last executing test programs:

1h36m58.424513459s ago: executing program 1 (id=460):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000100)={0x2})
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r4, r5, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f0000000080)={0x5, 0x2})
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013c038, &(0x7f0000000200)=0x3})
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0xb, 0x30d2a4fbfbfad6b8, 0xffffffffffffffff, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@hvc={0x32, 0x40, {0x80000001, [0xfffffffffffffde5, 0x3ff, 0x1, 0x4, 0x9]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000100)={0x2}) (async)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
syz_kvm_setup_cpu$arm64(r4, r5, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f0000000080)={0x5, 0x2}) (async)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013c038, &(0x7f0000000200)=0x3}) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0xb, 0x30d2a4fbfbfad6b8, 0xffffffffffffffff, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@hvc={0x32, 0x40, {0x80000001, [0xfffffffffffffde5, 0x3ff, 0x1, 0x4, 0x9]}}], 0x40}, 0x0, 0x0) (async)
ioctl$KVM_RUN(r7, 0xae80, 0x0) (async)

1h36m48.756702389s ago: executing program 1 (id=462):
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x429cb0c20ff9d1b7, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x1fffffff)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
ioctl$KVM_CREATE_DEVICE(r3, 0xc018aec0, &(0x7f00000000c0)={0x1})
ioctl$KVM_CREATE_VM(r1, 0x541b, 0x2004001f)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xcb)

1h36m47.739854661s ago: executing program 0 (id=463):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r1, 0x4068aea3, &(0x7f0000000100)={0xe4, 0x0, 0x7}) (async)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r1, 0x4068aea3, &(0x7f0000000100)={0xe4, 0x0, 0x7})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x1fd, 0x2, 0x8000000, 0x2000, &(0x7f0000ecf000/0x2000)=nil})
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)

1h36m41.857047841s ago: executing program 1 (id=464):
r0 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x28)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_ARM_MTE(r2, 0x4068aea3, &(0x7f0000000180)) (async)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000000000/0x400000)=nil) (async)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) (async)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f0000000000)=0xf4020000})

1h36m40.842964154s ago: executing program 0 (id=465):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8})
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000240)=@arm64_sys={0x603000000013dcea, &(0x7f0000000180)=0x10000008})
r7 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r3, 0x2, 0x12, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000180)="66ae48b21646fe8d3216e9dbe341f0e555d754c47f3d35e4b086d58410f63aead30f8902cfa325aec5fa4d54ef4006953bbb5697cdb0b09c13a661914f7721cbf98149362853d2ee", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000010000/0x4000)=nil, r3, 0x100000a, 0x12, r2, 0x0)

1h36m33.119716225s ago: executing program 1 (id=466):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x22)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0x801c581f, 0x0)
openat$kvm(0x0, &(0x7f0000000140), 0x88000, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c74000/0x3000)=nil, 0x0, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000bc2000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000040)="68d3d4a6759ba655d47872b6bf881ba5dbca1c84a0779749", 0x0, 0x18)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
r9 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
close(r9)
close(0x4)
close(0x5)

1h36m31.050458052s ago: executing program 0 (id=467):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x3, 0x1000, 0x40000000, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100)
r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r6, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1h36m19.376176925s ago: executing program 0 (id=468):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x9e) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x812) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
mmap$KVM_VCPU(&(0x7f0000e14000/0x3000)=nil, 0x0, 0x100000c, 0x11, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) (async)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x20010, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) (async)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x15) (async)
r2 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f00000001c0)=[@its_setup={0x82, 0x28, {0x0, 0x3, 0x35e}}, @code={0xa, 0x6c, {"000c403ce08897d20040b0f2010080d2620180d260de98d200e0b8f2a10080d2420080d2c30080d2640080d2020000d4e40080d2020000d4000008d5000008d500b4205e000008d5000000ab000008d5007008d50024000f"}}, @uexit={0x0, 0x18, 0x4}], 0xac}, 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x4100, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x28)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async)
r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0x7f)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r5, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000040)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)

1h36m11.956426295s ago: executing program 1 (id=469):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f000099b000/0x400000)=nil)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async, rerun: 32)
r5 = syz_kvm_vgic_v3_setup(r3, 0x3, 0xa0) (async, rerun: 32)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async, rerun: 32)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1}) (rerun: 32)
ioctl$KVM_CREATE_VM(r7, 0x401054d5, 0x110c230020)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x6, 0x4, &(0x7f0000000000)=0x4}) (async)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION2(r9, 0x40a0ae49, &(0x7f0000000740)={0x3, 0x4, 0xffff1000, 0x2000, &(0x7f0000e03000/0x2000)=nil, 0x7d3})
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0xfffffffffffffff8) (async, rerun: 64)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000080)=@x86={0x0, 0xfb, 0x3, 0x0, 0x10, 0x7, 0x6, 0xe, 0xf, 0x2, 0x6, 0xfd, 0x0, 0xc03, 0x8, 0x3, 0x10, 0x68, 0x0, '\x00', 0x87, 0xfffffffffffffffe}) (rerun: 64)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f00000001c0)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4})
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f00000000c0)={0x0, 0xd2f413ec6d38a0e4, 0xdddd0000, 0x1000, &(0x7f0000000000/0x1000)=nil}) (async, rerun: 32)
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000080)=0x8004000000000000}) (rerun: 32)
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0, 0xfffffffffffffdb0}, 0x0, 0x0) (async, rerun: 64)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) (rerun: 64)
ioctl$KVM_CHECK_EXTENSION(r12, 0xae03, 0x46) (async)
syz_kvm_vgic_v3_setup(r9, 0x2, 0x100)

1h36m10.744810181s ago: executing program 0 (id=470):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x3, 0x10000, 0x0, 0x6, 0x2}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x3, 0x10000, 0x0, 0x6, 0x2}}], 0x50}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8}) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)

1h36m3.954506145s ago: executing program 1 (id=471):
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r4=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r4, 0x400454cc, 0x1)
openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32) (async)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010003c, &(0x7f0000000140)=0x7})
ioctl$KVM_GET_REG_LIST(r7, 0xc008aeb0, &(0x7f0000000040)={0x3, [0x0, 0x200, 0x1]})
mmap$KVM_VCPU(&(0x7f0000ee7000/0x1000)=nil, r1, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)

1h36m0.80694405s ago: executing program 0 (id=472):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x3, 0x1000, 0x40000000, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100)
r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r6, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1h35m17.86673391s ago: executing program 32 (id=471):
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r4=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r4, 0x400454cc, 0x1)
openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32) (async)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010003c, &(0x7f0000000140)=0x7})
ioctl$KVM_GET_REG_LIST(r7, 0xc008aeb0, &(0x7f0000000040)={0x3, [0x0, 0x200, 0x1]})
mmap$KVM_VCPU(&(0x7f0000ee7000/0x1000)=nil, r1, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)

1h35m13.218155321s ago: executing program 33 (id=472):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x3, 0x1000, 0x40000000, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100)
r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r6, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

58m44.018903645s ago: executing program 3 (id=735):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r0, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xcd)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x100, 0x0)
close(0x3)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0xab)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0)
r7 = eventfd2(0x0, 0x0)
close(r7)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
write$eventfd(r7, &(0x7f00000001c0)=0x87, 0xffea)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r8, &(0x7f0000e8a000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0)

58m34.55533073s ago: executing program 3 (id=736):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
eventfd2(0x7, 0x800)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async)
r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x4, 0x220) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f0000000040)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000000)=0x1b}) (async)
ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

58m25.304313891s ago: executing program 3 (id=738):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f00000001c0), 0x200000, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x240000, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000180)={0x800, 0x4, 0x8, r4, 0x8})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000100)={0x4, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000200)=@attr_other={0x0, 0x9, 0xee9, &(0x7f0000000240)=0x7})
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r2, 0x4068aea3, &(0x7f0000000040)={0xe4, 0x0, 0x1000})
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000a89000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x2, 0xdddd0000, 0x2000, &(0x7f000000a000/0x2000)=nil})
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r2, 0x4068aea3, &(0x7f0000000100)={0xe4, 0x0, 0x80})
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = mmap$KVM_VCPU(&(0x7f0000e77000/0x1000)=nil, 0x0, 0x2000000, 0x12, r4, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0)
r9 = eventfd2(0x80000000, 0x80000)
close(r9)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
write$eventfd(r9, &(0x7f0000000000)=0xffffffffffffca16, 0xffffffffffffff3b)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)

58m11.708284565s ago: executing program 3 (id=740):
munmap(&(0x7f0000f79000/0x4000)=nil, 0x4000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x8800, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0x801c581f, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000080)=@arm64_sys={0x603000000013c4f1, &(0x7f00000001c0)=0x3})
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013deb4, &(0x7f00000000c0)=0xc})
r7 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bc2000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000040)="68d3d4a6759ba655d47872b6bf881ba5dbca1c84a0779749", 0x0, 0x18)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)

57m43.448508665s ago: executing program 3 (id=741):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2c)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x60300000001000d4, 0x0})
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000a, 0x11, r7, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000380)="f30149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a3ff7fbc51869be2e2e0000000000000f000000000000000001000000000000000000000000000e00", 0x0, 0x34)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000140)={0x4, <r11=>0xffffffffffffffff, 0x1})
close(r11) (async)
close(r11)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r15 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0)
r16 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
r17 = syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x401]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r15, 0xae04) (async)
r18 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r15, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r18, 0x2000003, 0x11, r17, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r18, 0x2000003, 0x11, r17, 0x0)
ioctl$KVM_RUN(r17, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r17, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0) (async)
r19 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r19, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r19, 0xae80, 0x0)

57m32.135359659s ago: executing program 3 (id=743):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x100, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x21)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r1, 0x401c5820, 0x7)
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x343d80, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000000)={0x2, <r9=>0xffffffffffffffff, 0x1})
ioctl$KVM_HAS_DEVICE_ATTR(r9, 0x4018aee3, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r10 = syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
ioctl$KVM_GET_DEVICE_ATTR(r10, 0x4018aee2, &(0x7f0000000180)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f00000000c0)=0x5})
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r4, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x0, 0x1, 0x11, r4, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000002000/0x400000)=nil)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x0)
ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x5, 0x10003, 0x0})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32)

56m45.684290537s ago: executing program 34 (id=743):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x100, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x21)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r1, 0x401c5820, 0x7)
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x343d80, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000000)={0x2, <r9=>0xffffffffffffffff, 0x1})
ioctl$KVM_HAS_DEVICE_ATTR(r9, 0x4018aee3, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r10 = syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
ioctl$KVM_GET_DEVICE_ATTR(r10, 0x4018aee2, &(0x7f0000000180)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f00000000c0)=0x5})
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r4, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x0, 0x1, 0x11, r4, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000002000/0x400000)=nil)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x0)
ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x5, 0x10003, 0x0})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32)

33m7.075408884s ago: executing program 2 (id=895):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x2000)
r1 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f00000001c0)={0x8, <r3=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000200)=@attr_arm64={0x0, 0x8, 0x4, &(0x7f0000000280)=0x4f627b94})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x0, 0x9})
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_HALT_POLL(r7, 0x4068aea3, &(0x7f0000000140)={0xb6, 0x0, 0x4})
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x18, {"7f2003d5"}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r7, 0xc008ae67, &(0x7f0000000100)={0x0, 0x81})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0xe0000, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000003, [0x1000004, 0x100000003, 0x5, 0x101, 0x9]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r14, 0xae80, 0x0)
r15 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r4, 0x4010ae42, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000ffd000/0x2000)=nil})
ioctl$KVM_CAP_DIRTY_LOG_RING(r15, 0x4068aea3, &(0x7f0000000500))
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x8, 0x0, 0x0})

32m38.725869101s ago: executing program 2 (id=897):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
r4 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x240)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r5=>0xffffffffffffffff})
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000040)={0x10000, 0x6, 0xc000, 0x1000, &(0x7f0000d20000/0x1000)=nil})
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000bc2000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, 0x0, 0x0, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r10, 0xae03, 0x66)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x1, r13, 0xb})
ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, r13, 0x3})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x1000000)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x4, 0x3, 0x0})

32m23.282505091s ago: executing program 2 (id=899):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r4 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x240)
syz_kvm_setup_cpu$arm64(r1, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0, 0x310}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f00000001c0)=@arm64_extra={0x603000000013c037, &(0x7f0000000180)=0x800})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1e000000000000004000000000000000000000ef00000000fcffffffffffff1bf3a3b292e50d9600020000000100000003000000000000000400000000000000320000000000000040000000000000005200008400"], 0x80}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x402000, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000140)={0x4, <r10=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r10, 0x400454cc, 0xffffffffffffffff)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x1, 0x3000000, &(0x7f0000000100)=0x80})

32m16.710247393s ago: executing program 4 (id=900):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
ioctl$KVM_DIRTY_TLB(r2, 0x4010aeaa, &(0x7f0000000000)={0x9, 0x6})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="04198bd844c9e8a7b82d748f0f0244293d28bd9400bfc2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c3ad3c9952305abf0", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)

31m45.7394389s ago: executing program 4 (id=901):
r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000000)={0x6, 0xe000, 0x1, r0, 0x1})
ioctl$KVM_CAP_DIRTY_LOG_RING(r0, 0x4068aea3, &(0x7f0000000040)={0xc0, 0x0, 0x1000}) (async)
r1 = ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x3000, 0x11000, 0x1}) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f0000000100)={0xc000, 0x10000, 0x1}) (async)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) (async)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x20)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r3, 0x4010ae68, &(0x7f0000000140)={0x8080000, 0x113000})
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x2, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION2(r2, 0x40a0ae49, &(0x7f00000001c0)={0x1, 0x0, 0xc000, 0x1000, &(0x7f0000ffc000/0x1000)=nil, 0x693dfc68, r0}) (async)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000280)={0x6000, 0x4000, 0xc0, 0x1, 0x8}) (async)
ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f00000002c0)=0x3)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000300)={0xf000, 0x2000, 0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000340)={0x5})
ioctl$KVM_RUN(r0, 0xae80, 0x0) (async)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r0, 0x4010ae74, &(0x7f0000000380)={0x8, 0x7, 0x9})
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x8) (async)
r4 = ioctl$KVM_GET_STATS_FD_vm(r2, 0xaece)
ioctl$KVM_CAP_DIRTY_LOG_RING(r0, 0x4068aea3, &(0x7f00000003c0)={0xc0, 0x0, 0x1000}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000440)={0x5, 0x3, 0x25000, 0x2000, &(0x7f0000ffe000/0x2000)=nil, 0x7, r0}) (async)
ioctl$KVM_SET_SIGNAL_MASK(r4, 0x4004ae8b, &(0x7f0000000500)={0x99, "d161a058d5da0ee2dd46b466e3bb7cef00359aca601793cb20ccc88c85b5b9c399abc8f602ec2fd2693429328346aba44e5e022dd25ed959f50266e5ae4f0248dcd8d6a70b77fc38630293c1caa5c8b27f937ae57c54782a9b5fcaee778d5773b614abe9e6c023c6d8b23d7f65886e75bd203e0620222a4782bb61c6aafd1b179aedaeb34507072ab3793a55ea3a95ad76a26496c0d987ef02"}) (async)
ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f00000005c0)=0x296758ff) (async)
ioctl$KVM_S390_VCPU_FAULT(r0, 0x4008ae52, &(0x7f0000000600)) (async)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000640)={0x7, 0xffffffffffffffff, 0x1})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bff000/0x400000)=nil)
ioctl$KVM_RUN(r1, 0xae80, 0x0) (async)
ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000680)=0x1)
mmap$KVM_VCPU(&(0x7f0000ff8000/0x2000)=nil, 0x0, 0x1000001, 0x13, r1, 0x0)

31m44.855644277s ago: executing program 2 (id=902):
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f0000000000))
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x101000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x603000000010000c, &(0x7f00000001c0)=0x7})
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000240)={0xffffffffffffffff, 0x2c8, 0x3})
r7 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, <r8=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r8, 0x401054d5, 0x110c230000)
r9 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r10, 0x401c5820, 0x8000000000000001)
r11 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
r12 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x1800002, 0x11, r11, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f0000000280)="d6011813013c360000000000f4ff8000802346cbd98762c7795582ba3948ecff090001000000000000000000040000000100", 0x0, 0x48)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x0)
r15 = openat$kvm(0x0, &(0x7f0000000200), 0x414900, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
r17 = syz_kvm_setup_syzos_vm$arm64(r16, &(0x7f0000c00000/0x400000)=nil)
r18 = syz_kvm_add_vcpu$arm64(r17, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}, @msr={0x14, 0x20, {0x603000000013dce1, 0xfffffffffffffbff}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r18, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)

31m37.784638771s ago: executing program 4 (id=903):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r2 = syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000180)={0x0, &(0x7f0000000080)=[@smc={0x1e, 0x40, {0xc4000012, [0x1ff, 0x0, 0x1]}}, @irq_setup={0x46, 0x18, {0x3, 0x301}}], 0x58}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
close(r2)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25)
ioctl$KVM_CREATE_GUEST_MEMFD(r3, 0xc040aed4, &(0x7f0000000000)={0x5c, 0x6})
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000200)={0x4, 0xffda, 0x2}})
syz_kvm_setup_cpu$arm64(r0, r6, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000240)=[{0x0, &(0x7f0000000800)=[@uexit={0x0, 0x18, 0x1000000000000000}, @memwrite={0x6e, 0x30, @generic={0x70000, 0x68c, 0x0, 0x2}}, @hvc={0x32, 0x40, {0x80008000, [0x8, 0x6, 0x3ff, 0x800, 0x3]}}, @code={0xa, 0x6c, {"0080204e000c007c0008a0380068284e401395d200a0b8f2610080d2620180d2630080d2c40080d2020000d4a0869dd20040b0f2610080d2620080d2830080d2e40080d2020000d40010c0da007008d5007008d500e0e00d"}}, @hvc={0x32, 0x40, {0x0, [0x7, 0x8, 0xcb89, 0x5, 0x80]}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x3, 0x7, 0x6, 0x8d9, 0x3}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xffd0, 0xc2, 0x7}}, @eret={0xe6, 0x18, 0x4}, @code={0xa, 0x6c, {"000040fa40959cd20080b8f2410180d2020180d2030080d2640080d2020000d40088200e0030000f0000806d600083d200a0b8f2810180d2420080d2430180d2c40180d2020000d4007008d500fc40d3000008d5007008d5"}}, @smc={0x1e, 0x40, {0xc4000012, [0x5, 0x2, 0x3, 0xe46d, 0x1c3]}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x3, 0x6, 0x1, 0x9, 0x3}}, @irq_setup={0x46, 0x18, {0x1, 0x1a1}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x4, 0x9, 0xe0, 0x4, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013e6db}}, @mrs={0xbe, 0x18, {0x61a4}}, @hvc={0x32, 0x40, {0x0, [0x1, 0x0, 0x0, 0xffffffffffffffff, 0x6]}}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x286}}, @uexit={0x0, 0x18, 0x2}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x138}}, @mrs={0xbe, 0x18, {0x6030000000138012}}, @code={0xa, 0x9c, {"0000c03d0008607c008008d580049ad20060b8f2c10080d2a20180d2a30180d2040180d2020000d4404686d200c0b8f2610180d2e20180d2230180d2040180d2020000d40034005f0010c0da007008d580f08fd200a0b8f2e10180d2a20080d2e30080d2640080d2020000d4e0cd87d20000b0f2810080d2c20180d2a30080d2c40180d2020000d4"}}, @uexit={0x0, 0x18, 0xfffffffffffffff7}, @mrs={0xbe, 0x18, {0x603000000013df06}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x2, 0xa, 0x8, 0x6, 0x2}}, @hvc={0x32, 0x40, {0x84000014, [0x0, 0x5, 0x0, 0x5, 0x3050]}}, @uexit={0x0, 0x18, 0x3}, @irq_setup={0x46, 0x18, {0x0, 0x360}}, @eret={0xe6, 0x18}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x318}}, @eret={0xe6, 0x18, 0x5}, @msr={0x14, 0x20, {0x24fb, 0x5}}], 0x584}], 0x1, 0x0, &(0x7f0000000280)=[@featur1={0x1, 0xe}], 0x1)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x25)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x25)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x5, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f00000007c0)=0xffffffffffff0000})
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r12, r13, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r12, 0x4010aeb5, &(0x7f0000000140)={0xfbd})
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013df1a, &(0x7f00000000c0)=0x3})
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000100)={0x7, <r14=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x3, 0x2, 0x0})
syz_kvm_vgic_v3_setup(r8, 0x3, 0x80)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CAP_PTP_KVM(r8, 0x4068aea3, &(0x7f00000001c0))

31m29.8647316s ago: executing program 2 (id=904):
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r3, 0x0)
mmap$KVM_VCPU(&(0x7f0000e04000/0x2000)=nil, 0x930, 0x1, 0x11, r3, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r4, 0x8, 0x13, r3, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, r4, 0x1000001, 0x12, r3, 0x0)
r5 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
mmap$KVM_VCPU(&(0x7f0000c4d000/0x4000)=nil, r4, 0x1000000, 0x8010, r5, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f00004d2000/0x3000)=nil, r6, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r7 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f00000000c0)=[@smc={0x1e, 0x40, {0x80000001, [0x8, 0xe00b, 0xfff, 0x1, 0x9a6]}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x270}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x10, 0xfb, 0x7}}, @smc={0x1e, 0x40, {0x80000002, [0x2, 0x1, 0x9, 0x364, 0x8000000000000001]}}, @code={0xa, 0x6c, {"e003bfd60060df0c008008d50000c02940ba92d20060b0f2e10180d2e20080d2230180d2840080d2020000d4c0a288d20060b0f2e10080d2a20180d2030180d2840080d2020000d4000008d50068216e008008d50060df0d"}}, @code={0xa, 0x9c, {"000008d5a0db97d20060b8f2610080d2020080d2030080d2240080d2020000d4202395d200e0b0f2210080d2c20180d2c30080d2c40180d2020000d4000840fa20ee8cd200a0b0f2410180d2820180d2230080d2840080d2020000d400f8a12e000860b8e09181d20060b8f2a10080d2020080d2e30080d2e40080d2020000d4008008d50078202e"}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x8, 0xb, 0x81, 0x5, 0x2}}, @hvc={0x32, 0x40, {0x8000, [0x800, 0x6, 0x0, 0xaa, 0x3]}}, @mrs={0xbe, 0x18, {0x6030000000138066}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x152}}, @svc={0x122, 0x40, {0xc400000c, [0x4, 0x10, 0x10001, 0xfffffffffffffff7, 0x891]}}, @smc={0x1e, 0x40, {0xc5000021, [0x8, 0xfffffffffffffff4, 0x8, 0x8, 0x9]}}, @mrs={0xbe, 0x18, {0x603000000013c663}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x3ee}}, @irq_setup={0x46, 0x18, {0x0, 0x1e4}}, @code={0xa, 0x9c, {"a00e8fd20040b0f2210080d2220080d2030080d2640080d2020000d40098202e004084d20060b0f2410180d2820080d2230080d2a40080d2020000d440c491d200c0b0f2010180d2220080d2e30180d2a40080d2020000d40034207e007008d5007008d5000840ba80e28dd20040b8f2410080d2a20080d2430080d2e40180d2020000d4007008d5"}}, @eret={0xe6, 0x18, 0x9}, @irq_setup={0x46, 0x18, {0x1, 0x38e}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x3, 0x5, 0x8, 0x7}}], 0x454}, &(0x7f0000000040)=[@featur2={0x1, 0x63}], 0x1)
ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000540)={0x2, 0x2})
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0xb, 0x23ac5f9b426ec4b2, 0xffffffffffffffff, 0x0)

31m21.317081269s ago: executing program 4 (id=905):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x13)
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0x1, 0x84, &(0x7f0000000080)=0xfffffffffffffff7})

31m8.215776991s ago: executing program 2 (id=906):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x200, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x5)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x32)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = eventfd2(0xffff10c0, 0x801)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000100)={0xf09, 0x8080000, 0x0, r4})
r5 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

31m7.372832445s ago: executing program 4 (id=907):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x24)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000000)={0x5, 0x6, 0xdddd0000, 0x1000, &(0x7f0000ffe000/0x1000)=nil})
ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000040)={0xf, 0x5})
r1 = eventfd2(0x7, 0x0)
ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000080)={0xffffffffffffffff, 0x2, 0x2, r1}) (async)
ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000080)={0xffffffffffffffff, 0x2, 0x2, r1})
r2 = eventfd2(0x4, 0x800)
ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f00000000c0)={r2, 0x6, 0x1, r1}) (async)
ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f00000000c0)={r2, 0x6, 0x1, r1})
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000000100)={0x2, 0x0, &(0x7f0000ffc000/0x4000)=nil}) (async)
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000000100)={0x2, 0x0, &(0x7f0000ffc000/0x4000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2)
syz_kvm_setup_cpu$arm64(r0, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f00000003c0)=[{0x0, &(0x7f0000000140)=[@smc={0x1e, 0x40, {0x84000001, [0x12d3, 0x4, 0x401, 0x9, 0x4]}}, @code={0xa, 0x54, {"00000038000008d540559ad20060b0f2810180d2c20180d2c30180d2840180d2020000d4007008d5e003006b0000a00d000480da000028d50050805f0080400c"}}, @uexit={0x0, 0x18, 0xfffffffffffffffd}, @smc={0x1e, 0x40, {0x84000009, [0x35, 0x2, 0xffffffffffffff66, 0x7]}}, @mrs={0xbe, 0x18, {0x603000000013800f}}, @msr={0x14, 0x20, {0x603000000013e66f, 0x100}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x22a}}, @msr={0x14, 0x20, {0x603000000013802d, 0x3}}, @hvc={0x32, 0x40, {0x200, [0x6, 0x8, 0xe8, 0x7]}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x4, 0xd, 0x3, 0x9}}, @eret={0xe6, 0x18, 0x8}, @svc={0x122, 0x40, {0x84000001, [0x55, 0x2, 0x2, 0x802a, 0x7]}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x2b}}], 0x254}], 0x1, 0x0, &(0x7f0000000400)=[@featur2={0x1, 0x42}], 0x1) (async)
syz_kvm_setup_cpu$arm64(r0, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f00000003c0)=[{0x0, &(0x7f0000000140)=[@smc={0x1e, 0x40, {0x84000001, [0x12d3, 0x4, 0x401, 0x9, 0x4]}}, @code={0xa, 0x54, {"00000038000008d540559ad20060b0f2810180d2c20180d2c30180d2840180d2020000d4007008d5e003006b0000a00d000480da000028d50050805f0080400c"}}, @uexit={0x0, 0x18, 0xfffffffffffffffd}, @smc={0x1e, 0x40, {0x84000009, [0x35, 0x2, 0xffffffffffffff66, 0x7]}}, @mrs={0xbe, 0x18, {0x603000000013800f}}, @msr={0x14, 0x20, {0x603000000013e66f, 0x100}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x22a}}, @msr={0x14, 0x20, {0x603000000013802d, 0x3}}, @hvc={0x32, 0x40, {0x200, [0x6, 0x8, 0xe8, 0x7]}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x4, 0xd, 0x3, 0x9}}, @eret={0xe6, 0x18, 0x8}, @svc={0x122, 0x40, {0x84000001, [0x55, 0x2, 0x2, 0x802a, 0x7]}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x2b}}], 0x254}], 0x1, 0x0, &(0x7f0000000400)=[@featur2={0x1, 0x42}], 0x1)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x17)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r4, 0x4068aea3, &(0x7f0000000440))
r5 = ioctl$KVM_CREATE_GUEST_MEMFD(r0, 0xc040aed4, &(0x7f00000004c0)={0x6, 0xfffffffffffffbff})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000500)={0x10200, 0x0, 0xf7f5fffb, 0x2000, &(0x7f0000f7f000/0x2000)=nil})
ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000540)={0x2, 0x0, [{0x2, 0x4, 0x0, 0x0, @adapter={0x81, 0x8, 0x1, 0x5, 0x4}}, {0x8, 0x1, 0x1, 0x0, @irqchip={0x3ff, 0x6}}]})
ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f00000005c0)={r2, 0x0, 0x2, r2}) (async)
ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f00000005c0)={r2, 0x0, 0x2, r2})
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) (async)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r0, 0x4068aea3, &(0x7f0000000600)={0xa8, 0x0, 0x1})
ioctl$KVM_PPC_ALLOCATE_HTAB(r4, 0xc004aea7, &(0x7f0000000680)=0x5)
ioctl$KVM_SET_USER_MEMORY_REGION2(r0, 0x40a0ae49, &(0x7f00000006c0)={0x10002, 0x1, 0x30000, 0x2000, &(0x7f0000cd4000/0x2000)=nil, 0x8, r5})
ioctl$KVM_CAP_PTP_KVM(r4, 0x4068aea3, &(0x7f0000000780))
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000800)={0x5})
ioctl$KVM_RESET_DIRTY_RINGS(0xffffffffffffffff, 0xaec7) (async)
ioctl$KVM_RESET_DIRTY_RINGS(0xffffffffffffffff, 0xaec7)
write$eventfd(0xffffffffffffffff, &(0x7f0000000840)=0xd, 0x8) (async)
write$eventfd(0xffffffffffffffff, &(0x7f0000000840)=0xd, 0x8)
ioctl$KVM_IRQ_LINE(r4, 0x4008ae61, &(0x7f0000000880)={0xd, 0x9})
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r4, 0x4068aea3, &(0x7f00000008c0)={0xdf, 0x0, 0x6000})
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r4, 0x4010aeb5, &(0x7f0000000940)={0x80000000000, 0x1c})
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async)
r7 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000f40)={0x0, &(0x7f0000000980)=[@hvc={0x32, 0x40, {0x80008000, [0x1, 0x5, 0x5, 0x6, 0x44]}}, @uexit={0x0, 0x18, 0x6}, @irq_setup={0x46, 0x18, {0x2, 0x1d2}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x4, 0x8, 0x10001, 0x200, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x0, 0x1, 0x3, 0x5, 0x7, 0x5, 0x4}}, @msr={0x14, 0x20, {0x641, 0x5}}, @code={0xa, 0x54, {"0000809a000080ace02495d200c0b8f2210080d2220080d2230080d2840080d2020000d4000008d5000008d5001ce00e001c602e000028d5007008d500849f0d"}}, @smc={0x1e, 0x40, {0x800, [0x10000, 0x5, 0x2, 0x3b8d8000, 0x6]}}, @code={0xa, 0xb4, {"000030d5008f86d20020b8f2410080d2a20180d2630180d2240180d2020000d40048216ee0099fd200a0b0f2210180d2c20180d2e30080d2040080d2020000d4c08293d20040b0f2a10080d2420080d2c30180d2840180d2020000d4604c88d200a0b8f2a10180d2a20080d2430080d2c40180d2020000d4001c200e000040b90000029e804f8dd200a0b0f2010080d2420180d2030080d2e40080d2020000d4"}}, @irq_setup={0x46, 0x18, {0x1, 0x3c8}}, @code={0xa, 0x3c, {"007008d5008008d5007008d5007008d5000c40bce0039fd600d4a00e000028d500000058007008d5"}}, @eret={0xe6, 0x18, 0x703}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x32f}}, @uexit={0x0, 0x18, 0x6}, @memwrite={0x6e, 0x30, @generic={0xa000, 0xee0, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013df41}}, @code={0xa, 0x9c, {"000080ac007c0053c01b9bd200c0b8f2e10180d2420180d2e30080d2040180d2020000d40090204e000000aa601989d200a0b8f2410080d2e20180d2e30080d2e40180d2020000d4c05a82d200a0b0f2c10080d2820180d2c30080d2640080d2020000d460e98fd200e0b0f2810080d2c20180d2230180d2840080d2020000d40000649e00d4200e"}}, @eret={0xe6, 0x18, 0x101}, @mrs={0xbe, 0x18, {0x603000000013e08c}}, @svc={0x122, 0x40, {0x84000000, [0x2, 0x8, 0x0, 0x4, 0x6]}}, @msr={0x14, 0x20, {0x603000000013da28}}, @eret={0xe6, 0x18, 0x7}, @uexit={0x0, 0x18, 0x10000}, @svc={0x122, 0x40, {0xc4000001, [0x3, 0x0, 0x0, 0x3, 0x2]}}, @irq_setup={0x46, 0x18, {0x4, 0x3cd}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x4, 0x200, 0x0, 0xe, 0x4}}, @hvc={0x32, 0x40, {0xc4000012, [0x3, 0xb899, 0x1, 0x6, 0x9]}}, @smc={0x1e, 0x40, {0xc4000001, [0x0, 0xff, 0x401, 0x2, 0xdf9]}}, @eret={0xe6, 0x18, 0xfff}], 0x590}, &(0x7f0000000f80)=[@featur2={0x1, 0x10}], 0x1) (async)
syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000f40)={0x0, &(0x7f0000000980)=[@hvc={0x32, 0x40, {0x80008000, [0x1, 0x5, 0x5, 0x6, 0x44]}}, @uexit={0x0, 0x18, 0x6}, @irq_setup={0x46, 0x18, {0x2, 0x1d2}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x4, 0x8, 0x10001, 0x200, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x0, 0x1, 0x3, 0x5, 0x7, 0x5, 0x4}}, @msr={0x14, 0x20, {0x641, 0x5}}, @code={0xa, 0x54, {"0000809a000080ace02495d200c0b8f2210080d2220080d2230080d2840080d2020000d4000008d5000008d5001ce00e001c602e000028d5007008d500849f0d"}}, @smc={0x1e, 0x40, {0x800, [0x10000, 0x5, 0x2, 0x3b8d8000, 0x6]}}, @code={0xa, 0xb4, {"000030d5008f86d20020b8f2410080d2a20180d2630180d2240180d2020000d40048216ee0099fd200a0b0f2210180d2c20180d2e30080d2040080d2020000d4c08293d20040b0f2a10080d2420080d2c30180d2840180d2020000d4604c88d200a0b8f2a10180d2a20080d2430080d2c40180d2020000d4001c200e000040b90000029e804f8dd200a0b0f2010080d2420180d2030080d2e40080d2020000d4"}}, @irq_setup={0x46, 0x18, {0x1, 0x3c8}}, @code={0xa, 0x3c, {"007008d5008008d5007008d5007008d5000c40bce0039fd600d4a00e000028d500000058007008d5"}}, @eret={0xe6, 0x18, 0x703}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x32f}}, @uexit={0x0, 0x18, 0x6}, @memwrite={0x6e, 0x30, @generic={0xa000, 0xee0, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013df41}}, @code={0xa, 0x9c, {"000080ac007c0053c01b9bd200c0b8f2e10180d2420180d2e30080d2040180d2020000d40090204e000000aa601989d200a0b8f2410080d2e20180d2e30080d2e40180d2020000d4c05a82d200a0b0f2c10080d2820180d2c30080d2640080d2020000d460e98fd200e0b0f2810080d2c20180d2230180d2840080d2020000d40000649e00d4200e"}}, @eret={0xe6, 0x18, 0x101}, @mrs={0xbe, 0x18, {0x603000000013e08c}}, @svc={0x122, 0x40, {0x84000000, [0x2, 0x8, 0x0, 0x4, 0x6]}}, @msr={0x14, 0x20, {0x603000000013da28}}, @eret={0xe6, 0x18, 0x7}, @uexit={0x0, 0x18, 0x10000}, @svc={0x122, 0x40, {0xc4000001, [0x3, 0x0, 0x0, 0x3, 0x2]}}, @irq_setup={0x46, 0x18, {0x4, 0x3cd}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x4, 0x200, 0x0, 0xe, 0x4}}, @hvc={0x32, 0x40, {0xc4000012, [0x3, 0xb899, 0x1, 0x6, 0x9]}}, @smc={0x1e, 0x40, {0xc4000001, [0x0, 0xff, 0x401, 0x2, 0xdf9]}}, @eret={0xe6, 0x18, 0xfff}], 0x590}, &(0x7f0000000f80)=[@featur2={0x1, 0x10}], 0x1)

30m57.515980999s ago: executing program 4 (id=908):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000180)=[@featur2={0x1, 0xc4}], 0x1)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f0000000240)=[@irq_setup={0x5, 0x18}], 0x18}, 0x0, 0x0)
munmap(&(0x7f0000cfd000/0x2000)=nil, 0x2000)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x36)
ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f00000000c0)={0x1fe, 0x0, &(0x7f0000f59000/0x1000)=nil})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1f)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f00000001c0)={0x8, <r7=>0xffffffffffffffff})
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000000)=0xc000000000000000})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
r8 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x10006)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x36480, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000700)={0x7, 0x0})
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_IRQ_LINE(r10, 0x4008ae61, &(0x7f0000000240)={0x200002f})
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x4})
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000000)={0x4})
ioctl$KVM_DIRTY_TLB(r1, 0x4010aeaa, &(0x7f0000000100)={0x800, 0x6f7})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)

30m25.685097806s ago: executing program 35 (id=906):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x200, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x5)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x32)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = eventfd2(0xffff10c0, 0x801)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000100)={0xf09, 0x8080000, 0x0, r4})
r5 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

30m8.856490929s ago: executing program 36 (id=908):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000180)=[@featur2={0x1, 0xc4}], 0x1)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f0000000240)=[@irq_setup={0x5, 0x18}], 0x18}, 0x0, 0x0)
munmap(&(0x7f0000cfd000/0x2000)=nil, 0x2000)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x36)
ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f00000000c0)={0x1fe, 0x0, &(0x7f0000f59000/0x1000)=nil})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1f)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f00000001c0)={0x8, <r7=>0xffffffffffffffff})
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000000)=0xc000000000000000})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
r8 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x10006)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x36480, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000700)={0x7, 0x0})
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_IRQ_LINE(r10, 0x4008ae61, &(0x7f0000000240)={0x200002f})
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x4})
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000000)={0x4})
ioctl$KVM_DIRTY_TLB(r1, 0x4010aeaa, &(0x7f0000000100)={0x800, 0x6f7})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)

15m53.41073436s ago: executing program 6 (id=946):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xe6) (async)
r1 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x3d)

15m40.244609199s ago: executing program 6 (id=948):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f00000002c0)={0x9, 0xc17})
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000040)=@arm64_sys={0x603000000013c807, &(0x7f0000000200)=0x7ff})
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe4, 0x7fffffff, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x2, 0x9, 0x0, 0x80}}], 0x58}, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r10 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x10000000001, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x0, 0x0, 0x10000, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r10, 0x1, 0x180)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, <r13=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x1, &(0x7f0000000000)=0x8080000})
openat$kvm(0x0, 0x0, 0x0, 0x0)
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0x80111500, 0x20000000)
write$eventfd(r15, &(0x7f0000000000), 0xfffffdef)
r16 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r17 = ioctl$KVM_CREATE_VM(r16, 0x80111500, 0x20000000)
ioctl$KVM_CREATE_VM(r17, 0x541b, 0x2000002004001e)
ioctl$KVM_RUN(r12, 0xae80, 0x0)

15m30.657756786s ago: executing program 5 (id=949):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000000100)={0x100001f, 0x1})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x2, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x3, 0x10000, 0x0, 0x100, 0x2}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x216a80, 0x0)
r8 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
r11 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r10, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r12, 0x40305839, 0x19)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)

15m9.436819948s ago: executing program 6 (id=950):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0xa5)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000100)="3108e3dcda727dc1915f051fd6c6c2f2e9375df87e96815d61d15d9486ff9023dbaede6f1938adc7befee9d742312bd76c85b021554abc4cb72595c6e12f025cf0d600b249c982b5", 0x0, 0x48)
r5 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r6 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0x80111500, 0x20000000)
write$eventfd(r8, &(0x7f0000000000), 0xfffffdef)
r9 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION2(r10, 0x40a0ae49, &(0x7f0000000200)={0x18102, 0x1, 0xf000, 0x2000, &(0x7f0000299000/0x2000)=nil, 0x9})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$KVM_CREATE_VM(r0, 0x5452, 0x2)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x3817b2, 0x0)

15m5.411662546s ago: executing program 5 (id=951):
r0 = openat$kvm(0x0, 0x0, 0x303940, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r2, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
r6 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r5, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0x5460, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r10, 0x0)

14m42.438944245s ago: executing program 6 (id=952):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000200)={0x4, 0x0, [{0x6, 0x4, 0x0, 0x0, @irqchip={0x80000000, 0x1}}, {0x6, 0x4, 0x1, 0x0, @sint={0x3, 0x4}}, {0x80000000, 0x4, 0x0, 0x0, @msi={0xb264, 0x3, 0x100, 0x9}}, {0x1, 0x2, 0x0, 0x0, @irqchip={0x7, 0x2}}]})
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000040)={0x7})
r5 = eventfd2(0x8001, 0x80801)
r6 = eventfd2(0x7c, 0x800)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000000)={r5, 0x3, 0x3, r6})
r7 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
r8 = syz_kvm_vgic_v3_setup(r7, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r8, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x1, 0x4, &(0x7f00000004c0)=0x1})

14m40.232772515s ago: executing program 5 (id=953):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
close(0x3)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) (async)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000240)=@arm64_core={0x6030000000100022, &(0x7f0000000400)=0x8001}) (async, rerun: 64)
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (rerun: 64)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = eventfd2(0xffff10c0, 0x801)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000100)={0xf09, 0x8080000, 0x0, r7}) (async)
r8 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0xffffffffffffffff}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async, rerun: 32)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0xf) (rerun: 32)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) (async)
r11 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r11}) (async)
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000bfd000/0x400000)=nil)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r12, 0xae03, 0xe) (async)
r13 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r15, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x3, 0x1000, 0x40000000, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r14, 0x1, 0x100) (async)
ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000180)={0x8})

14m20.684628333s ago: executing program 5 (id=954):
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async, rerun: 32)
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x40242, 0x0) (rerun: 32)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f00000000c0)=@arm64_fw={0x6030000000140001, &(0x7f0000000100)=0x6}) (async, rerun: 32)
ioctl$KVM_SET_GUEST_DEBUG_arm64(0xffffffffffffffff, 0x4208ae9b, &(0x7f0000000340)={0x3, 0x0, {[0xea83, 0x4, 0x7b, 0x9, 0x8000000000000001, 0xa8d, 0x1, 0x5, 0x80000000, 0x8000000000000001, 0x0, 0x9, 0x4, 0x67f, 0x7, 0x9], [0xf9, 0x0, 0x5, 0xfffffffffffffffe, 0x0, 0x7, 0x8f72, 0xe, 0x53, 0x1, 0x5, 0xfffffffffffff3ff, 0x7ff, 0xff, 0xfffffffffffffffc], [0x101, 0x1, 0x8, 0x8, 0x5, 0x6, 0x7, 0x1, 0x5, 0x1, 0x5, 0x400, 0x5, 0xff, 0x81, 0x83c000000], [0xd, 0x100000001, 0x5, 0x7f, 0x1, 0x8, 0x4, 0x120000000000, 0x9, 0x5d6b, 0x6, 0x33c9762a, 0x2ebc, 0x1, 0x9, 0xd4f]}}) (async, rerun: 32)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x10, 0xffffffffffffffff, 0x0) (async, rerun: 64)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async, rerun: 64)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0)
r4 = ioctl$KVM_CREATE_GUEST_MEMFD(0xffffffffffffffff, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2000003, 0x2013, r4, 0x0) (async, rerun: 32)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 32)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000007000/0x2000)=nil, 0x0, 0x3000003, 0x2011, r4, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x3c)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x7f)
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) (async, rerun: 64)
ioctl$KVM_ARM_SET_DEVICE_ADDR(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000000)={0x2000010001, 0xeeef0000}) (async, rerun: 64)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000200)={0x7, 0xffffffffffffffff, 0x1})
r10 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000280)={0x14, 0xff}}) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)

14m17.793270158s ago: executing program 6 (id=955):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f0000000100)={0x0, 0x81})
r4 = eventfd2(0xd, 0x1)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f00000002c0)=[@hvc={0x32, 0x40, {0x84000004, [0x80000000, 0x6, 0x3, 0x7f, 0x800]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
close(r4)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
write$eventfd(r4, 0x0, 0x500)
write$eventfd(r4, &(0x7f0000000000), 0x8)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0)

14m5.786314203s ago: executing program 5 (id=956):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x640000, 0x0)
openat$kvm(0x0, 0x0, 0x80100, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) (async)
r3 = syz_kvm_vgic_v3_setup(r2, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x7, 0x300, &(0x7f0000000080)=0x4}) (async)
ioctl$KVM_GET_DEVICE_ATTR_vm(r0, 0x4018aee2, &(0x7f00000000c0)=@attr_other={0x0, 0x41a7, 0x7a, &(0x7f0000000080)=0x9})
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bff000/0x400000)=nil) (async)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000a, 0x11, r9, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000380)="f30149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a3ff7fbc51869be2e2e0000000000000f000000000000000001000000000000000000000000000e00", 0x0, 0x34) (async)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000140)={0x4, <r13=>0xffffffffffffffff, 0x1})
close(r13)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000780), 0x1, 0x0)
ioctl$KVM_CHECK_EXTENSION(r14, 0xae03, 0x10) (async)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000000)={0x0, &(0x7f0000000940)=[@irq_setup={0x46, 0x18, {0x1, 0xf4}}, @hvc={0x32, 0x40, {0x80, [0xe, 0x7, 0x10000, 0x3, 0x18]}}, @uexit={0x0, 0x18, 0x8}, @code={0xa, 0x6c, {"204794d20000b0f2610180d2820180d2c30080d2c40180d2020000d4007008d50024c09a007008d5a03092d20060b0f2810080d2620180d2430080d2e40080d2020000d40000005e0080c00d000008d5000008d5000028d5"}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x0, 0xc, 0x17, 0x25, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x80, 0xfffe000000, 0x4}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x0, 0xffff, 0x2}}, @code={0xa, 0x84, {"001398d200a0b0f2610080d2c20080d2a30080d2440180d2020000d460cf8bd20020b8f2210180d2a20080d2230080d2640080d2020000d400005fd6007008d50008e038008008d500a0000f007c85d200e0b8f2610180d2020180d2030080d2040180d2020000d4000c00f8000008d5"}}, @hvc={0x32, 0x40, {0x8400000b, [0x1, 0x7, 0xb, 0x3, 0x7]}}, @smc={0x1e, 0x40, {0x84000052, [0xc, 0xe0000000, 0x3, 0x8001, 0x9]}}, @hvc={0x32, 0x40, {0x84000011, [0x404, 0x8, 0x1, 0x9, 0x3]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x380, 0x2, 0x1}}, @code={0xa, 0x54, {"008008d5007008d5000028d5000028d5000008d5003c000e0088a10e0000407d00c0651ec06097d20080b0f2810180d2620180d2e30180d2640080d2020000d4"}}, @smc={0x1e, 0x40, {0x4000, [0x1, 0x1ff, 0x2, 0x7, 0x9]}}, @hvc={0x32, 0x40, {0x84000005, [0x2, 0x401, 0x9, 0x5, 0x8]}}, @irq_setup={0x46, 0x18, {0x0, 0xbb}}, @eret={0xe6, 0x18, 0x5}, @irq_setup={0x46, 0x18, {0x0, 0x234}}, @uexit={0x0, 0x18, 0x9}, @code={0xa, 0x6c, {"007008d5000040bd000000ea1004601e803f8cd200a0b8f2010180d2220180d2430180d2c40080d2020000d40000641e000028d5007799d20000b8f2e10180d2620080d2630180d2e40080d2020000d4000000a8007008d5"}}, @hvc={0x32, 0x40, {0xc4000005, [0x2, 0x6, 0x8, 0xbbd3, 0x3]}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0x6, 0x39a8534d, 0x4, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013e602}}, @code={0xa, 0x6c, {"0060006f000008d50024202e0058c01a200085d20060b0f2610080d2820080d2c30080d2640180d2020000d4007008d5e0089cd20000b8f2210080d2620080d2630080d2e40180d2020000d4007008d5007008d5008008d5"}}, @eret={0xe6, 0x18, 0x7d}], 0x57c}, &(0x7f0000000040)=[@featur1={0x1, 0xc0}], 0x1) (async)
r15 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bc5000/0x400000)=nil)
r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013dce7}}], 0x18}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r16, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_RUN(r16, 0xae80, 0x0)

13m54.786129839s ago: executing program 6 (id=957):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
r4 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r3, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r3, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105}) (async)
ioctl$KVM_CREATE_VM(r5, 0x401c5820, 0x20000001)
r6 = openat$kvm(0x0, &(0x7f00000006c0), 0x410a02, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) (async)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31)
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) (async)
r11 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) (async)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f00000000c0)=@arm64_fw={0x6030000000140001, &(0x7f0000000000)=0x81}) (async)
r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r13, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@eret={0xe6, 0x18}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x1ca}}, @mrs={0xbe, 0x18, {0x4ab4}}, @hvc={0x32, 0x40, {0x32000000, [0x10, 0xd810, 0x9, 0x7f02ff59, 0x100]}}, @smc={0x1e, 0x40, {0x84000009, [0xf, 0x6, 0xffffffffffffffff, 0x9b6, 0x8]}}, @code={0xa, 0x84, {"008008d5a0e68fd20020b0f2610080d2c20180d2630180d2c40080d2020000d4000028d5007008d5007008d5007008d5003b98d20060b8f2410180d2220180d2030180d2640180d2020000d440b09cd20040b8f2e10080d2820080d2c30080d2a40080d2020000d40068216e008008d5"}}, @svc={0x122, 0x40, {0x87000013, [0x9, 0x2, 0x23fa, 0xdb36, 0x75]}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0xb6}}, @irq_setup={0x46, 0x18, {0x0, 0x263}}, @irq_setup={0x46, 0x18, {0x1, 0x386}}, @msr={0x14, 0x20, {0x603000000013defc, 0x100000000}}, @mrs={0xbe, 0x18, {0x603000000013e64d}}, @memwrite={0x6e, 0x30, @generic={0x50000, 0xa64, 0x9, 0x2}}, @memwrite={0x6e, 0x30, @generic={0xeeee0000, 0x566, 0x5, 0x4}}, @memwrite={0x6e, 0x30, @generic={0xdddd0000, 0x86e, 0x0, 0x1}}, @msr={0x14, 0x20, {0x603000000013df02, 0x4}}, @hvc={0x32, 0x40, {0x84000000, [0xd, 0x49, 0x1, 0x9, 0x8000]}}, @irq_setup={0x46, 0x18, {0x0, 0x3ad}}, @code={0xa, 0x9c, {"0000319e60fd98d200c0b8f2c10080d2e20180d2230080d2e40180d2020000d420c482d20060b0f2210180d2220180d2c30180d2640180d2020000d40040002fa07684d200a0b0f2610080d2620180d2230080d2240180d2020000d400000018606395d20000b8f2e10180d2e20080d2430080d2440180d2020000d4000028d5000028d5000008d5"}}], 0x3d0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r12, 0x1, 0x180)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000180)={0x8, <r14=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x9, <r15=>0xffffffffffffffff, 0x1})
ioctl$KVM_HAS_DEVICE_ATTR(r15, 0x4018aee3, &(0x7f0000000680)=@attr_arm64={0x0, 0x1, 0x3, &(0x7f0000000640)=0x2})

13m46.986676555s ago: executing program 5 (id=958):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bff000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c65d, 0xfffdffffc1af0ec0}}], 0x20}, 0x0, 0xffffffffffffff92)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r1, 0x3, 0xa0) (async)
syz_kvm_vgic_v3_setup(r1, 0x3, 0xc0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000000)={0xc0, 0x0, 0x1d000})

13m8.360003529s ago: executing program 37 (id=957):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
r4 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r3, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r3, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105}) (async)
ioctl$KVM_CREATE_VM(r5, 0x401c5820, 0x20000001)
r6 = openat$kvm(0x0, &(0x7f00000006c0), 0x410a02, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) (async)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31)
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) (async)
r11 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) (async)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f00000000c0)=@arm64_fw={0x6030000000140001, &(0x7f0000000000)=0x81}) (async)
r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r13, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@eret={0xe6, 0x18}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x1ca}}, @mrs={0xbe, 0x18, {0x4ab4}}, @hvc={0x32, 0x40, {0x32000000, [0x10, 0xd810, 0x9, 0x7f02ff59, 0x100]}}, @smc={0x1e, 0x40, {0x84000009, [0xf, 0x6, 0xffffffffffffffff, 0x9b6, 0x8]}}, @code={0xa, 0x84, {"008008d5a0e68fd20020b0f2610080d2c20180d2630180d2c40080d2020000d4000028d5007008d5007008d5007008d5003b98d20060b8f2410180d2220180d2030180d2640180d2020000d440b09cd20040b8f2e10080d2820080d2c30080d2a40080d2020000d40068216e008008d5"}}, @svc={0x122, 0x40, {0x87000013, [0x9, 0x2, 0x23fa, 0xdb36, 0x75]}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0xb6}}, @irq_setup={0x46, 0x18, {0x0, 0x263}}, @irq_setup={0x46, 0x18, {0x1, 0x386}}, @msr={0x14, 0x20, {0x603000000013defc, 0x100000000}}, @mrs={0xbe, 0x18, {0x603000000013e64d}}, @memwrite={0x6e, 0x30, @generic={0x50000, 0xa64, 0x9, 0x2}}, @memwrite={0x6e, 0x30, @generic={0xeeee0000, 0x566, 0x5, 0x4}}, @memwrite={0x6e, 0x30, @generic={0xdddd0000, 0x86e, 0x0, 0x1}}, @msr={0x14, 0x20, {0x603000000013df02, 0x4}}, @hvc={0x32, 0x40, {0x84000000, [0xd, 0x49, 0x1, 0x9, 0x8000]}}, @irq_setup={0x46, 0x18, {0x0, 0x3ad}}, @code={0xa, 0x9c, {"0000319e60fd98d200c0b8f2c10080d2e20180d2230080d2e40180d2020000d420c482d20060b0f2210180d2220180d2c30180d2640180d2020000d40040002fa07684d200a0b0f2610080d2620180d2230080d2240180d2020000d400000018606395d20000b8f2e10180d2e20080d2430080d2440180d2020000d4000028d5000028d5000008d5"}}], 0x3d0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r12, 0x1, 0x180)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000180)={0x8, <r14=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x9, <r15=>0xffffffffffffffff, 0x1})
ioctl$KVM_HAS_DEVICE_ATTR(r15, 0x4018aee3, &(0x7f0000000680)=@attr_arm64={0x0, 0x1, 0x3, &(0x7f0000000640)=0x2})

12m56.154653957s ago: executing program 38 (id=958):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bff000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c65d, 0xfffdffffc1af0ec0}}], 0x20}, 0x0, 0xffffffffffffff92)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r1, 0x3, 0xa0) (async)
syz_kvm_vgic_v3_setup(r1, 0x3, 0xc0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000000)={0xc0, 0x0, 0x1d000})

3m19.865401476s ago: executing program 7 (id=961):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, 0x0, 0xfffffffffffffd93}, 0x0, 0xffffffffffffff63)
r8 = syz_kvm_vgic_v3_setup(r5, 0x1, 0x40)
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0x1, 0x304, &(0x7f00000000c0)=0x1ff})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x3}}], 0x68}, 0x0, 0x0)
r13 = syz_kvm_vgic_v3_setup(r10, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, <r14=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000240)=@attr_other={0x0, 0x5, 0x6, &(0x7f0000000000)=0x8000})
r15 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
r16 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r15, 0x3, 0x11, r12, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r16, 0xfffffffffffffffe, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r16, 0xffffffffffffffff, 0x0)
r17 = syz_kvm_vgic_v3_setup(r1, 0x200, 0x200)
ioctl$KVM_SET_DEVICE_ATTR(r17, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0x10001, 0x8, &(0x7f0000000140)=0x9})
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r2, 0x4018aee2, &(0x7f0000000100)=@attr_pmu_init)

3m1.490581201s ago: executing program 8 (id=962):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f00000001c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000080)=@arm64_fp_extra={0x60200000001000d5, &(0x7f0000000040)=0x3d3})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x161642, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r7, 0x4008ae6a, &(0x7f00000002c0)={0x2, 0x0, [{0x3, 0x1, 0x0, 0x0, @adapter={0x0, 0x6a, 0x8, 0x5, 0x3}}, {0x3, 0x1, 0x0, 0x0, @msi={0x0, 0xf, 0x9, 0xfffffff9}}]})
r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18})
ioctl$KVM_ARM_VCPU_FINALIZE(r8, 0x4004aec2, &(0x7f0000000180)=0x4)
ioctl$KVM_GET_REG_LIST(r8, 0xc008aeb0, &(0x7f00000000c0)={0x15e})

2m48.740680527s ago: executing program 7 (id=963):
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, 0x0, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, 0x0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x4007fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a000000000000002000000000000000002080d2a0bbbbf21f004219"], 0x20}], 0x1, 0x0, 0x0, 0x0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x6832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f000090a000/0x2000)=nil, r1, 0x8, 0x10, r12, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, 0x0)
openat$kvm(0x0, &(0x7f00000001c0), 0x0, 0x0)

2m29.996736316s ago: executing program 8 (id=964):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f0000000080)={0x200001fe0000})
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x6000, 0xa7000, &(0x7f0000ffc000/0x2000)=nil, 0x200000000000000, r2}) (async)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x6)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)

2m20.63264961s ago: executing program 7 (id=965):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0x2, 0x10000000000000)
r1 = syz_kvm_add_vcpu$arm64(0x0, 0x0, &(0x7f0000000840)=[@featur1={0x1, 0xc7}], 0x1)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000a, 0x10, r1, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
openat$kvm(0x0, 0x0, 0x169200, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x2})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x600000c, 0x810, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
r4 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f00000001c0)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)})
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000000)=0xc000000000000000})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
munmap(&(0x7f0000e1d000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f00000000c0)={0x9, 0x3})
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)

2m12.114578657s ago: executing program 8 (id=966):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f0000000240)={0xb6, 0x0, 0x4})
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2000000002, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x4000000, 0x0, 0x6, 0x2, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000180)={0x1, 0x104000, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000380)={0x3000, 0x34000})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r6, 0x4010ae68, &(0x7f0000000140)={0xd000, 0x99000, 0x1})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000000040)={0x1ff, 0x4})

1m51.815288337s ago: executing program 7 (id=967):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000540)=@attr_other={0x0, 0x8, 0x80, &(0x7f0000000500)=0x5})
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3a)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r4 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r5, 0x4018aee1, &(0x7f0000000340)=@attr_arm64={0x0, 0x0, 0x0, 0xffffffffffffffff})
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000540)=@attr_other={0x0, 0x8, 0x80, &(0x7f0000000500)=0x5}) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3a) (async)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) (async)
openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR_vm(r5, 0x4018aee1, &(0x7f0000000340)=@attr_arm64={0x0, 0x0, 0x0, 0xffffffffffffffff}) (async)

1m44.652695987s ago: executing program 8 (id=968):
r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x15)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000340)={0x5})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000700)={0x7, 0x0})
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_IRQ_LINE(r5, 0x4008ae61, &(0x7f0000000240)={0x200002f})
r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000280)={0x14, 0xff}})
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)

1m24.906428159s ago: executing program 7 (id=969):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x39) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x900, 0x0) (async, rerun: 32)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 32)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r4, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) (async, rerun: 64)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0) (rerun: 64)
r6 = eventfd2(0x0, 0x0)
close(r6) (async)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x3000002, 0x13, r6, 0x0) (async)
write$eventfd(r6, &(0x7f0000000180)=0x5, 0xfffffde3)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x28)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000040)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r11, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async, rerun: 64)
r12 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async, rerun: 64)
r13 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000100)={0x0, &(0x7f00000001c0)=[@memwrite={0x6e, 0x30, @generic={0x41000, 0x4ba, 0x5a00000000000000, 0x4}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x5, 0x100) (async)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1}) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x13) (async)
openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) (async, rerun: 32)
ioctl$KVM_RUN(r13, 0xae80, 0x0) (rerun: 32)

1m14.970049409s ago: executing program 8 (id=970):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, r6, 0x3})
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000000)=@arm64_sys={0xf0780000002e2172, 0x0})
r7 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$KVM_CREATE_VM(r7, 0x401c5820, 0x1b)

1m5.71599498s ago: executing program 7 (id=971):
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f00000001c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r4, 0x4018aee3, &(0x7f00000000c0)=@attr_pmu_irq={0x0, 0x0, 0x500, 0x0})
r5 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013df64, 0x8000}}], 0x18}, &(0x7f0000000280)=[@featur2={0x1, 0xa}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
r7 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
r8 = openat$kvm(0x0, &(0x7f0000000180), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
r11 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r10, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0)
r12 = eventfd2(0xd, 0x1)
close(r12)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
write$eventfd(r12, 0x0, 0x500)
r13 = eventfd2(0xb, 0x100801)
close(r13)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40800, 0x0)
r14 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)

55.654624798s ago: executing program 8 (id=972):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1ffffffffffffd)
close(r1)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000080)=@arm64_sve={0x6080000000150060, 0x0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
r7 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r6, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000001c0)="6508f2f576a8c00660f44052f7df13e9bc1a450ce17ac5e0699fa74af21c41b5cc325eeb2cd58c57c7978d7ec5ca745410683b819698425dcbbe0d4f0423f9d904cd2d01d2ad555a", 0x0, 0x48)

17.335044562s ago: executing program 39 (id=971):
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f00000001c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r4, 0x4018aee3, &(0x7f00000000c0)=@attr_pmu_irq={0x0, 0x0, 0x500, 0x0})
r5 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013df64, 0x8000}}], 0x18}, &(0x7f0000000280)=[@featur2={0x1, 0xa}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
r7 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
r8 = openat$kvm(0x0, &(0x7f0000000180), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
r11 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r10, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0)
r12 = eventfd2(0xd, 0x1)
close(r12)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
write$eventfd(r12, 0x0, 0x500)
r13 = eventfd2(0xb, 0x100801)
close(r13)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40800, 0x0)
r14 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)

0s ago: executing program 40 (id=972):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1ffffffffffffd)
close(r1)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000080)=@arm64_sve={0x6080000000150060, 0x0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
r7 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r6, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000001c0)="6508f2f576a8c00660f44052f7df13e9bc1a450ce17ac5e0699fa74af21c41b5cc325eeb2cd58c57c7978d7ec5ca745410683b819698425dcbbe0d4f0423f9d904cd2d01d2ad555a", 0x0, 0x48)

kernel console output (not intermixed with test programs):

[  398.097296][   T25] audit: type=1400 audit(397.280:60): avc:  denied  { read } for  pid=3172 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  416.189618][ T3172] 8021q: adding VLAN 0 to HW filter on device bond0
[  448.374367][ T3172] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:34848' (ED25519) to the list of known hosts.
[  633.448131][   T25] audit: type=1400 audit(632.620:61): avc:  denied  { name_bind } for  pid=3326 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  634.683049][   T25] audit: type=1400 audit(633.870:62): avc:  denied  { execute } for  pid=3327 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  634.704155][   T25] audit: type=1400 audit(633.890:63): avc:  denied  { execute_no_trans } for  pid=3327 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  666.432288][   T25] audit: type=1400 audit(665.620:64): avc:  denied  { mounton } for  pid=3327 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  666.480374][   T25] audit: type=1400 audit(665.650:65): avc:  denied  { mount } for  pid=3327 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  666.571785][ T3327] cgroup: Unknown subsys name 'net'
[  666.651810][   T25] audit: type=1400 audit(665.840:66): avc:  denied  { unmount } for  pid=3327 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  667.178517][ T3327] cgroup: Unknown subsys name 'cpuset'
[  667.313057][ T3327] cgroup: Unknown subsys name 'rlimit'
[  668.295014][   T25] audit: type=1400 audit(667.480:67): avc:  denied  { setattr } for  pid=3327 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  668.315129][   T25] audit: type=1400 audit(667.500:68): avc:  denied  { mounton } for  pid=3327 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  668.347457][   T25] audit: type=1400 audit(667.510:69): avc:  denied  { mount } for  pid=3327 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  669.431580][ T3330] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  669.451965][   T25] audit: type=1400 audit(668.640:70): avc:  denied  { relabelto } for  pid=3330 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  669.472826][   T25] audit: type=1400 audit(668.660:71): avc:  denied  { write } for  pid=3330 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  669.668658][   T25] audit: type=1400 audit(668.850:72): avc:  denied  { read } for  pid=3327 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  669.688355][   T25] audit: type=1400 audit(668.870:73): avc:  denied  { open } for  pid=3327 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  669.731452][ T3327] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  728.159998][   T25] audit: type=1400 audit(727.350:74): avc:  denied  { execmem } for  pid=3331 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  732.107149][   T25] audit: type=1400 audit(731.290:76): avc:  denied  { read } for  pid=3334 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  732.122161][   T25] audit: type=1400 audit(731.280:75): avc:  denied  { open } for  pid=3333 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  732.199730][   T25] audit: type=1400 audit(731.370:77): avc:  denied  { mounton } for  pid=3334 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  732.426870][   T25] audit: type=1400 audit(731.610:78): avc:  denied  { module_request } for  pid=3333 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  732.462296][   T25] audit: type=1400 audit(731.650:79): avc:  denied  { module_request } for  pid=3334 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  733.508041][   T25] audit: type=1400 audit(732.690:80): avc:  denied  { sys_module } for  pid=3334 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  757.061818][ T3334] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  757.482484][ T3334] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  757.544911][ T3333] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  757.808483][ T3333] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  776.505117][ T3334] hsr_slave_0: entered promiscuous mode
[  776.589112][ T3334] hsr_slave_1: entered promiscuous mode
[  779.460642][ T3333] hsr_slave_0: entered promiscuous mode
[  779.541860][ T3333] hsr_slave_1: entered promiscuous mode
[  779.627630][ T3333] debugfs: 'hsr0' already exists in 'hsr'
[  779.639944][ T3333] Cannot create hsr debugfs directory
[  786.623676][   T25] audit: type=1400 audit(785.810:81): avc:  denied  { create } for  pid=3334 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  786.677115][   T25] audit: type=1400 audit(785.840:82): avc:  denied  { write } for  pid=3334 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  786.712825][   T25] audit: type=1400 audit(785.900:83): avc:  denied  { read } for  pid=3334 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  786.855238][ T3334] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  787.441443][ T3334] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  787.700732][ T3334] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  788.023474][ T3334] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  789.741401][ T3333] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  789.919472][ T3333] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  790.094591][ T3333] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  790.362026][ T3333] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  802.811796][ T3334] 8021q: adding VLAN 0 to HW filter on device bond0
[  806.012143][ T3333] 8021q: adding VLAN 0 to HW filter on device bond0
[  863.833102][ T3334] veth0_vlan: entered promiscuous mode
[  864.323338][ T3334] veth1_vlan: entered promiscuous mode
[  866.303458][ T3334] veth0_macvtap: entered promiscuous mode
[  866.853973][ T3334] veth1_macvtap: entered promiscuous mode
[  867.106360][ T3333] veth0_vlan: entered promiscuous mode
[  868.001168][ T3333] veth1_vlan: entered promiscuous mode
[  869.544464][ T3380] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  869.649023][ T2144] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  869.668875][   T52] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  869.672691][   T52] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  871.641965][ T3333] veth0_macvtap: entered promiscuous mode
[  872.409989][ T3333] veth1_macvtap: entered promiscuous mode
[  872.618691][   T25] audit: type=1400 audit(871.720:84): avc:  denied  { mount } for  pid=3334 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  872.944009][   T25] audit: type=1400 audit(872.130:85): avc:  denied  { mounton } for  pid=3334 comm="syz-executor" path="/syzkaller.e9eGa6/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  873.222677][   T25] audit: type=1400 audit(872.360:86): avc:  denied  { mount } for  pid=3334 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  873.511115][   T25] audit: type=1400 audit(872.680:87): avc:  denied  { mounton } for  pid=3334 comm="syz-executor" path="/syzkaller.e9eGa6/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  873.669133][   T25] audit: type=1400 audit(872.840:88): avc:  denied  { mounton } for  pid=3334 comm="syz-executor" path="/syzkaller.e9eGa6/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3756 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  874.507158][   T25] audit: type=1400 audit(873.670:89): avc:  denied  { unmount } for  pid=3334 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  874.807841][   T25] audit: type=1400 audit(873.990:90): avc:  denied  { mounton } for  pid=3334 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  874.884095][   T25] audit: type=1400 audit(874.060:91): avc:  denied  { mount } for  pid=3334 comm="syz-executor" name="/" dev="gadgetfs" ino=3765 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  875.020512][ T2144] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  875.043783][ T2144] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  875.058911][ T2144] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  875.087832][ T2144] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  875.329651][   T25] audit: type=1400 audit(874.450:92): avc:  denied  { mount } for  pid=3334 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  875.401850][   T25] audit: type=1400 audit(874.590:93): avc:  denied  { mounton } for  pid=3334 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  877.275260][ T3334] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  878.580718][   T25] kauditd_printk_skb: 1 callbacks suppressed
[  878.608329][   T25] audit: type=1400 audit(877.740:95): avc:  denied  { read write } for  pid=3334 comm="syz-executor" name="loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  878.627171][   T25] audit: type=1400 audit(877.780:96): avc:  denied  { open } for  pid=3334 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  878.663774][   T25] audit: type=1400 audit(877.850:97): avc:  denied  { ioctl } for  pid=3334 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  891.457325][   T25] audit: type=1400 audit(890.630:98): avc:  denied  { append } for  pid=3491 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  891.578902][   T25] audit: type=1400 audit(890.760:99): avc:  denied  { open } for  pid=3491 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  891.775351][   T25] audit: type=1400 audit(890.960:100): avc:  denied  { read } for  pid=3491 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  891.991532][   T25] audit: type=1400 audit(891.180:101): avc:  denied  { ioctl } for  pid=3491 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  896.347628][   T25] audit: type=1400 audit(895.530:102): avc:  denied  { write } for  pid=3493 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  898.000085][   T25] audit: type=1400 audit(897.180:103): avc:  denied  { ioctl } for  pid=3491 comm="syz.0.1" path="net:[4026531833]" dev="nsfs" ino=4026531833 ioctlcmd=0x5828 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  910.723499][   T25] audit: type=1400 audit(909.880:104): avc:  denied  { create } for  pid=3499 comm="syz.0.3" anonclass=[kvm-gmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1076.100378][   T25] audit: type=1400 audit(1075.280:105): avc:  denied  { execute } for  pid=3585 comm="syz.1.32" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=5411 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[ 1100.207839][   T25] audit: type=1400 audit(1099.390:106): avc:  denied  { map } for  pid=3603 comm="syz.0.36" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=5660 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1100.228673][   T25] audit: type=1400 audit(1099.410:107): avc:  denied  { read } for  pid=3603 comm="syz.0.36" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=5660 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1148.439850][   T25] audit: type=1400 audit(1147.610:108): avc:  denied  { ioctl } for  pid=3633 comm="syz.0.47" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=6037 ioctlcmd=0xaeae scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1172.052888][   T25] audit: type=1400 audit(1171.180:109): avc:  denied  { execute } for  pid=3648 comm="syz.1.52" path=2F32352FFF67521CD66F8F1F447D3570707CD24B7EEBB207 dev="tmpfs" ino=143 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 1312.741272][   T25] audit: type=1400 audit(1311.930:110): avc:  denied  { map } for  pid=3731 comm="syz.0.78" path="pipe:[2770]" dev="pipefs" ino=2770 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 1312.795104][   T25] audit: type=1400 audit(1311.980:111): avc:  denied  { execute } for  pid=3731 comm="syz.0.78" path="pipe:[2770]" dev="pipefs" ino=2770 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 1385.784509][   T25] audit: type=1400 audit(1384.970:112): avc:  denied  { map } for  pid=3769 comm="syz.0.88" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2270.951710][ T4255] kvm [4255]: Failed to find VMA for hva 0x20ddf000
[ 2438.277106][   T25] audit: type=1400 audit(2437.400:113): avc:  denied  { execute } for  pid=4346 comm="syz.1.251" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2505.529440][   T25] audit: type=1400 audit(2504.610:114): avc:  denied  { setattr } for  pid=4377 comm="syz.0.261" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2505.794099][ T4379] KVM: debugfs: duplicate directory 4379-5
[ 2675.287964][ T4461] kvm [4461]: Failed to find VMA for hva 0x20d8d000
[ 2736.333088][ T4500] kvm [4500]: Failed to find VMA for hva 0x21016000
[ 3206.723310][ T4746] kvm [4745]: Unsupported guest access at: eeef0000
[ 3206.723310][ T4746]  { Op0( 2), Op1( 0), CRn( 0), CRm( 0), Op2( 2), func_write },
[ 3207.569026][ T4746] kvm [4746]: Failed to find VMA for hva 0x20d8d000
[ 3277.738067][ T4783] kvm [4783]: Failed to find VMA for hva 0x20dd3000
[ 3366.771208][ T4821] kvm [4821]: Failed to find VMA for hva 0x20dca000
[ 3389.780432][ T4837] kvm [4837]: Failed to find VMA for hva 0x21016000
[ 3402.048808][ T4844] kvm [4844]: Failed to find VMA for hva 0x20dc8000
[ 3430.361283][ T4859] kvm [4859]: Failed to find VMA for hva 0x20dc1000
[ 3462.564143][ T4883] kvm [4883]: Failed to find VMA for hva 0x20ddb000
[ 3637.043110][   T25] audit: type=1400 audit(3636.220:115): avc:  denied  { map } for  pid=4991 comm="syz.1.448" path="/" dev="tmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 3834.712858][   T32] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3836.649997][   T32] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3837.760251][   T32] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3838.843223][   T32] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3856.478479][   T32] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3856.559808][   T32] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3856.644957][   T32] bond0 (unregistering): Released all slaves
[ 3857.808792][   T32] hsr_slave_0: left promiscuous mode
[ 3857.835375][   T32] hsr_slave_1: left promiscuous mode
[ 3858.051640][   T32] veth1_macvtap: left promiscuous mode
[ 3858.097455][   T32] veth0_macvtap: left promiscuous mode
[ 3858.102136][   T32] veth1_vlan: left promiscuous mode
[ 3858.114591][   T32] veth0_vlan: left promiscuous mode
[ 3878.844375][   T32] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3880.081032][   T32] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3881.384631][   T32] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3882.454435][   T32] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3890.928487][ T5083] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3891.291215][ T5083] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3904.675070][   T32] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3904.828718][   T32] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3904.962459][   T32] bond0 (unregistering): Released all slaves
[ 3906.696852][   T32] hsr_slave_0: left promiscuous mode
[ 3906.761331][   T32] hsr_slave_1: left promiscuous mode
[ 3907.328461][   T32] veth1_macvtap: left promiscuous mode
[ 3907.339497][   T32] veth0_macvtap: left promiscuous mode
[ 3907.352963][   T32] veth1_vlan: left promiscuous mode
[ 3907.370163][   T32] veth0_vlan: left promiscuous mode
[ 3922.861124][ T5087] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3923.372282][ T5087] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3933.722868][ T5083] hsr_slave_0: entered promiscuous mode
[ 3933.763589][ T5083] hsr_slave_1: entered promiscuous mode
[ 3945.311607][ T5087] hsr_slave_0: entered promiscuous mode
[ 3945.361232][ T5087] hsr_slave_1: entered promiscuous mode
[ 3945.400868][ T5087] debugfs: 'hsr0' already exists in 'hsr'
[ 3945.416872][ T5087] Cannot create hsr debugfs directory
[ 3948.050069][   T25] audit: type=1400 audit(3947.190:116): avc:  denied  { create } for  pid=5083 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 3948.119038][   T25] audit: type=1400 audit(3947.300:117): avc:  denied  { write } for  pid=5083 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 3948.150444][   T25] audit: type=1400 audit(3947.340:118): avc:  denied  { read } for  pid=5083 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 3948.318533][ T5083] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 3949.378042][ T5083] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 3949.899144][ T5083] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 3950.172834][ T5083] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 3959.518748][ T5087] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 3959.923914][ T5087] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 3960.308619][ T5087] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 3960.644320][ T5087] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 3978.350144][ T5083] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3988.861715][ T5087] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4073.888797][ T5083] veth0_vlan: entered promiscuous mode
[ 4074.787789][ T5083] veth1_vlan: entered promiscuous mode
[ 4078.183155][ T5083] veth0_macvtap: entered promiscuous mode
[ 4078.710449][ T5083] veth1_macvtap: entered promiscuous mode
[ 4082.350791][ T5112] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4082.427443][ T5112] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4082.440640][ T5112] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4082.469012][ T2144] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4088.550531][ T5087] veth0_vlan: entered promiscuous mode
[ 4090.189345][ T5087] veth1_vlan: entered promiscuous mode
[ 4093.708735][ T5087] veth0_macvtap: entered promiscuous mode
[ 4094.448458][ T5087] veth1_macvtap: entered promiscuous mode
[ 4098.664623][ T3755] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4098.905352][ T3965] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4098.940625][ T5218] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4098.946969][ T5218] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4152.777363][   T25] audit: type=1400 audit(4151.930:119): avc:  denied  { execmem } for  pid=5330 comm="syz.3.478" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 5304.222948][ T5937] kvm [5937]: Failed to find VMA for hva 0x20c01000
[ 6133.298111][ T5290] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6135.444210][ T5290] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6137.663086][ T5290] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6139.962401][ T5290] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6168.855100][ T5290] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 6169.163502][ T5290] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 6169.449849][ T5290] bond0 (unregistering): Released all slaves
[ 6172.037712][ T5290] hsr_slave_0: left promiscuous mode
[ 6172.149303][ T5290] hsr_slave_1: left promiscuous mode
[ 6173.000917][ T5290] veth1_macvtap: left promiscuous mode
[ 6173.038301][ T5290] veth0_macvtap: left promiscuous mode
[ 6173.063737][ T5290] veth1_vlan: left promiscuous mode
[ 6173.111913][ T5290] veth0_vlan: left promiscuous mode
[ 6271.405163][ T6307] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6272.024319][ T6307] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6310.219600][ T6307] hsr_slave_0: entered promiscuous mode
[ 6310.344654][ T6307] hsr_slave_1: entered promiscuous mode
[ 6310.481483][ T6307] debugfs: 'hsr0' already exists in 'hsr'
[ 6310.487082][ T6307] Cannot create hsr debugfs directory
[ 6332.214780][ T6307] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 6332.988130][ T6307] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 6333.580512][ T6307] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 6334.263841][ T6307] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 6367.019850][ T6307] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6532.202946][ T6307] veth0_vlan: entered promiscuous mode
[ 6533.424344][ T6307] veth1_vlan: entered promiscuous mode
[ 6537.121623][ T6307] veth0_macvtap: entered promiscuous mode
[ 6537.819503][ T6307] veth1_macvtap: entered promiscuous mode
[ 6541.760867][ T6220] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 6541.823433][ T6314] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 6541.843019][ T6314] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 6542.066950][ T6314] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 7725.779334][ T5998] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7728.501857][ T5998] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7729.793229][ T5998] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7731.071607][ T5998] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7750.294122][ T5998] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 7750.722999][ T5998] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 7750.882706][ T5998] bond0 (unregistering): Released all slaves
[ 7752.893257][ T5998] hsr_slave_0: left promiscuous mode
[ 7752.997859][ T5998] hsr_slave_1: left promiscuous mode
[ 7753.607740][ T5998] veth1_macvtap: left promiscuous mode
[ 7753.611080][ T5998] veth0_macvtap: left promiscuous mode
[ 7753.623061][ T5998] veth1_vlan: left promiscuous mode
[ 7753.664122][ T5998] veth0_vlan: left promiscuous mode
[ 7787.045272][ T7061] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7788.571788][ T7061] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7789.624099][ T7061] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7790.994333][ T7061] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7812.863162][ T7061] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 7813.242174][ T7061] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 7813.570311][ T7061] bond0 (unregistering): Released all slaves
[ 7816.581538][ T7061] hsr_slave_0: left promiscuous mode
[ 7816.658008][ T7061] hsr_slave_1: left promiscuous mode
[ 7817.184888][ T7061] veth1_macvtap: left promiscuous mode
[ 7817.221332][ T7061] veth0_macvtap: left promiscuous mode
[ 7817.233307][ T7061] veth1_vlan: left promiscuous mode
[ 7817.263109][ T7061] veth0_vlan: left promiscuous mode
[ 7854.564072][ T7048] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7854.871659][ T7048] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7862.239502][ T7059] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7862.551431][ T7059] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7886.063189][ T7048] hsr_slave_0: entered promiscuous mode
[ 7886.191219][ T7048] hsr_slave_1: entered promiscuous mode
[ 7897.031688][ T7059] hsr_slave_0: entered promiscuous mode
[ 7897.110560][ T7059] hsr_slave_1: entered promiscuous mode
[ 7897.213429][ T7059] debugfs: 'hsr0' already exists in 'hsr'
[ 7897.231474][ T7059] Cannot create hsr debugfs directory
[ 7911.300705][ T7048] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 7912.210778][ T7048] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 7912.703736][ T7048] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 7913.318403][ T7048] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 7918.367952][ T7059] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 7918.923231][ T7059] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 7919.388744][ T7059] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 7919.883213][ T7059] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 7949.811793][ T7048] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7957.011993][ T7059] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8107.712366][ T7048] veth0_vlan: entered promiscuous mode
[ 8109.245046][ T7048] veth1_vlan: entered promiscuous mode
[ 8115.097318][ T7059] veth0_vlan: entered promiscuous mode
[ 8116.210218][ T7048] veth0_macvtap: entered promiscuous mode
[ 8117.640756][ T7048] veth1_macvtap: entered promiscuous mode
[ 8118.014724][ T7059] veth1_vlan: entered promiscuous mode
[ 8125.519303][ T7077] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8125.533218][ T7077] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8125.534226][ T7077] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8125.747542][ T7077] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8126.622507][ T7059] veth0_macvtap: entered promiscuous mode
[ 8128.111275][ T7059] veth1_macvtap: entered promiscuous mode
[ 8136.787181][ T7191] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8136.918726][ T3965] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8136.930501][ T3965] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8137.081486][ T3965] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8760.159547][ T7077] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8762.351331][ T7077] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8763.909095][ T7077] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8765.692597][ T7077] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8792.060984][ T7077] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 8792.458602][ T7077] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 8792.822785][ T7077] bond0 (unregistering): Released all slaves
[ 8795.177795][ T7077] hsr_slave_0: left promiscuous mode
[ 8795.351078][ T7077] hsr_slave_1: left promiscuous mode
[ 8796.478399][ T7077] veth1_macvtap: left promiscuous mode
[ 8796.489404][ T7077] veth0_macvtap: left promiscuous mode
[ 8796.494823][ T7077] veth1_vlan: left promiscuous mode
[ 8796.520196][ T7077] veth0_vlan: left promiscuous mode
[ 8837.298267][ T7077] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8839.264583][ T7077] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8841.062311][ T7077] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8842.633013][ T7077] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8871.222503][ T7077] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 8871.482325][ T7077] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 8871.703497][ T7077] bond0 (unregistering): Released all slaves
[ 8873.837429][ T7077] hsr_slave_0: left promiscuous mode
[ 8873.977408][ T7077] hsr_slave_1: left promiscuous mode
[ 8874.958196][ T7077] veth1_macvtap: left promiscuous mode
[ 8874.977199][ T7077] veth0_macvtap: left promiscuous mode
[ 8874.990133][ T7077] veth1_vlan: left promiscuous mode
[ 8874.994214][ T7077] veth0_vlan: left promiscuous mode
[ 8938.044000][ T7567] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8938.419867][ T7567] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8942.899384][ T7572] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8943.254379][ T7572] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8976.734507][ T7567] hsr_slave_0: entered promiscuous mode
[ 8976.893509][ T7567] hsr_slave_1: entered promiscuous mode
[ 8984.401324][ T7572] hsr_slave_0: entered promiscuous mode
[ 8984.502162][ T7572] hsr_slave_1: entered promiscuous mode
[ 8984.623477][ T7572] debugfs: 'hsr0' already exists in 'hsr'
[ 8984.650952][ T7572] Cannot create hsr debugfs directory
[ 9004.354979][ T7567] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 9005.368717][ T7567] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 9005.969885][ T7567] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 9007.044538][ T7567] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 9015.073312][ T7572] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 9015.545275][ T7572] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 9016.431618][ T7572] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 9017.228346][ T7572] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 9053.314614][ T7567] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9062.055376][ T7572] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9250.094628][ T7567] veth0_vlan: entered promiscuous mode
[ 9251.731870][ T7567] veth1_vlan: entered promiscuous mode
[ 9258.832196][ T7567] veth0_macvtap: entered promiscuous mode
[ 9259.880125][ T7572] veth0_vlan: entered promiscuous mode
[ 9261.219483][ T7567] veth1_macvtap: entered promiscuous mode
[ 9262.514089][ T7572] veth1_vlan: entered promiscuous mode
[ 9269.579089][ T7789] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 9269.719297][ T2144] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 9269.730465][ T2144] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 9269.763713][ T2144] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 9272.368602][ T7572] veth0_macvtap: entered promiscuous mode
[ 9274.334041][ T7572] veth1_macvtap: entered promiscuous mode
[ 9283.118193][ T7789] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 9283.190192][ T7789] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 9283.379770][ T3965] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 9283.441999][ T7722] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 9685.219678][ T7903] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 9685.984550][ T7903] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 9700.272310][ T7908] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 9700.982628][ T7908] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 9756.112291][ T7903] hsr_slave_0: entered promiscuous mode
[ 9756.302567][ T7903] hsr_slave_1: entered promiscuous mode
[ 9756.438632][ T7903] debugfs: 'hsr0' already exists in 'hsr'
[ 9756.478258][ T7903] Cannot create hsr debugfs directory
[ 9772.234339][ T7908] hsr_slave_0: entered promiscuous mode
[ 9772.462355][ T7908] hsr_slave_1: entered promiscuous mode
[ 9772.595201][ T7908] debugfs: 'hsr0' already exists in 'hsr'
[ 9772.710996][ T7908] Cannot create hsr debugfs directory
[ 9821.087264][ T7903] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 9822.749597][ T7903] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 9827.130016][ T7903] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 9828.669312][ T7903] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 9855.575195][ T7908] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 9856.922831][ T7908] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 9858.382318][ T7908] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 9859.627661][ T7908] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 9901.190862][ T7903] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9922.381264][ T7908] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9922.608900][   T27] INFO: task syz.8.972:7887 blocked for more than 430 seconds.
[ 9922.618265][   T27]       Not tainted syzkaller #0
[ 9922.706597][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 9922.710163][   T27] task:syz.8.972       state:D stack:0     pid:7887  tgid:7887  ppid:7572   task_flags:0x400040 flags:0x00000011
[ 9922.761802][   T27] Call trace:
[ 9922.762314][   T27]  __switch_to+0x584/0xb00 (T)
[ 9922.764416][   T27]  __schedule+0x200c/0x3428
[ 9922.765001][   T27]  schedule+0xac/0x27c
[ 9922.858680][   T27]  schedule_timeout+0x68/0x1ec
[ 9922.918436][   T27]  do_wait_for_common+0x28c/0x440
[ 9922.921283][   T27]  wait_for_completion+0x44/0x5c
[ 9922.950286][   T27]  __synchronize_srcu+0x2a4/0x320
[ 9922.951041][   T27]  synchronize_srcu+0x3d0/0x4f8
[ 9922.951555][   T27]  mmu_notifier_unregister+0x320/0x428
[ 9922.952095][   T27]  kvm_put_kvm+0x698/0xbe0
[ 9922.952500][   T27]  kvm_vm_release+0x58/0x78
[ 9922.952999][   T27]  __fput+0x4ac/0x978
[ 9922.953439][   T27]  ____fput+0x20/0x58
[ 9922.953888][   T27]  task_work_run+0x1b8/0x250
[ 9922.954323][   T27]  exit_to_user_mode_loop+0x110/0x188
[ 9922.954794][   T27]  el0_svc+0x17c/0x238
[ 9922.955275][   T27]  el0t_64_sync_handler+0x84/0x12c
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 9923.118244][   T27]  el0t_64_sync+0x198/0x19c
[ 9923.197679][   T27] 
[ 9923.197679][   T27] Showing all locks held in the system:
[ 9923.214853][   T27] 1 lock held by khungtaskd/27:
[ 9923.267067][   T27]  #0: ffff800087a86d08 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x0/0x44
[ 9923.281989][   T27] 1 lock held by jbd2/vda-8/3111:
[ 9923.282903][   T27] 2 locks held by getty/3201:
[ 9923.283274][   T27]  #0: 5cf000001231e8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 9923.285089][   T27]  #1: 76ff80008c80b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x308/0x1234
[ 9923.464412][   T27] 2 locks held by syz-executor/3327:
[ 9923.464962][   T27] 3 locks held by kworker/u4:8/3965:
[ 9923.527675][   T27] 3 locks held by kworker/u4:0/5998:
[ 9923.530524][   T27] 2 locks held by kworker/u4:2/6220:
[ 9923.571244][   T27] 3 locks held by kworker/u4:10/7055:
[ 9923.571763][   T27] 3 locks held by kworker/u4:14/7191:
[ 9923.572111][   T27] 3 locks held by kworker/u4:15/7267:
[ 9923.572453][   T27] 3 locks held by kworker/u4:6/7588:
[ 9923.572804][   T27] 3 locks held by kworker/u4:11/7722:
[ 9923.573154][   T27] 2 locks held by kworker/u4:16/7789:
[ 9923.573463][   T27]  #0: b6f000000cc26948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a10
[ 9923.637672][   T27]  #1: ffff80008f057c88 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a10
[ 9923.648168][   T27] 2 locks held by syz.7.971/7882:
[ 9923.649041][   T27] 3 locks held by kworker/u4:12/8044:
[ 9923.649408][   T27] 2 locks held by dhcpcd-run-hook/8049:
[ 9923.737285][   T27] 
[ 9923.739323][   T27] =============================================
[ 9923.739323][   T27] 
[ 9923.761365][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[ 9923.765681][   T27] CPU: 0 UID: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT 
[ 9923.767073][   T27] Hardware name: linux,dummy-virt (DT)
[ 9923.767965][   T27] Call trace:
[ 9923.768789][   T27]  show_stack+0x2c/0x3c (C)
[ 9923.769810][   T27]  __dump_stack+0x30/0x40
[ 9923.770721][   T27]  dump_stack_lvl+0x30/0x12c
[ 9923.771632][   T27]  dump_stack+0x1c/0x28
[ 9923.772517][   T27]  vpanic+0x1d4/0x4e4
[ 9923.773332][   T27]  vpanic+0x0/0x4e4
[ 9923.774105][   T27]  hung_task_panic+0x0/0x2c
[ 9923.774967][   T27]  kthread+0x794/0x99c
[ 9923.775836][   T27]  ret_from_fork+0x10/0x20
[ 9923.777645][   T27] Kernel Offset: disabled
[ 9923.778349][   T27] CPU features: 0x0000000,001a3005,fbe327a1,057ffe1f
[ 9923.779375][   T27] Memory Limit: none
[ 9923.781517][   T27] Rebooting in 86400 seconds..