last executing test programs:

41m49.978562148s ago: executing program 0 (id=456):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xe7)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xd)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0xa})
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1e)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0xe}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r6, 0x100000000001, 0x10)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000100)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_SIGNAL_MSI(r6, 0x4020aea5, &(0x7f0000000200)={0x8090040, 0x0, 0x0, 0x1})
r10 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r10, 0x4010aeab, &(0x7f00000001c0)=@arm64_extra={0x603000000013c036, &(0x7f00000000c0)=0x7a34b937})
openat$kvm(0x0, &(0x7f0000000140), 0x42881, 0x0)
mmap$KVM_VCPU(&(0x7f0000d03000/0x3000)=nil, 0x930, 0x1, 0x1c0010, r1, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x36)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0x40086602, 0x8000000400000004)
r13 = syz_kvm_vgic_v3_setup(r12, 0x1, 0x100)
ioctl$KVM_GET_API_VERSION(r13, 0xae00, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r14 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r15, 0x4040ae79, &(0x7f0000000000)={0x0, 0xf000, 0x1, 0xffffffffffffffff, 0x20})

41m37.378765692s ago: executing program 0 (id=458):
r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r0, 0x4068aea3, &(0x7f0000000000)={0xdf, 0x0, 0x2000})
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000000c0)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000000)=0x1b})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x6b0e03, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x25)
r6 = syz_kvm_vgic_v3_setup(r5, 0x4, 0x140)
ioctl$KVM_GET_API_VERSION(r6, 0xae00, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000140)=@arm64_core={0x6030000000100026, &(0x7f0000000100)=0x8})
ioctl$KVM_HAS_DEVICE_ATTR_vm(r0, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x400, 0x1, &(0x7f0000000080)=0x40})

41m32.457710254s ago: executing program 1 (id=459):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, r0, 0x0)

41m24.548691171s ago: executing program 0 (id=460):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x181b03, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x181b03, 0x0)
openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000040)={0x5})
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x80001, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VM(r5, 0x400454de, 0x31)

41m24.224796592s ago: executing program 1 (id=461):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e1d000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000000000/0x400000)=nil)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r1, 0x4010aeb5, 0x0)

41m14.325335599s ago: executing program 1 (id=462):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x4})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x20)
ioctl$KVM_IRQ_LINE(r5, 0x4008ae61, &(0x7f0000000000)={0x1, 0x10})
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x8040aeb6, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0})

41m13.980351062s ago: executing program 0 (id=463):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x88942, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xc0189436, 0x172)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000100)=@arm64_sve={0x6080000000150439, 0x0})

41m6.826527049s ago: executing program 0 (id=464):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x422502, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac4e37c4005a9614fbff67521ce16f8f09449a7a836b73312954000000000000000000000000000000000000000000000000000000dc6900", 0x0, 0x2e)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x88c80, 0x0)

41m5.815442315s ago: executing program 1 (id=465):
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r1, 0x4010aeab, &(0x7f0000000000)={0x7fffffff, 0x8000001})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_GET_MP_STATE(r4, 0x8004ae98, 0xffffffffffffffff)
mmap$KVM_VCPU(&(0x7f0000eee000/0x1000)=nil, 0x930, 0x300000d, 0x6832, r4, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)

40m59.835854426s ago: executing program 0 (id=466):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f0000fd6000/0x3000)=nil, 0x3000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x119602, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, 0xfffffffffffffffe)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0x40086602, 0x110e22ffff)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x300000b, 0x10, 0xffffffffffffffff, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x33)
openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x25)
syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
syz_kvm_vgic_v3_setup(r6, 0x0, 0x60)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000280)={0x0, 0x38})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000140)={0xc, 0xfff9, 0x1}})
r8 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r9 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x7)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x5)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r8, 0x1, 0x240)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x8, <r12=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x8})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x455, 0x7632, &(0x7f0000000000)=0x7})
ioctl$KVM_RUN(r11, 0xae80, 0x0)

40m55.926986961s ago: executing program 1 (id=467):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_vgic_v3_setup(r1, 0xffffffffffbffffc, 0x120)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="3200002000000000400000000000000000000005000000009d090000010000000300000000000000fbfffffffffffffff9ffffffffffffff0300000000000000be000000000000001800000000000000b3de130000003060aa00000000000000280000000000000005010200000009000000fdffffffff0000000100000000006e00000000000000300000000000000000000e0800000000d0ff00000000000000000030000000000b00000000000000460000000000000018000000000000000000000059010000aa00000000000000280000000000000003000400000005000000030000000700000004000000000082000000000000002800000000000000030000000000000001000000000000000100000000000000be00000000000000180000000000000064c6130000003060460000000000000018000000000000000200000049020000320000000000000040000000000000000000000300000000050000000000000005000000000000008a040000000000000100010000000000050000000000ea06000000000000000028000000000000000501010000000700000007000000070000000100000000001e00000000000000400000000000000050000084000000000600000000000000feffffffffffffff000000f8ffffffff07000000000000000200000000000000be0000000000000018000000000000004f801300000030601e00000000000000400000000000000001ff008600000000070000000000000000000000000000040800000000000000060000000000000008000000000000003200000000000000400000000000000000000080000000004000000000000000070000000000000001000000000000000600000000000000001000000000000022010000000000004000000000000000010000c400000000de05000000000000ff03000000000000070000"], 0x300}], 0x1, 0x0, 0x0, 0x0)

40m47.126321056s ago: executing program 1 (id=468):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x20000000)
ioctl$KVM_CREATE_VM(r1, 0x541b, 0x10000000000000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r2 = openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0x801c581f, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bc2000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000040)="68d3d4a6759ba655d47872b6bf881ba5dbca1c84a0779749", 0x0, 0x18)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000500)={0x2, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)

40m13.617367482s ago: executing program 32 (id=466):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f0000fd6000/0x3000)=nil, 0x3000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x119602, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, 0xfffffffffffffffe)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0x40086602, 0x110e22ffff)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x300000b, 0x10, 0xffffffffffffffff, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x33)
openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x25)
syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
syz_kvm_vgic_v3_setup(r6, 0x0, 0x60)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000280)={0x0, 0x38})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000140)={0xc, 0xfff9, 0x1}})
r8 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r9 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x7)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x5)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r8, 0x1, 0x240)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x8, <r12=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x8})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x455, 0x7632, &(0x7f0000000000)=0x7})
ioctl$KVM_RUN(r11, 0xae80, 0x0)

40m0.235058715s ago: executing program 33 (id=468):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x20000000)
ioctl$KVM_CREATE_VM(r1, 0x541b, 0x10000000000000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r2 = openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0x801c581f, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bc2000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000040)="68d3d4a6759ba655d47872b6bf881ba5dbca1c84a0779749", 0x0, 0x18)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000500)={0x2, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)

27m53.11474926s ago: executing program 3 (id=514):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x101e40, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000b75000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r6, 0x1, 0x500)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_setup_cpu$arm64(r6, r8, &(0x7f00009a7000/0x400000)=nil, &(0x7f0000000300)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
r9 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, &(0x7f0000000000)=[@hvc={0x32, 0x40, {0x84000051, [0x84000051, 0x7, 0x9, 0x9, 0x7fff]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000100)={0x8, <r12=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r12, 0x4018aee2, &(0x7f00000001c0)=@attr_other={0x0, 0x20004000, 0xfffffffffffffffd, 0x0})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x4000, 0x13000, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000380)={0x2, 0x25000, 0x1})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f00000003c0)={0x4, 0xa7e9ea20e9018807, 0x1})
r13 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}, @msr={0x14, 0x20, {0x603000000013dce0, 0x8001}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r16, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r16, 0xae80, 0x0)
r17 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r18 = ioctl$KVM_CREATE_VM(r17, 0xae01, 0x25)
syz_kvm_vgic_v3_setup(r18, 0x1, 0x100)

27m31.454512058s ago: executing program 3 (id=517):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000000), 0x222000, 0x0)
r2 = openat$kvm(0x0, &(0x7f00000001c0), 0x1, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_GUEST_MEMFD(r5, 0xc040aed4, 0xfffffffffffffffe)
r6 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f00009ab000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000100)=@arm64_fw={0x6030000000140002, &(0x7f00000000c0)=0x1})
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
write$eventfd(0xffffffffffffffff, &(0x7f00000000c0)=0x3, 0x8)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, <r11=>0xffffffffffffffff, 0x1})
r12 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1)
r13 = mmap$KVM_VCPU(&(0x7f0000a6c000/0x4000)=nil, 0x930, 0x3800002, 0x11, r12, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f0000000180)="f30138dd56bf00e2004b584bd92e00000f00000000000100010000020000000083f402000000235acbd98700000000000200", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r12, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x40305839, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x100000000000000, 0x0})

27m15.745515711s ago: executing program 3 (id=519):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000240)}, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_cpu$arm64(r5, r3, &(0x7f0000b7b000/0x400000)=nil, &(0x7f00000000c0)=[{0x0, &(0x7f0000000140)=[@code={0xa, 0x84, {"007008d50058000e0020000e00409f0ce03692d20080b0f2c10180d2a20180d2430080d2040180d2020000d40060df0c00ac200ee07b97d200e0b0f2410180d2020080d2e30180d2640180d2020000d4a03882d20060b0f2010080d2220080d2a30180d2240080d2020000d4001c602e"}}, @svc={0x122, 0x40, {0xc4000004, [0x6, 0x9, 0x6, 0x80000000, 0x9]}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x4, 0xf, 0x3ff, 0x3}}, @svc={0x122, 0x40, {0x8400000e, [0x3, 0x7, 0x1, 0x9, 0x1]}}, @memwrite={0x6e, 0x30, @generic={0xeeee0000, 0xbe7, 0x3, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x3, 0xa, 0x1, 0x400, 0x3}}, @code={0xa, 0x84, {"608490d20040b8f2a10080d2c20080d2630180d2840080d2020000d41f0000ab209480d20040b8f2a10180d2220180d2830080d2240180d2020000d4007008d5000028d5001c00130040202e00000034805f90d20040b0f2610080d2c20180d2230180d2440180d2020000d4007008d5"}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x2, 0xa, 0x9, 0x4, 0x4}}, @uexit={0x0, 0x18, 0xfffffffffffffff8}, @uexit={0x0, 0x18, 0x8}, @svc={0x122, 0x40, {0x6000000, [0x3, 0x87e, 0x7, 0x6, 0x5]}}, @memwrite={0x6e, 0x30, @generic={0x41000, 0x325, 0x3, 0x8}}, @irq_setup={0x46, 0x18, {0x3, 0x1ea}}, @smc={0x1e, 0x40, {0x80000000, [0x5, 0xed10, 0x8, 0x6, 0xae3]}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x4, 0x3, 0x7, 0x6, 0x1}}, @msr={0x14, 0x20, {0x603000000013c645, 0x100000001}}, @mrs={0xbe, 0x18, {0x603000000013def0}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x2, 0x2, 0x0, 0xfff, 0x4}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x180, 0x200, 0x1}}, @svc={0x122, 0x40, {0x8000, [0x7, 0x56b, 0x8000000000000001, 0x7, 0x6]}}, @memwrite={0x6e, 0x30, @generic={0x30000, 0x3e0, 0xfffffffffffffff7, 0x4}}, @smc={0x1e, 0x40, {0x84000001, [0x7, 0xca, 0x0, 0x6, 0x400]}}, @uexit={0x0, 0x18, 0xc1ff}, @irq_setup={0x46, 0x18, {0x1, 0x308}}, @uexit={0x0, 0x18, 0x7fffffff}], 0x4d8}], 0x1, 0x0, &(0x7f0000000640)=[@featur2={0x1, 0x14}], 0x1)
syz_kvm_vgic_v3_setup(r5, 0x3, 0xa0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000100)={0x8})
ioctl$KVM_CAP_DIRTY_LOG_RING(r5, 0x4068aea3, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000240)}, 0x0, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_setup_cpu$arm64(r5, r3, &(0x7f0000b7b000/0x400000)=nil, &(0x7f00000000c0)=[{0x0, &(0x7f0000000140)=[@code={0xa, 0x84, {"007008d50058000e0020000e00409f0ce03692d20080b0f2c10180d2a20180d2430080d2040180d2020000d40060df0c00ac200ee07b97d200e0b0f2410180d2020080d2e30180d2640180d2020000d4a03882d20060b0f2010080d2220080d2a30180d2240080d2020000d4001c602e"}}, @svc={0x122, 0x40, {0xc4000004, [0x6, 0x9, 0x6, 0x80000000, 0x9]}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x4, 0xf, 0x3ff, 0x3}}, @svc={0x122, 0x40, {0x8400000e, [0x3, 0x7, 0x1, 0x9, 0x1]}}, @memwrite={0x6e, 0x30, @generic={0xeeee0000, 0xbe7, 0x3, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x3, 0xa, 0x1, 0x400, 0x3}}, @code={0xa, 0x84, {"608490d20040b8f2a10080d2c20080d2630180d2840080d2020000d41f0000ab209480d20040b8f2a10180d2220180d2830080d2240180d2020000d4007008d5000028d5001c00130040202e00000034805f90d20040b0f2610080d2c20180d2230180d2440180d2020000d4007008d5"}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x2, 0xa, 0x9, 0x4, 0x4}}, @uexit={0x0, 0x18, 0xfffffffffffffff8}, @uexit={0x0, 0x18, 0x8}, @svc={0x122, 0x40, {0x6000000, [0x3, 0x87e, 0x7, 0x6, 0x5]}}, @memwrite={0x6e, 0x30, @generic={0x41000, 0x325, 0x3, 0x8}}, @irq_setup={0x46, 0x18, {0x3, 0x1ea}}, @smc={0x1e, 0x40, {0x80000000, [0x5, 0xed10, 0x8, 0x6, 0xae3]}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x4, 0x3, 0x7, 0x6, 0x1}}, @msr={0x14, 0x20, {0x603000000013c645, 0x100000001}}, @mrs={0xbe, 0x18, {0x603000000013def0}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x2, 0x2, 0x0, 0xfff, 0x4}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x180, 0x200, 0x1}}, @svc={0x122, 0x40, {0x8000, [0x7, 0x56b, 0x8000000000000001, 0x7, 0x6]}}, @memwrite={0x6e, 0x30, @generic={0x30000, 0x3e0, 0xfffffffffffffff7, 0x4}}, @smc={0x1e, 0x40, {0x84000001, [0x7, 0xca, 0x0, 0x6, 0x400]}}, @uexit={0x0, 0x18, 0xc1ff}, @irq_setup={0x46, 0x18, {0x1, 0x308}}, @uexit={0x0, 0x18, 0x7fffffff}], 0x4d8}], 0x1, 0x0, &(0x7f0000000640)=[@featur2={0x1, 0x14}], 0x1) (async)
syz_kvm_vgic_v3_setup(r5, 0x3, 0xa0) (async)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000100)={0x8}) (async)
ioctl$KVM_CAP_DIRTY_LOG_RING(r5, 0x4068aea3, &(0x7f0000000000)) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)

27m3.036767331s ago: executing program 3 (id=521):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x602, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x300000b, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000647000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x800454e0, 0x1000110c230000)
r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r3, 0x0, 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000380)}, 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce2, 0x7ffe}}, @smc={0x1e, 0x40, {0xc4000007, [0x8, 0x9, 0x5, 0x7fff, 0x5]}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(0xffffffffffffffff, 0x4018aee1, 0x0)
r9 = syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0xffffffffffbffffc, 0x120)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000001000/0x2000)=nil, 0x930, 0x2000003, 0x4120932, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x3})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x5, 0x0, &(0x7f0000000000)=0x6})
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)

26m48.47663819s ago: executing program 3 (id=523):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
r6 = ioctl$KVM_CREATE_VM(r5, 0x894c, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xb701, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xb704, 0xfffffffffffffffe)
r8 = ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, &(0x7f0000000040)={0x1000200001fe0000, 0x3})
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2)
r11 = syz_kvm_vgic_v3_setup(r10, 0x20000004, 0x60)
ioctl$KVM_GET_DEVICE_ATTR(r11, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x1, 0x800000000208, &(0x7f00000004c0)=0x1})
r12 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r13, 0x4008ae6a, &(0x7f0000000180)={0x555555555555685, 0x0, [{0x16, 0x3, 0x9e4c4163b50e7e4c, 0x0, @irqchip={0x9, 0x58807fc3}}]})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x1, 0x5, 0xb, 0x0, 0x2, 0x6, 0x6, 0x9, 0x8, 0x8, 0x6, 0x2, 0x0, 0x6, 0x6, 0xe2, 0x1, 0x29, 0x0, '\x00', 0x10, 0x6})
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r15, 0xc00caee0, &(0x7f0000000140)={0x4, <r16=>0xffffffffffffffff, 0x1})
write$eventfd(r16, &(0x7f00000001c0), 0xe80)
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x6000, 0x2000, &(0x7f0000ffc000/0x2000)=nil, 0x100000000000000, r8})

26m27.944614675s ago: executing program 3 (id=525):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x5d)
r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x100, 0x8, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x802, 0x0, 0x0, 0x80, 0x2}}], 0x58}, 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010003c, &(0x7f0000000140)=0x7})
ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f00000000c0)=@arm64_fw={0x6030000000140001, &(0x7f00000003c0)=0x6})
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r13=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x5, 0xb, 0x0, 0x2, 0x6, 0x6, 0x9, 0x8, 0x89, 0x2, 0x2, 0x0, 0x6, 0x6, 0xe2, 0x3, 0x29, 0x0, '\x00', 0x10, 0x6})
r16 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r17 = ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0)
r18 = ioctl$KVM_CREATE_VCPU(r17, 0xae41, 0x2)
ioctl$KVM_GET_MP_STATE(r18, 0x8004ae98, 0xffffffffffffffff)
ioctl$KVM_CREATE_DEVICE(r15, 0xc00caee0, &(0x7f0000000140)={0x4, <r19=>0xffffffffffffffff, 0x1})
write$eventfd(r19, &(0x7f00000001c0), 0xe80)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

25m41.49492767s ago: executing program 34 (id=525):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x5d)
r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x100, 0x8, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x802, 0x0, 0x0, 0x80, 0x2}}], 0x58}, 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010003c, &(0x7f0000000140)=0x7})
ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f00000000c0)=@arm64_fw={0x6030000000140001, &(0x7f00000003c0)=0x6})
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r13=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x5, 0xb, 0x0, 0x2, 0x6, 0x6, 0x9, 0x8, 0x89, 0x2, 0x2, 0x0, 0x6, 0x6, 0xe2, 0x3, 0x29, 0x0, '\x00', 0x10, 0x6})
r16 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r17 = ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0)
r18 = ioctl$KVM_CREATE_VCPU(r17, 0xae41, 0x2)
ioctl$KVM_GET_MP_STATE(r18, 0x8004ae98, 0xffffffffffffffff)
ioctl$KVM_CREATE_DEVICE(r15, 0xc00caee0, &(0x7f0000000140)={0x4, <r19=>0xffffffffffffffff, 0x1})
write$eventfd(r19, &(0x7f00000001c0), 0xe80)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

11m40.26127141s ago: executing program 2 (id=609):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r5, 0x400454d0, 0x7ffffffd)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r9, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, r9, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, r9, 0x100000f, 0x80010, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, r9, 0x6000002, 0x4d832, 0xffffffffffffffff, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000000)={0x0, &(0x7f00000002c0)=[@code={0xa, 0x99, {"007008d5000028d5400c9dd200c0b8f2410080d200808048a30180d2c40080d2020000d40080201f00f4006f40a48ed20000b8f2e10080d2430180d2200180d21f1f0000d40000802d20bd8dd20020b0f2c10180d2820080d2030080d2c40080d2020000d4200695d200a0b0f2e10180d2620180d2030080d2a40180d2020000d4000008d5"}}], 0x99}, 0x0, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r12, 0x3, 0x40b2811, r11, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)

11m26.728291875s ago: executing program 4 (id=610):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_vgic_v3_setup(r1, 0xffffffffffbffffc, 0x120)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="3200000020000000400000000000000000000005000000009d090000010000000300000000000000fbfffffffffffffff9ffffffffffffff0300000000000000be000000000000001800000000000000b3de130000003060aa00000000000000280000000000000005010200000009000000fdffffffff0000000100000000006e00000000000000300000000000000000000e0800000000d0ff00000000000000000030000000000b00000000000000460000000000000018000000000000000000000059010000aa00000000000000280000000000000003000400000005000000030000000700000004000000000082000000000000002800000000000000030000000000000001000000000000000100000000000000be00000000000000180000000000000064c6130000003060460000000000000018000000000000000200000049020000320000000000000040000000000000000000000300000000050000000000000005000000000000008a040000000000000100010000000000050000000000ea06000000000000000028000000000000000501010000000700000007000000070000000100000000001e00000000000000400000000000000050000084000000000600000000000000feffffffffffffff000000f8ffffffff07000000000000000200000000000000be0000000000000018000000000000004f801300000030601e00000000000000400000000000000001ff008600000000070000000000000000000000000000040800000000000000060000000000000008000000000000003200000000000000400000000000000000000080000000004000000000000000070000000000000001000000000000000600000000000000001000000000000022010000000000004000000000000000010000c400000000de05000000000000ff03000000000000070000"], 0x300}], 0x1, 0x0, 0x0, 0x0)

11m20.308022361s ago: executing program 2 (id=611):
ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, &(0x7f0000000000)={0x2, 0x9})
ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, &(0x7f0000000040)={0x3, 0x2})
r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f00000000c0)=@arm64_fw={0x6030000000140000, &(0x7f0000000080)=0x8001})
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000100)={0x7})
ioctl$KVM_ARM_VCPU_INIT(r0, 0x4020aeae, &(0x7f0000000140)={0x3, 0x22})
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_GET_SREGS(r1, 0x8000ae83, &(0x7f0000000180))
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r0, 0x4010aeb5, &(0x7f00000002c0)={0xd06, 0x2})
ioctl$KVM_SIGNAL_MSI(r0, 0x4020aea5, &(0x7f0000000300)={0xdddd0000, 0x2222efff, 0x5, 0x0, 0x1})
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r2 = ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1f)
ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f0000000340)={0x2, 0x0, [{0x2, 0x3, 0x1, 0x0, @adapter={0x573, 0x4, 0x10, 0x4, 0x9}}, {0x0, 0x2, 0x1, 0x0, @sint={0x7d0c, 0x100000}}]})
openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000bfd000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000600)={0x0, &(0x7f0000000400)=[@uexit={0x0, 0x18, 0x6}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe8, 0x3}}, @smc={0x1e, 0x40, {0x32000000, [0x85d6, 0x2, 0x4, 0x401, 0x2]}}, @hvc={0x32, 0x40, {0x2000, [0x6, 0x38]}}, @memwrite={0x6e, 0x30, @generic={0x0, 0x4ae, 0x41, 0x2}}, @msr={0x14, 0x20, {0x603000000013c015, 0x4}}, @hvc={0x32, 0x40, {0x80007fff, [0x5, 0x7, 0xd0, 0x10, 0x10c555b0]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x8, 0x8, 0x1}}, @svc={0x122, 0x40, {0x80007fff, [0x1c, 0x0, 0x9, 0x0, 0x9]}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x24b}}], 0x1f0}, &(0x7f0000000640)=[@featur2={0x1, 0x80}], 0x1)
close(r1)
ioctl$KVM_PRE_FAULT_MEMORY(r2, 0xc040aed5, &(0x7f0000000680)={0x2222ffff, 0x18000})
ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f00000006c0))
r5 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000940)={0x0, &(0x7f0000000700)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xd00, 0x8, 0x2}}, @hvc={0x32, 0x40, {0x84000006, [0x7, 0x100, 0x5, 0x2, 0x1]}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x295}}, @irq_setup={0x46, 0x18, {0x2, 0x116}}, @smc={0x1e, 0x40, {0xc4000005, [0x100, 0x2, 0x10001, 0x8, 0x9]}}, @svc={0x122, 0x40, {0x8400000e, [0x5, 0x4800000000000000, 0x8, 0x400, 0xffffffffffff8139]}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x62}}, @eret={0xe6, 0x18, 0x8}, @irq_setup={0x46, 0x18, {0x4, 0x1b5}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x10040, 0x8000}}, @mrs={0xbe, 0x18, {0x603000000013e6c0}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0xe5}}, @smc={0x1e, 0x40, {0x80003fff, [0x8000000000000000, 0x0, 0x5, 0x0, 0x6de]}}], 0x238}, &(0x7f0000000980)=[@featur2], 0x1)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r5, 0x4010aeab, &(0x7f00000009c0)={0x7, 0xf000})
r6 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000c40)={0x0, &(0x7f0000000a00)=[@uexit={0x0, 0x18, 0x8}, @mrs={0xbe, 0x18, {0x603000000013e6cd}}, @smc={0x1e, 0x40, {0x40, [0xb4c5, 0x2, 0x0, 0x1df384ee, 0xed]}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x4, 0xe, 0x7}}, @hvc={0x32, 0x40, {0x84000009, [0x7, 0xaf8, 0xb, 0x5, 0x8]}}, @smc={0x1e, 0x40, {0x84000012, [0x6, 0x0, 0xffffffffffffffff, 0x5, 0x2]}}, @hvc={0x32, 0x40, {0xc5000021, [0x272e, 0x8001, 0x7, 0x0, 0x1]}}, @svc={0x122, 0x40, {0x8400000c, [0x8000, 0xfff, 0x4, 0x101, 0x7]}}, @eret={0xe6, 0x18, 0xb6dd}, @irq_setup={0x46, 0x18, {0x0, 0x193}}, @irq_setup={0x46, 0x18, {0x1, 0x240}}, @uexit={0x0, 0x18, 0x1}, @irq_setup={0x46, 0x18, {0x2, 0xfb}}], 0x210}, &(0x7f0000000c80)=[@featur2={0x1, 0x85}], 0x1)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r6, 0x4018aee2, &(0x7f0000000cc0)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x9})
ioctl$KVM_SIGNAL_MSI(r2, 0x4020aea5, &(0x7f0000000d00)={0x5000, 0xffff1000, 0x100, 0x0, 0x5})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r3, 0x4010ae68, &(0x7f0000000d40)={0x3000, 0xf000, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000dc0)=@attr_other={0x0, 0x0, 0x63, &(0x7f0000000d80)=0xe15})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000001300)={0x0, &(0x7f0000000e00)=[@eret={0xe6, 0x18}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x0, 0x7fff, 0x3}}, @irq_setup={0x46, 0x18, {0x4, 0x309}}, @svc={0x122, 0x40, {0x5000000, [0x6, 0x7, 0x2, 0x6, 0x7]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x4, 0x10, 0x8934, 0x7, 0x1}}, @hvc={0x32, 0x40, {0x1000000, [0xf2, 0x404c, 0x1, 0x5, 0x8]}}, @irq_setup={0x46, 0x18, {0x2, 0x3c3}}, @mrs={0xbe, 0x18, {0x603000000013e602}}, @irq_setup={0x46, 0x18, {0x0, 0x22a}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x58, 0x9}}, @its_setup={0x82, 0x28, {0xffffffff, 0x30000, 0x222}}, @mrs={0xbe, 0x18, {0x603000000013de82}}, @code={0xa, 0x9c, {"e00091d200a0b0f2210180d2420080d2c30180d2440180d2020000d4c06087d20000b0f2210080d2220180d2230080d2e40080d2020000d400d0000f008008d500d895d20040b8f2410180d2620180d2a30180d2240180d2020000d4c07b8cd200e0b8f2c10080d2a20180d2830180d2840180d2020000d4007008d5000008d50004801a0004002f"}}, @eret={0xe6, 0x18, 0x100}, @smc={0x1e, 0x40, {0x20, [0x6, 0x6, 0x3, 0x20000000000, 0x32db]}}, @hvc={0x32, 0x40, {0x2000000, [0x0, 0x0, 0xf539, 0x1000, 0x4]}}, @irq_setup={0x46, 0x18, {0x4, 0x20e}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x1, 0x7, 0x8}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x122}}, @svc={0x122, 0x40, {0x84000007, [0x9, 0x4, 0xffffffffffffffff, 0x40, 0x7fffffff]}}, @mrs={0xbe, 0x18, {0x603000000013c640}}, @smc={0x1e, 0x40, {0xc4000014, [0x3, 0x7, 0x100000001, 0x9, 0x1]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff8, 0x0, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x3, 0xd, 0xff, 0x0, 0x4}}, @code={0xa, 0x9c, {"000008d500e4006f00a0000d000040fa60e090d200c0b8f2610080d2a20180d2230080d2640180d2020000d4e0b99dd20060b8f2010180d2620080d2630080d2240180d2020000d440fd87d200c0b8f2410080d2420180d2430080d2e40180d2020000d4e01598d20060b0f2e10180d2620080d2430080d2a40080d2020000d4008008d5000008d5"}}], 0x4e8}, &(0x7f0000001340)=[@featur2={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000001380)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x8000000000000000})

11m12.89685272s ago: executing program 4 (id=612):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async, rerun: 32)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) (rerun: 32)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x9)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f00000000c0)=@arm64_core={0x6030000000100022, &(0x7f0000000000)=0x300})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) (async)
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000ffb000/0x3000)=nil})

11m8.327874545s ago: executing program 2 (id=613):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x10000000001, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x0, 0x0, 0x10000, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0) (async)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x10000000001, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x0, 0x0, 0x10000, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x180)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8}) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r7, 0x4068aea3, &(0x7f0000000000)={0xa8, 0x0, 0x3})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_CLEAR_DIRTY_LOG(r7, 0xc018aec0, &(0x7f0000000140)={0x0, 0x240, 0x380, &(0x7f0000000180)=[0x6bd1a312, 0xec66, 0xff, 0x8, 0x98bd, 0x80000000000000c, 0x0, 0x4, 0x10000, 0x7, 0x9004, 0x9, 0x8, 0x9, 0x5, 0x49, 0x3ff, 0x5, 0x2, 0x1, 0x8, 0x7, 0xc1, 0x1, 0x2, 0x2, 0x6, 0x9, 0x96, 0xffffffff, 0xffffffff00000000, 0x0, 0x4, 0x7, 0x4, 0x3, 0x9, 0x888f, 0x1, 0x6, 0x46, 0x1, 0x3, 0xa3de, 0x20000000006, 0x8, 0x7, 0x400, 0x3, 0xffffffffffffffb7, 0xfffffffffffffffa, 0x2, 0xe, 0x6, 0x4, 0xe6, 0x200000000000101, 0x5, 0x9, 0x66, 0x6, 0x7, 0x40000005, 0xfffffffeffffffff, 0x9, 0xd, 0x10001, 0xbbd9, 0x80000000, 0xfffffffffffffc00, 0x2, 0x7, 0x2, 0xcdc, 0x4000000007, 0x2, 0x3, 0x2, 0x2, 0xfff, 0x6, 0x4, 0x1, 0xab6, 0x0, 0x4, 0x0, 0x7, 0x9, 0xff, 0x6, 0x28000000, 0x5, 0x8061d, 0x3, 0x7, 0xf6, 0x4, 0x6, 0x204, 0x7, 0xe53e, 0x4, 0x8, 0x2293332f, 0x6, 0x5, 0x1e, 0xd, 0x2, 0x4, 0xfffffffffffffffb, 0x80000001, 0x7, 0xdfd4, 0xfff9, 0x10, 0x5, 0x8, 0x1, 0x53e0f0fe, 0xeb4, 0x3, 0xfffffffffffffffe, 0xb692, 0xcc, 0x8, 0x1000003]})
r8 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x3) (async)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8})
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f00000002c0)=@arm64_sys={0x603000000013df61, &(0x7f00000001c0)=0x10000008})
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x43ff})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_init)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f0000000000)={0xb6, 0x0, 0x3})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10m57.746010382s ago: executing program 4 (id=614):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x80180, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0x5450, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f0000000240)={0x4, 0x0, [{0xc0, 0x4, 0x0, 0x0, @adapter={0x9, 0x4, 0x2, 0xa, 0x8}}, {0x401, 0x6, 0x1, 0x0, @msi={0x9, 0x66, 0x8, 0x4}}, {0x800, 0x2, 0x0, 0x0, @adapter={0x8, 0x0, 0x9, 0x1, 0xfffffbff}}, {0xc07e, 0x4, 0x0, 0x0, @sint={0x400, 0x41}}]})
ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f00000001c0))
r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x18, {"7f2003d5"}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000100)={0x0, 0x81})

10m54.619726978s ago: executing program 2 (id=615):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f00000001c0))
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x18, {"7f2003d5"}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000100)={0xe02b, 0x6})

10m42.858064021s ago: executing program 4 (id=616):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_vgic_v3_setup(r1, 0xffffffffffbffffc, 0x120)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="320000fe7f000000400000000000000000000005000000009d090000010000000300000000000000fbfffffffffffffff9ffffffffffffff0300000000000000be000000000000001800000000000000b3de130000003060aa00000000000000280000000000000005010200000009000000fdffffffff0000000100000000006e00000000000000300000000000000000000e0800000000d0ff00000000000000000030000000000b00000000000000460000000000000018000000000000000000000059010000aa00000000000000280000000000000003000400000005000000030000000700000004000000000082000000000000002800000000000000030000000000000001000000000000000100000000000000be00000000000000180000000000000064c6130000003060460000000000000018000000000000000200000049020000320000000000000040000000000000000000000300000000050000000000000005000000000000008a040000000000000100010000000000050000000000ea06000000000000000028000000000000000501010000000700000007000000070000000100000000001e00000000000000400000000000000050000084000000000600000000000000feffffffffffffff000000f8ffffffff07000000000000000200000000000000be0000000000000018000000000000004f801300000030601e00000000000000400000000000000001ff008600000000070000000000000000000000000000040800000000000000060000000000000008000000000000003200000000000000400000000000000000000080000000004000000000000000070000000000000001000000000000000600000000000000001000000000000022010000000000004000000000000000010000c400000000de05000000000000ff03000000000000070000"], 0x300}], 0x1, 0x0, 0x0, 0x0)

10m41.853096057s ago: executing program 2 (id=617):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000000)={0x2710, 0x0, &(0x7f0000e0a000/0x3000)=nil})
r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000200)={0x0, 0x0}, 0x0, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r8, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)

10m30.835804883s ago: executing program 4 (id=618):
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000a1e000/0x400000)=nil)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xf5)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
r4 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, r2, 0x100000b, 0x4010, r3, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000240)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)

10m23.995949715s ago: executing program 2 (id=619):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x5) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, 0x0) (async)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000280)={0xfffffffe, 0x4}) (async)
r3 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x34)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async, rerun: 64)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (rerun: 64)
ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000040)={0x5}) (async, rerun: 32)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async, rerun: 32)
ioctl$KVM_S390_VCPU_FAULT(r5, 0x4008ae52, &(0x7f0000000080)=0x2)

10m19.991209294s ago: executing program 4 (id=620):
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000040)={0x0, &(0x7f0000000440)=[@msr={0x14, 0x20, {0x603000000013c65d, 0x4}}, @svc={0x122, 0x40, {0x8000, [0x3, 0x2, 0x1, 0x0, 0x8]}}, @hvc={0x32, 0x40, {0x40, [0x7, 0x1, 0x100000001, 0x2, 0x8]}}, @uexit={0x0, 0x18, 0x8000000000000000}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x335}}, @msr={0x14, 0x20, {0x603000000013df7c, 0x7}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x90, 0x4, 0xa}}, @smc={0x1e, 0x40, {0x86000000, [0x9, 0x7, 0x1, 0x1, 0x5]}}, @mrs={0xbe, 0x18, {0x603000000013e6d4}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x338}}, @mrs={0xbe, 0x18, {0x603000000013df6e}}, @eret={0xe6, 0x18}, @eret={0xe6, 0x18, 0x72}], 0x1f8}, &(0x7f00000000c0)=[@featur2={0x1, 0x93}], 0x1)
mmap$KVM_VCPU(&(0x7f00004bd000/0x3000)=nil, r1, 0x2, 0x10, r2, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x20)
r4 = ioctl$KVM_CREATE_GUEST_MEMFD(r3, 0xc040aed4, &(0x7f0000000080)={0x200001fe0000, 0x3})
ioctl$KVM_SET_USER_MEMORY_REGION2(r3, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x6000, 0xa7000, &(0x7f0000ffc000/0x2000)=nil, 0xa600000000000000, r4})
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)

9m36.936221741s ago: executing program 35 (id=619):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x5) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, 0x0) (async)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000280)={0xfffffffe, 0x4}) (async)
r3 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x34)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async, rerun: 64)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (rerun: 64)
ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000040)={0x5}) (async, rerun: 32)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async, rerun: 32)
ioctl$KVM_S390_VCPU_FAULT(r5, 0x4008ae52, &(0x7f0000000080)=0x2)

9m31.892885115s ago: executing program 36 (id=620):
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000040)={0x0, &(0x7f0000000440)=[@msr={0x14, 0x20, {0x603000000013c65d, 0x4}}, @svc={0x122, 0x40, {0x8000, [0x3, 0x2, 0x1, 0x0, 0x8]}}, @hvc={0x32, 0x40, {0x40, [0x7, 0x1, 0x100000001, 0x2, 0x8]}}, @uexit={0x0, 0x18, 0x8000000000000000}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x335}}, @msr={0x14, 0x20, {0x603000000013df7c, 0x7}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x90, 0x4, 0xa}}, @smc={0x1e, 0x40, {0x86000000, [0x9, 0x7, 0x1, 0x1, 0x5]}}, @mrs={0xbe, 0x18, {0x603000000013e6d4}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x338}}, @mrs={0xbe, 0x18, {0x603000000013df6e}}, @eret={0xe6, 0x18}, @eret={0xe6, 0x18, 0x72}], 0x1f8}, &(0x7f00000000c0)=[@featur2={0x1, 0x93}], 0x1)
mmap$KVM_VCPU(&(0x7f00004bd000/0x3000)=nil, r1, 0x2, 0x10, r2, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x20)
r4 = ioctl$KVM_CREATE_GUEST_MEMFD(r3, 0xc040aed4, &(0x7f0000000080)={0x200001fe0000, 0x3})
ioctl$KVM_SET_USER_MEMORY_REGION2(r3, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x6000, 0xa7000, &(0x7f0000ffc000/0x2000)=nil, 0xa600000000000000, r4})
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)

1m4.002939984s ago: executing program 5 (id=621):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r3 = eventfd2(0xeffffffd, 0x801)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000000)={0x200, 0x4000, 0x4, r3, 0x1}) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100034, &(0x7f00000001c0)=0x9}) (async)
r7 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x3000)=nil, r9, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0xdc032, 0xffffffffffffffff, 0x0) (async)
r10 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x6)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r10, r11, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000640)=@arm64_core={0x6030000000100012, &(0x7f0000000000)=0x300000000000}) (async)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r3, 0x3}) (async)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0xe2a00, 0x0)
ioctl$KVM_CREATE_VM(r12, 0x5452, 0x2000fdfd) (async)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) (async)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)

1m3.337141511s ago: executing program 6 (id=622):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_vgic_v3_setup(r1, 0xffffffffffbffffc, 0x120)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="320000fdfd000000400000000000000000000005000000009d090000010000000300000000000000fbfffffffffffffff9ffffffffffffff0300000000000000be000000000000001800000000000000b3de130000003060aa00000000000000280000000000000005010200000009000000fdffffffff0000000100000000006e00000000000000300000000000000000000e0800000000d0ff00000000000000000030000000000b00000000000000460000000000000018000000000000000000000059010000aa00000000000000280000000000000003000400000005000000030000000700000004000000000082000000000000002800000000000000030000000000000001000000000000000100000000000000be00000000000000180000000000000064c6130000003060460000000000000018000000000000000200000049020000320000000000000040000000000000000000000300000000050000000000000005000000000000008a040000000000000100010000000000050000000000ea06000000000000000028000000000000000501010000000700000007000000070000000100000000001e00000000000000400000000000000050000084000000000600000000000000feffffffffffffff000000f8ffffffff07000000000000000200000000000000be0000000000000018000000000000004f801300000030601e00000000000000400000000000000001ff008600000000070000000000000000000000000000040800000000000000060000000000000008000000000000003200000000000000400000000000000000000080000000004000000000000000070000000000000001000000000000000600000000000000001000000000000022010000000000004000000000000000010000c400000000de05000000000000ff03000000000000070000"], 0x300}], 0x1, 0x0, 0x0, 0x0)

49.112980511s ago: executing program 6 (id=623):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2a)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0xf4)
r2 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x18, {"7f2003d5"}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)
ioctl$KVM_IRQ_LINE(r4, 0x4008ae61, &(0x7f0000000240)={0x0, 0x5ded}) (async)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000000)={0x48, 0xdddd1000}) (async)
ioctl$KVM_CREATE_VM(r2, 0x401c5820, 0x20000000)

15.505389352s ago: executing program 37 (id=621):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r3 = eventfd2(0xeffffffd, 0x801)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000000)={0x200, 0x4000, 0x4, r3, 0x1}) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100034, &(0x7f00000001c0)=0x9}) (async)
r7 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x3000)=nil, r9, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0xdc032, 0xffffffffffffffff, 0x0) (async)
r10 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x6)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r10, r11, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000640)=@arm64_core={0x6030000000100012, &(0x7f0000000000)=0x300000000000}) (async)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r3, 0x3}) (async)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0xe2a00, 0x0)
ioctl$KVM_CREATE_VM(r12, 0x5452, 0x2000fdfd) (async)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) (async)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)

0s ago: executing program 38 (id=623):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2a)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0xf4)
r2 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x18, {"7f2003d5"}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)
ioctl$KVM_IRQ_LINE(r4, 0x4008ae61, &(0x7f0000000240)={0x0, 0x5ded}) (async)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000000)={0x48, 0xdddd1000}) (async)
ioctl$KVM_CREATE_VM(r2, 0x401c5820, 0x20000000)

kernel console output (not intermixed with test programs):

[  423.192744][ T3169] 8021q: adding VLAN 0 to HW filter on device bond0
[  476.196703][ T3169] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:4372' (ED25519) to the list of known hosts.
[  648.926665][   T25] audit: type=1400 audit(648.100:61): avc:  denied  { name_bind } for  pid=3330 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  650.907090][   T25] audit: type=1400 audit(650.080:62): avc:  denied  { execute } for  pid=3331 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  650.950532][   T25] audit: type=1400 audit(650.120:63): avc:  denied  { execute_no_trans } for  pid=3331 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  677.093646][   T25] audit: type=1400 audit(676.270:64): avc:  denied  { mounton } for  pid=3331 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  677.151873][   T25] audit: type=1400 audit(676.320:65): avc:  denied  { mount } for  pid=3331 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  677.251616][ T3331] cgroup: Unknown subsys name 'net'
[  677.323788][   T25] audit: type=1400 audit(676.500:66): avc:  denied  { unmount } for  pid=3331 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  677.814358][ T3331] cgroup: Unknown subsys name 'cpuset'
[  677.963628][ T3331] cgroup: Unknown subsys name 'rlimit'
[  678.962908][   T25] audit: type=1400 audit(678.140:67): avc:  denied  { setattr } for  pid=3331 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  678.984073][   T25] audit: type=1400 audit(678.150:68): avc:  denied  { mounton } for  pid=3331 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  679.012908][   T25] audit: type=1400 audit(678.190:69): avc:  denied  { mount } for  pid=3331 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  680.126540][ T3335] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  680.147177][   T25] audit: type=1400 audit(679.320:70): avc:  denied  { relabelto } for  pid=3335 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  680.175086][   T25] audit: type=1400 audit(679.350:71): avc:  denied  { write } for  pid=3335 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  680.376212][   T25] audit: type=1400 audit(679.550:72): avc:  denied  { read } for  pid=3331 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  680.404378][   T25] audit: type=1400 audit(679.570:73): avc:  denied  { open } for  pid=3331 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  680.448931][ T3331] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  739.719948][   T25] audit: type=1400 audit(738.890:74): avc:  denied  { execmem } for  pid=3336 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  745.806484][   T25] audit: type=1400 audit(744.980:76): avc:  denied  { open } for  pid=3343 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  745.830983][   T25] audit: type=1400 audit(744.940:75): avc:  denied  { read } for  pid=3342 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  745.940696][   T25] audit: type=1400 audit(745.100:77): avc:  denied  { mounton } for  pid=3343 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  746.448757][   T25] audit: type=1400 audit(745.620:78): avc:  denied  { module_request } for  pid=3343 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  746.500752][   T25] audit: type=1400 audit(745.670:79): avc:  denied  { module_request } for  pid=3342 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  748.039416][   T25] audit: type=1400 audit(747.210:80): avc:  denied  { sys_module } for  pid=3343 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  778.007379][ T3343] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  778.096723][ T3342] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  778.190746][ T3343] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  778.254647][ T3342] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  790.653550][ T3342] hsr_slave_0: entered promiscuous mode
[  790.704878][ T3342] hsr_slave_1: entered promiscuous mode
[  791.880607][ T3343] hsr_slave_0: entered promiscuous mode
[  791.945178][ T3343] hsr_slave_1: entered promiscuous mode
[  791.989572][ T3343] debugfs: 'hsr0' already exists in 'hsr'
[  791.994309][ T3343] Cannot create hsr debugfs directory
[  798.155916][   T25] audit: type=1400 audit(797.330:81): avc:  denied  { create } for  pid=3342 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  798.209352][   T25] audit: type=1400 audit(797.380:82): avc:  denied  { write } for  pid=3342 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  798.275743][   T25] audit: type=1400 audit(797.450:83): avc:  denied  { read } for  pid=3342 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  798.449903][ T3342] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  798.802552][ T3342] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  799.092846][ T3342] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  799.562712][ T3342] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  801.314340][ T3343] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  801.504495][ T3343] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  801.676381][ T3343] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  801.815013][ T3343] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  814.804839][ T3342] 8021q: adding VLAN 0 to HW filter on device bond0
[  817.583691][ T3343] 8021q: adding VLAN 0 to HW filter on device bond0
[  875.424837][ T3342] veth0_vlan: entered promiscuous mode
[  875.902330][ T3342] veth1_vlan: entered promiscuous mode
[  878.323730][ T3343] veth0_vlan: entered promiscuous mode
[  878.466794][ T3342] veth0_macvtap: entered promiscuous mode
[  879.163421][ T3342] veth1_macvtap: entered promiscuous mode
[  879.863372][ T3343] veth1_vlan: entered promiscuous mode
[  882.937341][ T3384] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  883.057146][ T3384] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  883.069421][ T3384] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  883.071083][ T3384] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  884.630516][ T3343] veth0_macvtap: entered promiscuous mode
[  885.421904][ T3343] veth1_macvtap: entered promiscuous mode
[  886.894884][   T25] audit: type=1400 audit(886.070:84): avc:  denied  { mount } for  pid=3342 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  887.216477][   T25] audit: type=1400 audit(886.390:85): avc:  denied  { mounton } for  pid=3342 comm="syz-executor" path="/syzkaller.IjcFlt/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  887.575552][   T25] audit: type=1400 audit(886.680:86): avc:  denied  { mount } for  pid=3342 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  888.184454][   T25] audit: type=1400 audit(887.360:87): avc:  denied  { mounton } for  pid=3342 comm="syz-executor" path="/syzkaller.IjcFlt/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  888.502628][   T25] audit: type=1400 audit(887.640:88): avc:  denied  { mounton } for  pid=3342 comm="syz-executor" path="/syzkaller.IjcFlt/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3762 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  889.391926][ T3226] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  889.395818][ T3226] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  889.403628][ T3226] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  889.490530][ T3226] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  889.672828][   T25] audit: type=1400 audit(888.850:89): avc:  denied  { unmount } for  pid=3342 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  890.050234][   T25] audit: type=1400 audit(889.210:90): avc:  denied  { mounton } for  pid=3342 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  890.284229][   T25] audit: type=1400 audit(889.350:91): avc:  denied  { mount } for  pid=3342 comm="syz-executor" name="/" dev="gadgetfs" ino=3771 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  890.816427][   T25] audit: type=1400 audit(889.990:92): avc:  denied  { mount } for  pid=3342 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  890.971211][   T25] audit: type=1400 audit(890.140:93): avc:  denied  { mounton } for  pid=3342 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  893.170870][ T3342] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  894.810221][   T25] kauditd_printk_skb: 1 callbacks suppressed
[  894.831657][   T25] audit: type=1400 audit(893.980:95): avc:  denied  { read write } for  pid=3342 comm="syz-executor" name="loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  894.893519][   T25] audit: type=1400 audit(894.070:96): avc:  denied  { open } for  pid=3342 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  895.001943][   T25] audit: type=1400 audit(894.130:97): avc:  denied  { ioctl } for  pid=3342 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  906.311474][   T25] audit: type=1400 audit(905.480:98): avc:  denied  { read } for  pid=3496 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  906.346425][   T25] audit: type=1400 audit(905.520:99): avc:  denied  { open } for  pid=3496 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  906.491607][   T25] audit: type=1400 audit(905.660:100): avc:  denied  { ioctl } for  pid=3496 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  907.029964][   T25] audit: type=1400 audit(906.200:101): avc:  denied  { write } for  pid=3496 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  914.215306][   T25] audit: type=1400 audit(913.390:102): avc:  denied  { append } for  pid=3505 comm="syz.1.3" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  916.074642][   T25] audit: type=1400 audit(915.220:103): avc:  denied  { execute } for  pid=3510 comm="syz.0.4" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3878 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  970.459824][   T25] audit: type=1400 audit(969.620:104): avc:  denied  { map } for  pid=3542 comm="syz.0.13" path="pipe:[2771]" dev="pipefs" ino=2771 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 1214.695921][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1214.929988][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1214.973417][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1215.141234][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1215.197312][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1215.245021][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1215.293839][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1215.334964][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1215.385439][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1215.489602][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1215.522149][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1215.604843][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1215.683454][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1215.723819][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1215.855936][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1215.894675][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1215.979353][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1215.993167][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1216.045864][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1216.120108][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1216.146524][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1216.220913][ T3689] kvm [3689]: Failed to find VMA for hva 0x20c01000
[ 1450.642440][   T25] audit: type=1400 audit(1449.760:105): avc:  denied  { ioctl } for  pid=3823 comm="syz.1.96" path="net:[4026532625]" dev="nsfs" ino=4026532625 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1465.379577][   T25] audit: type=1400 audit(1464.540:106): avc:  denied  { setattr } for  pid=3832 comm="syz.0.99" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1658.055443][   T25] audit: type=1400 audit(1657.220:107): avc:  denied  { create } for  pid=3939 comm="syz.0.131" anonclass=[kvm-gmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 2259.056652][   T25] audit: type=1400 audit(2258.230:108): avc:  denied  { map } for  pid=4313 comm="syz.1.239" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2470.210528][   T25] audit: type=1400 audit(2469.380:109): avc:  denied  { map } for  pid=4427 comm="syz.1.275" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=17877 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 2470.321546][   T25] audit: type=1400 audit(2469.460:110): avc:  denied  { read } for  pid=4427 comm="syz.1.275" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=17877 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 2514.750682][ T4457] kvm [4457]: Failed to find VMA for hva 0x20000000
[ 2876.993304][   T25] audit: type=1400 audit(2876.170:111): avc:  denied  { execute } for  pid=4666 comm="syz.1.351" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 3636.332443][ T4699] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3637.362871][ T4699] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3638.284458][ T4699] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3639.290170][ T4699] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3654.405574][ T4699] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3654.885869][ T4699] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3655.152193][ T4699] bond0 (unregistering): Released all slaves
[ 3656.721205][ T4699] hsr_slave_0: left promiscuous mode
[ 3656.790193][ T4699] hsr_slave_1: left promiscuous mode
[ 3657.473377][ T4699] veth1_macvtap: left promiscuous mode
[ 3657.511690][ T4699] veth0_macvtap: left promiscuous mode
[ 3657.514416][ T4699] veth1_vlan: left promiscuous mode
[ 3657.530784][ T4699] veth0_vlan: left promiscuous mode
[ 3675.614453][ T5045] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3675.994579][ T5045] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3679.967230][ T4699] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3681.742823][ T4699] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3683.115432][ T4699] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3684.385512][ T4699] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3700.786369][ T4699] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3700.876531][ T4699] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3700.942349][ T4699] bond0 (unregistering): Released all slaves
[ 3702.153082][ T4699] hsr_slave_0: left promiscuous mode
[ 3702.220472][ T4699] hsr_slave_1: left promiscuous mode
[ 3702.708914][ T4699] veth1_macvtap: left promiscuous mode
[ 3702.712563][ T4699] veth0_macvtap: left promiscuous mode
[ 3702.732349][ T4699] veth1_vlan: left promiscuous mode
[ 3702.760650][ T4699] veth0_vlan: left promiscuous mode
[ 3725.226725][ T5054] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3725.914936][ T5045] hsr_slave_0: entered promiscuous mode
[ 3725.970156][ T5045] hsr_slave_1: entered promiscuous mode
[ 3726.120369][ T5054] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3739.320892][ T5045] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 3739.615754][ T5045] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 3739.881981][ T5045] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 3740.150572][ T5045] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 3749.767002][ T5054] hsr_slave_0: entered promiscuous mode
[ 3749.891200][ T5054] hsr_slave_1: entered promiscuous mode
[ 3749.985411][ T5054] debugfs: 'hsr0' already exists in 'hsr'
[ 3750.002755][ T5054] Cannot create hsr debugfs directory
[ 3764.806061][ T5045] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3764.884774][ T5054] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 3765.186195][ T5054] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 3765.471431][ T5054] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 3765.991952][ T5054] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 3797.064375][ T5054] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3869.863978][ T5045] veth0_vlan: entered promiscuous mode
[ 3870.774036][ T5045] veth1_vlan: entered promiscuous mode
[ 3874.073740][ T5045] veth0_macvtap: entered promiscuous mode
[ 3874.541043][ T5045] veth1_macvtap: entered promiscuous mode
[ 3878.890194][ T5181] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3878.892346][ T5181] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3878.944484][ T5181] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3878.980000][ T5181] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3883.562828][   T25] audit: type=1400 audit(3882.700:112): avc:  denied  { unmount } for  pid=5045 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 3904.551775][ T5054] veth0_vlan: entered promiscuous mode
[ 3906.144278][ T5054] veth1_vlan: entered promiscuous mode
[ 3910.820818][ T5054] veth0_macvtap: entered promiscuous mode
[ 3911.590510][ T5054] veth1_macvtap: entered promiscuous mode
[ 3916.342960][ T3491] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3916.346925][ T3491] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3916.452216][ T3384] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3916.464916][ T3384] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4166.129559][   T25] audit: type=1400 audit(4165.300:113): avc:  denied  { execute } for  pid=5413 comm="syz.3.498" path="pipe:[27944]" dev="pipefs" ino=27944 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 4479.867448][ T5181] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4481.570525][ T5181] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4483.214485][ T5181] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4484.492349][ T5181] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4510.646122][ T5181] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4511.146532][ T5181] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4511.556080][ T5181] bond0 (unregistering): Released all slaves
[ 4514.135080][ T5181] hsr_slave_0: left promiscuous mode
[ 4514.311550][ T5181] hsr_slave_1: left promiscuous mode
[ 4515.165483][ T5181] veth1_macvtap: left promiscuous mode
[ 4515.177415][ T5181] veth0_macvtap: left promiscuous mode
[ 4515.203511][ T5181] veth1_vlan: left promiscuous mode
[ 4515.229771][ T5181] veth0_vlan: left promiscuous mode
[ 4611.220047][   T25] audit: type=1400 audit(4610.320:114): avc:  denied  { write } for  pid=5628 comm="syz.2.539" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=33920 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 4612.654264][ T5557] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4612.962092][ T5557] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4655.976194][ T5557] hsr_slave_0: entered promiscuous mode
[ 4656.134022][ T5557] hsr_slave_1: entered promiscuous mode
[ 4656.284189][ T5557] debugfs: 'hsr0' already exists in 'hsr'
[ 4656.292507][ T5557] Cannot create hsr debugfs directory
[ 4678.914926][ T5557] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 4679.574065][ T5557] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 4680.165511][ T5557] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 4680.704022][ T5557] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 4721.332972][ T5557] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4895.120503][ T5557] veth0_vlan: entered promiscuous mode
[ 4897.005119][ T5557] veth1_vlan: entered promiscuous mode
[ 4901.390284][ T5557] veth0_macvtap: entered promiscuous mode
[ 4902.221456][ T5557] veth1_macvtap: entered promiscuous mode
[ 4906.519559][ T5181] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4906.561935][ T5577] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4906.563284][ T5577] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4906.564046][ T5577] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5061.065273][ T5885] kvm [5885]: Failed to find VMA for hva 0x20c01000
[ 5514.105356][ T6041] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5514.410229][ T6041] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5518.746307][ T6044] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5519.200425][ T6044] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5554.732856][ T6041] hsr_slave_0: entered promiscuous mode
[ 5554.784625][ T6041] hsr_slave_1: entered promiscuous mode
[ 5554.909257][ T6041] debugfs: 'hsr0' already exists in 'hsr'
[ 5554.910160][ T6041] Cannot create hsr debugfs directory
[ 5560.336504][ T6044] hsr_slave_0: entered promiscuous mode
[ 5560.405103][ T6044] hsr_slave_1: entered promiscuous mode
[ 5560.433572][ T6044] debugfs: 'hsr0' already exists in 'hsr'
[ 5560.452860][ T6044] Cannot create hsr debugfs directory
[ 5579.765567][ T6041] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 5581.022172][ T6041] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 5581.926223][ T6041] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 5584.002018][ T6041] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 5591.259254][ T6044] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 5592.089564][ T6044] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 5592.706071][ T6044] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 5593.479590][ T6044] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 5629.791206][ T6041] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5635.101606][ T6044] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5692.753266][ T5769] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5694.806768][ T5769] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5696.356805][ T5769] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5699.006826][ T5769] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5727.000045][ T5769] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5727.344380][ T5769] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5728.013536][ T5769] bond0 (unregistering): Released all slaves
[ 5732.009265][ T5769] hsr_slave_0: left promiscuous mode
[ 5732.144474][ T5769] hsr_slave_1: left promiscuous mode
[ 5733.565405][ T5769] veth1_macvtap: left promiscuous mode
[ 5733.612641][ T5769] veth0_macvtap: left promiscuous mode
[ 5733.673206][ T5769] veth1_vlan: left promiscuous mode
[ 5733.701598][ T5769] veth0_vlan: left promiscuous mode
[ 5773.812855][ T5769] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5776.036785][ T5769] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5778.289236][ T5769] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5780.446799][ T5769] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5809.585837][ T5769] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5809.855603][ T5769] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5810.093595][ T5769] bond0 (unregistering): Released all slaves
[ 5813.359963][ T5769] hsr_slave_0: left promiscuous mode
[ 5813.818771][ T5769] hsr_slave_1: left promiscuous mode
[ 5815.253240][ T5769] veth1_macvtap: left promiscuous mode
[ 5815.281583][ T5769] veth0_macvtap: left promiscuous mode
[ 5815.291214][ T5769] veth1_vlan: left promiscuous mode
[ 5815.315269][ T5769] veth0_vlan: left promiscuous mode
[ 5899.590329][ T6041] veth0_vlan: entered promiscuous mode
[ 5900.302458][ T6044] veth0_vlan: entered promiscuous mode
[ 5901.974760][ T6041] veth1_vlan: entered promiscuous mode
[ 5902.842365][ T6044] veth1_vlan: entered promiscuous mode
[ 5908.611417][ T6041] veth0_macvtap: entered promiscuous mode
[ 5909.685756][ T6044] veth0_macvtap: entered promiscuous mode
[ 5909.954845][ T6041] veth1_macvtap: entered promiscuous mode
[ 5911.201675][ T6044] veth1_macvtap: entered promiscuous mode
[ 5916.622296][ T3434] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5916.633036][ T3434] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5916.799888][ T3434] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5916.808989][ T3434] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5918.582431][ T5420] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5918.586832][ T5420] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5918.632344][ T5420] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5918.645730][ T5420] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 6117.183821][ T6266] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6117.716576][ T6266] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6138.523117][ T6276] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6139.194123][ T6276] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6174.679332][ T6266] hsr_slave_0: entered promiscuous mode
[ 6174.835801][ T6266] hsr_slave_1: entered promiscuous mode
[ 6197.727355][ T6276] hsr_slave_0: entered promiscuous mode
[ 6197.944808][ T6276] hsr_slave_1: entered promiscuous mode
[ 6198.069670][ T6276] debugfs: 'hsr0' already exists in 'hsr'
[ 6198.079385][ T6276] Cannot create hsr debugfs directory
[ 6220.465910][ T6266] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 6221.087417][ T6266] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 6223.121162][ T6266] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 6224.792591][ T6266] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 6245.286922][ T6276] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 6246.269709][ T6276] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 6246.887003][ T6276] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 6247.999698][ T6276] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 6290.026155][ T6266] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6307.751781][ T6276] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6390.441916][   T27] INFO: task syz.6.623:6253 blocked for more than 430 seconds.
[ 6390.502848][   T27]       Not tainted syzkaller #0
[ 6390.601603][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 6390.651912][   T27] task:syz.6.623       state:D stack:0     pid:6253  tgid:6253  ppid:6044   task_flags:0x400040 flags:0x00000011
[ 6390.653608][   T27] Call trace:
[ 6390.654120][   T27]  __switch_to+0x584/0xb00 (T)
[ 6390.656254][   T27]  __schedule+0x200c/0x3428
[ 6390.656814][   T27]  schedule+0xac/0x27c
[ 6390.657320][   T27]  schedule_timeout+0x68/0x1ec
[ 6390.783664][   T27]  do_wait_for_common+0x28c/0x440
[ 6390.816309][   T27]  wait_for_completion+0x44/0x5c
[ 6390.819532][   T27]  __synchronize_srcu+0x2a4/0x320
[ 6390.820224][   T27]  synchronize_srcu+0x3d0/0x4f8
[ 6390.820759][   T27]  mmu_notifier_unregister+0x320/0x428
[ 6390.821309][   T27]  kvm_put_kvm+0x698/0xbe0
[ 6390.821712][   T27]  kvm_vm_release+0x58/0x78
[ 6390.822197][   T27]  __fput+0x4ac/0x978
[ 6390.822629][   T27]  ____fput+0x20/0x58
[ 6390.823080][   T27]  task_work_run+0x1b8/0x250
[ 6390.823521][   T27]  exit_to_user_mode_loop+0x110/0x188
[ 6390.824002][   T27]  el0_svc+0x17c/0x238
[ 6390.824540][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 6390.825073][   T27]  el0t_64_sync+0x198/0x19c
[ 6390.826799][   T27] 
[ 6390.826799][   T27] Showing all locks held in the system:
[ 6390.827316][   T27] 1 lock held by khungtaskd/27:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 6391.062062][   T27]  #0: ffff800087a86d08 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x0/0x44
[ 6391.102858][   T27] 1 lock held by syslogd/3128:
[ 6391.103329][   T27] 1 lock held by dhcpcd/3168:
[ 6391.103672][   T27] 2 locks held by getty/3198:
[ 6391.104018][   T27]  #0: dcf000001231a8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 6391.105891][   T27]  #1: 6aff80008c80b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x308/0x1234
[ 6391.231420][   T27] 1 lock held by sshd-session/3330:
[ 6391.252227][   T27] 2 locks held by syz-executor/3331:
[ 6391.252714][   T27] 3 locks held by kworker/u4:10/3491:
[ 6391.253127][   T27] 3 locks held by kworker/u4:11/5420:
[ 6391.253480][   T27] 3 locks held by kworker/u4:2/5570:
[ 6391.253801][   T27] 3 locks held by kworker/u4:3/5576:
[ 6391.254161][   T27] 3 locks held by kworker/u4:4/5769:
[ 6391.254491][   T27] 3 locks held by kworker/u4:8/6063:
[ 6391.254837][   T27] 3 locks held by kworker/u4:12/6110:
[ 6391.255214][   T27] 2 locks held by kworker/u4:15/6156:
[ 6391.255540][   T27] 2 locks held by syz.5.621/6247:
[ 6391.255883][   T27] 3 locks held by kworker/u4:0/6340:
[ 6391.256255][   T27] 3 locks held by kworker/u4:1/6362:
[ 6391.330113][   T27] 
[ 6391.352888][   T27] =============================================
[ 6391.352888][   T27] 
[ 6391.380963][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[ 6391.384459][   T27] CPU: 0 UID: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT 
[ 6391.386095][   T27] Hardware name: linux,dummy-virt (DT)
[ 6391.387085][   T27] Call trace:
[ 6391.387938][   T27]  show_stack+0x2c/0x3c (C)
[ 6391.389042][   T27]  __dump_stack+0x30/0x40
[ 6391.390041][   T27]  dump_stack_lvl+0x30/0x12c
[ 6391.390919][   T27]  dump_stack+0x1c/0x28
[ 6391.391847][   T27]  vpanic+0x1d4/0x4e4
[ 6391.392697][   T27]  vpanic+0x0/0x4e4
[ 6391.393532][   T27]  hung_task_panic+0x0/0x2c
[ 6391.394469][   T27]  kthread+0x794/0x99c
[ 6391.395380][   T27]  ret_from_fork+0x10/0x20
[ 6391.397264][   T27] Kernel Offset: disabled
[ 6391.398032][   T27] CPU features: 0x0000000,001a3005,fbe327a1,057ffe1f
[ 6391.399184][   T27] Memory Limit: none
[ 6391.401393][   T27] Rebooting in 86400 seconds..