last executing test programs:

1h10m4.162255426s ago: executing program 1 (id=100):
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x2010, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000140)={0x0, &(0x7f00000002c0)=[@smc={0x1e, 0x40, {0x84000009, [0x5, 0x9, 0x10000, 0x9, 0x12304000000]}}, @hvc={0x32, 0x40, {0x3, [0x84, 0x4, 0x800, 0x6, 0x3ff]}}, @uexit={0x0, 0x18, 0x100000000}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x3b5}}, @irq_setup={0x46, 0x18, {0x0, 0x11a}}, @code={0xa, 0x84, {"a00299d200c0b8f2210080d2e20080d2430180d2040080d2020000d4007008d560ea99d200c0b0f2c10180d2620080d2830080d2c40180d2020000d4008008d500f4000f0094006f004c207e007008d5000028d5e0949cd20060b8f2810080d2620080d2830180d2e40080d2020000d4"}}, @uexit={0x0, 0x18, 0x6}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x2, 0x6, 0xfffffff5, 0x7fffffff, 0x1}}, @irq_setup={0x46, 0x18, {0x3, 0xf8}}, @code={0xa, 0x9c, {"007008d540ef8ed200c0b0f2a10080d2e20080d2030080d2640080d2020000d4008008d5008008d5609e8dd20060b8f2410180d2a20080d2a30080d2e40080d2020000d4606e93d200a0b0f2010080d2420080d2a30180d2640080d2020000d40000c078000688d200c0b0f2c10180d2020180d2e30180d2040080d2020000d40020002f008c007f"}}, @msr={0x14, 0x20, {0x603000000013c800}}, @eret={0xe6, 0x18, 0x40}, @eret={0xe6, 0x18, 0xffff}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x8, 0x400, 0x8}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x0, 0x0, 0xa, 0x9, 0x2}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x334}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x100, 0x6, 0x4}}, @irq_setup={0x46, 0x18, {0x0, 0x2de}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x1, 0xf, 0x3, 0x6}}, @eret={0xe6, 0x18, 0x7fff}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x388}}, @mrs={0xbe, 0x18, {0x603000000013e518}}, @svc={0x122, 0x40, {0x8400000b, [0x5, 0x0, 0x9ae, 0x9, 0x5f0c5a48]}}], 0x428}, &(0x7f00000001c0)=[@featur1={0x1, 0x10}], 0x1)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r1, 0x4018aee2, &(0x7f0000000240)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000200)=0xb93})
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0) (async)
r9 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000000100)={0x0, 0x52})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) (async)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r11, r12, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
ioctl$KVM_GET_ONE_REG(r12, 0x4010aeab, &(0x7f00000000c0)=@arm64_sve={0x60800000001503ec, &(0x7f0000000180)=0x81}) (async)
ioctl$KVM_GET_ONE_REG(r12, 0x4010aeab, &(0x7f00000000c0)=@arm64_sve={0x60800000001503ec, &(0x7f0000000180)=0x81})
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xc6)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200000, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)

1h9m59.759742458s ago: executing program 0 (id=101):
openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b656cf3f1, 0xffffffffffffffff, 0x20000000) (async)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r0, 0x4020aeae, &(0x7f0000000340)={0x5})
ioctl$KVM_RUN(r0, 0xae80, 0x0)

1h9m54.921755198s ago: executing program 1 (id=102):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r4, 0x4068aea3, &(0x7f0000000080)={0xa8, 0x0, 0x3})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x10002, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$arm64(r4, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000200)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x2c}}, @memwrite={0x6e, 0x30, @generic={0x30000, 0x9fe, 0x1, 0x6}}], 0x58}, 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000040)=@arm64_ccsidr={0x6020004020110206, 0x0})
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
r9 = eventfd2(0x3, 0x0)
write$eventfd(r9, &(0x7f0000000400)=0xfffffffffffffffc, 0x8)
r10 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013c021}}], 0x18}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
write$eventfd(r9, &(0x7f0000000480)=0x8c49, 0x8)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8})
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x37)
r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000b10000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000b80)={0x0, &(0x7f00000009c0)=[@hvc={0x32, 0x40, {0x84000006, [0x4, 0x1, 0x8000000000000000, 0x427b, 0x400003]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x100}], 0x1)

1h9m53.609556479s ago: executing program 0 (id=103):
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil)
r0 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r2, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000200), 0x440002, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0xa1}], 0x1)
syz_kvm_add_vcpu$arm64(r7, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000140)=[@featur2={0x1, 0x80}], 0x1)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
r11 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r10, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000080)="fb0149dd033be3ac4e37c4005a9614fbff67521ce16f8f09449a7a836b73312954000000000000000000000000000000000000000000000000000000dc6900", 0x0, 0x2e)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
r12 = eventfd2(0x0, 0x0)
close(r12)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xa8c80, 0x0)
r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)
mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, r13, 0x2000004, 0x2011, r12, 0x0)
syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000003, [0x5, 0x100000003, 0x5, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)

1h9m45.199669439s ago: executing program 0 (id=104):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
r6 = ioctl$KVM_CREATE_VM(r5, 0x894c, 0x0)
close(r6)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r4, 0x4008ae73, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000100)=@arm64_sve={0x6080000000150439, 0x0})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2c0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_GET_REGS(r5, 0x8360ae81, &(0x7f0000000180))
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x22)
ioctl$KVM_CREATE_GUEST_MEMFD(r8, 0xc040aed4, &(0x7f0000000040)={0x1})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0x2, 0x20000013)
ioctl$KVM_CLEAR_DIRTY_LOG(r8, 0xc018aec0, 0x0)

1h9m39.013296861s ago: executing program 1 (id=105):
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000000)=0x6)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x401]}}], 0x40}, 0x0, 0x0)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r7, 0x2000003, 0x11, r6, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

1h9m34.201368279s ago: executing program 0 (id=106):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x400000000000)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000200)=@attr_other={0x0, 0x1000, 0x16a8bac1, &(0x7f0000000140)=0x100000000})
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xfffffffffffffffe)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r3, 0x4068aea3, &(0x7f0000000000)={0xef, 0x0, 0x9})
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000100)={0x48, 0x8080000, 0x8, 0xffffffffffffffff, 0x2})
r4 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000340)={0x1})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000aff000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@uexit={0x0, 0x18, 0x8}, @code={0xa, 0x1, {"007008d5000008d500c4202e000cc01a000028d580308fd20040b8f2c10080d2c20180d2e30180d2640180d20048210e00a0600d0084004f1820601e0028c01a"}}, @mrs={0xbe, 0x18, {0x603000000013c113}}], 0x84}, &(0x7f00000001c0)=[@featur2], 0x1)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0xfffffffffffffffe)
ioctl$KVM_CHECK_EXTENSION_VM(r10, 0xae03, 0xf3)
r11 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x3c)
syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x25)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, 0x0, 0x8, 0x30, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)

1h9m25.854366235s ago: executing program 1 (id=107):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000b80)={0x0, &(0x7f0000000380)=[@memwrite={0x6e, 0x30, @generic={0x2, 0x242, 0x400, 0x3}}], 0x30}, &(0x7f0000000280), 0x1)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1h9m21.224773962s ago: executing program 0 (id=108):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r2, 0x400454ce, 0x110c230008)
write$eventfd(0xffffffffffffffff, &(0x7f0000000000), 0xfffffdef)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x8, 0x0, &(0x7f0000000040)=0x1ff})
r4 = ioctl$KVM_CREATE_VM(r3, 0x80111500, 0x20000000)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0xe)
ioctl$KVM_CREATE_VM(r4, 0x541b, 0x2004001f)

1h9m17.640878104s ago: executing program 1 (id=109):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x181002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x2, 0x3, 0x7c}}], 0x28}, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000040)={0x7})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x2, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000280)=0x400000080a00ed})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000380)=0x800012})
r10 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x3a)
ioctl$KVM_GET_DEVICE_ATTR_vm(r10, 0x4018aee2, &(0x7f0000000200)=@attr_other={0x0, 0x200000, 0x0, &(0x7f0000000100)=0x4})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x3, 0x4, &(0x7f0000000000)=0x8090000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1h9m12.674685411s ago: executing program 0 (id=110):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000000)=0x800) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) (async)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, 0xfffffffffffffffe)

1h9m7.503344891s ago: executing program 1 (id=111):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x4)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000000c0)={0x6, <r2=>0xffffffffffffffff})
r3 = ioctl$KVM_CREATE_VM(r2, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0x4030582b, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x4, 0xc0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0xe5)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
r8 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0xfffffffffffffffb)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_IRQ_LINE(r6, 0x4008ae61, &(0x7f0000000000)={0x0, 0x2})

1h8m26.961874962s ago: executing program 32 (id=110):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000000)=0x800) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) (async)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, 0xfffffffffffffffe)

1h8m20.829981102s ago: executing program 33 (id=111):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x4)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000000c0)={0x6, <r2=>0xffffffffffffffff})
r3 = ioctl$KVM_CREATE_VM(r2, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0x4030582b, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x4, 0xc0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0xe5)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
r8 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0xfffffffffffffffb)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_IRQ_LINE(r6, 0x4008ae61, &(0x7f0000000000)={0x0, 0x2})

36m55.541604653s ago: executing program 2 (id=317):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0xc4000001, [0x8, 0x939, 0xe, 0x7f, 0x4]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2)
r8 = eventfd2(0x8, 0x80800)
r9 = eventfd2(0x8, 0x0)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f00000000c0)={0x4, 0x25000, 0x0, r9, 0x2})
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000140)={0x8000000000000002, 0x0, 0x2, r8, 0x2})
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x60000, 0x4, r8, 0x3})
r10 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff, 0x1})
r11 = openat$kvm(0x0, &(0x7f0000000080), 0x80001, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
eventfd2(0x7f, 0x801)
r13 = syz_kvm_vgic_v3_setup(r5, 0x1, 0x100)
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x5, 0x6c, &(0x7f00000002c0)=0x2c172c22})
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bfd000/0x400000)=nil)

36m37.093445752s ago: executing program 3 (id=320):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
close(0x3)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_CREATE_VM(r2, 0x894c, 0x0)
r5 = eventfd2(0x2, 0x80000)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r1, 0x4010aeb5, &(0x7f0000000100)={0x7, 0x779e})

36m32.43772845s ago: executing program 2 (id=321):
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x200000, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x200000, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000cea000/0x4000)=nil, r1, 0x0, 0x10, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000cea000/0x4000)=nil, r1, 0x0, 0x10, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2f)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000000)=@arm64_bitmap={0x6030000000160006, 0x0})
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x4000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r8, 0x0) (async)
r9 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r8, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000080)="fb0149dd033be3ac4e37c4005a9614fb00000000e16f8f2954000000000000000000000000000e00000000000000000000080000dc693300000000000000000000000043d12d6300", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r8, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r8, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x88c80, 0x0)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x110, 0xffffffffffffffff, 0x1000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)

36m21.485289218s ago: executing program 3 (id=322):
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x302, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r6 = syz_kvm_vgic_v3_setup(r5, 0x1, 0x100)
ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, &(0x7f0000000000)=@attr_arm64={0x0, 0x5, 0x3, 0xffffffffffffffff})
r7 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xeeef0000, 0x0, r7})
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000000)={0x6, 0x0, 0x0, r7, 0x4})
r8 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c663, 0x0})
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r9, 0x4018aee2, &(0x7f00000000c0)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000080)=0x6})
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000000)={0x1ff, 0x1, 0x4000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000100)={0x0, 0x1, 0xdddd1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, r10, 0x1000006, 0x128831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000000180)={0x2, 0x2, 0x0, 0x2000, &(0x7f0000fb0000/0x2000)=nil})
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)

36m11.633075446s ago: executing program 3 (id=323):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0xc941, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x8)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r8 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000180)={0x1a64afb6, 0x8000000, 0x0, r8})
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f0000000000)={0x8080000, 0x2000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r11 = eventfd2(0x3, 0x0)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000340)={0x9, 0x8000000, 0x1, r11})
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000000)={0x8080000, 0x2000})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000140)={0x4, <r14=>0xffffffffffffffff, 0x1})
write$eventfd(r14, &(0x7f00000001c0)=0x7ffffff, 0xfffffd77)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r15 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
r17 = syz_kvm_setup_syzos_vm$arm64(r16, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r17, &(0x7f0000000140)={0x0, &(0x7f00000003c0)=[@smc={0x1e, 0x40, {0xef000000, [0x50, 0x1, 0x2, 0x3, 0x4]}}], 0x40}, 0x0, 0x0)

36m8.082392164s ago: executing program 2 (id=324):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c0c000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
munmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f1, 0x8000}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r7, 0x0, 0x100)
ioctl$KVM_SIGNAL_MSI(r7, 0x4020aea5, &(0x7f0000000000)={0xd0c19de284cd3ebf, 0x4, 0x7, 0x0, 0x6})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

35m57.171998892s ago: executing program 3 (id=325):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x7, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0x5, 0x2, &(0x7f0000000300)=0x1})
openat$kvm(0x0, &(0x7f0000000040), 0x400c02, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000200)={0xffffffffffffffff, 0x4198, 0x1, r2})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0xb4503, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x19)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r8 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000140)={0xc, 0xfff9, 0x1}})
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r11, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
r12 = openat$kvm(0x0, &(0x7f0000000140), 0x200401, 0x0)
close(r2)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000300), 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r15, 0x4018aee1, &(0x7f0000000000)=@attr_other={0x0, 0x2, 0x10, &(0x7f0000000240)=0xfffffffffffff801})
ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f00000000c0)=@arm64_sve={0x6080000000150320, 0x0})

35m55.679644055s ago: executing program 2 (id=326):
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_HALT_POLL(r2, 0x4068aea3, &(0x7f00000001c0))
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x18, {"7f2003d5"}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000000100)={0x0, 0x81})
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r5, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000)

35m20.271865s ago: executing program 2 (id=327):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x5, 0xb, 0x0, 0x2, 0x6, 0x6, 0x9, 0x8, 0x89, 0x6, 0x2, 0x0, 0x6, 0x6, 0xe2, 0x3, 0x29, 0x0, '\x00', 0x10, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
write$eventfd(r2, &(0x7f00000001c0), 0xf001)

35m19.720965111s ago: executing program 3 (id=328):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bc2000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000440)={0x0, 0x0}, &(0x7f0000000480)=[@featur1={0x1, 0x43}], 0x1)
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x21)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
r8 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r7, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r7, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x60871, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, &(0x7f0000000240)=[@irq_setup={0x5, 0x18}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r13, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105})
ioctl$KVM_RUN(r13, 0xae80, 0x0)
r14 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000140)={0x5, <r15=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
ioctl$KVM_ARM_VCPU_FINALIZE(r3, 0x4004aec2, &(0x7f0000000040)=0x3)
write$eventfd(r15, &(0x7f00000001c0)=0xffffffffffffffff, 0xff46)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x20)

35m10.842528731s ago: executing program 2 (id=329):
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x1000000)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r4=>0xffffffffffffffff, 0x1})
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x141000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x26)
r7 = syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f00006db000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f00000001c0)={0x0, &(0x7f0000000340)=[@hvc={0x32, 0x40, {0x0, [0x1d, 0x8000000000000001, 0x1, 0xfffffffffffffffc, 0x8]}}, @msr={0x14, 0x20, {0x603000000013deb8, 0x8}}, @smc={0x1e, 0x40, {0xc4000001, [0x7ff, 0x100000001, 0x7f, 0x5, 0x8]}}, @svc={0x122, 0x40, {0x84000012, [0x2, 0x2, 0x2, 0x300000000000000, 0x7]}}, @mrs={0xbe, 0x18, {0x603000000013dce5}}, @eret={0xe6, 0x18, 0x387}, @msr={0x14, 0x20, {0x603000000013c2a0, 0x7}}, @uexit={0x0, 0x18, 0xaac5d50}, @uexit={0x0, 0x18, 0x7}, @hvc={0x32, 0x40, {0x86000000, [0xc, 0xffffffffffffffff, 0x400, 0x4, 0x21]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xffe8, 0x0, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x3, 0x4, 0x80, 0x8}}, @irq_setup={0x46, 0x18, {0x3, 0xa5}}, @irq_setup={0x46, 0x18, {0x3, 0x3bf}}, @code={0xa, 0x6c, {"009c202e0000381e007008d500e0400d007008d540c593d20040b8f2810180d2c20180d2630180d2c40080d2020000d4007008d5c0e28ad20000b8f2410080d2820180d2230180d2c40180d2020000d40000001b0000679e"}}, @code={0xa, 0x6c, {"000028d5008008d5007008d560318dd200a0b0f2c10180d2020180d2830180d2e40180d2020000d40084007f007008d5804996d20060b0f2810180d2220080d2630180d2e40180d2020000d4000c200e007008d500c0271e"}}, @uexit={0x0, 0x18, 0x4}, @msr={0x14, 0x20, {0x603000000013dcf3, 0x200}}, @svc={0x122, 0x40, {0xc4000007, [0x5, 0x8, 0xc11, 0x8, 0x8000000000000001]}}, @code={0xa, 0x54, {"00a8215e60e299d20080b8f2410080d2620180d2230180d2840180d2020000d4007008d5008008d5007008d50048202e000028d500d8212e00d8a05e00000010"}}, @hvc={0x32, 0x40, {0x31000000, [0x0, 0x5, 0x4, 0x5df, 0x8]}}], 0x40c}, &(0x7f0000000200)=[@featur2={0x1, 0x3}], 0x1)
ioctl$KVM_HAS_DEVICE_ATTR(r7, 0x4018aee3, &(0x7f0000000300)=@attr_arm64={0x0, 0x3, 0x1, 0x0})
r9 = ioctl$KVM_CREATE_VM(r4, 0x894c, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xb701, 0x0)
ioctl$KVM_CREATE_VCPU(r10, 0xb704, 0xfffffffffffffffe)
r11 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x3, 0xa0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x8, <r13=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000300)=@attr_arm64={0x0, 0x4, 0x1, 0x0}) (async, rerun: 64)
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)

35m5.551410989s ago: executing program 3 (id=330):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33)
close(r1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
r4 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r3, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)

34m23.315514941s ago: executing program 34 (id=329):
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x1000000)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r4=>0xffffffffffffffff, 0x1})
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x141000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x26)
r7 = syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f00006db000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f00000001c0)={0x0, &(0x7f0000000340)=[@hvc={0x32, 0x40, {0x0, [0x1d, 0x8000000000000001, 0x1, 0xfffffffffffffffc, 0x8]}}, @msr={0x14, 0x20, {0x603000000013deb8, 0x8}}, @smc={0x1e, 0x40, {0xc4000001, [0x7ff, 0x100000001, 0x7f, 0x5, 0x8]}}, @svc={0x122, 0x40, {0x84000012, [0x2, 0x2, 0x2, 0x300000000000000, 0x7]}}, @mrs={0xbe, 0x18, {0x603000000013dce5}}, @eret={0xe6, 0x18, 0x387}, @msr={0x14, 0x20, {0x603000000013c2a0, 0x7}}, @uexit={0x0, 0x18, 0xaac5d50}, @uexit={0x0, 0x18, 0x7}, @hvc={0x32, 0x40, {0x86000000, [0xc, 0xffffffffffffffff, 0x400, 0x4, 0x21]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xffe8, 0x0, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x3, 0x4, 0x80, 0x8}}, @irq_setup={0x46, 0x18, {0x3, 0xa5}}, @irq_setup={0x46, 0x18, {0x3, 0x3bf}}, @code={0xa, 0x6c, {"009c202e0000381e007008d500e0400d007008d540c593d20040b8f2810180d2c20180d2630180d2c40080d2020000d4007008d5c0e28ad20000b8f2410080d2820180d2230180d2c40180d2020000d40000001b0000679e"}}, @code={0xa, 0x6c, {"000028d5008008d5007008d560318dd200a0b0f2c10180d2020180d2830180d2e40180d2020000d40084007f007008d5804996d20060b0f2810180d2220080d2630180d2e40180d2020000d4000c200e007008d500c0271e"}}, @uexit={0x0, 0x18, 0x4}, @msr={0x14, 0x20, {0x603000000013dcf3, 0x200}}, @svc={0x122, 0x40, {0xc4000007, [0x5, 0x8, 0xc11, 0x8, 0x8000000000000001]}}, @code={0xa, 0x54, {"00a8215e60e299d20080b8f2410080d2620180d2230180d2840180d2020000d4007008d5008008d5007008d50048202e000028d500d8212e00d8a05e00000010"}}, @hvc={0x32, 0x40, {0x31000000, [0x0, 0x5, 0x4, 0x5df, 0x8]}}], 0x40c}, &(0x7f0000000200)=[@featur2={0x1, 0x3}], 0x1)
ioctl$KVM_HAS_DEVICE_ATTR(r7, 0x4018aee3, &(0x7f0000000300)=@attr_arm64={0x0, 0x3, 0x1, 0x0})
r9 = ioctl$KVM_CREATE_VM(r4, 0x894c, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xb701, 0x0)
ioctl$KVM_CREATE_VCPU(r10, 0xb704, 0xfffffffffffffffe)
r11 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x3, 0xa0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x8, <r13=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000300)=@attr_arm64={0x0, 0x4, 0x1, 0x0}) (async, rerun: 64)
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)

34m17.803142094s ago: executing program 35 (id=330):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33)
close(r1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
r4 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r3, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)

27m28.709080541s ago: executing program 4 (id=331):
munmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x444840, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x7838c1, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}, @msr={0x14, 0x20, {0x603000000013dce1, 0x4}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0x80111500, 0x20000000)
ioctl$KVM_CREATE_VM(r6, 0x5760, 0x2000001c)
r7 = openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r8 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x4)
r11 = ioctl$KVM_CREATE_GUEST_MEMFD(r10, 0xc040aed4, &(0x7f0000000040)={0x1000200001fe0000, 0x1})
ioctl$KVM_SET_USER_MEMORY_REGION2(r10, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x6000, 0x2000, &(0x7f0000ffc000/0x2000)=nil, 0x100000000000000, r11})
close(r10)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x2)
r12 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1)
r13 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x0, 0x3, 0x11, r12, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r12, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r14, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)

27m12.992326197s ago: executing program 4 (id=333):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x30)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r3, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000001c0)="fb0149dd833be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8faa767969d22627e700", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0)
r5 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000000)=@arm64_sve={0x60800000001505c1, &(0x7f0000000100)=0x7})
ioctl$KVM_CREATE_VM(r5, 0x401c5820, 0x20000007)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x3, 0x10000, 0x0, 0x6, 0x2}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000000)={0x3, <r10=>0xffffffffffffffff, 0x1})
ioctl$KVM_HAS_DEVICE_ATTR(r10, 0x4018aee3, &(0x7f0000000240)=@attr_other={0x0, 0x3, 0x2, &(0x7f0000000040)=0x2})

26m24.873005431s ago: executing program 36 (id=333):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x30)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r3, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000001c0)="fb0149dd833be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8faa767969d22627e700", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0)
r5 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000000)=@arm64_sve={0x60800000001505c1, &(0x7f0000000100)=0x7})
ioctl$KVM_CREATE_VM(r5, 0x401c5820, 0x20000007)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x3, 0x10000, 0x0, 0x6, 0x2}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000000)={0x3, <r10=>0xffffffffffffffff, 0x1})
ioctl$KVM_HAS_DEVICE_ATTR(r10, 0x4018aee3, &(0x7f0000000240)=@attr_other={0x0, 0x3, 0x2, &(0x7f0000000040)=0x2})

20m19.992417412s ago: executing program 5 (id=357):
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CLEAR_DIRTY_LOG(r2, 0xc018aec0, 0xfffffffffffffffe)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r4, r5, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100006, &(0x7f0000000100)=0xc5c5})
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CAP_HALT_POLL(r4, 0x4068aea3, &(0x7f0000000280)={0xb6, 0x0, 0x1d})
eventfd2(0xfffffff7, 0x800) (async)
eventfd2(0xfffffff7, 0x800)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
r8 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, &(0x7f00000000c0)}, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f0000000000)={0x8000000})
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000240)={0xdddd1000, 0x1000})
syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r3, 0x80111500, 0x20000000)
ioctl$KVM_CREATE_VM(r12, 0x541b, 0x2b) (async)
ioctl$KVM_CREATE_VM(r12, 0x541b, 0x2b)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) (async)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
ioctl$KVM_CREATE_VM(r13, 0xae01, 0x21) (async)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x21)
ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x2)

20m3.311899386s ago: executing program 5 (id=358):
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0)
r0 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, r2, 0x8, 0x5c1fd1b6565d2f2, r1, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, r3, 0x7, 0x810, 0xffffffffffffffff, 0x0)

19m46.669905878s ago: executing program 5 (id=359):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f0000000040)={0x1000200001fe0000, 0x1})
ioctl$KVM_SET_USER_MEMORY_REGION2(r4, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x6000, 0x2000, &(0x7f0000ffc000/0x2000)=nil, 0x100000000000000, r5})
close(r4)
close(r5)
r6 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x10010, r2, 0x0)
syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f0000000100)={0x0, 0x81})
r7 = eventfd2(0xd, 0x1)
close(r7)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
write$eventfd(r7, 0x0, 0x500)
write$eventfd(r7, &(0x7f0000000000), 0x8)

19m19.722596478s ago: executing program 5 (id=360):
r0 = syz_kvm_add_vcpu$arm64(0x0, 0x0, &(0x7f0000000840)=[@featur1={0x1, 0xc7}], 0x1) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, r0, 0x0) (async)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r5 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) (async)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r7 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) (async)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x3000)=nil, r13, 0x1, 0x12, r9, 0x0) (async)
r14 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) (async)
r15 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, r13, 0xe, 0x80010, r9, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, r15, 0x1000001, 0x12, r9, 0x0) (async)
r16 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r16, 0x3, 0x11, r8, 0x0)
mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r16, 0x3, 0x11, r14, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
r17 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r18 = syz_kvm_setup_syzos_vm$arm64(r17, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r18, &(0x7f00000000c0)={0x0, &(0x7f0000000140)=[@mrs={0xbe, 0x18, {0x603000000013e092}}, @svc={0x122, 0x40, {0x8400000c, [0x80, 0x8001, 0x7, 0x24, 0xf2]}}], 0x58}, 0x0, 0x0)

18m59.125143973s ago: executing program 5 (id=361):
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x25)
r1 = ioctl$KVM_CREATE_GUEST_MEMFD(0xffffffffffffffff, 0xc040aed4, &(0x7f0000000000)={0xd3, 0x7})
ioctl$KVM_SET_USER_MEMORY_REGION2(r0, 0x40a0ae49, &(0x7f0000000040)={0x12712, 0x4, 0x1000, 0x2000, &(0x7f00009c8000/0x2000)=nil, 0x0, r1})
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e1d000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2000003, 0x2013, r5, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000007000/0x2000)=nil, r6, 0x3000003, 0x2011, r5, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000864000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)

18m39.599986362s ago: executing program 5 (id=362):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="04198bd844c9e8a7b82d748f0f0244293d28bd9400bfc2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c3ad3c9952305abf0", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)

17m50.508943956s ago: executing program 37 (id=362):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="04198bd844c9e8a7b82d748f0f0244293d28bd9400bfc2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c3ad3c9952305abf0", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)

2m59.194535046s ago: executing program 7 (id=385):
r0 = openat$kvm(0x0, &(0x7f0000000340), 0x4000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
r4 = ioctl$KVM_CREATE_GUEST_MEMFD(r3, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2000003, 0x12, r4, 0x200001fe0000)
ioctl$KVM_CAP_ARM_USER_IRQ(r1, 0x4068aea3, &(0x7f0000000240))
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x3f)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x2e)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x603000000010001a, &(0x7f00000000c0)=0x11})
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4040aea0, &(0x7f0000000080)=@arm64={0x67, 0x5, 0x4, '\x00', 0xff})
r10 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c65d, 0xfffdffffc1af0ec0}}], 0x20}, 0x0, 0xffffffffffffff92)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_PTP_KVM(r13, 0x4068aea3, &(0x7f00000002c0))
syz_kvm_vgic_v3_setup(r6, 0x3, 0xa0)
ioctl$KVM_ARM_VCPU_INIT(r11, 0x4020aeae, &(0x7f0000000000)={0x5, 0x2})
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
r16 = ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r15, r16, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r16, 0x4010aeac, &(0x7f00000002c0)=@arm64_sys={0x603000000013df02, 0x0})

2m48.843213939s ago: executing program 6 (id=386):
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x300, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x28)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x20)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r2, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x11, r3, 0x40000)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r5, 0x800454cf, 0x200000000000000)

2m30.969204761s ago: executing program 6 (id=387):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xe)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x33)
r3 = ioctl$KVM_GET_STATS_FD_vm(r2, 0xaece)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000040)=@other={0x5, &(0x7f0000000000)=0x1})
ioctl$KVM_CLEAR_DIRTY_LOG(r3, 0xc018aec0, &(0x7f0000000480)={0x10000, 0x240, 0xc0, &(0x7f0000000080)=[0xfb1, 0x1000, 0x8, 0x5, 0x4, 0x0, 0x8, 0x3, 0x8, 0xfffffffffffffff7, 0x3, 0x5, 0xa, 0x7, 0x0, 0x7ff, 0x0, 0x4, 0x2, 0x7, 0x9, 0x84, 0x7, 0x9, 0xf, 0x0, 0xa, 0x2, 0x3, 0x6, 0x8, 0x5, 0xe053, 0x9, 0x8, 0xfff, 0x81, 0x5, 0x1, 0xd, 0x8, 0x4, 0x1, 0xfff, 0x6, 0x3, 0x8001, 0x80, 0x7, 0x1e7a56bb, 0x9, 0x7, 0xea5, 0xd, 0x5, 0x5, 0x6, 0xfffffffffffffff9, 0x1, 0x9, 0xc983, 0x10000, 0x8000000000000001, 0x1, 0xa8, 0xc, 0x5, 0x0, 0x7, 0x7, 0x3, 0x1, 0x5, 0x7, 0x3, 0xe4, 0x8000000000000001, 0x8, 0x2, 0x0, 0x6, 0x2, 0x1000, 0x400, 0xb4a9, 0x6, 0x7fff, 0x408, 0x7d35, 0x5, 0x2, 0xffffffffffff9bae, 0x7, 0xef, 0x100000000, 0xd7, 0x2, 0xa, 0x3, 0x2c, 0x4, 0x9fb, 0x810000000, 0x1, 0x3, 0x7, 0x7, 0x5f, 0xffffffffffff0001, 0x3, 0x80000001, 0x3, 0x4, 0x4, 0x5, 0x7, 0x8, 0x3, 0x7fffffffffffffff, 0x666, 0xfffffffffffffffc, 0x1, 0x2, 0x9, 0x9, 0x5, 0x8, 0xfffffffffffff800]})
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_cpu$arm64(r2, r4, &(0x7f000098e000/0x400000)=nil, &(0x7f00000006c0)=[{0x0, &(0x7f00000004c0)=[@smc={0x1e, 0x40, {0xc4000053, [0x7, 0x400, 0xcc, 0x4, 0x9]}}, @svc={0x122, 0x40, {0x84000003, [0x8, 0x7, 0x8, 0xd, 0x3]}}, @hvc={0x32, 0x40, {0xc4000005, [0xfffffffffffffff7, 0x4, 0x6, 0x8, 0x9]}}, @mrs={0xbe, 0x18, {0x603000000013e708}}, @hvc={0x32, 0x40, {0x8600ff01, [0x7, 0x6, 0x3, 0x8000000000000001, 0x7]}}, @mrs={0xbe, 0x18, {0x603000000013f300}}, @irq_setup={0x46, 0x18, {0x2, 0x1}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x351}}, @irq_setup={0x46, 0x18, {0x0, 0x15c}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x100, 0x101}}, @msr={0x14, 0x20, {0x603000000013c4ca, 0x4}}], 0x1d8}], 0x1, 0x0, &(0x7f0000000700)=[@featur1={0x1, 0x85}], 0x1)
r5 = ioctl$KVM_GET_STATS_FD_cpu(r1, 0xaece)
r6 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000d80)=[{0x0, &(0x7f0000000740)=[@msr={0x14, 0x20, {0x603000000013deb8}}, @eret={0xe6, 0x18, 0x900000000}, @eret={0xe6, 0x18}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x6000, 0xfffffffffffffff8, 0xc}}, @eret={0xe6, 0x18, 0xfffffffffffffff7}, @code={0xa, 0x9c, {"000008d5403f91d20080b8f2810080d2820180d2430080d2640080d2020000d4007008d50000591e606587d200a0b0f2610180d2020180d2e30080d2240180d2020000d4801c9ad200a0b0f2010180d2c20080d2e30080d2c40080d2020000d4008008d5a02087d200c0b0f2810180d2420080d2e30080d2440180d2020000d4000028d50000249e"}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x2, 0xc, 0xfffffff0, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x1, 0x10, 0x7, 0x8, 0x4}}, @msr={0x14, 0x20, {0x603000000013f682, 0x2}}, @mrs={0xbe, 0x18, {0x47e3}}, @eret={0xe6, 0x18, 0xffff}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x5e}}, @eret={0xe6, 0x18, 0x1}, @smc={0x1e, 0x40, {0x80000002, [0x401, 0x281, 0x8, 0x9, 0x100000000]}}, @hvc={0x32, 0x40, {0x80000001, [0x7afc, 0x1, 0x3ff800000000000, 0x37e5, 0x7]}}, @mrs={0xbe, 0x18, {0x603000000013e667}}, @smc={0x1e, 0x40, {0x84000051, [0x9, 0x3, 0x400, 0x3ff, 0x33]}}, @svc={0x122, 0x40, {0x84000002, [0xe58, 0x7, 0x8, 0x3, 0x100000001]}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x24c}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x0, 0x2, 0x0, 0xa105, 0x2}}, @eret={0xe6, 0x18, 0x7}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x1, 0x0, 0x6, 0x4, 0x1}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x6000, 0x6, 0xc}}, @hvc={0x32, 0x40, {0x84000010, [0x1, 0xfffffffffffffff7, 0x9, 0x8, 0x3e]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0xc00, 0x7}}, @code={0xa, 0xcc, {"20ae81d200c0b0f2c10180d2a20080d2630180d2240180d2020000d4205f92d200e0b0f2a10180d2020080d2e30180d2040080d2020000d4007008d5007008d5a0f59ed20000b0f2010080d2a20180d2a30080d2240080d2020000d400a4200d00a982d20000b0f2e10080d2420180d2e30080d2440080d2020000d40080000f606a95d20000b8f2c10080d2e20180d2630180d2840080d2020000d4c0e094d20080b0f2210180d2820180d2030080d2440180d2020000d4"}}, @irq_setup={0x46, 0x18, {0x4, 0x362}}, @svc={0x122, 0x40, {0x84000012, [0x7, 0x3ff, 0x8, 0x29b, 0x1]}}, @msr={0x14, 0x20, {0x603000000013da28, 0xe}}, @hvc={0x32, 0x40, {0x84000012, [0x4, 0x800, 0xb, 0x4, 0x5]}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0x8}}, @eret={0xe6, 0x18, 0x8980}], 0x620}], 0x1, 0x0, &(0x7f0000000dc0)=[@featur1={0x1, 0x20}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r0, 0x4018aee1, &(0x7f0000000e00)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x100000000})
ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, &(0x7f0000000e40)={0x2, 0x2})
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r4, 0x4018aee3, &(0x7f0000000ec0)=@attr_other={0x0, 0xff, 0x5, &(0x7f0000000e80)=0x271})
ioctl$KVM_SET_SIGNAL_MASK(r3, 0x4004ae8b, &(0x7f0000000f00)={0x2d, "ace936fb2f5d795e17c9f536769075ea9ec5f78831727de8d00bda6a78d84d73471f4202abd294b684d30347bd"})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
syz_kvm_setup_cpu$arm64(r0, r1, &(0x7f0000c00000/0x400000)=nil, &(0x7f00000011c0)=[{0x0, &(0x7f0000000f40)=[@memwrite={0x6e, 0x30, @generic={0x1000, 0x5cc, 0x3, 0x3}}, @mrs={0xbe, 0x18, {0x603000000013df79}}, @smc={0x1e, 0x40, {0x84000003, [0xfffffffffffffff9, 0xffffffffffffffff, 0xfffffffffffffffc, 0x5, 0x1a1]}}, @msr={0x14, 0x20, {0x60300000001380a4, 0x800}}, @msr={0x14, 0x20, {0x603000000013f510, 0x101}}, @mrs={0xbe, 0x18, {0x6030000000138054}}, @hvc={0x32, 0x40, {0x800, [0xcbe, 0x200, 0x3, 0x8, 0x2]}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x93}}, @svc={0x122, 0x40, {0x8400000f, [0x3, 0x5, 0x3e5b, 0x2, 0x2]}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x3, 0xa, 0x1, 0x7fffffff, 0x1}}, @svc={0x122, 0x40, {0x80000001, [0x6, 0x3, 0x0, 0x60000000000, 0x1]}}, @svc={0x122, 0x40, {0xc4000029, [0x0, 0x1, 0x9, 0x9]}}, @hvc={0x32, 0x40, {0x84000009, [0x7fffffff, 0xff, 0x7, 0x4, 0xfc]}}], 0x270}], 0x1, 0x0, &(0x7f0000001200)=[@featur2={0x1, 0x1a0}], 0x1)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000001280)=@riscv64_core={0x4018000000100015, &(0x7f0000001240)=0x80})
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_SET_REGS(r7, 0x4360ae82, &(0x7f00000012c0)={[0x7f, 0x10001, 0x81, 0x2, 0x0, 0x0, 0x1c4, 0x4, 0x24aa, 0x9, 0x5, 0x8, 0x1ff, 0x8000000000000001, 0x7, 0x70], 0xffffffff, 0x18004a})
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000001380)={0x4, 0xfec00000, 0x0, r6, 0xc})
ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f00000013c0)={0x80, 0x30000, 0x2, 0xffffffffffffffff, 0x6})
r8 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0xc)
ioctl$KVM_IRQ_LINE(r8, 0x4008ae61, &(0x7f0000001400)={0x6, 0x5})
r9 = ioctl$KVM_GET_STATS_FD_cpu(r5, 0xaece)
ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f0000001440)={0x7fffffffffffffff, 0xdddd0000, 0x4, r5, 0x9})
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000001480)=@x86={0x7, 0x9, 0x9, 0x0, 0x5, 0x35, 0x3, 0x7, 0x3, 0x1, 0x40, 0x3, 0x0, 0xfffffff7, 0x7, 0x7, 0x1c, 0x3, 0x2, '\x00', 0x3, 0x9})
r10 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x28)
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000a4e000/0x400000)=nil)

2m21.080843536s ago: executing program 7 (id=388):
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x664c)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000200)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000000)=@arm64_fw={0x6030000000140002, 0xfffffffffffffffe})
r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x6, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x0, 0x10000, 0x0, 0x100, 0x2}}], 0x50}, 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0x1, 0x2012, r10, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
mmap$KVM_VCPU(&(0x7f00005e1000/0x3000)=nil, r12, 0x2000009, 0x213011, r10, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x3, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r13=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)

2m13.429112234s ago: executing program 6 (id=389):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0x801c581f, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bc2000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000040)="68d3d4a6759ba655d47872b6bf881ba5dbca1c84a0779749", 0x0, 0x18)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x3)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r6, 0x4068aea3, &(0x7f0000000080)={0xdf, 0x0, 0x3000})
ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000140)={0xc, 0xfff9, 0x1}})

1m56.385937668s ago: executing program 7 (id=390):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb0149dd833be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8faa767969d22627e700", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
r4 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
r11 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000a, 0x11, r10, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000380)="f30149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a3ff7fbc51869be2e2e0000000000000f000000000000000001000000000000000000000000000e00", 0x0, 0x34) (async)
openat$kvm(0x0, 0x0, 0x0, 0x0) (async)
close(0xffffffffffffffff) (async, rerun: 64)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0) (async, rerun: 64)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x22c2c0, 0x0) (async)
ioctl$KVM_CREATE_VM(r7, 0x401054d5, 0x800000110c230021) (async, rerun: 32)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) (async, rerun: 32)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000000)=@arm64_sys={0x603000000013c038, 0x0}) (async, rerun: 64)
ioctl$KVM_CREATE_VM(r4, 0x401c5820, 0x20000007) (rerun: 64)

1m46.039328831s ago: executing program 6 (id=391):
r0 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r1 = mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, r0, 0xe, 0x1012, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000000)="9424176fdc4e56dcf9f376d2fcbf097e11276014dad26095626d38ddb54b9dc3e56ca612f93cbc67d4ad34cd2eced818c9e6e3ce16b722d47366c3368ad0cb2235306078ed795bb3", 0x0, 0x48)
r2 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
close(r2)
r3 = mmap$KVM_VCPU(&(0x7f0000ffc000/0x1000)=nil, 0x0, 0x100000e, 0x4010, r2, 0x0)
r4 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r4, 0x4068aea3, &(0x7f0000000080))
syz_memcpy_off$KVM_EXIT_MMIO(r1, 0x20, &(0x7f0000000100)="be8297a99a0dd144ff1b7438aee3a5e26ac3812d91a7d074", 0x0, 0x18)
syz_memcpy_off$KVM_EXIT_MMIO(r3, 0x20, &(0x7f0000000140)="3d15ef3528b8c2943bfde22c6f47b40b68709d1884bbbe3c", 0x0, 0x18)
r5 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000002c0)={0x0, &(0x7f0000000180)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x8, 0xe, 0x5}}, @msr={0x14, 0x20, {0x6030000000138035, 0xff}}, @smc={0x1e, 0x40, {0x84000007, [0x8, 0x7fffffff, 0x7fffffffffffffff, 0xa, 0xd4d2]}}, @smc={0x1e, 0x40, {0x84000001, [0x8, 0x7fff, 0x7ff, 0x1000, 0x6c7e]}}, @msr={0x14, 0x20, {0x603000000013c65d, 0xfff}}, @msr={0x14, 0x20, {0x603000000013e092, 0x5}}], 0x110}, &(0x7f0000000300)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_DIRTY_TLB(r5, 0x4010aeaa, &(0x7f0000000340)={0xb2d, 0x4})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000380)="9f29cd11e58858bfea4b73765dbab0040df33bd5ac905aa14b5d1ac9b24a4a29ca068cd1db81b80dd88fbe5c1e7ce480ea6db10af67b77c64298e5f00a88e06b0db7e4acefec77d6", 0x0, 0x48)
r6 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000800)={0x0, &(0x7f0000000400)=[@svc={0x122, 0x40, {0x3f000000, [0x1f7da97f, 0x5, 0x2, 0xfffffffffffffff9, 0xc0]}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x146}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x154}}, @msr={0x14, 0x20, {0x603000000013809c, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013e304}}, @eret={0xe6, 0x18, 0xffffffffffff0000}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x48, 0x0, 0x2}}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x18a}}, @code={0xa, 0xe4, {"008008d5204590d20000b8f2810080d2820180d2c30180d2440180d2020000d400b893d200c0b8f2e10180d2c20180d2e30080d2c40080d2020000d4801390d200c0b8f2c10080d2420180d2830180d2a40180d2020000d4802284d20080b0f2c10180d2620180d2430080d2440080d2020000d400588ad200a0b0f2610080d2020180d2630180d2040180d2020000d400fd93d20060b0f2810080d2420080d2430180d2e40080d2020000d4000008d50004005fe06681d200c0b8f2010080d2c20080d2830080d2240180d2020000d4"}}, @msr={0x14, 0x20, {0x0, 0x9}}, @msr={0x14, 0x20, {0x603000000013e08b, 0x3}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe0, 0xffff, 0xf}}, @eret={0xe6, 0x18, 0x4}, @eret={0xe6, 0x18, 0x14}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x24d}}, @uexit={0x0, 0x18, 0x80}, @smc={0x1e, 0x40, {0x84000004, [0x7, 0x80, 0x8000, 0x8, 0x6]}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x297}}, @hvc={0x32, 0x40, {0x2, [0xac, 0x1, 0x80000001, 0x9, 0x81]}}, @its_setup={0x82, 0x28, {0x4, 0x3, 0x12e}}], 0x3cc}, &(0x7f0000000840)=[@featur1={0x1, 0x4}], 0x1)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000880), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x2c)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f00000008c0)={0x1ff, 0x7, 0x80a4000, 0x2000, &(0x7f0000eac000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1f)
ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f0000000900)={0xf000})
r10 = eventfd2(0x1, 0x80000)
write$eventfd(r10, &(0x7f0000000940)=0x8, 0x8)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000980)="fc61e2b0573370428d9514571ba85b93cc4f012b5dfc770e96b32cc712a83d7866de2786902e27a6b90b2c1cea92974b3c92ecabdfc20610776b66b1c2e8c7c86757fce533373999", 0x0, 0x48)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000a00), 0x20801, 0x0)
ioctl$KVM_SIGNAL_MSI(r4, 0x4020aea5, &(0x7f0000000a40)={0x9000, 0x54000, 0x401, 0x0, 0xffffffff})
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000a80)="64a2ffc86ecaf0d805408f9cc4ea86897e3bd3c070d30ea2", 0x0, 0x18)
ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000000ac0)=0xffff)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x24)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1m31.382999212s ago: executing program 7 (id=392):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3f)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000080)={0x5})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000140)={0x0, &(0x7f0000000040)=[@msr={0x14, 0x20, {0x603000000013df7f, 0x8000}}], 0x20}, &(0x7f0000000280)=[@featur2={0x1, 0x60}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r4, 0x4018aee2, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0xc3})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1m18.052744499s ago: executing program 6 (id=393):
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000040)={0x0, &(0x7f0000000200)=[@msr={0x14, 0x20, {0x603000000013df63}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x96599ce29b54eb53, 0x9}}, @uexit={0x0, 0x18, 0x9}, @msr={0x14, 0x20, {0x603000000013e219, 0x7fffffff}}, @svc={0x122, 0x40, {0x8400000f, [0xcb08, 0x6, 0x4, 0xd, 0x5]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x90, 0x0, 0x7}}, @eret={0xe6, 0x18}, @hvc={0x32, 0x40, {0x84000010, [0x1c0, 0xb, 0x4, 0x244c, 0x5]}}, @mrs={0xbe, 0x18, {0x603000000013c529}}, @hvc={0x32, 0x40, {0x200, [0x9, 0x8, 0x7ff, 0x8, 0x8001]}}, @hvc={0x32, 0x40, {0x8600ff01, [0x4, 0xffffffff, 0xfffffffffffffffc, 0x8, 0x7]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x48, 0xfb, 0xe}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x100, 0x1, 0x4}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffd0, 0x0, 0x8}}, @eret={0xe6, 0x18, 0xfa0a}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe8, 0x6a, 0x8}}, @code={0xa, 0x9c, {"203d9ed20020b0f2a10180d2420080d2030180d2640180d2020000d40040400c0000c0ac007008d5000040ac40268ad20080b8f2410080d2c20080d2630080d2e40180d2020000d4007008d5007008d5602d8dd200a0b0f2a10080d2020080d2630180d2440180d2020000d4a0f683d20080b0f2010080d2020180d2430080d2c40080d2020000d4"}}, @hvc={0x32, 0x40, {0x84000008, [0x80000001, 0x4, 0x9, 0x3ff, 0xfffffffffffffffd]}}, @svc={0x122, 0x40, {0x2000, [0x6, 0x98d4, 0xe, 0x3, 0x9]}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x4, 0x10, 0xfffffc01, 0x5, 0x3}}, @mrs={0xbe, 0x18, {0x6030000000138084}}, @msr={0x14, 0x20, {0x603000000013df1a, 0x10}}, @smc={0x1e, 0x40, {0x8400000f, [0x5, 0x1, 0x2, 0x4]}}, @svc={0x122, 0x40, {0x84000013, [0x9, 0x2, 0x6, 0x2, 0x200]}}], 0x4bc}, &(0x7f00000000c0)=[@featur2={0x1, 0x80}], 0x1)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x20000000)
write$eventfd(r1, &(0x7f0000000000), 0xfffffdef) (fail_nth: 54)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0x80111500, 0x20000000)
write$eventfd(r3, &(0x7f0000000040), 0x8)
ioctl$KVM_CREATE_GUEST_MEMFD(0xffffffffffffffff, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3})
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_vgic_v3_setup(r5, 0x2, 0x280)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)

1m11.746813136s ago: executing program 7 (id=394):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8})
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000001c0)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000240)={0x0, 0x1003, 0x1}})
ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, 0xfffffffffffffffe)

58.781053714s ago: executing program 6 (id=395):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x69)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce4, &(0x7f0000000040)=0x2}) (async)
ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, 0x0) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x21) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001}) (async)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0xa2)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x40305829, &(0x7f0000000040)=@attr_arm64={0x0, 0x7, 0x2, &(0x7f00000000c0)=0xfffffffffffffff7}) (async)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013c00b}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)

51.534315415s ago: executing program 7 (id=396):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xfffffffffffffffd)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x1, 0x0, 0xffff1000, 0x2000, &(0x7f000000e000/0x2000)=nil}) (async)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f00000000c0)=@arm64_fw={0x6030000000140001, &(0x7f00000003c0)=0x6})
r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000001c0)="fb0149dd833be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8faa767969d22627e700", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) (async)
r8 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f0000000300)={0x7, 0x3})
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000240)={0x10200, 0x2, 0x0, 0x1000, &(0x7f000000b000/0x1000)=nil, 0x1, r8})
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) (async)
r9 = openat$kvm(0x0, &(0x7f0000000380), 0x200000, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r10, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9, 0x7, 0x3}}) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000000)=@arm64_sve={0x60800000001501b7, &(0x7f0000000180)=0x5}) (async)
r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x9) (async)
r13 = eventfd2(0x9, 0x80801) (async)
r14 = eventfd2(0x7, 0x0) (async)
r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
r17 = ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r17, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_GET_ONE_REG(r17, 0x4010aeab, &(0x7f00000002c0)=@arm64_fp_extra={0x60200000001000d4, &(0x7f0000000280)=0x7fffffff}) (async)
ioctl$KVM_IRQFD(r12, 0x4020ae76, &(0x7f0000000340)={r13, 0x9, 0x0, r14})

10.847384256s ago: executing program 38 (id=395):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x69)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce4, &(0x7f0000000040)=0x2}) (async)
ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, 0x0) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x21) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001}) (async)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0xa2)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x40305829, &(0x7f0000000040)=@attr_arm64={0x0, 0x7, 0x2, &(0x7f00000000c0)=0xfffffffffffffff7}) (async)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013c00b}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)

0s ago: executing program 39 (id=396):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xfffffffffffffffd)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x1, 0x0, 0xffff1000, 0x2000, &(0x7f000000e000/0x2000)=nil}) (async)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f00000000c0)=@arm64_fw={0x6030000000140001, &(0x7f00000003c0)=0x6})
r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000001c0)="fb0149dd833be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8faa767969d22627e700", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) (async)
r8 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f0000000300)={0x7, 0x3})
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000240)={0x10200, 0x2, 0x0, 0x1000, &(0x7f000000b000/0x1000)=nil, 0x1, r8})
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) (async)
r9 = openat$kvm(0x0, &(0x7f0000000380), 0x200000, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r10, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9, 0x7, 0x3}}) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000000)=@arm64_sve={0x60800000001501b7, &(0x7f0000000180)=0x5}) (async)
r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x9) (async)
r13 = eventfd2(0x9, 0x80801) (async)
r14 = eventfd2(0x7, 0x0) (async)
r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
r17 = ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r17, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_GET_ONE_REG(r17, 0x4010aeab, &(0x7f00000002c0)=@arm64_fp_extra={0x60200000001000d4, &(0x7f0000000280)=0x7fffffff}) (async)
ioctl$KVM_IRQFD(r12, 0x4020ae76, &(0x7f0000000340)={r13, 0x9, 0x0, r14})

kernel console output (not intermixed with test programs):

[  414.232148][ T3170] 8021q: adding VLAN 0 to HW filter on device bond0
[  464.935962][ T3170] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:59403' (ED25519) to the list of known hosts.
[  646.640154][   T25] audit: type=1400 audit(645.840:61): avc:  denied  { name_bind } for  pid=3329 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  648.498428][   T25] audit: type=1400 audit(647.700:62): avc:  denied  { execute } for  pid=3330 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  648.538823][   T25] audit: type=1400 audit(647.720:63): avc:  denied  { execute_no_trans } for  pid=3330 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  673.493824][   T25] audit: type=1400 audit(672.700:64): avc:  denied  { mounton } for  pid=3330 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  673.538863][   T25] audit: type=1400 audit(672.740:65): avc:  denied  { mount } for  pid=3330 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  673.628428][ T3330] cgroup: Unknown subsys name 'net'
[  673.702871][   T25] audit: type=1400 audit(672.910:66): avc:  denied  { unmount } for  pid=3330 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  674.219257][ T3330] cgroup: Unknown subsys name 'cpuset'
[  674.363915][ T3330] cgroup: Unknown subsys name 'rlimit'
[  675.359511][   T25] audit: type=1400 audit(674.560:67): avc:  denied  { setattr } for  pid=3330 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  675.378612][   T25] audit: type=1400 audit(674.580:68): avc:  denied  { mounton } for  pid=3330 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  675.404607][   T25] audit: type=1400 audit(674.610:69): avc:  denied  { mount } for  pid=3330 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  676.501070][ T3334] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  676.521577][   T25] audit: type=1400 audit(675.720:70): avc:  denied  { relabelto } for  pid=3334 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  676.541976][   T25] audit: type=1400 audit(675.750:71): avc:  denied  { write } for  pid=3334 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  676.741308][   T25] audit: type=1400 audit(675.940:72): avc:  denied  { read } for  pid=3330 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  676.765571][   T25] audit: type=1400 audit(675.960:73): avc:  denied  { open } for  pid=3330 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  676.809986][ T3330] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  735.602690][   T25] audit: type=1400 audit(734.810:74): avc:  denied  { execmem } for  pid=3335 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  739.497590][   T25] audit: type=1400 audit(738.700:76): avc:  denied  { open } for  pid=3337 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  739.509526][   T25] audit: type=1400 audit(738.690:75): avc:  denied  { read } for  pid=3338 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  739.587780][   T25] audit: type=1400 audit(738.780:77): avc:  denied  { mounton } for  pid=3337 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  739.815549][   T25] audit: type=1400 audit(739.020:78): avc:  denied  { module_request } for  pid=3337 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  739.834665][   T25] audit: type=1400 audit(739.040:79): avc:  denied  { module_request } for  pid=3338 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  740.903020][   T25] audit: type=1400 audit(740.110:80): avc:  denied  { sys_module } for  pid=3338 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  766.790625][ T3338] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  766.999338][ T3337] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  767.191486][ T3338] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  767.300967][ T3337] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  783.280897][ T3338] hsr_slave_0: entered promiscuous mode
[  783.310960][ T3338] hsr_slave_1: entered promiscuous mode
[  784.182764][ T3337] hsr_slave_0: entered promiscuous mode
[  784.215583][ T3337] hsr_slave_1: entered promiscuous mode
[  784.248268][ T3337] debugfs: 'hsr0' already exists in 'hsr'
[  784.257811][ T3337] Cannot create hsr debugfs directory
[  790.508634][   T25] audit: type=1400 audit(789.710:81): avc:  denied  { create } for  pid=3338 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  790.589432][   T25] audit: type=1400 audit(789.750:82): avc:  denied  { write } for  pid=3338 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  790.652835][   T25] audit: type=1400 audit(789.790:83): avc:  denied  { read } for  pid=3338 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  790.795633][ T3338] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  791.132701][ T3338] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  791.405065][ T3338] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  791.975025][ T3338] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  793.714221][ T3337] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  793.874426][ T3337] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  794.069790][ T3337] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  794.262461][ T3337] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  807.194227][ T3338] 8021q: adding VLAN 0 to HW filter on device bond0
[  810.235978][ T3337] 8021q: adding VLAN 0 to HW filter on device bond0
[  867.782939][ T3338] veth0_vlan: entered promiscuous mode
[  868.455106][ T3338] veth1_vlan: entered promiscuous mode
[  870.660408][ T3338] veth0_macvtap: entered promiscuous mode
[  871.113546][ T3338] veth1_macvtap: entered promiscuous mode
[  871.354685][ T3337] veth0_vlan: entered promiscuous mode
[  872.370183][ T3337] veth1_vlan: entered promiscuous mode
[  873.880670][   T21] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  873.923592][   T21] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  873.950918][   T21] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  873.968923][   T21] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  875.945799][ T3337] veth0_macvtap: entered promiscuous mode
[  876.721016][ T3337] veth1_macvtap: entered promiscuous mode
[  876.885597][   T25] audit: type=1400 audit(876.090:84): avc:  denied  { mount } for  pid=3338 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  877.231783][   T25] audit: type=1400 audit(876.400:85): avc:  denied  { mounton } for  pid=3338 comm="syz-executor" path="/syzkaller.6DeTjC/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  877.409424][   T25] audit: type=1400 audit(876.610:86): avc:  denied  { mount } for  pid=3338 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  877.682549][   T25] audit: type=1400 audit(876.890:87): avc:  denied  { mounton } for  pid=3338 comm="syz-executor" path="/syzkaller.6DeTjC/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  877.795749][   T25] audit: type=1400 audit(877.000:88): avc:  denied  { mounton } for  pid=3338 comm="syz-executor" path="/syzkaller.6DeTjC/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3757 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  878.577863][   T25] audit: type=1400 audit(877.770:89): avc:  denied  { unmount } for  pid=3338 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  878.878318][   T25] audit: type=1400 audit(878.030:90): avc:  denied  { mounton } for  pid=3338 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  878.985628][   T25] audit: type=1400 audit(878.190:91): avc:  denied  { mount } for  pid=3338 comm="syz-executor" name="/" dev="gadgetfs" ino=3764 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  879.184172][ T3376] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  879.231640][ T3376] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  879.237697][ T3376] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  879.255987][ T3376] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  879.290413][   T25] audit: type=1400 audit(878.380:92): avc:  denied  { mount } for  pid=3338 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  879.404695][   T25] audit: type=1400 audit(878.580:93): avc:  denied  { mounton } for  pid=3338 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  881.125148][ T3338] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  882.540380][   T25] kauditd_printk_skb: 1 callbacks suppressed
[  882.588979][   T25] audit: type=1400 audit(881.740:95): avc:  denied  { read write } for  pid=3338 comm="syz-executor" name="loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  882.591390][   T25] audit: type=1400 audit(881.780:96): avc:  denied  { open } for  pid=3338 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  882.642282][   T25] audit: type=1400 audit(881.850:97): avc:  denied  { ioctl } for  pid=3338 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  897.648617][   T25] audit: type=1400 audit(896.850:98): avc:  denied  { read } for  pid=3489 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  897.797747][   T25] audit: type=1400 audit(896.880:99): avc:  denied  { open } for  pid=3489 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  897.842922][   T25] audit: type=1400 audit(897.050:100): avc:  denied  { ioctl } for  pid=3489 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  900.428046][   T25] audit: type=1400 audit(899.620:101): avc:  denied  { append } for  pid=3491 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  900.963618][   T25] audit: type=1400 audit(900.160:102): avc:  denied  { execute } for  pid=3489 comm="syz.0.1" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3888 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  919.805999][   T25] audit: type=1400 audit(919.010:103): avc:  denied  { write } for  pid=3503 comm="syz.1.5" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  987.701970][ T3545] kvm [3545]: Failed to find VMA for hva 0x20e51000
[ 1056.438401][   T25] audit: type=1400 audit(1055.590:104): avc:  denied  { create } for  pid=3591 comm="syz.0.30" anonclass=[kvm-gmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1339.878271][   T25] audit: type=1400 audit(1339.030:105): avc:  denied  { ioctl } for  pid=3763 comm="syz.1.77" path="net:[4026532624]" dev="nsfs" ino=4026532624 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1608.283104][   T43] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1609.428769][   T43] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1611.411774][   T43] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1612.752207][   T43] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1634.544362][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1634.643670][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1634.703866][   T43] bond0 (unregistering): Released all slaves
[ 1636.188785][   T43] hsr_slave_0: left promiscuous mode
[ 1636.241179][   T43] hsr_slave_1: left promiscuous mode
[ 1636.597568][   T43] veth1_macvtap: left promiscuous mode
[ 1636.608502][   T43] veth0_macvtap: left promiscuous mode
[ 1636.623037][   T43] veth1_vlan: left promiscuous mode
[ 1636.633375][   T43] veth0_vlan: left promiscuous mode
[ 1657.204191][   T43] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1658.169523][   T43] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1659.328001][   T43] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1660.691291][   T43] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1669.155410][ T3878] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1670.202349][ T3878] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1684.214642][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1684.461173][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1684.579579][   T43] bond0 (unregistering): Released all slaves
[ 1686.860083][   T43] hsr_slave_0: left promiscuous mode
[ 1686.920180][   T43] hsr_slave_1: left promiscuous mode
[ 1687.441687][   T43] veth1_macvtap: left promiscuous mode
[ 1687.462477][   T43] veth0_macvtap: left promiscuous mode
[ 1687.480068][   T43] veth1_vlan: left promiscuous mode
[ 1687.491686][   T43] veth0_vlan: left promiscuous mode
[ 1700.465693][ T3884] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1701.266037][ T3884] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1713.011131][ T3878] hsr_slave_0: entered promiscuous mode
[ 1713.102172][ T3878] hsr_slave_1: entered promiscuous mode
[ 1722.569704][ T3884] hsr_slave_0: entered promiscuous mode
[ 1722.619435][ T3884] hsr_slave_1: entered promiscuous mode
[ 1722.659333][ T3884] debugfs: 'hsr0' already exists in 'hsr'
[ 1722.662380][ T3884] Cannot create hsr debugfs directory
[ 1725.903538][ T3878] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1727.257662][ T3878] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1727.475087][ T3878] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1728.152303][ T3878] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1740.789538][ T3884] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1741.260600][ T3884] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1741.581115][ T3884] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1741.980787][ T3884] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1758.555331][ T3878] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1768.550412][ T3884] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1856.684019][ T3878] veth0_vlan: entered promiscuous mode
[ 1857.839931][ T3878] veth1_vlan: entered promiscuous mode
[ 1861.339694][ T3878] veth0_macvtap: entered promiscuous mode
[ 1862.074823][ T3878] veth1_macvtap: entered promiscuous mode
[ 1865.609872][ T3756] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1865.637417][ T3756] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1865.748291][ T3756] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1865.838617][ T3756] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1871.647323][   T25] audit: type=1400 audit(1870.850:106): avc:  denied  { unmount } for  pid=3878 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 1871.931183][ T3884] veth0_vlan: entered promiscuous mode
[ 1873.739584][ T3884] veth1_vlan: entered promiscuous mode
[ 1877.362793][ T3884] veth0_macvtap: entered promiscuous mode
[ 1878.054218][ T3884] veth1_macvtap: entered promiscuous mode
[ 1882.558472][   T21] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1882.568225][   T21] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1882.648281][   T52] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1882.660932][   T52] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1941.629482][ T4130] FAULT_INJECTION: forcing a failure.
[ 1941.629482][ T4130] name fail_usercopy, interval 1, probability 0, space 0, times 1
[ 1941.648866][ T4130] CPU: 0 UID: 0 PID: 4130 Comm: syz.2.118 Not tainted syzkaller #0 PREEMPT 
[ 1941.649547][ T4130] Hardware name: linux,dummy-virt (DT)
[ 1941.650009][ T4130] Call trace:
[ 1941.650415][ T4130]  show_stack+0x2c/0x3c (C)
[ 1941.652342][ T4130]  __dump_stack+0x30/0x40
[ 1941.652722][ T4130]  dump_stack_lvl+0xd8/0x12c
[ 1941.653020][ T4130]  dump_stack+0x1c/0x28
[ 1941.653336][ T4130]  should_fail_ex+0x56c/0x6d8
[ 1941.653557][ T4130]  should_fail+0x14/0x24
[ 1941.653762][ T4130]  should_fail_usercopy+0x20/0x30
[ 1941.653983][ T4130]  _copy_from_iter+0x1a0/0x1880
[ 1941.654303][ T4130]  copy_page_from_iter+0x218/0x300
[ 1941.654604][ T4130]  anon_pipe_write+0x95c/0x12a0
[ 1941.654818][ T4130]  vfs_write+0xa7c/0xb7c
[ 1941.655016][ T4130]  ksys_write+0x108/0x1fc
[ 1941.655226][ T4130]  __arm64_sys_write+0x98/0xcc
[ 1941.655475][ T4130]  invoke_syscall+0x90/0x230
[ 1941.655766][ T4130]  el0_svc_common+0x120/0x2f4
[ 1941.656046][ T4130]  do_el0_svc+0x58/0x74
[ 1941.656342][ T4130]  el0_svc+0x5c/0x238
[ 1941.656627][ T4130]  el0t_64_sync_handler+0x84/0x12c
[ 1941.656912][ T4130]  el0t_64_sync+0x198/0x19c
[ 2032.352856][ T4191] FAULT_INJECTION: forcing a failure.
[ 2032.352856][ T4191] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2032.353961][ T4191] CPU: 0 UID: 0 PID: 4191 Comm: syz.2.130 Not tainted syzkaller #0 PREEMPT 
[ 2032.354293][ T4191] Hardware name: linux,dummy-virt (DT)
[ 2032.354413][ T4191] Call trace:
[ 2032.354496][ T4191]  show_stack+0x2c/0x3c (C)
[ 2032.354840][ T4191]  __dump_stack+0x30/0x40
[ 2032.355135][ T4191]  dump_stack_lvl+0xd8/0x12c
[ 2032.355463][ T4191]  dump_stack+0x1c/0x28
[ 2032.355753][ T4191]  should_fail_ex+0x56c/0x6d8
[ 2032.355966][ T4191]  should_fail+0x14/0x24
[ 2032.356201][ T4191]  should_fail_usercopy+0x20/0x30
[ 2032.356434][ T4191]  _copy_from_iter+0x1a0/0x1880
[ 2032.356721][ T4191]  copy_page_from_iter+0x218/0x300
[ 2032.357010][ T4191]  anon_pipe_write+0x95c/0x12a0
[ 2032.357271][ T4191]  vfs_write+0xa7c/0xb7c
[ 2032.357489][ T4191]  ksys_write+0x108/0x1fc
[ 2032.357691][ T4191]  __arm64_sys_write+0x98/0xcc
[ 2032.357895][ T4191]  invoke_syscall+0x90/0x230
[ 2032.358186][ T4191]  el0_svc_common+0x120/0x2f4
[ 2032.358479][ T4191]  do_el0_svc+0x58/0x74
[ 2032.358748][ T4191]  el0_svc+0x5c/0x238
[ 2032.359030][ T4191]  el0t_64_sync_handler+0x84/0x12c
[ 2032.359339][ T4191]  el0t_64_sync+0x198/0x19c
[ 2076.014578][ T4215] FAULT_INJECTION: forcing a failure.
[ 2076.014578][ T4215] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 2076.068698][ T4215] CPU: 0 UID: 0 PID: 4215 Comm: syz.2.135 Not tainted syzkaller #0 PREEMPT 
[ 2076.069083][ T4215] Hardware name: linux,dummy-virt (DT)
[ 2076.069218][ T4215] Call trace:
[ 2076.069310][ T4215]  show_stack+0x2c/0x3c (C)
[ 2076.069670][ T4215]  __dump_stack+0x30/0x40
[ 2076.069962][ T4215]  dump_stack_lvl+0xd8/0x12c
[ 2076.070264][ T4215]  dump_stack+0x1c/0x28
[ 2076.070557][ T4215]  should_fail_ex+0x56c/0x6d8
[ 2076.070772][ T4215]  should_fail_alloc_page+0xd4/0xd8
[ 2076.071050][ T4215]  prepare_alloc_pages+0x234/0x628
[ 2076.071327][ T4215]  __alloc_frozen_pages_noprof+0xd8/0x2cc
[ 2076.071634][ T4215]  alloc_pages_mpol+0x204/0x4c4
[ 2076.071895][ T4215]  alloc_pages_noprof+0x104/0x2ec
[ 2076.072157][ T4215]  anon_pipe_write+0xdec/0x12a0
[ 2076.072393][ T4215]  vfs_write+0xa7c/0xb7c
[ 2076.072595][ T4215]  ksys_write+0x108/0x1fc
[ 2076.072794][ T4215]  __arm64_sys_write+0x98/0xcc
[ 2076.073030][ T4215]  invoke_syscall+0x90/0x230
[ 2076.073338][ T4215]  el0_svc_common+0x120/0x2f4
[ 2076.073615][ T4215]  do_el0_svc+0x58/0x74
[ 2076.073879][ T4215]  el0_svc+0x5c/0x238
[ 2076.074173][ T4215]  el0t_64_sync_handler+0x84/0x12c
[ 2076.074476][ T4215]  el0t_64_sync+0x198/0x19c
[ 2104.987354][   T25] audit: type=1400 audit(2104.080:107): avc:  denied  { setattr } for  pid=4228 comm="syz.3.138" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2536.909675][ T4467] KVM: debugfs: duplicate directory 4467-4
[ 2828.342576][   T25] audit: type=1400 audit(2827.550:108): avc:  denied  { map } for  pid=4612 comm="syz.2.229" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2828.363434][   T25] audit: type=1400 audit(2827.570:109): avc:  denied  { execute } for  pid=4612 comm="syz.2.229" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2907.215396][ T4651] FAULT_INJECTION: forcing a failure.
[ 2907.215396][ T4651] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2907.279479][ T4651] CPU: 0 UID: 0 PID: 4651 Comm: syz.2.237 Not tainted syzkaller #0 PREEMPT 
[ 2907.279872][ T4651] Hardware name: linux,dummy-virt (DT)
[ 2907.279981][ T4651] Call trace:
[ 2907.280062][ T4651]  show_stack+0x2c/0x3c (C)
[ 2907.280464][ T4651]  __dump_stack+0x30/0x40
[ 2907.280761][ T4651]  dump_stack_lvl+0xd8/0x12c
[ 2907.281043][ T4651]  dump_stack+0x1c/0x28
[ 2907.281349][ T4651]  should_fail_ex+0x56c/0x6d8
[ 2907.281568][ T4651]  should_fail+0x14/0x24
[ 2907.281770][ T4651]  should_fail_usercopy+0x20/0x30
[ 2907.281989][ T4651]  _copy_from_iter+0x1a0/0x1880
[ 2907.282304][ T4651]  copy_page_from_iter+0x218/0x300
[ 2907.282594][ T4651]  anon_pipe_write+0x95c/0x12a0
[ 2907.282806][ T4651]  vfs_write+0xa7c/0xb7c
[ 2907.283003][ T4651]  ksys_write+0x108/0x1fc
[ 2907.283220][ T4651]  __arm64_sys_write+0x98/0xcc
[ 2907.283452][ T4651]  invoke_syscall+0x90/0x230
[ 2907.283737][ T4651]  el0_svc_common+0x120/0x2f4
[ 2907.284012][ T4651]  do_el0_svc+0x58/0x74
[ 2907.284317][ T4651]  el0_svc+0x5c/0x238
[ 2907.284604][ T4651]  el0t_64_sync_handler+0x84/0x12c
[ 2907.284890][ T4651]  el0t_64_sync+0x198/0x19c
[ 2942.998590][ T4671] FAULT_INJECTION: forcing a failure.
[ 2942.998590][ T4671] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2942.999655][ T4671] CPU: 0 UID: 0 PID: 4671 Comm: syz.2.243 Not tainted syzkaller #0 PREEMPT 
[ 2942.999972][ T4671] Hardware name: linux,dummy-virt (DT)
[ 2943.000079][ T4671] Call trace:
[ 2943.000184][ T4671]  show_stack+0x2c/0x3c (C)
[ 2943.000537][ T4671]  __dump_stack+0x30/0x40
[ 2943.000824][ T4671]  dump_stack_lvl+0xd8/0x12c
[ 2943.001106][ T4671]  dump_stack+0x1c/0x28
[ 2943.001410][ T4671]  should_fail_ex+0x56c/0x6d8
[ 2943.001628][ T4671]  should_fail_alloc_page+0xd4/0xd8
[ 2943.001911][ T4671]  prepare_alloc_pages+0x234/0x628
[ 2943.002182][ T4671]  __alloc_frozen_pages_noprof+0xd8/0x2cc
[ 2943.002446][ T4671]  alloc_pages_mpol+0x204/0x4c4
[ 2943.002695][ T4671]  alloc_pages_noprof+0x104/0x2ec
[ 2943.002939][ T4671]  anon_pipe_write+0xdec/0x12a0
[ 2943.003167][ T4671]  vfs_write+0xa7c/0xb7c
[ 2943.003400][ T4671]  ksys_write+0x108/0x1fc
[ 2943.003614][ T4671]  __arm64_sys_write+0x98/0xcc
[ 2943.003822][ T4671]  invoke_syscall+0x90/0x230
[ 2943.004097][ T4671]  el0_svc_common+0x120/0x2f4
[ 2943.004410][ T4671]  do_el0_svc+0x58/0x74
[ 2943.004701][ T4671]  el0_svc+0x5c/0x238
[ 2943.004989][ T4671]  el0t_64_sync_handler+0x84/0x12c
[ 2943.005301][ T4671]  el0t_64_sync+0x198/0x19c
[ 3253.604829][   T25] audit: type=1400 audit(3252.800:110): avc:  denied  { map } for  pid=4828 comm="syz.3.286" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=20178 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 3253.788531][   T25] audit: type=1400 audit(3252.990:111): avc:  denied  { read } for  pid=4828 comm="syz.3.286" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=20178 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 3396.594177][ T4900] kvm [4899]: Unsupported guest access at: eeef0000
[ 3396.594177][ T4900]  { Op0( 2), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read },
[ 3700.085020][ T4982] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3700.385684][ T4982] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3709.634348][ T2140] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3711.234450][ T2140] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3712.824345][ T2140] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3713.409641][ T4986] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3713.831999][ T2140] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3714.452377][ T4986] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3735.785088][ T2140] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3736.108697][ T2140] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3736.270311][ T2140] bond0 (unregistering): Released all slaves
[ 3739.408490][ T2140] hsr_slave_0: left promiscuous mode
[ 3739.688241][ T2140] hsr_slave_1: left promiscuous mode
[ 3740.738518][ T2140] veth1_macvtap: left promiscuous mode
[ 3740.758228][ T2140] veth0_macvtap: left promiscuous mode
[ 3740.790809][ T2140] veth1_vlan: left promiscuous mode
[ 3740.792415][ T2140] veth0_vlan: left promiscuous mode
[ 3765.484616][ T4982] hsr_slave_0: entered promiscuous mode
[ 3765.561881][ T4982] hsr_slave_1: entered promiscuous mode
[ 3765.649284][ T4982] debugfs: 'hsr0' already exists in 'hsr'
[ 3765.655587][ T4982] Cannot create hsr debugfs directory
[ 3768.794214][ T4351] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3770.375672][ T4351] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3772.326020][ T4351] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3774.444940][ T4351] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3784.173701][ T4986] hsr_slave_0: entered promiscuous mode
[ 3784.255624][ T4986] hsr_slave_1: entered promiscuous mode
[ 3784.368796][ T4986] debugfs: 'hsr0' already exists in 'hsr'
[ 3784.371956][ T4986] Cannot create hsr debugfs directory
[ 3799.654989][ T4351] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3799.858781][ T4351] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3799.994750][ T4351] bond0 (unregistering): Released all slaves
[ 3801.260617][ T4351] hsr_slave_0: left promiscuous mode
[ 3801.318510][ T4351] hsr_slave_1: left promiscuous mode
[ 3801.572970][ T4351] veth1_macvtap: left promiscuous mode
[ 3801.584441][ T4351] veth0_macvtap: left promiscuous mode
[ 3801.594605][ T4351] veth1_vlan: left promiscuous mode
[ 3801.610080][ T4351] veth0_vlan: left promiscuous mode
[ 3823.315702][ T4982] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 3824.078720][ T4982] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 3825.070912][ T4982] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 3825.734913][ T4982] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 3832.129863][ T4986] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 3832.551182][ T4986] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 3833.020506][ T4986] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 3833.405475][ T4986] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 3858.989824][ T4982] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3867.463745][ T4986] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4001.263541][ T4982] veth0_vlan: entered promiscuous mode
[ 4002.371826][ T4982] veth1_vlan: entered promiscuous mode
[ 4005.979446][ T4982] veth0_macvtap: entered promiscuous mode
[ 4006.625039][ T4982] veth1_macvtap: entered promiscuous mode
[ 4009.721955][ T4986] veth0_vlan: entered promiscuous mode
[ 4011.872498][ T4986] veth1_vlan: entered promiscuous mode
[ 4012.481993][ T5032] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4012.500288][ T3756] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4012.513175][ T3756] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4012.618220][ T3756] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4019.023023][ T4986] veth0_macvtap: entered promiscuous mode
[ 4020.362747][ T4986] veth1_macvtap: entered promiscuous mode
[ 4025.677799][ T3756] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4025.788501][   T52] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4026.070841][ T3756] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4026.201204][ T3756] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4121.805367][ T3756] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4124.639009][ T3756] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4127.352730][ T3756] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4129.820436][ T3756] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4167.024867][ T3756] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4167.783326][ T3756] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4168.269363][ T3756] bond0 (unregistering): Released all slaves
[ 4171.275256][ T3756] hsr_slave_0: left promiscuous mode
[ 4171.557831][ T3756] hsr_slave_1: left promiscuous mode
[ 4172.877551][ T3756] veth1_macvtap: left promiscuous mode
[ 4172.881110][ T3756] veth0_macvtap: left promiscuous mode
[ 4172.909162][ T3756] veth1_vlan: left promiscuous mode
[ 4172.920355][ T3756] veth0_vlan: left promiscuous mode
[ 4302.270520][ T5323] FAULT_INJECTION: forcing a failure.
[ 4302.270520][ T5323] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 4302.324922][ T5323] CPU: 0 UID: 0 PID: 5323 Comm: syz.5.348 Not tainted syzkaller #0 PREEMPT 
[ 4302.325344][ T5323] Hardware name: linux,dummy-virt (DT)
[ 4302.325461][ T5323] Call trace:
[ 4302.325547][ T5323]  show_stack+0x2c/0x3c (C)
[ 4302.325898][ T5323]  __dump_stack+0x30/0x40
[ 4302.326244][ T5323]  dump_stack_lvl+0xd8/0x12c
[ 4302.326541][ T5323]  dump_stack+0x1c/0x28
[ 4302.326822][ T5323]  should_fail_ex+0x56c/0x6d8
[ 4302.327037][ T5323]  should_fail_alloc_page+0xd4/0xd8
[ 4302.327340][ T5323]  prepare_alloc_pages+0x234/0x628
[ 4302.327626][ T5323]  __alloc_frozen_pages_noprof+0xd8/0x2cc
[ 4302.327884][ T5323]  alloc_pages_mpol+0x204/0x4c4
[ 4302.328159][ T5323]  alloc_pages_noprof+0x104/0x2ec
[ 4302.328425][ T5323]  anon_pipe_write+0xdec/0x12a0
[ 4302.328644][ T5323]  vfs_write+0xa7c/0xb7c
[ 4302.328840][ T5323]  ksys_write+0x108/0x1fc
[ 4302.329037][ T5323]  __arm64_sys_write+0x98/0xcc
[ 4302.329265][ T5323]  invoke_syscall+0x90/0x230
[ 4302.329551][ T5323]  el0_svc_common+0x120/0x2f4
[ 4302.329829][ T5323]  do_el0_svc+0x58/0x74
[ 4302.330095][ T5323]  el0_svc+0x5c/0x238
[ 4302.330404][ T5323]  el0t_64_sync_handler+0x84/0x12c
[ 4302.330689][ T5323]  el0t_64_sync+0x198/0x19c
[ 4307.461514][ T5235] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4308.021741][ T5235] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4359.344102][ T5235] hsr_slave_0: entered promiscuous mode
[ 4359.582561][ T5235] hsr_slave_1: entered promiscuous mode
[ 4390.164070][ T5235] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 4390.904145][ T5235] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 4391.777461][ T5235] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 4392.818377][ T5235] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 4440.248164][ T5235] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4647.050692][ T5235] veth0_vlan: entered promiscuous mode
[ 4648.813542][ T5235] veth1_vlan: entered promiscuous mode
[ 4654.392374][ T5235] veth0_macvtap: entered promiscuous mode
[ 4658.012484][ T5235] veth1_macvtap: entered promiscuous mode
[ 4659.449964][ T5005] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4662.002048][ T5005] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4664.195025][ T5005] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4666.830521][ T5005] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4669.780230][ T5042] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4669.931290][ T5246] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4670.049882][ T5246] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4670.209685][ T5246] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4698.733170][ T5005] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4699.293809][ T5005] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4700.119707][ T5005] bond0 (unregistering): Released all slaves
[ 4703.319894][ T5005] hsr_slave_0: left promiscuous mode
[ 4703.497978][ T5005] hsr_slave_1: left promiscuous mode
[ 4704.678281][ T5005] veth1_macvtap: left promiscuous mode
[ 4704.708088][ T5005] veth0_macvtap: left promiscuous mode
[ 4704.735210][ T5005] veth1_vlan: left promiscuous mode
[ 4704.752108][ T5005] veth0_vlan: left promiscuous mode
[ 4752.022680][ T5005] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4755.039617][ T5005] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4757.334954][ T5005] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4759.511504][ T5005] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4786.493997][ T5005] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4786.651724][ T5005] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4786.781226][ T5005] bond0 (unregistering): Released all slaves
[ 4789.798980][ T5005] hsr_slave_0: left promiscuous mode
[ 4790.179007][ T5005] hsr_slave_1: left promiscuous mode
[ 4791.532116][ T5005] veth1_macvtap: left promiscuous mode
[ 4791.599777][ T5005] veth0_macvtap: left promiscuous mode
[ 4791.603605][ T5005] veth1_vlan: left promiscuous mode
[ 4791.625830][ T5005] veth0_vlan: left promiscuous mode
[ 4852.005763][ T5492] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4852.361977][ T5492] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4882.974238][ T5523] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4883.420993][ T5523] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4893.458378][ T5492] hsr_slave_0: entered promiscuous mode
[ 4893.561244][ T5492] hsr_slave_1: entered promiscuous mode
[ 4916.114369][ T5492] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 4916.628081][ T5492] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 4917.201851][ T5492] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 4917.963673][ T5492] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 4925.680011][ T5523] hsr_slave_0: entered promiscuous mode
[ 4925.774380][ T5523] hsr_slave_1: entered promiscuous mode
[ 4925.880823][ T5523] debugfs: 'hsr0' already exists in 'hsr'
[ 4925.890412][ T5523] Cannot create hsr debugfs directory
[ 4968.162032][ T5523] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 4968.870912][ T5523] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 4969.561352][ T5523] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 4970.138839][ T5523] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 4976.131816][ T5492] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5018.124412][ T5523] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5168.872486][ T5492] veth0_vlan: entered promiscuous mode
[ 5171.479880][ T5492] veth1_vlan: entered promiscuous mode
[ 5177.320105][ T5492] veth0_macvtap: entered promiscuous mode
[ 5178.201643][ T5492] veth1_macvtap: entered promiscuous mode
[ 5183.441846][ T3756] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5183.482895][ T5246] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5183.504310][ T5648] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5183.540892][ T5648] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5214.189106][ T5523] veth0_vlan: entered promiscuous mode
[ 5216.374446][ T5523] veth1_vlan: entered promiscuous mode
[ 5221.553809][ T5523] veth0_macvtap: entered promiscuous mode
[ 5222.539581][ T5523] veth1_macvtap: entered promiscuous mode
[ 5229.278813][ T5510] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5229.318307][ T3756] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5229.319237][ T3756] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5229.319977][ T3756] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5608.391675][ T5934] FAULT_INJECTION: forcing a failure.
[ 5608.391675][ T5934] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 5608.427855][ T5934] CPU: 0 UID: 0 PID: 5934 Comm: syz.6.393 Not tainted syzkaller #0 PREEMPT 
[ 5608.428273][ T5934] Hardware name: linux,dummy-virt (DT)
[ 5608.428396][ T5934] Call trace:
[ 5608.428480][ T5934]  show_stack+0x2c/0x3c (C)
[ 5608.428836][ T5934]  __dump_stack+0x30/0x40
[ 5608.429130][ T5934]  dump_stack_lvl+0xd8/0x12c
[ 5608.429446][ T5934]  dump_stack+0x1c/0x28
[ 5608.429730][ T5934]  should_fail_ex+0x56c/0x6d8
[ 5608.429949][ T5934]  should_fail+0x14/0x24
[ 5608.430161][ T5934]  should_fail_usercopy+0x20/0x30
[ 5608.430396][ T5934]  _copy_from_iter+0x1a0/0x1880
[ 5608.430692][ T5934]  copy_page_from_iter+0x218/0x300
[ 5608.430982][ T5934]  anon_pipe_write+0x95c/0x12a0
[ 5608.431210][ T5934]  vfs_write+0xa7c/0xb7c
[ 5608.431454][ T5934]  ksys_write+0x108/0x1fc
[ 5608.431676][ T5934]  __arm64_sys_write+0x98/0xcc
[ 5608.431883][ T5934]  invoke_syscall+0x90/0x230
[ 5608.432174][ T5934]  el0_svc_common+0x120/0x2f4
[ 5608.432472][ T5934]  do_el0_svc+0x58/0x74
[ 5608.432746][ T5934]  el0_svc+0x5c/0x238
[ 5608.433036][ T5934]  el0t_64_sync_handler+0x84/0x12c
[ 5608.433338][ T5934]  el0t_64_sync+0x198/0x19c
[ 5847.751510][ T5961] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5848.497730][ T5961] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5857.812260][ T5968] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5858.453591][ T5968] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5913.333422][ T5961] hsr_slave_0: entered promiscuous mode
[ 5913.535783][ T5961] hsr_slave_1: entered promiscuous mode
[ 5913.613727][ T5961] debugfs: 'hsr0' already exists in 'hsr'
[ 5913.728114][ T5961] Cannot create hsr debugfs directory
[ 5925.499582][ T5968] hsr_slave_0: entered promiscuous mode
[ 5925.632194][ T5968] hsr_slave_1: entered promiscuous mode
[ 5925.820988][ T5968] debugfs: 'hsr0' already exists in 'hsr'
[ 5925.831070][ T5968] Cannot create hsr debugfs directory
[ 5968.242948][ T5961] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 5970.287715][ T5961] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 5971.709458][ T5961] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 5972.782773][ T5961] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 5986.752143][ T5968] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 5987.654700][ T5968] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 5988.749764][ T5968] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 5990.073779][ T5968] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 6043.550998][ T5961] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6056.590641][ T5968] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6080.052510][   T27] INFO: task syz.7.396:5945 blocked for more than 430 seconds.
[ 6080.079692][   T27]       Not tainted syzkaller #0
[ 6080.097149][   T27]       Blocked by coredump.
[ 6080.097567][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 6080.098034][   T27] task:syz.7.396       state:D stack:0     pid:5945  tgid:5945  ppid:5492   task_flags:0x40004c flags:0x00000010
[ 6080.099204][   T27] Call trace:
[ 6080.099627][   T27]  __switch_to+0x584/0xb00 (T)
[ 6080.100234][   T27]  __schedule+0x200c/0x3428
[ 6080.100695][   T27]  schedule+0xac/0x27c
[ 6080.101120][   T27]  schedule_timeout+0x68/0x1ec
[ 6080.101616][   T27]  do_wait_for_common+0x28c/0x440
[ 6080.102067][   T27]  wait_for_completion+0x44/0x5c
[ 6080.102545][   T27]  __synchronize_srcu+0x2a4/0x320
[ 6080.103034][   T27]  synchronize_srcu+0x3d0/0x4f8
[ 6080.103576][   T27]  __mmu_notifier_release+0x424/0x614
[ 6080.104541][   T27]  exit_mmap+0xbc/0xb8c
[ 6080.105049][   T27]  __mmput+0x10c/0x528
[ 6080.105574][   T27]  mmput+0x70/0xa8
[ 6080.314902][   T27]  exit_mm+0x158/0x248
[ 6080.342595][   T27]  do_exit+0x790/0x2378
[ 6080.343303][   T27]  do_group_exit+0x288/0x2ac
[ 6080.343854][   T27]  __arm64_sys_exit_group+0x40/0x48
[ 6080.344380][   T27]  invoke_syscall+0x90/0x230
[ 6080.344875][   T27]  el0_svc_common+0x120/0x2f4
[ 6080.345376][   T27]  do_el0_svc+0x58/0x74
[ 6080.345842][   T27]  el0_svc+0x5c/0x238
[ 6080.428698][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 6080.457533][   T27]  el0t_64_sync+0x198/0x19c
SYZFAIL: failed to recv rpc
[ 6080.489525][   T27] 
[ 6080.489525][   T27] Showing all locks held in the system:
[ 6080.537860][   T27] 1 lock held by khungtaskd/27:
[ 6080.538430][   T27]  #0: ffff800087a86d08 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x0/0x44
[ 6080.541017][   T27] 3 locks held by kworker/u4:3/43:
[ 6080.541533][   T27] 2 locks held by getty/3199:
[ 6080.541882][   T27]  #0: d4f00000122f28a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 6080.543654][   T27]  #1: 58ff80008c80b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x308/0x1234
[ 6080.545409][   T27] 3 locks held by kworker/u4:4/3384:
[ 6080.545734][   T27] 3 locks held by kworker/u4:8/3441:
[ 6080.703315][   T27] 3 locks held by kworker/u4:11/4090:
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 6080.729802][   T27] 3 locks held by kworker/u4:1/5005:
[ 6080.755867][   T27] 2 locks held by kworker/u4:12/5132:
[ 6080.791263][   T27]  #0: 3ef000000cc26948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a10
[ 6080.821258][   T27]  #1: ffff80008ea67c88 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a10
[ 6080.822972][   T27] 3 locks held by kworker/u4:0/5648:
[ 6080.823339][   T27] 2 locks held by kworker/u4:9/5681:
[ 6080.823692][   T27]  #0: 3ef000000cc26948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a10
[ 6080.825536][   T27]  #1: ffff80008f087c88 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a10
[ 6080.992956][   T27] 3 locks held by kworker/u4:6/5903:
[ 6080.993336][   T27] 2 locks held by syz.6.395/5943:
[ 6080.993700][   T27] 3 locks held by kworker/u4:14/6084:
[ 6080.994019][   T27] 1 lock held by modprobe/6118:
[ 6080.994352][   T27] 1 lock held by modprobe/6119:
[ 6081.090311][   T27] 
[ 6081.108071][   T27] =============================================
[ 6081.108071][   T27] 
[ 6081.109169][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[ 6081.113627][   T27] CPU: 0 UID: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT 
[ 6081.114817][   T27] Hardware name: linux,dummy-virt (DT)
[ 6081.115641][   T27] Call trace:
[ 6081.116339][   T27]  show_stack+0x2c/0x3c (C)
[ 6081.117331][   T27]  __dump_stack+0x30/0x40
[ 6081.118213][   T27]  dump_stack_lvl+0x30/0x12c
[ 6081.119114][   T27]  dump_stack+0x1c/0x28
[ 6081.120013][   T27]  vpanic+0x1d4/0x4e4
[ 6081.120790][   T27]  vpanic+0x0/0x4e4
[ 6081.121515][   T27]  hung_task_panic+0x0/0x2c
[ 6081.122359][   T27]  kthread+0x794/0x99c
[ 6081.123199][   T27]  ret_from_fork+0x10/0x20
[ 6081.125034][   T27] Kernel Offset: disabled
[ 6081.125739][   T27] CPU features: 0x0000000,001a3005,fbe327a1,057ffe1f
[ 6081.126813][   T27] Memory Limit: none
[ 6081.128994][   T27] Rebooting in 86400 seconds..