last executing test programs:

46m32.489759012s ago: executing program 0 (id=250):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r2, 0x4068aea3, &(0x7f0000000000))
ioctl$KVM_GET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee2, &(0x7f00000000c0)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0xffffffffffffffff})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r1, 0xc018aec0, &(0x7f00000000c0)={0x1})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2) (async)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r2, 0x4068aea3, &(0x7f0000000000)) (async)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee2, &(0x7f00000000c0)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0xffffffffffffffff}) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc018aec0, &(0x7f00000000c0)={0x1}) (async)

46m32.16223779s ago: executing program 1 (id=251):
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r1 = ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece)
ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f0000000040)=@attr_arm64={0x0, 0x4, 0x4, &(0x7f0000000000)=0x1})
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_ARM_VCPU_INIT(r1, 0x4020aeae, &(0x7f0000000080)={0x0, 0x20})
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x9)
ioctl$KVM_RESET_DIRTY_RINGS(r3, 0xaec7)
syz_kvm_vgic_v3_setup(r2, 0x2, 0x360)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2d)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r4, 0x4010ae68, &(0x7f00000000c0)={0xffff1000, 0x108000})
ioctl$KVM_CAP_HALT_POLL(r3, 0x4068aea3, &(0x7f0000000100))
ioctl$KVM_SET_GSI_ROUTING(r4, 0x4008ae6a, &(0x7f0000000180)={0x4, 0x0, [{0x5, 0x2, 0x1, 0x0, @irqchip={0x3, 0x400}}, {0x9, 0x4, 0x0, 0x0, @sint={0x2, 0x40}}, {0xb, 0x5, 0x1, 0x0, @adapter={0x800, 0x6, 0x3, 0x89, 0xffffffff}}, {0xff, 0x2, 0x0, 0x0, @sint={0x101, 0x3ff}}]})
munmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
r5 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0, 0x1010, r0, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000280)="bfb52d9bddadaf3eea2d9d8a618f1814e8d88f7ad791bf9d2ef6f5055fe7d960d0f98a50615ff2e00962953db8ba0c76e2a9cba7b9af8965c9227cb4a40ff7f80f988af16609b1e7", 0x0, 0x48)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x24)
ioctl$KVM_GET_DIRTY_LOG(r6, 0x4010ae42, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000f5d000/0x3000)=nil})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x300, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1)
r9 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f00000003c0)=@other={0x11, &(0x7f0000000380)})
ioctl$KVM_PPC_ALLOCATE_HTAB(r3, 0xc004aea7, &(0x7f0000000400)=0x7)
r10 = ioctl$KVM_GET_STATS_FD_vm(r8, 0xaece)
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000480)=@attr_other={0x0, 0x3, 0x894, &(0x7f0000000440)=0x5})
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x20)
r11 = ioctl$KVM_GET_STATS_FD_vm(r3, 0xaece)
ioctl$KVM_ASSIGN_SET_MSIX_NR(0xffffffffffffffff, 0x4008ae73, &(0x7f00000004c0)={0x2, 0x988})
ioctl$KVM_KVMCLOCK_CTRL(r11, 0xaead)

46m26.200348439s ago: executing program 1 (id=252):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xac)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) (async)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xac) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000) (async)

46m24.949262668s ago: executing program 0 (id=253):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x490001, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee2, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f0000000080)={0xb6, 0x0, 0x100000000})
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_ARM_SET_DEVICE_ADDR(r2, 0x4010aeab, &(0x7f0000000000)={0x0, 0xfec00000})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000140)=@arm64={0x97, 0x9, 0x1, '\x00', 0x3})

46m19.270437541s ago: executing program 1 (id=254):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x1, 0x6000, 0x9fff, 0xffffffffffffffff, 0x8})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000040)={0x4000, 0x0, 0x1})
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x1, 0x6000, 0x9fff, 0xffffffffffffffff, 0x8}) (async)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000040)={0x4000, 0x0, 0x1}) (async)

46m17.315006769s ago: executing program 0 (id=255):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000140)={0x0, &(0x7f00000003c0)=[@smc={0x1e, 0x40, {0xef000000, [0x50, 0x1, 0x2, 0x3, 0x4]}}], 0x40}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x3, 0x60)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
r8 = ioctl$KVM_CREATE_VM(r7, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0x4030582a, 0x0)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0x80111500, 0x20000000)
ioctl$KVM_CREATE_VM(r11, 0x541b, 0x10000000000000)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f00000000c0)={0x7, <r12=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r12, 0x4018aee3, &(0x7f0000000180)=@attr_other={0x0, 0x9, 0x40, &(0x7f00000002c0)=0x8000000000000001})
r13 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}, @msr={0x14, 0x20, {0x603000000013dce1, 0xfffffffffffffbff}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r16, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r16, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000000)=0x400000000})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000100)=0x8010000000000001})
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000200)={0x1fe, 0x2, 0x10000, 0x1000, &(0x7f0000fff000/0x1000)=nil})
close(0x4)

46m10.314792795s ago: executing program 1 (id=256):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_fw={0x6030000000140000, &(0x7f00000000c0)=0x1})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f0000000040)={0x1000200001fe0000, 0x1})
ioctl$KVM_SET_USER_MEMORY_REGION2(r4, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x5, 0x6000, 0x2000, &(0x7f0000ffc000/0x2000)=nil, 0x100000000000000, r5})
openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_fw={0x6030000000140000, &(0x7f00000000c0)=0x1}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f0000000040)={0x1000200001fe0000, 0x1}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION2(r4, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x5, 0x6000, 0x2000, &(0x7f0000ffc000/0x2000)=nil, 0x100000000000000, r5}) (async)

46m3.569643808s ago: executing program 0 (id=257):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x0, 0x80000)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x2, r2, 0x3})
r3 = eventfd2(0x8, 0x80800)
r4 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
r7 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000140)={0x4, <r10=>0xffffffffffffffff, 0x1})
openat$kvm(0x0, 0x0, 0x0, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x2)
r14 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r13, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r13, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x40305839, &(0x7f0000000040)=@attr_other={0x1000000, 0xab, 0x7f, 0x0})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r15, 0x40305839, 0x19)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xeeef0000, 0x0, r3})
r16 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0)

45m50.724536239s ago: executing program 1 (id=258):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x400100, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x9)
ioctl$KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) (async)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, &(0x7f0000000000)={0x0, 0x2}) (async)
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x26) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0x80111500, 0x20000000)
r9 = ioctl$KVM_CREATE_VM(r8, 0x5761, 0x2000001c)
ioctl$KVM_RESET_DIRTY_RINGS(r9, 0xaec7)
r10 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r11, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x0, 0x100) (async)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8})
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r12, 0x40049409, 0x13)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) (async)
r15 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r14, 0x4040ae79, &(0x7f0000000140)={0x8000000000000000, 0x0, 0x2, r15, 0x3})
ioctl$KVM_IOEVENTFD(r14, 0x4040ae79, &(0x7f0000000040)={0x4, 0xd000, 0x8, r15, 0xa}) (async)
ioctl$KVM_IOEVENTFD(r14, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x2, r15, 0x7ffffffe})

45m49.832572249s ago: executing program 0 (id=259):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r3, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r3, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r4, 0x8, 0x13, r3, 0x0) (async)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async)
r9 = syz_kvm_vgic_v3_setup(r6, 0x1, 0x240)
syz_kvm_setup_cpu$arm64(r6, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0, 0x310}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x1, 0x3000000, &(0x7f0000000100)=0x80}) (async)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)

45m42.393420981s ago: executing program 0 (id=260):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x29) (async)
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, &(0x7f0000000780)=[@eret={0xe6, 0x0, 0x7}, @its_setup={0x82, 0x0, {0x3, 0x4, 0x361}}, @its_setup={0x82, 0x0, {0x3, 0x4, 0x1bb}}, @its_setup={0x82, 0x0, {0x3, 0x4, 0xd2}}, @hvc={0x32, 0x0, {0x84000014, [0x5, 0x0, 0xd, 0xfffffffffffffff8, 0x3]}}, @eret={0xe6, 0x0, 0xfffffffffffffffd}, @code={0xa, 0x0, {"0040ff0d000028d5007008d5007008d5a02a8dd20000b0f2610180d2020080d2830080d2640080d2020000d40004803ca09393d20000b0f2c10180d2e20080d2030080d2840180d2020000d4000000ba0000181e0000429e"}}, @mrs={0xbe, 0x0, {0x603000000013e66c}}, @eret={0xe6, 0x0, 0xffffffff}, @its_setup={0x82, 0x23, {0x4, 0x2, 0x2c2}}, @its_setup={0x82, 0x0, {0x0, 0x3, 0xa6}}, @smc={0x1e, 0x0, {0x80000002, [0x9, 0x5, 0x6, 0xfff, 0x35d5]}}, @code={0xa, 0x0, {"007008d50090200e007008d5000840ba00c8a10e000020ea000c000e007008d5c0f987d20000b0f2210080d2620180d2430080d2840080d2020000d4008008d5"}}, @smc={0x1e, 0x0, {0x4011, [0x1, 0x4, 0x400, 0xdf, 0x7]}}, @memwrite={0x6e, 0x0, @vgic_gicd={0x8000000, 0x380, 0xe1a0, 0x2}}, @smc={0x1e, 0x0, {0x84000004, [0x0, 0xa, 0x4a52b576, 0xffffffff80000001, 0x7]}}, @svc={0x122, 0x0, {0x84000006, [0xfffffffffffff001, 0x2, 0x800000000, 0x5, 0xee]}}, @mrs={0xbe, 0x0, {0x4a9}}, @hvc={0x32, 0x0, {0x84000002, [0x2, 0x9, 0x4, 0x1000, 0x2]}}, @svc={0x122, 0x0, {0x80008000, [0x1000, 0x7fffffff, 0x3, 0x8000000000000001]}}, @its_setup={0x82, 0x0, {0x0, 0x3, 0x1f2}}], 0xf}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000240)={0x4, 0x9, 0x1}}) (async)
r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f00000003c0)=[@smc={0x1e, 0x40, {0x0, [0xffff, 0xd7, 0x3, 0x80000001, 0x7fff]}}, @uexit={0x0, 0x18, 0x3}, @smc={0x1e, 0x40, {0x80003fff, [0xe08, 0x100000001, 0x5, 0x2, 0x9]}}, @uexit={0x0, 0x18}, @svc={0x122, 0x40, {0x44000017, [0xbce, 0x9, 0x2, 0xb2a, 0xfffffffffffffc00]}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x0, 0xd, 0x0, 0x10001, 0x2}}, @code={0xa, 0xcc, {"007008d5c0c29fd20040b8f2a10080d2c20180d2a30180d2040080d2020000d420938ed20000b0f2010180d2020080d2830180d2240080d2020000d4005d9ed20040b0f2c10180d2020180d2630180d2240080d2020000d440d48ed200e0b0f2e10180d2420180d2830080d2440180d2020000d4e06380d20020b0f2410180d2820180d2c30180d2840080d2020000d480c293d20040b0f2a10080d2420080d2e30080d2c40080d2020000d40008201e0000659e00b0200e"}}, @svc={0x122, 0x40, {0x84000013, [0x7, 0x1, 0x9, 0x5, 0xfff]}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x3, 0x2, 0x5a1, 0x400, 0x3}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x1cc}}, @msr={0x14, 0x20, {0x603000000013803f, 0x5}}, @svc={0x122, 0x40, {0x2000, [0x6016cdea, 0xff1, 0x3, 0x2, 0x9]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x3, 0xa, 0xffffffff, 0x800, 0x2}}, @irq_setup={0x46, 0x18, {0x3, 0x384}}, @irq_setup={0x46, 0x18, {0x0, 0x188}}, @irq_setup={0x46, 0x18, {0x1, 0x50}}, @mrs={0xbe, 0x18, {0x603000000013dea5}}, @uexit={0x0, 0x18, 0xffffffffffffffff}, @hvc={0x32, 0x40, {0x200, [0xfffffffffffffff3, 0x386ec00000000000, 0x6, 0xfffffffffffffff7, 0x5]}}], 0x3b4}, &(0x7f0000000040)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) (async)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000180)=@riscv64_config={0x8030000000100004, &(0x7f00000000c0)=0x8}) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

45m40.812975349s ago: executing program 1 (id=261):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0x0, 0x2, &(0x7f0000000000)=0xd})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}, @msr={0x14, 0x20, {0x603000000013dce0, 0x8001}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x302, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013df19, 0x9}}], 0x20}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

44m56.09953096s ago: executing program 32 (id=260):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x29) (async)
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, &(0x7f0000000780)=[@eret={0xe6, 0x0, 0x7}, @its_setup={0x82, 0x0, {0x3, 0x4, 0x361}}, @its_setup={0x82, 0x0, {0x3, 0x4, 0x1bb}}, @its_setup={0x82, 0x0, {0x3, 0x4, 0xd2}}, @hvc={0x32, 0x0, {0x84000014, [0x5, 0x0, 0xd, 0xfffffffffffffff8, 0x3]}}, @eret={0xe6, 0x0, 0xfffffffffffffffd}, @code={0xa, 0x0, {"0040ff0d000028d5007008d5007008d5a02a8dd20000b0f2610180d2020080d2830080d2640080d2020000d40004803ca09393d20000b0f2c10180d2e20080d2030080d2840180d2020000d4000000ba0000181e0000429e"}}, @mrs={0xbe, 0x0, {0x603000000013e66c}}, @eret={0xe6, 0x0, 0xffffffff}, @its_setup={0x82, 0x23, {0x4, 0x2, 0x2c2}}, @its_setup={0x82, 0x0, {0x0, 0x3, 0xa6}}, @smc={0x1e, 0x0, {0x80000002, [0x9, 0x5, 0x6, 0xfff, 0x35d5]}}, @code={0xa, 0x0, {"007008d50090200e007008d5000840ba00c8a10e000020ea000c000e007008d5c0f987d20000b0f2210080d2620180d2430080d2840080d2020000d4008008d5"}}, @smc={0x1e, 0x0, {0x4011, [0x1, 0x4, 0x400, 0xdf, 0x7]}}, @memwrite={0x6e, 0x0, @vgic_gicd={0x8000000, 0x380, 0xe1a0, 0x2}}, @smc={0x1e, 0x0, {0x84000004, [0x0, 0xa, 0x4a52b576, 0xffffffff80000001, 0x7]}}, @svc={0x122, 0x0, {0x84000006, [0xfffffffffffff001, 0x2, 0x800000000, 0x5, 0xee]}}, @mrs={0xbe, 0x0, {0x4a9}}, @hvc={0x32, 0x0, {0x84000002, [0x2, 0x9, 0x4, 0x1000, 0x2]}}, @svc={0x122, 0x0, {0x80008000, [0x1000, 0x7fffffff, 0x3, 0x8000000000000001]}}, @its_setup={0x82, 0x0, {0x0, 0x3, 0x1f2}}], 0xf}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000240)={0x4, 0x9, 0x1}}) (async)
r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f00000003c0)=[@smc={0x1e, 0x40, {0x0, [0xffff, 0xd7, 0x3, 0x80000001, 0x7fff]}}, @uexit={0x0, 0x18, 0x3}, @smc={0x1e, 0x40, {0x80003fff, [0xe08, 0x100000001, 0x5, 0x2, 0x9]}}, @uexit={0x0, 0x18}, @svc={0x122, 0x40, {0x44000017, [0xbce, 0x9, 0x2, 0xb2a, 0xfffffffffffffc00]}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x0, 0xd, 0x0, 0x10001, 0x2}}, @code={0xa, 0xcc, {"007008d5c0c29fd20040b8f2a10080d2c20180d2a30180d2040080d2020000d420938ed20000b0f2010180d2020080d2830180d2240080d2020000d4005d9ed20040b0f2c10180d2020180d2630180d2240080d2020000d440d48ed200e0b0f2e10180d2420180d2830080d2440180d2020000d4e06380d20020b0f2410180d2820180d2c30180d2840080d2020000d480c293d20040b0f2a10080d2420080d2e30080d2c40080d2020000d40008201e0000659e00b0200e"}}, @svc={0x122, 0x40, {0x84000013, [0x7, 0x1, 0x9, 0x5, 0xfff]}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x3, 0x2, 0x5a1, 0x400, 0x3}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x1cc}}, @msr={0x14, 0x20, {0x603000000013803f, 0x5}}, @svc={0x122, 0x40, {0x2000, [0x6016cdea, 0xff1, 0x3, 0x2, 0x9]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x3, 0xa, 0xffffffff, 0x800, 0x2}}, @irq_setup={0x46, 0x18, {0x3, 0x384}}, @irq_setup={0x46, 0x18, {0x0, 0x188}}, @irq_setup={0x46, 0x18, {0x1, 0x50}}, @mrs={0xbe, 0x18, {0x603000000013dea5}}, @uexit={0x0, 0x18, 0xffffffffffffffff}, @hvc={0x32, 0x40, {0x200, [0xfffffffffffffff3, 0x386ec00000000000, 0x6, 0xfffffffffffffff7, 0x5]}}], 0x3b4}, &(0x7f0000000040)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) (async)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000180)=@riscv64_config={0x8030000000100004, &(0x7f00000000c0)=0x8}) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

44m51.572089734s ago: executing program 33 (id=261):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0x0, 0x2, &(0x7f0000000000)=0xd})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}, @msr={0x14, 0x20, {0x603000000013dce0, 0x8001}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x302, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013df19, 0x9}}], 0x20}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

33m13.378128167s ago: executing program 3 (id=303):
r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, r2, 0x1, 0x40010, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000340)={0x5})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

33m7.244451876s ago: executing program 2 (id=304):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r3, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000180)=[@uexit={0x0, 0x18, 0xb}, @code={0xa, 0x9c, {"205f93d20020b8f2e10180d2e20080d2e30080d2a40180d2020000d4007008d5007008d5007008d560b584d200a0b0f2410180d2a20180d2e30080d2640180d2020000d40050200e0004601e007008d580d58bd200a0b0f2a10180d2c20180d2230080d2a40180d2020000d4402689d200e0b8f2c10080d2a20080d2030180d2a40180d2020000d4"}}], 0xb4}, 0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
write$eventfd(r7, &(0x7f00000001c0)=0x7ffffff, 0xe80)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, r4, 0x3000000, 0x11, r3, 0x0)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r8, 0x8, 0x13, r3, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, r8, 0x1000001, 0x12, r3, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)

32m58.573906627s ago: executing program 3 (id=305):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x88)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f00000001c0)={0x8, <r4=>0xffffffffffffffff})
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000340)=0x8000000000000000})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x4, 0x1, 0x0})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x101282, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000040)={0x0, 0x0}, 0x0, 0x0)
r7 = syz_kvm_vgic_v3_setup(r5, 0x2, 0xc0)
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x1, 0x4, &(0x7f0000000000)=0xfff})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)

32m51.28274693s ago: executing program 2 (id=306):
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0)
mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x300000e, 0x4102932, r2, 0x0)
r3 = openat$kvm(0x0, &(0x7f00000000c0), 0xe78400, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0x80111500, 0x20000000)
write$eventfd(r6, &(0x7f0000000000), 0xfffffdef)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0x80111500, 0x20000000)
ioctl$KVM_CREATE_VM(r8, 0x541b, 0x2000002004001e)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r4, 0x4068aea3, &(0x7f0000000000)={0xef, 0x0, 0x7})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r11, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, r11, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0)

32m35.879772146s ago: executing program 2 (id=307):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60140, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f0000000100)={0xb6, 0x300, 0x7}) (async)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)

32m29.850103248s ago: executing program 3 (id=308):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
syz_kvm_setup_cpu$arm64(r1, r3, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000100)=[{0x0, &(0x7f00000001c0)=[@hvc={0x32, 0x40, {0x100, [0xede, 0x3, 0x0, 0xf, 0xfffffffffffffff0]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x180, 0x2, 0x8}}, @smc={0x1e, 0x40, {0x200, [0xc, 0x900000000000000, 0x10, 0xe4, 0x4c2]}}], 0xb0}], 0x1, 0x0, &(0x7f00000002c0)=[@featur2={0x1, 0x1}], 0x1)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x3, 0x1000, 0x40000000, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)

32m24.780423689s ago: executing program 2 (id=309):
r0 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000040)={0x5})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
r6 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r5, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0xc4180, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0x40049409, 0x9)
syz_kvm_setup_cpu$arm64(r1, 0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x10002, 0x6, 0x1, 0x2000, &(0x7f0000000000/0x2000)=nil})

32m19.07795893s ago: executing program 3 (id=310):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r5 = syz_kvm_vgic_v3_setup(r2, 0x1, 0x240)
syz_kvm_setup_cpu$arm64(r2, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0, 0x310}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x402, 0x3000000, &(0x7f0000000100)=0x80})
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000100)={0x7, <r7=>0xffffffffffffffff})
ioctl$KVM_CAP_DIRTY_LOG_RING(r6, 0x4068aea3, &(0x7f0000000080)={0xc0, 0x0, 0x1000})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000180)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000140)=0x6})

32m9.701704323s ago: executing program 2 (id=311):
mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, 0x930, 0x4, 0x4f833, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r1, 0x4068aea3, &(0x7f0000000000)={0xef, 0x0, 0x7})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x181b03, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r4=>0xffffffffffffffff, 0x1})
r5 = ioctl$KVM_CREATE_VM(r4, 0x400454d8, 0x110c23000a)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000080)={0x9})
r6 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r8, 0xae03, 0xf)
r9 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x29)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, &(0x7f0000000340)=[@svc={0x122, 0x40, {0x100, [0x9, 0x7030, 0x3, 0x5, 0x3]}}, @code={0xa, 0x6c, {"008008d50044207e0000809a007008d5006c200e007c001b20ec99d20040b8f2810180d2e20180d2230180d2240180d2020000d4a0a19dd20080b0f2810180d2620080d2630080d2640080d2020000d40820601e000008d5"}}], 0xac}, 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1)
r12 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r11, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r11, 0x0)
ioctl$KVM_CAP_HALT_POLL(r10, 0x4068aea3, &(0x7f0000000140)={0xb6, 0x0, 0x9})
eventfd2(0x5, 0x800)
r13 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x603000000010002a, 0x0})
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000040)=@other={0x1, &(0x7f0000000000)=0x7})

32m0.140166127s ago: executing program 3 (id=312):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$arm64(r1, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r1, 0x4068aea3, &(0x7f0000000000)={0xe4, 0x0, 0x7})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x4400, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xc00000)=nil, 0x930, 0xf, 0x32, 0xffffffffffffffff, 0x0) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x25)
ioctl$KVM_CAP_HALT_POLL(r7, 0x4068aea3, &(0x7f0000000240)={0xb6, 0x0, 0x800000000000001})
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x3ff) (async)
r8 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f00000000c0)={0x401, 0x0, 0x1, r8, 0x2})
r9 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x40)
ioctl$KVM_GET_DIRTY_LOG(r9, 0x4010ae42, &(0x7f00000001c0)={0x10200, 0x0, &(0x7f00000c4000/0x4000)=nil}) (async)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x2, r8, 0x3}) (async)
r10 = ioctl$KVM_CREATE_GUEST_MEMFD(r3, 0xc040aed4, &(0x7f0000000100)={0x200001fe0000, 0x7})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2000003, 0x12, r10, 0x200001fe0000)

31m56.093483343s ago: executing program 2 (id=313):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x34)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r5, 0x4068aea3, &(0x7f0000000080)={0xa8, 0x0, 0x3})
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0x86000001, [0x80000000000, 0x1, 0x2, 0x3, 0x4]}}, @hvc={0x32, 0x40, {0x84000050, [0x2, 0x1, 0x2, 0x3, 0x3]}}], 0x80}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0xdddd1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$arm64(r5, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000500)={0x101ff, 0x1, 0x0, 0x1000, &(0x7f000013c000/0x1000)=nil})
ioctl$KVM_GET_STATS_FD_vm(r5, 0xaece)

31m45.420196537s ago: executing program 3 (id=314):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@mrs={0xbe, 0x18, {0x6030000000138010}}], 0x18}, 0x0, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r4, 0x3, 0x11, r3, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x25)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000380)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f00000002c0)=@arm64_fp={0x6040000004100099, &(0x7f0000000240)=0x5})
syz_kvm_assert_syzos_uexit$arm64(r3, r5, 0xffffffffffffffff)

31m9.003707512s ago: executing program 34 (id=313):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x34)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r5, 0x4068aea3, &(0x7f0000000080)={0xa8, 0x0, 0x3})
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0x86000001, [0x80000000000, 0x1, 0x2, 0x3, 0x4]}}, @hvc={0x32, 0x40, {0x84000050, [0x2, 0x1, 0x2, 0x3, 0x3]}}], 0x80}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0xdddd1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$arm64(r5, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000500)={0x101ff, 0x1, 0x0, 0x1000, &(0x7f000013c000/0x1000)=nil})
ioctl$KVM_GET_STATS_FD_vm(r5, 0xaece)

30m55.801381063s ago: executing program 35 (id=314):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@mrs={0xbe, 0x18, {0x6030000000138010}}], 0x18}, 0x0, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r4, 0x3, 0x11, r3, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x25)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000380)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f00000002c0)=@arm64_fp={0x6040000004100099, &(0x7f0000000240)=0x5})
syz_kvm_assert_syzos_uexit$arm64(r3, r5, 0xffffffffffffffff)

19m49.712500192s ago: executing program 5 (id=334):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = eventfd2(0xffff10c0, 0x801)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000100)={0xf09, 0x8080000, 0x4, r3, 0x1})
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r1, 0x4018aee3, &(0x7f0000000040)=@attr_other={0x0, 0x7, 0xc613, &(0x7f0000000000)=0x2})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

19m42.918012528s ago: executing program 4 (id=335):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x35)
ioctl$KVM_PPC_ALLOCATE_HTAB(r0, 0xc004aea7, &(0x7f0000000000)=0xffff)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r0, 0x4010aeb5, &(0x7f0000000040)={0x1, 0x7})
ioctl$KVM_PPC_ALLOCATE_HTAB(r0, 0xc004aea7, &(0x7f0000000080)=0x6)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x10600, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x4)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x22a000, 0x0)
ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000000140)={0x8, 0x3})
r4 = ioctl$KVM_CREATE_GUEST_MEMFD(r0, 0xc040aed4, &(0x7f0000000180)={0xfffffffffffff8d3, 0x6})
close(r4)
ioctl$KVM_CAP_ARM_MTE(r2, 0x4068aea3, &(0x7f00000001c0))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000bfd000/0x400000)=nil)
ioctl$KVM_CAP_DIRTY_LOG_RING(r0, 0x4068aea3, &(0x7f0000000240)={0xc0, 0x0, 0x1000})
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31)
ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f00000002c0)={0x10000, 0x0, &(0x7f0000e5c000/0x3000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000340)=@riscv64_core={0x803000000020000e, &(0x7f0000000300)=0x7})
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000380)={0x9, 0xffffffffffffffff, 0x1928a495ef28ca7})
ioctl$KVM_CLEAR_DIRTY_LOG(r0, 0xc018aec0, &(0x7f00000007c0)={0x7, 0x280, 0x240, &(0x7f00000003c0)=[0x200, 0x7fffffffffffffff, 0xba6, 0x3bf64e9c, 0x4, 0x58b, 0x0, 0x4, 0x1, 0x200, 0x7f, 0x9, 0x7, 0x100, 0x4, 0x2, 0x8, 0x3, 0x200, 0x5, 0x0, 0xcbc5, 0xb5, 0x5, 0x7fffffffffffffff, 0x1, 0x3, 0xfff, 0x0, 0x5c, 0x5e, 0x3, 0x6, 0x4fc5, 0xd7, 0x6, 0x8, 0x6, 0x8, 0x4, 0x2, 0x7ff, 0x5, 0xfffffffffffffffa, 0x1, 0x2, 0x9, 0x9, 0xb87, 0xc0f, 0x735f, 0x700000, 0x5f5a3bfb, 0x9, 0x0, 0xc, 0x7, 0xd26, 0x7fff, 0xd97a, 0x8, 0xff, 0x6, 0xfff, 0x3, 0x8001, 0x7ff, 0x800, 0x10, 0x4, 0x5, 0xff, 0xfffffffffffffff8, 0x4, 0xff800000, 0x4, 0x2, 0x2, 0x55b813a5, 0x9, 0x5, 0x10000, 0x100, 0x8, 0xff, 0x6706, 0x6, 0x0, 0x0, 0x2, 0xfffffffffffffffd, 0x2, 0x4, 0xa2, 0xff, 0x12e, 0x5, 0x582c, 0x6, 0x7fffffff, 0x3, 0x6, 0x9, 0x4, 0x80000000, 0x100000001, 0x9, 0x0, 0x4, 0x94, 0x1, 0x0, 0x1, 0x1, 0x6, 0x101, 0x1, 0x8, 0x2, 0x4, 0x8, 0x8, 0x1, 0xb55e, 0x6, 0x9, 0x4, 0x7]})
munmap(&(0x7f0000e1f000/0x2000)=nil, 0x2000)
ioctl$KVM_SIGNAL_MSI(r5, 0x4020aea5, &(0x7f0000000800)={0x100000, 0x3000, 0x10001, 0x1, 0x10000})
r7 = ioctl$KVM_GET_STATS_FD_cpu(r6, 0xaece)
close(0xffffffffffffffff)
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000000840)={0x2710, 0x0, &(0x7f0000d57000/0x2000)=nil})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000880), 0x88040, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x37)
r9 = syz_kvm_vgic_v3_setup(r5, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f0000000900)=@attr_other={0x0, 0xffff8000, 0x10001, &(0x7f00000008c0)=0x7})
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r7, 0x4068aea3, &(0x7f0000000940)={0xa8, 0x0, 0x2})

19m35.321367234s ago: executing program 5 (id=336):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x4200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x48, 0xdddd1000, 0x0, r2})
close(r2)
close(r1)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x9)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x80000, 0x10000, 0x0, 0x0, 0x2}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x1, 0x100)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_CLEAR_DIRTY_LOG(r3, 0xc018aec0, &(0x7f00000006c0)={0x10001, 0x1c0, 0x2c0, &(0x7f00000002c0)=[0x6, 0x2, 0xfffffffffffffffd, 0xfffffffffffffc01, 0x10001, 0x7fffffffffffffff, 0x9, 0x9, 0x8001, 0x8, 0xffffffffffffffff, 0xfffffffffffffff8, 0x400, 0x31, 0xfffffffffffffffa, 0x7fffffff, 0x5, 0x2, 0xe, 0x101, 0x5, 0x5, 0x401, 0xe0000000, 0xffffffffffff098e, 0x1, 0x9, 0x4cb8108, 0x6, 0x2, 0x4, 0x3, 0x3, 0x80, 0x0, 0x0, 0xcc, 0x1, 0x78, 0x6, 0x5, 0x1, 0x4, 0x2, 0x6, 0x2, 0x7, 0x23, 0x6, 0x3195482d, 0x8000000000000001, 0x1e79e137, 0x3, 0x2, 0x5, 0x40, 0x6000, 0x2, 0xb93, 0x0, 0x5, 0x7fff, 0x0, 0x3, 0x4, 0x1, 0x0, 0x9, 0x70, 0x7fff, 0x1, 0x0, 0xb, 0x1, 0xc, 0x800, 0x0, 0x7, 0x6, 0xffffffff, 0x200, 0xb, 0x5, 0x7, 0x7, 0x7, 0x2, 0x59c, 0x0, 0x10001, 0x1, 0x6, 0xe02f, 0x7f, 0xffffffff, 0x81, 0x2400000, 0x95, 0x8001, 0x25, 0x9, 0x2, 0x4, 0xd3c2, 0xfffffffffffffffd, 0x2, 0xffffffffffff0001, 0x6, 0x8, 0x6, 0x4, 0x0, 0x200, 0xffffffffffff67fc, 0xffffffffffffffff, 0x2, 0x2, 0x0, 0xb4a, 0x0, 0x81ec, 0x1, 0x80008902, 0x3, 0x0, 0x5, 0x3, 0xd]})
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xc)
eventfd2(0x5, 0x0)
ioctl$KVM_CAP_PTP_KVM(r9, 0x4068aea3, &(0x7f0000000240))
ioctl$KVM_RUN(r7, 0xae80, 0x0)
close(r0)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r3, 0x4068aea3, &(0x7f00000000c0))

19m29.18160197s ago: executing program 4 (id=337):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0x801c581f, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000100)=[@featur2={0x1, 0x6}], 0x1)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000040)="68d3d4a6759ba655d47872b6bf881ba5dbca1c84a0779749", 0x0, 0x18)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000500)={0x10004, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000feb000/0x12000)=nil, 0x930, 0xa, 0x100014, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f00000000c0)={0x45, 0xdddd1000, 0x0, r7})
close(r7)
close(r6)

19m18.841559603s ago: executing program 5 (id=338):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x17)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
syz_kvm_setup_cpu$arm64(r0, r1, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000280)=[{0x0, &(0x7f0000000000)=[@smc={0x1e, 0x40, {0x84000008, [0x6, 0xfffffffffffffffe, 0x2, 0x5c2, 0xc]}}, @eret={0xe6, 0x18, 0x4}, @irq_setup={0x46, 0x18, {0x3, 0x95}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x0, 0x7, 0x2}}, @mrs={0xbe, 0x18, {0x6030000000138037}}, @uexit={0x0, 0x18, 0x5}, @code={0xa, 0x6c, {"805c8fd200e0b0f2610180d2020180d2a30080d2440180d2020000d40008207c0028210e007008d5e04589d20060b8f2c10080d2220080d2630080d2440080d2020000d4000008d5000008d5007008d5007008d50078214e"}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x2, 0x2, 0x7ff, 0x9, 0x4}}, @msr={0x14, 0x20, {0x603000000013def1, 0x7fff}}, @code={0xa, 0x6c, {"e0389fd20000b0f2410180d2c20180d2830080d2c40180d2020000d40070000e0000c02c00d4a07e007008d50008403a00c0200ee0b994d200a0b8f2010080d2420180d2c30180d2440080d2020000d4000000330060800d"}}, @code={0xa, 0x84, {"e08589d200a0b0f2810080d2020180d2430080d2840080d2020000d4000cc09a008008d5001c8bd20020b0f2a10080d2020180d2e30180d2040080d2020000d4802896d20020b8f2010080d2c20080d2430080d2240180d2020000d4000008d5008c205e007008d5000028d500a8a17e"}}], 0x274}], 0x1, 0x0, &(0x7f00000002c0)=[@featur1={0x1, 0x20}], 0x1)
ioctl$KVM_ARM_VCPU_FINALIZE(0xffffffffffffffff, 0x4004aec2, &(0x7f0000000300)=0x2)
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000340)=@x86={0x37, 0x4, 0xf6, 0x0, 0x10, 0x28, 0x8, 0x1, 0x5, 0xda, 0x4, 0x7, 0x0, 0x8, 0x1, 0xc, 0x24, 0xe, 0xa, '\x00', 0x8, 0x10001})
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x29)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r2, 0x4018aee3, &(0x7f00000003c0)=@attr_other={0x0, 0x65, 0x4459, &(0x7f0000000380)=0xd})
ioctl$KVM_SET_REGS(r0, 0x4360ae82, &(0x7f0000000400)={[0xfbb, 0x1, 0x4, 0x200, 0xc4db, 0x7, 0x3, 0xc000000000, 0x5, 0x3, 0x0, 0x2d9, 0x100, 0x8, 0x1], 0x8080000, 0x1a0000})
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f00000004c0)={0xb, 0xffffffffffffffff, 0x1})
ioctl$KVM_PRE_FAULT_MEMORY(r1, 0xc040aed5, &(0x7f0000000500)={0xe000})
r3 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000800)={0x0, &(0x7f0000000540)=[@svc={0x122, 0x40, {0x8, [0xa, 0xc, 0xac0, 0x0, 0x7fffffffffffffff]}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0xa4}}, @uexit={0x0, 0x18, 0x1}, @svc={0x122, 0x40, {0x84000008, [0xffffffffffffff01, 0x2, 0x4, 0x8, 0x8001]}}, @svc={0x122, 0x40, {0xc5000021, [0x8000000000000000, 0x5, 0x200, 0x5, 0x2]}}, @uexit={0x0, 0x18, 0x1}, @uexit={0x0, 0x18, 0x71}, @uexit={0x0, 0x18, 0x5b1}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfffc, 0x3, 0xa}}, @irq_setup={0x46, 0x18, {0x1, 0x2e4}}, @smc={0x1e, 0x40, {0x84000011, [0x0, 0x9, 0x87, 0x47ae, 0x4]}}, @msr={0x14, 0x20, {0x603000000013c013, 0x5}}, @uexit={0x0, 0x18, 0x2}, @eret={0xe6, 0x18, 0x5}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x3, 0x7, 0x7ff, 0x6, 0x3}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0xd0}}, @msr={0x14, 0x20, {0x603000000013c112, 0x2}}], 0x290}, &(0x7f0000000840)=[@featur1={0x1, 0x81}], 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000880)=@x86={0x0, 0xf, 0x6f, 0x0, 0x7, 0x3, 0x40, 0x2, 0x48, 0xf, 0xa, 0xff, 0x0, 0x100, 0x10001, 0x81, 0xc4, 0x8, 0x1, '\x00', 0x4, 0x4})
write$eventfd(r4, &(0x7f00000008c0)=0x5, 0x8)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000940)=@arm64_ccsidr={0x800, &(0x7f0000000900)=0x9})
r5 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r0, r5, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000c40)=[{0x0, &(0x7f0000000980)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0xc00, 0x1, 0x8}}, @memwrite={0x6e, 0x30, @generic={0xc000, 0xe4d, 0x7, 0x8}}, @eret={0xe6, 0x18, 0x6}, @msr={0x14, 0x20, {0x603000000013def2, 0x26a}}, @hvc={0x32, 0x40, {0xc4000005, [0xffffffff, 0x7, 0x3, 0x6]}}, @msr={0x14, 0x20, {0x6030000000138005, 0x9}}, @code={0xa, 0x84, {"00b390d200a0b0f2010180d2820080d2430080d2a40180d2020000d4007008d5000008d5000028d500000053006820380004002f001084d20080b8f2610080d2220180d2030080d2e40080d2020000d4c0c883d20040b8f2e10180d2220180d2230180d2840080d2020000d400a09f0d"}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x182}}, @msr={0x14, 0x20, {0x603000000013c521, 0x8}}, @mrs={0xbe, 0x18, {0x603000000013c801}}, @irq_setup={0x46, 0x18, {0x4, 0x38b}}, @uexit={0x0, 0x18, 0x7ff1}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x120}}, @msr={0x14, 0x20, {0x603000000013dea1}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1a00, 0xffffffffffffffff, 0x2}}, @msr={0x14, 0x20, {0x603000000013c2a5, 0x78}}], 0x2a4}], 0x1, 0x0, &(0x7f0000000c80)=[@featur2={0x1, 0xc}], 0x1)
close(r0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x10)
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000cc0)={0x8000000, 0x8000})
ioctl$KVM_GET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee2, &(0x7f0000000d00)=@attr_pmu_init)
r7 = ioctl$KVM_GET_STATS_FD_cpu(r5, 0xaece)
r8 = ioctl$KVM_GET_STATS_FD_vm(r7, 0xaece)
ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000d40)={0x6d, "03492f7dd51e04ad011bad0cbe787a2293cc00d88accee64fdcb9ce3bf6e592543096e67dfd2a97ba8aea12375f2e107e5c2f7d391d5dd246bc944c96455c2c7eb8895cff66113cdef493acc9ff3646f4d32eb6240184b819ae1dd4e6207257630e87e167ec9a707c8c316c411"})
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4040aea0, &(0x7f0000000dc0)=@arm64={0xca, 0xf7, 0x56, '\x00', 0x7})
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r4, 0x4018aee3, &(0x7f0000000e40)=@attr_other={0x0, 0x10001, 0x10, &(0x7f0000000e00)=0x800})
syz_kvm_setup_cpu$arm64(r2, r8, &(0x7f0000b93000/0x400000)=nil, &(0x7f0000000f80)=[{0x0, &(0x7f0000000e80)=[@code={0xa, 0x84, {"000028d5000028d540e387d200c0b0f2e10080d2220180d2e30180d2640180d2020000d4007008d5e03391d20000b0f2010080d2420080d2830180d2840180d2020000d480309cd20000b8f2010180d2020180d2a30180d2040080d2020000d4000008d500c0631e000008d5008008d5"}}, @msr={0x14, 0x20, {0x603000000013dea8, 0x7}}, @hvc={0x32, 0x40, {0x10, [0xfffffffffffffffd, 0x8, 0x400, 0x6, 0xf]}}, @mrs={0xbe, 0x18, {0x603000000013c522}}], 0xfc}], 0x1, 0x0, &(0x7f0000000fc0)=[@featur2={0x1, 0xa8}], 0x1)
ioctl$KVM_IRQ_LINE(r7, 0x4008ae61, &(0x7f0000001000)={0x8000, 0x3ff8})
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000001040)={0xe4, 0x0, 0x9})

19m1.671480815s ago: executing program 4 (id=339):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x5)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000ae9000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x2, 0x100)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x26000, 0x5000})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x5) (async)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000ae9000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r1, 0x2, 0x100) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x26000, 0x5000}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)

19m1.670972855s ago: executing program 5 (id=340):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bc2000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_INTERRUPT(r3, 0x4004ae86, &(0x7f0000000080)=0x101)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000040)="68d3d4a6759ba655d47872b6bf881ba5dbca1c84a0779749", 0x0, 0x18)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

18m46.090951849s ago: executing program 5 (id=341):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x4, 0x220)
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, &(0x7f0000000040)=[@msr={0x14, 0x20, {0x603000000013c65f, 0x8001}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r9 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f0000000080)=@attr_other={0x0, 0x9, 0x5660b638, &(0x7f0000000000)=0x4})

18m45.631717757s ago: executing program 4 (id=342):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x3000000, 0x4f831, 0xffffffffffffffff, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xc, 0x0, 0x4}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x180)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0x801c581f, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1d)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bc2000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000040)="68d3d4a6759ba655d47872b6bf881ba5dbca1c84a0779749", 0x0, 0x18)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)

18m25.122147493s ago: executing program 4 (id=343):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x2, 0x80801)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, 0x0, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000280)={0x14, 0xff}})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x3000, 0x8080000, 0x8, 0x4, 0xc, 0xe6, 0x40, 0x9, 0x0, 0x81, 0x80}, {0x5000, 0x3000, 0x3, 0x0, 0x42, 0x5, 0x7d, 0x6, 0x36, 0x0, 0x2, 0x87}, {0x0, 0xdddd0000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x5}, {0x1, 0xeeee0000, 0x7, 0x6, 0x5, 0x42, 0x8b, 0xff, 0x8, 0x3, 0xe}, {0xeeee0000, 0xd000, 0xf, 0x9, 0x16, 0x88, 0xab, 0x8, 0x9, 0x9, 0xf7, 0x97}, {0xdddd1000, 0xdddd0000, 0xe, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0x2f, 0x1, 0x7}, {0x3000, 0x3000, 0x4, 0x5, 0x7, 0x5, 0x7, 0x3, 0x8, 0x81, 0x40, 0x70}, {0xd000, 0xc000, 0xa, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x2, 0xc, 0xb0, 0x81}, {0x7000, 0x30}, {0x8000000, 0x7}, 0x80000031, 0x0, 0x3000, 0x2024, 0x2, 0x0, 0xfec00000, [0x6800000000000000, 0x4, 0x3, 0x8]})
r8 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, 0x0)
write$eventfd(r5, &(0x7f00000001c0)=0x9, 0x5d)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2, 0x5, 0x3})
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, r9, 0x2000000, 0x6832, 0xffffffffffffffff, 0x0)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, 0x0)

18m19.663647827s ago: executing program 5 (id=344):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c) (async)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, &(0x7f0000000180)=[@mrs={0xbe, 0x18, {0x3fe7}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0) (async)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013c029, &(0x7f00000000c0)=0x8}) (async)
r7 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r8 = eventfd2(0xeffffffd, 0x801)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r8, 0x3}) (async)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000140)={0x3, 0x0, 0x2, r8, 0xb})

18m6.489755953s ago: executing program 4 (id=345):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x40000000, 0x80000)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x2, r2, 0x3})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000080)={0x5, 0x0, 0x2, r2, 0xa})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000000)={0xfec00000, 0x100000, 0xf, 0x0, 0x4})
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000100)={0x7, <r5=>0xffffffffffffffff})
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r4, 0x4010ae74, &(0x7f00000000c0)={0xff75, 0x9, 0x2})
mmap$KVM_VCPU(&(0x7f0000c17000/0x3000)=nil, 0x930, 0x0, 0x10, 0xffffffffffffffff, 0x20)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000280)=0x400000080a0000})

17m32.320313964s ago: executing program 36 (id=344):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c) (async)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, &(0x7f0000000180)=[@mrs={0xbe, 0x18, {0x3fe7}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0) (async)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013c029, &(0x7f00000000c0)=0x8}) (async)
r7 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r8 = eventfd2(0xeffffffd, 0x801)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r8, 0x3}) (async)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000140)={0x3, 0x0, 0x2, r8, 0xb})

17m17.240297606s ago: executing program 37 (id=345):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x40000000, 0x80000)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x2, r2, 0x3})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000080)={0x5, 0x0, 0x2, r2, 0xa})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000000)={0xfec00000, 0x100000, 0xf, 0x0, 0x4})
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000100)={0x7, <r5=>0xffffffffffffffff})
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r4, 0x4010ae74, &(0x7f00000000c0)={0xff75, 0x9, 0x2})
mmap$KVM_VCPU(&(0x7f0000c17000/0x3000)=nil, 0x930, 0x0, 0x10, 0xffffffffffffffff, 0x20)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000280)=0x400000080a0000})

3m2.740169167s ago: executing program 7 (id=375):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r1, 0x4018aee3, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000edf000/0x3000)=nil, r3, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000000), 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r5, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x0, 0x23ac5f9b426e84b2, 0xffffffffffffffff, 0x0)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, r8, 0x1, 0x2012, r7, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000180)={0x4})
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000000)={0x4})
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x5, 0xb, 0x0, 0x2, 0x6, 0x6, 0x9, 0x8, 0x89, 0x2, 0x2, 0x0, 0x6, 0x6, 0xe2, 0x3, 0x29, 0x0, '\x00', 0x10, 0x6})
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000140)={0x4, <r13=>0xffffffffffffffff, 0x1})
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r15, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9, 0x0, 0x1}})
write$eventfd(r13, &(0x7f00000001c0), 0xe80)

2m56.103567431s ago: executing program 6 (id=376):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r2=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000000900)=@attr_other={0x0, 0x0, 0x8000, 0x0})
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000100)={0x0, &(0x7f0000000240)=[@hvc={0x32, 0x40, {0x84000050, [0x9, 0xb4, 0x100, 0x6, 0x88]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

2m31.162863355s ago: executing program 7 (id=377):
r0 = mmap$KVM_VCPU(&(0x7f0000dc3000/0x2000)=nil, 0x930, 0x0, 0x28131, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x185940, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000280), 0xe782, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r4, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4d09ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f03000000835673312b54ebb2aa76c869d22627e700", 0x0, 0x48)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000d57000/0x2000)=nil, r5, 0xe, 0x4000010, r4, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000040)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f000069b000/0x1000)=nil, 0x0, 0x1000002, 0x28031, r4, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x23)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000100)={0xffffffffffffffff, 0x9})
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f00000004c0)="9dd3e5c269041aeb30c5e0959299de5d15268e6bc767ba2d77237dab2d8469806537b90082090e8a4fba5c29613187511e6a1c6a5e48e6dd5d4f894412817f99e7d49c36ccc1705b", 0x0, 0x48)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x21)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000000)={0x3, 0x1, 0xffff1000, 0x1000, &(0x7f00006ea000/0x1000)=nil})
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r9})
ioctl$KVM_CAP_ARM_USER_IRQ(r8, 0x4068aea3, &(0x7f0000000440))
ioctl$KVM_CAP_DIRTY_LOG_RING(r8, 0x4068aea3, &(0x7f0000000180)={0xc0, 0x0, 0x1000})
syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)

2m31.162407955s ago: executing program 6 (id=378):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
r4 = eventfd2(0x0, 0x0)
close(r4)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x3000002, 0x13, r4, 0x0)
write$eventfd(r4, &(0x7f0000000180)=0x5, 0xfffffde3)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x20a001, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@hvc={0x32, 0x40, {0x80000001, [0xfffffffffffffde5, 0x3ff, 0x1, 0x4, 0x9]}}], 0x40}, 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000240)={0x0, &(0x7f00000000c0)=[@mrs={0xbe, 0x18, {0x603000000013c00a}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

2m11.178077452s ago: executing program 7 (id=379):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xfffffffffffffffd)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000000)={0x7ffc, 0x5000, 0x2, 0xffffffffffffffff, 0x7ffffff9})
close(r5)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x181b03, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x100a83, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r8, 0x4008ae6a, &(0x7f00000002c0)={0x2, 0x0, [{0x3, 0x2, 0x0, 0x0, @adapter={0x0, 0x1000000, 0xb, 0x5, 0x3}}, {0x3, 0x4, 0x0, 0x0, @msi={0xb, 0x5, 0x4, 0xcfb}}]})
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r9=>0xffffffffffffffff, 0x15d47944ad69c9e0})
ioctl$KVM_CREATE_VM(r9, 0x400454de, 0x31)
r10 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x18, {"7f2003d5"}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, &(0x7f0000000240)={0x0, 0x5ded})

2m6.847798279s ago: executing program 6 (id=380):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x7, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0})
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@smc={0x1e, 0x40, {0x84000051, [0x80000000000, 0x106, 0xf1, 0x6f6, 0x1]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f0000000180)={0x5, 0x3})
r7 = eventfd2(0x8801, 0x800)
eventfd2(0x400, 0x1) (async)
r8 = eventfd2(0x400, 0x1)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r8, 0x5, 0x2, r8})
ioctl$KVM_IRQ_LINE(r4, 0x4008ae61, &(0x7f00000001c0)={0xfffffffa, 0x1}) (async)
ioctl$KVM_IRQ_LINE(r4, 0x4008ae61, &(0x7f00000001c0)={0xfffffffa, 0x1})
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000140)={r7, 0x5, 0x2, r7})
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000000)) (async)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000000))

1m47.257886816s ago: executing program 7 (id=381):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x202001, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000004000/0x4000)=nil, 0x930, 0x1800002, 0x11, r4, 0x0) (async)
r5 = mmap$KVM_VCPU(&(0x7f0000004000/0x4000)=nil, 0x930, 0x1800002, 0x11, r4, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x181b03, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, <r8=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r8, 0x400454d8, 0x10000000000000) (async)
ioctl$KVM_CREATE_VM(r8, 0x400454d8, 0x10000000000000)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000280)="d6011813013c360000000000f4ff8000802346cbd98762c7795582ba3948ecff090001000000000000000000040000000100", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0)

1m44.995947896s ago: executing program 6 (id=382):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000540)=@attr_other={0x0, 0x8, 0x80, &(0x7f0000000500)=0x5})
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x401c5820, &(0x7f0000000100)=@attr_other={0x0, 0x5, 0xfffffffffffffff7, 0x0})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) (async)
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000540)=@attr_other={0x0, 0x8, 0x80, &(0x7f0000000500)=0x5}) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x401c5820, &(0x7f0000000100)=@attr_other={0x0, 0x5, 0xfffffffffffffff7, 0x0}) (async)

1m20.979264822s ago: executing program 7 (id=383):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x5cbac0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000640), 0x8bc9c858e2e2abd0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x80000003c)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000100)={0x7, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0})
r10 = eventfd2(0x8801, 0x800)
r11 = eventfd2(0x3ff, 0x0)
ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f0000000080)={r10, 0x5, 0x2, r11})
close(r10)
r12 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CAP_HALT_POLL(r12, 0x4068aea3, &(0x7f0000000000)={0xdf, 0x0, 0x10000})
ioctl$KVM_CAP_HALT_POLL(r12, 0x4068aea3, &(0x7f00000000c0)={0xe1, 0x0, 0x3})
ioctl$KVM_CLEAR_DIRTY_LOG(r12, 0xc018aec0, &(0x7f0000000180)={0x3, 0x100, 0x240, &(0x7f0000000200)=[0x4, 0x9, 0xc, 0xfffffffffffffffd, 0x7, 0x8, 0x1, 0x5, 0xfffffffffffeffff, 0x105, 0xffff, 0xff, 0xffb, 0x1, 0x0, 0x7fffffffffffffff, 0x3, 0x10, 0x1, 0x80000001, 0x2, 0xf, 0x5, 0x8000000000000001, 0x2, 0x5, 0x40, 0xffffffffffffffff, 0x9, 0x6, 0x1, 0x3, 0x8, 0xdff, 0x10000, 0x1ff, 0x4, 0x5, 0xf78, 0x4, 0xbc4, 0x101, 0x8000000000000001, 0x8, 0xb, 0xbf32, 0xc5d, 0x8000000000000001, 0x6, 0x2000000009, 0x0, 0xadf, 0x7fffffff, 0x30b6, 0x9, 0x3d7f, 0x7, 0x9, 0xf63, 0x1849, 0xb, 0x3ff, 0x4, 0x6, 0x8001, 0x4, 0x40, 0x55e9, 0x7, 0xc9, 0x956f, 0x800000000000000, 0x8, 0x5, 0x6, 0x5, 0xfffffffffffffff9, 0x0, 0x6, 0xb, 0x2a, 0x80000003, 0x7fffffff, 0x2, 0x7fff, 0x4, 0x7, 0xffffffffffffffff, 0x1000, 0x8, 0xfffffffffffffff9, 0x7fff, 0x4, 0x9, 0x6d, 0x6, 0x2, 0x3, 0x3, 0x6, 0x9, 0x7fff, 0x0, 0xfb, 0x84, 0x2, 0x1800000, 0x80000001, 0x5, 0xa, 0x1, 0x6, 0x81a, 0x25, 0x9, 0x0, 0x7, 0x481, 0x6, 0x8001, 0x4207, 0x9, 0xa2, 0x7, 0x5, 0x2a, 0xfffffffffffff000, 0x7]})
r13 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r16 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r13, 0x4040ae79, &(0x7f0000000340)={0x1a64afb6, 0x8000000, 0x8, r16})
ioctl$KVM_RUN(r15, 0xae80, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(0xffffffffffffffff, 0xc040aed5, &(0x7f00000001c0)={0xfec00000})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000340)=@attr_other={0x0, 0x2, 0x287, 0x0})
ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000040)=@arm64_fp_extra={0x60200000001000d5, &(0x7f0000000000)=0x7a})
ioctl$KVM_GET_API_VERSION(r5, 0xae00, 0x0)

1m19.666564038s ago: executing program 6 (id=384):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0x80111500, 0x20000000)
write$eventfd(r2, &(0x7f0000000000), 0xfffffdef)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}, @msr={0x14, 0x20, {0x603000000013e510, 0xfffffffffffffbff}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0x80111500, 0x20000000)
ioctl$KVM_CREATE_VM(r6, 0x5760, 0x2000001c) (async)
ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000240)=@riscv64_csr={0x8030000000300004, &(0x7f0000000100)=0x1}) (async)
r7 = openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async)
r8 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_GUEST_MEMFD(r10, 0xc040aed4, &(0x7f0000000040)={0x1000220001fe0000, 0x1})
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION2(r13, 0x40a0ae49, &(0x7f00000000c0)={0x5, 0x5, 0x2000, 0x1000, &(0x7f0000ffd000/0x1000)=nil, 0x3})
ioctl$KVM_SET_USER_MEMORY_REGION2(r10, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x6000, 0x2000, &(0x7f0000ffc000/0x2000)=nil, 0x100000000000000, r11}) (async)
close(r10)
r14 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x1)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r15, 0x0)

56.53331299s ago: executing program 6 (id=385):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0) (async)
r4 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) (async)
r7 = eventfd2(0x4, 0x0)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000000)={0x7, 0x40000, 0x1, r7, 0x3})
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x9)
r11 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r12, 0xb, 0x11, r10, 0x0) (async)
r13 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000002c0)=[@its_setup={0x82, 0x28, {0x4, 0x2, 0x2c0}}, @irq_setup={0x46, 0x18, {0x0, 0x61}}, @mrs={0xbe, 0x18, {0x603000000013801c}}, @eret={0xe6, 0x18, 0x80000000}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x1, 0x8, 0x85, 0x7, 0x4}}, @code={0xa, 0x9c, {"0070004f000008d500409f0c0010805f009b98d200a0b8f2410080d2020180d2c30180d2a40080d2020000d4000008d560a197d20060b0f2610080d2e20180d2c30080d2840080d2020000d4405790d20080b8f2810180d2e20180d2e30180d2240080d2020000d4603080d20000b8f2c10080d2a20080d2230180d2a40080d2020000d4008008d5"}}, @smc={0x1e, 0x40, {0x84000053, [0x3, 0x100, 0x9, 0x5, 0x7]}}, @eret={0xe6, 0x18, 0x5a6}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x0, 0xb01, 0xf}}, @svc={0x122, 0x40, {0x3f000000, [0x3, 0x1, 0x500c26f5, 0x626, 0x4]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x180, 0x155cc69dc0, 0x9}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x2, 0x9, 0x8, 0xffffff00, 0x2}}], 0x254}, &(0x7f00000001c0)=[@featur2={0x1, 0x20}], 0x1) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r6, 0x3, 0x40b2811, r5, 0x0) (async)
r14 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r14, 0xae80, 0x0)

55.707473634s ago: executing program 7 (id=386):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x401]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x9)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r8, 0x2000003, 0x11, r7, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x34)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)

8.169514031s ago: executing program 38 (id=385):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0) (async)
r4 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) (async)
r7 = eventfd2(0x4, 0x0)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000000)={0x7, 0x40000, 0x1, r7, 0x3})
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x9)
r11 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r12, 0xb, 0x11, r10, 0x0) (async)
r13 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000002c0)=[@its_setup={0x82, 0x28, {0x4, 0x2, 0x2c0}}, @irq_setup={0x46, 0x18, {0x0, 0x61}}, @mrs={0xbe, 0x18, {0x603000000013801c}}, @eret={0xe6, 0x18, 0x80000000}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x1, 0x8, 0x85, 0x7, 0x4}}, @code={0xa, 0x9c, {"0070004f000008d500409f0c0010805f009b98d200a0b8f2410080d2020180d2c30180d2a40080d2020000d4000008d560a197d20060b0f2610080d2e20180d2c30080d2840080d2020000d4405790d20080b8f2810180d2e20180d2e30180d2240080d2020000d4603080d20000b8f2c10080d2a20080d2230180d2a40080d2020000d4008008d5"}}, @smc={0x1e, 0x40, {0x84000053, [0x3, 0x100, 0x9, 0x5, 0x7]}}, @eret={0xe6, 0x18, 0x5a6}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x0, 0xb01, 0xf}}, @svc={0x122, 0x40, {0x3f000000, [0x3, 0x1, 0x500c26f5, 0x626, 0x4]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x180, 0x155cc69dc0, 0x9}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x2, 0x9, 0x8, 0xffffff00, 0x2}}], 0x254}, &(0x7f00000001c0)=[@featur2={0x1, 0x20}], 0x1) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r6, 0x3, 0x40b2811, r5, 0x0) (async)
r14 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r14, 0xae80, 0x0)

0s ago: executing program 39 (id=386):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x401]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x9)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r8, 0x2000003, 0x11, r7, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x34)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)

kernel console output (not intermixed with test programs):

[  397.028422][   T25] audit: type=1400 audit(396.250:60): avc:  denied  { read } for  pid=3171 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  415.425731][ T3171] 8021q: adding VLAN 0 to HW filter on device bond0
[  468.035644][ T3171] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:41681' (ED25519) to the list of known hosts.
[  635.261062][   T25] audit: type=1400 audit(634.480:61): avc:  denied  { name_bind } for  pid=3331 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  636.179513][   T25] audit: type=1400 audit(635.400:62): avc:  denied  { execute } for  pid=3332 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  636.208608][   T25] audit: type=1400 audit(635.420:63): avc:  denied  { execute_no_trans } for  pid=3332 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  667.791049][   T25] audit: type=1400 audit(667.010:64): avc:  denied  { mounton } for  pid=3332 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  667.844284][   T25] audit: type=1400 audit(667.050:65): avc:  denied  { mount } for  pid=3332 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  667.927755][ T3332] cgroup: Unknown subsys name 'net'
[  668.007756][   T25] audit: type=1400 audit(667.230:66): avc:  denied  { unmount } for  pid=3332 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  668.483961][ T3332] cgroup: Unknown subsys name 'cpuset'
[  668.636498][ T3332] cgroup: Unknown subsys name 'rlimit'
[  669.620578][   T25] audit: type=1400 audit(668.840:67): avc:  denied  { setattr } for  pid=3332 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  669.641028][   T25] audit: type=1400 audit(668.860:68): avc:  denied  { mounton } for  pid=3332 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  669.668496][   T25] audit: type=1400 audit(668.890:69): avc:  denied  { mount } for  pid=3332 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  670.736526][ T3336] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  670.757830][   T25] audit: type=1400 audit(669.970:70): avc:  denied  { relabelto } for  pid=3336 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  670.785279][   T25] audit: type=1400 audit(670.000:71): avc:  denied  { write } for  pid=3336 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  670.977707][   T25] audit: type=1400 audit(670.200:72): avc:  denied  { read } for  pid=3332 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  670.996528][   T25] audit: type=1400 audit(670.210:73): avc:  denied  { open } for  pid=3332 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  671.045606][ T3332] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  729.259021][   T25] audit: type=1400 audit(728.480:74): avc:  denied  { execmem } for  pid=3337 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  733.180473][   T25] audit: type=1400 audit(732.400:75): avc:  denied  { read } for  pid=3339 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  733.209347][   T25] audit: type=1400 audit(732.430:76): avc:  denied  { open } for  pid=3340 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  733.221588][   T25] audit: type=1400 audit(732.440:77): avc:  denied  { open } for  pid=3339 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  733.306008][   T25] audit: type=1400 audit(732.510:78): avc:  denied  { mounton } for  pid=3340 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  733.556607][   T25] audit: type=1400 audit(732.780:80): avc:  denied  { module_request } for  pid=3339 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  733.570056][   T25] audit: type=1400 audit(732.770:79): avc:  denied  { module_request } for  pid=3340 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  734.624939][   T25] audit: type=1400 audit(733.840:81): avc:  denied  { sys_module } for  pid=3339 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  758.016519][ T3340] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  758.409497][ T3340] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  758.858998][ T3339] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  759.181815][ T3339] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  775.906192][ T3340] hsr_slave_0: entered promiscuous mode
[  775.970413][ T3340] hsr_slave_1: entered promiscuous mode
[  777.537636][ T3339] hsr_slave_0: entered promiscuous mode
[  777.600232][ T3339] hsr_slave_1: entered promiscuous mode
[  777.636789][ T3339] debugfs: 'hsr0' already exists in 'hsr'
[  777.643582][ T3339] Cannot create hsr debugfs directory
[  783.415097][   T25] audit: type=1400 audit(782.630:82): avc:  denied  { create } for  pid=3340 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  783.453849][   T25] audit: type=1400 audit(782.650:83): avc:  denied  { write } for  pid=3340 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  783.559616][   T25] audit: type=1400 audit(782.780:84): avc:  denied  { read } for  pid=3340 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  783.719030][ T3340] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  784.207926][ T3340] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  784.470043][ T3340] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  784.768016][ T3340] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  786.515794][ T3339] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  786.740921][ T3339] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  787.016766][ T3339] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  787.191164][ T3339] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  799.781191][ T3340] 8021q: adding VLAN 0 to HW filter on device bond0
[  802.560155][ T3339] 8021q: adding VLAN 0 to HW filter on device bond0
[  858.961841][ T3340] veth0_vlan: entered promiscuous mode
[  859.525396][ T3340] veth1_vlan: entered promiscuous mode
[  861.975495][ T3340] veth0_macvtap: entered promiscuous mode
[  862.086575][ T3339] veth0_vlan: entered promiscuous mode
[  862.456788][ T3340] veth1_macvtap: entered promiscuous mode
[  863.087055][ T3339] veth1_vlan: entered promiscuous mode
[  865.245030][ T3260] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  865.251303][ T3260] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  865.391529][ T3260] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  865.398574][ T3260] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  865.985351][ T3339] veth0_macvtap: entered promiscuous mode
[  866.627099][ T3339] veth1_macvtap: entered promiscuous mode
[  868.333106][   T25] audit: type=1400 audit(867.540:85): avc:  denied  { mount } for  pid=3340 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  868.588896][   T25] audit: type=1400 audit(867.810:86): avc:  denied  { mounton } for  pid=3340 comm="syz-executor" path="/syzkaller.yv12t4/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  868.799377][   T25] audit: type=1400 audit(868.020:87): avc:  denied  { mount } for  pid=3340 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  869.188178][   T25] audit: type=1400 audit(868.400:88): avc:  denied  { mounton } for  pid=3340 comm="syz-executor" path="/syzkaller.yv12t4/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  869.377763][   T25] audit: type=1400 audit(868.570:89): avc:  denied  { mounton } for  pid=3340 comm="syz-executor" path="/syzkaller.yv12t4/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3764 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  869.484287][ T3453] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  869.535921][ T3453] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  869.565266][ T3453] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  869.621376][ T2139] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  870.239219][   T25] audit: type=1400 audit(869.420:90): avc:  denied  { unmount } for  pid=3340 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  870.469473][   T25] audit: type=1400 audit(869.690:91): avc:  denied  { mounton } for  pid=3340 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  870.604764][   T25] audit: type=1400 audit(869.820:92): avc:  denied  { mount } for  pid=3340 comm="syz-executor" name="/" dev="gadgetfs" ino=3775 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  870.979025][   T25] audit: type=1400 audit(870.200:93): avc:  denied  { mount } for  pid=3340 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  871.066025][   T25] audit: type=1400 audit(870.270:94): avc:  denied  { mounton } for  pid=3340 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  872.548394][ T3340] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  873.924227][   T25] kauditd_printk_skb: 1 callbacks suppressed
[  873.943182][   T25] audit: type=1400 audit(873.090:96): avc:  denied  { read write } for  pid=3340 comm="syz-executor" name="loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  873.977171][   T25] audit: type=1400 audit(873.190:97): avc:  denied  { open } for  pid=3340 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  874.037087][   T25] audit: type=1400 audit(873.260:98): avc:  denied  { ioctl } for  pid=3340 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  891.525349][   T25] audit: type=1400 audit(890.740:99): avc:  denied  { read } for  pid=3500 comm="syz.1.3" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  891.580963][   T25] audit: type=1400 audit(890.800:100): avc:  denied  { open } for  pid=3500 comm="syz.1.3" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  891.770105][   T25] audit: type=1400 audit(890.940:101): avc:  denied  { ioctl } for  pid=3500 comm="syz.1.3" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  893.228356][   T25] audit: type=1400 audit(892.400:102): avc:  denied  { write } for  pid=3500 comm="syz.1.3" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  919.974413][   T25] audit: type=1400 audit(919.180:103): avc:  denied  { append } for  pid=3519 comm="syz.1.8" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  920.784691][   T25] audit: type=1400 audit(919.860:104): avc:  denied  { execute } for  pid=3519 comm="syz.1.8" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4063 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[ 1142.193476][   T25] audit: type=1400 audit(1141.340:105): avc:  denied  { ioctl } for  pid=3665 comm="syz.0.50" path="net:[4026531833]" dev="nsfs" ino=4026531833 ioctlcmd=0x5828 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1172.139133][   T25] audit: type=1400 audit(1171.340:106): avc:  denied  { setattr } for  pid=3691 comm="syz.0.57" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1190.407904][   T25] audit: type=1400 audit(1189.620:107): avc:  denied  { map } for  pid=3705 comm="syz.1.61" path="/" dev="tmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 1270.563243][   T25] audit: type=1400 audit(1269.770:108): avc:  denied  { create } for  pid=3754 comm="syz.1.75" anonclass=[kvm-gmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1270.876386][ T3755] KVM: debugfs: duplicate directory 3755-11
[ 1419.117276][   T25] audit: type=1400 audit(1418.330:109): avc:  denied  { map } for  pid=3850 comm="syz.1.103" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1419.186612][   T25] audit: type=1400 audit(1418.390:110): avc:  denied  { execute } for  pid=3850 comm="syz.1.103" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1753.823779][   T25] audit: type=1400 audit(1753.040:111): avc:  denied  { map } for  pid=4019 comm="syz.0.154" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=11730 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1753.923232][   T25] audit: type=1400 audit(1753.130:112): avc:  denied  { read } for  pid=4019 comm="syz.0.154" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=11730 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1840.528403][ T4064] kvm [4064]: Failed to find VMA for hva 0x20c01000
[ 2140.138056][ T4236] KVM: debugfs: duplicate directory 4236-14
[ 2489.285448][ T4379] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2489.541067][ T4379] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2492.507361][ T4382] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2492.830497][ T4382] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2515.151140][ T4379] hsr_slave_0: entered promiscuous mode
[ 2515.277357][ T4379] hsr_slave_1: entered promiscuous mode
[ 2515.384571][ T4379] debugfs: 'hsr0' already exists in 'hsr'
[ 2515.393051][ T4379] Cannot create hsr debugfs directory
[ 2519.798800][ T4382] hsr_slave_0: entered promiscuous mode
[ 2519.926980][ T4382] hsr_slave_1: entered promiscuous mode
[ 2519.989591][ T4382] debugfs: 'hsr0' already exists in 'hsr'
[ 2520.006635][ T4382] Cannot create hsr debugfs directory
[ 2538.191830][ T4379] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 2538.890299][ T4379] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 2539.280911][ T4379] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 2540.065744][ T4379] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 2547.349939][ T4382] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 2547.811043][ T4382] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 2548.376302][ T4382] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 2548.819661][ T4382] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 2562.245823][ T3391] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2563.586915][ T3391] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2564.871528][ T3391] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2566.126192][ T3391] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2584.185749][ T3391] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2584.437788][ T3391] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2584.577320][ T3391] bond0 (unregistering): Released all slaves
[ 2586.926551][ T3391] hsr_slave_0: left promiscuous mode
[ 2587.206609][ T3391] hsr_slave_1: left promiscuous mode
[ 2588.001464][ T3391] veth1_macvtap: left promiscuous mode
[ 2588.017983][ T3391] veth0_macvtap: left promiscuous mode
[ 2588.051214][ T3391] veth1_vlan: left promiscuous mode
[ 2588.075543][ T3391] veth0_vlan: left promiscuous mode
[ 2613.155597][ T3391] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2614.358473][ T3391] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2615.366394][ T3391] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2616.086382][ T4379] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2616.667683][ T3391] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2620.995776][ T4382] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2636.776090][ T3391] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2637.387417][ T3391] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2637.676314][ T3391] bond0 (unregistering): Released all slaves
[ 2639.736937][ T3391] hsr_slave_0: left promiscuous mode
[ 2639.820133][ T3391] hsr_slave_1: left promiscuous mode
[ 2640.600133][ T3391] veth1_macvtap: left promiscuous mode
[ 2640.665643][ T3391] veth0_macvtap: left promiscuous mode
[ 2640.668805][ T3391] veth1_vlan: left promiscuous mode
[ 2640.695006][ T3391] veth0_vlan: left promiscuous mode
[ 2743.752901][ T4379] veth0_vlan: entered promiscuous mode
[ 2744.486377][ T4382] veth0_vlan: entered promiscuous mode
[ 2745.446918][ T4379] veth1_vlan: entered promiscuous mode
[ 2746.045798][ T4382] veth1_vlan: entered promiscuous mode
[ 2749.560558][ T4379] veth0_macvtap: entered promiscuous mode
[ 2750.365517][ T4379] veth1_macvtap: entered promiscuous mode
[ 2750.596174][ T4382] veth0_macvtap: entered promiscuous mode
[ 2751.516167][ T4382] veth1_macvtap: entered promiscuous mode
[ 2755.563164][ T4408] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2755.855145][ T4408] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2755.856693][ T4408] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2755.910555][ T4497] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2757.109691][ T4459] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2757.383959][ T4459] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2757.408787][ T4458] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2757.545558][ T4458] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3345.211635][ T4870] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3345.620331][ T4870] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3353.815409][ T4876] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3354.170147][ T4876] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3381.924053][ T4870] hsr_slave_0: entered promiscuous mode
[ 3382.051585][ T4870] hsr_slave_1: entered promiscuous mode
[ 3392.170267][ T4876] hsr_slave_0: entered promiscuous mode
[ 3392.237521][ T4876] hsr_slave_1: entered promiscuous mode
[ 3392.303989][ T4876] debugfs: 'hsr0' already exists in 'hsr'
[ 3392.307122][ T4876] Cannot create hsr debugfs directory
[ 3408.436026][ T4870] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 3409.170899][ T4870] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 3409.591566][ T4870] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 3410.517086][ T4870] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 3417.526043][ T4876] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 3418.167853][ T4876] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 3418.711518][ T4876] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 3419.485570][ T4876] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 3452.208282][ T4870] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3460.689190][ T4876] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3572.363152][ T2139] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3574.117846][ T2139] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3575.856646][ T2139] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3577.918490][ T2139] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3600.194922][ T2139] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3600.555584][ T2139] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3600.748871][ T2139] bond0 (unregistering): Released all slaves
[ 3603.740749][ T2139] hsr_slave_0: left promiscuous mode
[ 3604.005235][ T2139] hsr_slave_1: left promiscuous mode
[ 3605.185281][ T2139] veth1_macvtap: left promiscuous mode
[ 3605.203694][ T2139] veth0_macvtap: left promiscuous mode
[ 3605.216601][ T2139] veth1_vlan: left promiscuous mode
[ 3605.255195][ T2139] veth0_vlan: left promiscuous mode
[ 3641.204537][ T2139] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3643.044809][ T2139] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3644.657601][ T2139] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3646.228886][ T2139] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3671.319200][ T2139] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3671.784241][ T2139] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3672.146747][ T2139] bond0 (unregistering): Released all slaves
[ 3674.801390][ T2139] hsr_slave_0: left promiscuous mode
[ 3675.025648][ T2139] hsr_slave_1: left promiscuous mode
[ 3675.906545][ T2139] veth1_macvtap: left promiscuous mode
[ 3675.928513][ T2139] veth0_macvtap: left promiscuous mode
[ 3675.944598][ T2139] veth1_vlan: left promiscuous mode
[ 3675.957725][ T2139] veth0_vlan: left promiscuous mode
[ 3705.185850][ T4870] veth0_vlan: entered promiscuous mode
[ 3705.374248][ T4876] veth0_vlan: entered promiscuous mode
[ 3707.005418][ T4870] veth1_vlan: entered promiscuous mode
[ 3707.349496][ T4876] veth1_vlan: entered promiscuous mode
[ 3712.021508][ T4870] veth0_macvtap: entered promiscuous mode
[ 3712.521601][ T4876] veth0_macvtap: entered promiscuous mode
[ 3712.995771][ T4870] veth1_macvtap: entered promiscuous mode
[ 3713.611791][ T4876] veth1_macvtap: entered promiscuous mode
[ 3719.150006][ T3391] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3719.151151][ T3391] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3719.157682][ T3391] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3719.165970][ T3391] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3720.253356][ T2139] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3720.274274][ T2139] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3720.278533][ T2139] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3720.279438][ T2139] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4107.258938][ T4408] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4111.527720][ T4408] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4113.629644][ T4408] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4116.329916][ T4408] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4145.186123][ T4408] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4145.633699][ T4408] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4145.977253][ T4408] bond0 (unregistering): Released all slaves
[ 4150.368939][ T4408] hsr_slave_0: left promiscuous mode
[ 4150.516854][ T4408] hsr_slave_1: left promiscuous mode
[ 4151.729565][ T4408] veth1_macvtap: left promiscuous mode
[ 4151.744691][ T4408] veth0_macvtap: left promiscuous mode
[ 4151.766274][ T4408] veth1_vlan: left promiscuous mode
[ 4151.785166][ T4408] veth0_vlan: left promiscuous mode
[ 4187.541515][ T4408] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4189.319118][ T4408] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4190.900039][ T4408] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4192.510132][ T4408] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4218.460567][ T4408] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4218.920944][ T4408] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4219.459331][ T4408] bond0 (unregistering): Released all slaves
[ 4222.458970][ T4408] hsr_slave_0: left promiscuous mode
[ 4222.604037][ T4408] hsr_slave_1: left promiscuous mode
[ 4223.675243][ T4408] veth1_macvtap: left promiscuous mode
[ 4223.679267][ T4408] veth0_macvtap: left promiscuous mode
[ 4223.697037][ T4408] veth1_vlan: left promiscuous mode
[ 4223.738932][ T4408] veth0_vlan: left promiscuous mode
[ 4269.015115][ T5221] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4269.414423][ T5221] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4275.681646][ T5234] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4276.196553][ T5234] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4303.217535][ T5221] hsr_slave_0: entered promiscuous mode
[ 4303.300810][ T5221] hsr_slave_1: entered promiscuous mode
[ 4309.317940][ T5234] hsr_slave_0: entered promiscuous mode
[ 4309.439484][ T5234] hsr_slave_1: entered promiscuous mode
[ 4309.489640][ T5234] debugfs: 'hsr0' already exists in 'hsr'
[ 4309.496774][ T5234] Cannot create hsr debugfs directory
[ 4330.226002][ T5221] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 4331.409851][ T5221] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 4332.464246][ T5221] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 4334.423754][ T5221] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 4341.266739][ T5234] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 4341.885338][ T5234] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 4342.450348][ T5234] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 4343.160308][ T5234] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 4373.435627][ T5221] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4379.289997][ T5234] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4543.461324][ T5221] veth0_vlan: entered promiscuous mode
[ 4544.597432][ T5221] veth1_vlan: entered promiscuous mode
[ 4549.948116][ T5221] veth0_macvtap: entered promiscuous mode
[ 4550.634804][ T5234] veth0_vlan: entered promiscuous mode
[ 4551.148690][ T5221] veth1_macvtap: entered promiscuous mode
[ 4553.314735][ T5234] veth1_vlan: entered promiscuous mode
[ 4558.317560][ T5243] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4558.354556][ T5384] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4558.410252][ T2139] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4558.460644][ T2139] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4561.698901][ T5234] veth0_macvtap: entered promiscuous mode
[ 4563.347789][ T5234] veth1_macvtap: entered promiscuous mode
[ 4570.875621][ T5239] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4570.924413][ T4497] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4570.947889][ T4497] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4570.948861][ T4497] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5135.259155][ T4497] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5138.040193][ T4497] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5140.547350][ T4497] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5143.306585][ T4497] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5182.431813][ T4497] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5183.058405][ T4497] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5183.451168][ T4497] bond0 (unregistering): Released all slaves
[ 5186.295151][ T4497] hsr_slave_0: left promiscuous mode
[ 5186.448260][ T4497] hsr_slave_1: left promiscuous mode
[ 5187.739417][ T4497] veth1_macvtap: left promiscuous mode
[ 5187.817559][ T4497] veth0_macvtap: left promiscuous mode
[ 5187.855604][ T4497] veth1_vlan: left promiscuous mode
[ 5187.857266][ T4497] veth0_vlan: left promiscuous mode
[ 5353.531818][ T5724] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5354.186251][ T5724] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5360.880919][ T5728] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5361.577231][ T5728] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5414.619359][ T5724] hsr_slave_0: entered promiscuous mode
[ 5414.838702][ T5724] hsr_slave_1: entered promiscuous mode
[ 5423.097928][ T5728] hsr_slave_0: entered promiscuous mode
[ 5423.268118][ T5728] hsr_slave_1: entered promiscuous mode
[ 5423.395436][ T5728] debugfs: 'hsr0' already exists in 'hsr'
[ 5423.434518][ T5728] Cannot create hsr debugfs directory
[ 5465.115386][ T5724] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 5466.451760][ T5724] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 5467.935071][ T5724] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 5469.164041][ T5724] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 5480.845946][ T5728] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 5481.688579][ T5728] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 5482.559031][ T5728] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 5483.514213][ T5728] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 5521.276229][   T27] INFO: task syz.6.385:5703 blocked for more than 430 seconds.
[ 5521.306163][   T27]       Not tainted syzkaller #0
[ 5521.367543][   T27]       Blocked by coredump.
[ 5521.393344][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 5521.394026][   T27] task:syz.6.385       state:D stack:0     pid:5703  tgid:5697  ppid:5221   task_flags:0x40044c flags:0x00000018
[ 5521.396040][   T27] Call trace:
[ 5521.396538][   T27]  __switch_to+0x584/0xb00 (T)
[ 5521.398660][   T27]  __schedule+0x200c/0x3428
[ 5521.399231][   T27]  schedule+0xac/0x27c
[ 5521.399741][   T27]  schedule_timeout+0x68/0x1ec
[ 5521.400275][   T27]  do_wait_for_common+0x28c/0x440
[ 5521.400752][   T27]  wait_for_completion+0x44/0x5c
[ 5521.401216][   T27]  __synchronize_srcu+0x2a4/0x320
[ 5521.401725][   T27]  synchronize_srcu+0x3d0/0x4f8
[ 5521.563067][   T27]  mmu_notifier_unregister+0x320/0x428
[ 5521.563813][   T27]  kvm_put_kvm+0x698/0xbe0
[ 5521.564309][   T27]  kvm_vm_release+0x58/0x78
[ 5521.564795][   T27]  __fput+0x4ac/0x978
[ 5521.565257][   T27]  ____fput+0x20/0x58
[ 5521.565683][   T27]  task_work_run+0x1b8/0x250
[ 5521.566164][   T27]  do_exit+0x7f8/0x2378
[ 5521.566634][   T27]  do_group_exit+0x1d4/0x2ac
[ 5521.567130][   T27]  get_signal+0x1440/0x154c
[ 5521.567612][   T27]  arch_do_signal_or_restart+0x180/0x4bac
[ 5521.568164][   T27]  exit_to_user_mode_loop+0x88/0x188
[ 5521.568643][   T27]  el0_da+0x180/0x218
[ 5521.569167][   T27]  el0t_64_sync_handler+0x90/0x12c
[ 5521.569654][   T27]  el0t_64_sync+0x198/0x19c
[ 5521.571366][   T27] 
[ 5521.571366][   T27] Showing all locks held in the system:
[ 5521.571874][   T27] 1 lock held by khungtaskd/27:
SYZFAIL: failed to recv rpc
[ 5521.764523][   T27]  #0: ffff800087a86d08 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x0/0x44
[ 5521.776636][   T27] 2 locks held by kworker/u4:6/2139:
[ 5521.777078][   T27]  #0: 95f000000cc26948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a10
[ 5521.779635][   T27]  #1: ffff80008e967c88 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a10
[ 5521.781363][   T27] 2 locks held by getty/3200:
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 5521.781685][   T27]  #0: 5df00000123528a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 5521.975709][   T27]  #1: 53ff80008c80b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x308/0x1234
[ 5522.083777][   T27] 2 locks held by syz-executor/3332:
[ 5522.086646][   T27] 2 locks held by kworker/u4:4/3391:
[ 5522.095829][   T27] 3 locks held by kworker/u4:7/3857:
[ 5522.096322][   T27] 3 locks held by kworker/u4:9/4458:
[ 5522.096646][   T27] 3 locks held by kworker/u4:10/4459:
[ 5522.097005][   T27] 3 locks held by kworker/u4:1/4723:
[ 5522.097340][   T27] 3 locks held by kworker/u4:13/4986:
[ 5522.097649][   T27] 3 locks held by kworker/u4:0/5229:
[ 5522.098050][   T27] 2 locks held by syz.7.386/5698:
[ 5522.098405][   T27] 2 locks held by syz-executor/5724:
[ 5522.098739][   T27] 3 locks held by kworker/u4:3/5733:
[ 5522.099070][   T27] 2 locks held by kworker/u4:16/5742:
[ 5522.099385][   T27] 3 locks held by kworker/u4:17/5745:
[ 5522.099737][   T27] 1 lock held by dhcpcd-run-hook/5865:
[ 5522.207686][   T27] 
[ 5522.208925][   T27] =============================================
[ 5522.208925][   T27] 
[ 5522.209944][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[ 5522.214785][   T27] CPU: 0 UID: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT 
[ 5522.216115][   T27] Hardware name: linux,dummy-virt (DT)
[ 5522.217033][   T27] Call trace:
[ 5522.217841][   T27]  show_stack+0x2c/0x3c (C)
[ 5522.218819][   T27]  __dump_stack+0x30/0x40
[ 5522.219714][   T27]  dump_stack_lvl+0x30/0x12c
[ 5522.220640][   T27]  dump_stack+0x1c/0x28
[ 5522.221534][   T27]  vpanic+0x1d4/0x4e4
[ 5522.222336][   T27]  vpanic+0x0/0x4e4
[ 5522.223130][   T27]  hung_task_panic+0x0/0x2c
[ 5522.224094][   T27]  kthread+0x794/0x99c
[ 5522.224989][   T27]  ret_from_fork+0x10/0x20
[ 5522.226823][   T27] Kernel Offset: disabled
[ 5522.227517][   T27] CPU features: 0x0000000,001a3005,fbe327a1,057ffe1f
[ 5522.228616][   T27] Memory Limit: none
[ 5522.230844][   T27] Rebooting in 86400 seconds..