last executing test programs:

48m3.928284661s ago: executing program 0 (id=29):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@hvc={0x32, 0x40, {0x84000010, [0x6, 0x6, 0x7b, 0xfff, 0x9]}}, @uexit={0x0, 0x18, 0x9}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff0, 0x3, 0x8}}, @code={0xa, 0xe4, {"c03f9dd20060b8f2a10180d2420180d2630080d2c40080d2020000d4000028d5a0b195d200c0b8f2210180d2620180d2a30180d2840080d2020000d4603382d200e0b0f2c10080d2020080d2030080d2440080d2020000d460c98cd200e0b8f2e10180d2620080d2230080d2040080d2020000d400cca00e000028d5c0ac9cd200a0b8f2410080d2a20180d2230180d2040080d2020000d4201980d20040b8f2610180d2620180d2830180d2e40080d2020000d4a06c8ed20020b0f2e10080d2020180d2830080d2640080d2020000d4"}}, @eret={0xe6, 0x18, 0xb2}], 0x184}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x4, 0x220)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x900, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r3=>0xffffffffffffffff})
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_GET_STATS_FD_cpu(r2, 0xaece)
ioctl$KVM_PRE_FAULT_MEMORY(r6, 0xc040aed5, &(0x7f0000000040)={0x100000, 0x4000})
r7 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r5, 0x4010ae74, &(0x7f0000000440)={0x137, 0xffff856e, 0x6})
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000080), 0x208100, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_vgic_v3_setup(r11, 0x1, 0x100)
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x3, 0x0, &(0x7f0000000240)=0x100})
ioctl$KVM_CHECK_EXTENSION(r9, 0xae03, 0xcd)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x220482, 0x0)
ioctl$KVM_CREATE_VM(r13, 0x80111500, 0x20000000)
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0x80111500, 0x20000000)
write$eventfd(r15, &(0x7f0000000040), 0x8)
syz_kvm_assert_reg(r8, 0x603000000013dce0, 0x8000)
r16 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8080, 0x0)
ioctl$KVM_CHECK_EXTENSION(r16, 0xae03, 0x46)
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

48m3.927755021s ago: executing program 1 (id=30):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async, rerun: 32)
r3 = openat$kvm(0x0, 0x0, 0x0, 0x0) (async, rerun: 32)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r5, 0x4008ae6a, &(0x7f00000002c0)=ANY=[@ANYBLOB="0207"]) (async)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r6, 0x3, 0x2011, r2, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) (async, rerun: 32)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21) (async, rerun: 32)
r7 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x5)
close(r7) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x100000d, 0x40032, 0xffffffffffffffff, 0x0)

47m53.879177732s ago: executing program 0 (id=31):
ioctl$KVM_GET_REGS(0xffffffffffffffff, 0x8360ae81, &(0x7f00000000c0))
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, 0xfffffffffffffffe)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000040)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000000)=0x5})

47m52.580500496s ago: executing program 1 (id=32):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000000)={0x0, &(0x7f0000000140)=[@msr={0x14, 0x20, {0x603000000013e088, 0x5}}, @msr={0x14, 0x20, {0x603000000013df78, 0x7fffffffffffffff}}, @msr={0x14, 0x20, {0x6030000000138077, 0x593c}}, @smc={0x1e, 0x40, {0x40, [0xf, 0x3, 0x9, 0x80000001, 0xe00]}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x4, 0x9, 0x31, 0x100, 0x4}}, @svc={0x122, 0x40, {0x84000010, [0x40, 0x3, 0x262f, 0x100000000000000, 0x2131]}}, @smc={0x1e, 0x40, {0x2000, [0x6, 0x5, 0x1, 0x7fff, 0x8]}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x8, 0x5, 0xffffffff, 0xff, 0x1}}, @code={0xa, 0xb4, {"0070800c0000789e000028d50084002fc0f09ed20060b0f2610080d2220080d2630080d2e40180d2020000d440db9cd20000b8f2010080d2820180d2230080d2640180d2020000d4603a8cd200c0b0f2e10080d2220180d2430180d2440080d2020000d4008008d5e03c9ed20000b8f2610180d2020080d2230180d2c40080d2020000d4a04e8ad20020b0f2410080d2c20080d2230080d2a40080d2020000d4"}}, @eret={0xe6, 0x18}, @uexit={0x0, 0x18, 0x4}, @code={0xa, 0x6c, {"0004005e0000399ee09092d20060b0f2010180d2420180d2c30080d2a40180d2020000d480dd94d20020b8f2a10180d2e20180d2e30180d2c40080d2020000d4007008d5007008d5007008d5000000a80030000f00000072"}}, @eret={0xe6, 0x18, 0x7}, @its_setup={0x82, 0x28, {0x4, 0x3, 0x339}}, @svc={0x122, 0x40, {0xc4000001, [0x9, 0x80, 0x5, 0x101, 0x5]}}, @smc={0x1e, 0x40, {0x4, [0xf31d, 0xd, 0x80000000000000, 0x1000, 0x3]}}, @irq_setup={0x46, 0x18, {0x0, 0x21c}}, @svc={0x122, 0x40, {0x40, [0x0, 0x8000000000000001, 0x7fffffffffffffff, 0x100, 0x72d746de]}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x104}}], 0x400}, &(0x7f0000000040)=[@featur2={0x1, 0x40}], 0x1) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8400, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000140)=@arm64_bitmap={0x6070000000160002, 0x0}) (async)
r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x3000)=nil, 0x930, 0x2000000, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4040aea0, 0x0)

47m46.229611136s ago: executing program 0 (id=33):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x4)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000180)={0x3000, 0x0, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000380)={0x2, 0x25000, 0x1})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000000000)={0x80a0000, 0x0, 0x1})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_CAP_ARM_MTE(r0, 0x4068aea3, &(0x7f0000000040))
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f00000000c0)=@arm64_core={0x603000000010002e, &(0x7f0000000380)=0xfffffffffffffff8})

47m43.214967075s ago: executing program 1 (id=34):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x147200, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffe}}, @msr={0x14, 0x20, {0x603000000013dce5, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r9, 0x4008ae6a, &(0x7f00000002c0)={0x2, 0x0, [{0x0, 0x2, 0x1, 0x0, @adapter={0xffffffff87bdf123, 0x100, 0xfffffffffffffff9, 0x4, 0x80000001}}, {0x10000, 0x1, 0x1, 0x0, @adapter={0x7b, 0x9, 0x0, 0x443, 0x8}}]})
r10 = eventfd2(0x7, 0x1)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000000)={0x0, 0x1000, 0x2, r10, 0x8})
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000200)={0x1fd, 0x2, 0x8000000, 0x1000, &(0x7f0000c42000/0x1000)=nil})
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r5, 0x4010aeb5, &(0x7f0000000000)={0xe35, 0x100000000})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r12, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)

47m36.281356426s ago: executing program 0 (id=35):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x7, <r2=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x9, 0xfffffffffffffff9, 0x0})
openat$kvm(0x0, 0xfffffffffffffffe, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x4)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r5, 0x4068aea3, &(0x7f0000000180)={0xe4, 0x0, 0x1000})
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r6 = eventfd2(0x101, 0x800)
write$eventfd(r6, &(0x7f0000000080)=0xfffffffffffffff7, 0x8)
r7 = eventfd2(0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x302, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r11, r12, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000080)=@arm64_core={0x6030000000100042, &(0x7f0000000100)=0xc5c5})
r13 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xeeef0000, 0x0, r13})
ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f0000000000)={0x3, 0xff0d77deeb9aad17, 0x0, r7, 0x4})
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000100)={r6, 0x6, 0x1, r7})
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r15, 0xc00caee0, &(0x7f0000000140)={0x4, <r16=>0xffffffffffffffff, 0x1})
close(0xffffffffffffffff)
ioctl$KVM_CREATE_VM(r16, 0x800454e1, 0x8)

47m29.518299153s ago: executing program 1 (id=36):
r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f00000002c0)=ANY=[@ANYBLOB="01000002"])
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x200000a, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
ioctl$KVM_CAP_ARM_USER_IRQ(r0, 0x4068aea3, &(0x7f0000000240))
r3 = openat$kvm(0x0, &(0x7f0000000100), 0x10280, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000f2a000/0x4000)=nil, 0x930, 0xf, 0x32, 0xffffffffffffffff, 0x0)
syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x3, 0x0, 0x30a}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r4, 0x4008ae73, &(0x7f0000000040)={0x4, 0xd})
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8})
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0)

47m20.920138787s ago: executing program 0 (id=37):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x6102, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000009000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

47m16.441238665s ago: executing program 1 (id=38):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0)
r7 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000000)=@arm64_sys={0x603000000013c038, 0x0})
ioctl$KVM_CREATE_VM(r7, 0x401c5820, 0x20000001) (async)
ioctl$KVM_CREATE_VM(r7, 0x401c5820, 0x20000001)
r8 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000002, [0x99b, 0x100000001, 0x5, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

47m14.502478307s ago: executing program 0 (id=39):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x40480, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r4, 0xae03, 0x51)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f0000000400)=[@hvc={0x32, 0x40, {0x84000053, [0x8, 0x8, 0x1, 0x8, 0x100]}}], 0x40}, 0x0, 0x0) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f0000000400)=[@hvc={0x32, 0x40, {0x84000053, [0x8, 0x8, 0x1, 0x8, 0x100]}}], 0x40}, 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x34)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000000000001998fea1d"])
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, <r9=>0xffffffffffffffff, 0x1})
write$eventfd(r9, &(0x7f00000001c0)=0x7ffffff, 0xfdef) (async)
write$eventfd(r9, &(0x7f00000001c0)=0x7ffffff, 0xfdef)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r10 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@msr={0x14, 0x20, {0x603000000013c65d, 0xf}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000280)={0x0, 0x0, 0xfffffffffffffcdd}, 0x0, 0x0) (async)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000280)={0x0, 0x0, 0xfffffffffffffcdd}, 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04) (async)
r15 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
r16 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r15, 0x3, 0x11, r14, 0x40000)
syz_memcpy_off$KVM_EXIT_MMIO(r16, 0x20, &(0x7f0000000080)="173ea04e539f083b583a50e00fc16c4b72bd83875fa60766", 0x0, 0x18)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r16, 0x20, &(0x7f0000000200)="2cdfa33d543d499100091b512a0cf72e6eb0ff8e0a4dd71f35df34cfbdc5fb670b7c516643fb78049a8529323047ebbc4834f7d0dd79e8b223b14d12e2d7cbdd45966671a311d1aa", 0x0, 0x48)
r17 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000003c0)=[@hvc={0x32, 0x40, {0x86000001, [0xc, 0x5, 0x2, 0xfffffffffffffffc, 0x52]}}], 0xffffffb5}, 0x0, 0x0)
ioctl$KVM_RUN(r17, 0xae80, 0x0)

47m7.23095521s ago: executing program 1 (id=40):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, <r3=>0xffffffffffffffff, 0x1})
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r4, 0x4068aea3, &(0x7f0000000100)={0xdf, 0x0, 0x4000})
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x13)
syz_kvm_setup_cpu$arm64(r6, r5, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="6026594600000000000000180000000000000001"], 0x18}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

46m27.570948498s ago: executing program 32 (id=39):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x40480, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r4, 0xae03, 0x51)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f0000000400)=[@hvc={0x32, 0x40, {0x84000053, [0x8, 0x8, 0x1, 0x8, 0x100]}}], 0x40}, 0x0, 0x0) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f0000000400)=[@hvc={0x32, 0x40, {0x84000053, [0x8, 0x8, 0x1, 0x8, 0x100]}}], 0x40}, 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x34)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000000000001998fea1d"])
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, <r9=>0xffffffffffffffff, 0x1})
write$eventfd(r9, &(0x7f00000001c0)=0x7ffffff, 0xfdef) (async)
write$eventfd(r9, &(0x7f00000001c0)=0x7ffffff, 0xfdef)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r10 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@msr={0x14, 0x20, {0x603000000013c65d, 0xf}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000280)={0x0, 0x0, 0xfffffffffffffcdd}, 0x0, 0x0) (async)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000280)={0x0, 0x0, 0xfffffffffffffcdd}, 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04) (async)
r15 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
r16 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r15, 0x3, 0x11, r14, 0x40000)
syz_memcpy_off$KVM_EXIT_MMIO(r16, 0x20, &(0x7f0000000080)="173ea04e539f083b583a50e00fc16c4b72bd83875fa60766", 0x0, 0x18)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r16, 0x20, &(0x7f0000000200)="2cdfa33d543d499100091b512a0cf72e6eb0ff8e0a4dd71f35df34cfbdc5fb670b7c516643fb78049a8529323047ebbc4834f7d0dd79e8b223b14d12e2d7cbdd45966671a311d1aa", 0x0, 0x48)
r17 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000003c0)=[@hvc={0x32, 0x40, {0x86000001, [0xc, 0x5, 0x2, 0xfffffffffffffffc, 0x52]}}], 0xffffffb5}, 0x0, 0x0)
ioctl$KVM_RUN(r17, 0xae80, 0x0)

46m19.738976696s ago: executing program 33 (id=40):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, <r3=>0xffffffffffffffff, 0x1})
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r4, 0x4068aea3, &(0x7f0000000100)={0xdf, 0x0, 0x4000})
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x13)
syz_kvm_setup_cpu$arm64(r6, r5, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="6026594600000000000000180000000000000001"], 0x18}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1m7.008989975s ago: executing program 3 (id=365):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$arm64(r1, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r1, 0x4068aea3, &(0x7f0000000000)={0xe4, 0x0, 0x7})
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f00000000c0)={0x1, 0x0, &(0x7f0000e97000/0x14000)=nil})

57.927781129s ago: executing program 3 (id=367):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x39)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000200)=[@irq_setup={0x46, 0x18, {0x4, 0x3}}, @eret={0xe6, 0x18, 0x8}, @mrs={0xbe, 0x18, {0x603000000013e532}}, @uexit={0x0, 0x18, 0xf}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x2b8}}, @uexit={0x0, 0x18, 0x4}, @uexit={0x0, 0x18}, @hvc={0x32, 0x40, {0xc4000007, [0x1, 0xfcdc, 0x4, 0xb, 0xfffffffffffffe00]}}, @uexit={0x0, 0x18, 0x7}], 0x110}, &(0x7f0000000080)=[@featur2={0x1, 0xc}], 0x1)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000100)=@arm64_fp_extra={0x60200000001000d5, &(0x7f00000000c0)=0x3})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000001c0)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013addb, 0x7}}], 0x20}, 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000040)={0x7, <r8=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r8, 0x4018aee3, &(0x7f0000000100)=@attr_other={0x0, 0x0, 0x6, &(0x7f0000000140)=0xffff})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

57.184791604s ago: executing program 2 (id=368):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x2, 0x6}}], 0x50}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async, rerun: 64)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff}) (rerun: 64)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x62) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

45.569786453s ago: executing program 3 (id=369):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2e)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r7, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)
mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r9, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r10 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r11 = mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x11, r10, 0x40000)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000100)="b7fd70886788e8e0e522022a69832d0435b8dd45f22344477a3b4c9464506ced90a91e573a3ffae3de1fc5cd2dd6f1294366d73f78a3bf8c268782fc65b9a6b4f9aa43c1777b7837", 0x0, 0x48)
r12 = openat$kvm(0x0, &(0x7f0000000000), 0x222000, 0x0)
ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x15)
syz_kvm_setup_cpu$arm64(r13, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000200)=@arm64_core={0x603000000010003a, &(0x7f00000001c0)=0x9})
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)

45.235351046s ago: executing program 2 (id=370):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x11)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x2a040, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0xd8)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0)
r7 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
ioctl$KVM_CREATE_VM(r7, 0x401c5820, 0x20000001)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x27, 0x88000002}})

35.221160014s ago: executing program 2 (id=371):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r2, 0x4018aee2, &(0x7f00000000c0)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0xffffffffffffffff})

25.889296914s ago: executing program 3 (id=372):
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8402, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x12)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0)
ioctl$KVM_GET_STATS_FD_cpu(r2, 0xaece)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)

25.245658218s ago: executing program 2 (id=373):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x28)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r2, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000})
ioctl$KVM_CLEAR_DIRTY_LOG(r2, 0xc018aec0, &(0x7f00000001c0)={0x1fe, 0x80, 0x280, 0x0})
r3 = eventfd2(0x8, 0x180000)
r4 = eventfd2(0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0x80111500, 0x20000000)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f00000000c0)={r3, 0x100, 0x1, r4})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r5, 0x4008ae73, &(0x7f0000000000)={0x7, 0xffff})
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000140)=[@featur1={0x1, 0x633563f6b2813d7}], 0x1)

15.401813009s ago: executing program 3 (id=374):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x20400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee2, &(0x7f00000000c0)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0xffffffffffffffff})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r1, 0xc018aec0, &(0x7f0000000000)={0x8})

11.985098993s ago: executing program 2 (id=375):
openat$kvm(0x0, &(0x7f0000000040), 0x2000, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r1, 0x4010ae74, &(0x7f0000000000)={0x6, 0x968, 0x7b1a})
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) (async)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x1fd, 0x2, 0x8000000, 0x2000, &(0x7f0000ecf000/0x2000)=nil})
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)

4.817267795s ago: executing program 3 (id=376):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013e08d, &(0x7f00000000c0)=0x6db})
r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f00000008c0)={0x2000, 0x0, 0x4})
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4040aea0, &(0x7f0000000140)=@arm64={0x2, 0x3, 0x1, '\x00', 0x6})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x2c01c0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x28)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x1)
r13 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r12, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f0000000180)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r12, 0x0)
r14 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408)
ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000240)={0x1, 0x1000, 0x1}})
ioctl$KVM_CHECK_EXTENSION(r14, 0x541b, 0xac)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r15 = eventfd2(0x3, 0x80800)
write$eventfd(r15, &(0x7f0000000100)=0x2, 0x8)
r16 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$KVM_CHECK_EXTENSION(r16, 0xae03, 0x4)

0s ago: executing program 2 (id=377):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000300)}, 0x0, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
r6 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r5, 0x3, 0x11, r4, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r6, 0xffffffffffffffff)
syz_kvm_assert_reg(r4, 0x6030000000138015, 0x8000) (async)
syz_kvm_assert_reg(r4, 0x6030000000138015, 0x8000)
syz_kvm_assert_reg(r4, 0x603000000013801d, 0x8000) (async)
syz_kvm_assert_reg(r4, 0x603000000013801d, 0x8000)
syz_kvm_assert_reg(r4, 0x6030000000138025, 0x8000) (async)
syz_kvm_assert_reg(r4, 0x6030000000138025, 0x8000)
syz_kvm_assert_reg(r4, 0x603000000013802d, 0x8000)
syz_kvm_assert_reg(r4, 0x6030000000138006, 0x8000)
syz_kvm_assert_reg(r4, 0x603000000013800e, 0x8000)
syz_kvm_assert_reg(r4, 0x6030000000138016, 0x8000) (async)
syz_kvm_assert_reg(r4, 0x6030000000138016, 0x8000)
syz_kvm_assert_reg(r4, 0x603000000013801e, 0x8000)
syz_kvm_assert_reg(r4, 0x6030000000138007, 0x8000)
syz_kvm_assert_reg(r4, 0x603000000013800f, 0x8000)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x80080, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000100)={0x7}) (async)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000100)={0x7, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x2, &(0x7f0000000200)=0x8000000})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x3, 0x0, &(0x7f0000000000)=0x8})
r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) (async)
syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)

kernel console output (not intermixed with test programs):

[  424.912477][ T3151] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:44507' (ED25519) to the list of known hosts.
[  609.746468][   T25] audit: type=1400 audit(608.960:61): avc:  denied  { name_bind } for  pid=3306 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  611.500292][   T25] audit: type=1400 audit(610.720:62): avc:  denied  { execute } for  pid=3307 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  611.528942][   T25] audit: type=1400 audit(610.740:63): avc:  denied  { execute_no_trans } for  pid=3307 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  630.783530][   T25] audit: type=1400 audit(630.000:64): avc:  denied  { mounton } for  pid=3307 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  630.819774][   T25] audit: type=1400 audit(630.040:65): avc:  denied  { mount } for  pid=3307 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  630.905197][ T3307] cgroup: Unknown subsys name 'net'
[  630.958138][   T25] audit: type=1400 audit(630.170:66): avc:  denied  { unmount } for  pid=3307 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  631.353846][ T3307] cgroup: Unknown subsys name 'cpuset'
[  631.457972][ T3307] cgroup: Unknown subsys name 'rlimit'
[  631.858853][   T25] audit: type=1400 audit(631.070:67): avc:  denied  { setattr } for  pid=3307 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  631.883163][   T25] audit: type=1400 audit(631.090:68): avc:  denied  { mounton } for  pid=3307 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  631.902019][   T25] audit: type=1400 audit(631.120:69): avc:  denied  { mount } for  pid=3307 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  633.110468][ T3310] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  633.131641][   T25] audit: type=1400 audit(632.350:70): avc:  denied  { relabelto } for  pid=3310 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  633.160604][   T25] audit: type=1400 audit(632.380:71): avc:  denied  { write } for  pid=3310 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  633.341359][   T25] audit: type=1400 audit(632.560:72): avc:  denied  { read } for  pid=3307 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  633.361075][   T25] audit: type=1400 audit(632.580:73): avc:  denied  { open } for  pid=3307 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  633.410123][ T3307] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  689.150880][   T25] audit: type=1400 audit(688.370:74): avc:  denied  { execmem } for  pid=3316 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  694.291539][   T25] audit: type=1400 audit(693.510:75): avc:  denied  { read } for  pid=3318 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  694.319642][   T25] audit: type=1400 audit(693.520:76): avc:  denied  { open } for  pid=3318 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  694.429725][   T25] audit: type=1400 audit(693.650:77): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  694.701537][   T25] audit: type=1400 audit(693.920:78): avc:  denied  { module_request } for  pid=3319 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  694.740424][   T25] audit: type=1400 audit(693.930:79): avc:  denied  { module_request } for  pid=3318 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  696.289910][   T25] audit: type=1400 audit(695.510:80): avc:  denied  { sys_module } for  pid=3319 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  725.399519][ T3318] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  725.623771][ T3318] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  725.685381][ T3319] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  725.913152][ T3319] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  738.058152][ T3318] hsr_slave_0: entered promiscuous mode
[  738.089394][ T3318] hsr_slave_1: entered promiscuous mode
[  739.372104][ T3319] hsr_slave_0: entered promiscuous mode
[  739.412486][ T3319] hsr_slave_1: entered promiscuous mode
[  739.442550][ T3319] debugfs: 'hsr0' already exists in 'hsr'
[  739.456934][ T3319] Cannot create hsr debugfs directory
[  744.762795][   T25] audit: type=1400 audit(743.980:81): avc:  denied  { create } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  744.816683][   T25] audit: type=1400 audit(744.030:82): avc:  denied  { write } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  744.850014][   T25] audit: type=1400 audit(744.060:83): avc:  denied  { read } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  744.989715][ T3318] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  745.328130][ T3318] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  745.582332][ T3318] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  746.128930][ T3318] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  747.519378][ T3319] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  747.763423][ T3319] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  747.933532][ T3319] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  748.092876][ T3319] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  762.358243][ T3318] 8021q: adding VLAN 0 to HW filter on device bond0
[  765.911215][ T3319] 8021q: adding VLAN 0 to HW filter on device bond0
[  821.507322][ T3318] veth0_vlan: entered promiscuous mode
[  822.128722][ T3318] veth1_vlan: entered promiscuous mode
[  824.860078][ T3318] veth0_macvtap: entered promiscuous mode
[  825.140897][ T3319] veth0_vlan: entered promiscuous mode
[  825.671092][ T3318] veth1_macvtap: entered promiscuous mode
[  826.470533][ T3319] veth1_vlan: entered promiscuous mode
[  828.790994][   T51] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  828.945691][   T51] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  828.959699][   T51] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  828.998384][   T51] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  830.398214][ T3319] veth0_macvtap: entered promiscuous mode
[  831.347811][ T3319] veth1_macvtap: entered promiscuous mode
[  832.240049][   T25] audit: type=1400 audit(831.460:84): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  832.545632][   T25] audit: type=1400 audit(831.750:85): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.8HA9GL/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  832.869522][   T25] audit: type=1400 audit(832.090:86): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  833.328972][   T25] audit: type=1400 audit(832.520:87): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.8HA9GL/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  833.537383][   T25] audit: type=1400 audit(832.700:88): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.8HA9GL/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3791 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  834.351117][   T51] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  834.357748][   T51] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  834.415994][   T51] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  834.428350][   T51] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  834.677996][   T25] audit: type=1400 audit(833.890:89): avc:  denied  { unmount } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  834.983307][   T25] audit: type=1400 audit(834.200:90): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  835.142331][   T25] audit: type=1400 audit(834.290:91): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="gadgetfs" ino=3801 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  835.559904][   T25] audit: type=1400 audit(834.750:92): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  835.736050][   T25] audit: type=1400 audit(834.950:93): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  837.467662][ T3318] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  838.021500][   T25] kauditd_printk_skb: 1 callbacks suppressed
[  838.035886][   T25] audit: type=1400 audit(837.240:95): avc:  denied  { read write } for  pid=3318 comm="syz-executor" name="loop1" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  838.086119][   T25] audit: type=1400 audit(837.300:96): avc:  denied  { open } for  pid=3318 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  838.101785][   T25] audit: type=1400 audit(837.320:97): avc:  denied  { ioctl } for  pid=3318 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=638 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  847.213948][   T25] audit: type=1400 audit(846.430:98): avc:  denied  { read } for  pid=3472 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  847.299963][   T25] audit: type=1400 audit(846.520:99): avc:  denied  { open } for  pid=3472 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  847.623493][   T25] audit: type=1400 audit(846.840:100): avc:  denied  { ioctl } for  pid=3472 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0x1500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  849.508072][   T25] audit: type=1400 audit(848.710:101): avc:  denied  { append } for  pid=3474 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  860.923631][   T25] audit: type=1400 audit(860.140:102): avc:  denied  { ioctl } for  pid=3485 comm="syz.0.4" path="net:[4026532619]" dev="nsfs" ino=4026532619 ioctlcmd=0xb706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  861.678913][   T25] audit: type=1400 audit(860.890:103): avc:  denied  { execute } for  pid=3485 comm="syz.0.4" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3978 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  864.517861][   T25] audit: type=1400 audit(863.740:104): avc:  denied  { write } for  pid=3487 comm="syz.1.5" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1020.975996][   T25] audit: type=1400 audit(1020.150:105): avc:  denied  { setattr } for  pid=3561 comm="syz.0.25" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1204.645835][ T3620] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1204.967149][ T3620] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1214.119895][ T3626] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1214.309658][ T3626] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1228.899581][ T3620] hsr_slave_0: entered promiscuous mode
[ 1228.950278][ T3620] hsr_slave_1: entered promiscuous mode
[ 1228.992776][ T3620] debugfs: 'hsr0' already exists in 'hsr'
[ 1229.017327][ T3620] Cannot create hsr debugfs directory
[ 1239.066669][ T3626] hsr_slave_0: entered promiscuous mode
[ 1239.170307][ T3626] hsr_slave_1: entered promiscuous mode
[ 1239.246342][ T3626] debugfs: 'hsr0' already exists in 'hsr'
[ 1239.276184][ T3626] Cannot create hsr debugfs directory
[ 1245.216620][ T3620] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1246.406002][ T3620] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1247.536451][ T3620] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1248.735787][ T3620] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1266.618016][ T3694] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1267.167612][ T3626] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1267.593095][ T3626] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1268.372273][ T3694] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1268.889359][ T3626] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1269.758554][ T3694] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1270.237013][ T3626] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1271.390337][ T3694] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1286.087580][ T3694] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1286.259541][ T3694] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1286.390832][ T3694] bond0 (unregistering): Released all slaves
[ 1288.668851][ T3694] hsr_slave_0: left promiscuous mode
[ 1288.818157][ T3694] hsr_slave_1: left promiscuous mode
[ 1289.376828][ T3694] veth1_macvtap: left promiscuous mode
[ 1289.380790][ T3694] veth0_macvtap: left promiscuous mode
[ 1289.416843][ T3694] veth1_vlan: left promiscuous mode
[ 1289.419372][ T3694] veth0_vlan: left promiscuous mode
[ 1311.092989][ T3694] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1312.210150][ T3620] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1312.809015][ T3694] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1314.321844][ T3694] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1315.538458][ T3694] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1335.463518][ T3694] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1335.553713][ T3694] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1335.637126][ T3694] bond0 (unregistering): Released all slaves
[ 1336.711050][ T3626] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1337.290857][ T3694] hsr_slave_0: left promiscuous mode
[ 1337.389638][ T3694] hsr_slave_1: left promiscuous mode
[ 1337.973931][ T3694] veth1_macvtap: left promiscuous mode
[ 1337.989254][ T3694] veth0_macvtap: left promiscuous mode
[ 1338.026768][ T3694] veth1_vlan: left promiscuous mode
[ 1338.028748][ T3694] veth0_vlan: left promiscuous mode
[ 1431.956659][ T3620] veth0_vlan: entered promiscuous mode
[ 1432.660893][ T3620] veth1_vlan: entered promiscuous mode
[ 1435.728964][ T3620] veth0_macvtap: entered promiscuous mode
[ 1436.226939][ T3620] veth1_macvtap: entered promiscuous mode
[ 1439.116467][ T3647] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1439.129679][ T3647] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1439.130530][ T3647] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1439.131248][ T3647] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1449.311160][ T3626] veth0_vlan: entered promiscuous mode
[ 1450.471439][ T3626] veth1_vlan: entered promiscuous mode
[ 1453.887191][ T3626] veth0_macvtap: entered promiscuous mode
[ 1454.587344][ T3626] veth1_macvtap: entered promiscuous mode
[ 1457.597615][ T3413] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1457.601758][ T3413] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1457.656625][ T3413] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1457.696952][ T3413] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2550.233276][ T4471] kvm [4471]: Failed to find VMA for hva 0x21016000
[ 2550.436828][ T4471] kvm [4471]: Failed to find VMA for hva 0x21016000
[ 2726.850694][ T4555] debugfs: 'vgic-its-state@8080000' already exists in '4556-6'
[ 3085.167056][ T4720] kvm [4720]: Failed to find VMA for hva 0x20dd1000
[ 3516.220705][   T25] audit: type=1400 audit(3515.410:106): avc:  denied  { map } for  pid=4954 comm="syz.3.314" path="pipe:[6019]" dev="pipefs" ino=6019 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 3873.122028][ T5144] kvm [5142]: Unsupported guest access at: eeef0000
[ 3873.122028][ T5144]  { Op0( 2), Op1( 5), CRn(11), CRm(11), Op2( 3), func_write },
[ 3931.651885][ T5171] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5968c
[ 3931.688398][ T5171] flags: 0x1fff7c000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0xdf)
[ 3931.733356][ T5171] raw: 01fff7c000000000 ffffc1ffc0654988 ffffc1ffc0664088 0000000000000000
[ 3931.757591][ T5171] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 3931.792896][ T5171] page dumped because: VM_BUG_ON_PAGE(page_ref_count(page) == 0)
[ 3931.801873][ T5171] ------------[ cut here ]------------
[ 3931.802168][ T5171] kernel BUG at ./include/linux/mm.h:1036!
[ 3931.803952][ T5171] Internal error: Oops - BUG: 00000000f2000800 [#1]  SMP
[ 3931.810048][ T5171] Modules linked in:
[ 3931.812203][ T5171] CPU: 0 UID: 0 PID: 5171 Comm: syz.3.376 Not tainted syzkaller #0 PREEMPT 
[ 3931.813822][ T5171] Hardware name: linux,dummy-virt (DT)
[ 3931.815171][ T5171] pstate: 61402009 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
[ 3931.816530][ T5171] pc : kvm_s2_put_page+0x374/0x3a0
[ 3931.818840][ T5171] lr : kvm_s2_put_page+0x374/0x3a0
[ 3931.819922][ T5171] sp : ffff8000a0e37570
[ 3931.820680][ T5171] x29: ffff8000a0e37570 x28: 24f0000019902000 x27: 24f0000019902000
[ 3931.822363][ T5171] x26: 00000000000000ff x25: ffff80008734e000 x24: ffffc1ffc0000000
[ 3931.823725][ T5171] x23: ffffc1ffc065a308 x22: 0000000000000000 x21: ffffc1ffc065a334
[ 3931.825211][ T5171] x20: 0000000000000000 x19: ffffc1ffc065a300 x18: 0000000099161b84
[ 3931.826686][ T5171] x17: 0000000004baca39 x16: 000000009915daac x15: 000000005d856e59
[ 3931.828174][ T5171] x14: 0000000000000002 x13: fff000001cd05888 x12: 0000000000000001
[ 3931.829555][ T5171] x11: 0000000000080000 x10: 0000000000045ce6 x9 : 08dc67c0e21ed900
[ 3931.831156][ T5171] x8 : 08dc67c0e21ed900 x7 : ffff80008048ab28 x6 : 0000000000000000
[ 3931.832552][ T5171] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff80008075829c
[ 3931.833966][ T5171] x2 : 0000000000000002 x1 : 0000000100000000 x0 : 000000000000003e
[ 3931.835648][ T5171] Call trace:
[ 3931.836553][ T5171]  kvm_s2_put_page+0x374/0x3a0 (P)
[ 3931.837941][ T5171]  stage2_free_walker+0x1b0/0x264
[ 3931.838883][ T5171]  __kvm_pgtable_walk+0x7d8/0xa68
[ 3931.839994][ T5171]  kvm_pgtable_walk+0x294/0x468
[ 3931.840984][ T5171]  kvm_pgtable_stage2_destroy_range+0x60/0xb4
[ 3931.842089][ T5171]  kvm_free_stage2_pgd+0x198/0x28c
[ 3931.842953][ T5171]  kvm_uninit_stage2_mmu+0x20/0x38
[ 3931.843970][ T5171]  kvm_arch_flush_shadow_all+0x1a8/0x1e0
[ 3931.845063][ T5171]  kvm_mmu_notifier_release+0x48/0xa8
[ 3931.846128][ T5171]  mmu_notifier_unregister+0x128/0x42c
[ 3931.847177][ T5171]  kvm_put_kvm+0x6a0/0xfa8
[ 3931.848096][ T5171]  kvm_vcpu_release+0x70/0x9c
[ 3931.849076][ T5171]  __fput+0x4ac/0x980
[ 3931.849975][ T5171]  ____fput+0x20/0x58
[ 3931.850831][ T5171]  task_work_run+0x1bc/0x254
[ 3931.851740][ T5171]  get_signal+0x13ec/0x1554
[ 3931.852754][ T5171]  do_signal+0x23c/0x4dd0
[ 3931.853729][ T5171]  do_notify_resume+0xb0/0x270
[ 3931.854670][ T5171]  el0_svc+0xb8/0x164
[ 3931.855525][ T5171]  el0t_64_sync_handler+0x84/0x12c
[ 3931.856481][ T5171]  el0t_64_sync+0x198/0x19c
[ 3931.857998][ T5171] Code: f00375a1 912d8c21 aa1303e0 97f9c9f2 (d4210000) 
[ 3931.859999][ T5171] ---[ end trace 0000000000000000 ]---
[ 3931.861522][ T5171] Kernel panic - not syncing: Oops - BUG: Fatal exception
[ 3931.863572][ T5171] Kernel Offset: disabled
[ 3931.864359][ T5171] CPU features: 0x000000,0001a300,5f7c67c1,057ffe1f
[ 3931.865489][ T5171] Memory Limit: none
[ 3931.867228][ T5171] Rebooting in 86400 seconds..

VM DIAGNOSIS:
06:28:45  Registers:
info registers vcpu 0

CPU#0
 PC=ffff80008048fe6c X00=0000000000000001 X01=0000000000000000
X02=0000000000000001 X03=ffff80008048c8a0 X04=0000000000000000
X05=0000000000000000 X06=ffff80008048ab28 X07=ffff800080015834
X08=0000000000000000 X09=08dc67c0e21ed900 X10=0000000000047270
X11=0000000000080000 X12=0000000000000000 X13=00000000ffffffff
X14=0000000000000002 X15=ffff800087f69a20 X16=0000000000000000
X17=0000000004baca39 X18=0000000099161b84 X19=000000000000040e
X20=efff800000000000 X21=ffff800087942e20 X22=000000000000040d
X23=00000000000000ff X24=ffff800087942e20 X25=000000000000040d
X26=5ff000001cd05890 X27=00000000000003c0 X28=ffff800087724000
X29=ffff8000a0e36fd0 X30=ffff80008048fe28  SP=ffff8000a0e36f90
PSTATE=604023c9 -ZC- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=0000aaaafb003831:3639383930333933 Z01=ffff000000ff0000:0000000000000000
Z02=0000000000000000:ff000f0000000000 Z03=ffffffffffff00ff:0000ff000000ff00
Z04=0000000000000000:ffffff0f00f000f0 Z05=00c0003000030000:00c0003000030000
Z06=0000000000000073:0000aaaafb9093c0 Z07=0000000000000074:0000aaaafb906600
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000fffffbfe9c10:0000fffffbfe9c10 Z17=ffffff80ffffffd8:0000fffffbfe9be0
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000