfffffff9, 0x1, 0x2}}, @uexit={0x0, 0x18, 0x400}, @smc={0x1e, 0x40, {0x84000003, [0x7f, 0x33, 0x1, 0x0, 0x5]}}, @smc={0x1e, 0x40, {0xc4000004, [0x401, 0x1, 0x1, 0xfffffffffffff8cd, 0xe66]}}], 0x120}], 0x1, 0x0, &(0x7f0000000fc0)=[@featur2={0x1, 0xe4}], 0x1) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000001000), 0x48400, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x4018aee1, &(0x7f0000001080)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000001040)={0xd, 0xfff, 0x1}}) (async)
ioctl$KVM_ARM_VCPU_FINALIZE(r6, 0x4004aec2, &(0x7f00000010c0)=0x5)
r7 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x7)
close(r3) (async)
mmap$KVM_VCPU(&(0x7f0000c25000/0x11000)=nil, 0x0, 0x0, 0x10010, r7, 0x0) (async)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r7, 0x4018aee3, &(0x7f0000001140)=@attr_irq_timer={0x0, 0x1, 0x0, &(0x7f0000001100)=0x16})

1h24m44.598806965s ago: executing program 2 (id=669):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000540)=[{0x0, 0x0, 0x51c}], 0x1, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f0000000080)}, &(0x7f0000000280)=[@featur1={0x1, 0x40}], 0x1)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x4, 0x80)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = eventfd2(0xeffffffd, 0x801)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000000)={0x200, 0x4000, 0x4, r8, 0x1})
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r8, 0x3})
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f00000000c0)={0x3, 0x0, 0x2, r8, 0xb})
r9 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r5, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
munmap(&(0x7f00007d7000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ece000/0x3000)=nil, r5, 0x7000006, 0x2010, r3, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1h24m37.874492544s ago: executing program 3 (id=670):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x25) (async)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x25)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_HALT_POLL(r4, 0x4068aea3, &(0x7f0000000240)={0xb6, 0x0, 0x4})
syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2000000002, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x4000000, 0x0, 0x6, 0x2, 0x4}}], 0x50}, 0x0, 0x0) (async)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2000000002, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x4000000, 0x0, 0x6, 0x2, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) (async)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r4, 0x4008ae73, &(0x7f0000000040)={0x1ff, 0x4})
r8 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
r9 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000006c0)={0x0, &(0x7f0000000240)=[@msr={0x14, 0x20, {0x603000000013deb1, 0x7fffffffffffffff}}, @uexit={0x0, 0x18}, @mrs={0xbe, 0x18, {0x603000000013c644}}, @irq_setup={0x46, 0x18, {0x4, 0x312}}, @msr={0x14, 0x20, {0x6030000000138045, 0x1}}, @hvc={0x32, 0x40, {0xffff, [0xb068, 0x92c, 0x8000000000000001, 0x81]}}, @irq_setup={0x46, 0x18, {0x2, 0x32e}}, @eret={0xe6, 0x18}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xe9d38f87e71e0884, 0x1e}}, @mrs={0xbe, 0x18, {0x603000000013df5b}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x3, 0xd, 0x5, 0xffffff01, 0x1}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0xb0, 0x401, 0x2}}, @code={0xa, 0x9c, {"00d8a02ee0d78dd200e0b0f2c10180d2a20080d2430180d2440180d2020000d4200e88d20060b8f2610180d2020180d2c30180d2640080d2020000d400d8215e000028d500c0600d007008d560a497d20000b0f2c10180d2e20180d2630080d2a40080d2020000d4008008d5c01a9dd20060b0f2610080d2e20180d2a30080d2e40180d2020000d4"}}, @eret={0xe6, 0x18, 0x8000000000000001}, @msr={0x14, 0x20, {0x603000000013e663, 0xfff}}, @svc={0x122, 0x40, {0x400, [0x6, 0x1, 0x5, 0x8, 0x9]}}, @uexit={0x0, 0x18, 0x4}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x250}}, @eret={0xe6, 0x18, 0x9f}, @svc={0x122, 0x40, {0xc6000039, [0x0, 0x3, 0xfffffffffffffffb, 0x3, 0xcd17]}}, @irq_setup={0x46, 0x18, {0x0, 0x293}}, @uexit={0x0, 0x18, 0x8}, @smc={0x1e, 0x40, {0x86000000, [0x31, 0x100000001, 0x0, 0xbbb, 0xfffffffffffffff0]}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x1, 0xf, 0x9, 0x5b82eddb, 0x1}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x204}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x170}}, @mrs={0xbe, 0x18, {0x603000000013df48}}], 0x444}, &(0x7f0000000700)=[@featur2], 0x1)
ioctl$KVM_GET_REGS(r9, 0x8360ae81, &(0x7f0000000740)) (async)
ioctl$KVM_GET_REGS(r9, 0x8360ae81, &(0x7f0000000740))
r10 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r8, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r8, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x401c5820, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000000c0)=0x6})
r12 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) (async)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) (async)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r14, 0x4010aeab, &(0x7f00000000c0)=@arm64_sys={0x603000000013e090, 0x0})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r15 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r15, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r15, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r15, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
ioctl$KVM_GET_DIRTY_LOG(r15, 0x4010ae42, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000ffb000/0x3000)=nil})

1h24m33.752915817s ago: executing program 2 (id=671):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x7, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0x5, 0x2, &(0x7f0000000300)=0x1})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000000)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x2, 0x80000, 0x7, 0x0, 0xdc}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

1h24m26.721656894s ago: executing program 3 (id=672):
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfe000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@eret={0xe6, 0x18, 0x1}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x2, 0xc, 0x4, 0x81, 0x1}}], 0x40}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000f2a000/0x4000)=nil, 0x930, 0xf, 0x32, 0xffffffffffffffff, 0x0)

1h24m18.960788013s ago: executing program 2 (id=673):
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000040)=@arm64_extra={0x603000000013c033, 0xffffffffffffffff})
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000bfe000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000b80)={0x0, 0x0}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000000)=@arm64_fw={0x6030000000140000, &(0x7f0000000200)=0x10003})
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29)
openat$kvm(0x0, &(0x7f0000000140), 0x2900, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000040)={0x0, &(0x7f0000000000)=[@msr={0x14, 0x20, {0x603000000013dcf0, 0x3}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000080)=0x7})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000140)="38ce8347fc1e86008cfc72bb312c8659dcc9225b48cb5cb00c73b0b30800000073f7f1f493e89c859e17625ad1b19c73a7fd4ce992bfc316bd22ccc646cd69c72800", 0x0, 0x1f)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="7cfaa2bfd6dd76375aa1bde04fceeb33743b07d73b3e9aac", 0x0, 0xffffffffffffff94)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r13, 0x1, 0x100)
ioctl$KVM_IRQ_LINE(r13, 0x4008ae61, &(0x7f0000000100)={0x1001ffd, 0x1})
r14 = ioctl$KVM_GET_STATS_FD_cpu(r11, 0xaece)
r15 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r14, 0xae04)
mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r15, 0x2, 0x12, r11, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)

1h24m14.822864488s ago: executing program 3 (id=674):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x230000, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x1ff)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000000)=0x400000000})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x42002, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x27)
ioctl$KVM_CREATE_DEVICE(r4, 0xc0189436, &(0x7f0000000040)={0x4})
ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x2, 0x0})

1h24m3.877337388s ago: executing program 3 (id=675):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
r6 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r5, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0xc4180, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_sve_vls={0x606000000015ffff, &(0x7f00000000c0)=0xb8})

1h24m2.581865142s ago: executing program 2 (id=676):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0xeffffffd, 0x801)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x200, 0x4000, 0x4, r2, 0x1})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r2, 0x3})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x51d987bd, 0x0, 0x0, r2, 0xa})
r3 = openat$kvm(0x0, &(0x7f0000000080), 0xa0100, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000000)=@attr_other={0x0, 0x0, 0x100, &(0x7f0000000240)=0x3})

1h23m50.843857209s ago: executing program 2 (id=677):
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x0, 0x3c2a1c3178cda732, 0xffffffffffffffff, 0x0)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013f601, 0x2}}], 0x20}, &(0x7f0000000300)=[@featur2={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7fff}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r11, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8})
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x5})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_init)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r12, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x34)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000180)={0x8, <r14=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r14, 0x4018aee3, &(0x7f0000000140)=@attr_arm64={0x0, 0x1, 0x0, 0x0})

1h23m50.6539139s ago: executing program 3 (id=678):
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x6832, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}], 0x28}, 0x0, 0x0)
r4 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x8, <r5=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x88, &(0x7f0000000000)=0x10})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x9, 0x5, &(0x7f0000000280)=0x100000000})
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000240), 0x111340, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x22)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
r10 = syz_kvm_vgic_v3_setup(r7, 0x1, 0x100)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
close(r10)
close(0x4)
close(0x5)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x4010, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)

1h23m42.186518342s ago: executing program 3 (id=679):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x6786c3, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x100000c, 0x11, r2, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0x801c581f, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000240)=[{0x0, &(0x7f0000000380)=[@its_send_cmd={0xaa, 0x0, {0xe, 0x0, 0x0, 0xc, 0x4, 0x1, 0x3}}, @smc={0x1e, 0x0, {0x84000012, [0x0, 0x1, 0x6, 0x8000, 0x5]}}, @eret={0xe6, 0x0, 0x3}, @irq_setup={0x46, 0x0, {0x2, 0x3b6}}, @msr={0x14, 0x0, {0x45d4, 0x7}}, @hvc={0x32, 0x0, {0x200, [0x9, 0x3, 0x1, 0x1, 0xffa6]}}, @eret={0xe6, 0x0, 0x4}, @memwrite={0x6e, 0x0, @vgic_gicr={0x80c0000, 0x10, 0x1, 0x2}}, @hvc={0x32, 0x0, {0x1000003, [0x1, 0x6, 0x101, 0x7, 0x5]}}, @its_setup={0x82, 0x0, {0x3, 0x4, 0x33b}}, @eret={0xe6, 0x0, 0x5}, @its_setup={0x82, 0x0, {0x1, 0x4, 0xfa}}, @mrs={0xbe, 0x0, {0x326948f813274d21}}, @msr={0x14, 0x0, {0x6030000000138014, 0x3}}, @eret={0xe6, 0x0, 0xfffffffffffffffd}, @memwrite={0x6e, 0x0, @generic={0xeeef0000, 0x8d9, 0xb, 0x8}}, @its_setup={0x82, 0x0, {0x0, 0x1, 0x105}}, @code={0xa, 0x0, {"60479cd20040b0f2610180d2220180d2630080d2e40180d2020000d40000a00d40df81d200a0b8f2610080d2220080d2230080d2240180d2020000d4006587d200c0b8f2c10080d2420180d2830180d2640180d2020000d4206584d20000b0f2010080d2220080d2230080d2e40080d2020000d40050005ea0b28cd20020b0f2210180d2020080d2830080d2240080d2020000d460dd85d20040b0f2610180d2c20180d2430080d2e40080d2020000d40008c09a007008d5"}}, @its_setup={0x82, 0x0, {0x1, 0x1, 0x316}}, @uexit={0x0, 0x0, 0x9}, @mrs={0xbe, 0x0, {0x603000000013def8}}, @mrs={0xbe, 0x0, {0x603000000013c2a8}}, @its_send_cmd={0xaa, 0x0, {0x0, 0x0, 0x2, 0x10, 0x4, 0xf1e9, 0x1}}, @memwrite={0x6e, 0x0, @vgic_gits={0x8080000, 0x100, 0x1}}, @its_setup={0x82, 0x0, {0x0, 0x4, 0x3fe}}]}], 0x0, 0x0, 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
write$eventfd(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_CAP_HALT_POLL(r9, 0x4068aea3, 0xffffffffffffffff)
r10 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000bc5000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000280)={0x100, 0x10, 0x1}})
r14 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000100)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f00000000c0)={0x2, 0x2}})
close(r0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ff5000/0x1000)=nil, 0x1000)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r2, 0x4010aeab, &(0x7f0000000000)={0x6, 0xa000})

1h23m4.333069066s ago: executing program 34 (id=677):
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x0, 0x3c2a1c3178cda732, 0xffffffffffffffff, 0x0)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013f601, 0x2}}], 0x20}, &(0x7f0000000300)=[@featur2={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7fff}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r11, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8})
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x5})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_init)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r12, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x34)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000180)={0x8, <r14=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r14, 0x4018aee3, &(0x7f0000000140)=@attr_arm64={0x0, 0x1, 0x0, 0x0})

1h22m54.960326164s ago: executing program 35 (id=679):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x6786c3, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x100000c, 0x11, r2, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0x801c581f, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000240)=[{0x0, &(0x7f0000000380)=[@its_send_cmd={0xaa, 0x0, {0xe, 0x0, 0x0, 0xc, 0x4, 0x1, 0x3}}, @smc={0x1e, 0x0, {0x84000012, [0x0, 0x1, 0x6, 0x8000, 0x5]}}, @eret={0xe6, 0x0, 0x3}, @irq_setup={0x46, 0x0, {0x2, 0x3b6}}, @msr={0x14, 0x0, {0x45d4, 0x7}}, @hvc={0x32, 0x0, {0x200, [0x9, 0x3, 0x1, 0x1, 0xffa6]}}, @eret={0xe6, 0x0, 0x4}, @memwrite={0x6e, 0x0, @vgic_gicr={0x80c0000, 0x10, 0x1, 0x2}}, @hvc={0x32, 0x0, {0x1000003, [0x1, 0x6, 0x101, 0x7, 0x5]}}, @its_setup={0x82, 0x0, {0x3, 0x4, 0x33b}}, @eret={0xe6, 0x0, 0x5}, @its_setup={0x82, 0x0, {0x1, 0x4, 0xfa}}, @mrs={0xbe, 0x0, {0x326948f813274d21}}, @msr={0x14, 0x0, {0x6030000000138014, 0x3}}, @eret={0xe6, 0x0, 0xfffffffffffffffd}, @memwrite={0x6e, 0x0, @generic={0xeeef0000, 0x8d9, 0xb, 0x8}}, @its_setup={0x82, 0x0, {0x0, 0x1, 0x105}}, @code={0xa, 0x0, {"60479cd20040b0f2610180d2220180d2630080d2e40180d2020000d40000a00d40df81d200a0b8f2610080d2220080d2230080d2240180d2020000d4006587d200c0b8f2c10080d2420180d2830180d2640180d2020000d4206584d20000b0f2010080d2220080d2230080d2e40080d2020000d40050005ea0b28cd20020b0f2210180d2020080d2830080d2240080d2020000d460dd85d20040b0f2610180d2c20180d2430080d2e40080d2020000d40008c09a007008d5"}}, @its_setup={0x82, 0x0, {0x1, 0x1, 0x316}}, @uexit={0x0, 0x0, 0x9}, @mrs={0xbe, 0x0, {0x603000000013def8}}, @mrs={0xbe, 0x0, {0x603000000013c2a8}}, @its_send_cmd={0xaa, 0x0, {0x0, 0x0, 0x2, 0x10, 0x4, 0xf1e9, 0x1}}, @memwrite={0x6e, 0x0, @vgic_gits={0x8080000, 0x100, 0x1}}, @its_setup={0x82, 0x0, {0x0, 0x4, 0x3fe}}]}], 0x0, 0x0, 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
write$eventfd(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_CAP_HALT_POLL(r9, 0x4068aea3, 0xffffffffffffffff)
r10 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000bc5000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000280)={0x100, 0x10, 0x1}})
r14 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000100)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f00000000c0)={0x2, 0x2}})
close(r0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ff5000/0x1000)=nil, 0x1000)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r2, 0x4010aeab, &(0x7f0000000000)={0x6, 0xa000})

1h13m49.514983619s ago: executing program 4 (id=692):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000000)={0x7})
r5 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x0, r5})
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000})
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f00000000c0)={0x8})
ioctl$KVM_SIGNAL_MSI(r4, 0x4020aea5, &(0x7f0000000000)={0x6000})
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4000ae8d, &(0x7f0000000340)={0x5, 0x8})
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x0, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
ioctl$KVM_SET_GSI_ROUTING(r4, 0x4008ae6a, &(0x7f0000000100))

1h13m34.602148759s ago: executing program 4 (id=693):
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r2, 0x400454e2, 0x111c234006)
eventfd2(0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0xd8, 0x8000000, 0x1, r2})
ioctl$KVM_SET_GSI_ROUTING(r6, 0x4008ae6a, 0x0)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000b80)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0xc4000004, [0x40000099a, 0x4, 0x9, 0x89, 0xffffffffffffffff]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x2, 0x2b9}}], 0x18}, 0x0, 0x0)
r11 = syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x5, 0x0, &(0x7f0000000000)=0x8})

1h13m21.67040298s ago: executing program 4 (id=695):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x12900, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x26)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x10)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="f21bc75509bf71c9d70236fc044842dae3ffffffffffffff4c24501958da2e2c18b875c2357c6ed600", 0x0, 0x48)
write$eventfd(0xffffffffffffffff, &(0x7f00000001c0)=0xffffff7f, 0xff25)
ioctl$KVM_CAP_ARM_MTE(r1, 0x4068aea3, &(0x7f0000000200)={0x3e8})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000b7b000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x2a00, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x4000000000016)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1000000000000000)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000ac2000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000000)={0x0, &(0x7f0000000080)=[@mrs={0xbe, 0x18, {0x603000000013808c}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x401]}}], 0x40}, 0x0, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r12, 0x2000003, 0x11, r11, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=[@memwrite={0x6e, 0x0, @generic={0x54000, 0x72f, 0x9cd, 0x2}}, @svc={0x122, 0x0, {0x2, [0x7, 0x7, 0x4, 0xaf1a, 0x8000000000000001]}}, @mrs={0xbe, 0x0, {0x603000000013c032}}, @its_setup={0x82, 0x0, {0x1, 0x3, 0x378}}, @hvc={0x32, 0x0, {0x0, [0x9, 0x9, 0x9, 0x3, 0xfffffffffffffff8]}}, @its_setup={0x82, 0x0, {0x3, 0x2, 0xb1}}, @code={0xa, 0x0, {"e0ab88d20000b0f2a10180d2a20180d2c30080d2840080d2020000d460759bd20080b0f2c10080d2220080d2630080d2a40080d2020000d4008008d500a0800cc0bd9ed20060b8f2810080d2420180d2230180d2640080d2020000d4802895d20060b8f2610080d2a20080d2830180d2840080d2020000d4007008d5008008d50038200e0020c01a"}}, @irq_setup={0x46, 0x0, {0x0, 0x3}}, @hvc={0x32, 0x0, {0x1000, [0x5, 0x7fffffffffffffff, 0x3, 0x1000, 0x4]}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)

1h13m5.086883423s ago: executing program 4 (id=697):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000140)={0x5, 0x8})
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000240)=@arm64_fp_extra={0x60200000001000d5, &(0x7f00000001c0)=0x100000001})
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = eventfd2(0x7, 0x80800)
r5 = eventfd2(0x3, 0x1)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000200)={r4, 0x7fcd, 0x0, r5})
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000040)=@arm64_extra={0x603000000013c033, 0xffffffffffffffff})
r10 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r11, 0x4018aee3, &(0x7f0000000140)=@attr_arm64={0x0, 0x1, 0x0, 0x0})
r12 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x0, 0x7, 0x4010, r2, 0x0)
r13 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000180)={0x8, <r15=>0xffffffffffffffff})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, 0x0})
r16 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_ARM_VCPU_INIT(r16, 0x4020aeae, &(0x7f00000000c0)={0x3, 0xe0})
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f0000000000)="50cb505181325e2153ecd826f7928a7cb63f35f58051177deb83f61e5e49e48a2c0f54a4f8abfbbaefb139f3c4f096d1fe56c683523c584f02e31226a57ae5991af7531512996595", 0x0, 0x48)

1h12m43.97183342s ago: executing program 4 (id=699):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x8ed61, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0x40087602, 0x1) (async)
ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000040)=0x401) (async)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000000)={0xe000, 0x8000000, 0x7, 0x0, 0x6})

1h12m34.674238183s ago: executing program 4 (id=701):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r5 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r4, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000300)="fb4149dd033b8986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67525673312b01040000000000002627e7000000000000000200", 0x0, 0xfffffffffffffe73)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r4, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
r6 = eventfd2(0x0, 0x0)
close(r6)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r7, 0x2000004, 0x2011, r6, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x4, 0x4, 0xc000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bc2000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000440)={0x0, &(0x7f00000000c0)=[@svc={0x122, 0x40, {0xc5000020, [0x6, 0x3, 0x1, 0x711ec83f, 0x8000]}}], 0x40}, &(0x7f0000000480)=[@featur1={0x1, 0x43}], 0x1)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

1h11m46.654867333s ago: executing program 36 (id=701):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r5 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r4, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000300)="fb4149dd033b8986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67525673312b01040000000000002627e7000000000000000200", 0x0, 0xfffffffffffffe73)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r4, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
r6 = eventfd2(0x0, 0x0)
close(r6)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r7, 0x2000004, 0x2011, r6, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x4, 0x4, 0xc000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bc2000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000440)={0x0, &(0x7f00000000c0)=[@svc={0x122, 0x40, {0xc5000020, [0x6, 0x3, 0x1, 0x711ec83f, 0x8000]}}], 0x40}, &(0x7f0000000480)=[@featur1={0x1, 0x43}], 0x1)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

1h6m4.045375511s ago: executing program 5 (id=722):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x200000030)
syz_kvm_setup_cpu$arm64(r1, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1fe, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x25)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x7, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0})
r5 = eventfd2(0x8801, 0x800)
r6 = eventfd2(0x400, 0x1)
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000000)={r6, 0x5, 0x2, r6})
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000140)={r5, 0x5, 0x2, r5})
ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f0000000000))
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000bfd000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000b80)={0x0, &(0x7f00000009c0)=[@hvc={0x32, 0x40, {0xc4000004, [0x400000000000007, 0xfffffffffffffffa, 0x8000000000000000, 0x427f, 0x400003]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000100)=@arm64_extra={0x603000000013c025, &(0x7f00000000c0)=0x6})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

1h5m48.40419023s ago: executing program 5 (id=723):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0x40049409, 0x13)
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r3, 0x0)
mmap$KVM_VCPU(&(0x7f0000e04000/0x2000)=nil, 0x930, 0x1, 0x11, r3, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r5, 0x8, 0x13, r3, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f00000001c0)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4})
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0x6, 0x6c, &(0x7f0000000140)=0x4})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x2, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000080)=0x8000000000000000})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000300)=@attr_other={0x0, 0x4, 0x1, 0x0})
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, r5, 0x1000001, 0x12, r3, 0x0)
r9 = openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)

1h5m32.912278979s ago: executing program 5 (id=724):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x5, 0x0, 0x1000, 0x1000, &(0x7f0000275000/0x1000)=nil})
syz_kvm_setup_cpu$arm64(r1, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000280)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x2710, 0x1, 0x10000, 0x2000, &(0x7f0000000000/0x2000)=nil})
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xc6)

1h5m16.475461747s ago: executing program 5 (id=725):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x301, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x4000, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000ab4000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000000000)={0x200000af, [0x663596a800, 0x5, 0x0]})

1h5m0.952786019s ago: executing program 5 (id=726):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x3, 0x1000, 0x40000000, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1h4m47.39242737s ago: executing program 5 (id=727):
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x8001, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000100)="5af600f6b34e08c180f948c13e2727ba279cacc033d6bd28118e0e1e50390ff2f8a1aa8366bb4c33115d61c97d9387dac1b147ed1b515c14bcb89051301caef704371680ab057973", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0xc2881, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
syz_kvm_vgic_v3_setup(r9, 0x4, 0x200)
r10 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x400]}}], 0x40}, 0x0, 0x0)
r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r13, 0x3, 0x40b2811, r12, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x2e)
ioctl$KVM_REGISTER_COALESCED_MMIO(r15, 0x4010ae67, &(0x7f0000000000)={0xeeee0000, 0x102000, 0x1})
ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x80c01, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0xfffffffffffffffe)

1h3m54.544881094s ago: executing program 37 (id=727):
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x8001, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000100)="5af600f6b34e08c180f948c13e2727ba279cacc033d6bd28118e0e1e50390ff2f8a1aa8366bb4c33115d61c97d9387dac1b147ed1b515c14bcb89051301caef704371680ab057973", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0xc2881, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
syz_kvm_vgic_v3_setup(r9, 0x4, 0x200)
r10 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x400]}}], 0x40}, 0x0, 0x0)
r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r13, 0x3, 0x40b2811, r12, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x2e)
ioctl$KVM_REGISTER_COALESCED_MMIO(r15, 0x4010ae67, &(0x7f0000000000)={0xeeee0000, 0x102000, 0x1})
ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x80c01, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0xfffffffffffffffe)

45m32.242672664s ago: executing program 7 (id=800):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@msr={0x14, 0x20, {0x603000000013e7fc, 0x8000}}], 0x20}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x0, 0x2, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2e)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_vgic_v3_setup(r9, 0x1, 0x100)
ioctl$KVM_GET_DEVICE_ATTR(r10, 0x4018aee2, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x3, 0xffffffffffffffff})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_GUEST_MEMFD(r7, 0xc040aed4, &(0x7f0000000000)={0x10001, 0x6})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

44m56.843553469s ago: executing program 7 (id=803):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x0, <r2=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r2, 0x400454ca, 0x110c230020)

44m48.824140942s ago: executing program 6 (id=804):
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7fff}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8})
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x5})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_init) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_init)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r10 = mmap$KVM_VCPU(&(0x7f0000dd4000/0x3000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
eventfd2(0x5, 0x80000)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x20001, 0x0) (async)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x20001, 0x0)
ioctl$KVM_CREATE_VM(r11, 0x5421, 0x20004000) (async)
ioctl$KVM_CREATE_VM(r11, 0x5421, 0x20004000)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

44m40.86376333s ago: executing program 7 (id=805):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000280)=@arm64_sys={0x603000000013c801, &(0x7f00000000c0)=0x1000001000001})
r9 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r9, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000001c0)="fb0149dd833be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8faa767969d22627e700", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0)
r11 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000000)=@other={0x81, &(0x7f0000000100)=0xfffffffffffffffc})
ioctl$KVM_CREATE_VM(r11, 0x401c5820, 0x20000007)
ioctl$KVM_CAP_HALT_POLL(r2, 0x4068aea3, &(0x7f0000000000)={0xdf, 0x0, 0x10000})
ioctl$KVM_GET_API_VERSION(r3, 0xae00, 0x0)
ioctl$KVM_CAP_HALT_POLL(r2, 0x4068aea3, &(0x7f00000000c0)={0xe1, 0x0, 0x3})
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000140)={0x0, &(0x7f0000000200)=[@smc={0x1e, 0x40, {0x84000053, [0x0, 0x7, 0x2, 0x3, 0x4]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_RUN(r14, 0xae80, 0x0)

44m22.247898571s ago: executing program 6 (id=806):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18})
ioctl$KVM_ARM_VCPU_FINALIZE(r2, 0x4004aec2, &(0x7f00000001c0)=0x4)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x80c01, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2000003, 0x2013, r5, 0x200001fe0000)
close(0x4)
r6 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xffffffffffffffff)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r8, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r8, 0x0)
r10 = eventfd2(0x0, 0x0)
close(r10)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x2e6f32, 0x1f01)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x3000002, 0x13, r10, 0x0)
write$eventfd(r10, &(0x7f0000000180)=0x5, 0xfffffde3)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000340)={0x0, 0x0}, 0x0, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r13, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013df6b, &(0x7f00000001c0)=0x63})
close(0x5)

44m6.639145923s ago: executing program 7 (id=807):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae03, 0xaa)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x35)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
openat$kvm(0x0, &(0x7f0000000080), 0x2a040, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000004000/0x1000)=nil, 0x0, 0x1000001, 0x80010, 0xffffffffffffffff, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000300)="a000963203ef56d871c01e6eb70ed0d74d0300000000000000d5cd28470afa5c2f2fd86c82e085131841b4fd09e8e15de35acb00", 0x0, 0x48)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0x40049409, 0x9)
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
r9 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0xc5000020, [0x0, 0x1, 0x2, 0x3, 0x4]}}], 0x40}, 0x0, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000b80)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0xc4000014, [0x40000099a, 0x5cd, 0x9, 0x86, 0x1]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000a1e000/0x400000)=nil)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r13, 0xae04)

43m55.497203168s ago: executing program 6 (id=808):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
r5 = eventfd2(0x1, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000140)={r5, 0x401, 0x2, r5})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000100)={0x2, 0x8080000, 0x0, r5})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r7, 0x4008ae6a, &(0x7f00000002c0)={0x2, 0x0, [{0x3, 0x1, 0x0, 0x0, @adapter={0x0, 0x6a, 0x8, 0x5, 0x3}}, {0x3, 0x1, 0x0, 0x0, @msi={0x0, 0xf, 0x5, 0xfffffff9}}]})

43m38.53932697s ago: executing program 7 (id=809):
r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb4149dd033b94a6ab8031d1dfd92f00000000010000005a9610fbff67525673312b01040000000000002627e7000000000000000200", 0x0, 0xffffffffffffff4b)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x171643, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x21)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
r7 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r6, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x5b7882, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r2, 0x0)
munmap(&(0x7f0000d18000/0x4000)=nil, 0x4000)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
r8 = eventfd2(0x0, 0x0)
close(r8)
r9 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x400)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f00000001c0)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x3, 0x1, &(0x7f0000000000)=0xffffffffffff8000})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x800000110, &(0x7f0000000080)=0x8000000000000000})
r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r16 = syz_kvm_vgic_v3_setup(r13, 0x1, 0x180)
ioctl$KVM_RUN(r15, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x5, 0x100000000000000, 0x0})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

43m30.537923278s ago: executing program 6 (id=810):
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)

43m18.202677282s ago: executing program 7 (id=811):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000a21000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x4, 0xfffffffc, 0x4, 0x7d}}], 0x28}, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x16831, 0xffffffffffffffff, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_SET_MP_STATE(r6, 0x4004ae99, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

43m16.816192937s ago: executing program 6 (id=812):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@smc={0x1e, 0x0, {0x84000053, [0x1000009, 0x8000000000000001, 0xffffffffffffffff, 0x400, 0xfffffffffffff801]}}], 0xc7}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_ARM_PREFERRED_TARGET(r3, 0x8020aeaf, &(0x7f0000000040))

42m56.633547676s ago: executing program 6 (id=813):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2b)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r3, 0x4068aea3, &(0x7f0000000180)={0xdf, 0x0, 0x4000})
ioctl$KVM_CREATE_DEVICE(r3, 0xc018aec0, &(0x7f00000000c0)={0x1})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r5 = mmap$KVM_VCPU(&(0x7f0000d5b000/0x1000)=nil, 0x930, 0x280000b, 0x11, r4, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x2e)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r10, r11, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f00000003c0)=[@featur2={0x1, 0x17}], 0x1)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042})
r12 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000200)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0xefa7181e5354053c}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000140)=@attr_pmu_init)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
r14 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000380)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000340)={0x0, 0x2a5, 0x1}})
mmap$KVM_VCPU(&(0x7f0000fe9000/0x14000)=nil, r6, 0x0, 0x11, r4, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
eventfd2(0x0, 0x0)

42m30.03814037s ago: executing program 38 (id=811):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000a21000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x4, 0xfffffffc, 0x4, 0x7d}}], 0x28}, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x16831, 0xffffffffffffffff, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_SET_MP_STATE(r6, 0x4004ae99, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

42m3.852103792s ago: executing program 39 (id=813):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2b)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r3, 0x4068aea3, &(0x7f0000000180)={0xdf, 0x0, 0x4000})
ioctl$KVM_CREATE_DEVICE(r3, 0xc018aec0, &(0x7f00000000c0)={0x1})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r5 = mmap$KVM_VCPU(&(0x7f0000d5b000/0x1000)=nil, 0x930, 0x280000b, 0x11, r4, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x2e)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r10, r11, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f00000003c0)=[@featur2={0x1, 0x17}], 0x1)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042})
r12 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000200)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0xefa7181e5354053c}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000140)=@attr_pmu_init)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
r14 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000380)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000340)={0x0, 0x2a5, 0x1}})
mmap$KVM_VCPU(&(0x7f0000fe9000/0x14000)=nil, r6, 0x0, 0x11, r4, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
eventfd2(0x0, 0x0)

30m36.215395552s ago: executing program 9 (id=824):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000040)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x4, 0x10000, 0x4, 0x19, 0x2}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

30m16.027940809s ago: executing program 9 (id=825):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000280), 0x26e081, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f0000000100)=@riscv64_v={0x8030000009000001, &(0x7f00000000c0)=0x100000001})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x23)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r6=>0xffffffffffffffff, 0x1})
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r3, 0x4068aea3, 0x0)
r8 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x1800002, 0x11, r7, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000200)="f3211813013c36000000005e2a8398f89643cbd9ae00000001908b9463d139887a01955edef90000000000ffff00000000000000000000db02000000000000007ab100000000ffe3", 0x0, 0xfffffffffffffdd9)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r1, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x40305839, &(0x7f0000000040)=@attr_arm64={0x0, 0x7, 0x3, &(0x7f0000000180)=0xd16f})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x169300, 0x0)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r10 = syz_kvm_vgic_v3_setup(r9, 0xfffffffffffffffe, 0x740)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x684801, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
eventfd2(0x8, 0x80000)
close(r10)
close(0x5)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x1000009, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_KVMCLOCK_CTRL(r12, 0xaead)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x0, 0x300000e, 0x80010, 0xffffffffffffffff, 0x0)

29m49.489075287s ago: executing program 9 (id=827):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3c) (async)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000180)=[@hvc={0x32, 0x40, {0x84000052, [0x6, 0x1, 0x0, 0x0, 0xffffffffffffc000]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

29m29.404397333s ago: executing program 9 (id=829):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xfffffffffffffffc)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x77)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000140)={0x8, 0x41000, 0x8, 0xffffffffffffffff, 0x6})
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000160002, &(0x7f00000000c0)=0x8})
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r8, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x1000000)
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x88, &(0x7f0000000000)=0x10})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x10201, 0x1, 0x1000, 0x2000, &(0x7f0000dab000/0x2000)=nil})
r12 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bc2000/0x400000)=nil)
r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x4000)=nil, r13, 0x2000009, 0x30, r6, 0x0)
r14 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r14, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

29m2.161924991s ago: executing program 9 (id=831):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r4, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000ebf000/0x1000)=nil, r4, 0xa, 0x1c013, r7, 0x0)
r8 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000100)="6bb92496bc0b24e06d98066d7698bea5288b6db3b7cd411a516a168b1a43ad5ec7b7514930a31370bf145a502240f02c45b81f645c7de3820d3189786d3052d109221ef54ddb5448", 0x0, 0x48)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x88000, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x27)
syz_kvm_vgic_v3_setup(r10, 0x2, 0x40)
r11 = eventfd2(0x3, 0x801)
ioctl$KVM_IRQFD(r10, 0x4020ae76, &(0x7f0000000040)={r11, 0xa, 0x0, r11})
r12 = eventfd2(0x1, 0x0)
r13 = eventfd2(0x2, 0x80000)
ioctl$KVM_IRQFD(r10, 0x4020ae76, &(0x7f0000000000)={r12, 0x200, 0x2, r13})
close(r10)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)

28m29.81329304s ago: executing program 9 (id=833):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$arm64(r1, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f00000000c0)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000080)=@arm64_core={0x603000000010004a, &(0x7f0000000100)=0x7ffffff9})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, <r8=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x8, 0xb, 0x0, 0x2, 0x6, 0x6, 0x6, 0x48, 0x88, 0xf5, 0x9, 0x0, 0x9, 0x6, 0xa, 0x3, 0x8, 0x0, '\x00', 0x10, 0x6})
write$eventfd(r8, &(0x7f00000001c0)=0xff0, 0xe)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000000)={0x2, 0x4, 0xd000, 0x1000, &(0x7f0000fff000/0x1000)=nil})
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000007, 0x4f833, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000040)={0x1fd, 0x2, 0xffffffff, 0x1000, &(0x7f0000ffd000/0x1000)=nil})

27m40.934434342s ago: executing program 40 (id=833):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$arm64(r1, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f00000000c0)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000080)=@arm64_core={0x603000000010004a, &(0x7f0000000100)=0x7ffffff9})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, <r8=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x8, 0xb, 0x0, 0x2, 0x6, 0x6, 0x6, 0x48, 0x88, 0xf5, 0x9, 0x0, 0x9, 0x6, 0xa, 0x3, 0x8, 0x0, '\x00', 0x10, 0x6})
write$eventfd(r8, &(0x7f00000001c0)=0xff0, 0xe)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000000)={0x2, 0x4, 0xd000, 0x1000, &(0x7f0000fff000/0x1000)=nil})
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000007, 0x4f833, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000040)={0x1fd, 0x2, 0xffffffff, 0x1000, &(0x7f0000ffd000/0x1000)=nil})

23m41.234510056s ago: executing program 8 (id=846):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2a)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000012000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, &(0x7f0000000300)=[@code={0xa, 0x9c, {"0040204e000028d5007008d5c06199d200a0b8f2e10080d2620080d2230180d2040180d2020000d4000028d5008008d500a788d200e0b0f2210180d2220180d2230180d2e40080d2020000d400698ad200e0b8f2e10080d2c20080d2a30080d2e40080d2020000d4602084d20040b0f2410180d2420180d2030080d2240180d2020000d40040200d"}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff0, 0x7, 0x4}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x2d4}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xf00, 0xffffffff, 0x4}}, @memwrite={0x6e, 0x30, @generic={0x40000, 0xa55, 0x2, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013e298}}, @irq_setup={0x46, 0x18, {0x3, 0x116}}, @smc={0x1e, 0x40, {0x84000053, [0x4, 0x5, 0x9, 0xbc, 0x5]}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x4, 0x5, 0x5, 0xfa3}}, @mrs={0xbe, 0x18, {0x603000000013e081}}, @smc={0x1e, 0x40, {0x4000000, [0x2, 0x9, 0x2, 0x6, 0x40]}}, @uexit={0x0, 0x18, 0x1}, @mrs={0xbe, 0x18, {0x603000000013c524}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x148, 0xe109}}, @svc={0x122, 0x40, {0x32000000, [0x5, 0xfffffffffffffe00, 0x3868, 0x9, 0x9]}}, @irq_setup={0x46, 0x18, {0x1, 0x5f}}, @hvc={0x32, 0x40, {0x3f000000, [0x6, 0xd, 0x1, 0x80000001, 0x7]}}, @msr={0x14, 0x20, {0x603000000013de98, 0x3c}}, @smc={0x1e, 0x40, {0xc4000001, [0x0, 0xef, 0x7, 0x9, 0xc]}}, @code={0xa, 0xb4, {"000000b1e00b8fd200a0b8f2610080d2220080d2c30180d2a40180d2020000d40020004f60e489d200e0b8f2410080d2220080d2c30080d2a40080d2020000d460128dd200e0b0f2210180d2420080d2c30180d2040180d2020000d4a05999d20020b0f2c10080d2a20180d2a30180d2040180d2020000d4007008d580579cd20020b8f2610080d2e20180d2e30080d2c40080d2020000d4007008d5000480da"}}, @smc={0x1e, 0x40, {0x86000000, [0x7, 0xbbe8, 0x3ff, 0x491b4ef2, 0xa20]}}, @irq_setup={0x46, 0x18, {0x2, 0x4b}}, @uexit={0x0, 0x18, 0x3}, @irq_setup={0x46, 0x18, {0x2, 0x3b2}}, @uexit={0x0, 0x18, 0x4}, @uexit={0x0, 0x18, 0xfffffffffffffa3c}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x25e}}, @msr={0x14, 0x20, {0x603000000013df70, 0x6}}, @mrs={0xbe, 0x18, {0xb268a055d468158c}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x4, 0x5, 0x53e0, 0xffffff00, 0x4}}], 0x590}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

23m24.012234163s ago: executing program 8 (id=847):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3)
r1 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae03, 0xaa)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x80400, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2b)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000240)={0x1, 0xe000, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000100)={0x0, 0x1000, 0x1})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r3, 0x4010ae68, &(0x7f0000001480)={0xfffffffffffffdfd, 0x13000, 0x1})
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_RESET_DIRTY_RINGS(r5, 0xaec7)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000140)=@arm64_fw={0x6030000000140001, &(0x7f00000000c0)=0x1ff})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000a1e000/0x400000)=nil)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)
r10 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r9, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000240)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r11, 0xae03, 0x46)
r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000bff000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION2(r12, 0x40a0ae49, &(0x7f0000000040)={0x4, 0x4, 0x6000, 0x2000, &(0x7f0000ffc000/0x2000)=nil})

22m56.734486192s ago: executing program 8 (id=848):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r4, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0xfffffffffffffffc)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, <r9=>0xffffffffffffffff, 0x1})
r10 = ioctl$KVM_CREATE_VM(r9, 0x894c, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r13, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1}) (async)
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f00000001c0)=@arm64_sys={0x6030000000138064, &(0x7f00000000c0)=0x8000})
ioctl$KVM_CREATE_VCPU(r10, 0xb702, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000080), 0x141001, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000100))
r14 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil) (async)
r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000080)={0x0, &(0x7f0000000000)=[@svc={0x122, 0x40, {0x84000053, [0xbbd, 0xfffffffffffff4aa, 0x4, 0xffffffffbc9c7cbd, 0x1]}}], 0x40}, 0x0, 0x0) (async)
syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000100)={0x0, &(0x7f00000001c0)=[@irq_setup={0x5, 0x18}], 0x18}, 0x0, 0x0) (async)
r17 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000100)={0x0, &(0x7f00000001c0)=[@irq_setup={0x5, 0x18}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r14, 0x2, 0x100) (async)
syz_kvm_vgic_v3_setup(r14, 0x2, 0x100) (async)
ioctl$KVM_RUN(r17, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r16, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r16, 0xae80, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0)

22m37.074646766s ago: executing program 8 (id=849):
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2000008, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0)

22m18.264194098s ago: executing program 8 (id=850):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x28081, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}, @msr={0x14, 0x20, {0x603000000013dce0, 0x7ffe}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_add_vcpu$arm64(r4, &(0x7f00000001c0)={0x0, &(0x7f00000003c0)=[@hvc={0x32, 0x40, {0x8400000c, [0x9, 0x8, 0xcc, 0x800]}}, @code={0xa, 0x84, {"008008d5007008d5007008d5e09e97d200c0b8f2610180d2220080d2e30080d2a40080d2020000d40004002f00b8207e000000f1800590d20060b0f2a10180d2c20180d2c30180d2e40180d2020000d4007008d5c09588d20080b0f2210080d2e20080d2030180d2c40080d2020000d4"}}, @mrs={0xbe, 0x18, {0x603000000013da16}}, @mrs={0xbe, 0x18, {0x603000000013e640}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x0, 0x0, 0x7ff, 0x2, 0x3}}, @irq_setup={0x46, 0x18, {0x1, 0x3d4}}, @code={0xa, 0x9c, {"801392d20020b0f2a10180d2020080d2230080d2240180d2020000d40000261e801882d200c0b8f2410080d2a20180d2e30080d2c40180d2020000d4a07590d20020b0f2e10080d2620180d2a30180d2c40080d2020000d4001c600e007008d5a0c999d200c0b0f2e10180d2420080d2c30180d2040180d2020000d41f0000b1000008d5000028d5"}}], 0x1d0}, &(0x7f0000000200)=[@featur1={0x1, 0x80}], 0x1)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x80000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r10 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000340)={0x0, 0x8000000, 0x4, r10, 0x1})
syz_kvm_vgic_v3_setup(r7, 0x2000000000001, 0x60)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x6832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x161642, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, 0x0)
mmap$KVM_VCPU(&(0x7f0000c0c000/0x2000)=nil, 0x930, 0x0, 0x80031, 0xffffffffffffffff, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)

21m55.662913928s ago: executing program 8 (id=851):
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r0 = eventfd2(0x0, 0x0)
r1 = mmap$KVM_VCPU(&(0x7f0000004000/0x4000)=nil, 0x930, 0x0, 0x11, r0, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000b80)={0x0, &(0x7f0000000080)=[@hvc={0x32, 0x40, {0x84000009, [0x9, 0x8, 0x2, 0x603c8354, 0x200]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
r5 = openat$kvm(0x0, &(0x7f0000000180), 0x200, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x2e)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x2e)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000200)=@arm64_core={0x6030000000100042, &(0x7f0000000240)=0x2})
r10 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r6, r10, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f00000003c0)=[@featur2={0x1, 0x17}], 0x1)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(r1, 0x20, &(0x7f0000000000)="37d348010000000000040000000200", 0x0, 0x18)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x27)
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x11})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80002, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x26)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000a76000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r14, 0x8040ae9f, &(0x7f00000001c0)=@arm64)
ioctl$KVM_SET_VCPU_EVENTS(r10, 0x4040aea0, &(0x7f0000000080)=@arm64={0xe6, 0x7, 0x8, '\x00', 0xff})
ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x2, 0x80)

21m1.969475649s ago: executing program 41 (id=851):
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r0 = eventfd2(0x0, 0x0)
r1 = mmap$KVM_VCPU(&(0x7f0000004000/0x4000)=nil, 0x930, 0x0, 0x11, r0, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000b80)={0x0, &(0x7f0000000080)=[@hvc={0x32, 0x40, {0x84000009, [0x9, 0x8, 0x2, 0x603c8354, 0x200]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
r5 = openat$kvm(0x0, &(0x7f0000000180), 0x200, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x2e)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x2e)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000200)=@arm64_core={0x6030000000100042, &(0x7f0000000240)=0x2})
r10 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r6, r10, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f00000003c0)=[@featur2={0x1, 0x17}], 0x1)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(r1, 0x20, &(0x7f0000000000)="37d348010000000000040000000200", 0x0, 0x18)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x27)
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x11})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80002, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x26)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000a76000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r14, 0x8040ae9f, &(0x7f00000001c0)=@arm64)
ioctl$KVM_SET_VCPU_EVENTS(r10, 0x4040aea0, &(0x7f0000000080)=@arm64={0xe6, 0x7, 0x8, '\x00', 0xff})
ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x2, 0x80)

2m47.631960588s ago: executing program 0 (id=866):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000280)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x3d9}}, @eret={0xe6, 0x18, 0x1}, @mrs={0xbe, 0x18, {0x603000000013f194}}, @smc={0x1e, 0x40, {0x4, [0x6, 0x0, 0xfc, 0x4, 0xfff]}}, @code={0xa, 0x84, {"e0519bd200c0b8f2a10080d2c20180d2830080d2840180d2020000d4000040f9007008d5008008d5204996d200e0b8f2c10080d2e20180d2a30180d2040080d2020000d4007008d500000098000008d5a03886d200c0b0f2a10180d2820180d2830080d2a40080d2020000d4000000f2"}}, @hvc={0x32, 0x40, {0x84000013, [0x9, 0x1, 0x4f3, 0xffffffff00000001, 0x6]}}, @hvc={0x32, 0x40, {0xc4000012, [0x81, 0x3, 0x2, 0x5, 0xe1]}}, @memwrite={0x6e, 0x30, @generic={0x153000, 0xf46, 0x9, 0x3}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x20020, 0x9, 0xa}}, @uexit={0x0, 0x18, 0x1}, @irq_setup={0x46, 0x18, {0x0, 0x37c}}, @irq_setup={0x46, 0x18, {0x1, 0x29c}}, @mrs={0xbe, 0x18, {0x603000000013c685}}, @svc={0x122, 0x40, {0x84000051, [0x7, 0x7fffffffffffffff, 0x0, 0x5, 0x800]}}, @mrs={0xbe, 0x18, {0x603000000013df4d}}, @eret={0xe6, 0x18, 0x1}, @msr={0x14, 0x20, {0x603000000013e180, 0x3}}, @uexit={0x0, 0x18, 0xfffffffffffffffa}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xc, 0x400, 0x9}}, @msr={0x14, 0x20, {0x603000000013e18d, 0xb66e}}, @its_setup={0x82, 0x28, {0x4, 0x3, 0x3fd}}, @irq_setup={0x46, 0x18, {0x0, 0x2ff}}, @svc={0x122, 0x40, {0xc4000011, [0x1, 0xdb, 0x2, 0x2]}}, @msr={0x14, 0x20, {0x603000000013deb4, 0x6}}, @code={0xa, 0x9c, {"007008d500000091c04f96d20040b0f2010080d2020180d2a30180d2e40180d2020000d4a0509fd20040b0f2610180d2420180d2430180d2840080d2020000d400a4ff0dc0098dd20040b8f2810180d2620180d2830180d2c40080d2020000d40000021e000040f8605786d20040b0f2810180d2620180d2830080d2840180d2020000d4007008d5"}}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x190}}, @code={0xa, 0xb4, {"000000530010c0da803b90d20060b0f2610080d2220180d2630080d2c40180d2020000d400000053a05c98d200c0b0f2810080d2a20080d2630080d2040180d2020000d41f4000d5c0708dd200e0b8f2a10180d2020180d2630080d2640180d2020000d4009e82d200a0b0f2010080d2a20180d2830080d2040180d2020000d4c0be90d20000b0f2610080d2420180d2430180d2040180d2020000d400d8217e"}}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x9a}}], 0x594}, &(0x7f0000000040)=[@featur2={0x1, 0x20}], 0x1)
mmap$KVM_VCPU(&(0x7f0000ea3000/0x2000)=nil, r1, 0x1, 0x8010, r2, 0x0) (async)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async, rerun: 32)
r6 = syz_kvm_vgic_v3_setup(r3, 0x4, 0x220) (rerun: 32)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(r6, 0x4018aee3, &(0x7f0000000240)=@attr_other={0x0, 0x6, 0x0, 0x0})

2m30.813283991s ago: executing program 0 (id=867):
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r2, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x0, 0x23ac5f9b426e84b2, 0xffffffffffffffff, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x20)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, r6, 0x1, 0x2012, r5, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0)

2m11.420338674s ago: executing program 0 (id=868):
munmap(&(0x7f0000481000/0x1000)=nil, 0x1000) (async)
munmap(&(0x7f0000136000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000ccb000/0x2000)=nil, 0x2000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xc0045878, 0x20000000) (async)
munmap(&(0x7f0000fff000/0x1000)=nil, 0x1000) (async, rerun: 64)
munmap(&(0x7f00009f4000/0x1000)=nil, 0x1000) (async, rerun: 64)
munmap(&(0x7f0000e4c000/0x4000)=nil, 0x4000)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000bff000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x20000000}) (async)
munmap(&(0x7f0000967000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ff3000/0x3000)=nil, 0x3000) (async)
munmap(&(0x7f00007f5000/0xe000)=nil, 0xe000)
munmap(&(0x7f0000d04000/0x1000)=nil, 0x1000) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x25)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
syz_kvm_setup_cpu$arm64(r6, r8, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
munmap(&(0x7f0000270000/0x1000)=nil, 0x1000)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x8800, 0x0)
ioctl$KVM_CHECK_EXTENSION(r9, 0xae03, 0xf0)
munmap(&(0x7f00007fd000/0x800000)=nil, 0x800000)

1m48.666903807s ago: executing program 0 (id=869):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013c00b}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x900, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000100)={0x0, &(0x7f0000000680)=[@its_setup={0x82, 0x28, {0x3, 0x0, 0x16f}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x2, 0x8, 0x8, 0x100}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r9, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8, <r12=>0xffffffffffffffff})
r13 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
syz_kvm_add_vcpu$arm64(r15, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x0, 0x0, 0x10000, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x2, 0x100)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r5, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)

1m19.182188078s ago: executing program 0 (id=870):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3b)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c000})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000100)={0x7, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0})
r6 = eventfd2(0x8801, 0x800)
r7 = eventfd2(0x3ff, 0x0)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000000)={r7, 0x5, 0x2, r7})
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000080)={r6, 0x1, 0x2, r7})
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000140)={r7, 0x5, 0x1, r6})

1m2.770086298s ago: executing program 1 (id=852):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000080)={0x7, 0xfffffffffffffffb, 0x2, 0xffffffffffffffff, 0x8a4fa382f1515d0b})
ioctl$KVM_CAP_ARM_USER_IRQ(r4, 0x4068aea3, &(0x7f0000000000))
r5 = eventfd2(0xfffffffa, 0x80001)
write$eventfd(r5, &(0x7f0000000200)=0x8, 0x8)
r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138084, 0x8000}}, @msr={0x14, 0x20, {0x603000000013809c, 0x8000}}, @msr={0x14, 0x20, {0x603000000013c081, 0x8000}}], 0x60}, 0x0, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r7, 0x4068aea3, &(0x7f0000000240))
ioctl$KVM_RUN(r6, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000080)={0x7, 0xfffffffffffffffb, 0x2, 0xffffffffffffffff, 0x8a4fa382f1515d0b}) (async)
ioctl$KVM_CAP_ARM_USER_IRQ(r4, 0x4068aea3, &(0x7f0000000000)) (async)
eventfd2(0xfffffffa, 0x80001) (async)
write$eventfd(r5, &(0x7f0000000200)=0x8, 0x8) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138084, 0x8000}}, @msr={0x14, 0x20, {0x603000000013809c, 0x8000}}, @msr={0x14, 0x20, {0x603000000013c081, 0x8000}}], 0x60}, 0x0, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) (async)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r7, 0x4068aea3, &(0x7f0000000240)) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)

50.643227771s ago: executing program 0 (id=871):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2c)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async)
r3 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000000)={0x0, &(0x7f0000000540)=[@memwrite={0x6e, 0x30, @generic={0x8000000, 0x100000004ab, 0x6, 0x1}}], 0xfffffefc}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000a7e000/0x400000)=nil)

14.422793223s ago: executing program 42 (id=852):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000080)={0x7, 0xfffffffffffffffb, 0x2, 0xffffffffffffffff, 0x8a4fa382f1515d0b})
ioctl$KVM_CAP_ARM_USER_IRQ(r4, 0x4068aea3, &(0x7f0000000000))
r5 = eventfd2(0xfffffffa, 0x80001)
write$eventfd(r5, &(0x7f0000000200)=0x8, 0x8)
r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138084, 0x8000}}, @msr={0x14, 0x20, {0x603000000013809c, 0x8000}}, @msr={0x14, 0x20, {0x603000000013c081, 0x8000}}], 0x60}, 0x0, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r7, 0x4068aea3, &(0x7f0000000240))
ioctl$KVM_RUN(r6, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000080)={0x7, 0xfffffffffffffffb, 0x2, 0xffffffffffffffff, 0x8a4fa382f1515d0b}) (async)
ioctl$KVM_CAP_ARM_USER_IRQ(r4, 0x4068aea3, &(0x7f0000000000)) (async)
eventfd2(0xfffffffa, 0x80001) (async)
write$eventfd(r5, &(0x7f0000000200)=0x8, 0x8) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138084, 0x8000}}, @msr={0x14, 0x20, {0x603000000013809c, 0x8000}}, @msr={0x14, 0x20, {0x603000000013c081, 0x8000}}], 0x60}, 0x0, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) (async)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r7, 0x4068aea3, &(0x7f0000000240)) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)

0s ago: executing program 43 (id=871):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2c)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async)
r3 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000000)={0x0, &(0x7f0000000540)=[@memwrite={0x6e, 0x30, @generic={0x8000000, 0x100000004ab, 0x6, 0x1}}], 0xfffffefc}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000a7e000/0x400000)=nil)

kernel console output (not intermixed with test programs):

[  394.877022][ T3169] 8021q: adding VLAN 0 to HW filter on device bond0
[  429.320070][ T3169] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:58011' (ED25519) to the list of known hosts.
[  614.042792][   T24] audit: type=1400 audit(613.240:61): avc:  denied  { name_bind } for  pid=3326 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  615.865941][   T24] audit: type=1400 audit(615.090:62): avc:  denied  { execute } for  pid=3327 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  615.897131][   T24] audit: type=1400 audit(615.100:63): avc:  denied  { execute_no_trans } for  pid=3327 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  644.196675][   T24] audit: type=1400 audit(643.420:64): avc:  denied  { mounton } for  pid=3327 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  644.231199][   T24] audit: type=1400 audit(643.450:65): avc:  denied  { mount } for  pid=3327 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  644.318294][ T3327] cgroup: Unknown subsys name 'net'
[  644.379778][   T24] audit: type=1400 audit(643.600:66): avc:  denied  { unmount } for  pid=3327 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  644.787402][ T3327] cgroup: Unknown subsys name 'cpuset'
[  644.908520][ T3327] cgroup: Unknown subsys name 'rlimit'
[  645.786137][   T24] audit: type=1400 audit(645.010:67): avc:  denied  { setattr } for  pid=3327 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  645.808634][   T24] audit: type=1400 audit(645.020:68): avc:  denied  { mounton } for  pid=3327 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  645.834087][   T24] audit: type=1400 audit(645.050:69): avc:  denied  { mount } for  pid=3327 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  646.909284][ T3331] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  646.929696][   T24] audit: type=1400 audit(646.150:70): avc:  denied  { relabelto } for  pid=3331 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  646.950462][   T24] audit: type=1400 audit(646.170:71): avc:  denied  { write } for  pid=3331 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  647.138973][   T24] audit: type=1400 audit(646.360:72): avc:  denied  { read } for  pid=3327 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  647.161251][   T24] audit: type=1400 audit(646.370:73): avc:  denied  { open } for  pid=3327 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  647.206080][ T3327] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  704.726911][   T24] audit: type=1400 audit(703.950:74): avc:  denied  { execmem } for  pid=3332 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  708.611460][   T24] audit: type=1400 audit(707.830:75): avc:  denied  { open } for  pid=3334 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  708.635810][   T24] audit: type=1400 audit(707.850:76): avc:  denied  { read } for  pid=3335 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  708.694137][   T24] audit: type=1400 audit(707.910:77): avc:  denied  { mounton } for  pid=3335 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  708.931452][   T24] audit: type=1400 audit(708.150:78): avc:  denied  { module_request } for  pid=3334 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  709.940349][   T24] audit: type=1400 audit(709.150:79): avc:  denied  { sys_module } for  pid=3335 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  732.635523][ T3335] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  732.759814][ T3335] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  734.368746][ T3334] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  734.546964][ T3334] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  745.714808][ T3335] hsr_slave_0: entered promiscuous mode
[  745.770215][ T3335] hsr_slave_1: entered promiscuous mode
[  747.706801][ T3334] hsr_slave_0: entered promiscuous mode
[  747.728939][ T3334] hsr_slave_1: entered promiscuous mode
[  747.748223][ T3334] debugfs: 'hsr0' already exists in 'hsr'
[  747.757146][ T3334] Cannot create hsr debugfs directory
[  753.356363][   T24] audit: type=1400 audit(752.570:80): avc:  denied  { create } for  pid=3335 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  753.375367][   T24] audit: type=1400 audit(752.590:81): avc:  denied  { write } for  pid=3335 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  753.439795][   T24] audit: type=1400 audit(752.660:82): avc:  denied  { read } for  pid=3335 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  753.603970][ T3335] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  754.075450][ T3335] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  754.328869][ T3335] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  754.710982][ T3335] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  756.515304][ T3334] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  756.770762][ T3334] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  757.105055][ T3334] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  757.403731][ T3334] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  773.698316][ T3335] 8021q: adding VLAN 0 to HW filter on device bond0
[  777.260613][ T3334] 8021q: adding VLAN 0 to HW filter on device bond0
[  833.968317][ T3335] veth0_vlan: entered promiscuous mode
[  834.669558][ T3335] veth1_vlan: entered promiscuous mode
[  837.239371][ T3335] veth0_macvtap: entered promiscuous mode
[  837.985988][ T3335] veth1_macvtap: entered promiscuous mode
[  839.153599][ T3334] veth0_vlan: entered promiscuous mode
[  840.060528][ T3334] veth1_vlan: entered promiscuous mode
[  841.427327][ T3385] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  841.459668][ T3385] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  841.484089][ T3385] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  841.565875][ T3386] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  843.290937][ T3334] veth0_macvtap: entered promiscuous mode
[  843.910931][ T3334] veth1_macvtap: entered promiscuous mode
[  843.979805][   T24] audit: type=1400 audit(843.200:83): avc:  denied  { mount } for  pid=3335 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  844.178378][   T24] audit: type=1400 audit(843.350:84): avc:  denied  { mounton } for  pid=3335 comm="syz-executor" path="/syzkaller.UXzogc/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  844.493141][   T24] audit: type=1400 audit(843.700:85): avc:  denied  { mount } for  pid=3335 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  844.886799][   T24] audit: type=1400 audit(844.110:86): avc:  denied  { mounton } for  pid=3335 comm="syz-executor" path="/syzkaller.UXzogc/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  845.024812][   T24] audit: type=1400 audit(844.240:87): avc:  denied  { mounton } for  pid=3335 comm="syz-executor" path="/syzkaller.UXzogc/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3726 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  845.588861][   T24] audit: type=1400 audit(844.810:88): avc:  denied  { unmount } for  pid=3335 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  845.833687][   T24] audit: type=1400 audit(845.050:89): avc:  denied  { mounton } for  pid=3335 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  845.943220][   T24] audit: type=1400 audit(845.150:90): avc:  denied  { mount } for  pid=3335 comm="syz-executor" name="/" dev="gadgetfs" ino=3734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  846.190689][   T31] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  846.346119][   T31] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  846.347315][   T31] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  846.358333][   T31] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  846.427251][   T24] audit: type=1400 audit(845.650:91): avc:  denied  { mount } for  pid=3335 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  846.533614][   T24] audit: type=1400 audit(845.750:92): avc:  denied  { mounton } for  pid=3335 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  848.266150][ T3335] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  849.410406][   T24] kauditd_printk_skb: 1 callbacks suppressed
[  849.435251][   T24] audit: type=1400 audit(848.570:94): avc:  denied  { read write } for  pid=3335 comm="syz-executor" name="loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  849.483703][   T24] audit: type=1400 audit(848.650:95): avc:  denied  { open } for  pid=3335 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  849.533405][   T24] audit: type=1400 audit(848.730:96): avc:  denied  { ioctl } for  pid=3335 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  859.363550][   T24] audit: type=1400 audit(858.570:97): avc:  denied  { read } for  pid=3490 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  859.397735][   T24] audit: type=1400 audit(858.620:98): avc:  denied  { open } for  pid=3490 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  859.767919][   T24] audit: type=1400 audit(858.990:99): avc:  denied  { ioctl } for  pid=3490 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae03 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  868.683209][   T24] audit: type=1400 audit(867.900:100): avc:  denied  { setattr } for  pid=3499 comm="syz.0.3" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  887.704699][   T24] audit: type=1400 audit(886.910:101): avc:  denied  { write } for  pid=3510 comm="syz.1.6" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  888.475047][   T24] audit: type=1400 audit(887.690:102): avc:  denied  { append } for  pid=3513 comm="syz.0.7" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  890.665106][   T24] audit: type=1400 audit(889.880:103): avc:  denied  { execute } for  pid=3513 comm="syz.0.7" path=2F332F10FBFF67525673312B0104 dev="tmpfs" ino=33 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  910.987020][   T24] audit: type=1400 audit(910.170:104): avc:  denied  { create } for  pid=3524 comm="syz.0.10" anonclass=[kvm-gmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  912.300145][   T24] audit: type=1400 audit(911.460:105): avc:  denied  { execute } for  pid=3523 comm="syz.1.9" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4337 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  935.490482][   T24] audit: type=1400 audit(934.700:106): avc:  denied  { ioctl } for  pid=3532 comm="syz.0.12" path="net:[4026532629]" dev="nsfs" ino=4026532629 ioctlcmd=0xb70d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1154.879553][   T24] audit: type=1400 audit(1154.100:107): avc:  denied  { map } for  pid=3644 comm="syz.1.50" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=6572 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1154.973834][   T24] audit: type=1400 audit(1154.150:108): avc:  denied  { read } for  pid=3644 comm="syz.1.50" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=6572 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1590.083943][ T3891] kvm [3891]: Failed to find VMA for hva 0x20c01000
[ 1601.515698][ T3900] kvm [3900]: Failed to find VMA for hva 0x20c01000
[ 1755.946754][   T24] audit: type=1400 audit(1755.160:109): avc:  denied  { map } for  pid=3983 comm="syz.0.160" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1756.003949][   T24] audit: type=1400 audit(1755.200:110): avc:  denied  { execute } for  pid=3983 comm="syz.0.160" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1875.397874][ T4048] kvm [4048]: Failed to find VMA for hva 0x21016000
[ 2017.226817][   T24] audit: type=1400 audit(2016.450:111): avc:  denied  { write } for  pid=4122 comm="syz.1.209" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=14590 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 2081.441418][ T4170] FAULT_INJECTION: forcing a failure.
[ 2081.441418][ T4170] name failslab, interval 1, probability 0, space 0, times 1
[ 2081.490052][ T4170] CPU: 0 UID: 0 PID: 4170 Comm: syz.1.223 Not tainted syzkaller #0 PREEMPT 
[ 2081.490726][ T4170] Hardware name: linux,dummy-virt (DT)
[ 2081.491213][ T4170] Call trace:
[ 2081.491688][ T4170]  show_stack+0x2c/0x3c (C)
[ 2081.493768][ T4170]  __dump_stack+0x30/0x40
[ 2081.494173][ T4170]  dump_stack_lvl+0xd8/0x12c
[ 2081.494536][ T4170]  dump_stack+0x1c/0x28
[ 2081.494840][ T4170]  should_fail_ex+0x56c/0x6d8
[ 2081.495088][ T4170]  should_failslab+0xb8/0xec
[ 2081.495383][ T4170]  __kmalloc_noprof+0xe8/0x598
[ 2081.495693][ T4170]  tomoyo_realpath_from_path+0xdc/0x628
[ 2081.495984][ T4170]  tomoyo_path_number_perm+0x13c/0x33c
[ 2081.496241][ T4170]  tomoyo_file_ioctl+0x2c/0x3c
[ 2081.496547][ T4170]  security_file_ioctl+0xe0/0x2cc
[ 2081.496843][ T4170]  __arm64_sys_ioctl+0xd0/0x244
[ 2081.497108][ T4170]  invoke_syscall+0x90/0x230
[ 2081.497431][ T4170]  el0_svc_common+0x120/0x2f4
[ 2081.497745][ T4170]  do_el0_svc+0x58/0x74
[ 2081.498044][ T4170]  el0_svc+0x5c/0x238
[ 2081.498285][ T4170]  el0t_64_sync_handler+0x84/0x12c
[ 2081.498535][ T4170]  el0t_64_sync+0x198/0x19c
[ 2081.693681][ T4170] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2550.987601][   T24] audit: type=1400 audit(2550.210:112): avc:  denied  { map } for  pid=4425 comm="syz.0.303" path="/" dev="tmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 2970.650798][ T4643] kvm [4643]: Failed to find VMA for hva 0x21016000
[ 3184.666864][ T4781] kvm [4781]: Failed to find VMA for hva 0x20c01000
[ 3222.333212][   T24] audit: type=1400 audit(3221.490:113): avc:  denied  { map } for  pid=4799 comm="syz.1.416" path="pipe:[2743]" dev="pipefs" ino=2743 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 3321.390010][   T24] audit: type=1400 audit(3320.600:114): avc:  denied  { execute } for  pid=4861 comm="syz.0.434" path="/" dev="tmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 3395.807071][ T4913] KVM: debugfs: duplicate directory 4913-4
[ 3514.188745][ T4270] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3515.440734][ T4270] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3516.310087][ T4270] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3517.594050][ T4270] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3531.984205][ T4270] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3532.197419][ T4270] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3532.355336][ T4270] bond0 (unregistering): Released all slaves
[ 3535.183850][ T4270] hsr_slave_0: left promiscuous mode
[ 3535.474715][ T4270] hsr_slave_1: left promiscuous mode
[ 3536.220209][ T4270] veth1_macvtap: left promiscuous mode
[ 3536.244067][ T4270] veth0_macvtap: left promiscuous mode
[ 3536.288780][ T4270] veth1_vlan: left promiscuous mode
[ 3536.299793][ T4270] veth0_vlan: left promiscuous mode
[ 3556.576634][ T4270] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3557.719430][ T4270] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3559.247716][ T4270] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3560.420458][ T4270] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3576.585165][ T4270] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3576.660383][ T4270] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3576.710507][ T4270] bond0 (unregistering): Released all slaves
[ 3577.497330][ T4270] hsr_slave_0: left promiscuous mode
[ 3577.545782][ T4270] hsr_slave_1: left promiscuous mode
[ 3577.738464][ T4270] veth1_macvtap: left promiscuous mode
[ 3577.747917][ T4270] veth0_macvtap: left promiscuous mode
[ 3577.758258][ T4270] veth1_vlan: left promiscuous mode
[ 3577.767889][ T4270] veth0_vlan: left promiscuous mode
[ 3590.334012][ T4941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3590.736447][ T4941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3600.568168][ T4945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3600.807795][ T4945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3615.741214][ T4941] hsr_slave_0: entered promiscuous mode
[ 3615.853155][ T4941] hsr_slave_1: entered promiscuous mode
[ 3624.321134][ T4945] hsr_slave_0: entered promiscuous mode
[ 3624.379494][ T4945] hsr_slave_1: entered promiscuous mode
[ 3624.408451][ T4945] debugfs: 'hsr0' already exists in 'hsr'
[ 3624.414105][ T4945] Cannot create hsr debugfs directory
[ 3629.322946][ T4941] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 3629.733963][ T4941] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 3630.145833][ T4941] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 3630.346009][ T4941] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 3638.267960][ T4945] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 3638.579809][ T4945] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 3638.790998][ T4945] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 3639.063132][ T4945] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 3654.618001][ T4941] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3662.757537][ T4945] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3751.424499][ T4941] veth0_vlan: entered promiscuous mode
[ 3752.206522][ T4941] veth1_vlan: entered promiscuous mode
[ 3755.204769][ T4941] veth0_macvtap: entered promiscuous mode
[ 3755.666399][ T4941] veth1_macvtap: entered promiscuous mode
[ 3759.149138][ T3485] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3759.168068][ T3485] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3759.235356][ T4270] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3759.236495][ T4270] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3760.678270][ T4945] veth0_vlan: entered promiscuous mode
[ 3762.625658][ T4945] veth1_vlan: entered promiscuous mode
[ 3765.145599][   T24] audit: type=1400 audit(3764.360:115): avc:  denied  { unmount } for  pid=4941 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 3766.536177][ T4945] veth0_macvtap: entered promiscuous mode
[ 3766.910008][ T4945] veth1_macvtap: entered promiscuous mode
[ 3770.445520][ T4779] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3770.464449][ T4779] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3770.745506][ T4779] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3770.746977][ T4779] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4058.464310][ T5334] FAULT_INJECTION: forcing a failure.
[ 4058.464310][ T5334] name failslab, interval 1, probability 0, space 0, times 0
[ 4058.514019][ T5334] CPU: 0 UID: 0 PID: 5334 Comm: syz.3.486 Not tainted syzkaller #0 PREEMPT 
[ 4058.514412][ T5334] Hardware name: linux,dummy-virt (DT)
[ 4058.514524][ T5334] Call trace:
[ 4058.514604][ T5334]  show_stack+0x2c/0x3c (C)
[ 4058.514979][ T5334]  __dump_stack+0x30/0x40
[ 4058.515344][ T5334]  dump_stack_lvl+0xd8/0x12c
[ 4058.515676][ T5334]  dump_stack+0x1c/0x28
[ 4058.515980][ T5334]  should_fail_ex+0x56c/0x6d8
[ 4058.516252][ T5334]  should_failslab+0xb8/0xec
[ 4058.516513][ T5334]  __kmalloc_cache_noprof+0x8c/0x4d4
[ 4058.516820][ T5334]  resv_map_alloc+0x40/0x340
[ 4058.517067][ T5334]  hugetlbfs_get_inode+0x94/0xa54
[ 4058.517351][ T5334]  hugetlb_file_setup+0x188/0x544
[ 4058.517616][ T5334]  ksys_mmap_pgoff+0x17c/0x448
[ 4058.517882][ T5334]  __arm64_sys_mmap+0x13c/0x198
[ 4058.518188][ T5334]  invoke_syscall+0x90/0x230
[ 4058.518521][ T5334]  el0_svc_common+0x120/0x2f4
[ 4058.518824][ T5334]  do_el0_svc+0x58/0x74
[ 4058.519113][ T5334]  el0_svc+0x5c/0x238
[ 4058.519419][ T5334]  el0t_64_sync_handler+0x84/0x12c
[ 4058.519668][ T5334]  el0t_64_sync+0x198/0x19c
[ 4193.383096][ T5423] debugfs: 'vgic-its-state@8080000' already exists in '5423-5'
[ 5012.434593][ T5849] kvm [5849]: Failed to find VMA for hva 0x20c79000
[ 5221.389234][   T24] audit: type=1400 audit(5220.520:116): avc:  denied  { ioctl } for  pid=5945 comm="syz.2.649" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=40925 ioctlcmd=0xaeae scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 5510.816429][ T6048] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5511.160226][ T6048] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5523.495500][ T6055] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5523.943788][ T6055] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5547.987723][ T6048] hsr_slave_0: entered promiscuous mode
[ 5548.107881][ T6048] hsr_slave_1: entered promiscuous mode
[ 5548.226516][ T6048] debugfs: 'hsr0' already exists in 'hsr'
[ 5548.233678][ T6048] Cannot create hsr debugfs directory
[ 5560.770781][ T6055] hsr_slave_0: entered promiscuous mode
[ 5560.869629][ T6055] hsr_slave_1: entered promiscuous mode
[ 5560.909253][ T6055] debugfs: 'hsr0' already exists in 'hsr'
[ 5560.956108][ T6055] Cannot create hsr debugfs directory
[ 5570.775016][ T6048] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 5571.756177][ T6048] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 5572.406488][ T6048] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 5572.783350][ T6048] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 5585.639751][ T6055] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 5586.264849][ T6055] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 5586.789023][ T6055] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 5587.388533][ T6055] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 5615.158676][ T6048] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5626.277963][ T6055] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5738.558896][ T4779] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5740.751383][ T4779] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5742.509304][ T4779] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5744.119265][ T4779] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5763.004382][ T4779] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5763.259467][ T4779] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5763.421520][ T4779] bond0 (unregistering): Released all slaves
[ 5767.144338][ T4779] hsr_slave_0: left promiscuous mode
[ 5767.405220][ T4779] hsr_slave_1: left promiscuous mode
[ 5768.095474][ T4779] veth1_macvtap: left promiscuous mode
[ 5768.096544][ T4779] veth0_macvtap: left promiscuous mode
[ 5768.128095][ T4779] veth1_vlan: left promiscuous mode
[ 5768.179334][ T4779] veth0_vlan: left promiscuous mode
[ 5800.171043][ T6057] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5802.023734][ T6057] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5803.685717][ T6057] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5805.338103][ T6057] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5825.966577][ T6057] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5826.259491][ T6057] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5826.496673][ T6057] bond0 (unregistering): Released all slaves
[ 5829.624746][ T6057] hsr_slave_0: left promiscuous mode
[ 5830.055249][ T6057] hsr_slave_1: left promiscuous mode
[ 5831.105707][ T6057] veth1_macvtap: left promiscuous mode
[ 5831.116866][ T6057] veth0_macvtap: left promiscuous mode
[ 5831.129064][ T6057] veth1_vlan: left promiscuous mode
[ 5831.138777][ T6057] veth0_vlan: left promiscuous mode
[ 5857.998001][ T6055] veth0_vlan: entered promiscuous mode
[ 5858.537206][ T6048] veth0_vlan: entered promiscuous mode
[ 5859.747343][ T6055] veth1_vlan: entered promiscuous mode
[ 5860.495071][ T6048] veth1_vlan: entered promiscuous mode
[ 5864.199761][ T6055] veth0_macvtap: entered promiscuous mode
[ 5865.105662][ T6055] veth1_macvtap: entered promiscuous mode
[ 5865.370827][ T6048] veth0_macvtap: entered promiscuous mode
[ 5866.419278][ T6048] veth1_macvtap: entered promiscuous mode
[ 5870.040428][ T4961] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5870.061160][ T6132] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5870.132996][ T4270] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5870.137599][ T4270] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5872.166712][ T3485] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5872.187823][ T6057] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5872.336921][ T6057] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5872.351306][ T6057] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 6135.936505][ T6132] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6138.456693][ T6132] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6141.936359][ T6132] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6145.297137][ T6132] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6176.016135][ T6132] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 6176.394609][ T6132] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 6176.683912][ T6132] bond0 (unregistering): Released all slaves
[ 6179.164620][ T6132] hsr_slave_0: left promiscuous mode
[ 6179.534714][ T6132] hsr_slave_1: left promiscuous mode
[ 6180.365181][ T6132] veth1_macvtap: left promiscuous mode
[ 6180.380766][ T6132] veth0_macvtap: left promiscuous mode
[ 6180.394510][ T6132] veth1_vlan: left promiscuous mode
[ 6180.416528][ T6132] veth0_vlan: left promiscuous mode
[ 6290.538831][ T6366] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6291.130800][ T6366] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6339.080920][ T6366] hsr_slave_0: entered promiscuous mode
[ 6339.210131][ T6366] hsr_slave_1: entered promiscuous mode
[ 6366.951281][ T6366] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 6367.559722][ T6366] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 6368.169460][ T6366] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 6368.810146][ T6366] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 6413.499123][ T6366] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6605.884079][ T6366] veth0_vlan: entered promiscuous mode
[ 6607.579609][ T6366] veth1_vlan: entered promiscuous mode
[ 6612.415480][ T6366] veth0_macvtap: entered promiscuous mode
[ 6613.259298][ T6366] veth1_macvtap: entered promiscuous mode
[ 6618.685370][ T6132] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 6618.696629][ T6132] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 6618.726254][ T6132] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 6618.749832][ T6132] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 6662.286582][ T4779] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6664.388534][ T4779] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6668.335089][ T4779] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6670.666787][ T4779] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6709.470140][ T4779] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 6710.239017][ T4779] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 6710.633745][ T4779] bond0 (unregistering): Released all slaves
[ 6713.826574][ T4779] hsr_slave_0: left promiscuous mode
[ 6714.014187][ T4779] hsr_slave_1: left promiscuous mode
[ 6714.700699][ T4779] veth1_macvtap: left promiscuous mode
[ 6714.741151][ T4779] veth0_macvtap: left promiscuous mode
[ 6714.776599][ T4779] veth1_vlan: left promiscuous mode
[ 6714.805439][ T4779] veth0_vlan: left promiscuous mode
[ 6806.119783][ T6615] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6806.688386][ T6615] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6858.440277][ T6615] hsr_slave_0: entered promiscuous mode
[ 6858.640381][ T6615] hsr_slave_1: entered promiscuous mode
[ 6858.834186][ T6615] debugfs: 'hsr0' already exists in 'hsr'
[ 6858.864262][ T6615] Cannot create hsr debugfs directory
[ 6890.697439][ T6615] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 6891.266556][ T6615] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 6891.900604][ T6615] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 6892.528627][ T6615] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 6938.489656][ T6615] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7147.814658][ T6615] veth0_vlan: entered promiscuous mode
[ 7150.085848][ T6615] veth1_vlan: entered promiscuous mode
[ 7155.564746][ T6615] veth0_macvtap: entered promiscuous mode
[ 7156.626423][ T6615] veth1_macvtap: entered promiscuous mode
[ 7162.143774][ T3485] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 7162.309861][ T6195] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 7162.329180][ T6157] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 7162.435342][ T6157] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 7905.876386][ T6057] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7908.009680][ T6057] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7910.873329][ T6057] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7913.720699][ T6057] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7947.054070][ T6057] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 7947.659640][ T6057] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 7947.971090][ T6057] bond0 (unregistering): Released all slaves
[ 7950.974012][ T6057] hsr_slave_0: left promiscuous mode
[ 7951.205178][ T6057] hsr_slave_1: left promiscuous mode
[ 7952.203352][ T6057] veth1_macvtap: left promiscuous mode
[ 7952.204389][ T6057] veth0_macvtap: left promiscuous mode
[ 7952.244299][ T6057] veth1_vlan: left promiscuous mode
[ 7952.275691][ T6057] veth0_vlan: left promiscuous mode
[ 7994.108380][ T5080] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7996.406021][ T5080] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7999.175712][ T5080] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8001.280269][ T5080] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8032.628829][ T5080] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 8033.144424][ T5080] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 8033.377519][ T5080] bond0 (unregistering): Released all slaves
[ 8035.081313][ T5080] hsr_slave_0: left promiscuous mode
[ 8035.178971][ T5080] hsr_slave_1: left promiscuous mode
[ 8035.512348][ T5080] veth1_macvtap: left promiscuous mode
[ 8035.547557][ T5080] veth0_macvtap: left promiscuous mode
[ 8035.559504][ T5080] veth1_vlan: left promiscuous mode
[ 8035.575569][ T5080] veth0_vlan: left promiscuous mode
[ 8088.531586][ T7219] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8089.346211][ T7219] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8110.947301][ T7227] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8111.429840][ T7227] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8131.219222][ T7219] hsr_slave_0: entered promiscuous mode
[ 8131.337553][ T7219] hsr_slave_1: entered promiscuous mode
[ 8154.684551][ T7227] hsr_slave_0: entered promiscuous mode
[ 8154.811393][ T7227] hsr_slave_1: entered promiscuous mode
[ 8154.945472][ T7227] debugfs: 'hsr0' already exists in 'hsr'
[ 8154.953401][ T7227] Cannot create hsr debugfs directory
[ 8159.268667][ T7219] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 8159.759710][ T7219] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 8160.276495][ T7219] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 8160.934695][ T7219] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 8184.284635][ T7227] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 8185.029791][ T7227] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 8185.909882][ T7227] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 8186.714526][ T7227] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 8213.338486][ T7219] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8230.463970][ T7227] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8411.951191][ T7219] veth0_vlan: entered promiscuous mode
[ 8413.789735][ T7219] veth1_vlan: entered promiscuous mode
[ 8419.197977][ T7219] veth0_macvtap: entered promiscuous mode
[ 8420.418094][ T7219] veth1_macvtap: entered promiscuous mode
[ 8425.653701][ T7018] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8425.789993][ T7230] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8425.800987][ T7230] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8425.816052][ T7230] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8436.017516][ T7227] veth0_vlan: entered promiscuous mode
[ 8438.504962][ T7227] veth1_vlan: entered promiscuous mode
[ 8444.226101][ T7227] veth0_macvtap: entered promiscuous mode
[ 8445.467357][ T7227] veth1_macvtap: entered promiscuous mode
[ 8451.573551][ T7230] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8451.965805][ T4270] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8451.989652][ T4270] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8452.065372][ T6057] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8798.690535][ T6195] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8802.621331][ T6195] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8805.667161][ T6195] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8810.046408][ T6195] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8852.818652][ T6195] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 8853.798215][ T6195] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 8854.419411][ T6195] bond0 (unregistering): Released all slaves
[ 8858.485360][ T6195] hsr_slave_0: left promiscuous mode
[ 8858.826043][ T6195] hsr_slave_1: left promiscuous mode
[ 8860.087840][ T6195] veth1_macvtap: left promiscuous mode
[ 8860.203932][ T6195] veth0_macvtap: left promiscuous mode
[ 8860.216759][ T6195] veth1_vlan: left promiscuous mode
[ 8860.217960][ T6195] veth0_vlan: left promiscuous mode
[ 9031.359769][ T7580] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 9032.267315][ T7580] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 9102.888136][ T7580] hsr_slave_0: entered promiscuous mode
[ 9103.089198][ T7580] hsr_slave_1: entered promiscuous mode
[ 9103.294765][ T7580] debugfs: 'hsr0' already exists in 'hsr'
[ 9103.384125][ T7580] Cannot create hsr debugfs directory
[ 9171.938614][ T7580] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 9173.559129][ T7580] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 9175.558642][ T7580] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 9176.891298][ T7580] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 9185.491418][ T4961] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9188.138513][ T4961] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9190.860856][ T4961] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9193.521095][ T4961] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9227.213487][ T4961] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 9228.047361][ T4961] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 9228.657704][ T4961] bond0 (unregistering): Released all slaves
[ 9232.774160][ T4961] hsr_slave_0: left promiscuous mode
[ 9232.914931][ T4961] hsr_slave_1: left promiscuous mode
[ 9234.043091][ T4961] veth1_macvtap: left promiscuous mode
[ 9234.074918][ T4961] veth0_macvtap: left promiscuous mode
[ 9234.076450][ T4961] veth1_vlan: left promiscuous mode
[ 9234.077593][ T4961] veth0_vlan: left promiscuous mode
[ 9299.421478][ T7580] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9369.676617][ T7739] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 9371.176077][ T7739] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 9445.537711][ T3485] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 9445.943406][ T3485] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 9446.197226][ T3485] bond0 (unregistering): Released all slaves
[ 9450.864393][ T3485] hsr_slave_0: left promiscuous mode
[ 9451.545935][ T3485] hsr_slave_1: left promiscuous mode
[ 9494.768666][ T7739] hsr_slave_0: entered promiscuous mode
[ 9494.918744][ T7739] hsr_slave_1: entered promiscuous mode
[ 9540.976816][ T7739] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 9541.720639][ T7739] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 9542.292900][ T7739] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 9546.137297][ T7739] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 9576.760576][ T7810] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 9577.347523][ T7810] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 9591.076024][ T7739] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9627.451453][ T7810] hsr_slave_0: entered promiscuous mode
[ 9627.617749][ T7810] hsr_slave_1: entered promiscuous mode
[ 9627.785667][ T7810] debugfs: 'hsr0' already exists in 'hsr'
[ 9627.810675][ T7810] Cannot create hsr debugfs directory
[ 9667.340816][ T7810] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 9668.365318][ T7810] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 9669.235374][ T7810] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 9670.250660][ T7810] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 9714.528531][ T7810] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9842.507992][ T7018] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 9842.798358][ T7018] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 9842.970859][ T7018] bond0 (unregistering): Released all slaves
[ 9845.283618][ T7018] hsr_slave_0: left promiscuous mode
[ 9845.516680][ T7018] hsr_slave_1: left promiscuous mode
[ 9914.675628][ T7810] veth0_vlan: entered promiscuous mode
[ 9916.048692][ T7810] veth1_vlan: entered promiscuous mode
[ 9920.663936][ T7810] veth0_macvtap: entered promiscuous mode
[ 9921.699882][ T7810] veth1_macvtap: entered promiscuous mode
[ 9933.490437][ T6057] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 9933.519554][ T7018] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 9933.636194][ T6157] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 9933.684602][ T7945] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 9957.118024][ T7996] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 9957.804163][ T7996] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[10019.457349][ T7996] hsr_slave_0: entered promiscuous mode
[10019.649507][ T7996] hsr_slave_1: entered promiscuous mode
[10070.410358][ T7996] netdevsim netdevsim1 netdevsim0: renamed from eth0
[10071.358647][ T7996] netdevsim netdevsim1 netdevsim1: renamed from eth1
[10072.228843][ T7996] netdevsim netdevsim1 netdevsim2: renamed from eth2
[10072.987702][ T7996] netdevsim netdevsim1 netdevsim3: renamed from eth3
[10125.181514][ T7996] 8021q: adding VLAN 0 to HW filter on device bond0
[10324.332551][ T7996] veth0_vlan: entered promiscuous mode
[10326.748053][ T7996] veth1_vlan: entered promiscuous mode
[10332.264875][ T7996] veth0_macvtap: entered promiscuous mode
[10333.398471][ T7996] veth1_macvtap: entered promiscuous mode
[10339.503192][ T7244] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[10339.524114][ T6057] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[10339.555547][ T7589] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[10339.864070][ T7244] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[10581.849692][ T8260] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[10582.665388][ T8260] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[10593.579283][ T8265] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[10594.229772][ T8265] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[10649.590921][ T8260] hsr_slave_0: entered promiscuous mode
[10649.800396][ T8260] hsr_slave_1: entered promiscuous mode
[10650.004889][ T8260] debugfs: 'hsr0' already exists in 'hsr'
[10650.047112][ T8260] Cannot create hsr debugfs directory
[10663.558519][ T8265] hsr_slave_0: entered promiscuous mode
[10663.825655][ T8265] hsr_slave_1: entered promiscuous mode
[10664.075378][ T8265] debugfs: 'hsr0' already exists in 'hsr'
[10664.079091][ T8265] Cannot create hsr debugfs directory
[10740.099126][ T8260] netdevsim netdevsim2 netdevsim0: renamed from eth0
[10741.727595][ T8260] netdevsim netdevsim2 netdevsim1: renamed from eth1
[10742.937199][ T8260] netdevsim netdevsim2 netdevsim2: renamed from eth2
[10745.367648][ T8260] netdevsim netdevsim2 netdevsim3: renamed from eth3
[10754.445829][ T8265] netdevsim netdevsim3 netdevsim0: renamed from eth0
[10755.130724][ T8265] netdevsim netdevsim3 netdevsim1: renamed from eth1
[10756.205226][ T8265] netdevsim netdevsim3 netdevsim2: renamed from eth2
[10756.849490][ T8265] netdevsim netdevsim3 netdevsim3: renamed from eth3
[10806.169827][ T8260] 8021q: adding VLAN 0 to HW filter on device bond0
[10815.628493][ T8265] 8021q: adding VLAN 0 to HW filter on device bond0
[10822.455687][   T26] INFO: task syz.0.871:8246 blocked for more than 430 seconds.
[10822.482692][   T26]       Not tainted syzkaller #0
[10822.483616][   T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[10822.484138][   T26] task:syz.0.871       state:D stack:0     pid:8246  tgid:8246  ppid:7810   task_flags:0x400040 flags:0x00000011
[10822.485780][   T26] Call trace:
[10822.486157][   T26]  __switch_to+0x584/0xb00 (T)
[10822.486825][   T26]  __schedule+0x1da4/0x3678
[10822.487363][   T26]  schedule+0xac/0x27c
[10822.487871][   T26]  schedule_timeout+0x68/0x1ec
[10822.488310][   T26]  do_wait_for_common+0x28c/0x440
[10822.488826][   T26]  wait_for_completion+0x44/0x5c
[10822.489322][   T26]  __synchronize_srcu+0x2a4/0x320
[10822.489857][   T26]  synchronize_srcu+0x3d0/0x4f8
[10822.490378][   T26]  mmu_notifier_unregister+0x320/0x428
[10822.490857][   T26]  kvm_put_kvm+0x698/0xbe0
[10822.491324][   T26]  kvm_vm_release+0x58/0x78
[10822.716604][   T26]  __fput+0x4ac/0x978
[10822.717308][   T26]  ____fput+0x20/0x58
[10822.717864][   T26]  task_work_run+0x1b8/0x250
[10822.718790][   T26]  exit_to_user_mode_loop+0x110/0x188
[10822.719348][   T26]  el0_svc+0x17c/0x238
[10822.719820][   T26]  el0t_64_sync_handler+0x84/0x12c
[10822.720264][   T26]  el0t_64_sync+0x198/0x19c
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[10822.833393][   T26] 
[10822.833393][   T26] Showing all locks held in the system:
[10822.854915][   T26] 1 lock held by khungtaskd/26:
[10822.855778][   T26]  #0: ffff800087c86f38 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x0/0x44
[10822.858525][   T26] 2 locks held by getty/3199:
[10822.858918][   T26]  #0: 7cf000001288a8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[10822.860674][   T26]  #1: d2ff80008ca1b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x308/0x1234
[10823.024923][   T26] 2 locks held by syz-executor/3327:
[10823.025447][   T26] 3 locks held by kworker/u4:1/4270:
[10823.025779][   T26] 3 locks held by kworker/u4:6/4961:
[10823.026090][   T26] 3 locks held by kworker/u4:0/6057:
[10823.026415][   T26] 2 locks held by kworker/u4:12/6157:
[10823.026712][   T26]  #0: 6df000000d036548 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x7cc/0x1d6c
[10823.028784][   T26]  #1: ffff8000a3907ca8 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x858/0x1d6c
[10823.030418][   T26] 3 locks held by kworker/u4:5/6392:
[10823.030776][   T26] 3 locks held by kworker/u4:2/7018:
[10823.031104][   T26] 2 locks held by kworker/u4:14/7244:
[10823.031470][   T26] 2 locks held by kworker/u4:10/7589:
[10823.185669][   T26]  #0: 6df000000d036548 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x7cc/0x1d6c
[10823.187813][   T26]  #1: ffff80008e4f7ca8 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x858/0x1d6c
[10823.189479][   T26] 2 locks held by kworker/0:4/7804:
[10823.189850][   T26] 3 locks held by kworker/u4:7/7945:
[10823.190180][   T26] 2 locks held by syz.1.852/8241:
[10823.190529][   T26] 3 locks held by kworker/u4:3/8282:
[10823.190871][   T26] 3 locks held by kworker/u4:4/8403:
[10823.191185][   T26] 1 lock held by dhcpcd-run-hook/8404:
[10823.191527][   T26] 1 lock held by modprobe/8405:
[10823.344943][   T26] 4 locks held by modprobe/8406:
[10823.350887][   T26] 
[10823.351304][   T26] =============================================
[10823.351304][   T26] 
[10823.394093][   T26] Kernel panic - not syncing: hung_task: blocked tasks
[10823.397325][   T26] CPU: 0 UID: 0 PID: 26 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT 
[10823.398653][   T26] Hardware name: linux,dummy-virt (DT)
[10823.399586][   T26] Call trace:
[10823.400304][   T26]  show_stack+0x2c/0x3c (C)
[10823.401337][   T26]  __dump_stack+0x30/0x40
[10823.402390][   T26]  dump_stack_lvl+0x30/0x12c
[10823.403244][   T26]  dump_stack+0x1c/0x28
[10823.404175][   T26]  vpanic+0x4d0/0x848
[10823.405048][   T26]  vpanic+0x0/0x848
[10823.405864][   T26]  hung_task_panic+0x0/0x2c
[10823.406806][   T26]  kthread+0x4d4/0x51c
[10823.407790][   T26]  ret_from_fork+0x10/0x20
[10823.409646][   T26] Kernel Offset: disabled
[10823.410370][   T26] CPU features: 0x0000000,001a3005,fbe327a1,057ffe1f
[10823.411532][   T26] Memory Limit: none
[10823.413803][   T26] Rebooting in 86400 seconds..