last executing test programs:

38m40.331601161s ago: executing program 0 (id=94):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x5, 0xf7cf2a45ddd75114, 0x5000, 0x1000, &(0x7f0000c43000/0x1000)=nil})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bc2000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x10201, 0x2, 0xe000, 0x1000, &(0x7f0000fff000/0x1000)=nil})
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

38m35.373445436s ago: executing program 1 (id=95):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x0, 0x200000000000001}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x2, 0x9}}], 0x50}, 0x0, 0x0)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0xfffffffffffffffe, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r3, 0x4004ae8b, &(0x7f0000000240)={0x1000, "38fa6301b1ae3fc84221b71256d404b2a95f5daca2b2a4c0da0810a409c1a248dffd688e92aa05d8cf56a5dddc1b3ebd306752b5a61c009042667d3470460f99237893fa90e8d6b5bf7cd798d01519b0f605e2087f51bfded65ff12b8841a780b2b8d8e9d0e19b931d5a6bed540a7e2b1bafc90cf6b421e7edf15bfba4e5b0682342e8c0fec1b264181a28d3bcabc5339bab2aade97f809a991ccb7e89ad850cc7f869ec05c39bf1022a03afa304a2d68e4ec99c52df3ed3f1737def7d4450278527dcafc776046617f8909034abca0a971725e4040415c9aa2b9df5ea3bf4361e5b91c12546df22f6a14acdbb912bbabc1d130a55d0b34f61a1e72a41ae8a4cfd323fc26cff4430b1344b60851217da2768ae1f73a433d48a5471917c9a15b519a163f94497fb2e7d8785fc01370a3fc1e795ec30989070da34a81d7321467f05d367caf5429b93fcc5e52a46067f36d838be43d9375d9f08f4e4bbba9a1e2550d678cbf600e7bad83060e66c4aa41face62e038aa89d47504ce3f42d6f72869b1b847228935282a3e506592905a9cc4cc3a2ca4df99c19983ae5d2c609ebe0f967a1b0c6e81de41aa9268202237d37713631f85c9c034c6610bdf82f5fda6c28555d1c54d8cf94c973e1f4edef0f9a70fa0d33414796716c04511f316ccdcbf12eb697b4365147d2d59ab6050076bfc699edeaca8cc00720b2604885f6103b5bb9f5a4ac46188d56f58586b7f4d2da6f46a69ad243302d00206634bc9c4e9b78799e25a68691c2efcfc94344b9539085e4ecf39cd0969bcfb7554143fb47b8576b2553508b288fb69097608881f950f1870c8d17dcfb79403b8053206366b7313c3970f11800a0c1bf063a90bf4dc785ae821b7e9bc0c2c3e9d46aa80f93831d1575c1ad90806c9df529bf106b2da2edeed02a8e282394e8211976a0389fcd44dfbd32b223ae5c9670d3b5e7dfbae2e6db70200286c6f4440bd4aec4a9a330ef4a2001d9f83020a7d1fe1103ad8bf51cf16254d176c0bd86256e86da9d5733dc58bb0bf4f3acaf8c95d70ecaf7a069761cdca01635d0ea649d5323638b0d3eb83085f2ae667ec2312462034d28cc9f8924554883eb190901d4e403cb071b57024bf56e10d6aa472591b19adf87a7e5b29d5ea22abb4f3cee8cc4b47e38ef72eb16a511397cf28d3d1a8510d36eb504d66a757a2403db89319ebbd90f12cdf783314a798d5b0cadae8b9c0565373d8d20df5bad1524ed8af4325183d5a5756769e9a7c7b279ca3e4a48e6d6a2b24e546bb202a65a3d005ba046139de156eb337655b9c66d2abb2059cd4c5f7c1f6e78050322976a0fc3b7517a2c8e5005050ab85fa76721ea409f24a4f241f968c950161e4daaa9763f816d8ac62c8075332610a0648ae723f864a28c7f978b8469a4f77f220805910c44ea71679d18b6d899d117cda388331aea948a205646e1c27f75ea28e28eb1b3e4d3ee1c91632794f5f4e741aa215380e37ce2c8d2f2daa28c51107f36b6a747164b77b0e207ad529914683412d87b0221118943cab4f5f8b60bd8016f9dfa8313409d620a07e4aa10bdcc0f22c13c90317fb72572cde1ed3d3d2acb1cbdbd880dce15c058a2b4d2b607be050133a7e7dc59be75953c2835fb4b55dc4397491599f69f8a29d2e96ba6c09006523182cdb7ec38a69c1edba6dcba82e2d0a268a4fc5bd9216cc3e2d7a0b43f7414b06aaf847658b5bc4d9dcd8ab83a7a2502e2ad0488f90f9a508dece7658ce0fb3a2ae2dc76964ad697ae182015e1cbf2b30bb8e085bc031fcf2a52ae83b4b2d52cb4eea2b5bd274f7cd298be754138d0294f285ef66839e4ffea11b1c995eb02dabfd25ab6d200203fee1cb1e7573b1220e1100708ea68a36f4a0d7fe50d1c732a6256d4ab22857adaa816c8b5f1094a48a96667bf65ada755c234b1e791cbafd61cbdb538a2a1b032d48334351315920edb46910663baf07ae938f0893399dbf36704ae9e7fafa0df499a855466612fbd82e3d6691d72f4ce2c9b2112f06616c08ad652b37bb05d9887ed4211360b2b550d0cff55a711b5afecd22a0d05fc702caf165388f7df86a40170f77f0fec89399df4a4b7c7db8b62c30436735f022c9ecc20f74c6ed0b14d9fe2579967323a393b8683238a342b2c83e18e75cea7381d6e2b12aed11c7f3f3ea258b2a64c1de4f06b3f1de14c775582dc501e1ca859ba6aee4d03e8aa334dc93a28d0174095781a403fe47cfe809572152d524be223361845b3948882f327d9ee04ff0815210537a7414513c09e31b242e7e08394917e6294faf2dfbbf3881741a99b10745a61890091a4543304d7c7ca781c77bd36e58ebfc374ce35adca1c758a00086a4f833b7d50254f62b74d31e2aeee89783aaac0a4f560ade827eac7e3a7fa13600410449e16f01686b8424398aa0e2058cd67e63e8bb67b19de969c2a0f54d821b92db4bce4684850813b77b778b584112030217a4e632d5d18b498be508c50a39976b3661796d698a29ab945a2e8a0ba64bd07f372bcc9275306d35f9c11589e4aa1c26b87eccf3edf6216de579726bafc879474e197d39e9915220c958b9841ab3b676e77461282fbc039b09fb4b0127bc05bf6b7d62e53962fad932a0e1d3e952eeff9cb6f97a7511e798771b9b2dd42d5f3da5cfe6c623d70c971b7291853bee0a6c18a632bc4bbde9ac90a3f87124e1934e3b763a47572f3f479b1d05889dd17f695c7aedc72a5f7d89b5a971c7c94b2d90f2972abc93c6064fa979ff7d4c1e31027635b0d543de91e78ca38c6c33621cdf9d6b991c6b98cc578cebd23b266a8ae7744ef716b93c8cf8cb442edb4152032635b6318e82fcad5fc0bde16b4cea214f8e36cd5212c454fbad040f36664244c0519934734302a87fb56d8f4cb0f71c9064919cd7fd640d8fd6da10dc9caf9b715f37ecb56e2e0d30e5e6684b0f3997c392ca9735e005d1a5980f58dc5df775c5fbae617c4d09aa3914a07e6eb4bb646df19410b5a8019103c09f8b6565b045901a89d8c17e78fc1d23a1706cfc2324033f83e4ae4b7bf4d1a8fd3d1710d28cff3c4720d5f118518c29a227f1c8b685974c83362250ae50821cbfcb27bc0f65da92a5030d09a7ee5dd9a62ad3d81cb5a1a553c3349fbeea24bda1b34885224780a19431601dd552bc714daad2024bf225f9d2bed969d80563d94457a5a98f56771eb13251e36b03d598cbcac3c37519d8288aac5cf3561ad84ea9457505e8e470a589154fc0bf328f6b4e4a1f877a8c263f53019ff7674c332097731c133f5b054bdc433ac15726be85245c3c6f77fb69c7d3bce4d9259984cc4e377a4e01513ca9c59078c12991b6ae5d099273b92de73f5917eb95e89e0457aebc14ba852aab89be3685f615379ac4d629700f81d6fe0ed78db6b7afe6e186960d2025757a722cbcbdce4f9dacbe3a527157dac7597473ad7f5081f4b36b8764b34fadce65f104bf686f954b8783230e93b48a9aff02819c1f881ef140657974d3fef1375a6b619c19f70bac45f5974f36ef369f9e5036e4507d2df771f35069bedfc3959a2d9c342a0608992fa080deccf58728e8b2f1fc886ca160f4c98f1a93941ef1160c7f534740130995b4524e16819346fb6aa6565e591e62a6cf32f7ba7d71944a2991d87f6d28c3cec91ef2d29986ae16df5442f2fc674e4ff1f2b3ffad8e729e211ff9524fe176756a42bda974647f50df737727a33d16253ebabd937fd4c8898f7073dc6afe3e685371e6eb7d1bc7259f3d168623ea03a51e64e5b2b62fab033635fb9cfbe4c4e0ccc7fee10c69cd390d3cc3e2add4114334cd833edf4f509d4512d519bc6a3c3dc81bf5d367fb122c679525651061264f4822be640964d03b098c5a5d9df11b0e6406f9d1c022154a89ef564a5562f07deef2d46647c1c39edaa767ba41957f739b95886b8786492cd6a0d2567ab4591b3c504c068904ecf37b5804f982048fbede7fa9fe6bb0d492cb503297d6ff0d2e53660586abb3dac7ad0ee7c66c3e711f180cedc9bcc973ca340c40a1d9453e37a80d76a88c18ed2525909694e6677b23e8bdbd87c312a85ac6bbcc5655a5fc5eb4038832bf5d58e0065888b6e8627fa5908cf4cd1aea50fec8e28213c3d23a6188fae502feac76cc717b7041478b10b22a42c112122e1b14cb09f2e066117e59ad0aff793f1dbb09e2d2cd3ca3d765d7e191d715b2887d37dcae3ac0bfa508408566c81a8dfd25bdb615cbbb6b25a8b1142e4c2e738b4bde49e11a01153dd80c950a0419f7359c8767369d1499f30fbea841742c311f2b38028816b84c4648eafb0048c80945ec4a31861941fbb63bec4e3af3f09123f3ff7507778d188344e5284343a8ffa30b3004577a2993834502c5a29ce4cd4b523b0e815f64f453a0647f81cbbd9d4253a156682656aa6264deb886da7c3fa4f190272218f336475c34a2f3515196c428a4ca29f30c795f4bb0a0f22a19c60658b3965cb6e1d55b093ed88837724ebf348a809151ef3c879103808bdd8e89acc34610b46e7cb895cb02a4de426ea084cc3c34c46c32c1ec96e89c6ab463ddbe7e8a8d5a0a7069c9fc94829f3546fa7b020cb8407a95beee0d5bb27c5245265512c4fadcabff956edac725f9d0f24e2e8e7204358e05e5da2ea4c483eb1073c47ea9c42b293ae8bb36447c3b80437b81ac605ad7a1d322787410f6f0e3b0c32b7253df56fb39a31205840efcaefd65615f0d7bcf65157e3381a8ec121503cb04ed951f5aa1df9c940123f5aa18d4a680da3cd2663b90fa73d74bf9f7fd4333d67f2a5228ce910b037da13f048d53712c987cf82c1baaf7b6062ab45cf1bd026b56f4050cb1da0b768d9f16a688d5dd90ddf5b27e231310466a213bc651e43bb2797886d1432b347acf39010734599776c1f8d6a74944e433b9b3c06266157148df82f7f11ab1d8be3b4afc249d73c1269e74d30610e2e2d96f8d11876c40315b69daef3a544e67f95f9646a77f40f1ad1184306b1df37ab610f519e70bf3206933598bf725f4276423cbbfc3fd2a2e3ece518c8167cd025e8327e6435132cbf8c9791e859851782ab90987cf0b71adf8e92879ab02666f5bd319a25b1b2278b13fa8fe85d07a43563016a2f03c1c49579c54cbac7f4bc2ac42b97569d659f3c1b8ecb4f92e87e7435ed25c42bff6992020a0b07b6aba5736efbbec22f51e87651c0d847fa9342e3cab3e7df7f5e1601d9b5b4b7f36555d40794341a38b46113fcbdc8711e31776c0aad9b30773ef368f53dfe0bd27ed8d995977bfeb7363fe9906e91aff9a7f9c30785cb711b3fcd9a9fda9bceb0d8411247edc4d163e537a19ea34c189f7e63dfc18481548f9ab0f65d5fa6c311990d608fcd012142608fdb4e332489ee7d69935c8b5d35c45bc87eca5681de839e7d0be5cb0266437cad89cb94bbb86f1d1970ee315c72b9a4bbdde0571c9992b574f75767b75ea0431c6c0bdd3f5159aa7c53a22f903735d6941073333ee7c9bc65461fb04aa9e00bfd0b801608ff4e7680708f0cee505ad41eba03213c456cc40f05b6455c3300383220b740007bba51ddc5cbafeb88b106a8fe67287dce9851777afe58740930bc0f64da2bab5fd4ec2e95e747eed5a8831d6fb6cae32c2b2dd9b5e1ca4d1a04ab7c5a5b9a5f8bf4e22f10b4a887c4d4ee48097160f05369a9235926b2ca9a8dec668209df2a67eb5190a9ec38582d5ec1bf4581f9cb2f4ad183ca81d540e673d355d78ee6ccbaf5c4e0b95320dd7466"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

38m30.83304012s ago: executing program 0 (id=96):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r3, 0x4068aea3, &(0x7f0000000000)={0xef, 0x0, 0x7})
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@mrs={0xbe, 0x18, {0x603000000013c807}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x9, 0x110, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000002000/0x2000)=nil, 0x930, 0x2000003, 0x4120932, 0xffffffffffffffff, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x30)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_RUN(r7, 0x8000ae8c, 0x0)
ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x2c)

38m27.312985132s ago: executing program 1 (id=97):
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil)
r0 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r2, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000d6c000/0x1000)=nil, 0x0, 0x4, 0x30, 0xffffffffffffffff, 0x0)

38m24.739554556s ago: executing program 0 (id=98):
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0)
r0 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000f43000/0x2000)=nil, 0x0, 0x100000c, 0x40010, r1, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x88)
r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
syz_kvm_setup_cpu$arm64(r3, r5, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000002c0)=[@hvc={0x32, 0x40, {0x84000008, [0x8000000000000001, 0x1, 0x5, 0x1]}}, @eret={0xe6, 0x18, 0xb15}, @svc={0x122, 0x40, {0x0, [0x6, 0xb, 0x0, 0x9, 0x7]}}, @smc={0x1e, 0x40, {0xb5000003, [0x9, 0x2, 0x1, 0x3ff, 0x8]}}, @msr={0x14, 0x20, {0x603000000013c015, 0xb77}}, @mrs={0xbe, 0x18, {0x603000000013c522}}, @irq_setup={0x46, 0x18, {0x0, 0x57}}, @smc={0x1e, 0x40, {0x8, [0x800, 0x3, 0x1ff, 0x6, 0x3]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x90, 0x1ff, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x0, 0xb, 0x1, 0x5, 0x1}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x3b}}, @its_send_cmd={0xaa, 0x28, {0x0, 0x1, 0x3, 0xc, 0x7, 0x7, 0x2}}, @eret={0xe6, 0x18, 0x8}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x2, 0x8, 0x9}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x4, 0x5, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x2, 0xc, 0x6, 0x4, 0x3}}, @msr={0x14, 0x20, {0x603000000013e088, 0x6}}, @hvc={0x32, 0x40, {0xc4000011, [0x2, 0x8000000000000001, 0xe, 0x2, 0x5]}}, @svc={0x122, 0x40, {0x84000013, [0x1, 0x9, 0x5, 0x0, 0xffffffffffffffc0]}}, @irq_setup={0x46, 0x18, {0x2, 0x2f8}}], 0x360}], 0x1, 0x0, &(0x7f0000000140)=[@featur2={0x1, 0x12}], 0x1)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r7, 0x4068aea3, &(0x7f00000000c0))
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x8400000e, [0x99b, 0x100000003, 0x5, 0xff, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
r10 = openat$kvm(0x0, &(0x7f0000000080), 0x8600, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000180)={0x8, <r12=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x90, &(0x7f0000000000)=0x10001})
ioctl$KVM_RUN(r9, 0xae80, 0x0)

38m21.89655392s ago: executing program 1 (id=99):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000000000)={0x3, 0xa3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x4, 0x220)
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f0000000040)=[@msr={0x14, 0x20, {0x603000000013c65f, 0x8001}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

38m14.329783221s ago: executing program 0 (id=100):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x302, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31) (async)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil})
r4 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xeeef0000, 0x0, r4})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x6, 0x0, 0x0, r4, 0x4})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
ioctl$KVM_SIGNAL_MSI(r7, 0x4020aea5, &(0x7f0000000040)={0xffff1000, 0xfec00000, 0xffff, 0x0, 0x8000}) (async)
ioctl$KVM_SIGNAL_MSI(r7, 0x4020aea5, &(0x7f0000000040)={0xffff1000, 0xfec00000, 0xffff, 0x0, 0x8000})
r8 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, <r9=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r9, 0x400454d0, 0x77) (async)
ioctl$KVM_CREATE_VM(r9, 0x400454d0, 0x77)

38m9.682804233s ago: executing program 1 (id=101):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x0, 0x200000000000001}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x2, 0x9}}], 0x50}, 0x0, 0x0)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0xfffffffffffffffe, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r3, 0x4004ae8b, &(0x7f0000000240)={0x1000, "38fa6301b1ae3fc84221b71256d404b2a95f5daca2b2a4c0da0810a409c1a248dffd688e92aa05d8cf56a5dddc1b3ebd306752b5a61c009042667d3470460f99237893fa90e8d6b5bf7cd798d01519b0f605e2087f51bfded65ff12b8841a780b2b8d8e9d0e19b931d5a6bed540a7e2b1bafc90cf6b421e7edf15bfba4e5b0682342e8c0fec1b264181a28d3bcabc5339bab2aade97f809a991ccb7e89ad850cc7f869ec05c39bf1022a03afa304a2d68e4ec99c52df3ed3f1737def7d4450278527dcafc776046617f8909034abca0a971725e4040415c9aa2b9df5ea3bf4361e5b91c12546df22f6a14acdbb912bbabc1d130a55d0b34f61a1e72a41ae8a4cfd323fc26cff4430b1344b60851217da2768ae1f73a433d48a5471917c9a15b519a163f94497fb2e7d8785fc01370a3fc1e795ec30989070da34a81d7321467f05d367caf5429b93fcc5e52a46067f36d838be43d9375d9f08f4e4bbba9a1e2550d678cbf600e7bad83060e66c4aa41face62e038aa89d47504ce3f42d6f72869b1b847228935282a3e506592905a9cc4cc3a2ca4df99c19983ae5d2c609ebe0f967a1b0c6e81de41aa9268202237d37713631f85c9c034c6610bdf82f5fda6c28555d1c54d8cf94c973e1f4edef0f9a70fa0d33414796716c04511f316ccdcbf12eb697b4365147d2d59ab6050076bfc699edeaca8cc00720b2604885f6103b5bb9f5a4ac46188d56f58586b7f4d2da6f46a69ad243302d00206634bc9c4e9b78799e25a68691c2efcfc94344b9539085e4ecf39cd0969bcfb7554143fb47b8576b2553508b288fb69097608881f950f1870c8d17dcfb79403b8053206366b7313c3970f11800a0c1bf063a90bf4dc785ae821b7e9bc0c2c3e9d46aa80f93831d1575c1ad90806c9df529bf106b2da2edeed02a8e282394e8211976a0389fcd44dfbd32b223ae5c9670d3b5e7dfbae2e6db70200286c6f4440bd4aec4a9a330ef4a2001d9f83020a7d1fe1103ad8bf51cf16254d176c0bd86256e86da9d5733dc58bb0bf4f3acaf8c95d70ecaf7a069761cdca01635d0ea649d5323638b0d3eb83085f2ae667ec2312462034d28cc9f8924554883eb190901d4e403cb071b57024bf56e10d6aa472591b19adf87a7e5b29d5ea22abb4f3cee8cc4b47e38ef72eb16a511397cf28d3d1a8510d36eb504d66a757a2403db89319ebbd90f12cdf783314a798d5b0cadae8b9c0565373d8d20df5bad1524ed8af4325183d5a5756769e9a7c7b279ca3e4a48e6d6a2b24e546bb202a65a3d005ba046139de156eb337655b9c66d2abb2059cd4c5f7c1f6e78050322976a0fc3b7517a2c8e5005050ab85fa76721ea409f24a4f241f968c950161e4daaa9763f816d8ac62c8075332610a0648ae723f864a28c7f978b8469a4f77f220805910c44ea71679d18b6d899d117cda388331aea948a205646e1c27f75ea28e28eb1b3e4d3ee1c91632794f5f4e741aa215380e37ce2c8d2f2daa28c51107f36b6a747164b77b0e207ad529914683412d87b0221118943cab4f5f8b60bd8016f9dfa8313409d620a07e4aa10bdcc0f22c13c90317fb72572cde1ed3d3d2acb1cbdbd880dce15c058a2b4d2b607be050133a7e7dc59be75953c2835fb4b55dc4397491599f69f8a29d2e96ba6c09006523182cdb7ec38a69c1edba6dcba82e2d0a268a4fc5bd9216cc3e2d7a0b43f7414b06aaf847658b5bc4d9dcd8ab83a7a2502e2ad0488f90f9a508dece7658ce0fb3a2ae2dc76964ad697ae182015e1cbf2b30bb8e085bc031fcf2a52ae83b4b2d52cb4eea2b5bd274f7cd298be754138d0294f285ef66839e4ffea11b1c995eb02dabfd25ab6d200203fee1cb1e7573b1220e1100708ea68a36f4a0d7fe50d1c732a6256d4ab22857adaa816c8b5f1094a48a96667bf65ada755c234b1e791cbafd61cbdb538a2a1b032d48334351315920edb46910663baf07ae938f0893399dbf36704ae9e7fafa0df499a855466612fbd82e3d6691d72f4ce2c9b2112f06616c08ad652b37bb05d9887ed4211360b2b550d0cff55a711b5afecd22a0d05fc702caf165388f7df86a40170f77f0fec89399df4a4b7c7db8b62c30436735f022c9ecc20f74c6ed0b14d9fe2579967323a393b8683238a342b2c83e18e75cea7381d6e2b12aed11c7f3f3ea258b2a64c1de4f06b3f1de14c775582dc501e1ca859ba6aee4d03e8aa334dc93a28d0174095781a403fe47cfe809572152d524be223361845b3948882f327d9ee04ff0815210537a7414513c09e31b242e7e08394917e6294faf2dfbbf3881741a99b10745a61890091a4543304d7c7ca781c77bd36e58ebfc374ce35adca1c758a00086a4f833b7d50254f62b74d31e2aeee89783aaac0a4f560ade827eac7e3a7fa13600410449e16f01686b8424398aa0e2058cd67e63e8bb67b19de969c2a0f54d821b92db4bce4684850813b77b778b584112030217a4e632d5d18b498be508c50a39976b3661796d698a29ab945a2e8a0ba64bd07f372bcc9275306d35f9c11589e4aa1c26b87eccf3edf6216de579726bafc879474e197d39e9915220c958b9841ab3b676e77461282fbc039b09fb4b0127bc05bf6b7d62e53962fad932a0e1d3e952eeff9cb6f97a7511e798771b9b2dd42d5f3da5cfe6c623d70c971b7291853bee0a6c18a632bc4bbde9ac90a3f87124e1934e3b763a47572f3f479b1d05889dd17f695c7aedc72a5f7d89b5a971c7c94b2d90f2972abc93c6064fa979ff7d4c1e31027635b0d543de91e78ca38c6c33621cdf9d6b991c6b98cc578cebd23b266a8ae7744ef716b93c8cf8cb442edb4152032635b6318e82fcad5fc0bde16b4cea214f8e36cd5212c454fbad040f36664244c0519934734302a87fb56d8f4cb0f71c9064919cd7fd640d8fd6da10dc9caf9b715f37ecb56e2e0d30e5e6684b0f3997c392ca9735e005d1a5980f58dc5df775c5fbae617c4d09aa3914a07e6eb4bb646df19410b5a8019103c09f8b6565b045901a89d8c17e78fc1d23a1706cfc2324033f83e4ae4b7bf4d1a8fd3d1710d28cff3c4720d5f118518c29a227f1c8b685974c83362250ae50821cbfcb27bc0f65da92a5030d09a7ee5dd9a62ad3d81cb5a1a553c3349fbeea24bda1b34885224780a19431601dd552bc714daad2024bf225f9d2bed969d80563d94457a5a98f56771eb13251e36b03d598cbcac3c37519d8288aac5cf3561ad84ea9457505e8e470a589154fc0bf328f6b4e4a1f877a8c263f53019ff7674c332097731c133f5b054bdc433ac15726be85245c3c6f77fb69c7d3bce4d9259984cc4e377a4e01513ca9c59078c12991b6ae5d099273b92de73f5917eb95e89e0457aebc14ba852aab89be3685f615379ac4d629700f81d6fe0ed78db6b7afe6e186960d2025757a722cbcbdce4f9dacbe3a527157dac7597473ad7f5081f4b36b8764b34fadce65f104bf686f954b8783230e93b48a9aff02819c1f881ef140657974d3fef1375a6b619c19f70bac45f5974f36ef369f9e5036e4507d2df771f35069bedfc3959a2d9c342a0608992fa080deccf58728e8b2f1fc886ca160f4c98f1a93941ef1160c7f534740130995b4524e16819346fb6aa6565e591e62a6cf32f7ba7d71944a2991d87f6d28c3cec91ef2d29986ae16df5442f2fc674e4ff1f2b3ffad8e729e211ff9524fe176756a42bda974647f50df737727a33d16253ebabd937fd4c8898f7073dc6afe3e685371e6eb7d1bc7259f3d168623ea03a51e64e5b2b62fab033635fb9cfbe4c4e0ccc7fee10c69cd390d3cc3e2add4114334cd833edf4f509d4512d519bc6a3c3dc81bf5d367fb122c679525651061264f4822be640964d03b098c5a5d9df11b0e6406f9d1c022154a89ef564a5562f07deef2d46647c1c39edaa767ba41957f739b95886b8786492cd6a0d2567ab4591b3c504c068904ecf37b5804f982048fbede7fa9fe6bb0d492cb503297d6ff0d2e53660586abb3dac7ad0ee7c66c3e711f180cedc9bcc973ca340c40a1d9453e37a80d76a88c18ed2525909694e6677b23e8bdbd87c312a85ac6bbcc5655a5fc5eb4038832bf5d58e0065888b6e8627fa5908cf4cd1aea50fec8e28213c3d23a6188fae502feac76cc717b7041478b10b22a42c112122e1b14cb09f2e066117e59ad0aff793f1dbb09e2d2cd3ca3d765d7e191d715b2887d37dcae3ac0bfa508408566c81a8dfd25bdb615cbbb6b25a8b1142e4c2e738b4bde49e11a01153dd80c950a0419f7359c8767369d1499f30fbea841742c311f2b38028816b84c4648eafb0048c80945ec4a31861941fbb63bec4e3af3f09123f3ff7507778d188344e5284343a8ffa30b3004577a2993834502c5a29ce4cd4b523b0e815f64f453a0647f81cbbd9d4253a156682656aa6264deb886da7c3fa4f190272218f336475c34a2f3515196c428a4ca29f30c795f4bb0a0f22a19c60658b3965cb6e1d55b093ed88837724ebf348a809151ef3c879103808bdd8e89acc34610b46e7cb895cb02a4de426ea084cc3c34c46c32c1ec96e89c6ab463ddbe7e8a8d5a0a7069c9fc94829f3546fa7b020cb8407a95beee0d5bb27c5245265512c4fadcabff956edac725f9d0f24e2e8e7204358e05e5da2ea4c483eb1073c47ea9c42b293ae8bb36447c3b80437b81ac605ad7a1d322787410f6f0e3b0c32b7253df56fb39a31205840efcaefd65615f0d7bcf65157e3381a8ec121503cb04ed951f5aa1df9c940123f5aa18d4a680da3cd2663b90fa73d74bf9f7fd4333d67f2a5228ce910b037da13f048d53712c987cf82c1baaf7b6062ab45cf1bd026b56f4050cb1da0b768d9f16a688d5dd90ddf5b27e231310466a213bc651e43bb2797886d1432b347acf39010734599776c1f8d6a74944e433b9b3c06266157148df82f7f11ab1d8be3b4afc249d73c1269e74d30610e2e2d96f8d11876c40315b69daef3a544e67f95f9646a77f40f1ad1184306b1df37ab610f519e70bf3206933598bf725f4276423cbbfc3fd2a2e3ece518c8167cd025e8327e6435132cbf8c9791e859851782ab90987cf0b71adf8e92879ab02666f5bd319a25b1b2278b13fa8fe85d07a43563016a2f03c1c49579c54cbac7f4bc2ac42b97569d659f3c1b8ecb4f92e87e7435ed25c42bff6992020a0b07b6aba5736efbbec22f51e87651c0d847fa9342e3cab3e7df7f5e1601d9b5b4b7f36555d40794341a38b46113fcbdc8711e31776c0aad9b30773ef368f53dfe0bd27ed8d995977bfeb7363fe9906e91aff9a7f9c30785cb711b3fcd9a9fda9bceb0d8411247edc4d163e537a19ea34c189f7e63dfc18481548f9ab0f65d5fa6c311990d608fcd012142608fdb4e332489ee7d69935c8b5d35c45bc87eca5681de839e7d0be5cb0266437cad89cb94bbb86f1d1970ee315c72b9a4bbdde0571c9992b574f75767b75ea0431c6c0bdd3f5159aa7c53a22f903735d6941073333ee7c9bc65461fb04aa9e00bfd0b801608ff4e7680708f0cee505ad41eba03213c456cc40f05b6455c3300383220b740007bba51ddc5cbafeb88b106a8fe67287dce9851777afe58740930bc0f64da2bab5fd4ec2e95e747eed5a8831d6fb6cae32c2b2dd9b5e1ca4d1a04ab7c5a5b9a5f8bf4e22f10b4a887c4d4ee48097160f05369a9235926b2ca9a8dec668209df2a67eb5190a9ec38582d5ec1bf4581f9cb2f4ad183ca81d540e673d355d78ee6ccbaf5c4e0b95320dd7466"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

37m38.262060674s ago: executing program 1 (id=102):
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x0, 0x0, 0x110, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x5000008, 0x10, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, &(0x7f0000000040)}, &(0x7f0000000280)=[@featur1={0x1, 0xbb}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r1, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, r1, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x2000)=nil, r1, 0x1000003, 0x10010, 0xffffffffffffffff, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r7, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
munmap(&(0x7f0000d24000/0x2000)=nil, 0x2000)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000100)={0x0, &(0x7f0000000240)=[@hvc={0x32, 0x40, {0x84000050, [0x8000, 0xb4, 0x100, 0x6, 0x88]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r10, 0xae03, 0xaa)
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, r1, 0xf, 0x24132, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000d7f000/0x3000)=nil, 0x3000)

37m37.589763802s ago: executing program 0 (id=103):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = eventfd2(0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x6)
r4 = ioctl$KVM_CREATE_VM(r2, 0x40086602, 0x20000000)
r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bc2000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000040)="68d3d4a6759ba655d47872b6bf881ba5dbca1c84a0779749", 0x0, 0x18)
ioctl$KVM_CLEAR_DIRTY_LOG(r4, 0xc018aec0, &(0x7f0000000480)={0x10003, 0x380, 0x40, &(0x7f0000000080)=[0x3, 0x3, 0x4, 0xa94e, 0x5, 0x7, 0x7, 0x4, 0x1, 0x3, 0x0, 0x3, 0x173, 0x2ece, 0x0, 0xedb7, 0xffffffffffffffd5, 0x7, 0x8, 0x8, 0x47, 0xffffffffffffffff, 0x3, 0x9, 0x8, 0x2, 0x800, 0x2, 0x6, 0x7fffffff, 0xfffffffffffffffa, 0x9, 0x1, 0x7, 0x5, 0x0, 0x914, 0x9, 0xffffffffffff0001, 0x1, 0x3, 0x40000, 0x9, 0x2, 0x1, 0x7f, 0x10001, 0xe, 0x6, 0x5, 0x1, 0x5, 0x8000, 0x3, 0x200, 0xc, 0x209114be, 0x1, 0x8000000000000000, 0xffffffffffffffff, 0x6, 0x46b6, 0xddf, 0x6, 0x6, 0x0, 0x3ff, 0x8be, 0x8, 0x72f7a44b, 0x6, 0x7, 0x3, 0x10000000000e1, 0x1, 0x8000, 0x9, 0x0, 0x4, 0x5, 0x1, 0xffffffffffffffff, 0x0, 0x5, 0x3, 0x5, 0x3, 0x8000000000000000, 0xffffffffffffffff, 0xf, 0x8, 0x9, 0x81, 0x1, 0x8, 0x4, 0x5, 0x155, 0x4, 0x698, 0xffffffffffffffff, 0x7fffffffffffffff, 0xe8, 0xfffffffffffff001, 0x4e, 0x6000000000, 0x6, 0x1, 0x5, 0x2, 0x80, 0xb8a, 0xfffffffffffffffc, 0x5, 0x5, 0xb, 0x1, 0x5, 0x10, 0x2d32b7c, 0x4, 0x7fc, 0x6, 0x8000, 0x7f42, 0x7, 0x0, 0xe3e]})
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
r11 = syz_kvm_vgic_v3_setup(r8, 0x1, 0x240)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x8, <r12=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x1000000)
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x4, 0x3, 0x0})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

37m28.222377589s ago: executing program 1 (id=104):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r1, 0x4208ae9b, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0xffffffffffffffff)
r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x8000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0x80111500, 0x20000000)
close(r4)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0x3eafc4c3, 0x0, 0x0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x2)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x6, <r7=>0xffffffffffffffff})
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CLEAR_DIRTY_LOG(r9, 0xc018aec0, &(0x7f0000000040)={0x5, 0x100, 0x80, 0x0})
r10 = ioctl$KVM_CREATE_VM(r7, 0x894c, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r11 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x33)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000100)={0x4, <r12=>0xffffffffffffffff})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0xfffffffffffffc5e)
ioctl$KVM_SET_VCPU_EVENTS(r13, 0x4040aea0, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r13, 0x8040ae9f, &(0x7f0000000000)=@arm64)
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x1, 0x2, 0x0})
ioctl$KVM_CREATE_VCPU(r10, 0xb704, 0x0)

37m22.269604653s ago: executing program 0 (id=105):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
eventfd2(0xeffffffd, 0x801)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x58)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, 0x0)
r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, &(0x7f00000009c0)=[@hvc={0x32, 0x40, {0xc4000004, [0x4, 0xfffffffffffffffa, 0x8000000000000000, 0x427f, 0x400003]}}], 0x40}, &(0x7f0000000bc0)=[@featur2={0x1, 0x2c}], 0x1)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

36m41.323044362s ago: executing program 32 (id=104):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r1, 0x4208ae9b, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0xffffffffffffffff)
r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x8000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0x80111500, 0x20000000)
close(r4)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0x3eafc4c3, 0x0, 0x0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x2)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x6, <r7=>0xffffffffffffffff})
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CLEAR_DIRTY_LOG(r9, 0xc018aec0, &(0x7f0000000040)={0x5, 0x100, 0x80, 0x0})
r10 = ioctl$KVM_CREATE_VM(r7, 0x894c, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r11 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x33)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000100)={0x4, <r12=>0xffffffffffffffff})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0xfffffffffffffc5e)
ioctl$KVM_SET_VCPU_EVENTS(r13, 0x4040aea0, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r13, 0x8040ae9f, &(0x7f0000000000)=@arm64)
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x1, 0x2, 0x0})
ioctl$KVM_CREATE_VCPU(r10, 0xb704, 0x0)

36m35.223635275s ago: executing program 33 (id=105):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
eventfd2(0xeffffffd, 0x801)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x58)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, 0x0)
r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, &(0x7f00000009c0)=[@hvc={0x32, 0x40, {0xc4000004, [0x4, 0xfffffffffffffffa, 0x8000000000000000, 0x427f, 0x400003]}}], 0x40}, &(0x7f0000000bc0)=[@featur2={0x1, 0x2c}], 0x1)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

31m31.976999078s ago: executing program 2 (id=106):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x0, 0x200000000000001}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x2, 0x9}}], 0x50}, 0x0, 0x0)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0xfffffffffffffffe, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r3, 0x4004ae8b, &(0x7f0000000240)={0x1000, "38fa6301b1ae3fc84221b71256d404b2a95f5daca2b2a4c0da0810a409c1a248dffd688e92aa05d8cf56a5dddc1b3ebd306752b5a61c009042667d3470460f99237893fa90e8d6b5bf7cd798d01519b0f605e2087f51bfded65ff12b8841a780b2b8d8e9d0e19b931d5a6bed540a7e2b1bafc90cf6b421e7edf15bfba4e5b0682342e8c0fec1b264181a28d3bcabc5339bab2aade97f809a991ccb7e89ad850cc7f869ec05c39bf1022a03afa304a2d68e4ec99c52df3ed3f1737def7d4450278527dcafc776046617f8909034abca0a971725e4040415c9aa2b9df5ea3bf4361e5b91c12546df22f6a14acdbb912bbabc1d130a55d0b34f61a1e72a41ae8a4cfd323fc26cff4430b1344b60851217da2768ae1f73a433d48a5471917c9a15b519a163f94497fb2e7d8785fc01370a3fc1e795ec30989070da34a81d7321467f05d367caf5429b93fcc5e52a46067f36d838be43d9375d9f08f4e4bbba9a1e2550d678cbf600e7bad83060e66c4aa41face62e038aa89d47504ce3f42d6f72869b1b847228935282a3e506592905a9cc4cc3a2ca4df99c19983ae5d2c609ebe0f967a1b0c6e81de41aa9268202237d37713631f85c9c034c6610bdf82f5fda6c28555d1c54d8cf94c973e1f4edef0f9a70fa0d33414796716c04511f316ccdcbf12eb697b4365147d2d59ab6050076bfc699edeaca8cc00720b2604885f6103b5bb9f5a4ac46188d56f58586b7f4d2da6f46a69ad243302d00206634bc9c4e9b78799e25a68691c2efcfc94344b9539085e4ecf39cd0969bcfb7554143fb47b8576b2553508b288fb69097608881f950f1870c8d17dcfb79403b8053206366b7313c3970f11800a0c1bf063a90bf4dc785ae821b7e9bc0c2c3e9d46aa80f93831d1575c1ad90806c9df529bf106b2da2edeed02a8e282394e8211976a0389fcd44dfbd32b223ae5c9670d3b5e7dfbae2e6db70200286c6f4440bd4aec4a9a330ef4a2001d9f83020a7d1fe1103ad8bf51cf16254d176c0bd86256e86da9d5733dc58bb0bf4f3acaf8c95d70ecaf7a069761cdca01635d0ea649d5323638b0d3eb83085f2ae667ec2312462034d28cc9f8924554883eb190901d4e403cb071b57024bf56e10d6aa472591b19adf87a7e5b29d5ea22abb4f3cee8cc4b47e38ef72eb16a511397cf28d3d1a8510d36eb504d66a757a2403db89319ebbd90f12cdf783314a798d5b0cadae8b9c0565373d8d20df5bad1524ed8af4325183d5a5756769e9a7c7b279ca3e4a48e6d6a2b24e546bb202a65a3d005ba046139de156eb337655b9c66d2abb2059cd4c5f7c1f6e78050322976a0fc3b7517a2c8e5005050ab85fa76721ea409f24a4f241f968c950161e4daaa9763f816d8ac62c8075332610a0648ae723f864a28c7f978b8469a4f77f220805910c44ea71679d18b6d899d117cda388331aea948a205646e1c27f75ea28e28eb1b3e4d3ee1c91632794f5f4e741aa215380e37ce2c8d2f2daa28c51107f36b6a747164b77b0e207ad529914683412d87b0221118943cab4f5f8b60bd8016f9dfa8313409d620a07e4aa10bdcc0f22c13c90317fb72572cde1ed3d3d2acb1cbdbd880dce15c058a2b4d2b607be050133a7e7dc59be75953c2835fb4b55dc4397491599f69f8a29d2e96ba6c09006523182cdb7ec38a69c1edba6dcba82e2d0a268a4fc5bd9216cc3e2d7a0b43f7414b06aaf847658b5bc4d9dcd8ab83a7a2502e2ad0488f90f9a508dece7658ce0fb3a2ae2dc76964ad697ae182015e1cbf2b30bb8e085bc031fcf2a52ae83b4b2d52cb4eea2b5bd274f7cd298be754138d0294f285ef66839e4ffea11b1c995eb02dabfd25ab6d200203fee1cb1e7573b1220e1100708ea68a36f4a0d7fe50d1c732a6256d4ab22857adaa816c8b5f1094a48a96667bf65ada755c234b1e791cbafd61cbdb538a2a1b032d48334351315920edb46910663baf07ae938f0893399dbf36704ae9e7fafa0df499a855466612fbd82e3d6691d72f4ce2c9b2112f06616c08ad652b37bb05d9887ed4211360b2b550d0cff55a711b5afecd22a0d05fc702caf165388f7df86a40170f77f0fec89399df4a4b7c7db8b62c30436735f022c9ecc20f74c6ed0b14d9fe2579967323a393b8683238a342b2c83e18e75cea7381d6e2b12aed11c7f3f3ea258b2a64c1de4f06b3f1de14c775582dc501e1ca859ba6aee4d03e8aa334dc93a28d0174095781a403fe47cfe809572152d524be223361845b3948882f327d9ee04ff0815210537a7414513c09e31b242e7e08394917e6294faf2dfbbf3881741a99b10745a61890091a4543304d7c7ca781c77bd36e58ebfc374ce35adca1c758a00086a4f833b7d50254f62b74d31e2aeee89783aaac0a4f560ade827eac7e3a7fa13600410449e16f01686b8424398aa0e2058cd67e63e8bb67b19de969c2a0f54d821b92db4bce4684850813b77b778b584112030217a4e632d5d18b498be508c50a39976b3661796d698a29ab945a2e8a0ba64bd07f372bcc9275306d35f9c11589e4aa1c26b87eccf3edf6216de579726bafc879474e197d39e9915220c958b9841ab3b676e77461282fbc039b09fb4b0127bc05bf6b7d62e53962fad932a0e1d3e952eeff9cb6f97a7511e798771b9b2dd42d5f3da5cfe6c623d70c971b7291853bee0a6c18a632bc4bbde9ac90a3f87124e1934e3b763a47572f3f479b1d05889dd17f695c7aedc72a5f7d89b5a971c7c94b2d90f2972abc93c6064fa979ff7d4c1e31027635b0d543de91e78ca38c6c33621cdf9d6b991c6b98cc578cebd23b266a8ae7744ef716b93c8cf8cb442edb4152032635b6318e82fcad5fc0bde16b4cea214f8e36cd5212c454fbad040f36664244c0519934734302a87fb56d8f4cb0f71c9064919cd7fd640d8fd6da10dc9caf9b715f37ecb56e2e0d30e5e6684b0f3997c392ca9735e005d1a5980f58dc5df775c5fbae617c4d09aa3914a07e6eb4bb646df19410b5a8019103c09f8b6565b045901a89d8c17e78fc1d23a1706cfc2324033f83e4ae4b7bf4d1a8fd3d1710d28cff3c4720d5f118518c29a227f1c8b685974c83362250ae50821cbfcb27bc0f65da92a5030d09a7ee5dd9a62ad3d81cb5a1a553c3349fbeea24bda1b34885224780a19431601dd552bc714daad2024bf225f9d2bed969d80563d94457a5a98f56771eb13251e36b03d598cbcac3c37519d8288aac5cf3561ad84ea9457505e8e470a589154fc0bf328f6b4e4a1f877a8c263f53019ff7674c332097731c133f5b054bdc433ac15726be85245c3c6f77fb69c7d3bce4d9259984cc4e377a4e01513ca9c59078c12991b6ae5d099273b92de73f5917eb95e89e0457aebc14ba852aab89be3685f615379ac4d629700f81d6fe0ed78db6b7afe6e186960d2025757a722cbcbdce4f9dacbe3a527157dac7597473ad7f5081f4b36b8764b34fadce65f104bf686f954b8783230e93b48a9aff02819c1f881ef140657974d3fef1375a6b619c19f70bac45f5974f36ef369f9e5036e4507d2df771f35069bedfc3959a2d9c342a0608992fa080deccf58728e8b2f1fc886ca160f4c98f1a93941ef1160c7f534740130995b4524e16819346fb6aa6565e591e62a6cf32f7ba7d71944a2991d87f6d28c3cec91ef2d29986ae16df5442f2fc674e4ff1f2b3ffad8e729e211ff9524fe176756a42bda974647f50df737727a33d16253ebabd937fd4c8898f7073dc6afe3e685371e6eb7d1bc7259f3d168623ea03a51e64e5b2b62fab033635fb9cfbe4c4e0ccc7fee10c69cd390d3cc3e2add4114334cd833edf4f509d4512d519bc6a3c3dc81bf5d367fb122c679525651061264f4822be640964d03b098c5a5d9df11b0e6406f9d1c022154a89ef564a5562f07deef2d46647c1c39edaa767ba41957f739b95886b8786492cd6a0d2567ab4591b3c504c068904ecf37b5804f982048fbede7fa9fe6bb0d492cb503297d6ff0d2e53660586abb3dac7ad0ee7c66c3e711f180cedc9bcc973ca340c40a1d9453e37a80d76a88c18ed2525909694e6677b23e8bdbd87c312a85ac6bbcc5655a5fc5eb4038832bf5d58e0065888b6e8627fa5908cf4cd1aea50fec8e28213c3d23a6188fae502feac76cc717b7041478b10b22a42c112122e1b14cb09f2e066117e59ad0aff793f1dbb09e2d2cd3ca3d765d7e191d715b2887d37dcae3ac0bfa508408566c81a8dfd25bdb615cbbb6b25a8b1142e4c2e738b4bde49e11a01153dd80c950a0419f7359c8767369d1499f30fbea841742c311f2b38028816b84c4648eafb0048c80945ec4a31861941fbb63bec4e3af3f09123f3ff7507778d188344e5284343a8ffa30b3004577a2993834502c5a29ce4cd4b523b0e815f64f453a0647f81cbbd9d4253a156682656aa6264deb886da7c3fa4f190272218f336475c34a2f3515196c428a4ca29f30c795f4bb0a0f22a19c60658b3965cb6e1d55b093ed88837724ebf348a809151ef3c879103808bdd8e89acc34610b46e7cb895cb02a4de426ea084cc3c34c46c32c1ec96e89c6ab463ddbe7e8a8d5a0a7069c9fc94829f3546fa7b020cb8407a95beee0d5bb27c5245265512c4fadcabff956edac725f9d0f24e2e8e7204358e05e5da2ea4c483eb1073c47ea9c42b293ae8bb36447c3b80437b81ac605ad7a1d322787410f6f0e3b0c32b7253df56fb39a31205840efcaefd65615f0d7bcf65157e3381a8ec121503cb04ed951f5aa1df9c940123f5aa18d4a680da3cd2663b90fa73d74bf9f7fd4333d67f2a5228ce910b037da13f048d53712c987cf82c1baaf7b6062ab45cf1bd026b56f4050cb1da0b768d9f16a688d5dd90ddf5b27e231310466a213bc651e43bb2797886d1432b347acf39010734599776c1f8d6a74944e433b9b3c06266157148df82f7f11ab1d8be3b4afc249d73c1269e74d30610e2e2d96f8d11876c40315b69daef3a544e67f95f9646a77f40f1ad1184306b1df37ab610f519e70bf3206933598bf725f4276423cbbfc3fd2a2e3ece518c8167cd025e8327e6435132cbf8c9791e859851782ab90987cf0b71adf8e92879ab02666f5bd319a25b1b2278b13fa8fe85d07a43563016a2f03c1c49579c54cbac7f4bc2ac42b97569d659f3c1b8ecb4f92e87e7435ed25c42bff6992020a0b07b6aba5736efbbec22f51e87651c0d847fa9342e3cab3e7df7f5e1601d9b5b4b7f36555d40794341a38b46113fcbdc8711e31776c0aad9b30773ef368f53dfe0bd27ed8d995977bfeb7363fe9906e91aff9a7f9c30785cb711b3fcd9a9fda9bceb0d8411247edc4d163e537a19ea34c189f7e63dfc18481548f9ab0f65d5fa6c311990d608fcd012142608fdb4e332489ee7d69935c8b5d35c45bc87eca5681de839e7d0be5cb0266437cad89cb94bbb86f1d1970ee315c72b9a4bbdde0571c9992b574f75767b75ea0431c6c0bdd3f5159aa7c53a22f903735d6941073333ee7c9bc65461fb04aa9e00bfd0b801608ff4e7680708f0cee505ad41eba03213c456cc40f05b6455c3300383220b740007bba51ddc5cbafeb88b106a8fe67287dce9851777afe58740930bc0f64da2bab5fd4ec2e95e747eed5a8831d6fb6cae32c2b2dd9b5e1ca4d1a04ab7c5a5b9a5f8bf4e22f10b4a887c4d4ee48097160f05369a9235926b2ca9a8dec668209df2a67eb5190a9ec38582d5ec1bf4581f9cb2f4ad183ca81d540e673d355d78ee6ccbaf5c4e0b95320dd7466"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

31m19.723848734s ago: executing program 2 (id=108):
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x200, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010003c, &(0x7f0000000140)=0x7})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) (async)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r4 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x10010, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)

31m19.452414193s ago: executing program 3 (id=107):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0)
ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, &(0x7f00000000c0)={0x1, 0xa546})
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_GET_STATS_FD_cpu(r4, 0xaece)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0x86000001, [0x80000000000, 0x1, 0x2, 0x3, 0x4]}}, @hvc={0x32, 0x40, {0x84000050, [0x2, 0x1, 0x2, 0x3, 0x3]}}], 0x80}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r10 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000100)={0x7, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0})
r12 = eventfd2(0x3ff, 0x0)
ioctl$KVM_IRQFD(r10, 0x4020ae76, &(0x7f0000000000)={r12, 0x6, 0x2, r12})
ioctl$KVM_IRQFD(r10, 0x4020ae76, &(0x7f0000000140)={r12, 0x5, 0x1})
r13 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x109001, 0x0)
close(r1)

30m32.811833845s ago: executing program 34 (id=108):
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x200, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010003c, &(0x7f0000000140)=0x7})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) (async)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r4 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x10010, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)

30m26.064784235s ago: executing program 35 (id=107):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0)
ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, &(0x7f00000000c0)={0x1, 0xa546})
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_GET_STATS_FD_cpu(r4, 0xaece)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0x86000001, [0x80000000000, 0x1, 0x2, 0x3, 0x4]}}, @hvc={0x32, 0x40, {0x84000050, [0x2, 0x1, 0x2, 0x3, 0x3]}}], 0x80}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r10 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000100)={0x7, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0})
r12 = eventfd2(0x3ff, 0x0)
ioctl$KVM_IRQFD(r10, 0x4020ae76, &(0x7f0000000000)={r12, 0x6, 0x2, r12})
ioctl$KVM_IRQFD(r10, 0x4020ae76, &(0x7f0000000140)={r12, 0x5, 0x1})
r13 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x109001, 0x0)
close(r1)

21m43.343344047s ago: executing program 5 (id=115):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r3, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0)
r5 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, 0xffffffffffffffff, 0x3})
ioctl$KVM_CREATE_VM(r5, 0x401c5820, 0x20000001)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000040)=@arm64_extra={0x603000000013c036, &(0x7f0000000100)=0x78b})
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
r12 = syz_kvm_add_vcpu$arm64(0x0, 0x0, &(0x7f0000000840)=[@featur1={0x1, 0xc7}], 0x1)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, r12, 0x0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
syz_kvm_setup_cpu$arm64(r10, r11, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
r13 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r15, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r16 = syz_kvm_vgic_v3_setup(r14, 0x1, 0x40)
ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f00000007c0)=@attr_arm64={0x0, 0x5, 0x3, &(0x7f0000000800)=0x428})

21m35.382568515s ago: executing program 4 (id=116):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180), &(0x7f0000000300)=[@featur2={0x1, 0x6d}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
close(0x4)
close(0x5)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x1)

21m20.585587134s ago: executing program 4 (id=117):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xc6fa) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000280)={0x14, 0xff, 0x1}}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8521, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil}) (async)
r8 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r9, 0x4018aee3, &(0x7f0000000000)=@attr_arm64={0x0, 0x8, 0x4, 0x0}) (async)
r10 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r10, r11, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0) (async)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x2e)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r13, r14, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x12}) (async)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r15, 0xae04) (async)
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000bfe000/0x400000)=nil) (async)
r16 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x11, r16, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)

21m17.922225957s ago: executing program 5 (id=118):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x0, 0x200000000000001}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x2, 0x9}}], 0x50}, 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0xfffffffffffffffe, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x240)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8})
ioctl$KVM_SET_SIGNAL_MASK(r5, 0x4004ae8b, &(0x7f0000000240)={0x1000, "38fa6301b1ae3fc84221b71256d404b2a95f5daca2b2a4c0da0810a409c1a248dffd688e92aa05d8cf56a5dddc1b3ebd306752b5a61c009042667d3470460f99237893fa90e8d6b5bf7cd798d01519b0f605e2087f51bfded65ff12b8841a780b2b8d8e9d0e19b931d5a6bed540a7e2b1bafc90cf6b421e7edf15bfba4e5b0682342e8c0fec1b264181a28d3bcabc5339bab2aade97f809a991ccb7e89ad850cc7f869ec05c39bf1022a03afa304a2d68e4ec99c52df3ed3f1737def7d4450278527dcafc776046617f8909034abca0a971725e4040415c9aa2b9df5ea3bf4361e5b91c12546df22f6a14acdbb912bbabc1d130a55d0b34f61a1e72a41ae8a4cfd323fc26cff4430b1344b60851217da2768ae1f73a433d48a5471917c9a15b519a163f94497fb2e7d8785fc01370a3fc1e795ec30989070da34a81d7321467f05d367caf5429b93fcc5e52a46067f36d838be43d9375d9f08f4e4bbba9a1e2550d678cbf600e7bad83060e66c4aa41face62e038aa89d47504ce3f42d6f72869b1b847228935282a3e506592905a9cc4cc3a2ca4df99c19983ae5d2c609ebe0f967a1b0c6e81de41aa9268202237d37713631f85c9c034c6610bdf82f5fda6c28555d1c54d8cf94c973e1f4edef0f9a70fa0d33414796716c04511f316ccdcbf12eb697b4365147d2d59ab6050076bfc699edeaca8cc00720b2604885f6103b5bb9f5a4ac46188d56f58586b7f4d2da6f46a69ad243302d00206634bc9c4e9b78799e25a68691c2efcfc94344b9539085e4ecf39cd0969bcfb7554143fb47b8576b2553508b288fb69097608881f950f1870c8d17dcfb79403b8053206366b7313c3970f11800a0c1bf063a90bf4dc785ae821b7e9bc0c2c3e9d46aa80f93831d1575c1ad90806c9df529bf106b2da2edeed02a8e282394e8211976a0389fcd44dfbd32b223ae5c9670d3b5e7dfbae2e6db70200286c6f4440bd4aec4a9a330ef4a2001d9f83020a7d1fe1103ad8bf51cf16254d176c0bd86256e86da9d5733dc58bb0bf4f3acaf8c95d70ecaf7a069761cdca01635d0ea649d5323638b0d3eb83085f2ae667ec2312462034d28cc9f8924554883eb190901d4e403cb071b57024bf56e10d6aa472591b19adf87a7e5b29d5ea22abb4f3cee8cc4b47e38ef72eb16a511397cf28d3d1a8510d36eb504d66a757a2403db89319ebbd90f12cdf783314a798d5b0cadae8b9c0565373d8d20df5bad1524ed8af4325183d5a5756769e9a7c7b279ca3e4a48e6d6a2b24e546bb202a65a3d005ba046139de156eb337655b9c66d2abb2059cd4c5f7c1f6e78050322976a0fc3b7517a2c8e5005050ab85fa76721ea409f24a4f241f968c950161e4daaa9763f816d8ac62c8075332610a0648ae723f864a28c7f978b8469a4f77f220805910c44ea71679d18b6d899d117cda388331aea948a205646e1c27f75ea28e28eb1b3e4d3ee1c91632794f5f4e741aa215380e37ce2c8d2f2daa28c51107f36b6a747164b77b0e207ad529914683412d87b0221118943cab4f5f8b60bd8016f9dfa8313409d620a07e4aa10bdcc0f22c13c90317fb72572cde1ed3d3d2acb1cbdbd880dce15c058a2b4d2b607be050133a7e7dc59be75953c2835fb4b55dc4397491599f69f8a29d2e96ba6c09006523182cdb7ec38a69c1edba6dcba82e2d0a268a4fc5bd9216cc3e2d7a0b43f7414b06aaf847658b5bc4d9dcd8ab83a7a2502e2ad0488f90f9a508dece7658ce0fb3a2ae2dc76964ad697ae182015e1cbf2b30bb8e085bc031fcf2a52ae83b4b2d52cb4eea2b5bd274f7cd298be754138d0294f285ef66839e4ffea11b1c995eb02dabfd25ab6d200203fee1cb1e7573b1220e1100708ea68a36f4a0d7fe50d1c732a6256d4ab22857adaa816c8b5f1094a48a96667bf65ada755c234b1e791cbafd61cbdb538a2a1b032d48334351315920edb46910663baf07ae938f0893399dbf36704ae9e7fafa0df499a855466612fbd82e3d6691d72f4ce2c9b2112f06616c08ad652b37bb05d9887ed4211360b2b550d0cff55a711b5afecd22a0d05fc702caf165388f7df86a40170f77f0fec89399df4a4b7c7db8b62c30436735f022c9ecc20f74c6ed0b14d9fe2579967323a393b8683238a342b2c83e18e75cea7381d6e2b12aed11c7f3f3ea258b2a64c1de4f06b3f1de14c775582dc501e1ca859ba6aee4d03e8aa334dc93a28d0174095781a403fe47cfe809572152d524be223361845b3948882f327d9ee04ff0815210537a7414513c09e31b242e7e08394917e6294faf2dfbbf3881741a99b10745a61890091a4543304d7c7ca781c77bd36e58ebfc374ce35adca1c758a00086a4f833b7d50254f62b74d31e2aeee89783aaac0a4f560ade827eac7e3a7fa13600410449e16f01686b8424398aa0e2058cd67e63e8bb67b19de969c2a0f54d821b92db4bce4684850813b77b778b584112030217a4e632d5d18b498be508c50a39976b3661796d698a29ab945a2e8a0ba64bd07f372bcc9275306d35f9c11589e4aa1c26b87eccf3edf6216de579726bafc879474e197d39e9915220c958b9841ab3b676e77461282fbc039b09fb4b0127bc05bf6b7d62e53962fad932a0e1d3e952eeff9cb6f97a7511e798771b9b2dd42d5f3da5cfe6c623d70c971b7291853bee0a6c18a632bc4bbde9ac90a3f87124e1934e3b763a47572f3f479b1d05889dd17f695c7aedc72a5f7d89b5a971c7c94b2d90f2972abc93c6064fa979ff7d4c1e31027635b0d543de91e78ca38c6c33621cdf9d6b991c6b98cc578cebd23b266a8ae7744ef716b93c8cf8cb442edb4152032635b6318e82fcad5fc0bde16b4cea214f8e36cd5212c454fbad040f36664244c0519934734302a87fb56d8f4cb0f71c9064919cd7fd640d8fd6da10dc9caf9b715f37ecb56e2e0d30e5e6684b0f3997c392ca9735e005d1a5980f58dc5df775c5fbae617c4d09aa3914a07e6eb4bb646df19410b5a8019103c09f8b6565b045901a89d8c17e78fc1d23a1706cfc2324033f83e4ae4b7bf4d1a8fd3d1710d28cff3c4720d5f118518c29a227f1c8b685974c83362250ae50821cbfcb27bc0f65da92a5030d09a7ee5dd9a62ad3d81cb5a1a553c3349fbeea24bda1b34885224780a19431601dd552bc714daad2024bf225f9d2bed969d80563d94457a5a98f56771eb13251e36b03d598cbcac3c37519d8288aac5cf3561ad84ea9457505e8e470a589154fc0bf328f6b4e4a1f877a8c263f53019ff7674c332097731c133f5b054bdc433ac15726be85245c3c6f77fb69c7d3bce4d9259984cc4e377a4e01513ca9c59078c12991b6ae5d099273b92de73f5917eb95e89e0457aebc14ba852aab89be3685f615379ac4d629700f81d6fe0ed78db6b7afe6e186960d2025757a722cbcbdce4f9dacbe3a527157dac7597473ad7f5081f4b36b8764b34fadce65f104bf686f954b8783230e93b48a9aff02819c1f881ef140657974d3fef1375a6b619c19f70bac45f5974f36ef369f9e5036e4507d2df771f35069bedfc3959a2d9c342a0608992fa080deccf58728e8b2f1fc886ca160f4c98f1a93941ef1160c7f534740130995b4524e16819346fb6aa6565e591e62a6cf32f7ba7d71944a2991d87f6d28c3cec91ef2d29986ae16df5442f2fc674e4ff1f2b3ffad8e729e211ff9524fe176756a42bda974647f50df737727a33d16253ebabd937fd4c8898f7073dc6afe3e685371e6eb7d1bc7259f3d168623ea03a51e64e5b2b62fab033635fb9cfbe4c4e0ccc7fee10c69cd390d3cc3e2add4114334cd833edf4f509d4512d519bc6a3c3dc81bf5d367fb122c679525651061264f4822be640964d03b098c5a5d9df11b0e6406f9d1c022154a89ef564a5562f07deef2d46647c1c39edaa767ba41957f739b95886b8786492cd6a0d2567ab4591b3c504c068904ecf37b5804f982048fbede7fa9fe6bb0d492cb503297d6ff0d2e53660586abb3dac7ad0ee7c66c3e711f180cedc9bcc973ca340c40a1d9453e37a80d76a88c18ed2525909694e6677b23e8bdbd87c312a85ac6bbcc5655a5fc5eb4038832bf5d58e0065888b6e8627fa5908cf4cd1aea50fec8e28213c3d23a6188fae502feac76cc717b7041478b10b22a42c112122e1b14cb09f2e066117e59ad0aff793f1dbb09e2d2cd3ca3d765d7e191d715b2887d37dcae3ac0bfa508408566c81a8dfd25bdb615cbbb6b25a8b1142e4c2e738b4bde49e11a01153dd80c950a0419f7359c8767369d1499f30fbea841742c311f2b38028816b84c4648eafb0048c80945ec4a31861941fbb63bec4e3af3f09123f3ff7507778d188344e5284343a8ffa30b3004577a2993834502c5a29ce4cd4b523b0e815f64f453a0647f81cbbd9d4253a156682656aa6264deb886da7c3fa4f190272218f336475c34a2f3515196c428a4ca29f30c795f4bb0a0f22a19c60658b3965cb6e1d55b093ed88837724ebf348a809151ef3c879103808bdd8e89acc34610b46e7cb895cb02a4de426ea084cc3c34c46c32c1ec96e89c6ab463ddbe7e8a8d5a0a7069c9fc94829f3546fa7b020cb8407a95beee0d5bb27c5245265512c4fadcabff956edac725f9d0f24e2e8e7204358e05e5da2ea4c483eb1073c47ea9c42b293ae8bb36447c3b80437b81ac605ad7a1d322787410f6f0e3b0c32b7253df56fb39a31205840efcaefd65615f0d7bcf65157e3381a8ec121503cb04ed951f5aa1df9c940123f5aa18d4a680da3cd2663b90fa73d74bf9f7fd4333d67f2a5228ce910b037da13f048d53712c987cf82c1baaf7b6062ab45cf1bd026b56f4050cb1da0b768d9f16a688d5dd90ddf5b27e231310466a213bc651e43bb2797886d1432b347acf39010734599776c1f8d6a74944e433b9b3c06266157148df82f7f11ab1d8be3b4afc249d73c1269e74d30610e2e2d96f8d11876c40315b69daef3a544e67f95f9646a77f40f1ad1184306b1df37ab610f519e70bf3206933598bf725f4276423cbbfc3fd2a2e3ece518c8167cd025e8327e6435132cbf8c9791e859851782ab90987cf0b71adf8e92879ab02666f5bd319a25b1b2278b13fa8fe85d07a43563016a2f03c1c49579c54cbac7f4bc2ac42b97569d659f3c1b8ecb4f92e87e7435ed25c42bff6992020a0b07b6aba5736efbbec22f51e87651c0d847fa9342e3cab3e7df7f5e1601d9b5b4b7f36555d40794341a38b46113fcbdc8711e31776c0aad9b30773ef368f53dfe0bd27ed8d995977bfeb7363fe9906e91aff9a7f9c30785cb711b3fcd9a9fda9bceb0d8411247edc4d163e537a19ea34c189f7e63dfc18481548f9ab0f65d5fa6c311990d608fcd012142608fdb4e332489ee7d69935c8b5d35c45bc87eca5681de839e7d0be5cb0266437cad89cb94bbb86f1d1970ee315c72b9a4bbdde0571c9992b574f75767b75ea0431c6c0bdd3f5159aa7c53a22f903735d6941073333ee7c9bc65461fb04aa9e00bfd0b801608ff4e7680708f0cee505ad41eba03213c456cc40f05b6455c3300383220b740007bba51ddc5cbafeb88b106a8fe67287dce9851777afe58740930bc0f64da2bab5fd4ec2e95e747eed5a8831d6fb6cae32c2b2dd9b5e1ca4d1a04ab7c5a5b9a5f8bf4e22f10b4a887c4d4ee48097160f05369a9235926b2ca9a8dec668209df2a67eb5190a9ec38582d5ec1bf4581f9cb2f4ad183ca81d540e673d355d78ee6ccbaf5c4e0b95320dd7466"})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

20m52.562510183s ago: executing program 5 (id=119):
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x7f)

20m50.57968808s ago: executing program 4 (id=120):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2e)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x40)
syz_kvm_setup_cpu$arm64(r4, r5, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x12})
r6 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x1800002, 0x11, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r8, 0x1, 0x100)
ioctl$KVM_SIGNAL_MSI(r8, 0x4020aea5, &(0x7f0000000280)={0x100000, 0x6000, 0x0, 0x2000000})
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r12 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r11, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r11, 0x0)
r13 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000000)=@arm64_sys={0xf0780000002e2172, 0x0})
ioctl$KVM_CREATE_VM(r13, 0x401c5820, 0x20000001)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x401c5820, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000000c0)=0x6})

20m40.133912879s ago: executing program 5 (id=121):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000080)=0x1)

20m18.667486756s ago: executing program 4 (id=122):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x1a)

20m16.929533916s ago: executing program 5 (id=123):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x0, 0x200000000000001}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x2, 0x9}}], 0x50}, 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0xfffffffffffffffe, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x240)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8})
ioctl$KVM_SET_SIGNAL_MASK(r5, 0x4004ae8b, &(0x7f0000000240)={0x1000, "38fa6301b1ae3fc84221b71256d404b2a95f5daca2b2a4c0da0810a409c1a248dffd688e92aa05d8cf56a5dddc1b3ebd306752b5a61c009042667d3470460f99237893fa90e8d6b5bf7cd798d01519b0f605e2087f51bfded65ff12b8841a780b2b8d8e9d0e19b931d5a6bed540a7e2b1bafc90cf6b421e7edf15bfba4e5b0682342e8c0fec1b264181a28d3bcabc5339bab2aade97f809a991ccb7e89ad850cc7f869ec05c39bf1022a03afa304a2d68e4ec99c52df3ed3f1737def7d4450278527dcafc776046617f8909034abca0a971725e4040415c9aa2b9df5ea3bf4361e5b91c12546df22f6a14acdbb912bbabc1d130a55d0b34f61a1e72a41ae8a4cfd323fc26cff4430b1344b60851217da2768ae1f73a433d48a5471917c9a15b519a163f94497fb2e7d8785fc01370a3fc1e795ec30989070da34a81d7321467f05d367caf5429b93fcc5e52a46067f36d838be43d9375d9f08f4e4bbba9a1e2550d678cbf600e7bad83060e66c4aa41face62e038aa89d47504ce3f42d6f72869b1b847228935282a3e506592905a9cc4cc3a2ca4df99c19983ae5d2c609ebe0f967a1b0c6e81de41aa9268202237d37713631f85c9c034c6610bdf82f5fda6c28555d1c54d8cf94c973e1f4edef0f9a70fa0d33414796716c04511f316ccdcbf12eb697b4365147d2d59ab6050076bfc699edeaca8cc00720b2604885f6103b5bb9f5a4ac46188d56f58586b7f4d2da6f46a69ad243302d00206634bc9c4e9b78799e25a68691c2efcfc94344b9539085e4ecf39cd0969bcfb7554143fb47b8576b2553508b288fb69097608881f950f1870c8d17dcfb79403b8053206366b7313c3970f11800a0c1bf063a90bf4dc785ae821b7e9bc0c2c3e9d46aa80f93831d1575c1ad90806c9df529bf106b2da2edeed02a8e282394e8211976a0389fcd44dfbd32b223ae5c9670d3b5e7dfbae2e6db70200286c6f4440bd4aec4a9a330ef4a2001d9f83020a7d1fe1103ad8bf51cf16254d176c0bd86256e86da9d5733dc58bb0bf4f3acaf8c95d70ecaf7a069761cdca01635d0ea649d5323638b0d3eb83085f2ae667ec2312462034d28cc9f8924554883eb190901d4e403cb071b57024bf56e10d6aa472591b19adf87a7e5b29d5ea22abb4f3cee8cc4b47e38ef72eb16a511397cf28d3d1a8510d36eb504d66a757a2403db89319ebbd90f12cdf783314a798d5b0cadae8b9c0565373d8d20df5bad1524ed8af4325183d5a5756769e9a7c7b279ca3e4a48e6d6a2b24e546bb202a65a3d005ba046139de156eb337655b9c66d2abb2059cd4c5f7c1f6e78050322976a0fc3b7517a2c8e5005050ab85fa76721ea409f24a4f241f968c950161e4daaa9763f816d8ac62c8075332610a0648ae723f864a28c7f978b8469a4f77f220805910c44ea71679d18b6d899d117cda388331aea948a205646e1c27f75ea28e28eb1b3e4d3ee1c91632794f5f4e741aa215380e37ce2c8d2f2daa28c51107f36b6a747164b77b0e207ad529914683412d87b0221118943cab4f5f8b60bd8016f9dfa8313409d620a07e4aa10bdcc0f22c13c90317fb72572cde1ed3d3d2acb1cbdbd880dce15c058a2b4d2b607be050133a7e7dc59be75953c2835fb4b55dc4397491599f69f8a29d2e96ba6c09006523182cdb7ec38a69c1edba6dcba82e2d0a268a4fc5bd9216cc3e2d7a0b43f7414b06aaf847658b5bc4d9dcd8ab83a7a2502e2ad0488f90f9a508dece7658ce0fb3a2ae2dc76964ad697ae182015e1cbf2b30bb8e085bc031fcf2a52ae83b4b2d52cb4eea2b5bd274f7cd298be754138d0294f285ef66839e4ffea11b1c995eb02dabfd25ab6d200203fee1cb1e7573b1220e1100708ea68a36f4a0d7fe50d1c732a6256d4ab22857adaa816c8b5f1094a48a96667bf65ada755c234b1e791cbafd61cbdb538a2a1b032d48334351315920edb46910663baf07ae938f0893399dbf36704ae9e7fafa0df499a855466612fbd82e3d6691d72f4ce2c9b2112f06616c08ad652b37bb05d9887ed4211360b2b550d0cff55a711b5afecd22a0d05fc702caf165388f7df86a40170f77f0fec89399df4a4b7c7db8b62c30436735f022c9ecc20f74c6ed0b14d9fe2579967323a393b8683238a342b2c83e18e75cea7381d6e2b12aed11c7f3f3ea258b2a64c1de4f06b3f1de14c775582dc501e1ca859ba6aee4d03e8aa334dc93a28d0174095781a403fe47cfe809572152d524be223361845b3948882f327d9ee04ff0815210537a7414513c09e31b242e7e08394917e6294faf2dfbbf3881741a99b10745a61890091a4543304d7c7ca781c77bd36e58ebfc374ce35adca1c758a00086a4f833b7d50254f62b74d31e2aeee89783aaac0a4f560ade827eac7e3a7fa13600410449e16f01686b8424398aa0e2058cd67e63e8bb67b19de969c2a0f54d821b92db4bce4684850813b77b778b584112030217a4e632d5d18b498be508c50a39976b3661796d698a29ab945a2e8a0ba64bd07f372bcc9275306d35f9c11589e4aa1c26b87eccf3edf6216de579726bafc879474e197d39e9915220c958b9841ab3b676e77461282fbc039b09fb4b0127bc05bf6b7d62e53962fad932a0e1d3e952eeff9cb6f97a7511e798771b9b2dd42d5f3da5cfe6c623d70c971b7291853bee0a6c18a632bc4bbde9ac90a3f87124e1934e3b763a47572f3f479b1d05889dd17f695c7aedc72a5f7d89b5a971c7c94b2d90f2972abc93c6064fa979ff7d4c1e31027635b0d543de91e78ca38c6c33621cdf9d6b991c6b98cc578cebd23b266a8ae7744ef716b93c8cf8cb442edb4152032635b6318e82fcad5fc0bde16b4cea214f8e36cd5212c454fbad040f36664244c0519934734302a87fb56d8f4cb0f71c9064919cd7fd640d8fd6da10dc9caf9b715f37ecb56e2e0d30e5e6684b0f3997c392ca9735e005d1a5980f58dc5df775c5fbae617c4d09aa3914a07e6eb4bb646df19410b5a8019103c09f8b6565b045901a89d8c17e78fc1d23a1706cfc2324033f83e4ae4b7bf4d1a8fd3d1710d28cff3c4720d5f118518c29a227f1c8b685974c83362250ae50821cbfcb27bc0f65da92a5030d09a7ee5dd9a62ad3d81cb5a1a553c3349fbeea24bda1b34885224780a19431601dd552bc714daad2024bf225f9d2bed969d80563d94457a5a98f56771eb13251e36b03d598cbcac3c37519d8288aac5cf3561ad84ea9457505e8e470a589154fc0bf328f6b4e4a1f877a8c263f53019ff7674c332097731c133f5b054bdc433ac15726be85245c3c6f77fb69c7d3bce4d9259984cc4e377a4e01513ca9c59078c12991b6ae5d099273b92de73f5917eb95e89e0457aebc14ba852aab89be3685f615379ac4d629700f81d6fe0ed78db6b7afe6e186960d2025757a722cbcbdce4f9dacbe3a527157dac7597473ad7f5081f4b36b8764b34fadce65f104bf686f954b8783230e93b48a9aff02819c1f881ef140657974d3fef1375a6b619c19f70bac45f5974f36ef369f9e5036e4507d2df771f35069bedfc3959a2d9c342a0608992fa080deccf58728e8b2f1fc886ca160f4c98f1a93941ef1160c7f534740130995b4524e16819346fb6aa6565e591e62a6cf32f7ba7d71944a2991d87f6d28c3cec91ef2d29986ae16df5442f2fc674e4ff1f2b3ffad8e729e211ff9524fe176756a42bda974647f50df737727a33d16253ebabd937fd4c8898f7073dc6afe3e685371e6eb7d1bc7259f3d168623ea03a51e64e5b2b62fab033635fb9cfbe4c4e0ccc7fee10c69cd390d3cc3e2add4114334cd833edf4f509d4512d519bc6a3c3dc81bf5d367fb122c679525651061264f4822be640964d03b098c5a5d9df11b0e6406f9d1c022154a89ef564a5562f07deef2d46647c1c39edaa767ba41957f739b95886b8786492cd6a0d2567ab4591b3c504c068904ecf37b5804f982048fbede7fa9fe6bb0d492cb503297d6ff0d2e53660586abb3dac7ad0ee7c66c3e711f180cedc9bcc973ca340c40a1d9453e37a80d76a88c18ed2525909694e6677b23e8bdbd87c312a85ac6bbcc5655a5fc5eb4038832bf5d58e0065888b6e8627fa5908cf4cd1aea50fec8e28213c3d23a6188fae502feac76cc717b7041478b10b22a42c112122e1b14cb09f2e066117e59ad0aff793f1dbb09e2d2cd3ca3d765d7e191d715b2887d37dcae3ac0bfa508408566c81a8dfd25bdb615cbbb6b25a8b1142e4c2e738b4bde49e11a01153dd80c950a0419f7359c8767369d1499f30fbea841742c311f2b38028816b84c4648eafb0048c80945ec4a31861941fbb63bec4e3af3f09123f3ff7507778d188344e5284343a8ffa30b3004577a2993834502c5a29ce4cd4b523b0e815f64f453a0647f81cbbd9d4253a156682656aa6264deb886da7c3fa4f190272218f336475c34a2f3515196c428a4ca29f30c795f4bb0a0f22a19c60658b3965cb6e1d55b093ed88837724ebf348a809151ef3c879103808bdd8e89acc34610b46e7cb895cb02a4de426ea084cc3c34c46c32c1ec96e89c6ab463ddbe7e8a8d5a0a7069c9fc94829f3546fa7b020cb8407a95beee0d5bb27c5245265512c4fadcabff956edac725f9d0f24e2e8e7204358e05e5da2ea4c483eb1073c47ea9c42b293ae8bb36447c3b80437b81ac605ad7a1d322787410f6f0e3b0c32b7253df56fb39a31205840efcaefd65615f0d7bcf65157e3381a8ec121503cb04ed951f5aa1df9c940123f5aa18d4a680da3cd2663b90fa73d74bf9f7fd4333d67f2a5228ce910b037da13f048d53712c987cf82c1baaf7b6062ab45cf1bd026b56f4050cb1da0b768d9f16a688d5dd90ddf5b27e231310466a213bc651e43bb2797886d1432b347acf39010734599776c1f8d6a74944e433b9b3c06266157148df82f7f11ab1d8be3b4afc249d73c1269e74d30610e2e2d96f8d11876c40315b69daef3a544e67f95f9646a77f40f1ad1184306b1df37ab610f519e70bf3206933598bf725f4276423cbbfc3fd2a2e3ece518c8167cd025e8327e6435132cbf8c9791e859851782ab90987cf0b71adf8e92879ab02666f5bd319a25b1b2278b13fa8fe85d07a43563016a2f03c1c49579c54cbac7f4bc2ac42b97569d659f3c1b8ecb4f92e87e7435ed25c42bff6992020a0b07b6aba5736efbbec22f51e87651c0d847fa9342e3cab3e7df7f5e1601d9b5b4b7f36555d40794341a38b46113fcbdc8711e31776c0aad9b30773ef368f53dfe0bd27ed8d995977bfeb7363fe9906e91aff9a7f9c30785cb711b3fcd9a9fda9bceb0d8411247edc4d163e537a19ea34c189f7e63dfc18481548f9ab0f65d5fa6c311990d608fcd012142608fdb4e332489ee7d69935c8b5d35c45bc87eca5681de839e7d0be5cb0266437cad89cb94bbb86f1d1970ee315c72b9a4bbdde0571c9992b574f75767b75ea0431c6c0bdd3f5159aa7c53a22f903735d6941073333ee7c9bc65461fb04aa9e00bfd0b801608ff4e7680708f0cee505ad41eba03213c456cc40f05b6455c3300383220b740007bba51ddc5cbafeb88b106a8fe67287dce9851777afe58740930bc0f64da2bab5fd4ec2e95e747eed5a8831d6fb6cae32c2b2dd9b5e1ca4d1a04ab7c5a5b9a5f8bf4e22f10b4a887c4d4ee48097160f05369a9235926b2ca9a8dec668209df2a67eb5190a9ec38582d5ec1bf4581f9cb2f4ad183ca81d540e673d355d78ee6ccbaf5c4e0b95320dd7466"})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

20m7.517659563s ago: executing program 4 (id=124):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x10012)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r4, 0x4068aea3, &(0x7f0000000180)={0xe4, 0x0, 0x9})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r7, 0x400454cc, 0xffffffffffffffff)
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x400]}}], 0x40}, 0x0, 0x0)
r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r11, 0x3, 0x40b2811, r10, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)

19m59.765687377s ago: executing program 5 (id=125):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000040)=@arm64_sys={0x603000000013c021, &(0x7f0000000140)=0x9})
r4 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r7})
r8 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r8, 0x4068aea3, &(0x7f0000000180))
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000080)={0x4, 0x80a0000, 0x4, r7})
r9 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r14, 0x40086602, 0x110e22ffff)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000140)={0x4, <r15=>0xffffffffffffffff, 0x1})
r16 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x1)
r17 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x1800002, 0x11, r16, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r17, 0x20, &(0x7f0000000200)="d6011813013c360000000000f4ff8000802346cbd98762c7795582ba3948ecff0900010000000000000000000400284dc93e00", 0x0, 0x11)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r16, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r15, 0x40305828, &(0x7f0000000040)=@attr_other={0x0, 0x0, 0xfffffffffffffff7, 0x0})

19m47.986686067s ago: executing program 4 (id=126):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x6000, 0x2000, &(0x7f0000fa2000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x1fd, 0x0, 0xd000, 0x1000, &(0x7f0000fcd000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r5 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r4, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x10, r4, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x12003, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2d)
r8 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_IRQFD(r10, 0x4020ae76, &(0x7f0000000100)={0xffffffffffffffff, 0x0, 0x2})
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000240)={0x0, &(0x7f00000000c0)=[@its_setup={0x82, 0x28, {0x3, 0x95d9, 0x197}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f00000001c0)={0x8, <r12=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x3, 0xb000, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x408, 0x108, &(0x7f0000000000)=0xc000000000000000})
syz_kvm_setup_cpu$arm64(r7, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000180)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0})

19m11.845524793s ago: executing program 36 (id=125):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000040)=@arm64_sys={0x603000000013c021, &(0x7f0000000140)=0x9})
r4 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r7})
r8 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r8, 0x4068aea3, &(0x7f0000000180))
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000080)={0x4, 0x80a0000, 0x4, r7})
r9 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r14, 0x40086602, 0x110e22ffff)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000140)={0x4, <r15=>0xffffffffffffffff, 0x1})
r16 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x1)
r17 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x1800002, 0x11, r16, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r17, 0x20, &(0x7f0000000200)="d6011813013c360000000000f4ff8000802346cbd98762c7795582ba3948ecff0900010000000000000000000400284dc93e00", 0x0, 0x11)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r16, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r15, 0x40305828, &(0x7f0000000040)=@attr_other={0x0, 0x0, 0xfffffffffffffff7, 0x0})

18m57.941710269s ago: executing program 37 (id=126):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x6000, 0x2000, &(0x7f0000fa2000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x1fd, 0x0, 0xd000, 0x1000, &(0x7f0000fcd000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r5 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r4, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x10, r4, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x12003, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2d)
r8 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_IRQFD(r10, 0x4020ae76, &(0x7f0000000100)={0xffffffffffffffff, 0x0, 0x2})
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000240)={0x0, &(0x7f00000000c0)=[@its_setup={0x82, 0x28, {0x3, 0x95d9, 0x197}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f00000001c0)={0x8, <r12=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x3, 0xb000, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x408, 0x108, &(0x7f0000000000)=0xc000000000000000})
syz_kvm_setup_cpu$arm64(r7, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000180)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0})

3m27.609440744s ago: executing program 7 (id=165):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r4=>0xffffffffffffffff, 0x1})
write$eventfd(r4, &(0x7f00000001c0)=0x1, 0x11)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r6 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0)
r7 = eventfd2(0xd, 0x1)
close(r7)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
ioctl$KVM_GET_MP_STATE(r5, 0x8004ae98, &(0x7f0000000200))
write$eventfd(r7, 0x0, 0x500)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r9, 0x4068aea3, &(0x7f0000000100)={0xe4, 0x0, 0x8001})
r12 = syz_kvm_vgic_v3_setup(r9, 0x1, 0x40)
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0x1, 0x304, &(0x7f00000000c0)=0x83})
r13 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000180)={0x8})
syz_kvm_vgic_v3_setup(r14, 0x1, 0x20)
close(0x4)
close(0x5)
ioctl$KVM_RUN(r11, 0xae80, 0x0)

2m58.154245588s ago: executing program 7 (id=167):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) (async)
close(0x5)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0) (async)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
r5 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0xe)
syz_kvm_setup_cpu$arm64(r7, r6, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000300)=[@uexit={0x0, 0x18, 0x8}, @svc={0x122, 0x40, {0x84000007, [0x82, 0x6, 0x2, 0x32d, 0x8000000000000000]}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0x7, 0x2, 0x4, 0x4}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x100, 0xffffffffffffffff, 0x8}}, @msr={0x14, 0x20, {0x603000000013dcf3, 0x9f9}}, @msr={0x14, 0x20, {0x603000000013dce6, 0x3ff}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1400, 0xd1, 0x3}}, @msr={0x14, 0x20, {0x603000000013f102, 0x8}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x0, 0xf, 0x1000, 0xc2, 0x2}}, @memwrite={0x6e, 0x30, @generic={0x4000, 0x1b4, 0x1, 0x4}}, @msr={0x14, 0x20, {0x603000000013da29, 0x3}}, @msr={0x14, 0x20, {0x603000000013f081, 0x7}}, @msr={0x14, 0x20, {0x603000000013e711, 0x5}}, @hvc={0x32, 0x40, {0x84000007, [0x10001, 0x8, 0xc739, 0x5, 0x7fffffffffffffff]}}, @eret={0xe6, 0x18, 0x2}, @svc={0x122, 0x40, {0x84000051, [0x7, 0x9, 0x1, 0x7, 0x10]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0xf3e8, 0x10001}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x4, 0xb, 0x8, 0x401, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x1, 0xf, 0x22604b6d, 0x43c, 0x2}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0x289}}, @code={0xa, 0x84, {"000028d5007008d5e0869ed20060b8f2010080d2020180d2230180d2440080d2020000d4007008d5000040c8007008d5c07096d200a0b8f2210180d2620180d2430080d2240180d2020000d4e05e8fd20000b0f2810180d2e20180d2a30080d2240080d2020000d40040271e0020c00d"}}, @mrs={0xbe, 0x18, {0x603000000013df73}}, @irq_setup={0x46, 0x18, {0x0, 0x155}}, @mrs={0xbe, 0x18, {0x6030000000138075}}, @memwrite={0x6e, 0x30, @generic={0x0, 0xa9f, 0x3, 0xb}}, @uexit={0x0, 0x18, 0x2}, @code={0xa, 0x9c, {"a0cd87d20060b0f2010080d2620080d2030180d2640080d2020000d4007008d5007008d5406d9bd20080b8f2e10080d2820180d2c30180d2e40080d2020000d4a02586d20040b8f2610080d2020080d2c30180d2e40080d2020000d4008008d5408092d20060b8f2410080d2420080d2830080d2c40080d2020000d4007008d5007008d500c4200e"}}, @irq_setup={0x46, 0x18, {0x0, 0x2ce}}, @eret={0xe6, 0x18, 0x3}, @msr={0x14, 0x20, {0x603000000013e6c2, 0x9}}], 0x538}], 0x1, 0x0, &(0x7f0000000100)=[@featur1={0x1, 0x40}], 0x1) (async)
syz_kvm_setup_cpu$arm64(r4, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f00000002c0)=@arm64_sys={0x603000000013df11, &(0x7f00000000c0)=0x5}) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000180)=@arm64_fp_extra={0x60200000001000d5, &(0x7f0000000140)=0x6}) (async)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f00000001c0)=@x86={0xc, 0x0, 0xc, 0x0, 0x5, 0x7, 0x80, 0x3, 0x34, 0x10, 0x1, 0xff, 0x0, 0x4, 0xb000, 0x6, 0xb, 0x2, 0xb9, '\x00', 0xcd, 0x9}) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000240)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000200)=0x401})

2m49.965398743s ago: executing program 6 (id=168):
r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
r1 = openat$kvm(0x0, &(0x7f00000000c0), 0x268200, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x3, 0xa0)
r4 = eventfd2(0x6, 0x800)
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000280)={r4, 0x9})
ioctl$KVM_IRQFD(r3, 0x4020ae76, 0x0)
close(r3)
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
r6 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0)
r7 = eventfd2(0xd, 0x1)
close(r7)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
write$eventfd(r0, 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000140)={0x4, <r10=>0xffffffffffffffff})
close(r10)
r11 = eventfd2(0x0, 0x0)
close(r11)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40800, 0x0)
mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, 0x930, 0x2000004, 0x2011, r11, 0x0)
syz_kvm_setup_cpu$arm64(r3, r5, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000240)=[{0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x3, 0x194}}, @smc={0x1e, 0x40, {0x5000000, [0x200, 0x5, 0xffff, 0x0, 0x4]}}, @svc={0x122, 0x40, {0x8700042a, [0x5, 0x5, 0x2, 0x1ff, 0x6]}}, @hvc={0x32, 0x40, {0x80008000, [0x0, 0x9362, 0x3, 0x1, 0x44e5f53b]}}, @smc={0x1e, 0x40, {0x80000001, [0x8, 0x400, 0x3, 0xfffffffffffffffc, 0x5]}}], 0x128}], 0x1, 0x0, &(0x7f0000000340)=[@featur2={0x1, 0x4}], 0x1)
ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x6030000000100016, &(0x7f0000000000)=0xfffffffffffffff8})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x8800, 0x0)

2m30.956165675s ago: executing program 7 (id=169):
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000580)={0x30000, 0x10000}) (async)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18}) (async)
ioctl$KVM_ARM_VCPU_FINALIZE(r6, 0x4004aec2, &(0x7f0000000180)=0x4)
ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, &(0x7f00000000c0)={0x15e})
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0) (async)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000040)={0x2, <r9=>0xffffffffffffffff, 0x1})
ioctl$KVM_HAS_DEVICE_ATTR(r9, 0x4018aee3, &(0x7f00000001c0)=@attr_other={0x0, 0x7, 0xc2e, 0x0}) (async)
r10 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, &(0x7f0000000200)}, 0x0, 0x0) (async)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000100)={0x0, &(0x7f00000005c0)=[@code={0xa, 0x6c, {"00c8a10e008008d520998ad20040b0f2a10080d2420180d2830080d2a40080d2020000d4004c205e0084207e0060600dc0fd81d200e0b8f2210080d2820180d2e30080d2a40180d2020000d4000028d5000008d500c8a02e"}}, @mrs={0xbe, 0x18, {0x603000000013c2a9}}, @code={0xa, 0xb4, {"e0249bd20000b0f2610180d2220180d2630180d2240180d2020000d400c4200ec0d19ed20020b8f2810080d2620080d2630180d2c40180d2020000d400a986d20060b0f2c10080d2c20080d2030080d2c40180d2020000d4008008d5e0fb89d20000b8f2c10080d2420180d2630080d2e40180d2020000d40080608880558ad200a0b8f2a10180d2a20080d2830080d2440080d2020000d40000589e0040204e"}}, @mrs={0xbe, 0x18, {0x603000000013df40}}, @uexit={0x0, 0x18, 0x10001}, @eret={0xe6, 0x18, 0x1}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x39d}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x0, 0x8, 0x400, 0x1, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013e510}}, @eret={0xe6, 0x18, 0x2}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x40, 0x7, 0x4}}, @eret={0xe6, 0x18, 0x5}, @eret={0xe6, 0x18, 0x7fffffffffffffff}, @mrs={0xbe, 0x18, {0x603000000013802e}}, @smc={0x1e, 0x40, {0xc400000e, [0x8, 0x6, 0x3, 0x44bd, 0x8000]}}, @uexit={0x0, 0x18, 0x8}], 0x2d0}, &(0x7f0000000240)=[@featur2={0x1, 0xa8}], 0x1) (async)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r12, 0x3, 0x40b2811, r11, 0x0)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
close(0x3)
ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x0)
ioctl$KVM_CREATE_VM(r13, 0x894c, 0x0) (async)
ioctl$KVM_RUN(r11, 0xae80, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)

2m29.08634758s ago: executing program 6 (id=170):
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r3, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)

2m6.662045973s ago: executing program 7 (id=171):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
r6 = ioctl$KVM_CREATE_VM(r5, 0x894c, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1) (async)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1}) (async)
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f00000001c0)=@arm64_sys={0x6030000000138064, &(0x7f00000000c0)=0x8000})
ioctl$KVM_CREATE_VCPU(r6, 0xb702, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000080), 0x141001, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000080), 0x141001, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000100)) (async)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000100))
r10 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x5, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x5, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async)
r13 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000100)={0x0, &(0x7f00000001c0)=[@irq_setup={0x5, 0x18}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r10, 0x2, 0x100) (async)
ioctl$KVM_RUN(r13, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r12, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000040)={0x7, <r14=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r14, 0x4018aee3, &(0x7f0000000100)=@attr_other={0x0, 0x7, 0xc2e, 0x0})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x95d328133eb620c4, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x95d328133eb620c4, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x8, 0x23ac5f9b426ec4b1, 0xffffffffffffffff, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000200)={0x0, &(0x7f0000000280)=[@code={0xa, 0x9c, {"809f91d20020b8f2010080d2020180d2630180d2e40080d2020000d4a0ee91d200a0b0f2610080d2020080d2630180d2640080d2020000d4202586d20060b0f2010180d2220180d2230080d2240180d2020000d4008008d500fc202e00808048003c004e80229fd200a0b0f2e10080d2e20180d2830080d2e40180d2020000d4007008d5007008d5"}}, @hvc={0x32, 0x40, {0x2000000, [0x0, 0x5, 0x9, 0x7, 0x6]}}, @uexit={0x0, 0x18, 0xa}, @code={0xa, 0x84, {"1f0000f160f88bd20080b0f2610080d2e20180d2c30180d2a40080d2020000d4007c209b007008d5005b85d200a0b8f2410080d2020080d2c30180d2240180d2020000d4000008d500b8212e80f595d20040b0f2810080d2820080d2630080d2640180d2020000d4007008d5000028d5"}}, @smc={0x1e, 0x40, {0x7101dd6eb3db429a, [0x8, 0x7fffffffffffffff, 0x3, 0x10000, 0x3]}}, @hvc={0x32, 0x40, {0x84000004, [0x9, 0x6, 0x6, 0x2, 0x7fff]}}, @eret={0xe6, 0x18, 0x5}, @svc={0x122, 0x40, {0x84000002, [0x0, 0x0, 0x7f, 0x1, 0x80000000]}}], 0x250}, &(0x7f0000000240)=[@featur1={0x1, 0x26}], 0x1) (async)
syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000200)={0x0, &(0x7f0000000280)=[@code={0xa, 0x9c, {"809f91d20020b8f2010080d2020180d2630180d2e40080d2020000d4a0ee91d200a0b0f2610080d2020080d2630180d2640080d2020000d4202586d20060b0f2010180d2220180d2230080d2240180d2020000d4008008d500fc202e00808048003c004e80229fd200a0b0f2e10080d2e20180d2830080d2e40180d2020000d4007008d5007008d5"}}, @hvc={0x32, 0x40, {0x2000000, [0x0, 0x5, 0x9, 0x7, 0x6]}}, @uexit={0x0, 0x18, 0xa}, @code={0xa, 0x84, {"1f0000f160f88bd20080b0f2610080d2e20180d2c30180d2a40080d2020000d4007c209b007008d5005b85d200a0b8f2410080d2020080d2c30180d2240180d2020000d4000008d500b8212e80f595d20040b0f2810080d2820080d2630080d2640180d2020000d4007008d5000028d5"}}, @smc={0x1e, 0x40, {0x7101dd6eb3db429a, [0x8, 0x7fffffffffffffff, 0x3, 0x10000, 0x3]}}, @hvc={0x32, 0x40, {0x84000004, [0x9, 0x6, 0x6, 0x2, 0x7fff]}}, @eret={0xe6, 0x18, 0x5}, @svc={0x122, 0x40, {0x84000002, [0x0, 0x0, 0x7f, 0x1, 0x80000000]}}], 0x250}, &(0x7f0000000240)=[@featur1={0x1, 0x26}], 0x1)

2m2.327229888s ago: executing program 6 (id=172):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000000)={0x7000, 0x115000})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
syz_kvm_vgic_v3_setup(r1, 0x0, 0x0)
close(0x4)
close(0x5)

1m42.26242342s ago: executing program 6 (id=173):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0x801c581f, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bc2000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000040)="68d3d4a6759ba655d47872b6bf881ba5dbca1c84a0779749", 0x0, 0x18)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r8, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f00000002c0)=@arm64_sys={0x603000000013df11, &(0x7f00000000c0)=0x5})
ioctl$KVM_RUN(r8, 0xae80, 0x0)

1m39.945620066s ago: executing program 7 (id=174):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)}, 0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, <r6=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r6, 0x400454ce, 0x110c230008)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1m16.637774139s ago: executing program 7 (id=175):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x8, 0x4, 0x0})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
write$eventfd(r5, &(0x7f00000001c0)=0xffffff7f, 0xff25)
ioctl$KVM_CREATE_DEVICE(r2, 0xc018aec0, &(0x7f00000000c0)={0x1})
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x4})
ioctl$KVM_IRQ_LINE_STATUS(r6, 0xc008ae67, &(0x7f0000000040)={0x10101, 0x10001})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x3000)=nil, r11, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x141801, 0x0)

1m15.205426554s ago: executing program 6 (id=176):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138084, 0x8000}}, @msr={0x14, 0x20, {0x603000000013809c, 0x8000}}, @msr={0x14, 0x20, {0x603000000013c081, 0x8000}}], 0x60}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f0000000000)={0xdf, 0x0, 0x10000})
ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f0000000000)={0xe1})

47.232873472s ago: executing program 6 (id=177):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac4e37c4005a9614fbff67521ce16f8f09449a7a836b73312954000000000000000000000000000000000000000000000000000000dc6900", 0x0, 0x2e)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r4 = eventfd2(0x0, 0x0)
close(r4)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x88c80, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, r5, 0x2000004, 0x2011, r4, 0x0)
r6 = eventfd2(0x0, 0x0)
close(r6)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, 0x930, 0x2000004, 0x2011, r6, 0x0)

27.436717414s ago: executing program 38 (id=175):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x8, 0x4, 0x0})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
write$eventfd(r5, &(0x7f00000001c0)=0xffffff7f, 0xff25)
ioctl$KVM_CREATE_DEVICE(r2, 0xc018aec0, &(0x7f00000000c0)={0x1})
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x4})
ioctl$KVM_IRQ_LINE_STATUS(r6, 0xc008ae67, &(0x7f0000000040)={0x10101, 0x10001})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x3000)=nil, r11, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x141801, 0x0)

0s ago: executing program 39 (id=177):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac4e37c4005a9614fbff67521ce16f8f09449a7a836b73312954000000000000000000000000000000000000000000000000000000dc6900", 0x0, 0x2e)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r4 = eventfd2(0x0, 0x0)
close(r4)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x88c80, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, r5, 0x2000004, 0x2011, r4, 0x0)
r6 = eventfd2(0x0, 0x0)
close(r6)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, 0x930, 0x2000004, 0x2011, r6, 0x0)

kernel console output (not intermixed with test programs):

[  417.780720][ T3170] 8021q: adding VLAN 0 to HW filter on device bond0
[  453.143528][ T3170] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:13774' (ED25519) to the list of known hosts.
[  642.990804][   T25] audit: type=1400 audit(642.170:61): avc:  denied  { name_bind } for  pid=3331 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  644.900518][   T25] audit: type=1400 audit(644.100:62): avc:  denied  { execute } for  pid=3332 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  644.956536][   T25] audit: type=1400 audit(644.150:63): avc:  denied  { execute_no_trans } for  pid=3332 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  671.369820][   T25] audit: type=1400 audit(670.560:64): avc:  denied  { mounton } for  pid=3332 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  671.412091][   T25] audit: type=1400 audit(670.610:65): avc:  denied  { mount } for  pid=3332 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  671.503178][ T3332] cgroup: Unknown subsys name 'net'
[  671.580092][   T25] audit: type=1400 audit(670.780:66): avc:  denied  { unmount } for  pid=3332 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  672.102207][ T3332] cgroup: Unknown subsys name 'cpuset'
[  672.271250][ T3332] cgroup: Unknown subsys name 'rlimit'
[  673.259433][   T25] audit: type=1400 audit(672.460:67): avc:  denied  { setattr } for  pid=3332 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  673.281006][   T25] audit: type=1400 audit(672.470:68): avc:  denied  { mounton } for  pid=3332 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  673.309330][   T25] audit: type=1400 audit(672.510:69): avc:  denied  { mount } for  pid=3332 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  674.384558][ T3337] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  674.411461][   T25] audit: type=1400 audit(673.600:70): avc:  denied  { relabelto } for  pid=3337 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  674.438978][   T25] audit: type=1400 audit(673.630:71): avc:  denied  { write } for  pid=3337 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  674.623022][   T25] audit: type=1400 audit(673.820:72): avc:  denied  { read } for  pid=3332 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  674.647030][   T25] audit: type=1400 audit(673.840:73): avc:  denied  { open } for  pid=3332 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  674.691998][ T3332] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  733.140225][   T25] audit: type=1400 audit(732.340:74): avc:  denied  { execmem } for  pid=3339 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  737.088869][   T25] audit: type=1400 audit(736.280:75): avc:  denied  { read } for  pid=3341 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  737.114018][   T25] audit: type=1400 audit(736.310:76): avc:  denied  { open } for  pid=3342 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  737.188718][   T25] audit: type=1400 audit(736.370:77): avc:  denied  { mounton } for  pid=3342 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  737.443512][   T25] audit: type=1400 audit(736.640:78): avc:  denied  { module_request } for  pid=3342 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  737.484379][   T25] audit: type=1400 audit(736.650:79): avc:  denied  { module_request } for  pid=3341 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  738.540382][   T25] audit: type=1400 audit(737.730:80): avc:  denied  { sys_module } for  pid=3341 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  761.939382][ T3342] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  762.607211][ T3342] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  763.487361][ T3341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  764.183506][ T3341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  780.389945][ T3342] hsr_slave_0: entered promiscuous mode
[  780.420385][ T3342] hsr_slave_1: entered promiscuous mode
[  781.503511][ T3341] hsr_slave_0: entered promiscuous mode
[  781.551826][ T3341] hsr_slave_1: entered promiscuous mode
[  781.592080][ T3341] debugfs: 'hsr0' already exists in 'hsr'
[  781.618172][ T3341] Cannot create hsr debugfs directory
[  787.646446][   T25] audit: type=1400 audit(786.830:81): avc:  denied  { create } for  pid=3342 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  787.722557][   T25] audit: type=1400 audit(786.920:82): avc:  denied  { write } for  pid=3342 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  787.800627][   T25] audit: type=1400 audit(786.990:83): avc:  denied  { read } for  pid=3342 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  787.940715][ T3342] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  788.264669][ T3342] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  788.550910][ T3342] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  788.880378][ T3342] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  790.535081][ T3341] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  790.909048][ T3341] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  791.123740][ T3341] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  791.329608][ T3341] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  803.553922][ T3342] 8021q: adding VLAN 0 to HW filter on device bond0
[  806.901723][ T3341] 8021q: adding VLAN 0 to HW filter on device bond0
[  868.180278][ T3342] veth0_vlan: entered promiscuous mode
[  868.708253][ T3342] veth1_vlan: entered promiscuous mode
[  870.728766][ T3342] veth0_macvtap: entered promiscuous mode
[  871.167873][ T3342] veth1_macvtap: entered promiscuous mode
[  872.274230][ T3341] veth0_vlan: entered promiscuous mode
[  873.342821][ T3341] veth1_vlan: entered promiscuous mode
[  873.980512][   T43] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  874.017538][   T43] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  874.030321][   T43] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  874.039285][   T43] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  876.570466][   T25] audit: type=1400 audit(875.770:84): avc:  denied  { mount } for  pid=3342 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  876.763126][   T25] audit: type=1400 audit(875.960:85): avc:  denied  { mounton } for  pid=3342 comm="syz-executor" path="/syzkaller.lbnl1t/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  876.921788][   T25] audit: type=1400 audit(876.120:86): avc:  denied  { mount } for  pid=3342 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  877.130520][ T3341] veth0_macvtap: entered promiscuous mode
[  877.282563][   T25] audit: type=1400 audit(876.470:87): avc:  denied  { mounton } for  pid=3342 comm="syz-executor" path="/syzkaller.lbnl1t/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  877.400548][   T25] audit: type=1400 audit(876.580:88): avc:  denied  { mounton } for  pid=3342 comm="syz-executor" path="/syzkaller.lbnl1t/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3764 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  877.490546][ T3341] veth1_macvtap: entered promiscuous mode
[  878.178344][   T25] audit: type=1400 audit(877.330:89): avc:  denied  { unmount } for  pid=3342 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  878.360332][   T25] audit: type=1400 audit(877.560:90): avc:  denied  { mounton } for  pid=3342 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  878.437902][   T25] audit: type=1400 audit(877.630:91): avc:  denied  { mount } for  pid=3342 comm="syz-executor" name="/" dev="gadgetfs" ino=3772 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  878.773382][   T25] audit: type=1400 audit(877.910:92): avc:  denied  { mount } for  pid=3342 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  878.832276][   T25] audit: type=1400 audit(878.020:93): avc:  denied  { mounton } for  pid=3342 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  880.211094][ T3445] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  880.237384][ T3445] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  880.242552][ T3445] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  880.271871][ T3445] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  880.750974][ T3342] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  882.677714][   T25] kauditd_printk_skb: 1 callbacks suppressed
[  882.684495][   T25] audit: type=1400 audit(881.820:95): avc:  denied  { read write } for  pid=3342 comm="syz-executor" name="loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  882.707785][   T25] audit: type=1400 audit(881.870:96): avc:  denied  { open } for  pid=3342 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  882.768436][   T25] audit: type=1400 audit(881.940:97): avc:  denied  { ioctl } for  pid=3342 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  895.964053][   T25] audit: type=1400 audit(895.140:98): avc:  denied  { read } for  pid=3497 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  896.064127][   T25] audit: type=1400 audit(895.260:99): avc:  denied  { open } for  pid=3497 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  896.597189][   T25] audit: type=1400 audit(895.780:100): avc:  denied  { ioctl } for  pid=3497 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  900.271261][   T25] audit: type=1400 audit(899.470:101): avc:  denied  { write } for  pid=3497 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  901.096333][   T25] audit: type=1400 audit(900.280:102): avc:  denied  { append } for  pid=3497 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  902.076875][   T25] audit: type=1400 audit(901.260:103): avc:  denied  { execute } for  pid=3497 comm="syz.1.2" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3942 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  983.326656][   T25] audit: type=1400 audit(982.490:104): avc:  denied  { create } for  pid=3544 comm="syz.1.16" anonclass=[kvm-gmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  984.551262][   T25] audit: type=1400 audit(983.730:105): avc:  denied  { setattr } for  pid=3544 comm="syz.1.16" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1025.643356][   T25] audit: type=1400 audit(1024.830:106): avc:  denied  { map } for  pid=3565 comm="syz.1.22" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=5103 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1025.713081][   T25] audit: type=1400 audit(1024.890:107): avc:  denied  { read } for  pid=3565 comm="syz.1.22" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=5103 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1039.681051][ T3574] kvm [3574]: Failed to find VMA for hva 0x20c01000
[ 1230.362482][   T25] audit: type=1400 audit(1229.500:108): avc:  denied  { map } for  pid=3681 comm="syz.1.59" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1230.422879][   T25] audit: type=1400 audit(1229.560:109): avc:  denied  { execute } for  pid=3681 comm="syz.1.59" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1446.448626][   T25] audit: type=1400 audit(1445.570:110): avc:  denied  { ioctl } for  pid=3797 comm="syz.1.91" path="net:[4026531833]" dev="nsfs" ino=4026531833 ioctlcmd=0x5828 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1619.393587][ T3338] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1620.967241][ T3338] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1622.520674][ T3338] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1623.821574][ T3338] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1638.059482][ T3338] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1638.244918][ T3338] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1638.351433][ T3338] bond0 (unregistering): Released all slaves
[ 1639.414233][ T3338] hsr_slave_0: left promiscuous mode
[ 1639.444745][ T3338] hsr_slave_1: left promiscuous mode
[ 1639.687539][ T3338] veth1_macvtap: left promiscuous mode
[ 1639.692009][ T3338] veth0_macvtap: left promiscuous mode
[ 1639.703022][ T3338] veth1_vlan: left promiscuous mode
[ 1639.720530][ T3338] veth0_vlan: left promiscuous mode
[ 1659.050150][ T3338] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1660.380122][ T3338] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1661.772008][ T3338] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1662.918433][ T3338] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1681.731375][ T3338] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1681.988193][ T3338] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1682.181496][ T3338] bond0 (unregistering): Released all slaves
[ 1683.973518][ T3338] hsr_slave_0: left promiscuous mode
[ 1684.047749][ T3338] hsr_slave_1: left promiscuous mode
[ 1684.428038][ T3338] veth1_macvtap: left promiscuous mode
[ 1684.431480][ T3338] veth0_macvtap: left promiscuous mode
[ 1684.454423][ T3338] veth1_vlan: left promiscuous mode
[ 1684.463469][ T3338] veth0_vlan: left promiscuous mode
[ 1696.383880][ T3845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1696.979966][ T3845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1707.549707][ T3851] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1708.340606][ T3851] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1718.379390][ T3845] hsr_slave_0: entered promiscuous mode
[ 1718.423386][ T3845] hsr_slave_1: entered promiscuous mode
[ 1730.670649][ T3851] hsr_slave_0: entered promiscuous mode
[ 1730.740952][ T3851] hsr_slave_1: entered promiscuous mode
[ 1730.793781][ T3851] debugfs: 'hsr0' already exists in 'hsr'
[ 1730.807565][ T3851] Cannot create hsr debugfs directory
[ 1734.423374][ T3845] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1734.787659][ T3845] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1735.124022][ T3845] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1736.506759][ T3845] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1749.313298][ T3851] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1749.867809][ T3851] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1750.212258][ T3851] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1750.588644][ T3851] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1765.593659][ T3845] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1774.698818][ T3851] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1864.469139][ T3845] veth0_vlan: entered promiscuous mode
[ 1865.747273][ T3845] veth1_vlan: entered promiscuous mode
[ 1869.366049][ T3845] veth0_macvtap: entered promiscuous mode
[ 1870.071939][ T3845] veth1_macvtap: entered promiscuous mode
[ 1873.688760][ T3392] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1873.747478][ T3445] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1873.803729][ T3445] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1873.821827][ T3445] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1879.000772][ T3851] veth0_vlan: entered promiscuous mode
[ 1880.798945][   T25] audit: type=1400 audit(1879.970:111): avc:  denied  { unmount } for  pid=3845 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 1880.893571][ T3851] veth1_vlan: entered promiscuous mode
[ 1884.952801][ T3851] veth0_macvtap: entered promiscuous mode
[ 1885.559860][ T3851] veth1_macvtap: entered promiscuous mode
[ 1889.748624][ T3867] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1889.940096][ T3867] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1890.143132][ T3867] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1890.269060][ T3338] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2069.878973][ T4102] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2070.313496][ T4102] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2076.020021][ T4105] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2076.599314][ T4105] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2103.653513][ T3867] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2105.903331][ T3867] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2107.962060][ T3867] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2109.743166][ T3867] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2129.739715][ T3867] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2129.864806][ T3867] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2129.944113][ T3867] bond0 (unregistering): Released all slaves
[ 2132.209794][ T3867] hsr_slave_0: left promiscuous mode
[ 2132.245051][ T3867] hsr_slave_1: left promiscuous mode
[ 2132.782022][ T3867] veth1_macvtap: left promiscuous mode
[ 2132.801789][ T3867] veth0_macvtap: left promiscuous mode
[ 2132.884011][ T3867] veth1_vlan: left promiscuous mode
[ 2132.899836][ T3867] veth0_vlan: left promiscuous mode
[ 2150.984172][ T4102] hsr_slave_0: entered promiscuous mode
[ 2151.063076][ T4102] hsr_slave_1: entered promiscuous mode
[ 2152.807550][ T4105] hsr_slave_0: entered promiscuous mode
[ 2152.840270][ T4105] hsr_slave_1: entered promiscuous mode
[ 2152.870998][ T4105] debugfs: 'hsr0' already exists in 'hsr'
[ 2152.887304][ T4105] Cannot create hsr debugfs directory
[ 2157.914736][ T3867] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2159.767318][ T3867] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2161.948152][ T3867] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2163.753850][ T3867] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2185.819027][ T3867] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2186.120668][ T3867] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2186.360437][ T3867] bond0 (unregistering): Released all slaves
[ 2188.099725][ T3867] hsr_slave_0: left promiscuous mode
[ 2188.167188][ T3867] hsr_slave_1: left promiscuous mode
[ 2188.810503][ T3867] veth1_macvtap: left promiscuous mode
[ 2188.817508][ T3867] veth0_macvtap: left promiscuous mode
[ 2188.838238][ T3867] veth1_vlan: left promiscuous mode
[ 2188.852350][ T3867] veth0_vlan: left promiscuous mode
[ 2208.461308][ T4102] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2209.044239][ T4102] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2209.817980][ T4102] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2210.597993][ T4102] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2217.169453][ T4105] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2217.644570][ T4105] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2218.180802][ T4105] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2218.639172][ T4105] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2247.154323][ T4102] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2252.888357][ T4105] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2383.038298][ T4102] veth0_vlan: entered promiscuous mode
[ 2383.981813][ T4102] veth1_vlan: entered promiscuous mode
[ 2387.702733][ T4102] veth0_macvtap: entered promiscuous mode
[ 2388.671544][ T4102] veth1_macvtap: entered promiscuous mode
[ 2390.063485][ T4105] veth0_vlan: entered promiscuous mode
[ 2391.792076][ T4105] veth1_vlan: entered promiscuous mode
[ 2395.086709][   T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2395.095091][   T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2395.137208][ T3338] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2395.141802][ T3338] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2399.608878][ T4105] veth0_macvtap: entered promiscuous mode
[ 2401.118772][ T4105] veth1_macvtap: entered promiscuous mode
[ 2406.670774][ T4336] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2406.734826][ T4336] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2406.848391][ T4336] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2406.866250][ T4336] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2686.210042][ T4471] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2688.054472][ T4471] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2689.843002][ T4471] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2691.829136][ T4471] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2720.679207][ T4471] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2721.354467][ T4471] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2722.073341][ T4471] bond0 (unregistering): Released all slaves
[ 2725.105132][ T4471] hsr_slave_0: left promiscuous mode
[ 2725.162092][ T4471] hsr_slave_1: left promiscuous mode
[ 2725.663346][ T4471] veth1_macvtap: left promiscuous mode
[ 2725.677295][ T4471] veth0_macvtap: left promiscuous mode
[ 2725.681738][ T4471] veth1_vlan: left promiscuous mode
[ 2725.697821][ T4471] veth0_vlan: left promiscuous mode
[ 2758.514841][ T4471] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2760.421499][ T4471] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2762.788911][ T4471] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2765.029561][ T4471] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2789.093243][ T4471] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2789.502228][ T4471] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2789.752063][ T4471] bond0 (unregistering): Released all slaves
[ 2791.639685][ T4471] hsr_slave_0: left promiscuous mode
[ 2791.688962][ T4471] hsr_slave_1: left promiscuous mode
[ 2792.334221][ T4471] veth1_macvtap: left promiscuous mode
[ 2792.419049][ T4471] veth0_macvtap: left promiscuous mode
[ 2792.441821][ T4471] veth1_vlan: left promiscuous mode
[ 2792.467441][ T4471] veth0_vlan: left promiscuous mode
[ 2834.433509][ T4460] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2834.833101][ T4460] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2845.383525][ T4468] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2845.710982][ T4468] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2866.822133][ T4460] hsr_slave_0: entered promiscuous mode
[ 2866.920843][ T4460] hsr_slave_1: entered promiscuous mode
[ 2878.474924][ T4468] hsr_slave_0: entered promiscuous mode
[ 2878.583604][ T4468] hsr_slave_1: entered promiscuous mode
[ 2878.623884][ T4468] debugfs: 'hsr0' already exists in 'hsr'
[ 2878.628507][ T4468] Cannot create hsr debugfs directory
[ 2896.582966][ T4460] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 2897.134706][ T4460] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 2898.239707][ T4460] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 2899.480413][ T4460] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 2909.750216][ T4468] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 2910.231896][ T4468] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 2910.811224][ T4468] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 2911.387651][ T4468] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 2936.627774][ T4460] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2947.878922][ T4468] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3106.379934][ T4460] veth0_vlan: entered promiscuous mode
[ 3107.550864][ T4460] veth1_vlan: entered promiscuous mode
[ 3111.950950][ T4460] veth0_macvtap: entered promiscuous mode
[ 3112.751900][ T4460] veth1_macvtap: entered promiscuous mode
[ 3117.649250][ T4468] veth0_vlan: entered promiscuous mode
[ 3120.453695][ T4468] veth1_vlan: entered promiscuous mode
[ 3120.878662][ T4064] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3120.931103][   T43] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3121.150964][   T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3121.157936][ T3390] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3129.087946][ T4468] veth0_macvtap: entered promiscuous mode
[ 3130.693620][ T4468] veth1_macvtap: entered promiscuous mode
[ 3136.627671][ T4681] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3136.708257][ T4064] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3136.731016][ T4064] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3136.758267][ T4064] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3912.611117][ T4984] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3914.320744][ T4984] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3950.432781][ T4997] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3951.112855][ T4997] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3979.430643][ T4984] hsr_slave_0: entered promiscuous mode
[ 3979.583580][ T4984] hsr_slave_1: entered promiscuous mode
[ 3979.678628][ T4984] debugfs: 'hsr0' already exists in 'hsr'
[ 3979.681639][ T4984] Cannot create hsr debugfs directory
[ 4018.895000][ T4997] hsr_slave_0: entered promiscuous mode
[ 4019.172681][ T4997] hsr_slave_1: entered promiscuous mode
[ 4019.364481][ T4997] debugfs: 'hsr0' already exists in 'hsr'
[ 4019.383387][ T4997] Cannot create hsr debugfs directory
[ 4029.800108][ T4984] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 4030.749905][ T4984] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 4033.550808][ T4984] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 4036.694938][ T4984] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 4066.301202][ T4997] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 4067.283777][ T4997] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 4068.390651][ T4997] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 4069.690094][ T4997] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 4107.719001][ T4984] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4132.011049][ T4997] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4172.819306][   T27] INFO: task syz.6.177:4976 blocked for more than 430 seconds.
[ 4172.873428][   T27]       Not tainted syzkaller #0
[ 4172.881012][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 4172.883267][   T27] task:syz.6.177       state:D stack:0     pid:4976  tgid:4976  ppid:4460   task_flags:0x400040 flags:0x00000011
[ 4172.884445][   T27] Call trace:
[ 4172.884765][   T27]  __switch_to+0x584/0xb00 (T)
[ 4173.057958][   T27]  __schedule+0x200c/0x3428
[ 4173.086386][   T27]  schedule+0xac/0x27c
[ 4173.087091][   T27]  schedule_timeout+0x68/0x1ec
[ 4173.087650][   T27]  do_wait_for_common+0x28c/0x440
[ 4173.088139][   T27]  wait_for_completion+0x44/0x5c
[ 4173.088627][   T27]  __synchronize_srcu+0x2a4/0x320
[ 4173.089132][   T27]  synchronize_srcu+0x3d0/0x4f8
[ 4173.089674][   T27]  mmu_notifier_unregister+0x320/0x428
[ 4173.090181][   T27]  kvm_put_kvm+0x698/0xbe0
[ 4173.090621][   T27]  kvm_vm_release+0x58/0x78
[ 4173.091070][   T27]  __fput+0x4ac/0x978
[ 4173.091530][   T27]  ____fput+0x20/0x58
[ 4173.091955][   T27]  task_work_run+0x1b8/0x250
[ 4173.092407][   T27]  exit_to_user_mode_loop+0x110/0x188
[ 4173.093336][   T27]  el0_svc+0x17c/0x238
[ 4173.093917][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 4173.094431][   T27]  el0t_64_sync+0x198/0x19c
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 4173.338505][   T27] 
[ 4173.338505][   T27] Showing all locks held in the system:
[ 4173.347794][   T27] 1 lock held by khungtaskd/27:
[ 4173.348373][   T27]  #0: ffff800087a86d08 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x0/0x44
[ 4173.351155][   T27] 2 locks held by getty/3198:
[ 4173.351569][   T27]  #0: 2bf00000123628a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 4173.353375][   T27]  #1: 91ff80008c80b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x308/0x1234
[ 4173.515039][   T27] 2 locks held by syz-executor/3332:
[ 4173.560388][   T27] 2 locks held by kworker/u4:1/3338:
[ 4173.601044][   T27]  #0: 51f000000cc26948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a10
[ 4173.603439][   T27]  #1: ffff80008f457c88 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a10
[ 4173.687655][   T27] 3 locks held by kworker/u4:9/3894:
[ 4173.690526][   T27] 3 locks held by kworker/u4:10/3977:
[ 4173.717087][   T27] 3 locks held by kworker/u4:7/4244:
[ 4173.717603][   T27] 3 locks held by kworker/u4:12/4273:
[ 4173.717975][   T27] 3 locks held by kworker/u4:14/4506:
[ 4173.718369][   T27] 2 locks held by syz.7.175/4964:
[ 4173.718756][   T27] 2 locks held by kworker/u4:13/5088:
[ 4173.719069][   T27]  #0: 51f000000cc26948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a10
[ 4173.721083][   T27]  #1: ffff80008fe17c88 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a10
[ 4173.722852][   T27] 3 locks held by kworker/u4:16/5124:
[ 4173.723180][   T27] 3 locks held by kworker/u4:17/5140:
[ 4173.723517][   T27] 1 lock held by modprobe/5142:
[ 4173.723835][   T27] 1 lock held by dhcpcd-run-hook/5143:
[ 4173.724149][   T27] 1 lock held by modprobe/5144:
[ 4173.724710][   T27] 
[ 4173.724993][   T27] =============================================
[ 4173.724993][   T27] 
[ 4173.950366][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[ 4173.953942][   T27] CPU: 0 UID: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT 
[ 4173.955482][   T27] Hardware name: linux,dummy-virt (DT)
[ 4173.956470][   T27] Call trace:
[ 4173.957293][   T27]  show_stack+0x2c/0x3c (C)
[ 4173.958358][   T27]  __dump_stack+0x30/0x40
[ 4173.959305][   T27]  dump_stack_lvl+0x30/0x12c
[ 4173.960238][   T27]  dump_stack+0x1c/0x28
[ 4173.961130][   T27]  vpanic+0x1d4/0x4e4
[ 4173.961978][   T27]  vpanic+0x0/0x4e4
[ 4173.962782][   T27]  hung_task_panic+0x0/0x2c
[ 4173.963737][   T27]  kthread+0x794/0x99c
[ 4173.964622][   T27]  ret_from_fork+0x10/0x20
[ 4173.966503][   T27] Kernel Offset: disabled
[ 4173.967249][   T27] CPU features: 0x0000000,001a3005,fbe327a1,057ffe1f
[ 4173.968349][   T27] Memory Limit: none
[ 4173.970565][   T27] Rebooting in 86400 seconds..