last executing test programs:

1h2m23.727429096s ago: executing program 1 (id=2):
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
r2 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x0, 0x3000009, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r3 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000040)={0x7, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000280)=@attr_other={0x0, 0x4, 0x1c0000, 0x0})
ioctl$KVM_CREATE_VM(r0, 0x400454d0, 0x1)
r7 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@svc={0x122, 0x40, {0x400, [0x3, 0x7fff, 0x80000002, 0x7fff]}}, @irq_setup={0x46, 0x18, {0x1, 0x6}}, @irq_setup={0x46, 0x18, {0x2, 0x12a}}, @eret={0xe6, 0x18, 0xf}], 0x88}, &(0x7f0000000100)=[@featur2={0x1, 0x84}], 0x1)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000cc0000/0x4000)=nil, 0x930, 0x2000000, 0x1010, r8, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x0, 0x0, 0x4f832, 0xffffffffffffffff, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x25)
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_vgic_v3_setup(r10, 0x1, 0x100)
r11 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r13, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r13, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)

1h2m20.035077471s ago: executing program 0 (id=1):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1a)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2c)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000a49000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f0000000180)=[@mrs={0xbe, 0x18, {0x3fe7}}], 0x18}, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013e110, 0x4a653984}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x70}}, @svc={0x122, 0x40, {0x4000, [0xffffffff, 0x4d8, 0x0, 0x8, 0xffffffffffffffff]}}, @code={0xa, 0x84, {"a04780d200c0b8f2a10080d2e20180d2a30180d2640080d2020000d4606982d20020b8f2210080d2a20080d2030080d2040080d2020000d480e381d20020b8f2010080d2820080d2a30080d2440180d2020000d40028202e0060006f0000209e000028d5007008d5000028d500f4a00e"}}, @smc={0x1e, 0x40, {0x3f000000, [0x1, 0x8000000000000000, 0x9, 0x7, 0x3e]}}, @msr={0x14, 0x20, {0x603000000013e2b0, 0x7}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xd00, 0x7fff, 0xc}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x2, 0x5, 0x2, 0x3, 0x3}}, @msr={0x14, 0x20, {0x6030000000138010, 0xc20}}, @smc={0x1e, 0x40, {0xc4000010, [0x4, 0x10001, 0x8000000000000000, 0x0, 0x24]}}, @hvc={0x32, 0x40, {0x8600ff01, [0x8, 0x0, 0x1, 0x1, 0xc500000000000]}}, @mrs={0xbe, 0x18, {0x603000000013df58}}, @hvc={0x32, 0x40, {0xc4000003, [0xffffffffffffffff, 0x9, 0x40, 0x6]}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0xac0}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x1, 0xd, 0xc09c}}, @code={0xa, 0x54, {"0020c00d00006088000008d5000008d5000008d5007008d5a0e59ed20000b8f2210080d2020080d2830180d2e40080d2020000d4007c0013007008d50004002f"}}, @uexit={0x0, 0x18, 0x8}, @svc={0x122, 0x40, {0x84000012, [0xa, 0x4, 0x7fff800000, 0x1ff, 0x8001]}}, @code={0xa, 0x84, {"c08481d20060b8f2610180d2220080d2e30080d2640080d2020000d40000001a007008d500088078203485d200e0b0f2c10180d2220180d2230180d2640080d2020000d4000008d50078210e000028d500828bd20040b8f2c10180d2e20180d2230080d2640080d2020000d40000400d"}}, @eret={0xe6, 0x18, 0x5}, @code={0xa, 0x84, {"007008d500008092c0a69ed20040b0f2a10080d2620080d2a30180d2040080d2020000d4e00c90d20040b8f2810080d2420180d2230180d2440180d2020000d40000021e00a4800d007008d5008008d5a05c89d20060b8f2810180d2820180d2030180d2240180d2020000d40004007c"}}, @code={0xa, 0x9c, {"000008d5202782d200e0b0f2010180d2e20080d2230180d2440080d2020000d4007008d5c02099d20000b8f2010180d2820080d2630080d2e40180d2020000d4000028d5a03792d20020b0f2a10180d2220180d2630180d2640180d2020000d4007008d50004c03c007008d5407797d20020b8f2010080d2820180d2e30080d2640180d2020000d4"}}], 0x574}, &(0x7f0000000040)=[@featur2={0x1, 0x5}], 0x1)

1h2m1.155633091s ago: executing program 0 (id=3):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x2, 0x2, 0x0, 0x2000, &(0x7f0000fb0000/0x2000)=nil})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x4, 0x3, 0x100000, 0x2000, &(0x7f000000f000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xcccc0000, 0x1000, &(0x7f0000f15000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1ff, 0x0, 0x6000, 0x1000, &(0x7f0000fd3000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r5 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x2c)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_SET_SIGNAL_MASK(r7, 0x4004ae8b, &(0x7f0000000180))
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000fff000/0x1000)=nil})

1h1m33.893623642s ago: executing program 32 (id=2):
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
r2 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x0, 0x3000009, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r3 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000040)={0x7, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000280)=@attr_other={0x0, 0x4, 0x1c0000, 0x0})
ioctl$KVM_CREATE_VM(r0, 0x400454d0, 0x1)
r7 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@svc={0x122, 0x40, {0x400, [0x3, 0x7fff, 0x80000002, 0x7fff]}}, @irq_setup={0x46, 0x18, {0x1, 0x6}}, @irq_setup={0x46, 0x18, {0x2, 0x12a}}, @eret={0xe6, 0x18, 0xf}], 0x88}, &(0x7f0000000100)=[@featur2={0x1, 0x84}], 0x1)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000cc0000/0x4000)=nil, 0x930, 0x2000000, 0x1010, r8, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x0, 0x0, 0x4f832, 0xffffffffffffffff, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x25)
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_vgic_v3_setup(r10, 0x1, 0x100)
r11 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r13, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r13, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)

1h1m13.505115391s ago: executing program 33 (id=3):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x2, 0x2, 0x0, 0x2000, &(0x7f0000fb0000/0x2000)=nil})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x4, 0x3, 0x100000, 0x2000, &(0x7f000000f000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xcccc0000, 0x1000, &(0x7f0000f15000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1ff, 0x0, 0x6000, 0x1000, &(0x7f0000fd3000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r5 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x2c)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_SET_SIGNAL_MASK(r7, 0x4004ae8b, &(0x7f0000000180))
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000fff000/0x1000)=nil})

48m32.779644174s ago: executing program 3 (id=53):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r1, 0x4068aea3, &(0x7f0000000000)={0xa8, 0x0, 0x3})
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_GET_DEVICE_ATTR_vm(r1, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000000c0)={0x1b, 0x5, 0x1}})
munmap(&(0x7f0000009000/0x2000)=nil, 0x2000)
ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000140)={0x0, 0x240, 0x380, &(0x7f0000000180)=[0x6bd1a312, 0xec66, 0x102, 0x8, 0x98bd, 0x80000000000000c, 0x0, 0x4, 0x10000, 0x7, 0x9004, 0x9, 0x8, 0x9, 0x5, 0x49, 0x3ff, 0x5, 0x2, 0x1, 0x8, 0x7, 0xc1, 0x1, 0x2, 0x2, 0x6, 0x9, 0x96, 0xffffffff, 0xffffffff00000000, 0x0, 0x4, 0x7, 0x4, 0x3, 0x9, 0x888f, 0x1, 0x6, 0x46, 0x5, 0x3, 0xa3de, 0x20000000006, 0x8, 0x7, 0x400, 0x3, 0xffffffffffffffb7, 0xfffffffffffffffa, 0x2, 0xe, 0x6, 0x4, 0xe6, 0x200000000000101, 0x5, 0x9, 0x66, 0x6, 0x7, 0x40000005, 0xfffffffeffffffff, 0x9, 0xd, 0x10001, 0xbbd9, 0x80000000, 0xfffffffffffffc00, 0x2, 0x7, 0x2, 0xcdc, 0x4000000007, 0x2, 0x3, 0x2, 0x2, 0xfff, 0x6, 0x4, 0x5, 0xab6, 0x0, 0x4, 0x0, 0x7, 0x9, 0xff, 0x6, 0x28000000, 0x5, 0x8061d, 0x3, 0x7, 0xf6, 0x4, 0x6, 0x204, 0x7, 0xe53e, 0x4, 0x8, 0x2293332f, 0x6, 0x5, 0x1e, 0xd, 0x2, 0x4, 0xfffffffffffffffb, 0x80000001, 0x7, 0xdfd4, 0xfff9, 0x10, 0x5, 0x8, 0x1, 0x53e0f0fe, 0xeb4, 0x3, 0xfffffffffffffffe, 0xb692, 0xcc, 0x8, 0x1000003]})
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r2, 0x0, 0x3c2a1c3178cda732, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r1, 0x4068aea3, &(0x7f0000000000)={0xa8, 0x0, 0x3}) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil}) (async)
ioctl$KVM_GET_DEVICE_ATTR_vm(r1, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000000c0)={0x1b, 0x5, 0x1}}) (async)
munmap(&(0x7f0000009000/0x2000)=nil, 0x2000) (async)
ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000140)={0x0, 0x240, 0x380, &(0x7f0000000180)=[0x6bd1a312, 0xec66, 0x102, 0x8, 0x98bd, 0x80000000000000c, 0x0, 0x4, 0x10000, 0x7, 0x9004, 0x9, 0x8, 0x9, 0x5, 0x49, 0x3ff, 0x5, 0x2, 0x1, 0x8, 0x7, 0xc1, 0x1, 0x2, 0x2, 0x6, 0x9, 0x96, 0xffffffff, 0xffffffff00000000, 0x0, 0x4, 0x7, 0x4, 0x3, 0x9, 0x888f, 0x1, 0x6, 0x46, 0x5, 0x3, 0xa3de, 0x20000000006, 0x8, 0x7, 0x400, 0x3, 0xffffffffffffffb7, 0xfffffffffffffffa, 0x2, 0xe, 0x6, 0x4, 0xe6, 0x200000000000101, 0x5, 0x9, 0x66, 0x6, 0x7, 0x40000005, 0xfffffffeffffffff, 0x9, 0xd, 0x10001, 0xbbd9, 0x80000000, 0xfffffffffffffc00, 0x2, 0x7, 0x2, 0xcdc, 0x4000000007, 0x2, 0x3, 0x2, 0x2, 0xfff, 0x6, 0x4, 0x5, 0xab6, 0x0, 0x4, 0x0, 0x7, 0x9, 0xff, 0x6, 0x28000000, 0x5, 0x8061d, 0x3, 0x7, 0xf6, 0x4, 0x6, 0x204, 0x7, 0xe53e, 0x4, 0x8, 0x2293332f, 0x6, 0x5, 0x1e, 0xd, 0x2, 0x4, 0xfffffffffffffffb, 0x80000001, 0x7, 0xdfd4, 0xfff9, 0x10, 0x5, 0x8, 0x1, 0x53e0f0fe, 0xeb4, 0x3, 0xfffffffffffffffe, 0xb692, 0xcc, 0x8, 0x1000003]}) (async)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r2, 0x0, 0x3c2a1c3178cda732, 0xffffffffffffffff, 0x0) (async)

48m30.019297966s ago: executing program 2 (id=54):
r0 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000040)={0x5}) (async, rerun: 32)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x488100, 0x0) (rerun: 32)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async, rerun: 64)
openat$kvm(0x0, 0x0, 0x101282, 0x0) (async, rerun: 64)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 32)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (rerun: 32)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x541b, 0x0)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0xffffff0d) (async)
r6 = syz_kvm_vgic_v3_setup(r4, 0x2, 0xc0)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x1, 0x4, &(0x7f0000000000)=0xfff}) (async, rerun: 64)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (rerun: 64)
openat$kvm(0x0, 0x0, 0x0, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = eventfd2(0x0, 0x181001)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x2, r9, 0x3}) (async)
r10 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xeeef0000, 0x0, r10}) (async, rerun: 64)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, 0x0) (async, rerun: 64)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000000)={0x203, 0x0, 0x2, r9, 0xf}) (async)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r11, 0xae03, 0xf5) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)

48m17.771169244s ago: executing program 2 (id=55):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r1, 0x4010ae74, &(0x7f0000000000)={0x4, 0x2, 0xfffb})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0xdc032, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2c)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x6030000000100034, &(0x7f0000000000)=0x9})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x357000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2f)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, <r8=>0xffffffffffffffff, 0x1})
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r13 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x249}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
r14 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x10, r13, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5)
r15 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r15, 0x4018aee3, &(0x7f00000000c0)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0xfffffffffffffff7})
ioctl$KVM_GET_MP_STATE(r15, 0x8004ae98, &(0x7f00000000c0))
write$eventfd(r8, &(0x7f00000001c0)=0x1, 0x11)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e700", 0x0, 0x48)

48m7.151016472s ago: executing program 3 (id=56):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ff9000/0x4000)=nil, r3, 0x2, 0x2013, 0xffffffffffffffff, 0x200001fe0000)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000000)={0x7})
r7 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000080)={0x0, 0x6000, 0x0, r7})
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000})
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f00000000c0)={0x8})
ioctl$KVM_SIGNAL_MSI(r6, 0x4020aea5, &(0x7f0000000000)={0x6000})
mmap$KVM_VCPU(&(0x7f0000ff9000/0x4000)=nil, r3, 0xfca7b3a62fc8d94b, 0x20010, r4, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x3000)=nil, r10, 0x1, 0x12, r9, 0x0)
r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r11, 0x8, 0x13, r9, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, r11, 0x1000001, 0x12, r9, 0x0)

48m1.909838162s ago: executing program 2 (id=57):
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x802, 0x0, 0x0, 0x80, 0x2}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x400]}}], 0x40}, 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r10, 0x1, 0x240)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, <r13=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)

47m47.836955262s ago: executing program 3 (id=58):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000e06000/0x2000)=nil, 0x0, 0x680001a, 0x11, r3, 0x0)
mmap$KVM_VCPU(&(0x7f0000e04000/0x2000)=nil, 0x930, 0x1, 0x11, r3, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ec2000/0x3000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r4, 0x8, 0x13, r3, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, r4, 0x1000001, 0x12, r3, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) (async)
mmap$KVM_VCPU(&(0x7f0000e06000/0x2000)=nil, 0x0, 0x680001a, 0x11, r3, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000e04000/0x2000)=nil, 0x930, 0x1, 0x11, r3, 0x0) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
mmap$KVM_VCPU(&(0x7f0000ec2000/0x3000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) (async)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r4, 0x8, 0x13, r3, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, r4, 0x1000001, 0x12, r3, 0x0) (async)

47m39.2128835s ago: executing program 2 (id=59):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bc2000/0x400000)=nil)
r2 = syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) (async)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000040)="68d3d4a6759ba655d47872b6bf881ba5dbca1c84a0779749", 0x0, 0x18)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0) (async)
r7 = eventfd2(0x0, 0x0)
close(r7)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) (async)
write$eventfd(r7, &(0x7f0000000180)=0x5, 0xfffffde3) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) (async)
write$eventfd(r7, 0x0, 0x0)
syz_kvm_add_vcpu$arm64(0x0, 0x0, &(0x7f0000000100)=[@featur1={0x1, 0x83}], 0x1)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0xa) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000000)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x84, {"000008d5000008d5008008d50084bf0d007008d51020201e207b8cd20040b0f2a10080d2420180d2830080d2e40080d2020000d400fb8cd20060b0f2410080d2020080d2230080d2640080d2020000d4e0139bd20040b8f2210080d2020080d2630080d2440180d2020000d400c0601e"}}, @svc={0x122, 0x40, {0x5000000, [0x1, 0xfff, 0x80000001, 0x3, 0x8001]}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0xf0}}, @eret={0xe6, 0x18, 0x3e1}, @eret={0xe6, 0x18, 0x5}, @code={0xa, 0x84, {"000cc0da00fc002f0038201e804187d20020b8f2a10080d2c20080d2830180d2440080d2020000d4007008d500b8315ea0bc85d200a0b8f2410080d2620080d2c30180d2240180d2020000d4406080d20060b8f2210080d2620080d2830080d2040080d2020000d40050204e000028d5"}}, @smc={0x1e, 0x40, {0x84000001, [0x101, 0x8, 0x3, 0x3, 0x8d59]}}, @code={0xa, 0xcc, {"007008d5006f8cd20000b8f2410180d2620180d2230080d2440180d2020000d440659ed20080b8f2610080d2c20180d2030180d2640180d2020000d4000000a9009284d200e0b0f2610080d2c20080d2a30080d2c40080d2020000d40080c008e0c59fd20080b8f2410080d2820180d2430180d2440180d2020000d45f2003d5a03f90d20020b0f2a10180d2e20080d2030180d2c40080d2020000d4804d94d20000b8f2c10180d2820180d2630080d2e40080d2020000d4"}}, @irq_setup={0x46, 0x18, {0x3, 0xbe}}, @code={0xa, 0x84, {"007008d5000008d5000028d5007008d5604583d200a0b8f2c10180d2420080d2030080d2040180d2020000d4000028d5804785d20060b0f2810080d2220080d2230180d2240080d2020000d4007008d50050005e00ed91d20000b0f2c10080d2420180d2230080d2440180d2020000d4"}}, @uexit={0x0, 0x18, 0x5}, @code={0xa, 0xcc, {"40b18dd20040b8f2810180d2620180d2a30080d2e40180d2020000d40004000f001c004e20ef81d20080b0f2810080d2e20080d2430080d2a40180d2020000d4003d94d20000b0f2810180d2820180d2630080d2840080d2020000d4407799d200e0b8f2e10080d2a20180d2c30080d2440080d2020000d4a07c8ed20060b0f2a10080d2a20080d2a30080d2040080d2020000d4007008d5c0fd91d20060b8f2e10180d2e20080d2e30180d2040180d2020000d4008008d5"}}, @msr={0x14, 0x20, {0x603000000013df49, 0x3}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x1, 0xa, 0x10001, 0x38, 0x4}}, @hvc={0x32, 0x40, {0x84000001, [0x1, 0x7, 0x1, 0x8]}}, @mrs={0xbe, 0x18, {0x603000000013deb3}}, @code={0xa, 0x9c, {"007008d580a996d200c0b8f2210180d2820080d2430080d2240080d2020000d4a0d996d20020b8f2210080d2020180d2c30080d2c40180d2020000d41f2003d5005c205e000008d5007008d560208dd20080b8f2610080d2220180d2830180d2c40080d2020000d4007008d5001c97d200e0b8f2a10180d2620180d2830080d2840180d2020000d4"}}, @mrs={0xbe, 0x18, {0x603000000013df19}}, @msr={0x14, 0x20, {0x3018000000098d00, 0x509}}, @msr={0x14, 0x20, {0x603000000013df48, 0x8}}, @svc={0x122, 0x40, {0x100, [0x3, 0x40400000000000, 0x1, 0x8, 0x6]}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x3, 0x7, 0x101, 0x0, 0x4}}, @uexit={0x0, 0x18, 0x7}, @code={0xa, 0x6c, {"008008d50098207e000008d5601890d20040b0f2010080d2620180d2830080d2040080d2020000d4c07985d20000b8f2610180d2e20180d2a30080d2c40180d2020000d4000008d5008008d5000008d5000000d2007008d5"}}], 0x6ac}, &(0x7f0000000780)=[@featur2={0x1, 0x10}], 0x1)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)

47m32.520732111s ago: executing program 3 (id=60):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce4, 0x7}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x6)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = eventfd2(0x5, 0x800)
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000100)={0x5, 0x25000, 0x2, r7, 0xc})
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f00000000c0)={0x8000000008000800, 0x0, 0x0, r7, 0x2})
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000000)={0x1, 0x0, 0x0, r7, 0x2})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)

47m22.315429398s ago: executing program 2 (id=61):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x22840, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000100)=0x8010000000000001})
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8800, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = eventfd2(0x40000000, 0x80000)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x2, r6, 0x3})
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000080)={0x5, 0x0, 0x2, r6, 0xa})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x24000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
r9 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r8, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000100)="fb0149dd033be3ac2cc4a29ea6af8031d1dfd900080001000000315f9731c10d097fd66f8f1f44f9ffffffffffffffebb207000000000000000000002a2900", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r8, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)

47m16.096475143s ago: executing program 3 (id=62):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2b)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x2710, 0x0, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = eventfd2(0xeffffffd, 0x801)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000000)={0x200, 0x4000, 0x4, r4, 0x1})
r5 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f00000001c0)={0x8, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x1fe, 0x2, 0xffff1000, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000340)=0x8000000000000000})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x4, 0x1, 0x0})
ioctl$KVM_CLEAR_DIRTY_LOG(r3, 0xc018aec0, &(0x7f0000000040)={0x10003, 0x140, 0x1c0, &(0x7f0000000200)=[0x3, 0x4, 0x7, 0x6, 0x4, 0x4, 0x1, 0x4, 0x1, 0x9, 0x40, 0x8000000000000001, 0x4, 0x19, 0x9, 0x5a, 0xd, 0x2, 0x3, 0xffffffff, 0x5, 0x100, 0x5, 0xd, 0xf1e, 0x9fa, 0xffffffffffffffff, 0xe4, 0x756, 0x0, 0x4, 0xffffffff80000000, 0xd2, 0x200, 0x9, 0x501, 0x6, 0x4, 0x4, 0xfffffffffffffff7, 0x4, 0x4e34, 0xb5, 0x9, 0x7fffffffffffffff, 0x401, 0x1000, 0x6, 0x3, 0x80, 0x4, 0x4, 0x2, 0x4, 0x1ff, 0xe, 0x7, 0x3, 0x8000, 0xfff, 0x2, 0x58d, 0xff15, 0x1, 0x1ff, 0xf03a, 0x1, 0x7, 0x8, 0x0, 0x2, 0x0, 0x8, 0xffffffffffffffff, 0x3ff, 0xffffffff, 0xffff, 0x5, 0x3, 0x9, 0x81, 0xc000000000000000, 0x800, 0x1, 0x100000001, 0x1, 0x3, 0x7, 0x5, 0xedc, 0x0, 0x7fff, 0xffff, 0x8, 0x100000001, 0x6, 0x7fffffff, 0x3, 0x10001, 0x10, 0x0, 0x80, 0x42, 0x7, 0x4, 0x0, 0x5, 0x0, 0x5, 0x1241fae9, 0xe000000000000000, 0x3, 0x7045, 0xa, 0xad, 0x3, 0x2, 0x6, 0x6, 0xffffffffffffffc8, 0x1, 0x13, 0x0, 0x400, 0x8001, 0x8001, 0x10001, 0x7]})
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r4, 0x3})
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f00000000c0)={0x1000000000003, 0x0, 0x2, r4, 0xf})
munmap(&(0x7f0000d70000/0x3000)=nil, 0x3000)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1d)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x0)

47m3.832853385s ago: executing program 2 (id=63):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x78)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x62e201, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x8040aeb6, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9, 0x7fffffff, 0x2}})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x10200, 0x5, 0xe000, 0x2000, &(0x7f0000e3f000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x800, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2b)
ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000bfd000/0x400000)=nil, &(0x7f00000004c0)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r7, 0x1, 0x240)
r9 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000bfe000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000b00)={0x0, 0x0}, 0x0, 0x0)
r10 = mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, r5, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x94080, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="f21bc75509bf71c9d70236fc044842da01000000000000004c24501958da2e2c18b875c2357c6ed600", 0x0, 0x48)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})

46m57.892841555s ago: executing program 3 (id=64):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@mrs={0xbe, 0x18, {0x6030000000138010}}], 0x18}, 0x0, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r6, 0x3, 0x11, r5, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_HALT_POLL(r9, 0x4068aea3, &(0x7f0000000140)={0xb6, 0x0, 0x4})
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x18, {"7f2003d5"}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r9, 0xc008ae67, &(0x7f0000000100)={0x0, 0x81})
syz_kvm_assert_syzos_uexit$arm64(r5, r7, 0xffffffffffffffff)
r12 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f0000000400)=@arm64_sys={0x603000000013c000, &(0x7f00000003c0)=0x3a5})
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r13, &(0x7f0000bd9000/0x400000)=nil, &(0x7f00000000c0)=[{0x0, &(0x7f0000000000)=[@hvc={0x32, 0x40, {0x3f000000, [0x3, 0xfff, 0x9, 0x81, 0x9]}}], 0x40}], 0x1, 0x0, &(0x7f0000000100)=[@featur2={0x1, 0x40}], 0x1)

46m13.917041483s ago: executing program 34 (id=63):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x78)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x62e201, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x8040aeb6, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9, 0x7fffffff, 0x2}})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x10200, 0x5, 0xe000, 0x2000, &(0x7f0000e3f000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x800, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2b)
ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000bfd000/0x400000)=nil, &(0x7f00000004c0)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r7, 0x1, 0x240)
r9 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000bfe000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000b00)={0x0, 0x0}, 0x0, 0x0)
r10 = mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, r5, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x94080, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="f21bc75509bf71c9d70236fc044842da01000000000000004c24501958da2e2c18b875c2357c6ed600", 0x0, 0x48)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})

46m5.155693092s ago: executing program 35 (id=64):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@mrs={0xbe, 0x18, {0x6030000000138010}}], 0x18}, 0x0, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r6, 0x3, 0x11, r5, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_HALT_POLL(r9, 0x4068aea3, &(0x7f0000000140)={0xb6, 0x0, 0x4})
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x18, {"7f2003d5"}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r9, 0xc008ae67, &(0x7f0000000100)={0x0, 0x81})
syz_kvm_assert_syzos_uexit$arm64(r5, r7, 0xffffffffffffffff)
r12 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f0000000400)=@arm64_sys={0x603000000013c000, &(0x7f00000003c0)=0x3a5})
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r13, &(0x7f0000bd9000/0x400000)=nil, &(0x7f00000000c0)=[{0x0, &(0x7f0000000000)=[@hvc={0x32, 0x40, {0x3f000000, [0x3, 0xfff, 0x9, 0x81, 0x9]}}], 0x40}], 0x1, 0x0, &(0x7f0000000100)=[@featur2={0x1, 0x40}], 0x1)

34m4.691017912s ago: executing program 5 (id=98):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000ab8000/0x400000)=nil)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000040)={0x10001, 0x10001})
openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000ab8000/0x400000)=nil) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000040)={0x10001, 0x10001}) (async)

33m43.841259418s ago: executing program 5 (id=100):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bc2000/0x400000)=nil)
r2 = syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x80)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000040)="68d3d4a6759ba655d47872b6bf881ba5dbca1c84a0779749", 0x0, 0x18)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000b80)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000000, [0x40000099a, 0x5cf, 0xaca, 0x6, 0x1]}}], 0x40}, 0x0, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000000)={0xef, 0x0, 0x7})
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000140)=@arm64_fw={0x6030000000140000, &(0x7f0000000200)=0x10001})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000ff8000/0x4000)=nil, 0x0, 0x3000005, 0x41812, r4, 0x0)
ioctl$KVM_GET_REG_LIST(r8, 0xc008aeb0, &(0x7f00000000c0))
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
r12 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r11, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r11, 0x0)
r13 = eventfd2(0x3, 0x80000)
close(r13)

33m21.781166632s ago: executing program 5 (id=102):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x3d)
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013802d, 0x8000}}], 0x20}, 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x10000000001, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x0, 0x0, 0x10000, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r7, 0x1, 0x180)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, <r10=>0xffffffffffffffff})
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0)
r11 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r12 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000b80)={0x0, &(0x7f0000000100)=[@hvc={0x32, 0x40, {0x84000015, [0xf6, 0x100, 0xffffffffffffffff, 0xee24, 0xfffffffffffeffff]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r14, 0xae80, 0x0)
r15 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r15, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

32m53.424326486s ago: executing program 5 (id=104):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000000)={0x7}) (async)
r4 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x0, r4}) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000}) (async)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00000000c0)={0x8}) (async)
ioctl$KVM_SIGNAL_MSI(r3, 0x4020aea5, &(0x7f0000000000)={0x6000})

32m38.23296563s ago: executing program 5 (id=106):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x36dc01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1c) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x40)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x1010, r3, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000000), 0x2000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) (async)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x21)
ioctl$KVM_SET_DEVICE_ATTR_vm(0xffffffffffffffff, 0x8040aeb6, 0x0) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async)
r9 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR_vm(r8, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) (async)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0x86000001, [0x0, 0x1, 0x2, 0x3, 0x4]}}, @hvc={0x32, 0x40, {0x86000000, [0x2, 0x1, 0x2, 0x3, 0x3]}}], 0x80}, 0x0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0) (async)
eventfd2(0x8, 0x80800)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_vgic_v3_setup(r12, 0x1, 0x100)
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x5, 0x6c, &(0x7f00000002c0)=0x2c172c22}) (async)
mmap$KVM_VCPU(&(0x7f0000ead000/0x1000)=nil, 0x0, 0x200000a, 0x2010, 0xffffffffffffffff, 0x0) (async)
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
ioctl$KVM_CREATE_VM(r14, 0xae01, 0x21) (async)
ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x2)

32m21.944704277s ago: executing program 5 (id=108):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000000)={0x48, 0xdddd1000, 0x0, r5})
close(r5)
close(r4)
r6 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r8 = syz_kvm_vgic_v3_setup(r7, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r8, 0x4018aee2, &(0x7f0000000080)=@attr_other={0x0, 0x9, 0x5660b638, &(0x7f0000000000)=0x4})

31m33.485849756s ago: executing program 36 (id=108):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000000)={0x48, 0xdddd1000, 0x0, r5})
close(r5)
close(r4)
r6 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r8 = syz_kvm_vgic_v3_setup(r7, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r8, 0x4018aee2, &(0x7f0000000080)=@attr_other={0x0, 0x9, 0x5660b638, &(0x7f0000000000)=0x4})

19m53.584712378s ago: executing program 4 (id=153):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) (async)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000d3c000/0x4000)=nil, r1, 0x100000d, 0x533, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, r1, 0x1000007, 0x40010, 0xffffffffffffffff, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x40000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
ioctl$KVM_CHECK_EXTENSION_VM(0xffffffffffffffff, 0xae03, 0xc6)
r4 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000d19000/0x1000)=nil, 0x1000) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, 0x0, 0x0, 0x0) (async)
syz_memcpy_off$KVM_EXIT_MMIO(r4, 0x20, 0x0, 0x0, 0x0) (async)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = mmap$KVM_VCPU(&(0x7f0000cbc000/0x1000)=nil, r1, 0x5, 0x80010, r7, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0) (async)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x399972, 0x0) (async)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xeeee0000, 0x1000, &(0x7f0000fd1000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1ff, 0x0, 0x6000, 0x1000, &(0x7f0000ec2000/0x1000)=nil}) (async)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r11, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)

19m39.110634646s ago: executing program 6 (id=154):
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_SET_REGS(r0, 0x4360ae82, &(0x7f0000000200)={[0x0, 0x6, 0x1, 0x400, 0x7, 0x800, 0x3, 0x0, 0x7, 0x755, 0xa, 0x6, 0x0, 0x3, 0x4355, 0xfffffffffffffeff], 0x2})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, <r3=>0xffffffffffffffff, 0x1})
write$eventfd(r3, &(0x7f00000001c0)=0x8100000001, 0x51a8)

19m35.953165266s ago: executing program 4 (id=155):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000200)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_ARM_VCPU_FINALIZE(r8, 0x4004aec2, &(0x7f0000000100)=0x4)
ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100036, &(0x7f0000000100)=0x80003fe})
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r10 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x4, 0x220)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000040)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000000)=0x1b})
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_GET_REG_LIST(r8, 0xc008aeb0, &(0x7f0000000180)={0x6, [0x2, 0x9, 0x7, 0xa, 0x2, 0x4]})

19m23.64255877s ago: executing program 6 (id=156):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000000)=@x86={0x9, 0x0, 0x6, 0x0, 0x2, 0x4, 0x0, 0x2, 0xd, 0x0, 0x9, 0xf, 0x0, 0x899f, 0x7f, 0x5, 0x4, 0x6, 0x1, '\x00', 0x81, 0x40})
r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x21)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2)
r11 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r10, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r10, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x4c4882, 0xfffe)
r12 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0xa, 0x4}})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
r13 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r15 = syz_kvm_vgic_v3_setup(r13, 0x3, 0xa0)
ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x6, 0x4, &(0x7f0000000000)=0x4})
r16 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r17 = ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0)
r18 = ioctl$KVM_CREATE_VCPU(r17, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r17, r18, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r17, 0x4010ae42, &(0x7f0000000200)={0x10003, 0x0, &(0x7f0000f65000/0x1000)=nil})

19m8.967585248s ago: executing program 4 (id=157):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8521, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r3, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = eventfd2(0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f00000001c0)={0x8, <r10=>0xffffffffffffffff})
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)})
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000000)=0xc000000000000000})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000100)={0x8, <r13=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r13, 0x4018aee2, &(0x7f00000001c0)=@attr_arm64={0x0, 0x8, 0x4, 0x0})
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000140)={0x1ff, 0xdddc1000, 0x0, r7, 0x4})
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, 0xffffffffffffffff)
r14 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r4, 0x4010ae74, &(0x7f0000000080)={0x5, 0x8, 0x7})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x11)
syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000000)={0x0, &(0x7f0000000200)=[@code={0xa, 0xb4, {"a00991d20000b0f2810080d2a20180d2630080d2240080d2020000d4e00300cb007008d500069ad20040b0f2010080d2020080d2830180d2a40180d2020000d440ea96d200a0b0f2810080d2620180d2e30080d2e40080d2020000d40000009c000008d5a02191d20060b8f2010080d2c20180d2a30080d2640180d2020000d4c0df85d20040b8f2e10180d2e20180d2a30180d2240080d2020000d4e0039f5a"}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x1, 0x3, 0xff, 0x6}}, @uexit={0x0, 0x18, 0x5}, @code={0xa, 0x84, {"0000004b000000530060df0d20ca9bd20000b0f2810080d2420080d2830080d2040180d2020000d4008008d50004000fe0689fd200a0b0f2210180d2820180d2030080d2040080d2020000d4204a93d20000b0f2e10180d2c20180d2830180d2240080d2020000d4008008d50000021e"}}, @smc={0x1e, 0x40, {0xc4000004, [0x5, 0x80, 0x9, 0x3ff, 0x8000000000000000]}}, @svc={0x122, 0x40, {0x80008000, [0x3ff, 0x8, 0xfe, 0x200, 0x8]}}, @code={0xa, 0xcc, {"40a88dd20020b0f2610180d2e20180d2e30180d2640180d2020000d4c0a09ed20060b8f2c10080d2620080d2030080d2e40080d2020000d4609f92d20020b8f2a10080d2220080d2430080d2840180d2020000d40000803ca07896d20000b0f2010180d2a20080d2030180d2640080d2020000d40050800f008008d500a0200de02486d200c0b8f2e10080d2620080d2c30080d2440080d2020000d4a0238ed20060b0f2810180d2820180d2630080d2a40080d2020000d4"}}, @uexit={0x0, 0x18, 0x5bf}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x2e9}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x300, 0x401, 0x1}}, @memwrite={0x6e, 0x30, @generic={0x25000, 0x723, 0x1, 0x2}}, @uexit={0x0, 0x18, 0x4e}, @svc={0x122, 0x40, {0x80000000, [0x7, 0x10, 0x1, 0x101, 0x6]}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x2eb}}, @code={0xa, 0xb4, {"00c4200e40b88cd20020b8f2610080d2a20180d2630180d2c40180d2020000d4000020abc0a189d20000b0f2010180d2e20180d2230180d2e40080d2020000d4000028d5802284d20060b8f2210080d2e20080d2e30180d2c40180d2020000d4e0b792d20080b8f2410180d2620180d2e30080d2840180d2020000d4008008d5209984d200c0b0f2410180d2020180d2430180d2040180d2020000d4004c205e"}}], 0x498}, &(0x7f0000000040)=[@featur1={0x1, 0x8}], 0x1)

18m59.094036292s ago: executing program 6 (id=158):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000040)=[@featur1={0x1, 0xd6}], 0x1)
syz_kvm_setup_cpu$arm64(r1, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)=@arm64={0x3, 0xe0, 0xb4, '\x00', 0x1})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

18m47.224755451s ago: executing program 4 (id=159):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r4 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r3, 0x2, 0x12, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000002c0)="fb016bddfb405ee52cc6a29ea6ab8031d1dfd92f00000406010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb2070000000000000000000000c20cecfa0a97ab7800", 0x0, 0x48)

18m43.584779979s ago: executing program 6 (id=160):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x3000, 0x8080000, 0x8, 0x8, 0xc, 0xe6, 0x40, 0x9, 0x8, 0x81, 0x80}, {0x5000, 0x3000, 0x3, 0x0, 0x42, 0x5, 0x7d, 0x6, 0x36, 0x0, 0x2, 0x87}, {0x0, 0xdddd0000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x5}, {0x1, 0xeeee0000, 0x7, 0x6, 0x5, 0x42, 0xb, 0xff, 0x6, 0x3, 0xe}, {0xeeee0000, 0xd000, 0xf, 0x3, 0x16, 0x88, 0xab, 0x8, 0x9, 0x9, 0xf7, 0x97}, {0xdddd1000, 0xdddd0000, 0xe, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0x2f, 0x1, 0x7}, {0x3000, 0x3000, 0x4, 0x5, 0x7, 0x5, 0x6, 0x3, 0x8, 0x81, 0x40, 0x70}, {0xd000, 0xc000, 0xa, 0x3a, 0xcd, 0x7, 0x1, 0x9, 0x2, 0xc, 0xb0, 0x81}, {0x7000, 0x30}, {0x26000, 0x7}, 0x80000031, 0x0, 0x3000, 0x220024, 0x2, 0x0, 0xfec00000, [0x6800000000000000, 0x4, 0x3, 0x8]})
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r4=>0xffffffffffffffff, 0x1})
write$eventfd(r4, &(0x7f00000001c0)=0x4, 0x4d) (async)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xd02, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2b) (async)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000b80)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000140)=@arm64_fw={0x6030000000140000, &(0x7f0000000200)=0x2}) (async)
ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r7, r12, &(0x7f0000bfd000/0x400000)=nil, &(0x7f00000004c0)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r7, 0x1, 0x240)
r13 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000bfe000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000b00)={0x0, 0x0}, 0x0, 0x0) (async)
r14 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000a5a000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000b80)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000012, [0xffffffff, 0x100080001, 0x5, 0x101, 0x13]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r15, 0xae80, 0x0) (async)
r16 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r17 = syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000200)={0x0, &(0x7f0000000500)=[@mrs={0xbe, 0x18, {0x6030000000138056}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r17, 0xae80, 0x0) (async)
ioctl$KVM_SET_VCPU_EVENTS(r17, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105})

18m32.89351271s ago: executing program 4 (id=161):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x3000)=nil, r5, 0x1, 0x12, r3, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r6, 0x8, 0x13, r3, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, r6, 0x1000001, 0x12, r3, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2, 0x23ac5f9b426ec4b1, 0xffffffffffffffff, 0x0)

18m21.425919925s ago: executing program 6 (id=162):
r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f00005b7000/0x400000)=nil) (async)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00000001c0)={0x8, <r4=>0xffffffffffffffff})
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) (async)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
mmap$KVM_VCPU(&(0x7f0000f2a000/0x4000)=nil, 0x930, 0xf, 0x32, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f00000000c0)=@attr_other={0x0, 0x8, 0xa, 0x0}) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000001c0)={0x8, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000080)=0x8000000000000000}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000140)=@attr_other={0x0, 0x200, 0x9, &(0x7f0000000180)=0x8})

18m17.637617502s ago: executing program 4 (id=163):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r3 = eventfd2(0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, 0x0, 0x1000004, 0x11, r3, 0x0)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000080)={r3, 0x8, 0x7ffffffe})
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2f)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100048, &(0x7f0000000000)=0x3})
ioctl$KVM_ARM_VCPU_FINALIZE(r6, 0x4004aec2, &(0x7f0000000000)=0x3)

18m6.065092323s ago: executing program 6 (id=164):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000780), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0xeeef0000, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x30)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r4, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000001c0)="fb0149dd833be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8faa767969d22627e700", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x0, 0x1000009, 0x13, r4, 0x0)
r6 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000000)=@arm64_sve={0x60800000001505c1, &(0x7f0000000100)=0x7})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r9, r10, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_GET_ONE_REG(r10, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c000})
r11 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x3)
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r12, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18})
ioctl$KVM_ARM_VCPU_FINALIZE(r12, 0x4004aec2, &(0x7f0000000180)=0x4)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r12, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18}) (async)
syz_kvm_vgic_v3_setup(r11, 0x3, 0x180)
ioctl$KVM_CREATE_VM(r6, 0x401c5820, 0x20000007)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x2515, 0x0, 0x0, 0x1000, &(0x7f0000fec000/0x1000)=nil})
close(r1)

17m29.220675349s ago: executing program 37 (id=163):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r3 = eventfd2(0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, 0x0, 0x1000004, 0x11, r3, 0x0)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000080)={r3, 0x8, 0x7ffffffe})
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2f)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100048, &(0x7f0000000000)=0x3})
ioctl$KVM_ARM_VCPU_FINALIZE(r6, 0x4004aec2, &(0x7f0000000000)=0x3)

17m13.156253308s ago: executing program 38 (id=164):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000780), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0xeeef0000, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x30)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r4, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000001c0)="fb0149dd833be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8faa767969d22627e700", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x0, 0x1000009, 0x13, r4, 0x0)
r6 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000000)=@arm64_sve={0x60800000001505c1, &(0x7f0000000100)=0x7})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r9, r10, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_GET_ONE_REG(r10, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c000})
r11 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x3)
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r12, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18})
ioctl$KVM_ARM_VCPU_FINALIZE(r12, 0x4004aec2, &(0x7f0000000180)=0x4)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r12, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18}) (async)
syz_kvm_vgic_v3_setup(r11, 0x3, 0x180)
ioctl$KVM_CREATE_VM(r6, 0x401c5820, 0x20000007)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x2515, 0x0, 0x0, 0x1000, &(0x7f0000fec000/0x1000)=nil})
close(r1)

3m32.514502443s ago: executing program 8 (id=186):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_IRQ_LINE_STATUS(r5, 0xc008ae67, &(0x7f0000000040)={0x10101, 0x10001})
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x3)
r6 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000b0a000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x5, 0x1c0)
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000a67000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000080)=@arm64_sys={0x603000000013c807})

3m1.723665397s ago: executing program 8 (id=188):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
r3 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
eventfd2(0xeffffffd, 0x801)
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x58)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, 0x0)
r8 = eventfd2(0x8, 0x80800)
r9 = eventfd2(0x5, 0x1)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f00000000c0)={0x4, 0x25000, 0x0, r9, 0x2})
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000140)={0x8000000000000000, 0x0, 0x2, r8, 0x3})
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x2, r8, 0x3})
r10 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2c)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1)
ioctl$KVM_SET_SIGNAL_MASK(r11, 0x4004ae8b, &(0x7f0000000180))
write$eventfd(r2, &(0x7f00000001c0)=0x8100000001, 0x2d73)

2m32.01257411s ago: executing program 7 (id=189):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async)
ioctl$KVM_CHECK_EXTENSION(r0, 0xc020660b, 0xe1)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x200023)
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x8040aeb6, &(0x7f00000001c0)=@attr_other={0x0, 0x5, 0x7, &(0x7f0000000080)=0x3}) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, r3, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x210202, 0x0) (async)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000002000/0x400000)=nil)

2m30.59235949s ago: executing program 8 (id=190):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f00000001c0)=@arm64_core={0x603000000010001e, &(0x7f0000000000)=0xfdb})
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x603000000010001c, &(0x7f0000000000)=0x3ff})
r10 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8521, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
r11 = syz_kvm_vgic_v3_setup(r5, 0x1, 0x40)
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0x1, 0x304, &(0x7f00000000c0)=0x83})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r10, 0x4018aee3, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0x87a, 0x1, 0x1}})

2m13.521045644s ago: executing program 7 (id=191):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x9)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee2, &(0x7f0000000080)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000040)=0xffffa8a8})
r1 = mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, 0x0, 0x2, 0x12, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f00000000c0)="2f9194ee3c53ebbd8c1e8625591890d247b777062e18116e39f567ebb2c68b4fda8c9dcacfcec2999f55ff2094d94ad4fdb45eb9545c7ac878c98acb31a87286206cfc9fc4fed262", 0x0, 0x48)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x511280, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r4 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
mmap$KVM_VCPU(&(0x7f0000ff9000/0x4000)=nil, r3, 0x1, 0x10, r4, 0x0)
r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x6)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x408400, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r4, 0x4010ae74, &(0x7f00000001c0)={0x200, 0x9, 0x7})
ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000200)="f8c2f0accdf3e9d12c26c98791d3760e990d5d3ecc95096af0cbfe831d596600dade3b9946cffc6c58ea29871cfffc7504f5dd636bfebaa941f48e4243ce3b64e6cd77dbdf258aa7", 0x0, 0x48)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000280)={0x7, 0x1}})
ioctl$KVM_PRE_FAULT_MEMORY(r7, 0xc040aed5, &(0x7f0000000300)={0x3000, 0x3000})
ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f0000000340)={0x1, 0x4})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000003c0)=@attr_other={0x0, 0x8, 0x1, &(0x7f0000000380)=0x9})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x412000, 0x0)
ioctl$KVM_CHECK_EXTENSION(r8, 0xae03, 0x8)
ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f0000000480)=@attr_other={0x0, 0x4, 0xd, &(0x7f0000000440)=0x4})
close(r6)
ioctl$KVM_SET_GSI_ROUTING(r5, 0x4008ae6a, &(0x7f00000004c0)={0x1, 0x0, [{0xb, 0x3, 0x1, 0x0, @msi={0xde38000, 0x2, 0x4, 0xdb7d}}]})
r9 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000540)={0x0, &(0x7f0000000500)=[@msr={0x14, 0x20, {0x603000000013def6, 0xa2}}, @irq_setup={0x46, 0x18, {0x4, 0x59}}], 0x38}, &(0x7f0000000580)=[@featur2={0x1, 0x12}], 0x1)
ioctl$KVM_DIRTY_TLB(r9, 0x4010aeaa, &(0x7f00000005c0)={0x3, 0xfffffffe})
r10 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_SET_REGS(r10, 0x4360ae82, &(0x7f0000000600)={[0x0, 0xdb2, 0x1, 0x6e, 0x401, 0x9, 0x4, 0x9, 0x6, 0x5, 0x80, 0x101, 0xffffffffffffffff, 0x100, 0x0, 0x1], 0xdddd0000, 0x200000})
ioctl$KVM_GET_REGS(r4, 0x8360ae81, &(0x7f00000006c0))

2m1.351361307s ago: executing program 8 (id=192):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r4, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0)
r6 = eventfd2(0x0, 0x0)
close(r6)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x3000002, 0x13, r6, 0x0)
write$eventfd(r6, &(0x7f0000000180)=0x5, 0xfffffde3)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x1fd, 0x2, 0x8000000, 0x2000, &(0x7f0000ecf000/0x2000)=nil})
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)

1m54.421135018s ago: executing program 7 (id=193):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x14)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8802, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x100000000)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000040)="8c97bc954034aa485c511ed73ac2cd1d0218c90d80f07acb03a995c23feb9481eb48b49c9c58748346a115b8c3579bb8c63204b9139645c6eb734a30f0b2a3c67461cf6809367cd0", 0x0, 0x48)
ioctl$KVM_GET_API_VERSION(r1, 0xae00, 0x0)
ioctl$KVM_S390_VCPU_FAULT(0xffffffffffffffff, 0x4008ae52, &(0x7f00000000c0)=0x6)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000540)={0x0, &(0x7f0000000100)=[@its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x3, 0xd, 0x80000001, 0x7fff, 0x2}}, @svc={0x122, 0x40, {0x0, [0xffffffffffffffff, 0x9, 0x10001, 0x0, 0x3]}}, @svc={0x122, 0x40, {0x84000008, [0x2, 0xdf7, 0x1, 0xfffffffffffffffb, 0xb]}}, @irq_setup={0x46, 0x18, {0x4, 0xae}}, @msr={0x14, 0x20, {0x603000000013dce0, 0x536}}, @smc={0x1e, 0x40, {0x84000013, [0x6, 0x0, 0x81, 0x2, 0x9]}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x2a5}}, @smc={0x1e, 0x40, {0x80003fff, [0x81, 0x100000001, 0x0, 0x10, 0x200]}}, @eret={0xe6, 0x18, 0x6}, @svc={0x122, 0x40, {0x8, [0xf432, 0x2148, 0x0, 0x4, 0x4]}}, @uexit={0x0, 0x18, 0x40}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x371}}, @hvc={0x32, 0x40, {0xbb00000c, [0xa, 0xaa, 0x6, 0x5, 0x3]}}, @msr={0x14, 0x20, {0x603000000013dcf3, 0x7}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x65}}, @msr={0x14, 0x20, {0x603000000013e6c4, 0x9}}, @eret={0xe6, 0x18, 0x101}, @eret={0xe6, 0x18, 0xfffffffffffffffe}, @svc={0x122, 0x40, {0x2000, [0x8000, 0x6, 0x3, 0x4, 0x4]}}, @svc={0x122, 0x40, {0x20, [0x525f, 0x1, 0x8, 0x10000, 0x9]}}, @irq_setup={0x46, 0x18, {0x4, 0x1fe}}, @hvc={0x32, 0x40, {0x0, [0x2, 0xfffffffffffffff9, 0x3, 0x100000000, 0x25]}}, @memwrite={0x6e, 0x30, @generic={0x1bbbe9000, 0x58, 0xff, 0x9}}, @memwrite={0x6e, 0x30, @generic={0x54000, 0x9fa, 0x7fff, 0x1}}], 0x430}, &(0x7f0000000580)=[@featur1={0x1, 0x5}], 0x1)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000600)=@riscv64_config={0x8030000000100005, &(0x7f00000005c0)=0x3})
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000680)=@arm64_core={0x603000000010004c, &(0x7f0000000640)=0x1d03})
ioctl$KVM_SET_GUEST_DEBUG_arm64(r2, 0x4208ae9b, &(0x7f00000006c0)={0x20000, 0x0, {[0x0, 0x3, 0x800, 0x10, 0x8, 0x7, 0x7a2f, 0x5, 0x0, 0xf, 0x7fffffff, 0x8000000000000000, 0x4, 0x6, 0x1, 0xe89], [0x832, 0xf, 0xdc0, 0x1595b1b8, 0x7, 0x1, 0xc446, 0xe, 0xffe00000, 0x7aca, 0x0, 0x8, 0x6, 0xf, 0x6, 0xfffffffffffffc01], [0x8000000000000001, 0x4, 0x9, 0x9, 0xccc, 0xfffffffffffffffd, 0x7fffffffffffffff, 0x5, 0x5, 0x6, 0xe, 0x10000, 0x7f8, 0xfff, 0x0, 0x4], [0x8001, 0xca, 0x6, 0x2, 0x7, 0x448287ed, 0x9, 0x6, 0x91, 0x10000, 0x1, 0x1, 0xe, 0x80000000, 0xfffffffffffffffc, 0x8000]}})
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000900)={0x1, <r3=>0xffffffffffffffff, 0x1})
r4 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000940), 0x82, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r0, 0x4068aea3, &(0x7f0000000980))
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x6)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r0, 0x4068aea3, &(0x7f0000000a00)={0xe4, 0x0, 0x3})
r6 = ioctl$KVM_GET_STATS_FD_cpu(r2, 0xaece)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1d)
r7 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000ac0)=@attr_other={0x0, 0x8, 0x201d, &(0x7f0000000a80)=0x50})
r8 = ioctl$KVM_GET_STATS_FD_cpu(r6, 0xaece)
r9 = ioctl$KVM_GET_STATS_FD_cpu(r4, 0xaece)
ioctl$KVM_SET_REGS(r9, 0x4360ae82, &(0x7f0000000b00)={[0x2db6, 0x1, 0x6, 0x2, 0x2, 0x0, 0x8, 0x6, 0x8, 0xeee, 0x10, 0xd1, 0x5, 0x3, 0x10001, 0x100000001], 0x58000, 0x21000})
ioctl$KVM_SET_SIGNAL_MASK(r2, 0x4004ae8b, &(0x7f0000000bc0)={0x3e, "1d26c4c725cd8ccfd8437957fac9e056b9cf72ef21ea13a4958cecb33436602460e5a700c4de6cc662bc7bb9d22703310a0951afc9278a2ed62bf0d3ee3f"})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
syz_kvm_setup_cpu$arm64(r6, r8, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000001100)=[{0x0, &(0x7f0000000c40)=[@code={0xa, 0x9c, {"a0148ed20040b0f2610180d2c20180d2030080d2040080d2020000d400a4002f604b80d200a0b0f2010180d2420180d2230080d2a40080d2020000d4007008d5005e9bd20060b8f2010080d2420080d2e30180d2840080d2020000d4000080b80000805220e98dd20000b0f2c10080d2220080d2430180d2c40180d2020000d4008008d5007008d5"}}, @smc={0x1e, 0x40, {0x800, [0xffff, 0x8001, 0x4, 0xffffffffffffffff, 0x400]}}, @code={0xa, 0x84, {"00609f0d0010805fe0129fd20000b8f2210180d2820180d2630180d2240180d2020000d400a0800d00f690d20080b0f2a10080d2020180d2830080d2c40180d2020000d4608884d20060b0f2c10080d2e20180d2030180d2240080d2020000d4000c000e007c0013007008d5000c8038"}}, @code={0xa, 0x54, {"0090200e00c8b02e0020200d00a49f0d00f890d20020b8f2410080d2a20180d2c30180d2e40180d2020000d4e003004b000008d5008c006f000008d5000040f9"}}, @msr={0x14, 0x20, {0x603000000013df6b, 0x8}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x280, 0x7, 0x9}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x78, 0x3}}, @hvc={0x32, 0x40, {0x84000053, [0x8, 0x8, 0x8, 0x9, 0xfff]}}, @irq_setup={0x46, 0x18, {0x0, 0x332}}, @mrs={0xbe, 0x18, {0x603000000013e668}}, @its_setup={0x82, 0x28, {0x1, 0x8, 0x364}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x4, 0xa, 0x2, 0x2, 0x4}}, @msr={0x14, 0x20, {0x603000000013e6ce, 0x8}}, @irq_setup={0x46, 0x18, {0x0, 0x1ee}}, @uexit={0x0, 0x18, 0x8}, @mrs={0xbe, 0x18, {0x603000000013c648}}, @svc={0x122, 0x40, {0x20, [0x8000000000000001, 0x1ff, 0x9, 0x6150, 0x1]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xd00, 0x7ff, 0x1}}, @smc={0x1e, 0x40, {0xc400000e, [0x8, 0x4, 0x100000000, 0x0, 0xfffffffffffffff9]}}, @smc={0x1e, 0x40, {0x80000000, [0x1, 0x4a72, 0x80, 0x7b, 0x9]}}, @uexit={0x0, 0x18, 0x7}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x25c}}, @irq_setup={0x46, 0x18, {0x4, 0x23f}}], 0x4a4}], 0x1, 0x0, &(0x7f0000001140)=[@featur1={0x1, 0x30}], 0x1)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)

1m35.731194294s ago: executing program 7 (id=194):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x24) (async)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40080, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
r3 = eventfd2(0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0x80111500, 0x20000000)
ioctl$KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000100)=0x309}) (async)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x200000d, 0x40032, r4, 0x0) (async)
r5 = eventfd2(0x5, 0x801)
write$eventfd(r5, &(0x7f0000000180)=0x2, 0x8)

1m35.192858386s ago: executing program 8 (id=195):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
r1 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0) (async)
r7 = eventfd2(0x0, 0x80000)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x2000)=nil, 0x930, 0x0, 0x110, r7, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x401]}}], 0x40}, 0x0, 0x0) (async)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r10, 0x2000003, 0x11, r9, 0x0) (async, rerun: 32)
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async, rerun: 32)
r11 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) (async, rerun: 64)
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000180)={r7, 0x5d3, 0x4, r7}) (rerun: 64)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f00000001c0)={0x8, <r13=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000080)=0x8000000000000000}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) (async)
r14 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=[@its_setup={0x82, 0x28, {0x3, 0x4, 0x331}}, @eret={0xe6, 0x18, 0x8001}, @irq_setup={0x46, 0x18, {0x4, 0x98}}, @code={0xa, 0x54, {"805d92d20000b8f2210180d2220080d2430080d2040180d2020000d4005c202e00c0206e007008d5007008d5007008d500d4a07e000000ea00b0200e000008d5"}}, @its_setup={0x82, 0x28, {0x3, 0x96, 0x43}}, @mrs={0xbe, 0x18, {0x603000000013e729}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x50}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x38}}, @eret={0xe6, 0x18, 0x4}, @smc={0x1e, 0x40, {0x8400000f, [0x5, 0x6, 0x8000000000000001, 0x3, 0xcf]}}], 0x194}, 0x0, 0x0)
ioctl$KVM_RUN(r14, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)

1m14.917536835s ago: executing program 7 (id=196):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000000)={0xffffffffffffffff, 0xc8})
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r2, 0x400454ca, 0x110c230004)

1m9.552433502s ago: executing program 8 (id=197):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r2 = eventfd2(0x8, 0x1)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0xc00000000000, 0x100000, 0x0, r2, 0x4})
r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x4, 0x300)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0x17)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x185042, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x3)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
r9 = syz_kvm_vgic_v3_setup(r8, 0x1, 0x100)
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0x1, 0x84, &(0x7f0000000080)=0xfffffffffffffff7})
r10 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)

54.172587748s ago: executing program 7 (id=198):
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f00000000c0)={0x6, <r0=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r0, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x10001, 0x6, &(0x7f0000000200)=0x60})
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xeeee0000, 0x1000, &(0x7f0000fd1000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f00000000c0)={0x1ff, 0x0, 0x6000, 0x1000, &(0x7f0000ec2000/0x1000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r8, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000100)={0x1ff, 0x0, 0x0, 0x1000, &(0x7f0000fff000/0x1000)=nil})
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x4, <r9=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r9, 0x4018aee3, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(r9, 0x4018aee3, &(0x7f0000000040)=@attr_other={0x0, 0x1, 0x200, 0x0})
r10 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r2, r10, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000080)=@riscv64_sbi_fwft={0x803000000a010001, &(0x7f0000000100)=0x4})

20.766418094s ago: executing program 39 (id=197):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r2 = eventfd2(0x8, 0x1)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0xc00000000000, 0x100000, 0x0, r2, 0x4})
r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x4, 0x300)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0x17)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x185042, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x3)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
r9 = syz_kvm_vgic_v3_setup(r8, 0x1, 0x100)
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0x1, 0x84, &(0x7f0000000080)=0xfffffffffffffff7})
r10 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)

0s ago: executing program 40 (id=198):
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f00000000c0)={0x6, <r0=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r0, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x10001, 0x6, &(0x7f0000000200)=0x60})
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xeeee0000, 0x1000, &(0x7f0000fd1000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f00000000c0)={0x1ff, 0x0, 0x6000, 0x1000, &(0x7f0000ec2000/0x1000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r8, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000100)={0x1ff, 0x0, 0x0, 0x1000, &(0x7f0000fff000/0x1000)=nil})
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x4, <r9=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r9, 0x4018aee3, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(r9, 0x4018aee3, &(0x7f0000000040)=@attr_other={0x0, 0x1, 0x200, 0x0})
r10 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r2, r10, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000080)=@riscv64_sbi_fwft={0x803000000a010001, &(0x7f0000000100)=0x4})

kernel console output (not intermixed with test programs):

[  412.857349][ T3170] 8021q: adding VLAN 0 to HW filter on device bond0
[  445.482505][ T3170] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:6507' (ED25519) to the list of known hosts.
[  643.247001][   T25] audit: type=1400 audit(642.430:61): avc:  denied  { name_bind } for  pid=3332 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  645.135248][   T25] audit: type=1400 audit(644.310:62): avc:  denied  { execute } for  pid=3333 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  645.170609][   T25] audit: type=1400 audit(644.360:63): avc:  denied  { execute_no_trans } for  pid=3333 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  670.905508][   T25] audit: type=1400 audit(670.080:64): avc:  denied  { mounton } for  pid=3333 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  670.956463][   T25] audit: type=1400 audit(670.140:65): avc:  denied  { mount } for  pid=3333 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  671.046059][ T3333] cgroup: Unknown subsys name 'net'
[  671.128736][   T25] audit: type=1400 audit(670.320:66): avc:  denied  { unmount } for  pid=3333 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  671.647024][ T3333] cgroup: Unknown subsys name 'cpuset'
[  671.796693][ T3333] cgroup: Unknown subsys name 'rlimit'
[  672.776592][   T25] audit: type=1400 audit(671.970:67): avc:  denied  { setattr } for  pid=3333 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  672.797727][   T25] audit: type=1400 audit(671.980:68): avc:  denied  { mounton } for  pid=3333 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  672.827479][   T25] audit: type=1400 audit(672.020:69): avc:  denied  { mount } for  pid=3333 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  673.960568][ T3337] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  673.982302][   T25] audit: type=1400 audit(673.170:70): avc:  denied  { relabelto } for  pid=3337 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  674.022096][   T25] audit: type=1400 audit(673.200:71): avc:  denied  { write } for  pid=3337 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  674.196840][   T25] audit: type=1400 audit(673.380:72): avc:  denied  { read } for  pid=3333 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  674.217092][   T25] audit: type=1400 audit(673.400:73): avc:  denied  { open } for  pid=3333 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  674.261941][ T3333] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  732.547806][   T25] audit: type=1400 audit(731.740:74): avc:  denied  { execmem } for  pid=3338 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  736.440045][   T25] audit: type=1400 audit(735.630:75): avc:  denied  { read } for  pid=3340 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  736.475571][   T25] audit: type=1400 audit(735.640:76): avc:  denied  { open } for  pid=3340 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  736.537777][   T25] audit: type=1400 audit(735.710:77): avc:  denied  { mounton } for  pid=3341 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  736.769855][   T25] audit: type=1400 audit(735.960:78): avc:  denied  { module_request } for  pid=3340 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  736.790647][   T25] audit: type=1400 audit(735.970:79): avc:  denied  { module_request } for  pid=3341 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  737.876199][   T25] audit: type=1400 audit(737.050:80): avc:  denied  { sys_module } for  pid=3340 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  761.167552][ T3340] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  761.345535][ T3340] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  763.347443][ T3341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  763.539315][ T3341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  779.876798][ T3340] hsr_slave_0: entered promiscuous mode
[  779.922778][ T3340] hsr_slave_1: entered promiscuous mode
[  781.479735][ T3341] hsr_slave_0: entered promiscuous mode
[  781.515235][ T3341] hsr_slave_1: entered promiscuous mode
[  781.537026][ T3341] debugfs: 'hsr0' already exists in 'hsr'
[  781.541109][ T3341] Cannot create hsr debugfs directory
[  787.236722][   T25] audit: type=1400 audit(786.430:81): avc:  denied  { create } for  pid=3340 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  787.290982][   T25] audit: type=1400 audit(786.480:82): avc:  denied  { write } for  pid=3340 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  787.359964][   T25] audit: type=1400 audit(786.550:83): avc:  denied  { read } for  pid=3340 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  787.506904][ T3340] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  787.857367][ T3340] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  788.128889][ T3340] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  788.600524][ T3340] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  790.227170][ T3341] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  790.475764][ T3341] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  790.629342][ T3341] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  790.798817][ T3341] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  803.540725][ T3340] 8021q: adding VLAN 0 to HW filter on device bond0
[  806.190591][ T3341] 8021q: adding VLAN 0 to HW filter on device bond0
[  868.100714][ T3340] veth0_vlan: entered promiscuous mode
[  868.557487][ T3340] veth1_vlan: entered promiscuous mode
[  870.579594][ T3341] veth0_vlan: entered promiscuous mode
[  871.087719][ T3340] veth0_macvtap: entered promiscuous mode
[  871.587785][ T3341] veth1_vlan: entered promiscuous mode
[  871.700370][ T3340] veth1_macvtap: entered promiscuous mode
[  874.199372][   T43] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  874.328032][   T43] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  874.336789][   T43] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  874.418842][ T3341] veth0_macvtap: entered promiscuous mode
[  874.540366][   T43] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  875.132955][ T3341] veth1_macvtap: entered promiscuous mode
[  877.202119][   T25] audit: type=1400 audit(876.390:84): avc:  denied  { mount } for  pid=3340 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  877.437435][   T25] audit: type=1400 audit(876.620:85): avc:  denied  { mounton } for  pid=3340 comm="syz-executor" path="/syzkaller.MiQRDk/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  877.628918][   T25] audit: type=1400 audit(876.820:86): avc:  denied  { mount } for  pid=3340 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  878.020259][   T25] audit: type=1400 audit(877.210:87): avc:  denied  { mounton } for  pid=3340 comm="syz-executor" path="/syzkaller.MiQRDk/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  878.236427][   T25] audit: type=1400 audit(877.380:88): avc:  denied  { mounton } for  pid=3340 comm="syz-executor" path="/syzkaller.MiQRDk/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3780 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  878.446201][   T43] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  878.474620][   T43] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  878.476435][   T43] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  878.477220][   T43] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  879.006706][   T25] audit: type=1400 audit(878.190:89): avc:  denied  { unmount } for  pid=3340 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  879.265362][   T25] audit: type=1400 audit(878.450:90): avc:  denied  { mounton } for  pid=3340 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  879.397354][   T25] audit: type=1400 audit(878.590:91): avc:  denied  { mount } for  pid=3340 comm="syz-executor" name="/" dev="gadgetfs" ino=3791 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  879.727859][   T25] audit: type=1400 audit(878.910:92): avc:  denied  { mount } for  pid=3340 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  879.929024][   T25] audit: type=1400 audit(879.100:93): avc:  denied  { mounton } for  pid=3340 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  881.244308][ T3340] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  882.554979][   T25] kauditd_printk_skb: 1 callbacks suppressed
[  882.594182][   T25] audit: type=1400 audit(881.730:95): avc:  denied  { read write } for  pid=3340 comm="syz-executor" name="loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  882.655457][   T25] audit: type=1400 audit(881.830:96): avc:  denied  { open } for  pid=3340 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  882.714705][   T25] audit: type=1400 audit(881.870:97): avc:  denied  { ioctl } for  pid=3340 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  895.587269][   T25] audit: type=1400 audit(894.750:98): avc:  denied  { read } for  pid=3496 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  895.674887][   T25] audit: type=1400 audit(894.840:99): avc:  denied  { open } for  pid=3496 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  895.964340][   T25] audit: type=1400 audit(895.140:100): avc:  denied  { ioctl } for  pid=3496 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  898.468599][   T25] audit: type=1400 audit(897.660:101): avc:  denied  { append } for  pid=3498 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  994.241190][ T3510] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  994.992202][ T3510] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1024.558903][ T3510] hsr_slave_0: entered promiscuous mode
[ 1024.627824][ T3510] hsr_slave_1: entered promiscuous mode
[ 1024.677585][ T3510] debugfs: 'hsr0' already exists in 'hsr'
[ 1024.684096][ T3510] Cannot create hsr debugfs directory
[ 1027.601983][ T3521] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1027.941638][ T3521] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1042.069296][ T3510] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1042.505977][ T3510] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1042.895369][ T3510] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1043.300613][ T3510] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1055.878033][ T3521] hsr_slave_0: entered promiscuous mode
[ 1055.948653][ T3521] hsr_slave_1: entered promiscuous mode
[ 1056.049367][ T3521] debugfs: 'hsr0' already exists in 'hsr'
[ 1056.078298][ T3521] Cannot create hsr debugfs directory
[ 1075.271157][ T3521] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1076.097214][ T3521] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1076.659255][ T3521] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1077.238420][ T3510] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1077.366292][ T3521] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1108.657535][   T32] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1110.002703][   T32] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1111.186415][   T32] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1112.142033][   T32] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1127.972353][   T32] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1128.745068][   T32] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1129.159874][   T32] bond0 (unregistering): Released all slaves
[ 1131.498092][   T32] hsr_slave_0: left promiscuous mode
[ 1131.571352][   T32] hsr_slave_1: left promiscuous mode
[ 1131.982788][   T32] veth1_macvtap: left promiscuous mode
[ 1132.027321][   T32] veth0_macvtap: left promiscuous mode
[ 1132.049569][   T32] veth1_vlan: left promiscuous mode
[ 1132.065373][   T32] veth0_vlan: left promiscuous mode
[ 1155.898551][ T3521] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1160.026979][   T32] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1161.697996][   T32] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1163.145345][   T32] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1164.528175][   T32] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1182.244183][   T32] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1182.436723][   T32] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1182.579899][   T32] bond0 (unregistering): Released all slaves
[ 1184.488392][   T32] hsr_slave_0: left promiscuous mode
[ 1184.785224][   T32] hsr_slave_1: left promiscuous mode
[ 1185.695502][   T32] veth1_macvtap: left promiscuous mode
[ 1185.700793][   T32] veth0_macvtap: left promiscuous mode
[ 1185.746330][   T32] veth1_vlan: left promiscuous mode
[ 1185.758039][   T32] veth0_vlan: left promiscuous mode
[ 1265.139890][ T3510] veth0_vlan: entered promiscuous mode
[ 1266.057365][ T3510] veth1_vlan: entered promiscuous mode
[ 1269.426383][ T3510] veth0_macvtap: entered promiscuous mode
[ 1270.049598][ T3510] veth1_macvtap: entered promiscuous mode
[ 1273.392249][ T3390] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1273.430086][   T21] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1273.441270][   T21] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1273.576570][ T3386] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1285.977911][ T3521] veth0_vlan: entered promiscuous mode
[ 1287.108545][ T3521] veth1_vlan: entered promiscuous mode
[ 1290.840388][ T3521] veth0_macvtap: entered promiscuous mode
[ 1291.658196][ T3521] veth1_macvtap: entered promiscuous mode
[ 1295.404675][ T3618] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1295.409959][ T3618] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1295.427608][ T3618] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1295.444770][ T3618] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1299.617422][   T25] audit: type=1400 audit(1298.760:102): avc:  denied  { execute } for  pid=3707 comm="syz.2.6" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=5457 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[ 1344.544444][   T25] audit: type=1400 audit(1343.720:103): avc:  denied  { write } for  pid=3739 comm="syz.3.11" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1396.276596][   T25] audit: type=1400 audit(1395.450:104): avc:  denied  { map } for  pid=3764 comm="syz.3.16" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1492.250936][   T25] audit: type=1400 audit(1491.290:105): avc:  denied  { setattr } for  pid=3820 comm="syz.3.27" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1691.079324][   T25] audit: type=1400 audit(1690.260:106): avc:  denied  { execute } for  pid=3936 comm="syz.3.49" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1877.132214][   T43] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1879.801847][   T43] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1881.152890][   T43] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1882.622558][   T43] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1897.332155][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1897.598461][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1897.736891][   T43] bond0 (unregistering): Released all slaves
[ 1899.270232][   T43] hsr_slave_0: left promiscuous mode
[ 1899.625410][   T43] hsr_slave_1: left promiscuous mode
[ 1900.579185][   T43] veth1_macvtap: left promiscuous mode
[ 1900.624792][   T43] veth0_macvtap: left promiscuous mode
[ 1900.636665][   T43] veth1_vlan: left promiscuous mode
[ 1900.658612][   T43] veth0_vlan: left promiscuous mode
[ 1931.491627][   T43] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1932.918206][   T43] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1934.297183][   T43] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1935.470811][   T43] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1953.659409][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1953.896368][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1953.960513][   T43] bond0 (unregistering): Released all slaves
[ 1954.894240][   T43] hsr_slave_0: left promiscuous mode
[ 1954.942582][   T43] hsr_slave_1: left promiscuous mode
[ 1955.459376][   T43] veth1_macvtap: left promiscuous mode
[ 1955.474620][   T43] veth0_macvtap: left promiscuous mode
[ 1955.479055][   T43] veth1_vlan: left promiscuous mode
[ 1955.490024][   T43] veth0_vlan: left promiscuous mode
[ 2006.356210][ T4037] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2006.611313][ T4037] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2010.587169][ T4041] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2010.980803][ T4041] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2033.406600][ T4037] hsr_slave_0: entered promiscuous mode
[ 2033.519027][ T4037] hsr_slave_1: entered promiscuous mode
[ 2039.510897][ T4041] hsr_slave_0: entered promiscuous mode
[ 2039.628838][ T4041] hsr_slave_1: entered promiscuous mode
[ 2039.672805][ T4041] debugfs: 'hsr0' already exists in 'hsr'
[ 2039.697557][ T4041] Cannot create hsr debugfs directory
[ 2057.532361][ T4037] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2058.176601][ T4037] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2058.907854][ T4037] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2060.275695][ T4037] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2064.929777][ T4041] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2065.517630][ T4041] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2066.081488][ T4041] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2066.538297][ T4041] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2090.682333][ T4037] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2098.509132][ T4041] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2242.573659][ T4037] veth0_vlan: entered promiscuous mode
[ 2244.036048][ T4037] veth1_vlan: entered promiscuous mode
[ 2249.302298][ T4037] veth0_macvtap: entered promiscuous mode
[ 2251.156046][ T4037] veth1_macvtap: entered promiscuous mode
[ 2251.391655][ T4041] veth0_vlan: entered promiscuous mode
[ 2253.629213][ T4041] veth1_vlan: entered promiscuous mode
[ 2257.009729][   T43] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2257.066105][   T43] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2257.077468][ T3589] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2257.108027][ T4054] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2260.569650][ T4041] veth0_macvtap: entered promiscuous mode
[ 2261.840600][ T4041] veth1_macvtap: entered promiscuous mode
[ 2264.062255][   T25] audit: type=1400 audit(2263.250:107): avc:  denied  { unmount } for  pid=4037 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 2266.472306][ T3589] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2266.588448][ T4192] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2266.704569][ T4192] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2266.792052][ T4192] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2757.020089][ T3386] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2759.465512][ T3386] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2761.491662][ T3386] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2763.919012][ T3386] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2796.650504][ T3386] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2797.207506][ T3386] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2797.521137][ T3386] bond0 (unregistering): Released all slaves
[ 2800.396134][ T3386] hsr_slave_0: left promiscuous mode
[ 2800.545114][ T3386] hsr_slave_1: left promiscuous mode
[ 2801.922699][ T3386] veth1_macvtap: left promiscuous mode
[ 2801.935694][ T3386] veth0_macvtap: left promiscuous mode
[ 2801.958692][ T3386] veth1_vlan: left promiscuous mode
[ 2802.007172][ T3386] veth0_vlan: left promiscuous mode
[ 2930.116699][ T4510] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2930.551261][ T4510] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2982.288434][ T4510] hsr_slave_0: entered promiscuous mode
[ 2982.358751][ T4510] hsr_slave_1: entered promiscuous mode
[ 2982.510102][ T4510] debugfs: 'hsr0' already exists in 'hsr'
[ 2982.544276][ T4510] Cannot create hsr debugfs directory
[ 3006.582326][   T25] audit: type=1400 audit(3005.770:108): avc:  denied  { create } for  pid=4622 comm="syz.4.125" anonclass=[kvm-gmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 3007.744598][   T25] audit: type=1400 audit(3006.900:109): avc:  denied  { map } for  pid=4622 comm="syz.4.125" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=13957 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 3007.935678][   T25] audit: type=1400 audit(3007.120:110): avc:  denied  { read } for  pid=4622 comm="syz.4.125" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=13957 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 3013.111682][ T4510] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 3013.930760][ T4510] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 3014.552357][ T4510] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 3015.317601][ T4510] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 3062.791006][ T4510] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3266.616836][ T4510] veth0_vlan: entered promiscuous mode
[ 3268.490160][ T4510] veth1_vlan: entered promiscuous mode
[ 3273.954517][ T4510] veth0_macvtap: entered promiscuous mode
[ 3275.167346][ T4510] veth1_macvtap: entered promiscuous mode
[ 3280.778752][   T21] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3280.915101][   T21] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3281.076284][ T3589] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3281.109509][ T3589] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3605.028336][ T3589] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3607.956969][ T3589] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3610.429203][ T3589] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3612.696507][ T3589] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3641.345425][ T3589] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3641.732809][ T3589] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3642.056459][ T3589] bond0 (unregistering): Released all slaves
[ 3645.069955][ T3589] hsr_slave_0: left promiscuous mode
[ 3645.257800][ T3589] hsr_slave_1: left promiscuous mode
[ 3646.477127][ T3589] veth1_macvtap: left promiscuous mode
[ 3646.482587][ T3589] veth0_macvtap: left promiscuous mode
[ 3646.510147][ T3589] veth1_vlan: left promiscuous mode
[ 3646.566593][ T3589] veth0_vlan: left promiscuous mode
[ 3688.029901][ T3589] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3690.147012][ T3589] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3691.876827][ T3589] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3693.192483][ T3589] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3720.309218][ T3589] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3720.637298][ T3589] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3720.838482][ T3589] bond0 (unregistering): Released all slaves
[ 3722.797726][ T3589] hsr_slave_0: left promiscuous mode
[ 3722.952496][ T3589] hsr_slave_1: left promiscuous mode
[ 3723.724575][ T3589] veth1_macvtap: left promiscuous mode
[ 3723.728670][ T3589] veth0_macvtap: left promiscuous mode
[ 3723.752765][ T3589] veth1_vlan: left promiscuous mode
[ 3723.787746][ T3589] veth0_vlan: left promiscuous mode
[ 3796.688710][ T4891] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3797.174664][ T4891] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3803.261027][ T4897] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3803.776445][ T4897] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3833.809292][ T4891] hsr_slave_0: entered promiscuous mode
[ 3833.951067][ T4891] hsr_slave_1: entered promiscuous mode
[ 3841.747505][ T4897] hsr_slave_0: entered promiscuous mode
[ 3841.830144][ T4897] hsr_slave_1: entered promiscuous mode
[ 3841.927488][ T4897] debugfs: 'hsr0' already exists in 'hsr'
[ 3841.954520][ T4897] Cannot create hsr debugfs directory
[ 3866.978531][ T4891] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 3867.947225][ T4891] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 3868.568949][ T4891] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 3869.232575][ T4891] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 3876.969202][ T4897] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 3877.638402][ T4897] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 3878.259816][ T4897] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 3878.791247][ T4897] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 3913.510642][ T4891] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3923.357906][ T4897] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4110.888637][ T4891] veth0_vlan: entered promiscuous mode
[ 4112.680305][ T4891] veth1_vlan: entered promiscuous mode
[ 4117.838052][ T4891] veth0_macvtap: entered promiscuous mode
[ 4119.440293][ T4891] veth1_macvtap: entered promiscuous mode
[ 4123.996055][ T4897] veth0_vlan: entered promiscuous mode
[ 4127.156850][ T4897] veth1_vlan: entered promiscuous mode
[ 4129.148240][ T5049] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4129.557022][ T4518] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4129.865195][ T4518] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4129.897816][ T4518] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4136.471854][ T4897] veth0_macvtap: entered promiscuous mode
[ 4138.169771][ T4897] veth1_macvtap: entered promiscuous mode
[ 4145.571349][ T5044] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4145.572634][ T5044] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4145.696887][ T5044] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4145.697899][ T5044] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4793.198510][ T5326] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4793.895873][ T5326] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4812.487121][ T5333] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4813.079729][ T5333] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4855.609130][ T5326] hsr_slave_0: entered promiscuous mode
[ 4855.850077][ T5326] hsr_slave_1: entered promiscuous mode
[ 4856.026293][ T5326] debugfs: 'hsr0' already exists in 'hsr'
[ 4856.034567][ T5326] Cannot create hsr debugfs directory
[ 4877.671652][ T5333] hsr_slave_0: entered promiscuous mode
[ 4877.889818][ T5333] hsr_slave_1: entered promiscuous mode
[ 4878.008389][ T5333] debugfs: 'hsr0' already exists in 'hsr'
[ 4878.016155][ T5333] Cannot create hsr debugfs directory
[ 4911.499873][ T5326] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 4913.195382][ T5326] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 4917.121891][ T5326] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 4921.425598][ T5326] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 4951.789132][ T5333] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 4952.940796][ T5333] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 4954.450423][ T5333] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 4955.955159][ T5333] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 4997.080674][ T5326] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5019.980252][ T5333] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5032.357834][   T27] INFO: task syz.7.198:5314 blocked for more than 430 seconds.
[ 5032.386187][   T27]       Not tainted syzkaller #0
[ 5032.466875][   T27]       Blocked by coredump.
[ 5032.484193][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 5032.484867][   T27] task:syz.7.198       state:D stack:0     pid:5314  tgid:5313  ppid:4891   task_flags:0x40044c flags:0x00000011
[ 5032.486368][   T27] Call trace:
[ 5032.486853][   T27]  __switch_to+0x584/0xb00 (T)
[ 5032.488960][   T27]  __schedule+0x200c/0x3428
[ 5032.489509][   T27]  schedule+0xac/0x27c
[ 5032.489996][   T27]  schedule_timeout+0x68/0x1ec
[ 5032.490477][   T27]  do_wait_for_common+0x28c/0x440
[ 5032.490951][   T27]  wait_for_completion+0x44/0x5c
[ 5032.491401][   T27]  __synchronize_srcu+0x2a4/0x320
[ 5032.491918][   T27]  synchronize_srcu+0x3d0/0x4f8
[ 5032.685179][   T27]  __mmu_notifier_release+0x424/0x614
[ 5032.688132][   T27]  exit_mmap+0xbc/0xb8c
[ 5032.728408][   T27]  __mmput+0x10c/0x528
[ 5032.729149][   T27]  mmput+0x70/0xa8
[ 5032.729645][   T27]  exit_mm+0x158/0x248
[ 5032.730138][   T27]  do_exit+0x790/0x2378
[ 5032.730601][   T27]  do_group_exit+0x1d4/0x2ac
[ 5032.731096][   T27]  get_signal+0x1440/0x154c
[ 5032.731580][   T27]  arch_do_signal_or_restart+0x23c/0x4bac
[ 5032.732122][   T27]  exit_to_user_mode_loop+0x88/0x188
[ 5032.732595][   T27]  el0_svc+0x17c/0x238
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 5032.869545][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 5032.872437][   T27]  el0t_64_sync+0x198/0x19c
[ 5032.906452][   T27] 
[ 5032.906452][   T27] Showing all locks held in the system:
[ 5032.907112][   T27] 3 locks held by kworker/u4:0/12:
[ 5032.907710][   T27] 3 locks held by kworker/u4:1/21:
[ 5032.908126][   T27] 1 lock held by khungtaskd/27:
[ 5032.908478][   T27]  #0: ffff800087a86d08 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x0/0x44
[ 5032.911495][   T27] 1 lock held by syslogd/3129:
[ 5032.911889][   T27] 2 locks held by getty/3199:
[ 5032.912270][   T27]  #0: 74f000001242e8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 5033.115242][   T27]  #1: 8aff80008c80b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x308/0x1234
[ 5033.117330][   T27] 2 locks held by syz-executor/3333:
[ 5033.117675][   T27] 3 locks held by kworker/u4:8/3391:
[ 5033.118010][   T27] 3 locks held by kworker/u4:9/3589:
[ 5033.118335][   T27] 2 locks held by kworker/u4:2/3899:
[ 5033.118687][   T27] 2 locks held by kworker/u4:12/4893:
[ 5033.119027][   T27]  #0: 61f000000cc26948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a10
[ 5033.121039][   T27]  #1: ffff8000a2507c88 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a10
[ 5033.122726][   T27] 2 locks held by syz.8.197/5306:
[ 5033.296873][   T27] 2 locks held by kworker/u4:7/5336:
[ 5033.365153][   T27]  #0: 61f000000cc26948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a10
[ 5033.369281][   T27]  #1: ffff8000a1bb7c88 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a10
[ 5033.370999][   T27] 3 locks held by kworker/u4:13/5429:
[ 5033.371352][   T27] 1 lock held by modprobe/5457:
[ 5033.454556][   T27] 
[ 5033.456652][   T27] =============================================
[ 5033.456652][   T27] 
[ 5033.505945][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[ 5033.510456][   T27] CPU: 0 UID: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT 
[ 5033.512004][   T27] Hardware name: linux,dummy-virt (DT)
[ 5033.512973][   T27] Call trace:
[ 5033.513813][   T27]  show_stack+0x2c/0x3c (C)
[ 5033.514725][   T27]  __dump_stack+0x30/0x40
[ 5033.515710][   T27]  dump_stack_lvl+0x30/0x12c
[ 5033.516705][   T27]  dump_stack+0x1c/0x28
[ 5033.517600][   T27]  vpanic+0x1d4/0x4e4
[ 5033.518448][   T27]  vpanic+0x0/0x4e4
[ 5033.519269][   T27]  hung_task_panic+0x0/0x2c
[ 5033.520189][   T27]  kthread+0x794/0x99c
[ 5033.521075][   T27]  ret_from_fork+0x10/0x20
[ 5033.522857][   T27] Kernel Offset: disabled
[ 5033.523609][   T27] CPU features: 0x0000000,001a3005,fbe327a1,057ffe1f
[ 5033.524784][   T27] Memory Limit: none
[ 5033.526979][   T27] Rebooting in 86400 seconds..