last executing test programs:

1h21m12.608809794s ago: executing program 1 (id=630):
mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x240100, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0xfffffffffffffffc)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8})
syz_kvm_vgic_v3_setup(r2, 0x1, 0x20)
close(0x4)
close(0x5)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2000003, 0x2013, r5, 0x0) (async)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000007000/0x2000)=nil, r6, 0x3000003, 0x2011, r5, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)

1h21m5.587371908s ago: executing program 1 (id=632):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000240)={0x0, &(0x7f00000000c0)=[@mrs={0xbe, 0x18, {0x603000000013c00a}}], 0x18}, 0x0, 0x0)
syz_kvm_setup_cpu$arm64(r2, r4, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000840)=[{0x0, &(0x7f0000000300)=[@svc={0x122, 0x40, {0x3000000, [0x3, 0x8, 0x7, 0x1, 0x5]}}, @code={0xa, 0xb4, {"007008d5007008d5805b97d20040b0f2c10180d2220180d2e30080d2640080d2020000d40000399e40fb8fd20040b0f2210080d2020080d2030180d2440180d2020000d40000002a404c9fd200e0b8f2010080d2820180d2a30080d2440180d2020000d400709f0c80d49ed200c0b8f2210180d2620180d2830180d2c40080d2020000d400478ed200c0b8f2e10080d2420180d2630080d2240080d2020000d4"}}, @eret={0xe6, 0x18, 0x9}, @hvc={0x32, 0x40, {0x80003fff, [0x1, 0x9, 0x4, 0x9]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x4, 0x9, 0xa4f, 0x2, 0x3}}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x253}}, @irq_setup={0x46, 0x18, {0x0, 0x80}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x3}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x2, 0x2, 0x0, 0x10001, 0x1}}, @svc={0x122, 0x40, {0x3000000, [0xc8, 0x7, 0x1a, 0x200, 0x2]}}, @uexit={0x0, 0x18, 0x7f}, @eret={0xe6, 0x18, 0x9}, @eret={0xe6, 0x18, 0x3800}, @smc={0x1e, 0x40, {0xc400000c, [0x5, 0x9, 0xd46, 0x10, 0xd8]}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x2, 0x4, 0x4, 0xffff, 0x1}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x40, 0xb3, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x0, 0x1, 0xe1, 0x3f, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013df78}}, @mrs={0xbe, 0x18, {0x603000000013c2aa}}, @code={0xa, 0x6c, {"609393d20060b8f2a10080d2820180d2430180d2e40080d2020000d4007008d50004000f0060000d007008d50200a0d4007008d5603a89d200e0b0f2a10080d2a20180d2c30080d2040080d2020000d40074202e000008d5"}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x1, 0xe, 0x3, 0x6bc0354f, 0x3}}, @mrs={0xbe, 0x18, {0x603000000013c00e}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x16a}}, @msr={0x14, 0x20, {0x603000000013c018, 0x1}}, @memwrite={0x6e, 0x30, @generic={0x50000, 0x170, 0x2b, 0x3}}, @hvc={0x32, 0x40, {0x84000014, [0x9, 0xff, 0x48, 0x7, 0x100]}}, @hvc={0x32, 0x40, {0x8, [0x8000000000000001, 0x8000000000000000, 0x8000, 0x3, 0x5]}}], 0x520}], 0x1, 0x0, &(0x7f0000000880)=[@featur1={0x1, 0x24}], 0x1)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, &(0x7f0000000080)={0x1, 0xa0})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r10, r11, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f0000000100)=@arm64_fp={0x60400000001001a4, 0x0})
r12 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f00000002c0)={0x0, &(0x7f0000000c00)=[@smc={0x1e, 0x40, {0x1, [0x2, 0x1, 0x6, 0xa56, 0xffff]}}, @eret={0xe6, 0x18, 0x1}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x3, 0x6, 0x3, 0x1, 0x3}}, @svc={0x122, 0x40, {0x1, [0x80000001, 0x101, 0x691f, 0x6, 0x8]}}, @uexit={0x0, 0x18, 0xfffffffffffffffd}, @uexit={0x0, 0x18, 0x2}, @eret={0xe6, 0x18, 0x401}, @smc={0x1e, 0x40, {0x84000008, [0x3, 0xdd68, 0x3, 0x72b, 0x8]}}, @msr={0x14, 0x20, {0x603000000013e08b, 0x4}}, @hvc={0x32, 0x40, {0x1000000, [0x3, 0xd, 0x3, 0x0, 0x10000]}}, @hvc={0x32, 0x40, {0x80, [0xfffffffffffffffc, 0x3, 0xffffbffffffffff7, 0xfffffffffffffff9]}}, @svc={0x122, 0x40, {0x80008000, [0x6, 0x80, 0xf2f, 0x9, 0xfffffffffffffffe]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x4, 0xfffffffffffffffc, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013801e}}, @hvc={0x32, 0x40, {0x1000, [0x6, 0x3, 0x0, 0x6, 0x8000000000000000]}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x1bd}}, @hvc={0x32, 0x40, {0x80000002, [0x7, 0x7f, 0x200, 0x9, 0x6]}}, @mrs={0xbe, 0x18, {0x6030000000138016}}, @smc={0x1e, 0x40, {0xc4000010, [0x1000, 0x6, 0x9, 0xe3b, 0x8]}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x3, 0xc, 0x400, 0xc0, 0x3}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x40, 0x8000, 0x4}}, @eret={0xe6, 0x18, 0x10000}, @msr={0x14, 0x20, {0x603000000013c600, 0x3}}, @svc={0x122, 0x40, {0x84000007, [0x6, 0x2, 0x0, 0x8000000000000000, 0xf37e]}}, @svc={0x122, 0x40, {0x40000000, [0x1, 0x0, 0xfc, 0x401, 0x13b9]}}, @hvc={0x32, 0x40, {0x8b0266cb00b8fa0e, [0x1, 0x3, 0xd, 0x8000, 0x7ff]}}, @eret={0xe6, 0x18, 0x9}, @irq_setup={0x46, 0x18, {0x4, 0x1d6}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x53}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x7f}}, @irq_setup={0x46, 0x18, {0x0, 0x1d0}}], 0x558}, &(0x7f0000000bc0)=[@featur2={0x1, 0xa2}], 0x1)
ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f0000000140)=@arm64_fw={0x6030000000140000, &(0x7f0000000200)=0x10001})
ioctl$KVM_RUN(r14, 0xae80, 0x0)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100034, &(0x7f00000001c0)=0x9})
ioctl$KVM_GET_REGS(r7, 0x8360ae81, &(0x7f0000000200))
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
r15 = openat$kvm(0x0, &(0x7f0000000040), 0x200e80, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r16, 0x4068aea3, &(0x7f0000000180)={0xa8, 0x0, 0x2})

1h21m0.37132294s ago: executing program 0 (id=633):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000bf3000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000b80)={0x0, 0x0}, &(0x7f0000000bc0)=[@featur2={0x1, 0x90}], 0x11e)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000140)=@arm64_ccsidr={0x6020000000110004, &(0x7f0000000200)=0xfffffffffffffffc})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000100)=@attr_other={0x0, 0x8, 0x2, &(0x7f0000000040)=0x2})
syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000b80)={0x0, &(0x7f0000000640)=[@smc={0x1e, 0x40, {0x84000011, [0xfffffffffffffffe, 0x4, 0x0, 0x4, 0x8001]}}], 0x40}, &(0x7f0000000bc0)=[@featur2], 0x1)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0xe6)
openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r7, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
r8 = mmap$KVM_VCPU(&(0x7f0000f32000/0x3000)=nil, 0x930, 0x2ba1209c70461da5, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
close(r5)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r14, r15, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r15, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100010, &(0x7f0000000100)=0x80003fe})
ioctl$KVM_RUN(r12, 0xae80, 0x0)
syz_kvm_setup_cpu$arm64(r10, r12, &(0x7f00009a7000/0x400000)=nil, &(0x7f0000000300)=[{0x0, &(0x7f0000000380)=ANY=[], 0xfffffdf7}], 0x1, 0x0, &(0x7f0000000340)=[@featur2={0x1, 0x1}], 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

1h20m49.116386858s ago: executing program 1 (id=634):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x802, 0x40000008, 0x0, 0x80}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1h20m46.136453499s ago: executing program 0 (id=635):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x2000000002, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x1, 0x0, 0x6, 0x2, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0xfffffffc)

1h20m38.055878762s ago: executing program 1 (id=636):
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0)
r0 = eventfd2(0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000004000/0x4000)=nil, 0x930, 0xc0ffff, 0x11, r0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x25)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x32c}}, @its_setup={0x82, 0x28, {0x20000000000003, 0x1, 0x104}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)

1h20m36.838996884s ago: executing program 0 (id=637):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, <r6=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r6, 0x800454cf, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48)
r7 = mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
munmap(&(0x7f000049b000/0x400000)=nil, 0x400000)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000bc2000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000440)={0x0, &(0x7f00000000c0)=[@svc={0x122, 0x40, {0xc5000020, [0x6, 0x3, 0x1, 0x711ec83f, 0x8000]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x40, 0x7ff, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013803d}}, @smc={0x1e, 0x40, {0x84000010, [0x7fffffffffffffff, 0xfffffffffffffff7, 0x7, 0x5, 0x1]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x4, 0x5}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x4, 0x8, 0x4, 0x8, 0x3}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x0, 0xa, 0x1, 0x0, 0x4}}], 0x148}, &(0x7f0000000480)=[@featur1={0x1, 0x43}], 0x1)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000000340)=@attr_arm64={0x0, 0x0, 0x0, 0xffffffffffffffff})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000240)="100ff8f10b3affed2491bbb1ef9933628cfe3bb9f1861b058bcf390fbdeebd519d7749fd1e89c47f779c82c62b564894a2347c09614fde592c9fa6ce7e40b26c4baa9be8ec8616d5", 0x0, 0x48)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
openat$kvm(0x0, 0x0, 0x408801, 0x0)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r12, 0x40305839, 0x4000000000000019)

1h20m28.015958917s ago: executing program 1 (id=638):
r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x200c80, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000c0c000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0x40086602, 0x110e22ffff)
r6 = syz_kvm_add_vcpu$arm64(r4, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x7, <r7=>0xffffffffffffffff})
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r8, 0x40086602, 0x110e22ffff)
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000280)=0x400000080a0000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r9 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000160002, &(0x7f0000000000)=0x7})
r12 = openat$kvm(0x0, 0x0, 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f1, 0x71a3446a}}], 0x20}, &(0x7f0000000300)=[@featur2={0x1, 0x10}], 0x1)
r16 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r17 = ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0)
r18 = syz_kvm_setup_syzos_vm$arm64(r17, &(0x7f0000c00000/0x400000)=nil)
r19 = syz_kvm_add_vcpu$arm64(r18, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r19, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r19, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r15, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)

1h20m25.389055653s ago: executing program 0 (id=639):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@smc={0x1e, 0x40, {0x43fd0b7927145ae5, [0x401, 0x5, 0x2c4, 0x9, 0x5]}}, @msr={0x14, 0x20, {0x603000000013dce8, 0xa415}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x80}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
close(0x3)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_CREATE_VM(r4, 0x894c, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1h20m13.105894156s ago: executing program 1 (id=640):
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2b)
r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000240)=@attr_other={0x0, 0x3, 0x80000001, 0xffffffffffffffff})
r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x33)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000180)={0x80, 0xd5d77004, 0x4, r6})
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
r7 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100), 0xfffffffffffffed7}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
munmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000)

1h20m11.70631837s ago: executing program 0 (id=641):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x2000000002, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x1, 0x0, 0x6, 0x2, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x300000000)

1h20m5.469114187s ago: executing program 0 (id=642):
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000a1e000/0x400000)=nil)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x25)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x2000000002, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x1, 0x0, 0x6, 0x2, 0x4}}], 0x50}, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x9)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0x40086602, 0x20000000)
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}, @msr={0x14, 0x20, {0x603000000013dce0, 0x8001}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r11 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r1, 0x300000a, 0x16831, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000240)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
r12 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0xc4000001, [0x8, 0x939, 0xe, 0x7f, 0x4]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r15, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
ioctl$KVM_RUN(r15, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x1000002, 0x4000010, r15, 0x0)

1h19m28.615786006s ago: executing program 32 (id=640):
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2b)
r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000240)=@attr_other={0x0, 0x3, 0x80000001, 0xffffffffffffffff})
r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x33)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000180)={0x80, 0xd5d77004, 0x4, r6})
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
r7 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100), 0xfffffffffffffed7}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
munmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000)

1h19m18.828060297s ago: executing program 33 (id=642):
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000a1e000/0x400000)=nil)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x25)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x2000000002, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x1, 0x0, 0x6, 0x2, 0x4}}], 0x50}, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x9)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0x40086602, 0x20000000)
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}, @msr={0x14, 0x20, {0x603000000013dce0, 0x8001}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r11 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r1, 0x300000a, 0x16831, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000240)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
r12 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0xc4000001, [0x8, 0x939, 0xe, 0x7f, 0x4]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r15, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
ioctl$KVM_RUN(r15, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x1000002, 0x4000010, r15, 0x0)

27m28.253494742s ago: executing program 2 (id=1023):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x27)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@smc={0x1e, 0x40, {0x86000001, [0x1, 0x401, 0x5, 0x1, 0x2]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
close(0x4)
close(0x5)

27m13.777159918s ago: executing program 2 (id=1025):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x2100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f00000001c0)=@arm64_core={0x603000000010001e, &(0x7f0000000000)=0xfdb})
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) (async)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x4, 0x220) (async)
syz_kvm_vgic_v3_setup(r5, 0x4, 0x220)
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r9, 0xae03, 0x9) (async)
ioctl$KVM_CHECK_EXTENSION(r9, 0xae03, 0x9)
r10 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, &(0x7f0000000040)=[@msr={0x14, 0x20, {0x603000000013c65f, 0x8001}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)

27m11.816907069s ago: executing program 3 (id=1026):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000280)={0x10001, 0x2, 0x10000, 0x1000, &(0x7f0000f85000/0x1000)=nil})
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000700)={0x7, 0x0}) (async)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
ioctl$KVM_IRQ_LINE(r6, 0x4008ae61, &(0x7f0000000240)={0x200002f}) (async)
r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, &(0x7f0000000000)=[@irq_setup={0x5, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async, rerun: 64)
syz_kvm_vgic_v3_setup(r7, 0x1, 0x100)
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async)
ioctl$KVM_IRQ_LINE(r7, 0x4008ae61, &(0x7f0000000100)={0x1000020, 0x1}) (async, rerun: 32)
ioctl$KVM_RUN(r9, 0xae80, 0x0) (rerun: 32)
r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r3, 0x3, 0x11, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r10, 0xfffffffffffffffe, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000040)=@attr_other={0x0, 0xfffffffa, 0x7, &(0x7f0000000000)=0x3})
syz_kvm_assert_syzos_uexit$arm64(r10, 0xffffffffffffffff, 0x0)

27m0.010156693s ago: executing program 2 (id=1027):
r0 = eventfd2(0x0, 0x80000)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x2000)=nil, 0x930, 0x0, 0x110, r0, 0x0)
openat$kvm(0x0, 0x0, 0x72483, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000a5a000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000b80)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000012, [0xffffffff, 0x100080001, 0x5, 0x101, 0x13]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r6, &(0x7f0000e8a000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, 0x0)
r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_GET_DIRTY_LOG(r7, 0x4010ae42, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000ffb000/0x3000)=nil})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

26m57.946225852s ago: executing program 3 (id=1028):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@smc={0x1e, 0x40, {0x86000001, [0x1, 0x401, 0x5, 0x1, 0x2]}}], 0x40}, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000200)={0x4, 0xffda, 0x2}})
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r4, 0x4068aea3, &(0x7f0000000240))
ioctl$KVM_ARM_VCPU_FINALIZE(r7, 0x4004aec2, &(0x7f0000000040)=0x6)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

26m47.589826968s ago: executing program 2 (id=1029):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000647000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ec2000/0x3000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x25)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f00000007c0)=0xffffffffffff0000})
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000000)={0x1, 0x6000, 0x9fff, 0xffffffffffffffff, 0x8})
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000ef3000/0x4000)=nil, 0x0, 0x1000000, 0x8012, 0xffffffffffffffff, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0, 0x64}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

26m46.225977978s ago: executing program 3 (id=1030):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000001c0)={0x8, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4})
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f0000000140)={0xdf, 0x0, 0x10000})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000040)={0x7, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x4, 0x3, 0x0})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000340)=0xfffffffffffffffc})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x4, 0x1, 0x0})

26m32.597233918s ago: executing program 3 (id=1031):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8800, 0x0) (async)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r4, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000e04000/0x2000)=nil, 0x930, 0x1, 0x11, r4, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r5, 0x8, 0x13, r4, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, r5, 0x1000001, 0x12, r4, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) (async)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
write$eventfd(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_CAP_HALT_POLL(r7, 0x4068aea3, 0xffffffffffffffff) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f0000000100)=@attr_arm64={0x0, 0x3, 0x2, &(0x7f00000000c0)=0xf})
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) (async)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x2e)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_GET_REG_LIST(r10, 0xc008aeb0, 0x0)
r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c24000/0x3000)=nil, r11, 0x2000000, 0x10, r10, 0x0)

26m29.52351329s ago: executing program 2 (id=1032):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000280)={0x10001, 0x2, 0x10000, 0x1000, &(0x7f0000f85000/0x1000)=nil})
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000700)={0x7, 0x0}) (async)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
ioctl$KVM_IRQ_LINE(r6, 0x4008ae61, &(0x7f0000000240)={0x200002f}) (async)
r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, &(0x7f0000000000)=[@irq_setup={0x5, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async, rerun: 64)
syz_kvm_vgic_v3_setup(r7, 0x1, 0x100)
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async)
ioctl$KVM_IRQ_LINE(r7, 0x4008ae61, &(0x7f0000000100)={0x1000020, 0x1}) (async, rerun: 32)
ioctl$KVM_RUN(r9, 0xae80, 0x0) (rerun: 32)
r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r3, 0x3, 0x11, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r10, 0xfffffffffffffffe, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000040)=@attr_other={0x0, 0xfffffffa, 0x7, &(0x7f0000000000)=0x3})
syz_kvm_assert_syzos_uexit$arm64(r10, 0xffffffffffffffff, 0x0)

26m20.996010297s ago: executing program 3 (id=1033):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x13)
syz_kvm_setup_cpu$arm64(r1, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000200)=[{0x0, &(0x7f0000000480)=[@mrs={0xbe, 0x18, {0x603000000013dce8}}, @memwrite={0x6e, 0x30, @generic={0x60000, 0xc94, 0x7, 0x2}}, @hvc={0x32, 0x40, {0xc5000020, [0x5, 0x5, 0x7ff, 0x1, 0xb9]}}, @uexit={0x0, 0x18, 0x7}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x227}}, @irq_setup={0x46, 0x18, {0x0, 0x9c}}, @smc={0x1e, 0x40, {0x84000010, [0x199, 0x0, 0x8, 0x2, 0x2]}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x193}}, @mrs={0xbe, 0x18, {0x603000000013e64a}}, @smc={0x1e, 0x40, {0x80008000, [0x9, 0x0, 0x8, 0x5, 0x9]}}, @uexit={0x0, 0x18, 0x8000000000000000}, @hvc={0x32, 0x40, {0x84000008, [0x9, 0x5508, 0x8000, 0x4, 0x4]}}, @svc={0x122, 0x40, {0x3f000000, [0x8, 0xfff, 0x8000000000000000, 0x40]}}, @uexit={0x0, 0x18, 0x8}, @memwrite={0x6e, 0x30, @generic={0x58000, 0x58e, 0x8, 0xe}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x267}}], 0x2a8}], 0x1, 0x0, &(0x7f0000000240)=[@featur2={0x1, 0x20}], 0x1)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x3, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x3, 0x0, 0x40000000, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x4, 0x4, &(0x7f00000001c0)=0xc31})
ioctl$KVM_ARM_PREFERRED_TARGET(r4, 0x8020aeaf, &(0x7f0000000040))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_GET_SREGS(r4, 0x8000ae83, &(0x7f0000000340))

26m12.457105501s ago: executing program 2 (id=1034):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c520, 0x8000}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000040)={0x0, &(0x7f00000003c0)=[@msr={0x14, 0x20, {0x603000000013dead, 0x4}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x6000, 0x400, 0x4}}, @uexit={0x0, 0x18, 0x7fff}, @uexit={0x0, 0x18, 0xa5c1}, @msr={0x14, 0x20, {0x603000000013e65b}}, @irq_setup={0x46, 0x18, {0x0, 0x37a}}, @uexit={0x0, 0x18, 0x401}, @msr={0x14, 0x20, {0x603000000013e64a, 0x81}}, @svc={0x122, 0x40, {0x8000, [0x40, 0x1, 0x9, 0x2, 0x3]}}, @its_setup={0x82, 0x28, {0x4, 0x3, 0x122}}, @svc={0x122, 0x40, {0x2, [0x7, 0x0, 0x10000, 0x2187, 0x6]}}, @msr={0x14, 0x20, {0x6030000000138017, 0xffff}}, @hvc={0x32, 0x40, {0x8400000d, [0x104, 0x6, 0x8, 0x1]}}, @msr={0x14, 0x20, {0x603000000013c660, 0xff87}}, @smc={0x1e, 0x40, {0x400, [0x861, 0xcb8d, 0x1, 0x125fb291, 0xcf1]}}, @eret={0xe6, 0x18, 0x5}, @hvc={0x32, 0x40, {0x84000053, [0xd3c, 0x5479, 0x3, 0x5, 0x800]}}, @eret={0xe6, 0x18, 0x3}, @smc={0x1e, 0x40, {0x80003fff, [0x2, 0x6, 0x5, 0x1, 0xf]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x0, 0xa, 0x21, 0xffff, 0x3}}, @svc={0x122, 0x40, {0x3000000, [0x0, 0x3, 0x400000000000000, 0xc, 0xc]}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0x250}}, @eret={0xe6, 0x18, 0x3e3}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x1f1}}, @eret={0xe6, 0x18, 0xa9c}], 0x3f0}, &(0x7f0000000080)=[@featur2={0x1, 0x91}], 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f00000000c0)={0x8000000, 0x8000})
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x32)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)

26m9.637638126s ago: executing program 3 (id=1035):
r0 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2e)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0xf)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) (async)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r3, r5, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f00000003c0)=[@featur2={0x1, 0x17}], 0x1)
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r9, 0x4004ae8b, &(0x7f0000000040)={0x8, "22f1ebbef8b17f4b"})
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x11})
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000080)=@arm64={0xe6, 0x7, 0x8, '\x00', 0xff}) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x400000001d)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000a5a000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000b80)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000012, [0xffffffff, 0x100080001, 0x5, 0x101, 0x13]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r12, 0xae80, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
r13 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r13, 0x4020aeae, &(0x7f0000000040)={0x5}) (async)
ioctl$KVM_RUN(r13, 0xae80, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x2010, r12, 0x0) (async)
syz_kvm_setup_cpu$arm64(r1, 0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_GET_MP_STATE(r5, 0x8004ae98, &(0x7f00000000c0))

25m25.076277334s ago: executing program 34 (id=1034):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c520, 0x8000}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000040)={0x0, &(0x7f00000003c0)=[@msr={0x14, 0x20, {0x603000000013dead, 0x4}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x6000, 0x400, 0x4}}, @uexit={0x0, 0x18, 0x7fff}, @uexit={0x0, 0x18, 0xa5c1}, @msr={0x14, 0x20, {0x603000000013e65b}}, @irq_setup={0x46, 0x18, {0x0, 0x37a}}, @uexit={0x0, 0x18, 0x401}, @msr={0x14, 0x20, {0x603000000013e64a, 0x81}}, @svc={0x122, 0x40, {0x8000, [0x40, 0x1, 0x9, 0x2, 0x3]}}, @its_setup={0x82, 0x28, {0x4, 0x3, 0x122}}, @svc={0x122, 0x40, {0x2, [0x7, 0x0, 0x10000, 0x2187, 0x6]}}, @msr={0x14, 0x20, {0x6030000000138017, 0xffff}}, @hvc={0x32, 0x40, {0x8400000d, [0x104, 0x6, 0x8, 0x1]}}, @msr={0x14, 0x20, {0x603000000013c660, 0xff87}}, @smc={0x1e, 0x40, {0x400, [0x861, 0xcb8d, 0x1, 0x125fb291, 0xcf1]}}, @eret={0xe6, 0x18, 0x5}, @hvc={0x32, 0x40, {0x84000053, [0xd3c, 0x5479, 0x3, 0x5, 0x800]}}, @eret={0xe6, 0x18, 0x3}, @smc={0x1e, 0x40, {0x80003fff, [0x2, 0x6, 0x5, 0x1, 0xf]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x0, 0xa, 0x21, 0xffff, 0x3}}, @svc={0x122, 0x40, {0x3000000, [0x0, 0x3, 0x400000000000000, 0xc, 0xc]}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0x250}}, @eret={0xe6, 0x18, 0x3e3}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x1f1}}, @eret={0xe6, 0x18, 0xa9c}], 0x3f0}, &(0x7f0000000080)=[@featur2={0x1, 0x91}], 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f00000000c0)={0x8000000, 0x8000})
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x32)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)

25m19.577852077s ago: executing program 35 (id=1035):
r0 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2e)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0xf)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) (async)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r3, r5, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f00000003c0)=[@featur2={0x1, 0x17}], 0x1)
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r9, 0x4004ae8b, &(0x7f0000000040)={0x8, "22f1ebbef8b17f4b"})
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x11})
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000080)=@arm64={0xe6, 0x7, 0x8, '\x00', 0xff}) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x400000001d)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000a5a000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000b80)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000012, [0xffffffff, 0x100080001, 0x5, 0x101, 0x13]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r12, 0xae80, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
r13 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r13, 0x4020aeae, &(0x7f0000000040)={0x5}) (async)
ioctl$KVM_RUN(r13, 0xae80, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x2010, r12, 0x0) (async)
syz_kvm_setup_cpu$arm64(r1, 0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_GET_MP_STATE(r5, 0x8004ae98, &(0x7f00000000c0))

17m40.525102387s ago: executing program 5 (id=1042):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r6 = eventfd2(0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x40080, 0x0)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000340)={0x1a64afb6, 0x8000000, 0x0, r6})
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000000)={0x8080000, 0x2000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x7)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r15, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000080)={0x1ff, 0xa, 0x1}})
r16 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r16, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000240)={0x3, 0x9}})
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r8, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0)
r17 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x2000)=nil, r8, 0x300000e, 0x1c013, r17, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee3, &(0x7f00000000c0)=@attr_pmu_irq={0x0, 0x0, 0x500, 0x0})
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, r8, 0x2800006, 0x20030, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000040)={0x7, <r18=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r18, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x9, 0x1, &(0x7f0000000040)=0xab})

17m38.53494162s ago: executing program 4 (id=1043):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000780), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0xeeef0000, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x2515, 0x0, 0x0, 0x1000, &(0x7f0000fec000/0x1000)=nil})
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f1, 0x8000}}, @uexit={0x0, 0x18, 0x6}, @msr={0x14, 0x20, {0x603000000013dce1, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce2, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce3, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce4, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}], 0xd8}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async, rerun: 32)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f0000000380)={0xdf, 0x0, 0x13000}) (async, rerun: 32)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async, rerun: 64)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 64)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x16, 0x4, 0x1}})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000240)=[@hvc={0x32, 0x40, {0x8600ff01, [0x7, 0x9, 0x8, 0xfffffffffffffff8, 0x100]}}], 0x40}], 0x1, 0x0, 0x0, 0x0) (async)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000) (async)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async)
r10 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0xffffffffffffffff}}], 0x20}, &(0x7f00000000c0)=[@featur1={0x1, 0x8}], 0x1) (async, rerun: 64)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 64)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_vgic_v3_setup(r13, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r14, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x9, 0x10003, 0x0})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000240)=@arm64_sys={0x603000000013dce0, &(0x7f0000000200)=0x6})

17m20.557397558s ago: executing program 4 (id=1044):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 64)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 64)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
r3 = eventfd2(0xfffffffa, 0x80001)
r4 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000000)={0x48, 0xdddd1000}) (async)
r5 = ioctl$KVM_CREATE_VM(r4, 0x401c5820, 0x20000000)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r3}) (async)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616}) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async, rerun: 32)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000bc2000/0x400000)=nil) (rerun: 32)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000040)="68d3d4a6759ba655d47872b6bf881ba5dbca1c84a0779749", 0x0, 0x18) (async)
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async, rerun: 64)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async, rerun: 64)
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x2b)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000700)={0x7, 0x0}) (async)
ioctl$KVM_IRQ_LINE(r11, 0x4008ae61, &(0x7f0000000240)={0x2200002f})
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000180)={0x10000, 0x4000}) (async)
r12 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)

17m16.460839511s ago: executing program 5 (id=1045):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2b)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000280)={0x10001, 0x2, 0x10000, 0x1000, &(0x7f0000f85000/0x1000)=nil})
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000700)={0x7, 0x0})
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
ioctl$KVM_IRQ_LINE(r7, 0x4008ae61, &(0x7f0000000240)={0x200002f})
r8 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, &(0x7f0000000000)=[@irq_setup={0x5, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r8, 0x1, 0x100)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r8, 0x4008ae61, &(0x7f0000000100)={0x1000020, 0x1})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
r11 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r4, 0x3, 0x11, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r11, 0xfffffffffffffffe, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000040)=@attr_other={0x0, 0xfffffffa, 0x7, &(0x7f0000000000)=0x3})
syz_kvm_assert_syzos_uexit$arm64(r11, 0xffffffffffffffff, 0x0)

17m2.97608658s ago: executing program 4 (id=1046):
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x240000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x20000000)
ioctl$KVM_CREATE_VM(r1, 0x5761, 0x2000001c)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_CHECK_EXTENSION_VM(r3, 0xae03, 0x4000000000009)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x8, 0x4, &(0x7f0000000040)=0xe0a7})
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ff1000/0x3000)=nil, 0x0, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0x40086602, 0x110e02ffff)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_vgic_v3_setup(r5, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0xffffffff, 0x4, 0x0})
r7 = ioctl$KVM_GET_STATS_FD_vm(r5, 0xaece)
ioctl$KVM_KVMCLOCK_CTRL(r7, 0xaead)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)

16m52.60071745s ago: executing program 5 (id=1047):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x2, 0x40)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bc5000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013dce7}}], 0x18}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x22)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r7, 0x0, 0x0, 0x0)
close(0xffffffffffffffff)
close(0x4)
close(0x5)

16m40.627822878s ago: executing program 4 (id=1048):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="460000000000000018000000000000000100000020"], 0x18}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x78)
ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, &(0x7f0000000100)={0x1000020, 0x1})
syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000b25000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000140)=ANY=[], 0x294}], 0x1, 0x0, &(0x7f0000000400)=[@featur2={0x1, 0x34}], 0x1)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000a49000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, &(0x7f0000000180)=[@mrs={0xbe, 0x18, {0x3fe7}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

16m33.628743888s ago: executing program 5 (id=1049):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000c0c000/0x2000)=nil, 0x930, 0x400000f, 0x2010, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f1, 0x8000}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x42601, 0x0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2)
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000240)={0xdddd1000, 0x1000})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r6, 0x4010ae68, &(0x7f0000000080)={0x1})
r7 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000002c0)={0x0, &(0x7f00000001c0)}, &(0x7f0000000380)=[@featur1={0x1, 0x16}], 0x1)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x16)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@smc={0x1e, 0xfec1, {0x84000011, [0x2, 0x6, 0x4, 0x70, 0x5]}}], 0x40}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r10, 0x2, 0x100)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, <r13=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x141, 0xffffbfffffff0000, &(0x7f0000000280)=0x200})
ioctl$KVM_RUN(r12, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x1000000)
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x88, &(0x7f0000000000)=0x10})
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f00000000c0)={0xb})
ioctl$KVM_GET_DEVICE_ATTR(r13, 0x4018aee2, &(0x7f0000000200)=@attr_other={0x0, 0x7fffffff, 0x9, &(0x7f0000000400)=0x1})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

16m11.435206763s ago: executing program 4 (id=1050):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae03, 0xbb)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8})
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000240)=@arm64_core={0x6030000000100022, &(0x7f0000000400)=0x8001})
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bff000/0x400000)=nil)
r7 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
r11 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r10, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0)
r12 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r14, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, r15, 0x3})
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000000)=@arm64_sys={0xf0780000002e2172, 0x0})
ioctl$KVM_CREATE_VM(r12, 0x401c5820, 0x20000001)
r16 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r17 = syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r17, 0xae80, 0x0)
ioctl$KVM_RUN(r17, 0xae80, 0x0)
syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000b80)={0x0, &(0x7f0000000380)=[@memwrite={0x6e, 0x30, @generic={0x2, 0x242, 0x400, 0x3}}], 0x30}, &(0x7f0000000280), 0x1)

16m11.187064102s ago: executing program 5 (id=1051):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2b)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000280)={0x10001, 0x2, 0x10000, 0x1000, &(0x7f0000f85000/0x1000)=nil})
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000700)={0x7, 0x0})
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
ioctl$KVM_IRQ_LINE(r7, 0x4008ae61, &(0x7f0000000240)={0x200002f})
r8 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, &(0x7f0000000000)=[@irq_setup={0x5, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r8, 0x1, 0x100)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r8, 0x4008ae61, &(0x7f0000000100)={0x1000020, 0x1})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
r11 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r4, 0x3, 0x11, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r11, 0xfffffffffffffffe, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000040)=@attr_other={0x0, 0xfffffffa, 0x7, &(0x7f0000000000)=0x3})
syz_kvm_assert_syzos_uexit$arm64(r11, 0xffffffffffffffff, 0x0)

15m49.747184992s ago: executing program 4 (id=1052):
r0 = openat$kvm(0x0, &(0x7f00000001c0), 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
r1 = mmap$KVM_VCPU(&(0x7f0000db0000/0x4000)=nil, 0x0, 0x0, 0x80010, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000100)="736e4556c55a59050fb79e66fea3ac81e7e19c8d6d114948bf67590e133b2b0c9d87145df8792d422e51aa087cb37d0b75f9cbd9e2565f8058f371d69dd2726f36042e793490cd49", 0x0, 0x48) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x4018aee1, &(0x7f0000000600)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000005c0)={0x1, 0x8, 0x1}})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x28) (async)
eventfd2(0x7, 0x1) (async)
r8 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x9)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) (async)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xc0045878, 0x20000000) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r12, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000f0a000/0x1000)=nil, r12, 0x8, 0x30, r10, 0x0) (async)
ioctl$KVM_RUN(r10, 0xae80, 0x0) (async)
syz_kvm_setup_cpu$arm64(r7, r10, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
ioctl$KVM_SET_VCPU_EVENTS(r10, 0x4040aea0, &(0x7f0000000000)=@arm64={0x3, 0xe0, 0xb7, '\x00', 0x1})
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2) (async)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000640)=@arm64_core={0x6030000000100012, &(0x7f0000000000)=0x300000000000})

15m48.226530706s ago: executing program 5 (id=1053):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x2}) (async)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0x80111500, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f0000e5f000/0x3000)=nil, r7, 0x3, 0x40010, r5, 0x0) (async)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31) (async)
openat$kvm(0x0, 0x0, 0x0, 0x0) (async)
r10 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) (async)
r13 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r13}) (async)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r12, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616}) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f0000000180)={0x5000}) (async)
r14 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000200)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0) (async)
r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r15, 0xc0189436, 0x172)
ioctl$KVM_RUN(r14, 0xae80, 0x0)
close(0x4) (async)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) (async)
r16 = ioctl$KVM_GET_STATS_FD_vm(r5, 0xaece)
close(r16)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)

15m2.197905179s ago: executing program 36 (id=1052):
r0 = openat$kvm(0x0, &(0x7f00000001c0), 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
r1 = mmap$KVM_VCPU(&(0x7f0000db0000/0x4000)=nil, 0x0, 0x0, 0x80010, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000100)="736e4556c55a59050fb79e66fea3ac81e7e19c8d6d114948bf67590e133b2b0c9d87145df8792d422e51aa087cb37d0b75f9cbd9e2565f8058f371d69dd2726f36042e793490cd49", 0x0, 0x48) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x4018aee1, &(0x7f0000000600)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000005c0)={0x1, 0x8, 0x1}})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x28) (async)
eventfd2(0x7, 0x1) (async)
r8 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x9)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) (async)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xc0045878, 0x20000000) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r12, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000f0a000/0x1000)=nil, r12, 0x8, 0x30, r10, 0x0) (async)
ioctl$KVM_RUN(r10, 0xae80, 0x0) (async)
syz_kvm_setup_cpu$arm64(r7, r10, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
ioctl$KVM_SET_VCPU_EVENTS(r10, 0x4040aea0, &(0x7f0000000000)=@arm64={0x3, 0xe0, 0xb7, '\x00', 0x1})
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2) (async)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000640)=@arm64_core={0x6030000000100012, &(0x7f0000000000)=0x300000000000})

14m54.937579238s ago: executing program 37 (id=1053):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x2}) (async)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0x80111500, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f0000e5f000/0x3000)=nil, r7, 0x3, 0x40010, r5, 0x0) (async)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31) (async)
openat$kvm(0x0, 0x0, 0x0, 0x0) (async)
r10 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) (async)
r13 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r13}) (async)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r12, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616}) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f0000000180)={0x5000}) (async)
r14 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000200)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0) (async)
r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r15, 0xc0189436, 0x172)
ioctl$KVM_RUN(r14, 0xae80, 0x0)
close(0x4) (async)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) (async)
r16 = ioctl$KVM_GET_STATS_FD_vm(r5, 0xaece)
close(r16)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)

3m3.653619186s ago: executing program 6 (id=1072):
ioctl$KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, 0x0)
eventfd2(0x0, 0x0) (async)
r0 = eventfd2(0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x20000000)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x26)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0xd, 0x28}})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r5, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100) (async)
r6 = syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8})
ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, 0x0) (async)
ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(r6, 0x4018aee3, &(0x7f0000000300)=@attr_arm64={0x0, 0x3, 0x1, 0x0})

2m45.078383542s ago: executing program 7 (id=1073):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x696122, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil})

2m41.983645795s ago: executing program 6 (id=1074):
r0 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000540)={0x0, &(0x7f0000000000)=[@svc={0x122, 0x40, {0x84000001, [0x3, 0x8, 0x8000, 0x81, 0x7f]}}, @svc={0x122, 0x40, {0x8600ff01, [0x9, 0x4, 0x7, 0x0, 0xf]}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x3, 0x1, 0x8001, 0x5, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013c10b}}, @smc={0x1e, 0x40, {0x84000053, [0x4, 0xd2ca, 0x3, 0x2, 0x7fffffff]}}, @svc={0x122, 0x40, {0x84000013, [0x5, 0x9, 0x7, 0x4, 0x5]}}, @mrs={0xbe, 0x18, {0x6030000000138032}}, @eret={0xe6, 0x18, 0xfffffffffffffffb}, @eret={0xe6, 0x18, 0x2}, @code={0xa, 0xb4, {"007008d520f49fd200c0b0f2e10180d2420180d2230080d2440080d2020000d4007008d50020c01ae0058fd200c0b0f2410080d2a20080d2e30180d2640080d2020000d4e04c91d20080b0f2810180d2820180d2030180d2c40080d2020000d4000008d5e02a9ad200a0b8f2610080d2e20180d2e30080d2a40080d2020000d4000028d5200e99d20040b0f2410080d2a20080d2a30080d2840080d2020000d4"}}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x3a1}}, @code={0xa, 0xcc, {"0090805f007008d5406a85d20080b8f2410080d2a20180d2830180d2240080d2020000d440c393d200e0b0f2a10180d2220080d2430180d2840080d2020000d40048c01a40b395d20060b8f2e10180d2e20080d2630180d2840180d2020000d4e08489d200a0b8f2610180d2a20180d2430080d2c40080d2020000d4a0c082d200a0b8f2a10080d2620180d2830180d2e40180d2020000d4007008d5405092d20040b8f2810180d2a20180d2230180d2240180d2020000d4"}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff8, 0x2, 0xe}}, @svc={0x122, 0x40, {0xc400000c, [0x6, 0x1, 0xe, 0x88b, 0x3]}}, @eret={0xe6, 0x18, 0x7}, @hvc={0x32, 0x40, {0x80003fff, [0x5, 0x800, 0x10000, 0x1, 0x1000]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0xc00, 0xffffffffffffffff, 0xa}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0xde}}, @msr={0x14, 0x20, {0x603000000013f989, 0x28c}}, @svc={0x122, 0x40, {0x40000000, [0x4, 0x9, 0x6, 0x9ded, 0xce]}}, @irq_setup={0x46, 0x18, {0x0, 0x1f2}}, @uexit={0x0, 0x18, 0x5}, @svc={0x122, 0x40, {0x0, [0xe, 0x4, 0xb, 0x5, 0x5]}}, @eret={0xe6, 0x18, 0x5}], 0x538}, &(0x7f0000000580)=[@featur1={0x1, 0x88}], 0x1)
ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f00000005c0)=0x4)
ioctl$KVM_GET_ONE_REG(r0, 0x4010aeab, &(0x7f0000000640)=@riscv64_v={0x803000000900000e, &(0x7f0000000600)=0x9})
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3e)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil)
ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, &(0x7f0000000680)={0xa, [0x200, 0x81, 0x100000001, 0x6, 0x0, 0x8000, 0xffffffffffffffff, 0x9, 0x4, 0xf]})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$arm64(r1, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000780)=[{0x0, &(0x7f0000000700)=[@eret={0xe6, 0x18, 0x5}, @irq_setup={0x46, 0x18, {0x1, 0x1a2}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x2, 0xb, 0x2, 0x7, 0x2}}], 0x58}], 0x1, 0x0, &(0x7f00000007c0), 0x1)
ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f0000000800)={0x9, 0x7fff})
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000d00)={0x0, &(0x7f0000000840)=[@code={0xa, 0x6c, {"00b4207e000c0038007008d520b38fd20080b8f2210180d2820080d2630080d2240080d2020000d4008008d5808799d20020b8f2a10080d2220080d2a30080d2640080d2020000d40080400d000000d1000008d5008008d5"}}, @eret={0xe6, 0x18, 0x3}, @irq_setup={0x46, 0x18, {0x4, 0x1e0}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x3, 0x2, 0x7, 0x3, 0x3}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xf10, 0x4, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff4, 0x7, 0x2}}, @eret={0xe6, 0x18, 0xa}, @irq_setup={0x46, 0x18, {0x4, 0x379}}, @mrs={0xbe, 0x18, {0x603000000013e6d8}}, @mrs={0xbe, 0x18, {0x603000000013c080}}, @eret={0xe6, 0x18, 0x7fffffffffffffff}, @smc={0x1e, 0x40, {0x90a2dd54eaf5fab, [0x4, 0x9, 0x1000, 0xfffffffffffffff7, 0x2]}}, @mrs={0xbe, 0x18, {0x603000000013da28}}, @code={0xa, 0x84, {"1f000071000028d500ec207e60d887d20080b8f2810080d2a20080d2830180d2440180d2020000d4007008d50000009100004028007008d5400d8bd200a0b0f2a10080d2620080d2a30080d2a40180d2020000d4a0ce9cd200a0b8f2410180d2e20080d2c30080d2040180d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x1, 0x8, 0xe3, 0x0, 0x4}}, @code={0xa, 0x84, {"80ba82d20060b0f2e10180d2a20080d2a30180d2640180d2020000d4000008d5007008d540df91d20040b0f2810080d2820080d2230180d2440180d2020000d40084202e000008d5000008d5008008d5e09390d200a0b0f2e10180d2c20180d2830180d2c40080d2020000d4007008d5"}}, @smc={0x1e, 0x40, {0xffff, [0x100, 0x4, 0x2, 0xffc0000000000000, 0x80000000]}}, @svc={0x122, 0x40, {0x3f000000, [0x9, 0xc4, 0xa12, 0x5, 0x9]}}, @smc={0x1e, 0x40, {0x0, [0x2, 0x4, 0x7f, 0x8981, 0xfffffffffffffffb]}}, @uexit={0x0, 0x18, 0x8}, @irq_setup={0x46, 0x18, {0x1, 0x8f}}, @mrs={0xbe, 0x18, {0x603000000013c298}}, @svc={0x122, 0x40, {0x8400000e, [0x6, 0x24, 0x5, 0x1, 0x3]}}, @smc={0x1e, 0x40, {0xc4000003, [0x200, 0xfffffffffffffffa, 0x1, 0x0, 0x1ff]}}], 0x4ac}, &(0x7f0000000d40)=[@featur1={0x1, 0x80}], 0x1)
r4 = eventfd2(0xf, 0x800)
r5 = eventfd2(0x401, 0x180000)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000d80)={r4, 0x5, 0x0, r5})
ioctl$KVM_GET_REGS(r0, 0x8360ae81, &(0x7f0000000dc0))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000e80), 0x2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000ec0)={0x1ff, 0x6, 0x41000, 0x1000, &(0x7f0000ffd000/0x1000)=nil})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000f00), 0x200, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000f40)={r5, 0x4fb9, 0x2, r4})
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r6, 0x4010aeab, &(0x7f0000000f80)={0x0, 0xa000})
ioctl$KVM_ARM_SET_DEVICE_ADDR(r3, 0x4010aeab, &(0x7f0000000fc0)={0x3, 0x7000})
r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000001200)={0x0, &(0x7f0000001000)=[@code={0xa, 0x9c, {"0004000f0000af9e0040000e00c0206ea0bc84d200a0b8f2010080d2620080d2630180d2c40080d2020000d4208e9dd20060b8f2c10080d2820080d2a30080d2440180d2020000d4008008d580ab90d200e0b0f2410180d2220180d2230180d2040080d2020000d460c183d20000b8f2210180d2020080d2630180d2e40180d2020000d4007008d5"}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x0, 0x10000, 0x8}}, @hvc={0x32, 0x40, {0x80000002, [0x5, 0x4, 0x9, 0x1ff, 0x7]}}, @code={0xa, 0x6c, {"00a4004f007008d500a0df0c008008d50000289e00fc002f00a0a00de03b9fd20060b0f2a10180d2820080d2030180d2240080d2020000d4e0a09ed20040b8f2010080d2420180d2430080d2040180d2020000d4007008d5"}}, @code={0xa, 0x84, {"008008d5000028d5008008d5e0e48ed20080b0f2a10180d2c20180d2430180d2040080d2020000d4406692d20000b8f2210180d2a20080d2630080d2e40080d2020000d4007008d5001c0013202a91d20040b0f2410180d2620080d2630180d2840180d2020000d41f2003d5000c40fc"}}], 0x1fc}, &(0x7f0000001240)=[@featur2={0x1, 0x44}], 0x1)
ioctl$KVM_GET_STATS_FD_cpu(r7, 0xaece)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r1, 0x4010aeb5, &(0x7f0000001280)={0x0, 0x5})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000012c0)={0x86e, 0xe000, 0x2, r4, 0xe})
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r4, 0x4010aeb5, &(0x7f0000001300)={0x1, 0x4})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000001340)={0x2, 0xffffffffffffffff, 0x1})
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r6, 0x4010aeab, &(0x7f0000001380)={0x8001, 0x70000})
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000013c0)={r5, 0x108c})

2m29.625362963s ago: executing program 7 (id=1075):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x40200, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000ab8000/0x400000)=nil) (async)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) (async)
ioctl$KVM_IRQ_LINE_STATUS(r5, 0xc008ae67, &(0x7f0000000040)={0x10001, 0x10001})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000647000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x2000005, 0x4000010, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) (async, rerun: 32)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) (async, rerun: 32)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) (async)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000809000/0x400000)=nil) (async)
r10 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1) (async, rerun: 32)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0xe17fc0a5901f6157, 0x10, r6, 0x0) (rerun: 32)
syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000040)={0x0, 0x0}, 0x0, 0x0) (async, rerun: 32)
ioctl$KVM_RUN(r10, 0xae80, 0x0) (rerun: 32)
ioctl$KVM_CAP_DIRTY_LOG_RING(r5, 0x4068aea3, &(0x7f0000000180)={0xc0, 0x0, 0x8000})
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000100)="fb0149dd033be3ac2cc4a29ea6af8031d1dfd900080001000000315f9731c10d097fd66f8f1f44f9ffffffffffffffebb207000000000000000000002a2900", 0x0, 0x48)

2m24.360013444s ago: executing program 6 (id=1076):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000180)={0x80, 0xd5d77004, 0x4, r4})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$arm64(r6, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000280)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
syz_kvm_setup_cpu$arm64(r6, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000280)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000500)={0x2710, 0x1, 0x10000, 0x2000, &(0x7f0000000000/0x2000)=nil})
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
syz_kvm_add_vcpu$arm64(r1, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0) (async)
r7 = syz_kvm_add_vcpu$arm64(r1, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013df64, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df7f, 0x8000}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f00000002c0)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000000)=0x16}) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f00000002c0)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000000)=0x16})
r11 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000240)={0x4, 0x9, 0x1}})
ioctl$KVM_RUN(r10, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r10, 0xae80, 0x0)

2m5.407604344s ago: executing program 7 (id=1077):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x181b03, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xa2)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, 0x0) (async, rerun: 64)
r7 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (rerun: 64)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f0000000240)={0xdddd1000, 0x1000})
r10 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r6, 0x8040ae9f, &(0x7f0000000000)=@arm64)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r11=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r11, 0x400454d8, 0x110c23000a)

2m2.273518119s ago: executing program 6 (id=1078):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x25)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x1}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x3ee}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, &(0x7f0000000240)=[@irq_setup={0x5, 0x18}], 0x18}, 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x6000, 0x4, 0xa}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r10, 0x1, 0x100)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105})
ioctl$KVM_RUN(r8, 0xae80, 0x0)

1m40.255677308s ago: executing program 7 (id=1079):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f00000000c0)=@arm64_fw={0x6030000000140000, &(0x7f0000000080)=0xc6})
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000040)=[@mrs={0xbe, 0x18, {0x603000000013df61}}], 0x18}, &(0x7f0000000000)=[@featur1={0x1, 0x8}], 0x1)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0x80111500, 0x20000000)
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r9, 0x4068aea3, &(0x7f0000000500))
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f0000e5f000/0x3000)=nil, r10, 0x3, 0x13, r6, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000001c0)={0x6, 0x0, [{0x8, 0x3, 0x1, 0x0, @msi={0x9, 0x9, 0x60c9, 0x3}}, {0x80000001, 0x4, 0x1, 0x0, @msi={0x0, 0x7, 0x4, 0xe1c}}, {0xe47f, 0x2, 0x0, 0x0, @sint={0x10001, 0x3d2}}, {0x55, 0x1, 0x1, 0x0, @adapter={0x4237, 0xa, 0x6, 0x0, 0x6}}, {0x81, 0x4, 0x1, 0x0, @irqchip={0x4, 0xc}}, {0x7, 0x3, 0x1, 0x0, @sint={0x9, 0x3}}]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1m36.436263609s ago: executing program 6 (id=1080):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r4, 0x0)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r4, &(0x7f0000009000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x27)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x0, 0x0, 0x6, 0x0, 0x9}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x12, r4, 0x0)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000640)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xc0189436, 0x1ffffffc)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r10, 0x4010ae67, &(0x7f0000000180)={0x3000, 0x0, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r10, 0x4010ae67, &(0x7f0000000380)={0x2, 0x25000, 0x1})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r10, 0x4010ae68, &(0x7f0000000240)={0xe000, 0x10a000})

1m16.585882968s ago: executing program 7 (id=1081):
r0 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c000})
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, r0, 0xc, 0x10, 0xffffffffffffffff, 0x20000000)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r8, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000100)="3108e3dcda727dc1915f051fd6c6c2f2e9375df87e96815d61d15d9486ff9023dbaede6f1938adc7befee9d742312bd76c85b021554abc4cb72595c6e12f025cf0d600b249c982b5", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r8, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r10, 0xae03, 0x3)
r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = eventfd2(0xffff10c0, 0x801)
ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f0000000100)={0xf09, 0x8086000, 0x0, r14})
r15 = syz_kvm_add_vcpu$arm64(r13, &(0x7f00000002c0)={0x0, &(0x7f0000000580)=[@its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x0, 0xa, 0x3, 0x7, 0x2}}, @msr={0x14, 0x20, {0x603000000013e21b, 0x9}}, @its_send_cmd={0xaa, 0x28, {0x0, 0x1, 0x1, 0x1, 0xd740, 0x3, 0x1}}, @msr={0x14, 0x20, {0x603000000013da28, 0x1}}, @svc={0x122, 0x40, {0x84000003, [0xca, 0x1, 0x6, 0xfffffffffffffe01, 0xc3]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x100, 0x8, 0x2}}, @memwrite={0x6e, 0x30, @generic={0x3000, 0x1db, 0x100000001, 0x8}}, @mrs={0xbe, 0x18, {0x603000000013c111}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x1b7}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0xd00, 0x9, 0x1}}, @eret={0xe6, 0x18, 0x9}, @code={0xa, 0x6c, {"e0088ed20000b0f2410080d2220080d2e30080d2240180d2020000d41f00206b007008d50038201e0090204e005586d20000b8f2a10180d2c20080d2230080d2c40080d2020000d4008020c8007008d500808008007008d5"}}, @svc={0x122, 0x40, {0x84000006, [0x8, 0x100000000000008, 0x3, 0x8, 0x5]}}, @irq_setup={0x46, 0x18, {0x4, 0x178}}], 0x27c}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r12, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000240)={0xa})
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000180)={0x8, <r16=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r15, 0xae80, 0x0)
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x2827b2, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x3000)=nil, r4, 0x100000a, 0x4010, r5, 0x0)

1m9.823620991s ago: executing program 6 (id=1082):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
r4 = ioctl$KVM_GET_STATS_FD_cpu(r3, 0xaece)
r5 = eventfd2(0x4, 0x1)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000080)={r4, 0x9, 0x2, r5})
r6 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r3, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x34)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0xa, 0x4}})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r3, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x60871, 0x0)

50.065507141s ago: executing program 7 (id=1083):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) (async)
close(r1) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
r4 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r3, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) (async)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x1}}], 0x28}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r6, 0x3, 0xa0) (async)
r9 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x27)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x1}}], 0x28}, 0x0, 0x0) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000100)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000300)=@attr_arm64={0x0, 0x4, 0x4, 0x0}) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)

21.10332124s ago: executing program 38 (id=1082):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
r4 = ioctl$KVM_GET_STATS_FD_cpu(r3, 0xaece)
r5 = eventfd2(0x4, 0x1)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000080)={r4, 0x9, 0x2, r5})
r6 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r3, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x34)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0xa, 0x4}})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r3, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x60871, 0x0)

0s ago: executing program 39 (id=1083):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) (async)
close(r1) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
r4 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r3, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) (async)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x1}}], 0x28}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r6, 0x3, 0xa0) (async)
r9 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x27)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x1}}], 0x28}, 0x0, 0x0) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000100)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000300)=@attr_arm64={0x0, 0x4, 0x4, 0x0}) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

[  395.194003][   T25] audit: type=1400 audit(394.370:60): avc:  denied  { read } for  pid=3171 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  413.969828][ T3171] 8021q: adding VLAN 0 to HW filter on device bond0
[  463.446182][ T3171] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:13486' (ED25519) to the list of known hosts.
[  635.230840][   T25] audit: type=1400 audit(634.430:61): avc:  denied  { name_bind } for  pid=3331 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  636.179473][   T25] audit: type=1400 audit(635.380:62): avc:  denied  { execute } for  pid=3332 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  636.206519][   T25] audit: type=1400 audit(635.410:63): avc:  denied  { execute_no_trans } for  pid=3332 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  667.821853][   T25] audit: type=1400 audit(667.030:64): avc:  denied  { mounton } for  pid=3332 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  667.879828][   T25] audit: type=1400 audit(667.080:65): avc:  denied  { mount } for  pid=3332 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  667.976130][ T3332] cgroup: Unknown subsys name 'net'
[  668.052888][   T25] audit: type=1400 audit(667.260:66): avc:  denied  { unmount } for  pid=3332 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  668.559216][ T3332] cgroup: Unknown subsys name 'cpuset'
[  668.710692][ T3332] cgroup: Unknown subsys name 'rlimit'
[  669.692616][   T25] audit: type=1400 audit(668.900:67): avc:  denied  { setattr } for  pid=3332 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  669.713037][   T25] audit: type=1400 audit(668.920:68): avc:  denied  { mounton } for  pid=3332 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  669.741750][   T25] audit: type=1400 audit(668.950:69): avc:  denied  { mount } for  pid=3332 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  670.814514][ T3337] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  670.835028][   T25] audit: type=1400 audit(670.040:70): avc:  denied  { relabelto } for  pid=3337 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  670.862501][   T25] audit: type=1400 audit(670.070:71): avc:  denied  { write } for  pid=3337 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  671.061386][   T25] audit: type=1400 audit(670.260:72): avc:  denied  { read } for  pid=3332 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  671.082587][   T25] audit: type=1400 audit(670.280:73): avc:  denied  { open } for  pid=3332 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  671.134283][ T3332] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  729.173007][   T25] audit: type=1400 audit(728.380:74): avc:  denied  { execmem } for  pid=3338 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  733.041716][   T25] audit: type=1400 audit(732.230:75): avc:  denied  { read } for  pid=3341 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  733.058707][   T25] audit: type=1400 audit(732.260:76): avc:  denied  { open } for  pid=3341 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  733.140598][   T25] audit: type=1400 audit(732.330:77): avc:  denied  { mounton } for  pid=3340 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  733.366520][   T25] audit: type=1400 audit(732.570:78): avc:  denied  { module_request } for  pid=3340 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  734.428969][   T25] audit: type=1400 audit(733.630:79): avc:  denied  { sys_module } for  pid=3341 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  757.824573][ T3341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  758.216495][ T3341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  758.338388][ T3340] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  758.605047][ T3340] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  775.624753][ T3341] hsr_slave_0: entered promiscuous mode
[  775.689745][ T3341] hsr_slave_1: entered promiscuous mode
[  777.109094][ T3340] hsr_slave_0: entered promiscuous mode
[  777.142949][ T3340] hsr_slave_1: entered promiscuous mode
[  777.180741][ T3340] debugfs: 'hsr0' already exists in 'hsr'
[  777.188530][ T3340] Cannot create hsr debugfs directory
[  783.279847][   T25] audit: type=1400 audit(782.480:80): avc:  denied  { create } for  pid=3341 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  783.358678][   T25] audit: type=1400 audit(782.550:81): avc:  denied  { write } for  pid=3341 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  783.439454][   T25] audit: type=1400 audit(782.630:82): avc:  denied  { read } for  pid=3341 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  783.625011][ T3341] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  783.995030][ T3341] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  784.236437][ T3341] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  784.534144][ T3341] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  786.194654][ T3340] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  786.479819][ T3340] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  786.766251][ T3340] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  786.925281][ T3340] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  799.412640][ T3341] 8021q: adding VLAN 0 to HW filter on device bond0
[  802.291858][ T3340] 8021q: adding VLAN 0 to HW filter on device bond0
[  858.632509][ T3341] veth0_vlan: entered promiscuous mode
[  859.329866][ T3341] veth1_vlan: entered promiscuous mode
[  861.666453][ T3341] veth0_macvtap: entered promiscuous mode
[  861.874183][ T3340] veth0_vlan: entered promiscuous mode
[  862.054823][ T3341] veth1_macvtap: entered promiscuous mode
[  862.862099][ T3340] veth1_vlan: entered promiscuous mode
[  864.779503][   T43] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  864.791467][   T43] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  864.802545][   T43] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  864.838928][   T43] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  866.169936][ T3340] veth0_macvtap: entered promiscuous mode
[  866.800117][ T3340] veth1_macvtap: entered promiscuous mode
[  867.558876][   T25] audit: type=1400 audit(866.760:83): avc:  denied  { mount } for  pid=3341 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  867.899869][   T25] audit: type=1400 audit(867.100:84): avc:  denied  { mounton } for  pid=3341 comm="syz-executor" path="/syzkaller.xHi2fs/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  868.062780][   T25] audit: type=1400 audit(867.270:85): avc:  denied  { mount } for  pid=3341 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  868.333179][   T25] audit: type=1400 audit(867.540:86): avc:  denied  { mounton } for  pid=3341 comm="syz-executor" path="/syzkaller.xHi2fs/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  868.521585][   T25] audit: type=1400 audit(867.710:87): avc:  denied  { mounton } for  pid=3341 comm="syz-executor" path="/syzkaller.xHi2fs/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3759 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  869.280129][   T25] audit: type=1400 audit(868.470:88): avc:  denied  { unmount } for  pid=3341 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  869.404835][   T21] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  869.411591][   T21] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  869.424272][   T21] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  869.466059][   T21] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  869.684476][   T25] audit: type=1400 audit(868.890:89): avc:  denied  { mounton } for  pid=3341 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  869.851838][   T25] audit: type=1400 audit(869.060:90): avc:  denied  { mount } for  pid=3341 comm="syz-executor" name="/" dev="gadgetfs" ino=3768 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  870.122012][   T25] audit: type=1400 audit(869.330:91): avc:  denied  { mount } for  pid=3341 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  870.263714][   T25] audit: type=1400 audit(869.390:92): avc:  denied  { mounton } for  pid=3341 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  871.871819][ T3341] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  873.036107][   T25] kauditd_printk_skb: 2 callbacks suppressed
[  873.049267][   T25] audit: type=1400 audit(872.190:95): avc:  denied  { read write } for  pid=3341 comm="syz-executor" name="loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  873.050306][   T25] audit: type=1400 audit(872.230:96): avc:  denied  { open } for  pid=3341 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  873.051162][   T25] audit: type=1400 audit(872.230:97): avc:  denied  { ioctl } for  pid=3341 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  882.889930][   T25] audit: type=1400 audit(882.090:98): avc:  denied  { read } for  pid=3491 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  882.976244][   T25] audit: type=1400 audit(882.180:99): avc:  denied  { open } for  pid=3491 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  883.749908][   T25] audit: type=1400 audit(882.930:100): avc:  denied  { ioctl } for  pid=3491 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  896.881427][   T25] audit: type=1400 audit(896.080:101): avc:  denied  { write } for  pid=3500 comm="syz.1.4" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  914.136530][   T25] audit: type=1400 audit(913.340:102): avc:  denied  { ioctl } for  pid=3510 comm="syz.0.6" path="net:[4026532625]" dev="nsfs" ino=4026532625 ioctlcmd=0xb708 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  914.659203][   T25] audit: type=1400 audit(913.860:103): avc:  denied  { execute } for  pid=3510 comm="syz.0.6" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4112 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  926.223367][   T25] audit: type=1400 audit(925.420:104): avc:  denied  { append } for  pid=3514 comm="syz.0.7" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  927.680232][ T3515] kvm [3514]: Unsupported guest access at: eeef0000
[  927.680232][ T3515]  { Op0( 2), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read },
[  940.948780][   T25] audit: type=1400 audit(940.140:105): avc:  denied  { create } for  pid=3520 comm="syz.0.9" anonclass=[kvm-gmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  941.150058][   T25] audit: type=1400 audit(940.350:106): avc:  denied  { map } for  pid=3520 comm="syz.0.9" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=4405 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  941.228783][   T25] audit: type=1400 audit(940.420:107): avc:  denied  { read } for  pid=3520 comm="syz.0.9" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=4405 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1090.719460][   T25] audit: type=1400 audit(1089.870:108): avc:  denied  { map } for  pid=3621 comm="syz.1.39" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1090.801050][   T25] audit: type=1400 audit(1090.000:109): avc:  denied  { execute } for  pid=3621 comm="syz.1.39" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1440.481991][   T25] audit: type=1400 audit(1439.620:110): avc:  denied  { setattr } for  pid=3831 comm="syz.1.109" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1659.873171][ T3968] kvm [3968]: Failed to find VMA for hva 0x21016000
[ 1792.204052][ T4038] KVM: debugfs: duplicate directory 4038-10
[ 1792.696230][ T4038] KVM: debugfs: duplicate directory 4038-10
[ 1999.673207][   T25] audit: type=1400 audit(1998.880:111): avc:  denied  { execute } for  pid=4154 comm="syz.0.208" path=2F3130302FFF67521CD66F8F1F447D3570707CD24B7EEBB207 dev="tmpfs" ino=520 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 2132.988805][   T25] audit: type=1400 audit(2132.180:112): avc:  denied  { map } for  pid=4229 comm="syz.1.229" path="pipe:[2774]" dev="pipefs" ino=2774 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 2289.471064][ T4337] kvm [4337]: Failed to find VMA for hva 0x21016000
[ 2338.767839][    C0] hrtimer: interrupt took 982880 ns
[ 2365.171444][   T25] audit: type=1400 audit(2364.370:113): avc:  denied  { write } for  pid=4373 comm="syz.0.268" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=17723 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 2365.514103][   T25] audit: type=1400 audit(2364.720:114): avc:  denied  { ioctl } for  pid=4373 comm="syz.0.268" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=17723 ioctlcmd=0xae04 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 2415.085746][ T4404] kvm [4404]: Failed to find VMA for hva 0x20e51000
[ 3708.472988][ T5166] FAULT_INJECTION: forcing a failure.
[ 3708.472988][ T5166] name failslab, interval 1, probability 0, space 0, times 1
[ 3708.481457][ T5166] CPU: 0 UID: 0 PID: 5166 Comm: syz.1.505 Not tainted syzkaller #0 PREEMPT 
[ 3708.482093][ T5166] Hardware name: linux,dummy-virt (DT)
[ 3708.482568][ T5166] Call trace:
[ 3708.482989][ T5166]  show_stack+0x2c/0x3c (C)
[ 3708.484893][ T5166]  __dump_stack+0x30/0x40
[ 3708.485270][ T5166]  dump_stack_lvl+0xd8/0x12c
[ 3708.485607][ T5166]  dump_stack+0x1c/0x28
[ 3708.485932][ T5166]  should_fail_ex+0x56c/0x6d8
[ 3708.486160][ T5166]  should_failslab+0xb8/0xec
[ 3708.486444][ T5166]  __kmalloc_noprof+0xe8/0x680
[ 3708.486695][ T5166]  tomoyo_realpath_from_path+0xdc/0x628
[ 3708.487012][ T5166]  tomoyo_path_number_perm+0x13c/0x33c
[ 3708.487270][ T5166]  tomoyo_file_ioctl+0x2c/0x3c
[ 3708.487566][ T5166]  security_file_ioctl+0xe0/0x2cc
[ 3708.487880][ T5166]  __arm64_sys_ioctl+0xd0/0x244
[ 3708.488161][ T5166]  invoke_syscall+0x90/0x230
[ 3708.488446][ T5166]  el0_svc_common+0x120/0x2f4
[ 3708.488723][ T5166]  do_el0_svc+0x58/0x74
[ 3708.488994][ T5166]  el0_svc+0x5c/0x238
[ 3708.489269][ T5166]  el0t_64_sync_handler+0x84/0x12c
[ 3708.489563][ T5166]  el0t_64_sync+0x198/0x19c
[ 3708.620150][ T5166] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 4594.309985][   T43] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4595.511132][   T43] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4596.373761][   T43] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4597.555302][   T43] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4609.783080][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4609.885139][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4609.964415][   T43] bond0 (unregistering): Released all slaves
[ 4611.242000][   T43] hsr_slave_0: left promiscuous mode
[ 4611.280094][   T43] hsr_slave_1: left promiscuous mode
[ 4611.479743][   T43] veth1_macvtap: left promiscuous mode
[ 4611.483847][   T43] veth0_macvtap: left promiscuous mode
[ 4611.495790][   T43] veth1_vlan: left promiscuous mode
[ 4611.507647][   T43] veth0_vlan: left promiscuous mode
[ 4632.670896][ T5616] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4633.224209][ T5616] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4637.433575][   T43] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4638.763296][   T43] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4640.079830][   T43] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4641.075788][   T43] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4654.713236][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4654.796232][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4654.855962][   T43] bond0 (unregistering): Released all slaves
[ 4656.513279][   T43] hsr_slave_0: left promiscuous mode
[ 4656.572298][   T43] hsr_slave_1: left promiscuous mode
[ 4656.902689][   T43] veth1_macvtap: left promiscuous mode
[ 4656.906095][   T43] veth0_macvtap: left promiscuous mode
[ 4656.923889][   T43] veth1_vlan: left promiscuous mode
[ 4656.940030][   T43] veth0_vlan: left promiscuous mode
[ 4670.114224][ T5624] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4670.541318][ T5624] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4680.155185][ T5616] hsr_slave_0: entered promiscuous mode
[ 4680.243553][ T5616] hsr_slave_1: entered promiscuous mode
[ 4696.659688][ T5624] hsr_slave_0: entered promiscuous mode
[ 4696.719913][ T5624] hsr_slave_1: entered promiscuous mode
[ 4696.736533][ T5624] debugfs: 'hsr0' already exists in 'hsr'
[ 4696.785310][ T5624] Cannot create hsr debugfs directory
[ 4700.244160][ T5616] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 4700.573969][ T5616] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 4700.889094][ T5616] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 4702.081633][ T5616] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 4711.065797][ T5624] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 4711.389000][ T5624] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 4711.662650][ T5624] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 4711.945043][ T5624] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 4726.601281][ T5616] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4735.214869][ T5624] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4824.943456][ T5616] veth0_vlan: entered promiscuous mode
[ 4826.080390][ T5616] veth1_vlan: entered promiscuous mode
[ 4829.803558][ T5616] veth0_macvtap: entered promiscuous mode
[ 4830.562106][ T5616] veth1_macvtap: entered promiscuous mode
[ 4834.079425][ T5638] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4834.138201][ T5638] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4834.175896][ T5638] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4834.318969][ T5638] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4839.102623][ T5624] veth0_vlan: entered promiscuous mode
[ 4840.414968][ T5624] veth1_vlan: entered promiscuous mode
[ 4843.888696][ T5624] veth0_macvtap: entered promiscuous mode
[ 4844.541414][ T5624] veth1_macvtap: entered promiscuous mode
[ 4848.588421][ T5642] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4848.602174][   T43] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4848.816504][   T43] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4848.835961][   T43] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 6409.661054][ T6650] kvm [6650]: Failed to find VMA for hva 0x20c01000
[ 6746.146633][ T6817] FAULT_INJECTION: forcing a failure.
[ 6746.146633][ T6817] name failslab, interval 1, probability 0, space 0, times 0
[ 6746.191643][ T6817] CPU: 0 UID: 0 PID: 6817 Comm: syz.3.896 Not tainted syzkaller #0 PREEMPT 
[ 6746.192064][ T6817] Hardware name: linux,dummy-virt (DT)
[ 6746.192172][ T6817] Call trace:
[ 6746.192250][ T6817]  show_stack+0x2c/0x3c (C)
[ 6746.192594][ T6817]  __dump_stack+0x30/0x40
[ 6746.192914][ T6817]  dump_stack_lvl+0xd8/0x12c
[ 6746.193205][ T6817]  dump_stack+0x1c/0x28
[ 6746.193482][ T6817]  should_fail_ex+0x56c/0x6d8
[ 6746.193716][ T6817]  should_failslab+0xb8/0xec
[ 6746.193995][ T6817]  __kmalloc_noprof+0xe8/0x680
[ 6746.194228][ T6817]  tomoyo_realpath_from_path+0xdc/0x628
[ 6746.194501][ T6817]  tomoyo_path_number_perm+0x13c/0x33c
[ 6746.194772][ T6817]  tomoyo_file_ioctl+0x2c/0x3c
[ 6746.195081][ T6817]  security_file_ioctl+0xe0/0x2cc
[ 6746.195373][ T6817]  __arm64_sys_ioctl+0xd0/0x244
[ 6746.195659][ T6817]  invoke_syscall+0x90/0x230
[ 6746.195961][ T6817]  el0_svc_common+0x120/0x2f4
[ 6746.196233][ T6817]  do_el0_svc+0x58/0x74
[ 6746.196498][ T6817]  el0_svc+0x5c/0x238
[ 6746.196797][ T6817]  el0t_64_sync_handler+0x84/0x12c
[ 6746.197079][ T6817]  el0t_64_sync+0x198/0x19c
[ 6746.303867][ T6817] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 6772.215232][ T6835] FAULT_INJECTION: forcing a failure.
[ 6772.215232][ T6835] name failslab, interval 1, probability 0, space 0, times 0
[ 6772.263985][ T6835] CPU: 0 UID: 0 PID: 6835 Comm: syz.3.902 Not tainted syzkaller #0 PREEMPT 
[ 6772.264378][ T6835] Hardware name: linux,dummy-virt (DT)
[ 6772.264487][ T6835] Call trace:
[ 6772.264567][ T6835]  show_stack+0x2c/0x3c (C)
[ 6772.264951][ T6835]  __dump_stack+0x30/0x40
[ 6772.265243][ T6835]  dump_stack_lvl+0xd8/0x12c
[ 6772.265517][ T6835]  dump_stack+0x1c/0x28
[ 6772.265799][ T6835]  should_fail_ex+0x56c/0x6d8
[ 6772.266030][ T6835]  should_failslab+0xb8/0xec
[ 6772.266300][ T6835]  __kmalloc_noprof+0xe8/0x680
[ 6772.266534][ T6835]  tomoyo_encode+0x274/0x4e4
[ 6772.266844][ T6835]  tomoyo_realpath_from_path+0x5bc/0x628
[ 6772.267168][ T6835]  tomoyo_path_number_perm+0x13c/0x33c
[ 6772.267419][ T6835]  tomoyo_file_ioctl+0x2c/0x3c
[ 6772.267714][ T6835]  security_file_ioctl+0xe0/0x2cc
[ 6772.268017][ T6835]  __arm64_sys_ioctl+0xd0/0x244
[ 6772.268303][ T6835]  invoke_syscall+0x90/0x230
[ 6772.268577][ T6835]  el0_svc_common+0x120/0x2f4
[ 6772.268875][ T6835]  do_el0_svc+0x58/0x74
[ 6772.269154][ T6835]  el0_svc+0x5c/0x238
[ 6772.269435][ T6835]  el0t_64_sync_handler+0x84/0x12c
[ 6772.269724][ T6835]  el0t_64_sync+0x198/0x19c
[ 6772.418770][ T6835] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 7057.565923][ T6966] kvm [6965]: Unsupported guest access at: eeef0000
[ 7057.565923][ T6966]  { Op0( 2), Op1( 0), CRn( 0), CRm( 0), Op2( 2), func_write },
[ 7059.160465][ T6966] kvm [6966]: Failed to find VMA for hva 0x20d8d000
[ 7169.377842][   T25] audit: type=1400 audit(7168.490:115): avc:  denied  { execute } for  pid=7014 comm="syz.3.953" path="pipe:[36871]" dev="pipefs" ino=36871 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 7795.799853][ T6672] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7797.800347][ T6672] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7798.975492][ T6672] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7800.056278][ T6672] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7817.594254][ T6672] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 7817.784022][ T6672] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 7817.919795][ T6672] bond0 (unregistering): Released all slaves
[ 7819.694751][ T6672] hsr_slave_0: left promiscuous mode
[ 7819.800646][ T6672] hsr_slave_1: left promiscuous mode
[ 7821.252762][ T6672] veth1_macvtap: left promiscuous mode
[ 7821.281978][ T6672] veth0_macvtap: left promiscuous mode
[ 7821.296463][ T6672] veth1_vlan: left promiscuous mode
[ 7821.329378][ T6672] veth0_vlan: left promiscuous mode
[ 7849.592348][ T6672] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7850.999583][ T6672] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7852.345497][ T6672] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7853.351289][ T6672] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7871.470196][ T6672] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 7871.654118][ T6672] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 7871.971661][ T6672] bond0 (unregistering): Released all slaves
[ 7874.534841][ T6672] hsr_slave_0: left promiscuous mode
[ 7874.660901][ T6672] hsr_slave_1: left promiscuous mode
[ 7875.272031][ T6672] veth1_macvtap: left promiscuous mode
[ 7875.277677][ T6672] veth0_macvtap: left promiscuous mode
[ 7875.289863][ T6672] veth1_vlan: left promiscuous mode
[ 7875.314400][ T6672] veth0_vlan: left promiscuous mode
[ 7926.801124][ T7315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7927.046478][ T7315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7930.203322][ T7317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7930.462070][ T7317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7956.932664][ T7315] hsr_slave_0: entered promiscuous mode
[ 7957.050811][ T7315] hsr_slave_1: entered promiscuous mode
[ 7961.150755][ T7317] hsr_slave_0: entered promiscuous mode
[ 7961.222995][ T7317] hsr_slave_1: entered promiscuous mode
[ 7961.293395][ T7317] debugfs: 'hsr0' already exists in 'hsr'
[ 7961.327755][ T7317] Cannot create hsr debugfs directory
[ 7976.403316][ T7315] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 7977.229537][ T7315] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 7977.813403][ T7315] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 7979.075929][ T7315] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 7982.282564][ T7317] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 7982.691459][ T7317] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 7983.102655][ T7317] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 7983.402538][ T7317] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 8010.732308][ T7315] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8016.495017][ T7317] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8155.742342][ T7315] veth0_vlan: entered promiscuous mode
[ 8156.713449][ T7315] veth1_vlan: entered promiscuous mode
[ 8160.802749][ T7315] veth0_macvtap: entered promiscuous mode
[ 8161.831773][ T7315] veth1_macvtap: entered promiscuous mode
[ 8162.885327][ T7317] veth0_vlan: entered promiscuous mode
[ 8164.985566][ T7317] veth1_vlan: entered promiscuous mode
[ 8167.763602][ T5629] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8167.770823][ T5629] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8167.805550][ T5629] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8168.029591][ T5629] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8171.906542][ T7317] veth0_macvtap: entered promiscuous mode
[ 8173.175042][ T7317] veth1_macvtap: entered promiscuous mode
[ 8178.190647][ T7459] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8178.429208][ T7459] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8178.485314][ T7459] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8178.648607][ T7459] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8315.745516][ T7641] kvm [7641]: Failed to find VMA for hva 0x21016000
[ 8427.169005][ T3440] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8429.743700][ T3440] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8433.311096][ T3440] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8435.125077][ T3440] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8462.353439][ T3440] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 8462.585896][ T3440] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 8462.770971][ T3440] bond0 (unregistering): Released all slaves
[ 8465.676411][ T3440] hsr_slave_0: left promiscuous mode
[ 8466.155060][ T3440] hsr_slave_1: left promiscuous mode
[ 8467.767598][ T3440] veth1_macvtap: left promiscuous mode
[ 8467.769385][ T3440] veth0_macvtap: left promiscuous mode
[ 8467.800751][ T3440] veth1_vlan: left promiscuous mode
[ 8467.824020][ T3440] veth0_vlan: left promiscuous mode
[ 8511.170784][ T6373] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8512.605020][ T6373] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8514.129990][ T6373] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8515.473131][ T6373] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8535.114180][ T6373] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 8535.413284][ T6373] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 8535.630275][ T6373] bond0 (unregistering): Released all slaves
[ 8538.732951][ T6373] hsr_slave_0: left promiscuous mode
[ 8538.836313][ T6373] hsr_slave_1: left promiscuous mode
[ 8539.604648][ T6373] veth1_macvtap: left promiscuous mode
[ 8539.606029][ T6373] veth0_macvtap: left promiscuous mode
[ 8539.623907][ T6373] veth1_vlan: left promiscuous mode
[ 8539.678848][ T6373] veth0_vlan: left promiscuous mode
[ 8608.514677][ T7688] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8609.994435][ T7688] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8610.341444][ T7691] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8610.605291][ T7691] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8645.862473][ T7688] hsr_slave_0: entered promiscuous mode
[ 8645.888764][ T7688] hsr_slave_1: entered promiscuous mode
[ 8647.092500][ T7691] hsr_slave_0: entered promiscuous mode
[ 8647.123406][ T7691] hsr_slave_1: entered promiscuous mode
[ 8647.144459][ T7691] debugfs: 'hsr0' already exists in 'hsr'
[ 8647.149310][ T7691] Cannot create hsr debugfs directory
[ 8671.184000][ T7688] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 8672.285528][ T7688] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 8673.018767][ T7688] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 8673.842529][ T7688] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 8681.638618][ T7691] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 8682.173286][ T7691] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 8682.755614][ T7691] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 8683.306165][ T7691] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 8712.652534][ T7688] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8720.622472][ T7691] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8885.755022][ T7688] veth0_vlan: entered promiscuous mode
[ 8887.325250][ T7688] veth1_vlan: entered promiscuous mode
[ 8892.202763][ T7688] veth0_macvtap: entered promiscuous mode
[ 8893.659782][ T7688] veth1_macvtap: entered promiscuous mode
[ 8894.503364][ T7691] veth0_vlan: entered promiscuous mode
[ 8896.841507][ T7691] veth1_vlan: entered promiscuous mode
[ 8900.450152][ T5629] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8900.669810][ T3440] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8900.858210][ T7845] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8900.862053][ T7845] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8905.783458][ T7691] veth0_macvtap: entered promiscuous mode
[ 8907.745527][ T7691] veth1_macvtap: entered promiscuous mode
[ 8914.699342][ T7845] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8914.743800][ T7696] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8914.834798][ T7696] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8914.891299][ T7459] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 9439.919996][ T8117] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 9440.516039][ T8117] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 9461.030761][ T8127] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 9461.670481][ T8127] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 9500.200625][ T8117] hsr_slave_0: entered promiscuous mode
[ 9500.355650][ T8117] hsr_slave_1: entered promiscuous mode
[ 9500.570073][ T8117] debugfs: 'hsr0' already exists in 'hsr'
[ 9500.588953][ T8117] Cannot create hsr debugfs directory
[ 9524.393822][ T8127] hsr_slave_0: entered promiscuous mode
[ 9524.522498][ T8127] hsr_slave_1: entered promiscuous mode
[ 9524.634859][ T8127] debugfs: 'hsr0' already exists in 'hsr'
[ 9524.655364][ T8127] Cannot create hsr debugfs directory
[ 9540.498506][ T8117] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 9543.215506][ T8117] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 9543.940111][ T8117] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 9545.420152][ T8117] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 9564.853536][ T8127] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 9565.615769][ T8127] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 9566.466334][ T8127] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 9567.126285][ T8127] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 9605.645438][ T8117] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9620.454524][ T8127] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9699.209380][   T27] INFO: task syz.7.1083:8105 blocked for more than 430 seconds.
[ 9699.219336][   T27]       Not tainted syzkaller #0
[ 9699.290588][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 9699.320283][   T27] task:syz.7.1083      state:D stack:0     pid:8105  tgid:8105  ppid:7691   task_flags:0x400040 flags:0x00000011
[ 9699.321692][   T27] Call trace:
[ 9699.322106][   T27]  __switch_to+0x584/0xb00 (T)
[ 9699.322695][   T27]  __schedule+0x200c/0x3428
[ 9699.323189][   T27]  schedule+0xac/0x27c
[ 9699.323622][   T27]  schedule_timeout+0x68/0x1ec
[ 9699.324128][   T27]  do_wait_for_common+0x28c/0x440
[ 9699.324567][   T27]  wait_for_completion+0x44/0x5c
[ 9699.325040][   T27]  __synchronize_srcu+0x2a4/0x320
[ 9699.325526][   T27]  synchronize_srcu+0x3d0/0x4f8
[ 9699.326035][   T27]  mmu_notifier_unregister+0x320/0x428
[ 9699.326518][   T27]  kvm_put_kvm+0x698/0xbe0
[ 9699.503620][   T27]  kvm_vm_release+0x58/0x78
[ 9699.511519][   T27]  __fput+0x4ac/0x978
[ 9699.512207][   T27]  ____fput+0x20/0x58
[ 9699.513127][   T27]  task_work_run+0x1b8/0x250
[ 9699.513613][   T27]  exit_to_user_mode_loop+0x110/0x188
[ 9699.514100][   T27]  el0_svc+0x17c/0x238
[ 9699.514581][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 9699.515108][   T27]  el0t_64_sync+0x198/0x19c
SYZFAIL: failed to recv rpc
[ 9699.652172][   T27] 
[ 9699.652172][   T27] Showing all locks held in the system:
[ 9699.678159][   T27] 1 lock held by khungtaskd/27:
[ 9699.678693][   T27]  #0: ffff800087a86d08 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x0/0x44
[ 9699.681874][   T27] 1 lock held by dhcpcd/3171:
[ 9699.682265][   T27] 2 locks held by getty/3200:
[ 9699.682609][   T27]  #0: bbf000001242a8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 9699.684401][   T27]  #1: 81ff80008c80b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x308/0x1234
[ 9699.686110][   T27] 2 locks held by syz-executor/3332:
[ 9699.686423][   T27] 3 locks held by kworker/u4:8/3440:
[ 9699.860928][   T27] 3 locks held by kworker/u4:4/5629:
[ 9699.862207][   T27] 3 locks held by kworker/u4:10/5767:
[ 9699.872270][   T27] 2 locks held by kworker/u4:6/7321:
[ 9699.872752][   T27]  #0: def000000cc26948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a10
[ 9699.874824][   T27]  #1: ffff80008e317c88 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a10
[ 9699.876482][   T27] 3 locks held by kworker/u4:11/7332:
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 9699.994870][   T27] 2 locks held by kworker/u4:12/7459:
[ 9700.064473][   T27] 3 locks held by kworker/u4:9/7696:
[ 9700.065033][   T27] 3 locks held by kworker/u4:14/7845:
[ 9700.065379][   T27] 3 locks held by kworker/u4:2/8098:
[ 9700.065694][   T27] 2 locks held by syz.6.1082/8099:
[ 9700.066007][   T27] 1 lock held by syz-executor/8127:
[ 9700.066342][   T27] 3 locks held by kworker/u4:17/8249:
[ 9700.091636][   T27] 
[ 9700.100174][   T27] =============================================
[ 9700.100174][   T27] 
[ 9700.101249][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[ 9700.105611][   T27] CPU: 0 UID: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT 
[ 9700.106849][   T27] Hardware name: linux,dummy-virt (DT)
[ 9700.107635][   T27] Call trace:
[ 9700.108294][   T27]  show_stack+0x2c/0x3c (C)
[ 9700.109239][   T27]  __dump_stack+0x30/0x40
[ 9700.110138][   T27]  dump_stack_lvl+0x30/0x12c
[ 9700.111041][   T27]  dump_stack+0x1c/0x28
[ 9700.111823][   T27]  vpanic+0x1d4/0x4e4
[ 9700.112572][   T27]  vpanic+0x0/0x4e4
[ 9700.113332][   T27]  hung_task_panic+0x0/0x2c
[ 9700.114196][   T27]  kthread+0x794/0x99c
[ 9700.115042][   T27]  ret_from_fork+0x10/0x20
[ 9700.116794][   T27] Kernel Offset: disabled
[ 9700.117448][   T27] CPU features: 0x0000000,001a3005,fbe327a1,057ffe1f
[ 9700.118457][   T27] Memory Limit: none
[ 9700.120630][   T27] Rebooting in 86400 seconds..