last executing test programs:

31m53.426868614s ago: executing program 1 (id=196):
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000002000/0x400000)=nil)
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x1, 0x1)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x40000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000240)={0x8})
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000100)={r2, 0x3, 0x2, r2})
ioctl$KVM_SET_GSI_ROUTING(r4, 0x4008ae6a, &(0x7f00000000c0)={0x1, 0x0, [{0x3, 0x2, 0x0, 0x0, @sint={0x7fff, 0x5}}]})
write$eventfd(r2, &(0x7f0000000000)=0xb, 0x8)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000bfe000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000b80)={0x0, 0x0}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000000)=@arm64_fw={0x6030000000140000, &(0x7f0000000200)=0x10003})
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x603000000010000c, &(0x7f00000001c0)=0x7})
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)

31m43.422585776s ago: executing program 1 (id=198):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000008, [0x99b, 0x100000003, 0x5, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000100)=@riscv64_sbi_sta={0x803000000a000000, &(0x7f00000000c0)=0x27})
ioctl$KVM_GET_SREGS(r4, 0x8000ae83, &(0x7f00000004c0))
openat$kvm(0x0, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_GET_MP_STATE(r5, 0x8004ae98, &(0x7f0000000000))
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_GET_STATS_FD_cpu(r5, 0xaece)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2f)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r7, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, <r10=>0xffffffffffffffff})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f0000000280)=@arm64_fw={0x6030000000140003, &(0x7f0000000240)=0x6})
r15 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION2(r15, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x6000, 0xa7000, &(0x7f0000ffc000/0x2000)=nil})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r15, 0x4010ae68, &(0x7f0000000040)={0xffffffff, 0x12000})
r16 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000b2e000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000100)={0x0, &(0x7f00000002c0)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xffd0, 0xff, 0xc}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x0, 0xc, 0x1, 0x80, 0x2}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x2e}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x28d}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0xc6}}, @hvc={0x32, 0x40, {0x84000050, [0x9, 0x8, 0x2, 0x2, 0x7]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x10, 0x4, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x3, 0x6, 0x8d, 0x6, 0x2}}, @irq_setup={0x46, 0x18, {0x2, 0x3a6}}, @uexit={0x0, 0x18}, @mrs={0xbe, 0x18, {0x603000000013e132}}, @mrs={0xbe, 0x18, {0x603000000013c600}}], 0x1c8}, &(0x7f0000000140)=[@featur2], 0x1)

31m39.274612369s ago: executing program 0 (id=199):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x0, 0x20) (async)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1}) (async)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x29)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) (async)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000bfe000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r7, &(0x7f00000001c0)={0x0, 0x0, 0xfffffffffffffef3}, 0x0, 0x5) (async)
syz_kvm_vgic_v3_setup(r6, 0x4, 0x80) (async)
ioctl$KVM_IRQ_LINE(r6, 0x4008ae61, &(0x7f0000000040)={0x2000010, 0xbb28}) (async)
r8 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x9, 0xe, 0x0, 0xa, 0x2}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

31m35.557557358s ago: executing program 1 (id=200):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1b)
ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f0000000080)={0xfffffffffffff240})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000ffb000/0x3000)=nil})

31m15.967162036s ago: executing program 0 (id=201):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="f21bc75509bf71c9d70236fc044842da97e87fd62c18b875c2357c6ed6000000000000000000000000002000e4ff00", 0x0, 0x48)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r4=>0xffffffffffffffff, 0x1})
write$eventfd(r4, &(0x7f00000001c0)=0xffffff7f, 0xff25)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x29)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, &(0x7f0000000340)=[@its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x3, 0x10, 0x8, 0x8, 0x2}}, @svc={0x122, 0x40, {0x100, [0x9, 0x7030, 0x3, 0x5, 0x3]}}, @code={0xa, 0x6c, {"008008d50044207e0000809a007008d5006c200e007c001b20ec99d20040b8f2810180d2e20180d2230180d2240180d2020000d4a0a19dd20080b0f2810180d2620080d2630080d2640080d2020000d40820601e000008d5"}}], 0xd4}, 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1)
r12 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r11, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r11, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000100)={0x202, 0x2, 0x1, 0x1000, &(0x7f0000ffc000/0x1000)=nil})
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f00000001c0)={0x1, 0x0, [{0x9, 0x1, 0x1, 0x0, @sint={0x18000000, 0x6eba}}]})
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000140)={0x4, <r15=>0xffffffffffffffff, 0x1})
write$eventfd(r15, &(0x7f00000001c0)=0x8100000001, 0x51a8)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000000), 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x8000004, 0x340)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8})

31m15.048209095s ago: executing program 1 (id=202):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@smc={0x1e, 0x0, {0x84000053, [0x1000009, 0x8000000000000001, 0xffffffffffffffff, 0x400, 0xfffffffffffff801]}}], 0xc7}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r6 = eventfd2(0x0, 0x0)
write$eventfd(r6, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x10003, 0x2, 0x2000, 0x2000, &(0x7f0000f31000/0x2000)=nil})

30m44.948569902s ago: executing program 1 (id=203):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x28)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r2, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RESET_DIRTY_RINGS(r2, 0xaec7)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000f8e000/0x1000)=nil, r4, 0x3000002, 0x16831, 0xffffffffffffffff, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x24)
ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000000000)={0xffffffffffffffff, 0x4, 0x1})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000040)={0x2, 0x41})
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x80)

30m42.790003933s ago: executing program 0 (id=204):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000000), 0x224182, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000d0b000/0x8000)=nil, 0x930, 0x800008, 0x8010, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x20010, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x17)
openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1000000000000000)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, r6, 0x0)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x10, r6, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4360ae82, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
r7 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000180)={0x3000, 0x0, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000380)={0x2, 0x25000, 0x1})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r7, 0x4010ae68, &(0x7f0000000240)={0xddf93000, 0xa000})
r8 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1d)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r9=>0xffffffffffffffff, 0x1})
r10 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, &(0x7f00000000c0)={0x4, 0xc8})
r11 = mmap$KVM_VCPU(&(0x7f0000ed1000/0x4000)=nil, 0x0, 0x1800002, 0x11, r10, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000001c0)="d6011813013c360000000000f0ff8000802346cbd98748c77999581bc42baeecff00000700000000004800000001000000000000000000000000000000000000002300", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x1000)=nil, 0x0, 0x3000005, 0x11, r10, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x40305828, &(0x7f0000000040)=@attr_other={0x0, 0x0, 0xfffffffffffffff7, 0x0})

30m37.518873746s ago: executing program 1 (id=205):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x36)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000000)={0x10000, 0x2, 0xe000, 0x2000, &(0x7f0000ffc000/0x2000)=nil})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xc) (async)
ioctl$KVM_ARM_VCPU_INIT(r0, 0x4020aeae, &(0x7f0000000080)={0x1, 0x21})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) (async)
r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000180)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x4, 0x171}}, @irq_setup={0x46, 0x18, {0x0, 0x3b2}}, @uexit={0x0, 0x18, 0x3}], 0x48}, &(0x7f00000001c0)=[@featur1={0x1, 0xa4}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000240)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000200)=0x9}) (async)
r4 = ioctl$KVM_CREATE_GUEST_MEMFD(r0, 0xc040aed4, &(0x7f0000000280)={0x5, 0x3ff})
ioctl$KVM_SET_USER_MEMORY_REGION2(r0, 0x40a0ae49, &(0x7f00000002c0)={0x2710, 0x6, 0xdddd0000, 0x1000, &(0x7f0000ffc000/0x1000)=nil, 0x100000000, r4}) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x0, 0x2000004, 0x10, r3, 0x0)
r5 = ioctl$KVM_GET_STATS_FD_cpu(r3, 0xaece)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000003c0)=@attr_other={0x0, 0xffff, 0x80000000, &(0x7f0000000380)=0x432}) (async)
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x33)
munmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000) (async)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0xc)
ioctl$KVM_GET_DEVICE_ATTR_vm(r7, 0x4018aee2, &(0x7f0000000440)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000400)={0x0, 0x6, 0x1}})
r8 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000940)={0x0, &(0x7f0000000480)=[@its_setup={0x82, 0x28, {0x3, 0x3, 0x8c}}, @code={0xa, 0xb4, {"004b9ed200e0b0f2c10180d2e20180d2e30180d2840080d2020000d4a03d84d20000b8f2410080d2a20080d2c30080d2240180d2020000d4c05a81d20040b0f2410080d2420180d2a30180d2c40180d2020000d4000008d5007008d5000000b460cc85d200a0b8f2010180d2220080d2e30080d2040180d2020000d400e4002f00a0006f003f84d20080b8f2610080d2820080d2a30080d2640180d2020000d4"}}, @msr={0x14, 0x20, {0x603000000013df41, 0x9}}, @mrs={0xbe, 0x18, {0x603000000013de98}}, @uexit={0x0, 0x18, 0x9}, @code={0xa, 0x54, {"008c207e007008d50000c079008008d5000008d500088078007008d5a00387d20000b8f2610080d2c20080d2630080d2c40180d2020000d4000028d5000008d5"}}, @eret={0xe6, 0x18}, @svc={0x122, 0x40, {0x6000000, [0x8, 0xb2b2, 0x1ff, 0x3cab3283, 0x9]}}, @memwrite={0x6e, 0x30, @generic={0x8000000, 0x495, 0xa0e, 0x4}}, @irq_setup={0x46, 0x18, {0x3, 0x15e}}, @memwrite={0x6e, 0x30, @generic={0x5000, 0x6ad, 0x2, 0x4}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff8, 0x765a, 0xc}}, @uexit={0x0, 0x18, 0x7}, @smc={0x1e, 0x40, {0xc5000020, [0x8, 0x2, 0x100000000, 0xa, 0xa]}}, @code={0xa, 0x84, {"0060200e005c207e80ce9ad200c0b8f2210080d2a20180d2e30180d2840080d2020000d4205a83d20020b0f2810080d2a20080d2e30180d2440080d2020000d40044c01ac0b683d20000b0f2c10180d2a20080d2230180d2440180d2020000d40068200e007008d5007008d5007008d5"}}, @mrs={0xbe, 0x18, {0x603000000013c664}}, @mrs={0xbe, 0x18, {0x603000000013c00d}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff4, 0x7ff, 0x4}}, @uexit={0x0, 0x18, 0xdfb}, @smc={0x1e, 0x40, {0x20, [0x7fffffff, 0x80, 0x30000000000, 0x4, 0x4e]}}, @eret={0xe6, 0x18, 0x6}, @uexit={0x0, 0x18, 0x2}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x213}}, @uexit={0x0, 0x18, 0x3}, @uexit={0x0, 0x18}], 0x49c}, &(0x7f0000000980)=[@featur1={0x1, 0x80}], 0x1)
r10 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000c80)={0x0, &(0x7f00000009c0)=[@hvc={0x32, 0x40, {0x84000013, [0xb, 0x3daf, 0x4, 0x8000000000000001, 0x7]}}, @irq_setup={0x46, 0x18, {0x3, 0x1f3}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x67}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x3, 0xf, 0x7f, 0x0, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x80, 0x7f4, 0x3}}, @smc={0x1e, 0x40, {0xc4000003, [0xa6c, 0x10001, 0x1, 0x0, 0x8f9]}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x2b2}}, @svc={0x122, 0x40, {0x84000053, [0xffff, 0x3, 0x9, 0x3b, 0x9]}}, @mrs={0xbe, 0x18, {0x603000000013e640}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1000, 0x2, 0x1}}, @msr={0x14, 0x20, {0x603000000013defd, 0x7}}, @irq_setup={0x46, 0x18, {0x3, 0x3d7}}, @uexit={0x0, 0x18, 0x7f}, @svc={0x122, 0x40, {0x8, [0x9, 0x7, 0xf, 0x2, 0x7]}}, @mrs={0xbe, 0x18, {0x603000000013deb6}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x5, 0x1, 0x1, 0x7, 0x0, 0x2}}], 0x298}, &(0x7f0000000cc0)=[@featur2={0x1, 0x20}], 0x1)
ioctl$KVM_SET_SREGS(r10, 0x4000ae84, &(0x7f0000000d00)={{0x10000, 0xffff1000, 0xd, 0x1, 0x19, 0xd6, 0xc, 0x5, 0x7, 0x6, 0x2, 0x2e}, {0x26000, 0x1000, 0xa, 0x6, 0x3a, 0x4, 0xf, 0x5, 0xf, 0x3, 0x4, 0x80}, {0x2000, 0x26000, 0xf, 0xd, 0xaf, 0x26, 0x6, 0xf9, 0x3, 0x8, 0x1, 0x79}, {0x0, 0x0, 0x4, 0x40, 0x8, 0xb, 0x2, 0xfe, 0x4, 0xd, 0x1, 0x12}, {0x10000, 0x10000, 0x4, 0xfd, 0x16, 0x8, 0x8, 0x1, 0x3, 0xa, 0x2, 0x4}, {0x145000, 0x102c9000, 0xa, 0xf, 0x9, 0x7, 0x5, 0x7, 0xd, 0x9, 0x8, 0x4}, {0xeeee0000, 0x4, 0xd, 0x0, 0x1, 0x10, 0x7, 0x8, 0x0, 0x8, 0x4, 0x80}, {0x50000, 0xeeef0000, 0x9, 0xfd, 0x6, 0x6e, 0x4, 0x7f, 0x1, 0xfc, 0x7, 0x2}, {0xeeef0000, 0x8001}, {0xc000}, 0x10000, 0x0, 0x1000, 0x100, 0xa, 0x0, 0x12000, [0xb1e7, 0xfffffffffffffffa, 0xcd9, 0x7fff]})
ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) (async)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r0, 0x4068aea3, &(0x7f0000000e40)={0xe4, 0x0, 0x1000}) (async)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000ec0), 0x319300, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000f40)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000f00)=0x40})
ioctl$KVM_SET_REGS(r9, 0x4360ae82, &(0x7f0000000f80)={[0x400, 0x81, 0x5, 0x4, 0x0, 0x8, 0x1ff, 0xc69, 0xe, 0x5, 0x200, 0xb, 0x0, 0x365300000000, 0xa99, 0xff], 0x10000, 0x6200}) (async)
ioctl$KVM_RESET_DIRTY_RINGS(0xffffffffffffffff, 0xaec7) (async)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c91000/0x3000)=nil, r12, 0x4, 0x80010, r11, 0x0)

30m34.35876676s ago: executing program 0 (id=206):
r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, r1, 0x3, 0x4102932, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x22200, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x0, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000002000/0x400000)=nil)

30m28.894390269s ago: executing program 0 (id=207):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0xd)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@hvc={0x32, 0x40, {0x84000002, [0xa7, 0x8, 0xbaf9, 0x100]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f00000000c0)={0x1, 0x7fff})

30m23.084740034s ago: executing program 0 (id=208):
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xd, 0x40010, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil)
r0 = mmap$KVM_VCPU(&(0x7f0000e9f000/0x4000)=nil, 0x930, 0x6000003, 0x4010, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8902, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x69)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
r8 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r7, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000300)="fb4149dd033b8986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67525673312b01040000000000002627e7000000000000000200", 0x0, 0xfffffffffffffe73)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, 0x0, 0x1, 0x10, r7, 0x0)
r9 = eventfd2(0x0, 0x0)
close(r9)
r10 = eventfd2(0x0, 0x0)
close(r10)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x109272, 0x1f01)
write$eventfd(r10, &(0x7f0000000180)=0x6, 0x8)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)
write$eventfd(r9, &(0x7f0000000100)=0xfffffffffffffffe, 0xfdef)
r11 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r14, 0x3, 0x11, r13, 0x0)

29m51.466244494s ago: executing program 32 (id=205):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x36)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000000)={0x10000, 0x2, 0xe000, 0x2000, &(0x7f0000ffc000/0x2000)=nil})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xc) (async)
ioctl$KVM_ARM_VCPU_INIT(r0, 0x4020aeae, &(0x7f0000000080)={0x1, 0x21})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) (async)
r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000180)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x4, 0x171}}, @irq_setup={0x46, 0x18, {0x0, 0x3b2}}, @uexit={0x0, 0x18, 0x3}], 0x48}, &(0x7f00000001c0)=[@featur1={0x1, 0xa4}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000240)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000200)=0x9}) (async)
r4 = ioctl$KVM_CREATE_GUEST_MEMFD(r0, 0xc040aed4, &(0x7f0000000280)={0x5, 0x3ff})
ioctl$KVM_SET_USER_MEMORY_REGION2(r0, 0x40a0ae49, &(0x7f00000002c0)={0x2710, 0x6, 0xdddd0000, 0x1000, &(0x7f0000ffc000/0x1000)=nil, 0x100000000, r4}) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x0, 0x2000004, 0x10, r3, 0x0)
r5 = ioctl$KVM_GET_STATS_FD_cpu(r3, 0xaece)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000003c0)=@attr_other={0x0, 0xffff, 0x80000000, &(0x7f0000000380)=0x432}) (async)
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x33)
munmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000) (async)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0xc)
ioctl$KVM_GET_DEVICE_ATTR_vm(r7, 0x4018aee2, &(0x7f0000000440)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000400)={0x0, 0x6, 0x1}})
r8 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000940)={0x0, &(0x7f0000000480)=[@its_setup={0x82, 0x28, {0x3, 0x3, 0x8c}}, @code={0xa, 0xb4, {"004b9ed200e0b0f2c10180d2e20180d2e30180d2840080d2020000d4a03d84d20000b8f2410080d2a20080d2c30080d2240180d2020000d4c05a81d20040b0f2410080d2420180d2a30180d2c40180d2020000d4000008d5007008d5000000b460cc85d200a0b8f2010180d2220080d2e30080d2040180d2020000d400e4002f00a0006f003f84d20080b8f2610080d2820080d2a30080d2640180d2020000d4"}}, @msr={0x14, 0x20, {0x603000000013df41, 0x9}}, @mrs={0xbe, 0x18, {0x603000000013de98}}, @uexit={0x0, 0x18, 0x9}, @code={0xa, 0x54, {"008c207e007008d50000c079008008d5000008d500088078007008d5a00387d20000b8f2610080d2c20080d2630080d2c40180d2020000d4000028d5000008d5"}}, @eret={0xe6, 0x18}, @svc={0x122, 0x40, {0x6000000, [0x8, 0xb2b2, 0x1ff, 0x3cab3283, 0x9]}}, @memwrite={0x6e, 0x30, @generic={0x8000000, 0x495, 0xa0e, 0x4}}, @irq_setup={0x46, 0x18, {0x3, 0x15e}}, @memwrite={0x6e, 0x30, @generic={0x5000, 0x6ad, 0x2, 0x4}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff8, 0x765a, 0xc}}, @uexit={0x0, 0x18, 0x7}, @smc={0x1e, 0x40, {0xc5000020, [0x8, 0x2, 0x100000000, 0xa, 0xa]}}, @code={0xa, 0x84, {"0060200e005c207e80ce9ad200c0b8f2210080d2a20180d2e30180d2840080d2020000d4205a83d20020b0f2810080d2a20080d2e30180d2440080d2020000d40044c01ac0b683d20000b0f2c10180d2a20080d2230180d2440180d2020000d40068200e007008d5007008d5007008d5"}}, @mrs={0xbe, 0x18, {0x603000000013c664}}, @mrs={0xbe, 0x18, {0x603000000013c00d}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff4, 0x7ff, 0x4}}, @uexit={0x0, 0x18, 0xdfb}, @smc={0x1e, 0x40, {0x20, [0x7fffffff, 0x80, 0x30000000000, 0x4, 0x4e]}}, @eret={0xe6, 0x18, 0x6}, @uexit={0x0, 0x18, 0x2}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x213}}, @uexit={0x0, 0x18, 0x3}, @uexit={0x0, 0x18}], 0x49c}, &(0x7f0000000980)=[@featur1={0x1, 0x80}], 0x1)
r10 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000c80)={0x0, &(0x7f00000009c0)=[@hvc={0x32, 0x40, {0x84000013, [0xb, 0x3daf, 0x4, 0x8000000000000001, 0x7]}}, @irq_setup={0x46, 0x18, {0x3, 0x1f3}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x67}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x3, 0xf, 0x7f, 0x0, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x80, 0x7f4, 0x3}}, @smc={0x1e, 0x40, {0xc4000003, [0xa6c, 0x10001, 0x1, 0x0, 0x8f9]}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x2b2}}, @svc={0x122, 0x40, {0x84000053, [0xffff, 0x3, 0x9, 0x3b, 0x9]}}, @mrs={0xbe, 0x18, {0x603000000013e640}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1000, 0x2, 0x1}}, @msr={0x14, 0x20, {0x603000000013defd, 0x7}}, @irq_setup={0x46, 0x18, {0x3, 0x3d7}}, @uexit={0x0, 0x18, 0x7f}, @svc={0x122, 0x40, {0x8, [0x9, 0x7, 0xf, 0x2, 0x7]}}, @mrs={0xbe, 0x18, {0x603000000013deb6}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x5, 0x1, 0x1, 0x7, 0x0, 0x2}}], 0x298}, &(0x7f0000000cc0)=[@featur2={0x1, 0x20}], 0x1)
ioctl$KVM_SET_SREGS(r10, 0x4000ae84, &(0x7f0000000d00)={{0x10000, 0xffff1000, 0xd, 0x1, 0x19, 0xd6, 0xc, 0x5, 0x7, 0x6, 0x2, 0x2e}, {0x26000, 0x1000, 0xa, 0x6, 0x3a, 0x4, 0xf, 0x5, 0xf, 0x3, 0x4, 0x80}, {0x2000, 0x26000, 0xf, 0xd, 0xaf, 0x26, 0x6, 0xf9, 0x3, 0x8, 0x1, 0x79}, {0x0, 0x0, 0x4, 0x40, 0x8, 0xb, 0x2, 0xfe, 0x4, 0xd, 0x1, 0x12}, {0x10000, 0x10000, 0x4, 0xfd, 0x16, 0x8, 0x8, 0x1, 0x3, 0xa, 0x2, 0x4}, {0x145000, 0x102c9000, 0xa, 0xf, 0x9, 0x7, 0x5, 0x7, 0xd, 0x9, 0x8, 0x4}, {0xeeee0000, 0x4, 0xd, 0x0, 0x1, 0x10, 0x7, 0x8, 0x0, 0x8, 0x4, 0x80}, {0x50000, 0xeeef0000, 0x9, 0xfd, 0x6, 0x6e, 0x4, 0x7f, 0x1, 0xfc, 0x7, 0x2}, {0xeeef0000, 0x8001}, {0xc000}, 0x10000, 0x0, 0x1000, 0x100, 0xa, 0x0, 0x12000, [0xb1e7, 0xfffffffffffffffa, 0xcd9, 0x7fff]})
ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) (async)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r0, 0x4068aea3, &(0x7f0000000e40)={0xe4, 0x0, 0x1000}) (async)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000ec0), 0x319300, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000f40)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000f00)=0x40})
ioctl$KVM_SET_REGS(r9, 0x4360ae82, &(0x7f0000000f80)={[0x400, 0x81, 0x5, 0x4, 0x0, 0x8, 0x1ff, 0xc69, 0xe, 0x5, 0x200, 0xb, 0x0, 0x365300000000, 0xa99, 0xff], 0x10000, 0x6200}) (async)
ioctl$KVM_RESET_DIRTY_RINGS(0xffffffffffffffff, 0xaec7) (async)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c91000/0x3000)=nil, r12, 0x4, 0x80010, r11, 0x0)

29m36.600195997s ago: executing program 33 (id=208):
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xd, 0x40010, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil)
r0 = mmap$KVM_VCPU(&(0x7f0000e9f000/0x4000)=nil, 0x930, 0x6000003, 0x4010, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8902, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x69)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
r8 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r7, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000300)="fb4149dd033b8986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67525673312b01040000000000002627e7000000000000000200", 0x0, 0xfffffffffffffe73)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, 0x0, 0x1, 0x10, r7, 0x0)
r9 = eventfd2(0x0, 0x0)
close(r9)
r10 = eventfd2(0x0, 0x0)
close(r10)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x109272, 0x1f01)
write$eventfd(r10, &(0x7f0000000180)=0x6, 0x8)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)
write$eventfd(r9, &(0x7f0000000100)=0xfffffffffffffffe, 0xfdef)
r11 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r14, 0x3, 0x11, r13, 0x0)

21m48.096388841s ago: executing program 2 (id=232):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000a, 0x4000010, r2, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_IRQFD(r5, 0x4020ae76, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000380)="f30149dd033be3ac2cc4a29ea6abf4e7454e50c4b85400005a3ff7fbc51869be2e2e0001000000000000000000000000000e00", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f0000000000)={0x6, 0xfff})
openat$kvm(0xffffffffffffff9c, 0x0, 0x64c542, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, <r8=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r8, 0x800454d7, 0x110e22ffff)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x3a12f2, 0x1f01)

21m35.130053006s ago: executing program 2 (id=234):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe0, 0x2, 0x4}}], 0x30}, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r3=>0xffffffffffffffff})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r5, 0x4068aea3, &(0x7f0000000180)={0xdf, 0x0, 0x4000})
ioctl$KVM_CREATE_DEVICE(r5, 0xc018aec0, &(0x7f00000000c0)={0x1})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21m27.817004908s ago: executing program 3 (id=235):
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000007, 0x4f833, r0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x39)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="7cfaa2bfd6dd76375aa1bde04fceeb33743b07d73b3e9aac", 0x0, 0xffffffffffffff94)
r2 = eventfd2(0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0x4020940d, 0x20000000)
syz_kvm_setup_cpu$arm64(r1, r0, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000580)=[{0x0, &(0x7f0000000000)=[@memwrite={0x6e, 0x30, @generic={0xd000, 0xdef, 0x9, 0xa}}, @smc={0x1e, 0x40, {0x200, [0x9, 0xf, 0x40, 0x8, 0x3ff]}}, @eret={0xe6, 0x18, 0x8460}, @eret={0xe6, 0x18, 0x2}, @code={0xa, 0x84, {"000028d5000000370000241e000028d580b99cd20060b8f2a10080d2a20180d2230180d2440180d2020000d4e0d889d20020b8f2210080d2620180d2230180d2640080d2020000d4202d92d200c0b8f2810180d2a20080d2830080d2240080d2020000d4007008d50000208b007008d5"}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x3000, 0x2, 0x6}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x8, 0x2, 0xa}}, @its_setup={0x82, 0x28, {0x4, 0x3, 0xee}}, @smc={0x1e, 0x40, {0x2, [0x1, 0x3c0c00000, 0x1, 0x43aaee02, 0xf]}}, @msr={0x14, 0x20, {0x603000000013def8, 0x4}}, @msr={0x14, 0x20, {0x603000000013dee8, 0x8}}, @msr={0x14, 0x20, {0x603000000013e6c0, 0xfd9}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x4, 0x8, 0x8, 0x101, 0x1}}, @eret={0xe6, 0x18, 0x8}, @uexit={0x0, 0x18, 0x4}, @eret={0xe6, 0x18, 0x1}, @msr={0x14, 0x20, {0x603000000013c028, 0x4}}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x313}}, @memwrite={0x6e, 0x30, @generic={0xc000, 0x5c8, 0x4, 0x8}}, @msr={0x14, 0x20, {0x603000000013dce3, 0xf71}}, @smc={0x1e, 0x40, {0x8400000d, [0x6, 0x80, 0x0, 0x7, 0x3]}}, @code={0xa, 0xb4, {"007008d50060000c0300a0d4000008d500369dd20080b8f2410180d2e20080d2030180d2440180d2020000d4007008d5003198d20080b0f2410180d2620080d2a30080d2640080d2020000d4e09f8cd20000b8f2610180d2820080d2830080d2440080d2020000d480d79dd20080b0f2410180d2020180d2e30080d2e40080d2020000d440d687d20000b8f2e10080d2a20180d2c30180d2c40180d2020000d4"}}, @uexit={0x0, 0x18, 0xffffffff}, @svc={0x122, 0x40, {0x84000009, [0x0, 0x400, 0xf, 0x1, 0xff]}}, @hvc={0x32, 0x40, {0x86000000, [0x5, 0x9, 0x8, 0x5, 0x4]}}, @mrs={0xbe, 0x18}, @msr={0x14, 0x20, {0x603000000013da16, 0x81}}, @mrs={0xbe, 0x18, {0x603000000013dcf0}}, @svc={0x122, 0x40, {0x80000001, [0x5, 0x2, 0x9, 0x94]}}], 0x570}], 0x1, 0x0, &(0x7f00000005c0)=[@featur2={0x1, 0x38}], 0x1)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000600)={0x1})
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)

21m22.657770916s ago: executing program 2 (id=236):
r0 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000040)={0x0, &(0x7f0000000380)=[@svc={0x122, 0x40, {0x800, [0x3, 0x6, 0xa255, 0x29, 0x35]}}, @svc={0x122, 0x40, {0x2000000, [0xe, 0x8, 0x7, 0x3, 0x9]}}, @smc={0x1e, 0x40, {0xc4000011, [0xbc8, 0x4, 0x9, 0xf6, 0x7]}}, @mrs={0xbe, 0x18, {0x603000000013f088}}, @irq_setup={0x46, 0x18, {0x2, 0x36e}}, @smc={0x1e, 0x40, {0x80003fff, [0xa, 0x337379bd, 0x5, 0x16bd, 0x48b98000000000]}}, @irq_setup={0x46, 0x18}, @msr={0x14, 0x20, {0x603000000013e219, 0x4e2f}}, @mrs={0xbe, 0x18, {0x9f6ffcf4e5b45613}}, @hvc={0x32, 0x40, {0x8, [0x9, 0x1, 0x200, 0xa9, 0x11a]}}, @mrs={0xbe, 0x18, {0x603000000013806f}}, @eret={0xe6, 0x18}, @msr={0x14, 0x20}, @msr={0x14, 0x20, {0x603000000013f099, 0xa5b}}, @uexit={0x0, 0x18, 0x912}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0xd, 0x2, 0x400, 0x4}}, @smc={0x1e, 0x40, {0x1000000, [0x8, 0x5, 0x9, 0x7ff, 0x7ff]}}], 0x2b0}, &(0x7f0000000080)=[@featur1={0x1, 0x40}], 0x1)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, <r3=>0xffffffffffffffff, 0x1})
r4 = ioctl$KVM_CREATE_VM(r3, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xb701, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0x6})
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
close(r7)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r0, 0x4018aee3, &(0x7f0000000240)=@attr_irq_timer={0x0, 0x1, 0x0, &(0x7f0000000100)=0x10})
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r12 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r12, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8})
ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x5})
ioctl$KVM_RUN(r11, 0xae80, 0x0)

21m12.862509267s ago: executing program 3 (id=237):
r0 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000400)={0x0, &(0x7f0000000000)=[@smc={0x1e, 0x40, {0x3000000, [0x9, 0x3, 0x8, 0x7ff, 0x2]}}, @mrs={0xbe, 0x18}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x0, 0x0, 0xeddc, 0x1}}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x1d4}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0xc}}, @svc={0x122, 0x40, {0xc5000020, [0x7, 0x8000000000000000, 0x3, 0x6, 0x7]}}, @eret={0xe6, 0x18, 0x5}, @irq_setup={0x46, 0x18, {0x1, 0x396}}, @msr={0x14, 0x20, {0x603000000013805c, 0xfffffffffffffff6}}, @mrs={0xbe, 0x18, {0x603000000013e6dd}}, @msr={0x14, 0x20, {0x603000000013c4c9}}, @svc={0x122, 0x40, {0x5000000, [0x4, 0x7, 0x8e8, 0x8, 0x100000000]}}, @code={0xa, 0x6c, {"007008d50078202e007008d50010601ec0309ed20000b8f2a10080d2c20080d2630080d2440180d2020000d4000028d5007008d500004093000008d5c0bf89d20040b8f2210180d2a20180d2c30080d2e40180d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x1, 0xf, 0x80000001, 0x8, 0x2}}, @code={0xa, 0xb4, {"007008d5008008d5007008d5007008d5e05092d20080b0f2a10080d2220080d2e30080d2840180d2020000d4403695d20020b8f2010080d2c20080d2c30080d2840080d2020000d440b29fd200e0b0f2410180d2220080d2a30080d2a40080d2020000d4e00083d200a0b8f2610180d2620080d2030180d2c40180d2020000d4202b93d200c0b8f2210180d2e20080d2230180d2240080d2020000d4007008d5"}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x203}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x3000, 0x0, 0xc}}, @hvc={0x32, 0x40, {0x40000017, [0x3, 0x1, 0x4, 0x8000, 0xfbc]}}, @uexit={0x0, 0x18, 0x4}], 0x3d0}, &(0x7f0000000440)=[@featur1={0x1, 0x10}], 0x1)
ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f00000004c0)=@riscv64_f={0x802000000500001e, &(0x7f0000000480)=0x100000001})
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r0, 0x4018aee3, &(0x7f0000000540)=@attr_other={0x0, 0x42, 0x2, &(0x7f0000000500)=0x8})
r1 = mmap$KVM_VCPU(&(0x7f0000ffc000/0x1000)=nil, 0x0, 0x1000001, 0x100010, r0, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000580)="cfe995e886b1a4b7ecd2705baee7eb6ebedb768d42e2ad6337282f5abe1fdfa59a13026e6fbb578f90fde52bee4e45d38aa4520d74a2f130224c3bd133082d3d2a64535e34d26de5", 0x0, 0x48)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r3 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x4000)=nil, r2, 0x1000000, 0x8010, r3, 0x0)
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000600))
ioctl$KVM_RUN(r0, 0xae80, 0x0)
eventfd2(0x4020, 0x100000)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r0, 0x4018aee1, &(0x7f0000000680)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000640)})
ioctl$KVM_S390_VCPU_FAULT(r0, 0x4008ae52, &(0x7f00000006c0)=0x8000000000000000)
ioctl$KVM_GET_API_VERSION(r3, 0xae00, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r3, 0xc040aed5, &(0x7f0000000700)={0xeeef0000})
munmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000740)=0x5)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0xdd2)
ioctl$KVM_PRE_FAULT_MEMORY(r0, 0xc040aed5, &(0x7f0000000780)={0xffffffff, 0x106000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000800)={0x0, &(0x7f00000007c0)=[@its_setup={0x82, 0x28, {0x0, 0x3, 0x6e}}], 0x28}, &(0x7f0000000840)=[@featur1={0x1, 0x61}], 0x1)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r3, 0x4018aee3, &(0x7f00000008c0)=@attr_other={0x0, 0x9, 0x3, &(0x7f0000000880)})
mmap$KVM_VCPU(&(0x7f0000f76000/0x4000)=nil, r2, 0x200000a, 0x80010, r0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r5, 0xc040aed5, &(0x7f0000000900)={0xeeee0000, 0x10e000})
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000dc0)={0x0, &(0x7f0000000940)=[@msr={0x14, 0x20, {0x603000000013c118, 0x96}}, @msr={0x14, 0x20, {0x603000000013df69, 0x6}}, @mrs={0xbe, 0x18, {0x603000000013807f}}, @svc={0x122, 0x40, {0xb400fe0f, [0x8, 0x4e, 0x62c9, 0xa7, 0xe]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0xd54, 0x8, 0x1}}, @msr={0x14, 0x20, {0x3018000000098be2, 0x4}}, @eret={0xe6, 0x18, 0x8000}, @code={0xa, 0x84, {"007008d50058202e0048210e0040005ec09798d200e0b0f2a10180d2020180d2e30180d2440080d2020000d4007008d520bb99d20020b8f2410080d2a20180d2030080d2a40180d2020000d4c08d89d200a0b8f2a10080d2c20180d2c30080d2440080d2020000d400004093007008d5"}}, @irq_setup={0x46, 0x18, {0x3, 0x227}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x80, 0x9, 0x2}}, @code={0xa, 0x6c, {"008008d50000001b0000609ea0ff93d200c0b8f2210180d2220080d2430080d2440080d2020000d4007008d5008008d50038205e0008403a007008d540c18bd20060b8f2810180d2420080d2a30180d2a40180d2020000d4"}}, @hvc={0x32, 0x40, {0x8, [0x8, 0x8, 0x2, 0x64f3, 0x8000000000000000]}}, @irq_setup={0x46, 0x18, {0x3, 0xa}}, @svc={0x122, 0x40, {0x8400000b, [0x5, 0x3, 0xffffffffffff4c58, 0xe, 0x80000001]}}, @uexit={0x0, 0x18, 0xbc6}, @its_setup={0x82, 0x28, {0x2, 0x1, 0xeb}}, @irq_setup={0x46, 0x18, {0x2, 0xb1}}, @code={0xa, 0x84, {"00d0200e000028d500a4002fa0478ad200c0b8f2010180d2c20180d2630080d2240080d2020000d4800289d20060b0f2210080d2220080d2e30080d2240180d2020000d4e0039fd60000002c00fc005f007008d500279fd200c0b0f2a10080d2820080d2630080d2440080d2020000d4"}}, @irq_setup={0x46, 0x18, {0x4, 0x3be}}, @svc={0x122, 0x40, {0x800, [0xffffffffffffffff, 0x8000000000000001, 0x3, 0x8, 0x2dc]}}, @mrs={0xbe, 0x18, {0x603000000013df68}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x0, 0x4, 0x8001, 0x3, 0x3}}], 0x444}, &(0x7f0000000e00)=[@featur1={0x1, 0x664b689e21bd8e7d}], 0x1)
r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1e)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000b40000/0x400000)=nil)

21m6.236331967s ago: executing program 2 (id=238):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_GET_SREGS(r5, 0x8000ae83, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21m1.478093503s ago: executing program 3 (id=239):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = eventfd2(0x0, 0x80000)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x2, r6, 0x3})
r7 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xeeef0000, 0x0, r7})
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, 0x0)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000000)={0x203, 0x0, 0x2, r6, 0xf})
syz_kvm_vgic_v3_setup(r1, 0x2, 0x100)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000b80)={0x0, &(0x7f0000000080)=[@hvc={0x32, 0x0, {0x84000001, [0x9, 0x8, 0x5, 0x603c8354, 0x200]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_IRQ_LINE(r9, 0x4008ae61, &(0x7f0000000000)={0x0, 0x100})
ioctl$KVM_RUN(r11, 0xae80, 0x0)
syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x8001, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
r12 = openat$kvm(0x0, 0x0, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x0, 0x1000003, 0x4010, r12, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

20m50.976557786s ago: executing program 2 (id=240):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x8800, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xf0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1fc)
syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0xffffffffffffffff)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x7, <r6=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r6, 0x401054d5, 0x100000110c230021)

20m43.606146767s ago: executing program 3 (id=241):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r4=>0xffffffffffffffff, 0x1})
r5 = ioctl$KVM_CREATE_VM(r4, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xb702, 0x0) (async)
r6 = openat$kvm(0x0, &(0x7f00000002c0), 0x4a080, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
r8 = syz_kvm_vgic_v3_setup(r7, 0x1, 0x40)
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x6, 0x5, 0xffffffffffffffff}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000000c0)=@attr_riscv64=@attr_imsic={0x0, 0x1, 0x0, &(0x7f0000000000)=0x2}) (async)
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r9, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000080)=@arm64_core={0x6030000000100004, &(0x7f0000000100)=0x7ffffffd})

20m38.018185493s ago: executing program 2 (id=242):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x113280, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000008c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x27)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r3, 0x4018aee2, &(0x7f0000001280)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0xfa})
r4 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = openat$kvm(0x0, 0x0, 0x80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000240)=[@mrs={0xbe, 0x18, {0x603000000013d9fb}}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x2, 0x140)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, <r9=>0xffffffffffffffff})
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x4, 0x4, 0x29f}}], 0x28}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x2e)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000d13000/0x2000)=nil, 0x0, 0x4000008, 0x80031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x28000, 0x0)
ioctl$KVM_CREATE_VM(r4, 0x80087601, 0x0)

20m23.517971026s ago: executing program 3 (id=243):
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x20010, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, r2, 0x6000009, 0x30, r0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000180)={0x1, 0x104000, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000380)={0xffff1000, 0x34000, 0x1})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r4, 0x4010ae68, &(0x7f0000000140)={0xd000, 0x99000, 0x1})
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x20010, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) (async)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) (async)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, r2, 0x6000009, 0x30, r0, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000180)={0x1, 0x104000, 0x1}) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000380)={0xffff1000, 0x34000, 0x1}) (async)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r4, 0x4010ae68, &(0x7f0000000140)={0xd000, 0x99000, 0x1}) (async)

19m50.416530155s ago: executing program 34 (id=242):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x113280, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000008c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x27)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r3, 0x4018aee2, &(0x7f0000001280)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0xfa})
r4 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = openat$kvm(0x0, 0x0, 0x80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000240)=[@mrs={0xbe, 0x18, {0x603000000013d9fb}}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x2, 0x140)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, <r9=>0xffffffffffffffff})
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x4, 0x4, 0x29f}}], 0x28}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x2e)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000d13000/0x2000)=nil, 0x0, 0x4000008, 0x80031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x28000, 0x0)
ioctl$KVM_CREATE_VM(r4, 0x80087601, 0x0)

19m40.666954944s ago: executing program 3 (id=245):
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x42002, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x80000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x8001, 0x0) (async)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000100)="5af600f6b34e08c180f948c13e2727ba279cacc033d6bd28118e0e1e50390ff2f8a1aa8366bb4c33115d61c97d9387dac1b147ed1b515c14bcb89051301caef704371680ab057973", 0x0, 0x48)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000180)="98e8f3d54240a8c5e7d596ac21589e2c0833285960429b03e5ae8235cce28dec7b5aa2301c90738ff9e04b3fc5cd917c16b29758e4b7c1e2f62a156c08a2550a138a1e635df9fa41", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="04198bd844c9e8a7b82d748f0f0244293d28bd940000c2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c8ad3e5952305abf0", 0x0, 0x48) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) (async)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c41000/0x3000)=nil, 0x930, 0x280000b, 0x2010, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, 0xffffffffffffffff, 0x0) (async)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)

18m52.506552007s ago: executing program 35 (id=245):
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x42002, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x80000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x8001, 0x0) (async)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000100)="5af600f6b34e08c180f948c13e2727ba279cacc033d6bd28118e0e1e50390ff2f8a1aa8366bb4c33115d61c97d9387dac1b147ed1b515c14bcb89051301caef704371680ab057973", 0x0, 0x48)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000180)="98e8f3d54240a8c5e7d596ac21589e2c0833285960429b03e5ae8235cce28dec7b5aa2301c90738ff9e04b3fc5cd917c16b29758e4b7c1e2f62a156c08a2550a138a1e635df9fa41", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="04198bd844c9e8a7b82d748f0f0244293d28bd940000c2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c8ad3e5952305abf0", 0x0, 0x48) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) (async)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c41000/0x3000)=nil, 0x930, 0x280000b, 0x2010, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, 0xffffffffffffffff, 0x0) (async)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)

12m55.38611811s ago: executing program 4 (id=247):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0xc2881, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0xc4000007, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x400]}}], 0x40}, 0x0, 0x0)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r8, 0x2, 0x40b2811, r7, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@mrs={0xbe, 0x18, {0x603000000013c213}}], 0x18}, 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x80, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r12 = syz_kvm_vgic_v3_setup(r10, 0x2, 0xe0)
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x1, 0x84, &(0x7f0000000000)=0xa})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = openat$kvm(0x0, &(0x7f0000000100), 0x280, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r16, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CLEAR_DIRTY_LOG(r16, 0xc018aec0, &(0x7f0000000bc0)={0x5, 0x280, 0x240, 0x0})
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r14, 0x4068aea3, &(0x7f0000000000)={0xa8, 0x0, 0x3})
ioctl$KVM_SET_USER_MEMORY_REGION(r14, 0x4020ae46, &(0x7f0000000140)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_GET_DIRTY_LOG(r14, 0x4010ae42, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000e96000/0x1000)=nil})
close(r14)

12m35.269556434s ago: executing program 5 (id=246):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3b)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
r3 = ioctl$KVM_CREATE_VM(r2, 0x800454d7, 0x2000ffffbffffffc)
openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x10)
r4 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, 0xffffffffffffffff)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r5, 0x4004ae8b, &(0x7f0000000180)={0x21, "3089a4d1b57e659e73210aa6cc7e978d3c707a5f763028a4941deaa22a0ca6dcba"})
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000340)={0x7, <r8=>0xffffffffffffffff})
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r3, 0x4068aea3, &(0x7f00000000c0)={0xdf, 0x0, 0x11000})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x2, &(0x7f0000000200)=0x8000000})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x206482, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
r12 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r11, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x4000)=nil, 0x0, 0x1000001, 0x11, r11, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r14, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, r15, 0x3})

12m29.054760604s ago: executing program 4 (id=248):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xffffffffffffffff)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x13)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$arm64(r1, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x0, 0x60)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x16)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000100)=@arm64_extra={0x603000000013c036})

12m15.086660656s ago: executing program 4 (id=249):
r0 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f00000000c0)=@riscv64_aia_csr={0x8030000003010001, &(0x7f0000000080)=0x8})
r1 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x18)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r0, 0x4020aeae, &(0x7f0000000040)={0x4, 0x61})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$arm64(r2, 0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000000)={0x10002, 0x6, 0x1, 0x2000, &(0x7f0000000000/0x2000)=nil})

12m14.687949041s ago: executing program 5 (id=250):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r1, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000200)=[@uexit={0x0, 0x18, 0x8}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x2, 0x10, 0x2, 0x4, 0x3}}, @smc={0x1e, 0x40, {0x80000001, [0x80000000, 0x5, 0x1, 0x7fff, 0x9540]}}, @uexit={0x0, 0x18, 0x2}, @uexit={0x0, 0x18, 0x2}, @svc={0x122, 0x40, {0x80000000, [0x5, 0x3, 0x5, 0x6, 0x9]}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x34d}}, @smc={0x1e, 0x40, {0x8400000e, [0x3, 0x1000, 0x6, 0x4, 0x7fff]}}, @hvc={0x32, 0x40, {0x8000, [0xd, 0x1bd8, 0xd, 0x2, 0x800]}}, @msr={0x14, 0x20, {0x603000000013df41, 0x3}}, @svc={0x122, 0x40, {0x1, [0x2ace53ef, 0x10, 0x3, 0x8000000000000000, 0x9]}}, @msr={0x14, 0x20, {0x603000000013c518, 0x4}}, @irq_setup={0x46, 0x18, {0x1, 0x27d}}], 0x230}], 0x1, 0x0, &(0x7f0000000040)=[@featur1={0x1, 0x2c}], 0x1)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c65d, 0xfffdffffc1af0ec0}}], 0x20}, 0x0, 0xffffffffffffff92)
syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x3, 0xa0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

12m1.51624297s ago: executing program 4 (id=251):
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, &(0x7f0000000140)={0x3, 0x58})
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x6030000000100050, &(0x7f0000000000)=0x85c7})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
r4 = eventfd2(0x0, 0x0)
close(r4)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0xffffffffffbffffc, 0x120)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8})
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(0xffffffffffffffff, 0x4068aea3, &(0x7f00000002c0)={0xa8, 0x0, 0x1})
ioctl$KVM_IRQ_LINE_STATUS(r6, 0xc008ae67, &(0x7f00000001c0)={0x9, 0x7})
write$eventfd(r4, &(0x7f0000000180)=0x5, 0xfffffde3)
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
r10 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
syz_kvm_vgic_v3_setup(r8, 0x1, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000240)=0xc})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)

11m59.056226363s ago: executing program 5 (id=252):
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x603000000010000c, 0x0})
ioctl$KVM_CREATE_VM(r4, 0x401c5820, 0x20000001)
r5 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000080)="38ce8347fc1e8600ccfc72bb352ccb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc307bd22ccc646cd69c72800", 0x0, 0x48)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x300, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x28)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
r10 = mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x11, r9, 0x40000)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000000c0)="b160e3205cf49a6d6465b4dfaf425b5ca9292605c021cc61c8e3ca6753bd29fc4090927e193ad96c199643bc3560bdce99750535909442bfc85a732ad4b83ad4da1b871763d668d5", 0x0, 0x48)
r11 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f00000000c0)={0x0, &(0x7f0000000300)=[@irq_setup={0x46, 0x18, {0x3, 0x2d8}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x22a}}, @hvc={0x32, 0x40, {0x86000001, [0x8, 0x1, 0x0, 0x40, 0x1000]}}, @mrs={0xbe, 0x18, {0x603000000013e6c0}}, @uexit={0x0, 0x18, 0x98e}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xf10, 0x7, 0x8}}, @hvc={0x32, 0x40, {0x8400000d, [0xfffffffffffffffa, 0xc, 0xfffffffffffff376, 0x9e4]}}, @svc={0x122, 0x40, {0x84000002, [0x8001, 0x101, 0x8, 0x3, 0x3]}}], 0x160}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r11, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000180)={0x8, <r14=>0xffffffffffffffff})
r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r16, 0x1, 0x100)
ioctl$KVM_SIGNAL_MSI(r16, 0x4020aea5, &(0x7f0000000280)={0x100000, 0x6000, 0x0, 0x2000000})
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000240)=0x8080000})
ioctl$KVM_RUN(r13, 0xae80, 0x0)

11m37.677254699s ago: executing program 4 (id=253):
r0 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000004c0)={0x0, &(0x7f0000000ac0)=[@hvc={0x32, 0x40, {0x2000, [0x6, 0x80, 0x1, 0x4, 0x6]}}, @code={0xa, 0x9c, {"a06694d200c0b0f2010080d2820080d2630180d2020000d480f899d20040b0f2610080d2620080d200a8a17ec40080d2020000d4008c004f604498d20060b0f2010080d2007008d50000391e240180d2c00197d200a0b8f2010180d2a20080d2630080d2840080d2020000d400c0e21eb2fab23608c508c508d500849f0d006e40bf0d2b0d2b00f2"}}, @irq_setup={0x46, 0x18, {0x1, 0x8d}}, @uexit={0x0, 0x18, 0x7}, @eret={0xe6, 0x18, 0x8}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x1, 0xa, 0x404, 0x6}}, @irq_setup={0x46, 0x18, {0x3, 0x188}}, @uexit={0x0, 0x18, 0x1e}, @mrs={0xbe, 0x18, {0x603000000013c289}}, @smc={0x1e, 0x40, {0x84000013, [0x0, 0x10001, 0xa5, 0xa]}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x1fa}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe8, 0x3, 0xd}}, @code={0xa, 0x9c, {"007008d5004c8fd20000b8f2410180d2420180d2430080d2840180d2020000d4007008d50090802f0000df0c00609f0c009d87d20060b0f2410180d2220180d2230180d2c40080d2020000d440e390d20020b8f2010080d2420080d2030180d2c40080d2020000d4005990d200c0b0f2c10080d2620180d2e30180d2840180d2020000d4004cc09a"}}, @eret={0xe6, 0x18, 0x1}, @code={0xa, 0xe4, {"206e9ed20020b8f2610080d2820180d2c30080d2a40080d2020000d4e01a9bd20000b0f2a10180d2c20180d2c30080d2840180d2020000d4000080a9007008d500bc80d200e0b8f2810080d2c20080d2030180d2240080d2020000d480b682d20080b0f2610180d2620080d2a30180d2440080d2020000d4a0908fd20000b8f2010180d2620180d2e30180d2440180d2020000d4e0d484d20020b8f2410180d2620180d2c30080d2040180d2020000d4a0519dd200c0b0f2c10180d2620080d2030080d2e40080d2020000d400c0201e"}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x3, 0x8, 0x200, 0x2}}, @smc={0x1e, 0x40, {0x80003fff, [0xa, 0x9, 0x3ff, 0x1, 0x622fec66]}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x3, 0xc, 0xe5, 0x67, 0x2}}, @hvc={0x32, 0x40, {0xb1000000, [0xc2, 0x0, 0x7, 0x4, 0x5]}}, @mrs={0xbe, 0x18, {0x603000000013c660}}, @uexit={0x0, 0x18, 0x2}, @svc={0x122, 0x40, {0x2000000, [0x35, 0x4, 0x4, 0xfffffffffffffff7, 0xff]}}, @hvc={0x32, 0x40, {0xc4000003, [0x140000, 0x0, 0x2, 0x7, 0x8]}}], 0x544}, &(0x7f0000000500), 0x1)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2e)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x603000000010001e, &(0x7f0000000000)=0x3})
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x2132, r0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x8040ae9f, &(0x7f0000000540))

11m33.928543531s ago: executing program 5 (id=254):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x40000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0x5460, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f0000000480)=[@irq_setup={0x46, 0x18, {0x0, 0x3af}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe4, 0x400, 0x8}}, @irq_setup={0x46, 0x18, {0x2, 0x136}}, @eret={0xe6, 0x18, 0xee}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0xa, 0x4, 0x3ff, 0x40000007, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013c006}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x5, 0x2, 0x7, 0x6, 0x3, 0x3}}, @mrs={0xbe, 0x18, {0x603000000013e711}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe8, 0xbe3, 0xc}}, @smc={0x1e, 0x40, {0x200, [0xc, 0xb344, 0x9, 0x1, 0x8]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x400, 0x7fffffff, 0xe}}, @uexit={0x0, 0x18, 0x5244}, @code={0xa, 0x54, {"60578bd20060b0f2810080d2220180d2030180d2a40180d2020000d4007008d5000000790000221e00cca00e007008d5000080da0000709e007008d5009c202e"}}, @irq_setup={0x46, 0x18, {0x4, 0x2da}}, @irq_setup={0x46, 0x18, {0x0, 0x309}}, @irq_setup={0x46, 0x18, {0x0, 0x252}}, @mrs={0xbe, 0x18, {0x603000000013e130}}, @eret={0xe6, 0x18, 0x3}, @msr={0x14, 0x20, {0x6030000000131a04, 0x8}}, @hvc={0x32, 0x40, {0x80, [0x100000003, 0x9, 0x2, 0x36f, 0x8]}}, @code={0xa, 0x84, {"0040c01a0038212e0040206e000008d5a0b586d200e0b8f2610080d2420080d2a30080d2e40080d2020000d440019dd200c0b8f2810180d2820080d2a30180d2240180d2020000d4000c407c008008d5a0998bd200c0b8f2610080d2a20080d2430180d2840180d2020000d40004407c"}}, @eret={0xe6, 0x18, 0x4}], 0x378}, &(0x7f0000000400)=[@featur1={0x1, 0x2}], 0x1)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x30)

11m22.99663696s ago: executing program 5 (id=255):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve={0x60800000001504e5, 0x0})
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x5, 0x9, 0x0, 0x2, 0x6, 0x6, 0x9, 0x3, 0x88, 0xa8, 0x9, 0x0, 0x9, 0x6, 0xe6, 0x3, 0x6, 0x0, '\x00', 0x10, 0x6})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x109000, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x1000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r11, 0xae03, 0xf3)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, 0x0)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r13, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r13, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x8080000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000380)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0xfffffffffffffe00})
ioctl$KVM_SET_MP_STATE(r9, 0x4004ae99, &(0x7f0000000000)=0x1)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000100)={0x2, <r14=>0xffffffffffffffff, 0x1})
write$eventfd(r14, &(0x7f00000001c0)=0x3, 0x10)

11m12.488368408s ago: executing program 4 (id=256):
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_SREGS(r2, 0x8000ae83, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000040)=@riscv64_f={0x0, &(0x7f0000000000)=0x7ff})
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)

10m35.446744325s ago: executing program 36 (id=255):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve={0x60800000001504e5, 0x0})
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x5, 0x9, 0x0, 0x2, 0x6, 0x6, 0x9, 0x3, 0x88, 0xa8, 0x9, 0x0, 0x9, 0x6, 0xe6, 0x3, 0x6, 0x0, '\x00', 0x10, 0x6})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x109000, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x1000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r11, 0xae03, 0xf3)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, 0x0)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r13, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r13, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x8080000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000380)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0xfffffffffffffe00})
ioctl$KVM_SET_MP_STATE(r9, 0x4004ae99, &(0x7f0000000000)=0x1)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000100)={0x2, <r14=>0xffffffffffffffff, 0x1})
write$eventfd(r14, &(0x7f00000001c0)=0x3, 0x10)

10m22.374394354s ago: executing program 37 (id=256):
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_SREGS(r2, 0x8000ae83, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000040)=@riscv64_f={0x0, &(0x7f0000000000)=0x7ff})
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)

2m23.327490447s ago: executing program 6 (id=257):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000000000/0x400000)=nil)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000000000/0xc00000)=nil, 0x930, 0xf, 0x32, 0xffffffffffffffff, 0x0)
close(r1)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x5, 0xb, 0x0, 0x2, 0x6, 0x6, 0x9, 0x8, 0x88, 0x47, 0x9, 0x0, 0x8, 0x6, 0xe2, 0x3, 0x6, 0x0, '\x00', 0x6, 0x6})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, <r6=>0xffffffffffffffff, 0x1})
write$eventfd(r6, &(0x7f00000001c0)=0x3, 0x10)
syz_kvm_setup_cpu$arm64(r0, r3, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f00000002c0)=[@svc={0x122, 0x40, {0x1000, [0x1, 0x7, 0x8, 0x7, 0x4]}}, @mrs={0xbe, 0x18, {0x603000000013c032}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x382}}, @msr={0x14, 0x20, {0x6030000000139005, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x3, 0x1, 0xb, 0x7fff, 0x4}}, @uexit={0x0, 0x18, 0x8198}, @irq_setup={0x46, 0x18, {0x1, 0x34b}}, @hvc={0x32, 0x40, {0x8400000e, [0x10, 0x10, 0xffffffffffffffff, 0x6, 0x7]}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x4, 0x8, 0x4, 0xfffffffc, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013c663}}, @hvc={0x32, 0x40, {0x84000010, [0x3d6bd362, 0x45, 0x8, 0x10001, 0x9]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x88, 0x6, 0x4}}, @smc={0x1e, 0x40, {0x80000000, [0xff, 0x8, 0x8, 0x7, 0x6]}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x289}}, @uexit={0x0, 0x18, 0xfffffffffffff66d}], 0x268}], 0x1, 0x0, &(0x7f0000000040)=[@featur1={0x1, 0x42}], 0x1)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)

2m18.916224803s ago: executing program 7 (id=258):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2d)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000000)={0x5})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0xb, 0x23ac5f9b426ec4b2, 0xffffffffffffffff, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
close(r4)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x0, 0x7d7b465c1d30afba, 0xffffffffffffffff, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x100, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
r7 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r6, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000ed5000/0x2000)=nil, r6, 0x0, 0x40010, r3, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f00004e8000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r12 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x1)
r15 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r14, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r15, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r14, 0x0)

1m49.931263895s ago: executing program 6 (id=259):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r6 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) (async)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2) (async)
r10 = syz_kvm_vgic_v3_setup(r9, 0x1, 0x40) (async, rerun: 32)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (rerun: 32)
r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x2) (async)
r15 = syz_kvm_vgic_v3_setup(r14, 0x1, 0x40)
ioctl$KVM_HAS_DEVICE_ATTR(r15, 0x4018aee3, &(0x7f0000000080)=@attr_other={0x0, 0x5, 0x2, 0x0})
r16 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r17 = syz_kvm_add_vcpu$arm64(r16, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x3, 0x10000000004}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000005}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r12, 0x1, 0x100) (async, rerun: 32)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000000)={0x8, <r18=>0xffffffffffffffff}) (rerun: 32)
ioctl$KVM_SET_DEVICE_ATTR(r18, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_RUN(r17, 0xae80, 0x0) (async)
ioctl$KVM_GET_DEVICE_ATTR(r10, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x1, 0xc, &(0x7f00000004c0)=0x1}) (async, rerun: 64)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r7, 0x3, 0x11, r5, 0x0) (async, rerun: 64)
r19 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)
mmap$KVM_VCPU(&(0x7f0000f72000/0x3000)=nil, r19, 0x2, 0x40010, r6, 0x0)

1m44.909943121s ago: executing program 7 (id=260):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, 0x0) (async)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

1m30.80647174s ago: executing program 7 (id=261):
r0 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r1, 0x4018aee1, &(0x7f0000000080)=@attr_set_pmu={0x0, 0x0, 0x3, 0x0})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1fc)
syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000be2000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_REG_LIST(r4, 0xc008aeb0, 0xffffffffffffffff)

1m27.301707396s ago: executing program 6 (id=262):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r8, 0x4018aee1, 0xffffffffffffffff)
r9 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x40000000000001, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x80000, 0x10007, 0x0, 0x0, 0x2}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000240)=0x8080000})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x0, 0xf78a1a688332f014)
syz_kvm_setup_cpu$arm64(r1, r4, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f0000000040)=[@featur1={0x1, 0x12}], 0x1)

1m9.341699908s ago: executing program 7 (id=263):
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee3, &(0x7f0000000040)=@attr_other={0x0, 0x8df, 0xfffffffffffffff8, &(0x7f0000000000)=0x9})
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x4)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x2710, 0x5, 0xc000, 0x1000, &(0x7f0000fff000/0x1000)=nil})
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000380)={0x0, &(0x7f00000000c0)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x17b}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x620, 0x9}}, @msr={0x14, 0x20, {0x603000000013dce5, 0x3}}, @irq_setup={0x46, 0x18, {0x0, 0x11}}, @irq_setup={0x46, 0x18, {0x1, 0x34c}}, @irq_setup={0x46, 0x18, {0x1, 0x28f}}, @smc={0x1e, 0x40, {0x5000000, [0x3, 0x0, 0x4, 0x40, 0x1]}}, @svc={0x122, 0x40, {0x80008000, [0x401, 0xfffffffffffffffe, 0x8000000000000000, 0x6, 0x800]}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x1, 0x6, 0xfff, 0x2, 0x3}}, @hvc={0x32, 0x40, {0x5000000, [0x6, 0x0, 0x5, 0x1, 0x7]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe8, 0x9}}, @eret={0xe6, 0x18, 0x51e}, @irq_setup={0x46, 0x18, {0x2, 0xcc}}, @svc={0x122, 0x40, {0x40000000, [0x4, 0x3, 0x10001, 0x6af0, 0x3]}}, @hvc={0x32, 0x40, {0x84000012, [0x0, 0x1, 0xc9, 0x4, 0xfff]}}, @mrs={0xbe, 0x18, {0x301800000009f364}}, @mrs={0xbe, 0x18, {0x603000000013dcf3}}], 0x2b8}, &(0x7f00000003c0)=[@featur2={0x1, 0xa1}], 0x1)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r1, 0x4018aee2, &(0x7f0000000440)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000400)=0x1a})
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r1, 0x4018aee2, &(0x7f00000004c0)=@attr_irq_timer={0x0, 0x1, 0x0, &(0x7f0000000480)=0x10})
ioctl$KVM_GET_DEVICE_ATTR_vm(r0, 0x4018aee2, &(0x7f0000000540)=@attr_other={0x0, 0x1, 0x5, &(0x7f0000000500)})
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_CAP_HALT_POLL(r0, 0x4068aea3, &(0x7f0000000580)={0xb6, 0x0, 0x4})
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000680)={0x0, &(0x7f0000000600)=[@its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x0, 0xe, 0x5, 0x6, 0x1}}, @eret={0xe6, 0x18, 0x2}, @msr={0x14, 0x20, {0x603000000013c01d, 0x6}}, @irq_setup={0x46, 0x18, {0x4, 0x95}}], 0x78}, &(0x7f00000006c0)=[@featur1={0x1, 0x35}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f0000000740)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000700)=0x12})
ioctl$KVM_CAP_PTP_KVM(r0, 0x4068aea3, &(0x7f0000000780))
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000800)={0x3, 0xffffffffffffffff, 0x1})
ioctl$KVM_CAP_HALT_POLL(r0, 0x4068aea3, &(0x7f0000000840)={0xb6, 0x0, 0x80ec})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000008c0), 0x4422c0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x6)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000900)={0x6000, 0x110000})
ioctl$KVM_CAP_HALT_POLL(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000940))
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0xa)
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f00000009c0)={0x10000, 0x105000})
ioctl$KVM_CLEAR_DIRTY_LOG(r5, 0xc018aec0, &(0x7f0000000e00)={0x10200, 0x340, 0xc0, &(0x7f0000000a00)=[0x7ff, 0x80, 0x0, 0x5, 0x5b, 0xc95f, 0x59, 0x5, 0x8d6e, 0x7, 0x9, 0x8, 0x8, 0x10001, 0x2, 0x95, 0x7, 0x2, 0x1, 0x0, 0x6, 0xfffffffffffff7d3, 0x7fffffffffffffff, 0x1, 0x8000000000000001, 0x401, 0x8, 0x1f6b, 0x3ff, 0x69, 0x9, 0x7, 0x6, 0x5, 0x7, 0x0, 0xbd, 0x9, 0x0, 0x3ff, 0x0, 0x6, 0x4, 0x455, 0x2, 0x200, 0x0, 0x1, 0x7, 0x4, 0xffffffffffffff25, 0x9, 0x4f10, 0x0, 0x7, 0x81, 0xfffffffffffff774, 0x5, 0x5, 0x690, 0x8000000000000000, 0x4c30, 0x8, 0x8, 0x37a4, 0x9, 0x9, 0x9, 0x2, 0x7fff, 0x6, 0x7, 0x400, 0xfff, 0xfffffffffffffffa, 0xf9c0de3, 0x3, 0xd, 0x8000000000000000, 0x2800, 0x3ff, 0x8, 0xb1, 0x4d96ad42, 0x4, 0xd, 0x1, 0x7, 0x40, 0x7, 0x2, 0x9, 0x7, 0x5, 0x10001, 0x60b, 0x1, 0x6, 0x7, 0x0, 0x7f, 0xed4b, 0x5cbedb0c, 0x7, 0x5, 0x3, 0x2, 0x6, 0x3ff, 0x9, 0xc22, 0x1b31, 0x4, 0x3, 0x87cf, 0x6, 0x2, 0x0, 0x4, 0x0, 0x9, 0x5, 0x0, 0x100000000, 0x2, 0x100000000, 0x0, 0x9]})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000e40), 0x80800, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0xa)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f0000000ec0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000e80)={0x5, 0x1, 0x2}})
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r2, 0x4018aee2, &(0x7f0000000f40)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000f00)=0x1})
r7 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_add_vcpu$arm64(r7, &(0x7f0000001640)={0x0, &(0x7f0000000f80)=[@mrs={0xbe, 0x18, {0x603000000013e660}}, @irq_setup={0x46, 0x18, {0x2, 0x63}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff4, 0xdf24, 0x4}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x1bd}}, @hvc={0x32, 0x40, {0xc5000020, [0x5da, 0x8000, 0x9, 0x6e3, 0x2]}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x4e}}, @hvc={0x32, 0x40, {0x8abf1dede827886, [0x9, 0xfffffffffffffffb, 0x1, 0x3, 0x62c]}}, @smc={0x1e, 0x40, {0x7000001d, [0x1, 0x7, 0x7, 0x3, 0x5c]}}, @svc={0x122, 0x40, {0x4000000, [0x80, 0xff, 0x3, 0x632c]}}, @code={0xa, 0x84, {"008008d5c00c87d20080b8f2610180d2620180d2a30080d2040180d2020000d40000389e409283d20060b8f2210080d2820180d2a30180d2240180d2020000d4007008d5007008d5e05e9cd20080b8f2c10080d2c20180d2a30080d2a40080d2020000d40070004f007008d50000669e"}}, @hvc={0x32, 0x40, {0x0, [0xffffffffffffffff, 0x4, 0xb7, 0x4, 0x9]}}, @hvc={0x32, 0x40, {0x5000000, [0x8, 0x9, 0x3, 0x9, 0x8001]}}, @hvc={0x32, 0x40, {0xc4000053, [0x8, 0x8, 0x3, 0x6, 0xfffffffffffffffe]}}, @code={0xa, 0x9c, {"000008d50000281e000008d500c0201e807b8bd200c0b0f2c10180d2c20180d2430180d2840080d2020000d4007008d560649ad200c0b0f2a10080d2a20080d2230080d2440080d2020000d4a0a49ed20040b0f2210180d2e20080d2e30080d2a40180d2020000d4205f8dd20020b8f2610080d2020180d2630080d2240180d2020000d40000199e"}}, @irq_setup={0x46, 0x18, {0x3, 0xbc}}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x2a7}}, @svc={0x122, 0x40, {0xc400000c, [0x7fff, 0x0, 0x800000, 0x1, 0x31b3]}}, @svc={0x122, 0x40, {0xc4000053, [0x9, 0xe8, 0xfffffffffffffffa, 0xfffffffffffffbac, 0x401]}}, @smc={0x1e, 0x40, {0xc4000004, [0x4000, 0xfffffffffffff800, 0x2, 0x0, 0xb]}}, @smc={0x1e, 0x40, {0x8, [0x3a355143, 0xe556, 0x3, 0xe1, 0x4]}}, @eret={0xe6, 0x18, 0xd89}, @eret={0xe6, 0x18, 0xeb6}, @code={0xa, 0x6c, {"00c8210e0038212e007008d5209f97d200a0b8f2e10180d2a20180d2c30080d2240180d2020000d4e00300aa0098207e000028d5007008d5007008d500eb82d20080b8f2810180d2e20180d2030080d2040080d2020000d4"}}, @uexit={0x0, 0x18, 0x10001}, @uexit={0x0, 0x18, 0x2b}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x3, 0xd, 0x6, 0x9, 0x2}}, @hvc={0x32, 0x40, {0x10, [0x7fffffffffffffff, 0x10001, 0x8, 0x7fff, 0x800]}}, @svc={0x122, 0x40, {0x8400000b, [0xc608, 0x27b, 0x1ff, 0x5, 0x1ff]}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x0, 0xe, 0x9, 0x3, 0x4}}, @hvc={0x32, 0x40, {0x4000, [0x3, 0x2, 0xc8, 0x1, 0x80]}}], 0x6ac}, &(0x7f0000001680)=[@featur2={0x1, 0x80}], 0x1)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x37)

54.400252598s ago: executing program 6 (id=264):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0x3, 0x100}})
r4 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000240), 0x100, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0x80111500, 0x1ffffffd)
close(r6)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f00000001c0))
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f00000011c0)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f00000000c0)=0x8})
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x2, 0x80)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x8a602, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r11, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x8, 0x40000000000000, 0x0})
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000002000/0x400000)=nil)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x34)
syz_kvm_vgic_v3_setup(r6, 0x4, 0x200)
r12 = openat$kvm(0x0, &(0x7f0000000280), 0x800, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r13, 0x4020ae46, 0x0)
ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)

51.984851995s ago: executing program 7 (id=265):
eventfd2(0x1, 0x1)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x40000, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100000, &(0x7f00000001c0)=0x100000001}) (async)
r8 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x6100, 0x4, 0xa}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_GET_REGS(r8, 0x8360ae81, &(0x7f0000000100))
ioctl$KVM_CHECK_EXTENSION_VM(r9, 0xae03, 0x80)

9.394888283s ago: executing program 38 (id=264):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0x3, 0x100}})
r4 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000240), 0x100, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0x80111500, 0x1ffffffd)
close(r6)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f00000001c0))
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f00000011c0)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f00000000c0)=0x8})
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x2, 0x80)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x8a602, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r11, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x8, 0x40000000000000, 0x0})
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000002000/0x400000)=nil)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x34)
syz_kvm_vgic_v3_setup(r6, 0x4, 0x200)
r12 = openat$kvm(0x0, &(0x7f0000000280), 0x800, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r13, 0x4020ae46, 0x0)
ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)

0s ago: executing program 39 (id=265):
eventfd2(0x1, 0x1)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x40000, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100000, &(0x7f00000001c0)=0x100000001}) (async)
r8 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x6100, 0x4, 0xa}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_GET_REGS(r8, 0x8360ae81, &(0x7f0000000100))
ioctl$KVM_CHECK_EXTENSION_VM(r9, 0xae03, 0x80)

kernel console output (not intermixed with test programs):

[  395.037622][ T3171] 8021q: adding VLAN 0 to HW filter on device bond0
[  442.920889][ T3171] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:2364' (ED25519) to the list of known hosts.
[  609.555652][   T24] audit: type=1400 audit(608.740:61): avc:  denied  { name_bind } for  pid=3329 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  610.444218][   T24] audit: type=1400 audit(609.620:62): avc:  denied  { execute } for  pid=3330 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  610.464835][   T24] audit: type=1400 audit(609.650:63): avc:  denied  { execute_no_trans } for  pid=3330 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  636.775727][   T24] audit: type=1400 audit(635.960:64): avc:  denied  { mounton } for  pid=3330 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  636.842196][   T24] audit: type=1400 audit(636.020:65): avc:  denied  { mount } for  pid=3330 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  637.014586][ T3330] cgroup: Unknown subsys name 'net'
[  637.141093][   T24] audit: type=1400 audit(636.300:66): avc:  denied  { unmount } for  pid=3330 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  637.784746][ T3330] cgroup: Unknown subsys name 'cpuset'
[  638.037003][ T3330] cgroup: Unknown subsys name 'rlimit'
[  639.727766][   T24] audit: type=1400 audit(638.910:67): avc:  denied  { setattr } for  pid=3330 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  639.757732][   T24] audit: type=1400 audit(638.940:68): avc:  denied  { mounton } for  pid=3330 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  639.787674][   T24] audit: type=1400 audit(638.970:69): avc:  denied  { mount } for  pid=3330 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  642.051505][ T3334] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  642.071584][   T24] audit: type=1400 audit(641.250:70): avc:  denied  { relabelto } for  pid=3334 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  642.122069][   T24] audit: type=1400 audit(641.280:71): avc:  denied  { write } for  pid=3334 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  642.411846][   T24] audit: type=1400 audit(641.590:72): avc:  denied  { read } for  pid=3330 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  642.451309][   T24] audit: type=1400 audit(641.630:73): avc:  denied  { open } for  pid=3330 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  642.512394][ T3330] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  697.072233][   T24] audit: type=1400 audit(696.250:74): avc:  denied  { execmem } for  pid=3335 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  704.036395][   T24] audit: type=1400 audit(703.220:75): avc:  denied  { read } for  pid=3337 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  704.066009][   T24] audit: type=1400 audit(703.250:76): avc:  denied  { open } for  pid=3338 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  704.143725][   T24] audit: type=1400 audit(703.330:77): avc:  denied  { mounton } for  pid=3338 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  704.375067][   T24] audit: type=1400 audit(703.560:78): avc:  denied  { module_request } for  pid=3337 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  704.404286][   T24] audit: type=1400 audit(703.590:79): avc:  denied  { module_request } for  pid=3338 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  705.417076][   T24] audit: type=1400 audit(704.600:80): avc:  denied  { sys_module } for  pid=3338 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  728.222177][ T3337] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  728.505212][ T3337] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  728.567589][ T3338] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  728.966031][ T3338] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  741.168835][ T3337] hsr_slave_0: entered promiscuous mode
[  741.199037][ T3337] hsr_slave_1: entered promiscuous mode
[  742.395972][ T3338] hsr_slave_0: entered promiscuous mode
[  742.443762][ T3338] hsr_slave_1: entered promiscuous mode
[  742.491879][ T3338] debugfs: 'hsr0' already exists in 'hsr'
[  742.496485][ T3338] Cannot create hsr debugfs directory
[  748.407891][   T24] audit: type=1400 audit(747.590:81): avc:  denied  { create } for  pid=3337 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  748.461848][   T24] audit: type=1400 audit(747.640:82): avc:  denied  { write } for  pid=3337 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  748.496225][   T24] audit: type=1400 audit(747.660:83): avc:  denied  { read } for  pid=3337 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  748.618185][ T3337] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  748.973743][ T3337] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  749.224865][ T3337] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  749.744621][ T3337] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  751.398652][ T3338] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  751.549106][ T3338] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  751.745933][ T3338] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  751.902485][ T3338] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  767.957216][ T3337] 8021q: adding VLAN 0 to HW filter on device bond0
[  771.195649][ T3338] 8021q: adding VLAN 0 to HW filter on device bond0
[  822.124566][ T3337] veth0_vlan: entered promiscuous mode
[  822.716989][ T3337] veth1_vlan: entered promiscuous mode
[  825.648429][ T3337] veth0_macvtap: entered promiscuous mode
[  826.083449][ T3338] veth0_vlan: entered promiscuous mode
[  826.400387][ T3337] veth1_macvtap: entered promiscuous mode
[  827.414904][ T3338] veth1_vlan: entered promiscuous mode
[  830.163648][ T3233] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  830.233334][ T3233] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  830.241477][ T3233] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  830.247613][ T3233] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  831.453238][ T3338] veth0_macvtap: entered promiscuous mode
[  832.284253][ T3338] veth1_macvtap: entered promiscuous mode
[  833.956534][   T24] audit: type=1400 audit(833.140:84): avc:  denied  { mount } for  pid=3337 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  834.216180][   T24] audit: type=1400 audit(833.370:85): avc:  denied  { mounton } for  pid=3337 comm="syz-executor" path="/syzkaller.03bYwM/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  834.451987][   T24] audit: type=1400 audit(833.620:86): avc:  denied  { mount } for  pid=3337 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  835.007383][   T24] audit: type=1400 audit(834.190:87): avc:  denied  { mounton } for  pid=3337 comm="syz-executor" path="/syzkaller.03bYwM/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  835.349178][   T24] audit: type=1400 audit(834.530:88): avc:  denied  { mounton } for  pid=3337 comm="syz-executor" path="/syzkaller.03bYwM/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  835.896994][ T2141] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  835.999035][ T2141] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  836.081705][ T3416] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  836.092221][ T3416] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  836.232072][   T24] audit: type=1400 audit(835.410:89): avc:  denied  { unmount } for  pid=3337 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  836.643878][   T24] audit: type=1400 audit(835.740:90): avc:  denied  { mounton } for  pid=3337 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  836.823068][   T24] audit: type=1400 audit(836.000:91): avc:  denied  { mount } for  pid=3337 comm="syz-executor" name="/" dev="gadgetfs" ino=3739 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  837.371636][   T24] audit: type=1400 audit(836.540:92): avc:  denied  { mount } for  pid=3337 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  837.574240][   T24] audit: type=1400 audit(836.690:93): avc:  denied  { mounton } for  pid=3337 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  839.214180][ T3337] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  840.182580][   T24] kauditd_printk_skb: 1 callbacks suppressed
[  840.185578][   T24] audit: type=1400 audit(839.360:95): avc:  denied  { read write } for  pid=3337 comm="syz-executor" name="loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  840.246270][   T24] audit: type=1400 audit(839.430:96): avc:  denied  { open } for  pid=3337 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  840.298088][   T24] audit: type=1400 audit(839.480:97): avc:  denied  { ioctl } for  pid=3337 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  850.293285][   T24] audit: type=1400 audit(849.450:98): avc:  denied  { execute } for  pid=3489 comm="syz.1.2" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3784 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  851.507974][   T24] audit: type=1400 audit(850.690:99): avc:  denied  { read } for  pid=3491 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  851.598074][   T24] audit: type=1400 audit(850.750:100): avc:  denied  { open } for  pid=3491 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  852.527480][   T24] audit: type=1400 audit(851.690:101): avc:  denied  { ioctl } for  pid=3491 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  856.952313][   T24] audit: type=1400 audit(856.050:102): avc:  denied  { write } for  pid=3496 comm="syz.1.3" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  870.258640][   T24] audit: type=1400 audit(869.440:103): avc:  denied  { append } for  pid=3505 comm="syz.0.6" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  891.812151][   T24] audit: type=1400 audit(890.990:104): avc:  denied  { setattr } for  pid=3514 comm="syz.1.9" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1057.828460][   T24] audit: type=1400 audit(1056.970:105): avc:  denied  { create } for  pid=3592 comm="syz.1.34" anonclass=[kvm-gmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1086.675901][   T24] audit: type=1400 audit(1085.860:106): avc:  denied  { map } for  pid=3612 comm="syz.1.40" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=6043 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1086.728483][   T24] audit: type=1400 audit(1085.910:107): avc:  denied  { read } for  pid=3612 comm="syz.1.40" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=6043 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1127.196356][   T24] audit: type=1400 audit(1126.380:108): avc:  denied  { map } for  pid=3641 comm="syz.1.49" path="pipe:[2743]" dev="pipefs" ino=2743 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 1127.278875][   T24] audit: type=1400 audit(1126.440:109): avc:  denied  { execute } for  pid=3641 comm="syz.1.49" path="pipe:[2743]" dev="pipefs" ino=2743 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 1147.645210][   T24] audit: type=1400 audit(1146.820:110): avc:  denied  { ioctl } for  pid=3651 comm="syz.0.53" path="net:[4026531833]" dev="nsfs" ino=4026531833 ioctlcmd=0xb708 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1456.776041][   T24] audit: type=1400 audit(1455.960:111): avc:  denied  { execute } for  pid=3823 comm="syz.0.109" path=2F35312F10FBFF67525673312B0104 dev="tmpfs" ino=276 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 1603.164188][ T3911] kvm [3910]: Unsupported guest access at: eeef0000
[ 1603.164188][ T3911]  { Op0( 2), Op1( 0), CRn( 0), CRm( 6), Op2( 2), func_read },
[ 1615.397381][ T3917] kvm [3917]: Failed to find VMA for hva 0x21016000
[ 1637.408079][   T24] audit: type=1400 audit(1636.590:112): avc:  denied  { map } for  pid=3928 comm="syz.0.143" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1637.461449][   T24] audit: type=1400 audit(1636.630:113): avc:  denied  { execute } for  pid=3928 comm="syz.0.143" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2117.173237][ T3376] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2117.863090][ T3376] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2118.566986][ T3376] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2119.716420][ T3376] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2131.574796][ T3376] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2131.675703][ T3376] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2131.741665][ T3376] bond0 (unregistering): Released all slaves
[ 2133.212282][ T3376] hsr_slave_0: left promiscuous mode
[ 2133.342497][ T3376] hsr_slave_1: left promiscuous mode
[ 2133.812590][ T3376] veth1_macvtap: left promiscuous mode
[ 2133.822146][ T3376] veth0_macvtap: left promiscuous mode
[ 2133.828876][ T3376] veth1_vlan: left promiscuous mode
[ 2133.843190][ T3376] veth0_vlan: left promiscuous mode
[ 2147.409223][ T4149] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2148.178768][ T4149] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2153.438895][ T3376] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2154.939140][ T3376] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2156.649069][ T3376] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2157.969269][ T3376] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2175.565830][ T3376] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2175.638893][ T3376] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2175.703517][ T3376] bond0 (unregistering): Released all slaves
[ 2177.222069][ T3376] hsr_slave_0: left promiscuous mode
[ 2177.301422][ T3376] hsr_slave_1: left promiscuous mode
[ 2177.670972][ T3376] veth1_macvtap: left promiscuous mode
[ 2177.674470][ T3376] veth0_macvtap: left promiscuous mode
[ 2177.686792][ T3376] veth1_vlan: left promiscuous mode
[ 2177.712136][ T3376] veth0_vlan: left promiscuous mode
[ 2192.259002][ T4149] hsr_slave_0: entered promiscuous mode
[ 2192.336645][ T4149] hsr_slave_1: entered promiscuous mode
[ 2199.966622][ T4159] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2200.106745][ T4159] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2205.514076][ T4149] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 2205.894700][ T4149] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 2206.148193][ T4149] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 2206.443226][ T4149] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 2228.600963][ T4159] hsr_slave_0: entered promiscuous mode
[ 2228.693741][ T4159] hsr_slave_1: entered promiscuous mode
[ 2228.735739][ T4159] debugfs: 'hsr0' already exists in 'hsr'
[ 2228.770739][ T4159] Cannot create hsr debugfs directory
[ 2233.197740][ T4149] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2243.288598][ T4159] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 2243.619295][ T4159] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 2243.929108][ T4159] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 2244.278140][ T4159] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 2267.217935][ T4159] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2325.886069][ T4149] veth0_vlan: entered promiscuous mode
[ 2326.777226][ T4149] veth1_vlan: entered promiscuous mode
[ 2330.134104][ T4149] veth0_macvtap: entered promiscuous mode
[ 2330.645369][ T4149] veth1_macvtap: entered promiscuous mode
[ 2334.346240][ T3423] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2334.368200][ T3423] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2334.381167][ T3423] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2334.382025][ T3423] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2339.224038][   T24] audit: type=1400 audit(2338.370:114): avc:  denied  { unmount } for  pid=4149 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 2372.022987][ T4159] veth0_vlan: entered promiscuous mode
[ 2373.133497][ T4159] veth1_vlan: entered promiscuous mode
[ 2376.706330][ T4159] veth0_macvtap: entered promiscuous mode
[ 2377.417665][ T4159] veth1_macvtap: entered promiscuous mode
[ 2381.434221][ T3376] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2381.439197][ T3376] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2381.582165][ T3376] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2381.601486][ T3376] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2410.080896][   T24] audit: type=1400 audit(2409.240:115): avc:  denied  { execute } for  pid=4391 comm="syz.2.214" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=16730 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 2694.955612][ T4164] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2697.104237][ T4164] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2698.778676][ T4164] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2700.658161][ T4164] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2727.391932][ T4164] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2727.846034][ T4164] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2728.628054][ T4164] bond0 (unregistering): Released all slaves
[ 2731.684721][ T4164] hsr_slave_0: left promiscuous mode
[ 2731.800272][ T4164] hsr_slave_1: left promiscuous mode
[ 2732.594998][ T4164] veth1_macvtap: left promiscuous mode
[ 2732.641224][ T4164] veth0_macvtap: left promiscuous mode
[ 2732.662230][ T4164] veth1_vlan: left promiscuous mode
[ 2732.702294][ T4164] veth0_vlan: left promiscuous mode
[ 2768.828631][ T4164] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2770.718417][ T4164] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2772.544429][ T4164] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2773.748305][ T4164] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2791.235193][ T4164] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2791.335410][ T4164] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2791.392488][ T4164] bond0 (unregistering): Released all slaves
[ 2792.395629][ T4164] hsr_slave_0: left promiscuous mode
[ 2792.467033][ T4164] hsr_slave_1: left promiscuous mode
[ 2792.723707][ T4164] veth1_macvtap: left promiscuous mode
[ 2792.739272][ T4164] veth0_macvtap: left promiscuous mode
[ 2792.751998][ T4164] veth1_vlan: left promiscuous mode
[ 2792.758050][ T4164] veth0_vlan: left promiscuous mode
[ 2833.187718][ T4569] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2833.995382][ T4569] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2848.793622][ T4603] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2849.059279][ T4603] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2858.297532][ T4569] hsr_slave_0: entered promiscuous mode
[ 2858.406322][ T4569] hsr_slave_1: entered promiscuous mode
[ 2875.952248][ T4569] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2877.426299][ T4569] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2878.243403][ T4603] hsr_slave_0: entered promiscuous mode
[ 2878.328292][ T4603] hsr_slave_1: entered promiscuous mode
[ 2878.393816][ T4603] debugfs: 'hsr0' already exists in 'hsr'
[ 2878.399256][ T4603] Cannot create hsr debugfs directory
[ 2878.492058][ T4569] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2878.921780][ T4569] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2900.174116][ T4603] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2900.678973][ T4603] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2901.039067][ T4603] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2901.435475][ T4603] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2908.999020][ T4569] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2928.607126][ T4603] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3046.014722][ T4569] veth0_vlan: entered promiscuous mode
[ 3047.185526][ T4569] veth1_vlan: entered promiscuous mode
[ 3050.697476][ T4569] veth0_macvtap: entered promiscuous mode
[ 3051.467316][ T4569] veth1_macvtap: entered promiscuous mode
[ 3055.773335][ T4192] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3055.824975][ T2141] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3055.891691][ T2141] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3055.902047][ T2141] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3075.298378][ T4603] veth0_vlan: entered promiscuous mode
[ 3076.997740][ T4603] veth1_vlan: entered promiscuous mode
[ 3081.974018][ T4603] veth0_macvtap: entered promiscuous mode
[ 3082.965734][ T4603] veth1_macvtap: entered promiscuous mode
[ 3088.074489][   T50] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3088.106501][   T50] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3088.127391][   T50] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3088.157339][ T4585] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3274.218582][ T2141] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3276.603478][ T2141] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3278.358290][ T2141] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3280.078855][ T2141] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3303.257763][ T2141] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3303.526228][ T2141] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3303.742668][ T2141] bond0 (unregistering): Released all slaves
[ 3307.688331][ T2141] hsr_slave_0: left promiscuous mode
[ 3307.784018][ T2141] hsr_slave_1: left promiscuous mode
[ 3308.774230][ T2141] veth1_macvtap: left promiscuous mode
[ 3308.830887][ T2141] veth0_macvtap: left promiscuous mode
[ 3308.837292][ T2141] veth1_vlan: left promiscuous mode
[ 3308.838577][ T2141] veth0_vlan: left promiscuous mode
[ 3341.657476][ T2141] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3343.302494][ T2141] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3345.509011][ T2141] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3346.933708][ T2141] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3368.897425][ T2141] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3369.185630][ T2141] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3369.646663][ T2141] bond0 (unregistering): Released all slaves
[ 3372.344386][ T2141] hsr_slave_0: left promiscuous mode
[ 3372.476623][ T2141] hsr_slave_1: left promiscuous mode
[ 3373.348831][ T2141] veth1_macvtap: left promiscuous mode
[ 3373.380908][ T2141] veth0_macvtap: left promiscuous mode
[ 3373.403466][ T2141] veth1_vlan: left promiscuous mode
[ 3373.404653][ T2141] veth0_vlan: left promiscuous mode
[ 3409.514874][ T4903] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3409.824657][ T4903] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3418.562608][ T4911] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3418.875615][ T4911] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3445.017810][ T4903] hsr_slave_0: entered promiscuous mode
[ 3445.096314][ T4903] hsr_slave_1: entered promiscuous mode
[ 3453.199178][ T4911] hsr_slave_0: entered promiscuous mode
[ 3453.244090][ T4911] hsr_slave_1: entered promiscuous mode
[ 3453.267755][ T4911] debugfs: 'hsr0' already exists in 'hsr'
[ 3453.297959][ T4911] Cannot create hsr debugfs directory
[ 3468.551818][ T4903] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 3469.423417][ T4903] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 3470.044270][ T4903] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 3470.889191][ T4903] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 3479.236597][ T4911] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 3479.736646][ T4911] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 3480.332684][ T4911] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 3480.943804][ T4911] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 3512.976059][ T4903] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3519.335163][ T4911] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3678.385594][ T4903] veth0_vlan: entered promiscuous mode
[ 3679.836286][ T4903] veth1_vlan: entered promiscuous mode
[ 3684.907357][ T4911] veth0_vlan: entered promiscuous mode
[ 3687.776505][ T4911] veth1_vlan: entered promiscuous mode
[ 3688.036264][ T4903] veth0_macvtap: entered promiscuous mode
[ 3689.685571][ T4903] veth1_macvtap: entered promiscuous mode
[ 3695.934166][ T4911] veth0_macvtap: entered promiscuous mode
[ 3697.336242][ T4911] veth1_macvtap: entered promiscuous mode
[ 3697.773854][ T4192] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3697.797251][ T4192] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3698.145365][ T4192] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3698.355787][ T4192] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3704.131744][ T3423] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3704.132831][ T3423] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3704.145392][ T3423] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3704.146266][ T3423] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4022.736151][ T5216] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4023.532954][ T5216] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4032.772288][ T5219] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4033.364391][ T5219] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4084.467906][ T5216] hsr_slave_0: entered promiscuous mode
[ 4084.766526][ T5216] hsr_slave_1: entered promiscuous mode
[ 4084.941707][ T5216] debugfs: 'hsr0' already exists in 'hsr'
[ 4084.975311][ T5216] Cannot create hsr debugfs directory
[ 4096.295184][ T5219] hsr_slave_0: entered promiscuous mode
[ 4096.535111][ T5219] hsr_slave_1: entered promiscuous mode
[ 4096.681210][ T5219] debugfs: 'hsr0' already exists in 'hsr'
[ 4096.690478][ T5219] Cannot create hsr debugfs directory
[ 4138.845973][ T5216] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 4140.288557][ T5216] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 4141.347913][ T5216] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 4142.486277][ T5216] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 4156.954643][ T5219] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 4157.867855][ T5219] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 4158.718906][ T5219] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 4159.656027][ T5219] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 4206.949197][ T5216] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4222.033493][ T5219] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4261.193221][   T26] INFO: task syz.7.265:5197 blocked for more than 430 seconds.
[ 4261.241519][   T26]       Not tainted syzkaller #0
[ 4261.276600][   T26]       Blocked by coredump.
[ 4261.331711][   T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 4261.332539][   T26] task:syz.7.265       state:D stack:0     pid:5197  tgid:5194  ppid:4911   task_flags:0x40044c flags:0x00000010
[ 4261.334561][   T26] Call trace:
[ 4261.335098][   T26]  __switch_to+0x584/0xb00 (T)
[ 4261.337345][   T26]  __schedule+0x1da4/0x3678
[ 4261.337972][   T26]  schedule+0xac/0x27c
[ 4261.338516][   T26]  schedule_timeout+0x68/0x1ec
[ 4261.338951][   T26]  do_wait_for_common+0x28c/0x440
[ 4261.483617][   T26]  wait_for_completion+0x44/0x5c
[ 4261.501615][   T26]  __synchronize_srcu+0x2a4/0x320
[ 4261.502461][   T26]  synchronize_srcu+0x3d0/0x4f8
[ 4261.502941][   T26]  __mmu_notifier_release+0x424/0x614
[ 4261.503443][   T26]  exit_mmap+0xcc/0xb84
[ 4261.503889][   T26]  __mmput+0x10c/0x528
[ 4261.504335][   T26]  mmput+0x70/0xa8
[ 4261.504732][   T26]  exit_mm+0x158/0x248
[ 4261.505229][   T26]  do_exit+0x828/0x2410
[ 4261.505727][   T26]  do_group_exit+0x1d4/0x2ac
[ 4261.506267][   T26]  get_signal+0x1440/0x154c
[ 4261.506686][   T26]  arch_do_signal_or_restart+0x23c/0x4bac
[ 4261.507220][   T26]  exit_to_user_mode_loop+0x88/0x188
[ 4261.507702][   T26]  el0_svc+0x17c/0x238
[ 4261.508162][   T26]  el0t_64_sync_handler+0x84/0x12c
[ 4261.508607][   T26]  el0t_64_sync+0x198/0x19c
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 4261.631863][   T26] 
[ 4261.631863][   T26] Showing all locks held in the system:
[ 4261.673369][   T26] 1 lock held by khungtaskd/26:
[ 4261.772368][   T26]  #0: ffff800087c971f8 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x0/0x44
[ 4261.775541][   T26] 3 locks held by kworker/u4:5/50:
[ 4261.776072][   T26] 3 locks held by kworker/u4:6/2141:
[ 4261.776464][   T26] 1 lock held by klogd/3134:
[ 4261.776809][   T26] 2 locks held by getty/3201:
[ 4261.777160][   T26]  #0: 38f00000128868a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 4261.779031][   T26]  #1: 9eff80008ca2b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x308/0x1234
[ 4261.924522][   T26] 2 locks held by syz-executor/3330:
[ 4261.924893][   T26] 3 locks held by kworker/u4:2/4163:
[ 4261.925239][   T26] 3 locks held by kworker/u4:10/4286:
[ 4261.925606][   T26] 2 locks held by kworker/u4:11/4736:
[ 4261.926028][   T26] 2 locks held by kworker/u4:13/5052:
[ 4261.926364][   T26]  #0: 8ef000000d036548 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x7f8/0x1d94
[ 4261.928456][   T26]  #1: ffff80008f407ca8 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x884/0x1d94
[ 4262.104352][   T26] 2 locks held by syz.6.264/5192:
[ 4262.104811][   T26] 4 locks held by kworker/0:6/5205:
[ 4262.105162][   T26] 1 lock held by syz-executor/5216:
[ 4262.105503][   T26] 3 locks held by kworker/u4:8/5229:
[ 4262.105889][   T26] 3 locks held by kworker/u4:14/5344:
[ 4262.106248][   T26] 1 lock held by modprobe/5370:
[ 4262.106737][   T26] 
[ 4262.107029][   T26] =============================================
[ 4262.107029][   T26] 
[ 4262.108025][   T26] Kernel panic - not syncing: hung_task: blocked tasks
[ 4262.119120][   T26] CPU: 0 UID: 0 PID: 26 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT 
[ 4262.120612][   T26] Hardware name: linux,dummy-virt (DT)
[ 4262.121618][   T26] Call trace:
[ 4262.122422][   T26]  show_stack+0x2c/0x3c (C)
[ 4262.123545][   T26]  __dump_stack+0x30/0x40
[ 4262.124382][   T26]  dump_stack_lvl+0x30/0x12c
[ 4262.125423][   T26]  dump_stack+0x1c/0x28
[ 4262.126416][   T26]  vpanic+0x4d0/0x848
[ 4262.127245][   T26]  vpanic+0x0/0x848
[ 4262.128144][   T26]  hung_task_panic+0x0/0x2c
[ 4262.128938][   T26]  kthread+0x4d4/0x51c
[ 4262.129936][   T26]  ret_from_fork+0x10/0x20
[ 4262.131862][   T26] Kernel Offset: disabled
[ 4262.132643][   T26] CPU features: 0x0000000,001a3005,fbe327a1,057ffe1f
[ 4262.133804][   T26] Memory Limit: none
[ 4262.136055][   T26] Rebooting in 86400 seconds..