last executing test programs:

1h10m58.929345571s ago: executing program 0 (id=187):
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async, rerun: 32)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (rerun: 32)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) (async, rerun: 32)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (rerun: 32)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x2, 0x1, 0xf000, 0x1000, &(0x7f0000c02000/0x1000)=nil}) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)

1h10m50.690356621s ago: executing program 0 (id=189):
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80080, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r2 = mmap$KVM_VCPU(&(0x7f0000f6d000/0x4000)=nil, r1, 0x3000000, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) (async)
r3 = openat$kvm(0x0, 0x0, 0x0, 0x0) (async)
eventfd2(0x6, 0x100000)
ioctl$KVM_CHECK_EXTENSION(r3, 0x40086602, 0x110e22ffff) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000cd4000/0x4000)=nil, 0x930, 0x2000004, 0x8032, 0xffffffffffffffff, 0x0) (async)
write$eventfd(0xffffffffffffffff, &(0x7f0000000200)=0x8, 0x8)
syz_memcpy_off$KVM_EXIT_MMIO(r2, 0x20, &(0x7f0000000080)="37d300", 0x0, 0x18) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x20000000) (async)
ioctl$KVM_CHECK_EXTENSION(r4, 0x40086602, 0x2) (async)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x2, 0x28031, 0xffffffffffffffff, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x28) (async)
r6 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x2b)
ioctl$KVM_SET_DEVICE_ATTR_vm(r8, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0xfffffff8, 0xffff, 0x0})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) (async)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000bfd000/0x400000)=nil, &(0x7f00000004c0)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, 0x0) (async)
syz_kvm_vgic_v3_setup(r8, 0x1, 0x240) (async)
r10 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000bfe000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000b00)={0x0, &(0x7f0000000100)=[@mrs={0xbe, 0x18, {0x603000000013c2a4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x4, 0x2, 0xffffffff, 0x9}}, @svc={0x122, 0x40, {0x1, [0x8000000000000000, 0x7, 0x7000, 0xaaf, 0x8000]}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0x225}}, @svc={0x122, 0x40, {0xc5000021, [0x1ff, 0x2fa, 0x0, 0xfffffffffffffff3, 0x400]}}], 0xe8}, 0x0, 0x0)

1h10m41.145440068s ago: executing program 0 (id=190):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x250100, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x101002, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_GET_API_VERSION(r1, 0xae00, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x8}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x5, 0xfffffffe, 0x0, 0x0, 0x79}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x5, <r5=>0xffffffffffffffff})
ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, &(0x7f00000001c0)={0x1, 0x7})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r6, 0x2, 0x100)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0x401c5820, 0xffff98600fff)
ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r8 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x34)
r9 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000139828, 0x7fff}}], 0x20}, 0x0, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r13, 0xae03, 0x83)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
ioctl$KVM_GET_REGS(0xffffffffffffffff, 0x8360ae81, &(0x7f0000000300))
ioctl$KVM_CHECK_EXTENSION_VM(r8, 0xae03, 0x77)

1h9m54.886121155s ago: executing program 32 (id=190):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x250100, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x101002, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_GET_API_VERSION(r1, 0xae00, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x8}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x5, 0xfffffffe, 0x0, 0x0, 0x79}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x5, <r5=>0xffffffffffffffff})
ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, &(0x7f00000001c0)={0x1, 0x7})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r6, 0x2, 0x100)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0x401c5820, 0xffff98600fff)
ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r8 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x34)
r9 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000139828, 0x7fff}}], 0x20}, 0x0, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r13, 0xae03, 0x83)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
ioctl$KVM_GET_REGS(0xffffffffffffffff, 0x8360ae81, &(0x7f0000000300))
ioctl$KVM_CHECK_EXTENSION_VM(r8, 0xae03, 0x77)

1h9m51.148532325s ago: executing program 33 (id=191):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f00000002c0)=@arm64_fp={0x604000000010006a, &(0x7f00000000c0)=0x2})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20002, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
munmap(&(0x7f0000f0e000/0x2000)=nil, 0x2000)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = eventfd2(0xefffffff, 0x801)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000001340)={0x3, 0x1000, 0x2, r5, 0x3})
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f00000000c0)={0x3, 0x0, 0x2, r5, 0xf})
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x308303, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x32)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000100)={0x5})
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r11, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1})
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000140)=@arm64_sys={0x603000000013d801, &(0x7f0000000000)=0x2})
ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000280)=@arm64_core={0x603000000010002c, &(0x7f0000000140)=0x8})
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)

1h3m16.167985769s ago: executing program 34 (id=199):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, 0x0}, &(0x7f0000000280)=[@featur2={0x1, 0xf}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0x0, 0x4, &(0x7f0000000080)=0xbced})
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ff5000/0x1000)=nil, 0x1000)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x3)
syz_kvm_vgic_v3_setup(r9, 0x0, 0x0)
close(0x4)
close(0x5)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000280)={0x14, 0xff, 0x1}})
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r7, 0x4018aee2, &(0x7f0000000040)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000000)=0x1a})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000040)={0x2710, 0x2, 0xd000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r12 = openat$kvm(0x0, &(0x7f0000000080), 0x2a6542, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r15, 0x4010aeac, &(0x7f00000002c0)=@arm64_sys={0x603000000013df19, &(0x7f0000000280)=0x1})

58m32.825327597s ago: executing program 3 (id=225):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000160002, &(0x7f0000000000)=0x7})
openat$kvm(0x0, &(0x7f0000000000), 0x1, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r6 = syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x100)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x5, 0x0, &(0x7f0000000200)=0x8080000})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r8, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000cef000/0x1000)=nil, r8, 0x3, 0x100010, r3, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000160002, &(0x7f0000000000)=0x7}) (async)
openat$kvm(0x0, &(0x7f0000000000), 0x1, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x100) (async)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x5, 0x0, &(0x7f0000000200)=0x8080000}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04) (async)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r8, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000cef000/0x1000)=nil, r8, 0x3, 0x100010, r3, 0x0) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)

58m18.680244306s ago: executing program 3 (id=226):
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) (async, rerun: 64)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) (rerun: 64)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000f7c000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) (async)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) (async, rerun: 32)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async, rerun: 32)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) (async)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_assert_reg(r5, 0x603000000053c4f1, 0x8800) (async)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0)

58m8.429433038s ago: executing program 3 (id=227):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000000)={0x7, <r3=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x5, 0x0})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000bde000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r7=>0xffffffffffffffff, 0x1})
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
r11 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r10, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0)
r12 = eventfd2(0x0, 0x0)
close(r12)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
r13 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
write$eventfd(r12, &(0x7f0000000180)=0x5, 0xfffffde3)
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

57m50.857387708s ago: executing program 3 (id=228):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x10000000000000)
ioctl$KVM_PPC_ALLOCATE_HTAB(r0, 0xc004aea7, &(0x7f00000002c0)=0x8)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="f21bc75509bf71c9d70236fc044842da01000000000000004c24501958da2e2c18b875c2357c6ed600", 0x0, 0x48)
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
write$eventfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x25)
ioctl$KVM_CAP_ARM_MTE(r2, 0x4068aea3, &(0x7f0000000240))
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000840)=[@memwrite={0x6e, 0x30, @generic={0xdddd1000, 0x253, 0x3}}, @code={0xa, 0x9c, {"007008d560f09cd200a0b0f2010080d2020180d2630080d2640180d2020000d4e08588d200a0b0f2810080d2a20180d2830180d2e40080d2020000d4000008d5007008d50020c00dc07b88d200e0b0f2410080d2420080d2630080d2e40080d2020000d40084006f20b19ad20080b8f2a10080d2e20180d2a30080d2e40180d2020000d40000679e"}}, @uexit={0x0, 0x18, 0x4}, @eret={0xe6, 0x18, 0x3}, @hvc={0x32, 0x40, {0x200, [0x8, 0x6, 0x5, 0xfffffffffffffffe]}}, @hvc={0x32, 0x40, {0x8400000e, [0x10000, 0xc, 0x32, 0x2, 0x2]}}, @mrs={0xbe, 0x18, {0x603000000013e6d4}}, @uexit={0x0, 0x18, 0xbf3}, @eret={0xe6, 0x18, 0x5}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x206}}, @smc={0x1e, 0x40, {0xffff, [0x2, 0x400000, 0x4, 0x7, 0x4b33]}}, @eret={0xe6, 0x18, 0x30f}, @irq_setup={0x46, 0x18, {0x4, 0x1ef}}, @msr={0x14, 0x20, {0x6030000000138077, 0x1}}, @svc={0x122, 0x40, {0x402, [0x1, 0x401, 0x7fffffffffffffff, 0x2, 0x6]}}], 0x2bc}, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xd000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000100)={0x1ff, 0x5, 0x8080000, 0x1000, &(0x7f0000df8000/0x1000)=nil})
ioctl$KVM_CREATE_DEVICE(r6, 0xc018aec0, &(0x7f00000000c0)={0x1})
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000180)={0x8, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2200, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r13, 0x4018aee3, &(0x7f00000000c0)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x3})
r14 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r14, 0x8040ae9f, 0xffffffffffffffff)

57m32.02344787s ago: executing program 3 (id=229):
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000007, 0x4f833, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000100)=@x86={0x0, 0xd8, 0xd5, 0x0, 0xdd9, 0x8, 0x5, 0x8, 0x1, 0x4, 0x54, 0x1, 0x0, 0x7, 0x2, 0xab, 0x9, 0x7, 0x2d, '\x00', 0x5, 0x8})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x8040ae9f, &(0x7f0000000000)=@arm64)

57m21.798412635s ago: executing program 3 (id=230):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur2={0x1, 0x12}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x20)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000a67000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

56m33.681798772s ago: executing program 35 (id=230):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur2={0x1, 0x12}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x20)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000a67000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

54m31.563018191s ago: executing program 4 (id=240):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000280)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000080)=@arm64_sys={0x603000000013c03a, &(0x7f00000000c0)=0x6})
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0xff)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f00000001c0)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4})
ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, &(0x7f00000000c0)=@attr_other={0x0, 0x8, 0x8, &(0x7f0000000080)=0x2e09})
r7 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000040)={0x9, 0xffffffffffffffff, 0x1})
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x10, r7, 0x0)

54m20.507459831s ago: executing program 4 (id=241):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2c)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x6030000000100018, &(0x7f0000000000)=0x7fffffffffffffff})
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
mmap$KVM_VCPU(&(0x7f0000dc7000/0x2000)=nil, 0x0, 0x2000001, 0x10, r2, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x28)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r10, 0x4004ae8b, &(0x7f00000000c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000100)={0x1000020, 0x1})
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r2, &(0x7f0000a9b000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000280)=[@svc={0x122, 0x40, {0x84000009, [0xa25, 0x100000000, 0x7fffffffffffffff, 0x8, 0x8]}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x0, 0xa, 0x0, 0x2, 0x2}}], 0x68}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

54m3.920063809s ago: executing program 4 (id=242):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f0000c79000/0x3000)=nil, 0x930, 0x3, 0x110, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="4ff6d535915afa0ad2e775bd385a7e6bc0b1462ad0407959c7dc499882ce256db238635e806a8f73bdcec0ce8927265658e9f604fdc81321405c06561299cd68555def54b309423f", 0x0, 0x48)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x8}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x1, 0x0, 0x0, 0x79, 0x1}}], 0xffffffffffffffcb}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r7, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r12, 0xb704, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x20000, 0x0)
r13 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x100000)
ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000000)={0x7, <r14=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r14, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x5, 0x0})

53m47.647449393s ago: executing program 4 (id=243):
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x66)
ioctl$KVM_GET_SREGS(r0, 0x8000ae83, &(0x7f0000000000))
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x8})
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000000)={0x4})
munmap(&(0x7f0000584000/0x800000)=nil, 0x800000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000) (async)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x66) (async)
ioctl$KVM_GET_SREGS(r0, 0x8000ae83, &(0x7f0000000000)) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) (async)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x8}) (async)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000000)={0x4}) (async)
munmap(&(0x7f0000584000/0x800000)=nil, 0x800000) (async)

53m34.715812666s ago: executing program 4 (id=244):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138010, 0x7fff}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

53m24.176029968s ago: executing program 4 (id=245):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x603000000010004c, 0x0})
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010001a, &(0x7f00000001c0)=0x8})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0x40086602, 0x110e22ffff)

52m36.287263208s ago: executing program 36 (id=245):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x603000000010004c, 0x0})
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010001a, &(0x7f00000001c0)=0x8})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0x40086602, 0x110e22ffff)

43m28.528867481s ago: executing program 5 (id=273):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f00000000c0), 0x860c0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0x40086602, 0x1) (async)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
r6 = ioctl$KVM_CREATE_VM(r5, 0x894c, 0x0) (async)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x6832, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r9, 0x4018aee3, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r6, 0xb704, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000000)={0x7, <r12=>0xffffffffffffffff}) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_DEVICE_ATTR(r12, 0x4018aee2, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f00000002c0)={0xe1, 0x0, 0x10000}) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000002000/0x400000)=nil) (async)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)

43m3.789440341s ago: executing program 5 (id=274):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29e00007a9610fbff67521ce16f8f1f449a7a835673312b5cebb2aa76c869d22627e70000000000000000000000008000", 0x0, 0x48)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000080)=@arm64_core={0x6030000000100016, &(0x7f0000000100)=0xc5c5})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
write$eventfd(0xffffffffffffffff, &(0x7f0000000180)=0x5, 0xfffffde3)

43m1.553805567s ago: executing program 6 (id=275):
r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x5)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000040)={0x100000000, 0xffff1000, 0x4, r0, 0x1})
ioctl$KVM_RESET_DIRTY_RINGS(r0, 0xaec7) (async, rerun: 64)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000bff000/0x400000)=nil) (async, rerun: 64)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r2, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x0, 0x8, &(0x7f0000000080)=0x7}) (async)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f0000000100)={0x8000000, 0xd000}) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r4 = ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece)
ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0xfffffffd, 0x4, &(0x7f0000000140)=0x8001}) (async)
ioctl$KVM_KVMCLOCK_CTRL(r4, 0xaead) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x40)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2000, 0x0) (async)
ioctl$KVM_CAP_DIRTY_LOG_RING(r2, 0x4068aea3, &(0x7f0000000200)={0xc0, 0x0, 0x9000})
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x3c)
syz_kvm_setup_cpu$arm64(r6, r0, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000780)=[{0x0, &(0x7f0000000280)=[@irq_setup={0x46, 0x18, {0x4, 0x1c9}}, @code={0xa, 0x6c, {"00fc000f009c002f007008d5007008d5a03286d20000b0f2010080d2a20080d2830180d2c40080d2020000d4007008d500fa85d20080b0f2210080d2820180d2230180d2040180d2020000d400cc200e0008407800b8a12e"}}, @msr={0x14, 0x20, {0x603000000013f528, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013e6c0}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0xe0}}, @smc={0x1e, 0x40, {0x84000004, [0x54, 0x8, 0x8000000000000001, 0x9bcc, 0x6]}}, @smc={0x1e, 0x40, {0x4, [0x7f, 0x4, 0x2d2, 0x0, 0x4]}}, @mrs={0xbe, 0x18, {0x603000000013df42}}, @irq_setup={0x46, 0x18, {0x1, 0x343}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xc0, 0xa, 0xd}}, @mrs={0xbe, 0x18, {0x603000000013df65}}, @svc={0x122, 0x40, {0x3000000, [0x9, 0x7ff, 0xb134, 0xffffffff00000001, 0x1]}}, @eret={0xe6, 0x18, 0xfff}, @msr={0x14, 0x20, {0x603000000013f102, 0x1ff}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x1319061e25a0d460, 0x3, 0xd}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x10f}}, @code={0xa, 0x6c, {"a08b9cd20040b0f2410080d2620080d2e30180d2440080d2020000d40000299e0008607c007008d5000028d580c79cd200e0b0f2410180d2620180d2430080d2040180d2020000d4e00300fa0098a12e000008d50040df0c"}}, @eret={0xe6, 0x18, 0x2}, @mrs={0xbe, 0x18, {0x603000000013def9}}, @memwrite={0x6e, 0x30, @generic={0x8000000, 0x89, 0x4, 0x8}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x14, 0x7fffffff, 0xe}}, @uexit={0x0, 0x18, 0x8}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x4, 0x2, 0x8b02, 0x8, 0x2}}, @msr={0x14, 0x20, {0x6030000000138026, 0x4}}, @code={0xa, 0xb4, {"a01a9ad20040b8f2810180d2c20180d2830080d2440180d2020000d400a4202e000008d5e0ba8ad20000b0f2e10080d2420080d2430080d2a40180d2020000d4a0bf9ed20080b0f2610180d2a20180d2c30180d2640080d2020000d400eca02e007008d500c0df0dc0968ed20000b0f2e10180d2620180d2830180d2e40080d2020000d4c0d28bd20020b8f2c10180d2020180d2030080d2840080d2020000d4"}}, @eret={0xe6, 0x18, 0x7}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x371}}], 0x4fc}], 0x1, 0x0, &(0x7f00000007c0)=[@featur1={0x1, 0x3c}], 0x1) (async, rerun: 32)
munmap(&(0x7f0000d9e000/0x1000)=nil, 0x1000) (async, rerun: 32)
r7 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x19)
r8 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000bc0)={0x0, &(0x7f0000000800)=[@smc={0x1e, 0x40, {0x84000013, [0x5, 0xfff, 0x400, 0x8, 0x1]}}, @hvc={0x32, 0x40, {0x86000001, [0x9a, 0x1, 0x7, 0x8, 0x7fffffffffffffff]}}, @uexit={0x0, 0x18, 0x100000001}, @irq_setup={0x46, 0x18, {0x2, 0x1f6}}, @svc={0x122, 0x40, {0x8400000e, [0x10000, 0x1, 0x929, 0x7, 0x400]}}, @msr={0x14, 0x20, {0x603000000013e080, 0xfffffffffffffff9}}, @irq_setup={0x46, 0x18, {0x4, 0x223}}, @eret={0xe6, 0x18, 0x9}, @mrs={0xbe, 0x18, {0x603000000013c212}}, @eret={0xe6, 0x18}, @code={0xa, 0x84, {"00b8205e00008028c0d68ad200e0b8f2410180d2c20080d2230180d2440080d2020000d4401085d20000b0f2a10180d2420180d2a30080d2040080d2020000d4000820fc0058201e008e98d20000b0f2a10180d2c20180d2830080d2c40080d2020000d400004093000028d5008008d5"}}, @svc={0x122, 0x40, {0xc4000001, [0x7fffffffffffffff, 0x0, 0x2, 0x4, 0x4]}}, @irq_setup={0x46, 0x18, {0x3, 0x15f}}, @svc={0x122, 0x40, {0x84000003, [0x0, 0x9, 0x60, 0xd24, 0x6]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x40, 0x5, 0xa}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x1, 0x6, 0x0, 0x0, 0x3}}, @code={0xa, 0xcc, {"809e8ad20040b0f2e10180d2220180d2030080d2840180d2020000d4008008d5a0088fd20040b8f2e10180d2220080d2030080d2240080d2020000d40000001b007008d5002e80d20000b0f2a10080d2c20180d2230180d2c40180d2020000d4008008d5c0f196d200c0b8f2c10080d2420080d2e30080d2a40080d2020000d4408b80d200a0b8f2e10180d2420180d2c30080d2240180d2020000d4c0c19dd200e0b8f2210080d2620180d2830080d2440080d2020000d4"}}], 0x3b0}, &(0x7f0000000c00)=[@featur1={0x1, 0x22}], 0x1)
syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000e40)=[{0x0, &(0x7f0000000c40)=[@mrs={0xbe, 0x18, {0x603000000013deff}}, @hvc={0x32, 0x40, {0x80000000, [0xe, 0x8, 0x100000000, 0x7]}}, @irq_setup={0x46, 0x18, {0x3, 0xfe}}, @its_setup={0x82, 0x28, {0x3, 0x3, 0xe}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x2, 0x7, 0x0, 0x5, 0x3}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x2, 0x6, 0x8, 0xac7, 0x1}}, @msr={0x14, 0x20, {0x603000000013e081, 0x8000000000000001}}, @mrs={0xbe, 0x18, {0x2f62}}, @eret={0xe6, 0x18, 0x2}, @smc={0x1e, 0x40, {0x84000014, [0xffffffffffff0000, 0x401, 0xe, 0x7fffffffffffffff, 0x1]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x0, 0x3, 0x8}}, @irq_setup={0x46, 0x18, {0x0, 0x1d9}}, @msr={0x14, 0x20, {0x603000000013e18e, 0x81}}], 0x1e0}], 0x1, 0x0, &(0x7f0000000e80)=[@featur2={0x1, 0x20}], 0x1)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r8, 0x4018aee3, &(0x7f0000000f00)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000ec0)={0x8, 0x3ff}}) (async)
ioctl$KVM_CAP_PTP_KVM(r0, 0x4068aea3, &(0x7f0000000f40)) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000001000)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000fc0)=0x8000})
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x3e) (async, rerun: 32)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000001040)={0x2}) (async, rerun: 32)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000001080)=@attr_pmu_init) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000001100)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f00000010c0)=0x3}) (async)
ioctl$KVM_DIRTY_TLB(r8, 0x4010aeaa, &(0x7f0000001140)={0x200, 0x4})

42m49.3558706s ago: executing program 5 (id=276):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x3, 0xa0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r6, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x8, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000000)=@attr_other={0x0, 0xf3b, 0x80, &(0x7f0000000140)=0x1})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r11, 0xae03, 0x83)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil)
r17 = syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r17, 0x4010aeab, &(0x7f0000000100)=@arm64_ccsidr={0x6020000000110003, &(0x7f00000001c0)=0x7})
r18 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r19 = syz_kvm_add_vcpu$arm64(r18, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r19, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000160002, &(0x7f0000000000)=0x7})

42m49.211398335s ago: executing program 6 (id=277):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x12)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x10200, 0x6, 0x8000000, 0x1000, &(0x7f0000dae000/0x1000)=nil})
syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000080)={0x0, &(0x7f00000005c0)=[@uexit={0x0, 0x18, 0x4}, @smc={0x1e, 0x40, {0xc4000004, [0x486, 0x9, 0x9, 0x5]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x100, 0xfffffffffffffff8, 0x2}}, @hvc={0x32, 0x40, {0x3f000000, [0x6, 0x8001, 0x0, 0x7fffffff, 0x5]}}, @uexit={0x0, 0x18, 0x5}, @svc={0x122, 0x40, {0x40, [0x277e, 0xe, 0x9, 0xb43, 0x4]}}, @msr={0x14, 0x20, {0x603000000013dee9, 0x621a4011}}, @irq_setup={0x46, 0x18, {0x1, 0x1ed}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x200, 0xfffffffffffffffe, 0xe}}, @code={0xa, 0x54, {"20bd90d200e0b0f2a10180d2820080d2e30080d2240080d2020000d4007008d5000008d50000281e008008d5007008d5007008d50058602e0000407800fca09b"}}, @eret={0xe6, 0x18, 0x8}, @mrs={0xbe, 0x18, {0x603000000013e08f}}, @uexit={0x0, 0x18, 0xffffffffffffff93}], 0x224}, &(0x7f00000000c0)=[@featur2={0x1, 0x41}], 0x1)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r3, 0x100000d, 0x10, 0xffffffffffffffff, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0x40086602, 0x110e22ffff)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)
r5 = eventfd2(0xfffffffa, 0x80001)
write$eventfd(r5, &(0x7f0000000200)=0x8, 0x8)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="37d3116035d7513e9a000200018000", 0x0, 0x43)
ioctl$KVM_CHECK_EXTENSION(r4, 0x40086602, 0x110e227ffe)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x28)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_cpu$arm64(r7, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000240)=[@code={0xa, 0xcc, {"e0ef9ad200c0b8f2410080d2e20080d2430080d2e40180d2020000d4e0be9cd20040b0f2210080d2620080d2630180d2840180d2020000d40000681e0000000b0000399e003c202ea04c8ad200e0b0f2610180d2c20180d2a30080d2640180d2020000d4c0ed81d20000b8f2810180d2820180d2a30180d2640080d2020000d4a0a189d20060b0f2410180d2820180d2230080d2240180d2020000d4804e82d20020b0f2810180d2020180d2830180d2a40080d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x4, 0x0, 0x9, 0xe}}, @hvc={0x32, 0x40, {0x6000000, [0x0, 0x78f7, 0x8, 0x3, 0x9]}}, @smc={0x1e, 0x40, {0x84000009, [0x5, 0x10, 0xd7f, 0x1000, 0x5]}}, @irq_setup={0x46, 0x18, {0x0, 0x5a}}, @mrs={0xbe, 0x18, {0x6030000000139828}}, @msr={0x14, 0x20, {0x603000000013c085, 0x100000001}}, @hvc={0x32, 0x40, {0xc400000d, [0xffffffff, 0x100, 0x6, 0x7, 0x8000000000000000]}}, @hvc={0x32, 0x40, {0x8400000b, [0x4, 0x8, 0x6, 0x6, 0xdd]}}, @mrs={0xbe, 0x18, {0x77fe}}], 0x25c}], 0x1, 0x0, 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)

42m30.37199136s ago: executing program 6 (id=278):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0x40087602, 0x1) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000180)={0x1, 0x104000, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000380)={0x3000})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r6, 0x4010ae68, &(0x7f0000000140)={0x6000, 0x99000, 0x1}) (async)
r7 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0xc4000001, [0x8, 0x939, 0xe, 0x7f, 0x4]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, r9, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)

42m24.156151188s ago: executing program 5 (id=279):
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8})
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x43ff})
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x40480, 0x0)
ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x8)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000180)=@arm64_sve={0x608000000015036d, &(0x7f0000000200)=0xfffffffffffffffc})
r8 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000000)={0x0, &(0x7f0000000400)=[@hvc={0x32, 0x40, {0x84000053, [0x53, 0x8, 0x1, 0x8, 0x100]}}], 0x40}, 0x0, 0x0)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, &(0x7f00000003c0)=[@hvc={0x32, 0x40, {0x86000001, [0xc, 0x5, 0x2, 0xfffffffffffffffc, 0x52]}}], 0xffffffb5}, 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x22)
ioctl$KVM_CAP_HALT_POLL(r9, 0x4068aea3, &(0x7f0000000240)={0xb6, 0x0, 0x7})
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e1d000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)

42m11.290517529s ago: executing program 6 (id=280):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) (async)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
syz_kvm_vgic_v3_setup(r3, 0x0, 0x3c0) (async)
syz_kvm_vgic_v3_setup(r3, 0x0, 0x3c0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000040)={0x7}) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000040)={0x7, <r6=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r6, 0x4018aee3, &(0x7f0000000180)=@attr_other={0x0, 0x1, 0x80, 0x0})
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000bfa000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) (async)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e1d000/0x1000)=nil, 0x1000) (async)
munmap(&(0x7f0000e1d000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
ioctl$KVM_RUN(r10, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r10, 0xae80, 0x0)

42m0.197651771s ago: executing program 5 (id=281):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x10003, 0x0)
r1 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r1, 0x4018aee1, &(0x7f0000000080)=@attr_other={0x0, 0xfffffffb, 0x503b, &(0x7f0000000040)=0x800})
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, r2, 0x100000e, 0x100010, r1, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x5)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r3, 0x4008ae73, &(0x7f00000000c0)={0x3, 0x8})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x400200, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r5 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000180)={0x0, &(0x7f0000000140)=[@smc={0x1e, 0x40, {0x80008000, [0x46660000000, 0x3, 0x100000001, 0x0, 0x37]}}], 0x40}, &(0x7f00000001c0)=[@featur2={0x1, 0x92}], 0x1)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r5, 0x4010aeab, &(0x7f0000000200)={0xf, 0xdddd1000})
r6 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000380)={0x0, &(0x7f0000000240)=[@code={0xa, 0x9c, {"202490d20000b8f2210180d2a20180d2630080d2040180d2020000d4000000d2007008d5007008d5209383d20040b8f2410080d2220180d2430080d2440080d2020000d4c03095d20040b8f2210080d2420180d2830180d2640180d2020000d4007008d500b0004fa01288d200c0b8f2c10180d2c20080d2830180d2e40080d2020000d4000028d5"}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x0, 0x7, 0x9, 0xbf7, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x2, 0xe, 0x4, 0xfffffffb, 0x4}}, @its_setup={0x82, 0x28, {0x4, 0x3, 0x347}}], 0x114}, &(0x7f00000003c0), 0x1)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r3, 0x4068aea3, &(0x7f0000000400))
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_KVMCLOCK_CTRL(r5, 0xaead)
munmap(&(0x7f0000f3a000/0x4000)=nil, 0x4000)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x80400, 0x0)
ioctl$KVM_CAP_ARM_MTE(r3, 0x4068aea3, &(0x7f00000004c0))
r9 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_SET_SREGS(r9, 0x4000ae84, &(0x7f0000000540)={{0x100000, 0x100000, 0xb, 0x7f, 0xf8, 0x7, 0x8, 0x2, 0x1, 0xe9, 0x2, 0x6d}, {0x8080000, 0xdddd1000, 0xa, 0x0, 0x8, 0x5, 0x41, 0x2, 0xfc, 0x1, 0x6, 0x7}, {0xeeef0000, 0x2, 0x4, 0xff, 0x2, 0x7, 0xb, 0x4b, 0x7, 0x7, 0x1, 0x8}, {0x4000, 0x6000, 0x55fbb9c52abdb800, 0x80, 0x3, 0x2, 0x2, 0x0, 0x7, 0xa, 0x80, 0x8}, {0xeeef0000, 0x100000, 0x0, 0x81, 0x8, 0x4, 0x8c, 0x10, 0x7, 0xf, 0xcf, 0x1}, {0x4000, 0x5000, 0xd, 0x0, 0xf7, 0x0, 0xf7, 0x2, 0x9, 0x4c, 0x7, 0x2}, {0x2000, 0x4000, 0xb, 0x7, 0x9, 0x8, 0x4, 0x4, 0x0, 0x6c, 0xa6, 0x2}, {0xeeee0000, 0xeeee8000, 0x10, 0x4, 0x10, 0x5b, 0x9, 0xe, 0x5, 0x8, 0x4, 0xc}, {0x3000, 0x400}, {0x8080000, 0x7ff}, 0x24, 0x0, 0x11960a06716b93e2, 0x100500, 0xd, 0x2501, 0x8080000, [0xdd, 0x75f1, 0x0, 0x31]})
r10 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r11 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x14)
ioctl$KVM_CHECK_EXTENSION_VM(r11, 0xae03, 0x5)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000680), 0x280000, 0x0)
ioctl$KVM_GET_STATS_FD_vm(r3, 0xaece)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r10, 0x4018aee3, &(0x7f00000006c0)=@attr_pmu_init)

41m49.257644157s ago: executing program 6 (id=282):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, 0x930, 0x4, 0x4f833, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r5, 0x3, 0x11, r4, 0x0)
r6 = mmap$KVM_VCPU(&(0x7f0000003000/0x2000)=nil, r5, 0x2000000, 0x810, r2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x200000d, 0x16831, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000000)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x193139737bffe79d)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000000c0)={0x1, 0x0, [{0xffffff81, 0x5, 0x0, 0x0, @msi={0xffff, 0x6, 0x4, 0x10001}}]})
mmap$KVM_VCPU(&(0x7f0000005000/0x4000)=nil, r7, 0x8, 0x25e0f4b7cd267e34, r2, 0x0)
close(r1)

41m46.873249879s ago: executing program 5 (id=283):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x4, <r3=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000000)=@attr_other={0x0, 0x1, 0x10, 0x0})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3f)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013e641, 0x0})

41m32.309764072s ago: executing program 6 (id=284):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100030, &(0x7f0000000000)=0x3ff})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r4, 0x4008ae6a, &(0x7f0000000140)={0x3, 0x0, [{0xa, 0x2, 0x1, 0x0, @msi={0x10ebb, 0x394c794f, 0x7f, 0x801}}, {0x8, 0x5, 0x0, 0x0, @irqchip={0x3, 0x101}}, {0xffffff01, 0x4, 0x0, 0x0, @irqchip={0xcf52}}]}) (async)
ioctl$KVM_SET_GSI_ROUTING(r4, 0x4008ae6a, &(0x7f0000000140)={0x3, 0x0, [{0xa, 0x2, 0x1, 0x0, @msi={0x10ebb, 0x394c794f, 0x7f, 0x801}}, {0x8, 0x5, 0x0, 0x0, @irqchip={0x3, 0x101}}, {0xffffff01, 0x4, 0x0, 0x0, @irqchip={0xcf52}}]})

40m59.508550871s ago: executing program 37 (id=283):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x4, <r3=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000000)=@attr_other={0x0, 0x1, 0x10, 0x0})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3f)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013e641, 0x0})

40m40.780034927s ago: executing program 38 (id=284):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100030, &(0x7f0000000000)=0x3ff})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r4, 0x4008ae6a, &(0x7f0000000140)={0x3, 0x0, [{0xa, 0x2, 0x1, 0x0, @msi={0x10ebb, 0x394c794f, 0x7f, 0x801}}, {0x8, 0x5, 0x0, 0x0, @irqchip={0x3, 0x101}}, {0xffffff01, 0x4, 0x0, 0x0, @irqchip={0xcf52}}]}) (async)
ioctl$KVM_SET_GSI_ROUTING(r4, 0x4008ae6a, &(0x7f0000000140)={0x3, 0x0, [{0xa, 0x2, 0x1, 0x0, @msi={0x10ebb, 0x394c794f, 0x7f, 0x801}}, {0x8, 0x5, 0x0, 0x0, @irqchip={0x3, 0x101}}, {0xffffff01, 0x4, 0x0, 0x0, @irqchip={0xcf52}}]})

29m48.869182169s ago: executing program 8 (id=302):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=[@msr={0x14, 0x20, {0x139f, 0x7}}, @svc={0x122, 0x40, {0x40, [0x5, 0x8, 0x1, 0x8c, 0x100]}}, @eret={0xe6, 0x18, 0x80000000}, @hvc={0x32, 0x40, {0x84000001, [0x3, 0x1, 0x0, 0x4, 0x7]}}, @eret={0xe6, 0x18, 0x6}], 0xd0}, &(0x7f0000000100)=[@featur1={0x1, 0xa1}], 0x1)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000008, [0x99b, 0x100000003, 0x5, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x8131, 0xffffffffffffffff, 0x0) (async, rerun: 64)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (rerun: 64)

29m32.569411384s ago: executing program 8 (id=304):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x200000000002d)
r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xb704, 0x0)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000200)={0x0, 0x1, 0xffff1000, 0x2000, &(0x7f000016f000/0x2000)=nil, 0x2})
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000000)={0x2, <r5=>0xffffffffffffffff, 0x1})
ioctl$KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x5, 0x2, &(0x7f0000000040)=0x1})
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)

29m18.288442155s ago: executing program 8 (id=305):
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x202880, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2, 0x23ac5f9b426ec4b1, 0xffffffffffffffff, 0x0)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, 0x0)

29m4.238937382s ago: executing program 8 (id=307):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xffffffffffffffff)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f00000005c0)=@attr_pmu_irq={0x0, 0x0, 0x2000000, 0x0})
munmap(&(0x7f0000ce0000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x1000000)
r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f0000000040), 0xfffffffffffffe51}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)

28m50.227258125s ago: executing program 7 (id=308):
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x4, 0x4000010, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e3a000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, 0x0, 0x2000009, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0x40086602, 0x110e22ffff)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
write$eventfd(0xffffffffffffffff, 0x0, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, 0x0, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x28)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3d)
ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000000000)={0x5, 0xa944})
r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1000000000000002)
r6 = mmap$KVM_VCPU(&(0x7f0000d7e000/0x3000)=nil, 0x930, 0x1000002, 0x11, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000f4d000/0x4000)=nil, r7, 0x3000001, 0x11, r5, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x40, 0x408)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)

28m46.04923315s ago: executing program 8 (id=309):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f00000001c0)=@arm64_core={0x6030000000100046, &(0x7f0000000100)=0x2})
ioctl$KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, &(0x7f00000004c0)=@attr_other={0x0, 0xbc, 0xb, &(0x7f0000000480)=0x4})
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r6 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000080)=[@smc={0x1e, 0x40, {0xc4000053, [0x1d20, 0x800, 0xb15, 0x2, 0xc6]}}, @smc={0x1e, 0x40, {0x84000002, [0xd, 0x7, 0x2, 0x6, 0x101]}}, @mrs={0xbe, 0x18, {0x603000000013dea6}}, @mrs={0xbe, 0x18, {0x603000000013e6d9}}, @hvc={0x32, 0x40, {0xc5000020, [0x100000000, 0x2, 0x200, 0x8, 0xffffffffffff1eb7]}}, @memwrite={0x6e, 0x30, @generic={0xeeef6000, 0x339, 0xb, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013defe}}, @irq_setup={0x46, 0x18, {0x3, 0x32e}}, @irq_setup={0x46, 0x18, {0x3, 0x2b0}}, @smc={0x1e, 0x40, {0xc400000d, [0xfff, 0x707498af, 0xc7c, 0x0, 0xf]}}, @svc={0x122, 0x40, {0xc400000c, [0x2, 0x5, 0xce1, 0x1, 0x8]}}, @uexit={0x0, 0x18, 0x200}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x3e4}}, @eret={0xe6, 0x18}, @smc={0x1e, 0x40, {0x0, [0x100, 0x8, 0x68, 0x1000, 0x2]}}, @hvc={0x32, 0x40, {0x8000, [0x1, 0x40, 0x4f, 0x0, 0x1]}}, @msr={0x14, 0x20, {0x603000000013c01a, 0xb5f0}}, @eret={0xe6, 0x18, 0x80}, @mrs={0xbe, 0x18, {0x603000000013e520}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0xa7}}, @eret={0xe6, 0x18, 0xffff}], 0x350}, &(0x7f0000000400)=[@featur1={0x1, 0x2}], 0x1)
ioctl$KVM_GET_VCPU_EVENTS(r0, 0x8040ae9f, &(0x7f0000000440))
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, r5, 0x2, 0x110, r6, 0x0)

28m28.178620085s ago: executing program 8 (id=310):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x7fffffffffffffff})
ioctl$KVM_S390_VCPU_FAULT(r3, 0x4008ae52, &(0x7f0000000080))
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x22f80, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = eventfd2(0xeffffffd, 0x801)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000000)={0x200, 0x4000, 0x4, r6, 0x1})
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r6, 0x3})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x31)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r10, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000df4000/0x2000)=nil, 0x930, 0x500000f, 0x10, r3, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r8, 0xae03, 0x80)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f00000000c0)={0x3, 0x0, 0x2, r6, 0xf})

28m26.6501158s ago: executing program 7 (id=311):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x1, 0x104000, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000380)={0x3000})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000140)={0x6000, 0x99000, 0x1})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xb2)

28m9.870981785s ago: executing program 7 (id=312):
ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000040)=@arm64_bitmap={0x6030000000160001, &(0x7f0000000000)=0x80})
r0 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000005c0)={0x0, &(0x7f0000000080)=[@msr={0x14, 0x20, {0x603000000013e64d, 0x9}}, @code={0xa, 0x84, {"007008d540c08dd20020b0f2010180d2420180d2030180d2040080d2020000d40004601e007008d50020800d0040621e007008d520f69fd20000b0f2e10180d2220180d2c30080d2a40080d2020000d4007008d520bd97d20040b8f2c10180d2620080d2c30080d2840180d2020000d4"}}, @msr={0x14, 0x20, {0x603000000013df46, 0x3ff}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0xab}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x67}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0xffd0, 0x2, 0x10}}, @msr={0x14, 0x20, {0x603000000013c523, 0xffffffffffffffff}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x4, 0x55c1, 0x4}}, @smc={0x1e, 0x40, {0x31000000, [0x2, 0x40, 0x80000001, 0x5, 0xa015]}}, @uexit={0x0, 0x18, 0xd2}, @eret={0xe6, 0x18, 0x10}, @mrs={0xbe, 0x18, {0x603000000013e6c2}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0xe00, 0x2, 0x8}}, @hvc={0x32, 0x40, {0x840000d0, [0x10, 0x65, 0xb8, 0x1, 0xd6]}}, @msr={0x14, 0x20, {0x603000000013df6d, 0x4}}, @smc={0x1e, 0x40, {0x400, [0x8, 0x40, 0x3, 0x5, 0x800]}}, @irq_setup={0x46, 0x18, {0x4, 0x10d}}, @eret={0xe6, 0x18, 0x200}, @msr={0x14, 0x20, {0x603000000013c086, 0x101}}, @hvc={0x32, 0x40, {0xc4000001, [0xfffffffffffffffe, 0x2, 0xa, 0xb, 0x9c85]}}, @smc={0x1e, 0x40, {0x2000000, [0x0, 0x4, 0xc, 0x8, 0x8]}}, @msr={0x14, 0x20, {0x603000000013df6c, 0x7}}, @uexit={0x0, 0x18, 0x5}, @svc={0x122, 0x40, {0x32000000, [0x6, 0x3, 0xc, 0x6, 0x800]}}, @code={0xa, 0x54, {"000cc03800a0df0c008008d5007008d5000028d500eca02e004c202ee0bf85d200a0b8f2010180d2220080d2c30180d2640180d2020000d40040241e007008d5"}}, @mrs={0xbe, 0x18, {0x603000000013da29}}, @svc={0x122, 0x40, {0x100, [0x1, 0x8, 0x7, 0x1bc, 0xfff]}}, @irq_setup={0x46, 0x18, {0x1, 0x164}}, @svc={0x122, 0x40, {0x84000000, [0xb9de, 0xc5, 0x3, 0x1, 0x1]}}], 0x538}, &(0x7f0000000600)=[@featur2={0x1, 0x40}], 0x1)
ioctl$KVM_ARM_VCPU_FINALIZE(r0, 0x4004aec2, &(0x7f0000000640)=0x7)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, r1, 0x2, 0x10, r0, 0x0)
ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f00000006c0)=@arm64_fp_extra={0x60200000001000d4, &(0x7f0000000680)=0x1})
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3c)
syz_kvm_setup_cpu$arm64(r2, r0, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000940)=[{0x0, &(0x7f0000000700)=[@its_setup={0x82, 0x28, {0x0, 0x3, 0x2e9}}, @msr={0x14, 0x20, {0x603000000013e090, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x80, 0x0, 0xfff, 0xf9b, 0x3}}, @hvc={0x32, 0x40, {0xc400000d, [0x8, 0xffffffff, 0x0, 0x14, 0x2c2]}}, @smc={0x1e, 0x40, {0x4, [0xf415, 0x6, 0x9, 0x7, 0x6d5]}}, @svc={0x122, 0x40, {0x40, [0x3, 0x7, 0x6, 0x0, 0x2800000000000]}}, @code={0xa, 0x6c, {"000000b9008008d500000037202d93d200c0b8f2e10180d2220180d2030080d2640080d2020000d4007008d5601b93d20060b8f2a10080d2e20180d2030080d2640080d2020000d4007008d5007008d5e00300eb00c8215e"}}, @msr={0x14, 0x20, {0x6030000000138004, 0x7}}, @hvc={0x32, 0x40, {0xc4000012, [0x1, 0x4, 0x4, 0x3, 0xff]}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x4, 0x7, 0x7f, 0x9, 0x4}}], 0x224}], 0x1, 0x0, &(0x7f0000000980)=[@featur1={0x1, 0x24}], 0x1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000009c0), 0x400080, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x22)
ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x4c8e8780)
r6 = ioctl$KVM_GET_STATS_FD_vm(r2, 0xaece)
ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x1)
r7 = ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece)
ioctl$KVM_CAP_ARM_USER_IRQ(r7, 0x4068aea3, &(0x7f0000000a00))
mmap$KVM_VCPU(&(0x7f0000f53000/0x3000)=nil, r1, 0x5000004, 0x80010, r3, 0x0)
ioctl$KVM_CAP_ARM_MTE(r7, 0x4068aea3, &(0x7f0000000a80))
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r2, 0x4068aea3, &(0x7f0000000b00)={0xe4, 0x0, 0x80000000000000})
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000b80)={0x8})
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000000bc0)={0x101, 0x53a7})
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x4018aee1, &(0x7f0000000c40)=@attr_other={0x0, 0x1, 0x6, &(0x7f0000000c00)=0xcd5a})
syz_kvm_setup_cpu$arm64(r5, r0, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000e80)=[{0x0, &(0x7f0000000c80)=[@msr={0x14, 0x20, {0x603000000013dce3, 0xa}}, @mrs={0xbe, 0x18, {0x603000000013804e}}, @msr={0x14, 0x20, {0x6030000000138056}}, @irq_setup={0x46, 0x18, {0x1, 0x395}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xffd0, 0x9, 0xb}}, @code={0xa, 0x9c, {"60739dd20040b0f2e10080d2420080d2230180d2640180d2020000d4007008d500928fd20080b8f2210080d2620180d2e30180d2e40180d2020000d400c0601e0078601e0080800c007008d50000291e20729ed20040b8f2410080d2220080d2830080d2840080d2020000d480b998d200c0b0f2410080d2820080d2a30180d2a40080d2020000d4"}}, @eret={0xe6, 0x18, 0x2}, @uexit={0x0, 0x18, 0x5}, @svc={0x122, 0x40, {0x2, [0x5, 0x100, 0x800, 0x8499, 0xfffffffffffffffe]}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x3, 0x1, 0x6, 0x6}}], 0x1d4}], 0x1, 0x0, &(0x7f0000000ec0)=[@featur1={0x1, 0x40}], 0x1)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x3f)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x3b)
ioctl$KVM_CAP_PTP_KVM(r5, 0x4068aea3, &(0x7f0000000f00))
ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f0000000f80)={0xe625, 0x60affdcc})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000fc0)={0x10201, 0x1, 0xddd57000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000001000)={0x6, 0xf000, 0x1, r6, 0x3})

27m56.340302839s ago: executing program 7 (id=313):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x26)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000bfd000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x18)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x10)

27m45.338391037s ago: executing program 7 (id=314):
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000180)=[@hvc={0x32, 0x40, {0x84000007, [0x60e, 0xfffffffffffffffb, 0x4, 0x8, 0x1]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x1, 0x1, 0x0, 0x8001, 0x3}}], 0x68}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000001000/0x3000)=nil, 0x930, 0x100000e, 0x80010, 0xffffffffffffffff, 0x0)

27m39.519837548s ago: executing program 39 (id=310):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x7fffffffffffffff})
ioctl$KVM_S390_VCPU_FAULT(r3, 0x4008ae52, &(0x7f0000000080))
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x22f80, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = eventfd2(0xeffffffd, 0x801)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000000)={0x200, 0x4000, 0x4, r6, 0x1})
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r6, 0x3})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x31)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r10, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000df4000/0x2000)=nil, 0x930, 0x500000f, 0x10, r3, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r8, 0xae03, 0x80)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f00000000c0)={0x3, 0x0, 0x2, r6, 0xf})

27m30.210911174s ago: executing program 7 (id=316):
r0 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000004c0)={0x0, &(0x7f0000000000)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff4, 0x401, 0xb}}, @uexit={0x0, 0x18, 0x9}, @hvc={0x32, 0x40, {0x1000000, [0x0, 0x5, 0x3, 0x7, 0x6]}}, @hvc={0x32, 0x40, {0xc4000004, [0x7f, 0x800, 0xff, 0x64, 0x261]}}, @svc={0x122, 0x40, {0x86000001, [0x5, 0x5, 0xffffffff80000000, 0x1, 0x80000001]}}, @msr={0x14, 0x20, {0x6030000000138002, 0x4}}, @svc={0x122, 0x40, {0x80007fff, [0x2, 0x8, 0x7, 0x2, 0x2]}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x0, 0x679d75b3, 0x26, 0x6, 0x3}}, @uexit={0x0, 0x18, 0x4}, @mrs={0xbe, 0x18, {0x18e4}}, @msr={0x14, 0x20, {0x603000000013c601, 0x3}}, @msr={0x14, 0x20, {0x603000000013c289, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xc00, 0x0, 0xa}}, @code={0xa, 0x6c, {"204195d200e0b0f2c10180d2220180d2030080d2040080d2020000d40000204e0070400c0068217e000400fc008008d5a05194d20040b8f2410080d2220180d2430180d2c40180d2020000d4007008d5007008d5007008d5"}}, @msr={0x14, 0x20, {0x603000000013e101, 0xffffffffffffcd6f}}, @hvc={0x32, 0x40, {0xc400ffae, [0xa, 0x7, 0x8f9f, 0x1000, 0x2]}}, @msr={0x14, 0x20, {0x603000000013df4f, 0x8}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x1c2}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x0, 0xc, 0x1f000000, 0x1, 0x3}}, @code={0xa, 0xb4, {"00c8217e0008c07880f992d20040b8f2010180d2620080d2830080d2a40080d2020000d4e01a93d20060b8f2410180d2620080d2230080d2040180d2020000d4002981d20000b8f2c10080d2a20180d2430180d2e40080d2020000d480ad94d20020b0f2a10080d2620080d2230180d2440080d2020000d4a0f292d20060b8f2a10180d2220180d2430080d2a40080d2020000d4000028d5000008d50000599e"}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x80, 0x8, 0x8}}, @irq_setup={0x46, 0x18, {0x4, 0x99}}, @eret={0xe6, 0x18, 0x1}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x88, 0x8001, 0x81aa2527aa1fd0db}}], 0x4b0}, &(0x7f0000000500)=[@featur2={0x1, 0x27}], 0x1)
ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000540)=0x1)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r0, 0x4208ae9b, &(0x7f0000000580)={0x10000, 0x0, {[0x800, 0xbe, 0x5da, 0xe, 0xffff, 0xe, 0x5, 0x6, 0x243, 0x80000000, 0x1df548bd, 0xfffffffffffffffa, 0xf, 0x1553, 0x7, 0x6], [0x4, 0x1, 0xfffffffffffffff0, 0xf3b, 0x1ff, 0x7, 0x7, 0x5, 0x80000000, 0xcad, 0x6, 0x3, 0x2, 0x23905abb, 0x6, 0x2], [0x6, 0xdd, 0x6, 0x4, 0x2, 0xcc, 0x8001, 0x8, 0xa000000000000000, 0x5, 0x1, 0x9, 0xffffffff, 0x8000000000000000, 0x0, 0x2], [0xb7df, 0x6, 0xf0, 0xffffffff, 0x5, 0x2, 0x5db, 0xb1a0, 0xffffffff, 0x9, 0x4169, 0x9, 0x8b69, 0x10001, 0x5, 0x2cc]}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000007c0), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
ioctl$KVM_GET_API_VERSION(r1, 0xae00, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xfffffffffffffff9)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r0, 0x4068aea3, &(0x7f0000000800)={0xe4, 0x0, 0x8})
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
r3 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f00000008c0)=@attr_other={0x0, 0x8, 0xcc98, &(0x7f0000000880)=0x2})
syz_kvm_vgic_v3_setup(r3, 0x1, 0x3c0)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x13)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000900), 0x20000, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x4d0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000940)={0xb, 0xffffffffffffffff, 0x1})
ioctl$KVM_SET_REGS(r0, 0x4360ae82, &(0x7f0000000980)={[0x8000, 0x63da, 0xffffffff, 0x8, 0xbc83, 0x8, 0x8, 0x679a, 0x1, 0x9, 0x8, 0x8b, 0x3, 0xc26, 0x9, 0x8000000000000001], 0xf000, 0x200040})
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x27)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4360ae82, &(0x7f0000000a40)={[0x0, 0x3ff, 0x1, 0x101, 0x55dd, 0x5, 0x9, 0x3, 0x6, 0x100, 0x3, 0x100000001, 0x1, 0x8, 0x5, 0x1], 0x6000, 0x18004})
ioctl$KVM_SET_REGS(r6, 0x4360ae82, &(0x7f0000000b00)={[0x2, 0x6, 0x0, 0x7, 0xb180, 0xc, 0xffff, 0x4, 0x8, 0x1ff, 0x4, 0x4, 0x5, 0x0, 0x7], 0xeeee0000, 0x40082})
r7 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000001100)={0x0, &(0x7f0000000bc0)=[@code={0xa, 0x84, {"000c202e000028d5e0f395d200a0b0f2210180d2a20080d2830080d2c40180d2020000d4007008d560058bd20000b8f2610180d2420180d2430180d2840180d2020000d4000cc03c008008d50084007f00799bd200e0b0f2610080d2e20080d2030080d2e40080d2020000d400040038"}}, @mrs={0xbe, 0x18, {0x603000000013df4c}}, @eret={0xe6, 0x18}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x3bb}}, @hvc={0x32, 0x40, {0x20, [0x2000000000000, 0x4, 0x80000001, 0x40000000, 0xa]}}, @hvc={0x32, 0x40, {0x800, [0xffff, 0x6, 0x8, 0x362, 0x8]}}, @hvc={0x32, 0x40, {0x3000000, [0x37988, 0x7176, 0x8816, 0x8, 0xffffffffffffffff]}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x1, 0x3, 0x80000001, 0x3, 0x1}}, @uexit={0x0, 0x18, 0x7}, @hvc={0x32, 0x40, {0xc4000053, [0x3, 0x7f, 0x0, 0xea00, 0x1b]}}, @uexit={0x0, 0x18, 0x2}, @eret={0xe6, 0x18, 0x3}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x4, 0x0, 0x9, 0x4, 0x1}}, @svc={0x122, 0x40, {0x0, [0x10000, 0x2, 0x6, 0xfffffffffffffff8, 0x1]}}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x260}}, @svc={0x122, 0x40, {0x4000000, [0x47f, 0xe8e8, 0x1, 0xe5, 0x2]}}, @msr={0x14, 0x20, {0x603000000013e703, 0x3ff}}, @smc={0x1e, 0x40, {0xc400000e, [0x2, 0x80000001, 0x7, 0x9, 0xf2]}}, @irq_setup={0x46, 0x18, {0x0, 0x236}}, @smc={0x1e, 0x40, {0xc400000d, [0x1, 0x7, 0x0, 0x5, 0xf35]}}, @code={0xa, 0x84, {"007008d5008699d20020b8f2a10180d2620180d2c30080d2a40080d2020000d4400f9ad20020b0f2210080d2a20180d2e30180d2440180d2020000d4000028d5e07e9fd200c0b0f2010080d2e20080d2e30180d2640180d2020000d4007008d5008000080000039e0090805f007008d5"}}, @msr={0x14, 0x20, {0x603000000013df7a, 0x100000001}}, @smc={0x1e, 0x40, {0xc4000005, [0x8, 0x53f, 0x1, 0x6, 0x6]}}, @msr={0x14, 0x20, {0x6030000000138084, 0x27e}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x40, 0x5, 0x8}}], 0x508}, &(0x7f0000001140)=[@featur2={0x1, 0x8}], 0x1)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r0, 0x8040ae9f, &(0x7f0000001180))
mmap$KVM_VCPU(&(0x7f0000fff000/0x1000)=nil, r2, 0x2000001, 0x1010, r6, 0x0)
ioctl$KVM_GET_API_VERSION(r1, 0xae00, 0x0)
r8 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000016c0)={0x0, &(0x7f00000011c0)=[@eret={0xe6, 0x18, 0x40}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x30e}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x0, 0xd, 0xb, 0x5c02, 0x2}}, @smc={0x1e, 0x40, {0x8400000c, [0xf, 0x8000000000000001, 0x663, 0x4, 0x81]}}, @mrs={0xbe, 0x18, {0x603000000013e6c8}}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x188}}, @svc={0x122, 0x40, {0x2000000, [0x3e, 0x6, 0x2, 0x3, 0x2]}}, @irq_setup={0x46, 0x18, {0x0, 0xcd}}, @code={0xa, 0x9c, {"008008d5a0e385d20060b8f2a10080d2220080d2630180d2840180d2020000d4001c00530020df0d609e91d20060b0f2210080d2820080d2230080d2040080d2020000d40000800ce0bd85d200c0b0f2210080d2420180d2a30180d2a40080d2020000d4205782d200c0b0f2e10180d2c20080d2c30080d2240080d2020000d4000028d5000028d5"}}, @mrs={0xbe, 0x18, {0x603000000013dea1}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x3, 0xd, 0x9, 0x5, 0x3}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0xe9}}, @mrs={0xbe, 0x18, {0x603000000013deab}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1800, 0x8000000000000001, 0x9}}, @eret={0xe6, 0x18, 0x7fffffff}, @eret={0xe6, 0x18, 0x1}, @svc={0x122, 0x40, {0x84000050, [0x3, 0x7, 0x4, 0x945, 0x100]}}, @hvc={0x32, 0x40, {0x84000052, [0x7, 0x0, 0x7, 0x0, 0x9]}}, @irq_setup={0x46, 0x18, {0x1, 0x62}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x3, 0x10, 0xe8, 0x1, 0x4}}, @eret={0xe6, 0x18, 0x1}, @uexit={0x0, 0x18, 0x3}, @msr={0x14, 0x20, {0x603000000013c4f6, 0x2}}, @smc={0x1e, 0x40, {0x86000001, [0x8, 0x4, 0x7fffffffffffffff, 0x5, 0x4]}}, @code={0xa, 0x84, {"000028d540578bd200a0b8f2010180d2a20180d2430180d2e40180d2020000d40008e03c1004601e0004002f008008d500000038000040bae0b68ad20060b8f2c10180d2820180d2430180d2a40180d2020000d480a89ad20040b0f2e10080d2a20180d2230080d2c40080d2020000d4"}}, @smc={0x1e, 0x40, {0x86000000, [0x8, 0x80000001, 0x8, 0x10, 0x45e]}}], 0x4d0}, &(0x7f0000001700)=[@featur2={0x1, 0xfe}], 0x1)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r8, 0x4018aee3, &(0x7f0000001780)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000001740)={0x8, 0x3, 0x1}})
r9 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000001ac0)={0x0, &(0x7f00000017c0)=[@msr={0x14, 0x20, {0x603000000013c643, 0x4bb}}, @mrs={0xbe, 0x18, {0x603000000013e6d8}}, @mrs={0xbe, 0x18, {0x603000000013e668}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x145}}, @eret={0xe6, 0x18, 0x1}, @uexit={0x0, 0x18, 0x8}, @code={0xa, 0xb4, {"20be99d20040b8f2210080d2820180d2e30180d2240080d2020000d4200094d20020b8f2e10080d2a20180d2c30080d2c40180d2020000d4008008d50000004b00e4002fe04b9bd20020b0f2010080d2420080d2830180d2e40080d2020000d400708fd20060b8f2810180d2420180d2c30180d2840080d2020000d4403092d20020b8f2410180d2820080d2830080d2640180d2020000d4007008d5000440fc"}}, @msr={0x14, 0x20, {0x603000000013dee7, 0x6}}, @irq_setup={0x46, 0x18, {0x3, 0x6}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x4, 0xb, 0x7, 0x4}}, @mrs={0xbe, 0x18, {0x6030000000138004}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x300, 0x7}}, @svc={0x122, 0x40, {0x2000, [0x8, 0x1ff, 0x66, 0x1]}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x0, 0x1, 0x9, 0x5, 0x3}}, @code={0xa, 0x6c, {"0000002b000028d5008008d500000033008008d5007008d500b280d20060b0f2810080d2820180d2c30180d2840180d2020000d400c0ff0d7f2003d5a08f90d20060b8f2010080d2a20180d2e30080d2040180d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x3, 0x5, 0x7, 0x8001, 0x1}}], 0x300}, &(0x7f0000001b00)=[@featur1={0x1, 0x18}], 0x1)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

26m41.422029371s ago: executing program 40 (id=316):
r0 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000004c0)={0x0, &(0x7f0000000000)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff4, 0x401, 0xb}}, @uexit={0x0, 0x18, 0x9}, @hvc={0x32, 0x40, {0x1000000, [0x0, 0x5, 0x3, 0x7, 0x6]}}, @hvc={0x32, 0x40, {0xc4000004, [0x7f, 0x800, 0xff, 0x64, 0x261]}}, @svc={0x122, 0x40, {0x86000001, [0x5, 0x5, 0xffffffff80000000, 0x1, 0x80000001]}}, @msr={0x14, 0x20, {0x6030000000138002, 0x4}}, @svc={0x122, 0x40, {0x80007fff, [0x2, 0x8, 0x7, 0x2, 0x2]}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x0, 0x679d75b3, 0x26, 0x6, 0x3}}, @uexit={0x0, 0x18, 0x4}, @mrs={0xbe, 0x18, {0x18e4}}, @msr={0x14, 0x20, {0x603000000013c601, 0x3}}, @msr={0x14, 0x20, {0x603000000013c289, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xc00, 0x0, 0xa}}, @code={0xa, 0x6c, {"204195d200e0b0f2c10180d2220180d2030080d2040080d2020000d40000204e0070400c0068217e000400fc008008d5a05194d20040b8f2410080d2220180d2430180d2c40180d2020000d4007008d5007008d5007008d5"}}, @msr={0x14, 0x20, {0x603000000013e101, 0xffffffffffffcd6f}}, @hvc={0x32, 0x40, {0xc400ffae, [0xa, 0x7, 0x8f9f, 0x1000, 0x2]}}, @msr={0x14, 0x20, {0x603000000013df4f, 0x8}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x1c2}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x0, 0xc, 0x1f000000, 0x1, 0x3}}, @code={0xa, 0xb4, {"00c8217e0008c07880f992d20040b8f2010180d2620080d2830080d2a40080d2020000d4e01a93d20060b8f2410180d2620080d2230080d2040180d2020000d4002981d20000b8f2c10080d2a20180d2430180d2e40080d2020000d480ad94d20020b0f2a10080d2620080d2230180d2440080d2020000d4a0f292d20060b8f2a10180d2220180d2430080d2a40080d2020000d4000028d5000008d50000599e"}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x80, 0x8, 0x8}}, @irq_setup={0x46, 0x18, {0x4, 0x99}}, @eret={0xe6, 0x18, 0x1}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x88, 0x8001, 0x81aa2527aa1fd0db}}], 0x4b0}, &(0x7f0000000500)=[@featur2={0x1, 0x27}], 0x1)
ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000540)=0x1)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r0, 0x4208ae9b, &(0x7f0000000580)={0x10000, 0x0, {[0x800, 0xbe, 0x5da, 0xe, 0xffff, 0xe, 0x5, 0x6, 0x243, 0x80000000, 0x1df548bd, 0xfffffffffffffffa, 0xf, 0x1553, 0x7, 0x6], [0x4, 0x1, 0xfffffffffffffff0, 0xf3b, 0x1ff, 0x7, 0x7, 0x5, 0x80000000, 0xcad, 0x6, 0x3, 0x2, 0x23905abb, 0x6, 0x2], [0x6, 0xdd, 0x6, 0x4, 0x2, 0xcc, 0x8001, 0x8, 0xa000000000000000, 0x5, 0x1, 0x9, 0xffffffff, 0x8000000000000000, 0x0, 0x2], [0xb7df, 0x6, 0xf0, 0xffffffff, 0x5, 0x2, 0x5db, 0xb1a0, 0xffffffff, 0x9, 0x4169, 0x9, 0x8b69, 0x10001, 0x5, 0x2cc]}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000007c0), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
ioctl$KVM_GET_API_VERSION(r1, 0xae00, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xfffffffffffffff9)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r0, 0x4068aea3, &(0x7f0000000800)={0xe4, 0x0, 0x8})
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
r3 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f00000008c0)=@attr_other={0x0, 0x8, 0xcc98, &(0x7f0000000880)=0x2})
syz_kvm_vgic_v3_setup(r3, 0x1, 0x3c0)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x13)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000900), 0x20000, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x4d0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000940)={0xb, 0xffffffffffffffff, 0x1})
ioctl$KVM_SET_REGS(r0, 0x4360ae82, &(0x7f0000000980)={[0x8000, 0x63da, 0xffffffff, 0x8, 0xbc83, 0x8, 0x8, 0x679a, 0x1, 0x9, 0x8, 0x8b, 0x3, 0xc26, 0x9, 0x8000000000000001], 0xf000, 0x200040})
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x27)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4360ae82, &(0x7f0000000a40)={[0x0, 0x3ff, 0x1, 0x101, 0x55dd, 0x5, 0x9, 0x3, 0x6, 0x100, 0x3, 0x100000001, 0x1, 0x8, 0x5, 0x1], 0x6000, 0x18004})
ioctl$KVM_SET_REGS(r6, 0x4360ae82, &(0x7f0000000b00)={[0x2, 0x6, 0x0, 0x7, 0xb180, 0xc, 0xffff, 0x4, 0x8, 0x1ff, 0x4, 0x4, 0x5, 0x0, 0x7], 0xeeee0000, 0x40082})
r7 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000001100)={0x0, &(0x7f0000000bc0)=[@code={0xa, 0x84, {"000c202e000028d5e0f395d200a0b0f2210180d2a20080d2830080d2c40180d2020000d4007008d560058bd20000b8f2610180d2420180d2430180d2840180d2020000d4000cc03c008008d50084007f00799bd200e0b0f2610080d2e20080d2030080d2e40080d2020000d400040038"}}, @mrs={0xbe, 0x18, {0x603000000013df4c}}, @eret={0xe6, 0x18}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x3bb}}, @hvc={0x32, 0x40, {0x20, [0x2000000000000, 0x4, 0x80000001, 0x40000000, 0xa]}}, @hvc={0x32, 0x40, {0x800, [0xffff, 0x6, 0x8, 0x362, 0x8]}}, @hvc={0x32, 0x40, {0x3000000, [0x37988, 0x7176, 0x8816, 0x8, 0xffffffffffffffff]}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x1, 0x3, 0x80000001, 0x3, 0x1}}, @uexit={0x0, 0x18, 0x7}, @hvc={0x32, 0x40, {0xc4000053, [0x3, 0x7f, 0x0, 0xea00, 0x1b]}}, @uexit={0x0, 0x18, 0x2}, @eret={0xe6, 0x18, 0x3}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x4, 0x0, 0x9, 0x4, 0x1}}, @svc={0x122, 0x40, {0x0, [0x10000, 0x2, 0x6, 0xfffffffffffffff8, 0x1]}}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x260}}, @svc={0x122, 0x40, {0x4000000, [0x47f, 0xe8e8, 0x1, 0xe5, 0x2]}}, @msr={0x14, 0x20, {0x603000000013e703, 0x3ff}}, @smc={0x1e, 0x40, {0xc400000e, [0x2, 0x80000001, 0x7, 0x9, 0xf2]}}, @irq_setup={0x46, 0x18, {0x0, 0x236}}, @smc={0x1e, 0x40, {0xc400000d, [0x1, 0x7, 0x0, 0x5, 0xf35]}}, @code={0xa, 0x84, {"007008d5008699d20020b8f2a10180d2620180d2c30080d2a40080d2020000d4400f9ad20020b0f2210080d2a20180d2e30180d2440180d2020000d4000028d5e07e9fd200c0b0f2010080d2e20080d2e30180d2640180d2020000d4007008d5008000080000039e0090805f007008d5"}}, @msr={0x14, 0x20, {0x603000000013df7a, 0x100000001}}, @smc={0x1e, 0x40, {0xc4000005, [0x8, 0x53f, 0x1, 0x6, 0x6]}}, @msr={0x14, 0x20, {0x6030000000138084, 0x27e}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x40, 0x5, 0x8}}], 0x508}, &(0x7f0000001140)=[@featur2={0x1, 0x8}], 0x1)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r0, 0x8040ae9f, &(0x7f0000001180))
mmap$KVM_VCPU(&(0x7f0000fff000/0x1000)=nil, r2, 0x2000001, 0x1010, r6, 0x0)
ioctl$KVM_GET_API_VERSION(r1, 0xae00, 0x0)
r8 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000016c0)={0x0, &(0x7f00000011c0)=[@eret={0xe6, 0x18, 0x40}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x30e}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x0, 0xd, 0xb, 0x5c02, 0x2}}, @smc={0x1e, 0x40, {0x8400000c, [0xf, 0x8000000000000001, 0x663, 0x4, 0x81]}}, @mrs={0xbe, 0x18, {0x603000000013e6c8}}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x188}}, @svc={0x122, 0x40, {0x2000000, [0x3e, 0x6, 0x2, 0x3, 0x2]}}, @irq_setup={0x46, 0x18, {0x0, 0xcd}}, @code={0xa, 0x9c, {"008008d5a0e385d20060b8f2a10080d2220080d2630180d2840180d2020000d4001c00530020df0d609e91d20060b0f2210080d2820080d2230080d2040080d2020000d40000800ce0bd85d200c0b0f2210080d2420180d2a30180d2a40080d2020000d4205782d200c0b0f2e10180d2c20080d2c30080d2240080d2020000d4000028d5000028d5"}}, @mrs={0xbe, 0x18, {0x603000000013dea1}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x3, 0xd, 0x9, 0x5, 0x3}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0xe9}}, @mrs={0xbe, 0x18, {0x603000000013deab}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1800, 0x8000000000000001, 0x9}}, @eret={0xe6, 0x18, 0x7fffffff}, @eret={0xe6, 0x18, 0x1}, @svc={0x122, 0x40, {0x84000050, [0x3, 0x7, 0x4, 0x945, 0x100]}}, @hvc={0x32, 0x40, {0x84000052, [0x7, 0x0, 0x7, 0x0, 0x9]}}, @irq_setup={0x46, 0x18, {0x1, 0x62}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x3, 0x10, 0xe8, 0x1, 0x4}}, @eret={0xe6, 0x18, 0x1}, @uexit={0x0, 0x18, 0x3}, @msr={0x14, 0x20, {0x603000000013c4f6, 0x2}}, @smc={0x1e, 0x40, {0x86000001, [0x8, 0x4, 0x7fffffffffffffff, 0x5, 0x4]}}, @code={0xa, 0x84, {"000028d540578bd200a0b8f2010180d2a20180d2430180d2e40180d2020000d40008e03c1004601e0004002f008008d500000038000040bae0b68ad20060b8f2c10180d2820180d2430180d2a40180d2020000d480a89ad20040b0f2e10080d2a20180d2230080d2c40080d2020000d4"}}, @smc={0x1e, 0x40, {0x86000000, [0x8, 0x80000001, 0x8, 0x10, 0x45e]}}], 0x4d0}, &(0x7f0000001700)=[@featur2={0x1, 0xfe}], 0x1)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r8, 0x4018aee3, &(0x7f0000001780)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000001740)={0x8, 0x3, 0x1}})
r9 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000001ac0)={0x0, &(0x7f00000017c0)=[@msr={0x14, 0x20, {0x603000000013c643, 0x4bb}}, @mrs={0xbe, 0x18, {0x603000000013e6d8}}, @mrs={0xbe, 0x18, {0x603000000013e668}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x145}}, @eret={0xe6, 0x18, 0x1}, @uexit={0x0, 0x18, 0x8}, @code={0xa, 0xb4, {"20be99d20040b8f2210080d2820180d2e30180d2240080d2020000d4200094d20020b8f2e10080d2a20180d2c30080d2c40180d2020000d4008008d50000004b00e4002fe04b9bd20020b0f2010080d2420080d2830180d2e40080d2020000d400708fd20060b8f2810180d2420180d2c30180d2840080d2020000d4403092d20020b8f2410180d2820080d2830080d2640180d2020000d4007008d5000440fc"}}, @msr={0x14, 0x20, {0x603000000013dee7, 0x6}}, @irq_setup={0x46, 0x18, {0x3, 0x6}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x4, 0xb, 0x7, 0x4}}, @mrs={0xbe, 0x18, {0x6030000000138004}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x300, 0x7}}, @svc={0x122, 0x40, {0x2000, [0x8, 0x1ff, 0x66, 0x1]}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x0, 0x1, 0x9, 0x5, 0x3}}, @code={0xa, 0x6c, {"0000002b000028d5008008d500000033008008d5007008d500b280d20060b0f2810080d2820180d2c30180d2840180d2020000d400c0ff0d7f2003d5a08f90d20060b8f2010080d2a20180d2e30080d2040180d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x3, 0x5, 0x7, 0x8001, 0x1}}], 0x300}, &(0x7f0000001b00)=[@featur1={0x1, 0x18}], 0x1)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

18m18.418590736s ago: executing program 9 (id=315):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000be7000/0x400000)=nil)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x8030aeb4, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9e, 0x7fffffff, 0x2}})

17m56.717676142s ago: executing program 9 (id=318):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x12)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000100)=@other={0x3, &(0x7f00000000c0)=0x2})

17m53.109618189s ago: executing program 0 (id=317):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0x0, 0x0, 0x81, 0x40000004}}], 0x50}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = ioctl$KVM_GET_STATS_FD_cpu(r7, 0xaece) (async)
r9 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000000)={0x48, 0xdddd1000})
ioctl$KVM_CREATE_VM(r9, 0x401c5820, 0x20000000) (async)
close(r8) (async, rerun: 64)
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000240)={0x101ff, 0x7, 0xeeef0000, 0x1000, &(0x7f0000fff000/0x1000)=nil, 0x4, r8}) (async, rerun: 64)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x88, &(0x7f0000000000)=0x10})

17m43.542452241s ago: executing program 9 (id=319):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x101300, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r1 = mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000240)=0x8000000000000000})
r7 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000080)=@arm64_extra={0x603000000013df02, &(0x7f0000000000)=0x2})
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r8 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$KVM_ARM_VCPU_FINALIZE(r8, 0x4004aec2, &(0x7f0000000080)=0xc)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r10, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x1}})
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r10, r11, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000180)=[{0x0, &(0x7f00000001c0)=ANY=[@ANYRES8=r11, @ANYRESHEX=r4, @ANYRES64=r1, @ANYBLOB="d42fb8"], 0x40}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000100)={0x7})

17m33.068989346s ago: executing program 0 (id=320):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r7, 0x4010aeb5, 0xffffffffffffffff)
r8 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
r11 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r10, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610f3ff67521cd66f8f1f447d35b20700000000000000000000000100", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xb00f2, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r13, r14, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r14, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100044, &(0x7f0000000000)=0x3ff})
r15 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r15, 0xc00caee0, &(0x7f0000000140)={0x4, <r16=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r16, 0x400454e2, 0x110c230008)

17m15.381092024s ago: executing program 9 (id=321):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000000)={0x7, <r3=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x5, 0x0})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000bde000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r7=>0xffffffffffffffff})
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
r11 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x810, r10, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0)
r12 = eventfd2(0x0, 0x0)
close(r12)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
r13 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
write$eventfd(r12, &(0x7f0000000180)=0x5, 0xfffffde3)
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

17m4.465331294s ago: executing program 0 (id=322):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r3})
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000700)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f00000007c0)=@arm64_core={0x6030000000100046, &(0x7f0000000780)=0x6e})
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000080)={0x4, 0x80a0000, 0x4, r3})
r8 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

16m27.803375822s ago: executing program 41 (id=321):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000000)={0x7, <r3=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x5, 0x0})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000bde000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r7=>0xffffffffffffffff})
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
r11 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x810, r10, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0)
r12 = eventfd2(0x0, 0x0)
close(r12)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
r13 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
write$eventfd(r12, &(0x7f0000000180)=0x5, 0xfffffde3)
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

16m13.329521333s ago: executing program 42 (id=322):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r3})
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000700)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f00000007c0)=@arm64_core={0x6030000000100046, &(0x7f0000000780)=0x6e})
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000080)={0x4, 0x80a0000, 0x4, r3})
r8 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

2m37.245521194s ago: executing program 1 (id=358):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x83, 0x8000, 0x0, 0x0, 0xffffffff, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1e000000000000004000000000000000000000ef000000003a08000000000000010000000000000002c0f7000000000003000000000000000402000000000000140000000000000020000000000000008480130000003060a3"], 0x60}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

2m36.528960388s ago: executing program 2 (id=359):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013dcf0, 0x3}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000200)=@arm64_core={0x603000000010003a, &(0x7f0000000000)=0xc0})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xc0189436, 0x801ffffffc)

2m18.689738119s ago: executing program 2 (id=360):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0xe)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013c00b}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000001c0)={0x8})
r6 = syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x4, 0x1e0)
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_vgic_v3_setup(r8, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x8, <r9=>0xffffffffffffffff})
r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x3, 0xfffffffd, 0x0, 0x0, 0x2}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r11, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000180)={0x8})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0xae, 0x401, &(0x7f0000000240)=0x8000000004000001})
ioctl$KVM_RUN(r13, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x6})
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil)
r17 = syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000b80)={0x0, &(0x7f0000000100)=[@smc={0x1e, 0x40, {0x84000003, [0x99a, 0x7, 0xaca, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r17, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)

2m18.258257164s ago: executing program 1 (id=361):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}, @msr={0x14, 0x20, {0x603000000013f602, 0x88000}}], 0x40}, &(0x7f0000000300)=[@featur2={0x1, 0x9}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2m2.847302602s ago: executing program 1 (id=362):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x3, 0xa0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0xfffffffffffffffd, 0x5}}], 0x28}, 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1f)
syz_kvm_vgic_v3_setup(r8, 0x10000000000401, 0x3c0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r11, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x6832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x2c)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)

1m53.626024838s ago: executing program 2 (id=363):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_IRQ_LINE(r3, 0x5452, &(0x7f0000000100)={0x1000020, 0x1})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000080)={0x1, 0x14000, 0x1})
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000000)={0x5, 0x0, 0x1})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2a)
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f00000000c0)={0x5000, 0x10c000, 0x1})
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000240)={0x200002f, 0x10})

1m39.03867475s ago: executing program 1 (id=364):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x4000000002c)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000300)=@arm64_extra={0x1d, &(0x7f0000000380)=0x9}) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async, rerun: 64)
r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) (rerun: 64)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f00000000c0)=@arm64_extra={0x603000000013c03c, &(0x7f0000000000)=0xf}) (async, rerun: 32)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (rerun: 32)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2a4040, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x8, 0x4, 0x0}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) (async)
ioctl$KVM_CREATE_DEVICE(r8, 0xc018aec0, &(0x7f00000000c0)={0x1}) (async)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000340)={0xb, <r11=>0xffffffffffffffff, 0x1}) (async)
r12 = openat$kvm(0x0, &(0x7f0000000100), 0x151402, 0x0)
ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x6, 0x2, &(0x7f0000000240)=0x8}) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000280)="40fd7a27e7133710ab5e26336c0c7ede96ec7d1d2a3f27129351f27c7efdfa2320564d004f4f8dcdfc90dacec370bb6a23c44b328b141db2d5f662ab898d93dc6aef0af0226ea79d", 0x0, 0x48) (async, rerun: 32)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2, 0x23ac5f9b426ec4b1, 0xffffffffffffffff, 0x0) (async, rerun: 32)
ioctl$KVM_SIGNAL_MSI(r6, 0x4020aea5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x0, 0x1000009, 0x4010, 0xffffffffffffffff, 0x20000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)

1m30.090391357s ago: executing program 2 (id=365):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x20)
ioctl$KVM_IOEVENTFD(r3, 0xc0189436, &(0x7f0000000180)={0x0, 0xd000, 0x8, 0xffffffffffffffff, 0x5})
r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x40480, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000000)={0x0, &(0x7f0000000400)=[@hvc={0x32, 0x40, {0x84000053, [0x53, 0x8, 0x1, 0x8, 0x100]}}], 0x40}, 0x0, 0x0)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f00000003c0)=[@hvc={0x32, 0x40, {0x86000001, [0xc, 0x5, 0x2, 0xfffffffffffffffc, 0x52]}}], 0xffffffb5}, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

1m22.287635885s ago: executing program 1 (id=366):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x4101, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_vgic_v3_setup(r1, 0x2, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f00000000c0)=0x10})
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000000)={0x0, 0x6, 0x2000, 0x2000, &(0x7f0000ec1000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000240)=0x1000008080000})
ioctl$KVM_CREATE_VM(r5, 0x800454e1, 0x36)

1m8.658979857s ago: executing program 2 (id=367):
openat$kvm(0x0, 0x0, 0x202000, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
close(0x3)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r6, 0x4010aeb5, &(0x7f00000002c0)={0x200})
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, r7, 0x3, 0x11, r8, 0x0)
ioctl$KVM_CREATE_VM(r2, 0x800454e1, 0x36)

59.313388784s ago: executing program 1 (id=368):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
r2 = eventfd2(0x4, 0x80801)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x0, 0xf000, 0x1, r2, 0x3})

49.241405907s ago: executing program 2 (id=369):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000380), 0xffffffffffffff89}, 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) (async)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r9, 0x0) (async)
r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r9, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0)
r11 = eventfd2(0x0, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) (async)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r15, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0xa, 0x4}})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r15, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r15, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r15, 0x4018aee3, &(0x7f0000000100)=@attr_pmu_init)
ioctl$KVM_RUN(r15, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r15, 0xae80, 0x0)
close(r11) (async)
close(r11)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
write$eventfd(r11, &(0x7f0000000180)=0x5, 0xfffffde3)
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
r16 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r16, 0x4010aeab, &(0x7f0000000140)=@arm64_core={0x6030000000100010, &(0x7f0000000100)=0x2})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0)

11.688126872s ago: executing program 43 (id=368):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
r2 = eventfd2(0x4, 0x80801)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x0, 0xf000, 0x1, r2, 0x3})

0s ago: executing program 44 (id=369):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000380), 0xffffffffffffff89}, 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) (async)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r9, 0x0) (async)
r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r9, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0)
r11 = eventfd2(0x0, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) (async)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r15, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0xa, 0x4}})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r15, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r15, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r15, 0x4018aee3, &(0x7f0000000100)=@attr_pmu_init)
ioctl$KVM_RUN(r15, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r15, 0xae80, 0x0)
close(r11) (async)
close(r11)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
write$eventfd(r11, &(0x7f0000000180)=0x5, 0xfffffde3)
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
r16 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r16, 0x4010aeab, &(0x7f0000000140)=@arm64_core={0x6030000000100010, &(0x7f0000000100)=0x2})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0)

kernel console output (not intermixed with test programs):

[  372.482513][   T25] audit: type=1400 audit(371.690:60): avc:  denied  { read } for  pid=3156 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  386.311391][ T3156] 8021q: adding VLAN 0 to HW filter on device bond0
[  437.211870][ T3156] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:10200' (ED25519) to the list of known hosts.
[  589.081590][   T25] audit: type=1400 audit(588.290:61): avc:  denied  { name_bind } for  pid=3312 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  590.007933][   T25] audit: type=1400 audit(589.220:62): avc:  denied  { execute } for  pid=3313 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  590.028580][   T25] audit: type=1400 audit(589.230:63): avc:  denied  { execute_no_trans } for  pid=3313 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  613.096361][   T25] audit: type=1400 audit(612.300:64): avc:  denied  { mounton } for  pid=3313 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  613.147078][   T25] audit: type=1400 audit(612.350:65): avc:  denied  { mount } for  pid=3313 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  613.230353][ T3313] cgroup: Unknown subsys name 'net'
[  613.278962][   T25] audit: type=1400 audit(612.490:66): avc:  denied  { unmount } for  pid=3313 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  613.673793][ T3313] cgroup: Unknown subsys name 'cpuset'
[  613.771475][ T3313] cgroup: Unknown subsys name 'rlimit'
[  614.663848][   T25] audit: type=1400 audit(613.870:67): avc:  denied  { setattr } for  pid=3313 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  614.689259][   T25] audit: type=1400 audit(613.900:68): avc:  denied  { mounton } for  pid=3313 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  614.709988][   T25] audit: type=1400 audit(613.910:69): avc:  denied  { mount } for  pid=3313 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  615.940563][ T3316] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  615.962887][   T25] audit: type=1400 audit(615.170:70): avc:  denied  { relabelto } for  pid=3316 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  615.982675][   T25] audit: type=1400 audit(615.190:71): avc:  denied  { write } for  pid=3316 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  616.159128][   T25] audit: type=1400 audit(615.360:72): avc:  denied  { read } for  pid=3313 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  616.183717][   T25] audit: type=1400 audit(615.380:73): avc:  denied  { open } for  pid=3313 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  616.223291][ T3313] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  666.056346][   T25] audit: type=1400 audit(665.260:74): avc:  denied  { execmem } for  pid=3317 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  670.686469][   T25] audit: type=1400 audit(669.890:75): avc:  denied  { read } for  pid=3319 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  670.692714][   T25] audit: type=1400 audit(669.890:76): avc:  denied  { open } for  pid=3319 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  670.779671][   T25] audit: type=1400 audit(669.970:77): avc:  denied  { mounton } for  pid=3319 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  671.012327][   T25] audit: type=1400 audit(670.220:78): avc:  denied  { module_request } for  pid=3319 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  672.102705][   T25] audit: type=1400 audit(671.310:79): avc:  denied  { sys_module } for  pid=3320 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  695.692774][ T3319] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  695.879619][ T3319] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  697.640155][ T3320] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  697.841962][ T3320] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  713.200306][ T3319] hsr_slave_0: entered promiscuous mode
[  713.230344][ T3319] hsr_slave_1: entered promiscuous mode
[  714.596614][ T3320] hsr_slave_0: entered promiscuous mode
[  714.636273][ T3320] hsr_slave_1: entered promiscuous mode
[  714.660604][ T3320] debugfs: 'hsr0' already exists in 'hsr'
[  714.675819][ T3320] Cannot create hsr debugfs directory
[  719.636295][   T25] audit: type=1400 audit(718.800:80): avc:  denied  { create } for  pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  719.637511][   T25] audit: type=1400 audit(718.840:81): avc:  denied  { write } for  pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  719.691294][   T25] audit: type=1400 audit(718.900:82): avc:  denied  { read } for  pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  719.889097][ T3319] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  720.280138][ T3319] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  720.567492][ T3319] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  720.856192][ T3319] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  722.342345][ T3320] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  722.496498][ T3320] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  722.643975][ T3320] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  722.838068][ T3320] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  735.292559][ T3319] 8021q: adding VLAN 0 to HW filter on device bond0
[  737.410641][ T3320] 8021q: adding VLAN 0 to HW filter on device bond0
[  792.440409][ T3319] veth0_vlan: entered promiscuous mode
[  792.840120][ T3319] veth1_vlan: entered promiscuous mode
[  794.618821][ T3320] veth0_vlan: entered promiscuous mode
[  794.962248][ T3319] veth0_macvtap: entered promiscuous mode
[  795.456901][ T3319] veth1_macvtap: entered promiscuous mode
[  795.567789][ T3320] veth1_vlan: entered promiscuous mode
[  797.676072][   T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  797.688281][   T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  797.699424][   T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  797.777377][   T49] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  798.348850][ T3320] veth0_macvtap: entered promiscuous mode
[  799.113494][ T3320] veth1_macvtap: entered promiscuous mode
[  800.043670][   T25] audit: type=1400 audit(799.250:83): avc:  denied  { mount } for  pid=3319 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  800.320472][   T25] audit: type=1400 audit(799.510:84): avc:  denied  { mounton } for  pid=3319 comm="syz-executor" path="/syzkaller.z9GNgs/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  800.667320][   T25] audit: type=1400 audit(799.790:85): avc:  denied  { mount } for  pid=3319 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  800.983455][   T25] audit: type=1400 audit(800.190:86): avc:  denied  { mounton } for  pid=3319 comm="syz-executor" path="/syzkaller.z9GNgs/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  801.091879][   T25] audit: type=1400 audit(800.300:87): avc:  denied  { mounton } for  pid=3319 comm="syz-executor" path="/syzkaller.z9GNgs/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3760 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  801.440000][   T35] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  801.452520][   T35] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  801.486315][   T35] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  801.490080][   T35] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  801.626748][   T25] audit: type=1400 audit(800.830:88): avc:  denied  { unmount } for  pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  801.866555][   T25] audit: type=1400 audit(800.980:89): avc:  denied  { mounton } for  pid=3319 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  801.947220][   T25] audit: type=1400 audit(801.150:90): avc:  denied  { mount } for  pid=3319 comm="syz-executor" name="/" dev="gadgetfs" ino=3769 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  802.369238][   T25] audit: type=1400 audit(801.570:91): avc:  denied  { mount } for  pid=3319 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  802.461316][   T25] audit: type=1400 audit(801.670:92): avc:  denied  { mounton } for  pid=3319 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  803.977496][ T3319] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  805.157773][   T25] kauditd_printk_skb: 1 callbacks suppressed
[  805.185638][   T25] audit: type=1400 audit(804.360:94): avc:  denied  { read write } for  pid=3319 comm="syz-executor" name="loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  805.237037][   T25] audit: type=1400 audit(804.430:95): avc:  denied  { open } for  pid=3319 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  805.322869][   T25] audit: type=1400 audit(804.480:96): avc:  denied  { ioctl } for  pid=3319 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  817.026682][   T25] audit: type=1400 audit(816.230:97): avc:  denied  { read } for  pid=3475 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  817.072153][   T25] audit: type=1400 audit(816.280:98): avc:  denied  { open } for  pid=3475 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  818.076958][   T25] audit: type=1400 audit(817.250:99): avc:  denied  { ioctl } for  pid=3475 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  837.286806][   T25] audit: type=1400 audit(836.480:100): avc:  denied  { append } for  pid=3496 comm="syz.0.6" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  851.099670][   T25] audit: type=1400 audit(850.250:101): avc:  denied  { write } for  pid=3507 comm="syz.1.9" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  919.713734][   T25] audit: type=1400 audit(918.920:102): avc:  denied  { execute } for  pid=3547 comm="syz.0.22" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4646 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  925.482429][   T25] audit: type=1400 audit(924.690:103): avc:  denied  { setattr } for  pid=3549 comm="syz.1.23" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  968.753470][   T25] audit: type=1400 audit(967.960:104): avc:  denied  { ioctl } for  pid=3582 comm="syz.0.33" path="net:[4026532624]" dev="nsfs" ino=4026532624 ioctlcmd=0x5829 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1058.307379][   T25] audit: type=1400 audit(1057.510:105): avc:  denied  { map } for  pid=3626 comm="syz.0.47" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1061.201862][ T3627] kvm [3627]: Failed to find VMA for hva 0x21016000
[ 1177.530667][   T25] audit: type=1400 audit(1176.740:106): avc:  denied  { execute } for  pid=3702 comm="syz.0.69" path="/33/T" dev="tmpfs" ino=183 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 1219.801424][ T3728] kvm [3728]: Failed to find VMA for hva 0x21016000
[ 1346.366946][ T3799] kvm [3799]: Failed to find VMA for hva 0x21016000
[ 1431.841846][ T3855] kvm [3855]: Failed to find VMA for hva 0x20c01000
[ 1459.651242][ T3871] kvm [3871]: Failed to find VMA for hva 0x21016000
[ 1536.090880][ T3913] kvm [3913]: Failed to find VMA for hva 0x20c01000
[ 1536.187246][ T3916] kvm [3916]: Failed to find VMA for hva 0x20c01000
[ 1649.312131][   T25] audit: type=1400 audit(1648.520:107): avc:  denied  { map } for  pid=3978 comm="syz.1.157" path="pipe:[2783]" dev="pipefs" ino=2783 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 1786.991841][ T4074] kvm [4074]: Failed to find VMA for hva 0x20c01000
[ 1926.036641][ T4101] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1926.379143][ T4101] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1929.970790][ T4103] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1930.357964][ T4103] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1951.410760][ T4101] hsr_slave_0: entered promiscuous mode
[ 1951.469239][ T4101] hsr_slave_1: entered promiscuous mode
[ 1951.538982][ T4101] debugfs: 'hsr0' already exists in 'hsr'
[ 1951.546627][ T4101] Cannot create hsr debugfs directory
[ 1955.320511][ T4103] hsr_slave_0: entered promiscuous mode
[ 1955.406752][ T4103] hsr_slave_1: entered promiscuous mode
[ 1955.466358][ T4103] debugfs: 'hsr0' already exists in 'hsr'
[ 1955.469435][ T4103] Cannot create hsr debugfs directory
[ 1967.489933][   T35] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1968.592660][   T35] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1969.518539][   T35] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1970.222217][   T35] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1971.337880][ T4101] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1972.001257][ T4101] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1972.607539][ T4101] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1973.349522][ T4101] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1985.521049][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1985.778949][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1985.928527][   T35] bond0 (unregistering): Released all slaves
[ 1987.977516][   T35] hsr_slave_0: left promiscuous mode
[ 1988.029677][   T35] hsr_slave_1: left promiscuous mode
[ 1988.318911][   T35] veth1_macvtap: left promiscuous mode
[ 1988.323887][   T35] veth0_macvtap: left promiscuous mode
[ 1988.348368][   T35] veth1_vlan: left promiscuous mode
[ 1988.352748][   T35] veth0_vlan: left promiscuous mode
[ 2003.013616][ T4103] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 2003.463927][ T4103] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 2003.894112][ T4103] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 2004.430414][ T4103] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 2008.100235][ T3666] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2009.730625][ T3666] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2010.703184][ T3666] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2012.128847][ T3666] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2028.938678][ T3666] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2029.088616][ T3666] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2029.208372][ T3666] bond0 (unregistering): Released all slaves
[ 2031.399950][ T3666] hsr_slave_0: left promiscuous mode
[ 2031.449349][ T3666] hsr_slave_1: left promiscuous mode
[ 2031.927121][ T3666] veth1_macvtap: left promiscuous mode
[ 2031.933015][ T3666] veth0_macvtap: left promiscuous mode
[ 2031.956605][ T3666] veth1_vlan: left promiscuous mode
[ 2031.969722][ T3666] veth0_vlan: left promiscuous mode
[ 2056.401634][ T4101] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2056.770858][ T4103] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2142.623641][ T4101] veth0_vlan: entered promiscuous mode
[ 2143.598799][ T4101] veth1_vlan: entered promiscuous mode
[ 2144.803939][ T4103] veth0_vlan: entered promiscuous mode
[ 2145.820815][ T4103] veth1_vlan: entered promiscuous mode
[ 2147.598808][ T4101] veth0_macvtap: entered promiscuous mode
[ 2148.212398][ T4101] veth1_macvtap: entered promiscuous mode
[ 2149.768165][ T4103] veth0_macvtap: entered promiscuous mode
[ 2150.448303][ T4103] veth1_macvtap: entered promiscuous mode
[ 2151.932054][   T35] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2151.939641][   T35] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2151.966122][   T35] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2152.112974][   T35] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2154.760706][ T4040] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2154.800763][ T3369] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2154.807270][ T3369] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2154.808166][ T3369] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2171.876693][   T25] audit: type=1400 audit(2171.070:108): avc:  denied  { execute } for  pid=4302 comm="syz.2.192" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2278.097133][ T4175] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2280.203725][ T4175] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2282.340209][ T4175] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2284.402620][ T4175] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2300.378299][ T4383] kvm [4383]: Failed to find VMA for hva 0x21016000
[ 2310.050874][ T4175] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2310.468005][ T4175] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2310.802013][ T4175] bond0 (unregistering): Released all slaves
[ 2314.151793][ T4175] hsr_slave_0: left promiscuous mode
[ 2314.267883][ T4175] hsr_slave_1: left promiscuous mode
[ 2315.056006][ T4175] veth1_macvtap: left promiscuous mode
[ 2315.108229][ T4175] veth0_macvtap: left promiscuous mode
[ 2315.111415][ T4175] veth1_vlan: left promiscuous mode
[ 2315.112922][ T4175] veth0_vlan: left promiscuous mode
[ 2407.893927][ T4367] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2408.366884][ T4367] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2445.090824][ T4367] hsr_slave_0: entered promiscuous mode
[ 2445.248315][ T4367] hsr_slave_1: entered promiscuous mode
[ 2462.633705][ T4367] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2463.053957][ T4367] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2463.500772][ T4367] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2464.016746][ T4367] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2497.512371][ T4367] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2641.008579][ T4367] veth0_vlan: entered promiscuous mode
[ 2641.892042][ T4367] veth1_vlan: entered promiscuous mode
[ 2645.381705][ T4367] veth0_macvtap: entered promiscuous mode
[ 2646.003235][ T4367] veth1_macvtap: entered promiscuous mode
[ 2649.320982][ T3369] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2649.337329][ T3369] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2649.348943][ T3369] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2649.371667][ T3369] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2689.319087][ T4597] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2691.329017][ T4597] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2693.279441][ T4597] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2695.637423][ T4597] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2722.965903][ T4597] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2723.527382][ T4597] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2723.850722][ T4597] bond0 (unregistering): Released all slaves
[ 2726.999617][ T4597] hsr_slave_0: left promiscuous mode
[ 2727.122762][ T4597] hsr_slave_1: left promiscuous mode
[ 2728.146179][ T4597] veth1_macvtap: left promiscuous mode
[ 2728.168522][ T4597] veth0_macvtap: left promiscuous mode
[ 2728.187363][ T4597] veth1_vlan: left promiscuous mode
[ 2728.227617][ T4597] veth0_vlan: left promiscuous mode
[ 2816.582402][ T4639] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2817.069090][ T4639] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2858.722105][ T4639] hsr_slave_0: entered promiscuous mode
[ 2858.919790][ T4639] hsr_slave_1: entered promiscuous mode
[ 2859.046844][ T4639] debugfs: 'hsr0' already exists in 'hsr'
[ 2859.078339][ T4639] Cannot create hsr debugfs directory
[ 2876.443027][ T4639] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2876.830807][ T4639] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2877.166140][ T4639] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2877.543719][ T4639] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2918.300065][ T4639] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2930.368868][ T4189] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2931.968237][ T4189] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2933.678922][ T4189] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2935.051450][ T4189] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2958.180897][ T4189] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2958.397049][ T4189] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2958.549936][ T4189] bond0 (unregistering): Released all slaves
[ 2961.879651][ T4189] hsr_slave_0: left promiscuous mode
[ 2962.261302][ T4189] hsr_slave_1: left promiscuous mode
[ 2963.106795][ T4189] veth1_macvtap: left promiscuous mode
[ 2963.108181][ T4189] veth0_macvtap: left promiscuous mode
[ 2963.121843][ T4189] veth1_vlan: left promiscuous mode
[ 2963.138774][ T4189] veth0_vlan: left promiscuous mode
[ 3032.803654][ T4788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3033.108546][ T4788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3063.962430][ T4788] hsr_slave_0: entered promiscuous mode
[ 3064.067566][ T4788] hsr_slave_1: entered promiscuous mode
[ 3085.452895][ T4788] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 3086.087049][ T4788] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 3086.691615][ T4788] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 3087.259612][ T4788] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 3093.528417][ T4639] veth0_vlan: entered promiscuous mode
[ 3094.601571][ T4639] veth1_vlan: entered promiscuous mode
[ 3097.937970][ T4639] veth0_macvtap: entered promiscuous mode
[ 3098.640904][ T4639] veth1_macvtap: entered promiscuous mode
[ 3101.838811][   T35] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3101.863140][ T4374] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3101.886881][ T4374] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3102.002820][ T4374] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3123.072142][ T4788] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3302.669337][ T4788] veth0_vlan: entered promiscuous mode
[ 3303.871903][ T4788] veth1_vlan: entered promiscuous mode
[ 3308.610739][ T4788] veth0_macvtap: entered promiscuous mode
[ 3309.496835][ T4788] veth1_macvtap: entered promiscuous mode
[ 3314.066514][ T4676] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3314.095834][ T4676] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3314.096962][ T4676] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3314.191466][ T4597] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3636.268850][ T4138] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3640.581910][ T4138] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3642.686972][ T4138] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3644.483903][ T4138] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3673.511401][ T4138] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3674.070824][ T4138] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3674.471730][ T4138] bond0 (unregistering): Released all slaves
[ 3677.379237][ T4138] hsr_slave_0: left promiscuous mode
[ 3677.538888][ T4138] hsr_slave_1: left promiscuous mode
[ 3678.296437][ T4138] veth1_macvtap: left promiscuous mode
[ 3678.297776][ T4138] veth0_macvtap: left promiscuous mode
[ 3678.300185][ T4138] veth1_vlan: left promiscuous mode
[ 3678.301636][ T4138] veth0_vlan: left promiscuous mode
[ 3709.913964][ T4138] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3711.142520][ T4138] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3712.290380][ T4138] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3714.093250][ T4138] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3738.337286][ T4138] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3738.572635][ T4138] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3738.721948][ T4138] bond0 (unregistering): Released all slaves
[ 3740.729600][ T4138] hsr_slave_0: left promiscuous mode
[ 3740.826502][ T4138] hsr_slave_1: left promiscuous mode
[ 3741.260588][ T4138] veth1_macvtap: left promiscuous mode
[ 3741.296243][ T4138] veth0_macvtap: left promiscuous mode
[ 3741.311453][ T4138] veth1_vlan: left promiscuous mode
[ 3741.348029][ T4138] veth0_vlan: left promiscuous mode
[ 3781.948952][ T5190] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3782.279024][ T5190] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3797.541469][ T5201] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3797.943835][ T5201] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3818.530121][ T5190] hsr_slave_0: entered promiscuous mode
[ 3818.642696][ T5190] hsr_slave_1: entered promiscuous mode
[ 3831.768593][ T5201] hsr_slave_0: entered promiscuous mode
[ 3831.949567][ T5201] hsr_slave_1: entered promiscuous mode
[ 3832.125700][ T5201] debugfs: 'hsr0' already exists in 'hsr'
[ 3832.128827][ T5201] Cannot create hsr debugfs directory
[ 3838.708623][ T5190] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 3839.672553][ T5190] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 3840.336879][ T5190] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 3841.207292][ T5190] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 3854.416753][ T5201] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 3855.077496][ T5201] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 3855.790632][ T5201] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 3856.376383][ T5201] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 3883.228307][ T5190] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3893.497609][ T5201] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4046.968001][ T5190] veth0_vlan: entered promiscuous mode
[ 4048.341790][ T5190] veth1_vlan: entered promiscuous mode
[ 4052.152386][ T5190] veth0_macvtap: entered promiscuous mode
[ 4052.911783][ T5190] veth1_macvtap: entered promiscuous mode
[ 4057.616565][   T51] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4057.671923][ T4676] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4058.380090][ T4676] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4058.438557][   T49] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4061.498632][ T5201] veth0_vlan: entered promiscuous mode
[ 4064.462506][ T5201] veth1_vlan: entered promiscuous mode
[ 4070.238681][ T5201] veth0_macvtap: entered promiscuous mode
[ 4071.195180][ T5201] veth1_macvtap: entered promiscuous mode
[ 4075.503214][ T4597] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4075.529706][ T4597] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4075.597853][ T4597] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4075.649199][ T4374] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4517.158080][ T4673] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4519.961282][ T4673] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4522.682122][ T4673] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4524.973610][ T4673] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4558.774076][ T4673] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4558.970284][ T4673] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4559.138322][ T4673] bond0 (unregistering): Released all slaves
[ 4561.235768][ T4673] hsr_slave_0: left promiscuous mode
[ 4561.370496][ T4673] hsr_slave_1: left promiscuous mode
[ 4562.014120][ T4673] veth1_macvtap: left promiscuous mode
[ 4562.111835][ T4673] veth0_macvtap: left promiscuous mode
[ 4562.123858][ T4673] veth1_vlan: left promiscuous mode
[ 4562.157341][ T4673] veth0_vlan: left promiscuous mode
[ 4598.130921][ T5590] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4599.259130][ T5590] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4605.592186][ T4673] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4607.520698][ T4673] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4611.091119][ T4673] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4612.739191][ T4673] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4638.131084][ T4673] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4638.698819][ T4673] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4639.220971][ T4673] bond0 (unregistering): Released all slaves
[ 4643.283657][ T4673] hsr_slave_0: left promiscuous mode
[ 4643.425311][ T4673] hsr_slave_1: left promiscuous mode
[ 4644.100305][ T4673] veth1_macvtap: left promiscuous mode
[ 4644.135883][ T4673] veth0_macvtap: left promiscuous mode
[ 4644.148519][ T4673] veth1_vlan: left promiscuous mode
[ 4644.188650][ T4673] veth0_vlan: left promiscuous mode
[ 4684.893298][ T5590] hsr_slave_0: entered promiscuous mode
[ 4685.009575][ T5590] hsr_slave_1: entered promiscuous mode
[ 4689.971542][ T5611] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4690.409971][ T5611] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4708.258045][ T5590] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 4708.920229][ T5590] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 4709.549223][ T5590] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 4710.351636][ T5590] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 4734.718322][ T5611] hsr_slave_0: entered promiscuous mode
[ 4734.802486][ T5611] hsr_slave_1: entered promiscuous mode
[ 4734.893601][ T5611] debugfs: 'hsr0' already exists in 'hsr'
[ 4734.956776][ T5611] Cannot create hsr debugfs directory
[ 4764.190462][ T5590] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4773.401406][ T5611] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 4774.030563][ T5611] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 4774.820755][ T5611] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 4775.353645][ T5611] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 4812.640399][ T5611] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4933.767772][ T5590] veth0_vlan: entered promiscuous mode
[ 4935.240586][ T5590] veth1_vlan: entered promiscuous mode
[ 4939.629068][ T5590] veth0_macvtap: entered promiscuous mode
[ 4940.478384][ T5590] veth1_macvtap: entered promiscuous mode
[ 4944.917154][   T51] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4944.928054][   T51] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4944.952798][   T51] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4945.047108][   T51] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4956.920408][ T5611] veth0_vlan: entered promiscuous mode
[ 4958.686934][ T5611] veth1_vlan: entered promiscuous mode
[ 4963.861929][ T5611] veth0_macvtap: entered promiscuous mode
[ 4964.677525][ T5611] veth1_macvtap: entered promiscuous mode
[ 4970.047882][ T4138] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4970.121543][ T5632] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4970.176708][ T3414] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4970.187095][ T3414] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5093.292792][ T5627] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5095.770909][ T5627] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5098.092403][ T5627] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5100.302660][ T5627] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5139.528085][ T5627] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5139.943392][ T5627] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5140.181094][ T5627] bond0 (unregistering): Released all slaves
[ 5144.157536][ T5627] hsr_slave_0: left promiscuous mode
[ 5144.218610][ T5627] hsr_slave_1: left promiscuous mode
[ 5145.195636][ T5627] veth1_macvtap: left promiscuous mode
[ 5145.196941][ T5627] veth0_macvtap: left promiscuous mode
[ 5145.236115][ T5627] veth1_vlan: left promiscuous mode
[ 5145.237928][ T5627] veth0_vlan: left promiscuous mode
[ 5178.351435][ T5627] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5180.542556][ T5627] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5182.587636][ T5627] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5184.642435][ T5627] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5209.478058][ T5627] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5209.686257][ T5627] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5209.852176][ T5627] bond0 (unregistering): Released all slaves
[ 5211.929146][ T5627] hsr_slave_0: left promiscuous mode
[ 5212.020728][ T5627] hsr_slave_1: left promiscuous mode
[ 5212.659829][ T5627] veth1_macvtap: left promiscuous mode
[ 5212.705696][ T5627] veth0_macvtap: left promiscuous mode
[ 5212.719435][ T5627] veth1_vlan: left promiscuous mode
[ 5212.756417][ T5627] veth0_vlan: left promiscuous mode
[ 5293.067159][ T5907] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5294.407134][ T5907] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5294.689623][ T5899] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5296.021112][ T5899] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5332.600100][ T5907] hsr_slave_0: entered promiscuous mode
[ 5332.669181][ T5907] hsr_slave_1: entered promiscuous mode
[ 5335.818286][ T5899] hsr_slave_0: entered promiscuous mode
[ 5335.889570][ T5899] hsr_slave_1: entered promiscuous mode
[ 5335.960120][ T5899] debugfs: 'hsr0' already exists in 'hsr'
[ 5335.963620][ T5899] Cannot create hsr debugfs directory
[ 5371.809295][ T5907] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 5372.719711][ T5907] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 5373.630453][ T5907] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 5375.325644][ T5907] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 5380.377427][ T5899] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 5380.712999][ T5899] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 5381.072967][ T5899] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 5381.510190][ T5899] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 5409.047645][ T5907] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5413.869836][ T5899] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5534.424978][ T5907] veth0_vlan: entered promiscuous mode
[ 5535.592180][ T5907] veth1_vlan: entered promiscuous mode
[ 5540.030905][ T5899] veth0_vlan: entered promiscuous mode
[ 5541.812610][ T5907] veth0_macvtap: entered promiscuous mode
[ 5542.080117][ T5899] veth1_vlan: entered promiscuous mode
[ 5543.128824][ T5907] veth1_macvtap: entered promiscuous mode
[ 5548.959081][ T5899] veth0_macvtap: entered promiscuous mode
[ 5549.536803][ T4597] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5549.645880][ T5843] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5549.646955][ T5843] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5549.668517][ T5843] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5550.421693][ T5899] veth1_macvtap: entered promiscuous mode
[ 5557.088670][ T5627] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5557.176277][ T5627] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5557.526407][ T5627] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5557.536000][ T5627] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 6196.242699][ T6394] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6196.779039][ T6394] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6215.531220][ T6400] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6216.279328][ T6400] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6252.119774][ T6394] hsr_slave_0: entered promiscuous mode
[ 6252.316510][ T6394] hsr_slave_1: entered promiscuous mode
[ 6252.437686][ T6394] debugfs: 'hsr0' already exists in 'hsr'
[ 6252.446470][ T6394] Cannot create hsr debugfs directory
[ 6275.890335][ T6400] hsr_slave_0: entered promiscuous mode
[ 6276.059162][ T6400] hsr_slave_1: entered promiscuous mode
[ 6276.161957][ T6400] debugfs: 'hsr0' already exists in 'hsr'
[ 6276.196032][ T6400] Cannot create hsr debugfs directory
[ 6314.297694][ T6394] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 6317.797057][ T6394] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 6321.806912][ T6394] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 6325.191318][ T6394] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 6339.249222][ T6400] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 6339.999704][ T6400] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 6340.533566][ T6400] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 6341.510923][ T6400] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 6375.290476][ T6394] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6390.433645][ T6400] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6449.307941][   T27] INFO: task syz.2.369:6378 blocked for more than 430 seconds.
[ 6449.346208][   T27]       Not tainted syzkaller #0
[ 6449.359241][   T27]       Blocked by coredump.
[ 6449.371941][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 6449.402797][   T27] task:syz.2.369       state:D stack:0     pid:6378  tgid:6375  ppid:5907   task_flags:0x40044c flags:0x00000018
[ 6449.409203][   T27] Call trace:
[ 6449.409711][   T27]  __switch_to+0x584/0xb20 (T)
[ 6449.411786][   T27]  __schedule+0x1eec/0x33a4
[ 6449.412390][   T27]  schedule+0xac/0x27c
[ 6449.412876][   T27]  schedule_timeout+0x5c/0x1e4
[ 6449.413324][   T27]  do_wait_for_common+0x28c/0x444
[ 6449.413704][   T27]  wait_for_completion+0x44/0x5c
[ 6449.587046][   T27]  __synchronize_srcu+0x2a4/0x320
[ 6449.588083][   T27]  synchronize_srcu+0x3cc/0x4f0
[ 6449.588617][   T27]  __mmu_notifier_release+0x424/0x614
[ 6449.589088][   T27]  exit_mmap+0xb8/0xbb8
[ 6449.589552][   T27]  __mmput+0x10c/0x528
[ 6449.590008][   T27]  mmput+0x70/0xac
[ 6449.590463][   T27]  exit_mm+0x158/0x258
[ 6449.590873][   T27]  do_exit+0x788/0x2378
[ 6449.591319][   T27]  do_group_exit+0x1d4/0x2ac
[ 6449.591779][   T27]  get_signal+0x1440/0x1554
[ 6449.592260][   T27]  do_signal+0x23c/0x4dd0
[ 6449.592731][   T27]  do_notify_resume+0xb0/0x270
[ 6449.593164][   T27]  el0_svc+0xb8/0x164
[ 6449.593578][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 6449.593999][   T27]  el0t_64_sync+0x198/0x19c
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 6449.717610][   T27] 
[ 6449.717610][   T27] Showing all locks held in the system:
[ 6449.718220][   T27] 1 lock held by khungtaskd/27:
[ 6449.718641][   T27]  #0: ffff800087876d18 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[ 6449.721205][   T27] 1 lock held by klogd/3119:
[ 6449.721589][   T27] 2 locks held by getty/3185:
[ 6449.721922][   T27]  #0: 2df0000011d0e8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 6449.723567][   T27]  #1: b8ff80008c5cb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8
[ 6449.881982][   T27] 2 locks held by syz-executor/3313:
[ 6449.882356][   T27] 3 locks held by kworker/u4:11/4374:
[ 6449.882658][   T27] 3 locks held by kworker/u4:0/4597:
[ 6449.882943][   T27] 3 locks held by kworker/u4:9/4673:
[ 6449.883273][   T27] 2 locks held by kworker/u4:7/5105:
[ 6449.883578][   T27]  #0: 49f000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 6449.997026][   T27]  #1: ffff80008fe57c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 6449.998801][   T27] 3 locks held by kworker/u4:3/5537:
[ 6449.999182][   T27] 3 locks held by kworker/u4:15/5627:
[ 6449.999537][   T27] 2 locks held by kworker/u4:4/5843:
[ 6449.999873][   T27]  #0: 49f000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 6450.001510][   T27]  #1: ffff80008f167c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 6450.003237][   T27] 2 locks held by kworker/u4:10/5920:
[ 6450.003699][   T27] 2 locks held by syz.1.368/6371:
[ 6450.004061][   T27] 3 locks held by kworker/u4:6/6406:
[ 6450.176428][   T27]  #0: fff0000072d78d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x2f0/0x33a4
[ 6450.178330][   T27]  #1: fff0000072d64548 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x6c/0x6e8
[ 6450.179907][   T27]  #2: fff0000072d65e58 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x5c8/0xe7c
[ 6450.181518][   T27] 3 locks held by kworker/u4:8/6537:
[ 6450.181839][   T27] 1 lock held by modprobe/6558:
[ 6450.182373][   T27] 
[ 6450.182632][   T27] =============================================
[ 6450.182632][   T27] 

VM DIAGNOSIS:
18:33:58  Registers:
info registers vcpu 0

CPU#0
 PC=ffff800080456788 X00=0000000000000000 X01=ffff80008736205f
X02=0000000000000008 X03=0000000000000002 X04=0000000000000000
X05=0000000000000000 X06=0000000000000000 X07=ffff800085a1fadc
X08=6ff000000d9b9d80 X09=0000000000000000 X10=0000000000ff0100
X11=0000000000000049 X12=0ffff80008000798 X13=0000000000000028
X14=0000000000002000 X15=ffff800080007680 X16=ffff800080010e20
X17=0000000000000049 X18=00000000000000ff X19=97f0000027c00e00
X20=efff800000000000 X21=97f0000027c00e58 X22=45f000001cd8bbce
X23=0000000000000000 X24=0000000000000097 X25=bef0000010df4000
X26=ffff80008c462100 X27=bef0000010df4000 X28=97f0000027c00ed0
X29=ffff800080007860 X30=ffff800085a215d8  SP=ffff800080007830
PSTATE=40402009 -Z-- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=0000ffffb7d10960:0000ffffb7d10370 Z01=0000ffffb7cdf060:0000ffffb7cde0c0
Z02=0000ffffb7a286e0:0000ffffb7a280d0 Z03=0000ffffb7d0fd10:0000ffffb7cde600
Z04=0000ffffb7cdf5a0:0000ffffb7cdeb30 Z05=0000ffffb7a280d0:0000ffffb7cdfad0
Z06=0000000000000000:0000000000000000 Z07=0000000000000000:0000000000000000
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000000000000000:0000000000000000 Z17=0000000000000000:0000000000000000
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000