last executing test programs:

1h8m19.298996811s ago: executing program 32 (id=137):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x3, 0xa0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000240)={0x8, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x5, 0x5, &(0x7f0000000180)=0x8080000})
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0xfffffffffffffffd, 0x5}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0xfffffffffffffffc, 0x280)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x2, 0x3, &(0x7f0000000140)=0x7f})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r11 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x1)
r13 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r12, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f00000002c0)="fb0149e30e0000ac2cfc4fb8b6ab8031d1dfd92f0000000201000000df707cd24b7eebb20704000000000000000000fc00000005000000000a00", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r12, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x6832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c6d000/0x4000)=nil, 0x0, 0x0, 0x100010, r9, 0x0)
openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0)
r14 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x20000001d)
syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000280)={0x0, 0x0, 0xfffffffffffffd4a}, 0x0, 0x5)

1h8m12.208800452s ago: executing program 33 (id=138):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2f)
r1 = eventfd2(0xffffffff, 0x80800)
ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000000)={r1, 0xc8, 0x1})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4020ae46, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000010000000000000008"])
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r4=>0xffffffffffffffff, 0x1})
write$eventfd(r4, &(0x7f00000001c0)=0x7ffffff, 0xfdef)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)

59m16.121289582s ago: executing program 2 (id=173):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000040)={0x4, 0xfffa}})
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000200)=@arm64_sve_vls={0x606000000015ffff, &(0x7f00000001c0)=0xebf6})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0x2, 0x20000013)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x300, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x400454d0, 0x1)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, <r9=>0xffffffffffffffff, 0x1})
r10 = ioctl$KVM_CREATE_VM(r9, 0x400454d0, 0x1)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r5, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f3f000/0x2000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f00000000c0)=@arm64_extra={0x603000000013c103, &(0x7f0000000080)=0xfac})
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, r12, 0x0, 0x40032, 0xffffffffffffffff, 0x0)

59m12.158702297s ago: executing program 3 (id=174):
r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async)
r6 = eventfd2(0xffff10c0, 0x801)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000100)={0xf09, 0x8080000, 0x0, r6}) (async)
r7 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) (async, rerun: 64)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff}) (rerun: 64)
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_RUN(r7, 0xae80, 0x0) (async)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000340)={0x5}) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async, rerun: 32)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0xffffffd3) (async, rerun: 32)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f0000000300)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xa0, 0x1, 0xa}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r10, 0x1, 0x100)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r12, 0x4018aee3, &(0x7f0000000280)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000000)=0xfffffffb}) (async, rerun: 32)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) (rerun: 32)
r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_CAP_HALT_POLL(r14, 0x4068aea3, &(0x7f0000000100)={0xb6, 0x0, 0x81})
syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x18, {"7f2003d5"}}], 0x18}, 0x0, 0x0) (async)
ioctl$KVM_RUN(r12, 0xae80, 0x0)

59m4.866292728s ago: executing program 2 (id=175):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x8000000003a) (async)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x2, 0x100)
r4 = eventfd2(0x1, 0x80001)
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000000)={r4, 0x26df8})
write$eventfd(r4, &(0x7f0000000100)=0x6, 0x8) (async)
r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@hvc={0x32, 0x40, {0x80000001, [0xfffffffffffffde5, 0x3ff, 0x1, 0x4, 0x9]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

59m1.872948258s ago: executing program 3 (id=176):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x0, 0x2, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)

58m57.450509639s ago: executing program 2 (id=177):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x82801, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r3=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x0, &(0x7f0000000000)=0x10}) (async)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1b) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_GET_API_VERSION(r5, 0xae00, 0x0) (async)
close(r4)

58m54.898989079s ago: executing program 3 (id=178):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 64)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 64)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
r3 = eventfd2(0xfffffffa, 0x80001) (async, rerun: 64)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async, rerun: 64)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, <r6=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r6, 0x400454da, 0x1) (async)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000180)={0x80, 0xd5d77004, 0x4, r3}) (async)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616}) (async)
r7 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

58m49.569015344s ago: executing program 2 (id=179):
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r0 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r1 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000ec5000/0x2000)=nil, r2, 0x3000000, 0x4000010, r3, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000100)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x8, 0x4, &(0x7f0000000040)=0xe0a7})
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r7 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2c)
ioctl$KVM_IRQFD(r7, 0x4020ae76, 0xffffffffffffffff)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0)

58m47.988988085s ago: executing program 3 (id=180):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x145541, 0x0)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x100)
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2000000)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3b)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x8001}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x300)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bde000/0x400000)=nil)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x20e4586c})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_assert_reg(r3, 0x603000000013dce8, 0x8000)

58m37.317995736s ago: executing program 3 (id=181):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r3, 0xae03, 0x57)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x21)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r9, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r9, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x20)
r14 = syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
r15 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r15, 0x8, 0x13, r9, 0x0)
r16 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r16, 0x3, 0x11, r6, 0x0)
mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r16, 0x3, 0x11, r14, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0)

58m28.279622707s ago: executing program 2 (id=182):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x145541, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x29)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000c17000/0x3000)=nil, 0x930, 0x0, 0x10, 0xffffffffffffffff, 0x20)
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f0000000640)={0xf000, 0x1000, 0x1})
r6 = eventfd2(0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x302, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0x40087602, 0x1)
r10 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r11 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xeeef0000, 0x0, r11})
ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f0000000000)={0x3, 0xff0d77deeb9aad17, 0x0, r6, 0x4})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r12=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r12, 0x4018aee3, &(0x7f0000000140)=@attr_other={0x0, 0x8, 0x288, 0x0})
r13 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xdddd1000, 0x0, r13, 0x1})
close(r1)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)=[@hvc={0x32, 0x40, {0x80003fff, [0x8, 0x6, 0x4, 0x0, 0x40]}}, @memwrite={0x6e, 0x30, @generic={0x3000, 0xe6d, 0xffffffff, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x300, 0x6, 0x4}}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x31f}}, @uexit={0x0, 0x18, 0x5}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x1, 0x9, 0x2, 0x9, 0x2}}, @hvc={0x32, 0x40, {0x8400000e, [0x1000, 0x1, 0xb0, 0x401, 0x1ff]}}, @hvc={0x32, 0x40, {0x1000000, [0x0, 0x3, 0x10, 0x3, 0x5]}}, @svc={0x122, 0x40, {0x8, [0x7ff, 0x9, 0xfffffffffffff868, 0x0, 0x8]}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x3, 0xa, 0x4, 0x2, 0x2}}, @hvc={0x32, 0x40, {0x80007fff, [0x1, 0x2, 0x1, 0x4, 0x3]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff0, 0x1}}, @smc={0x1e, 0x40, {0xc4000011, [0x1, 0x1, 0x1, 0x3, 0x400000000001]}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x0, 0x1, 0x9, 0x40, 0x4}}, @hvc={0x32, 0x40, {0xc4000004, [0x9, 0x39, 0x0, 0x2, 0x7]}}, @uexit={0x0, 0x18, 0x5}, @uexit={0x0, 0x18, 0x6f}, @msr={0x14, 0x20, {0x603000000013e520, 0x2}}, @eret={0xe6, 0x18, 0x8000004}, @hvc={0x32, 0x40, {0xb685a7ef781a3eb1, [0x5, 0x1, 0x5, 0xb14c, 0x167800000000000]}}, @mrs={0xbe, 0x18, {0x603000000013e18c}}, @eret={0xe6, 0x18, 0x5}, @hvc={0x32, 0x40, {0x84000010, [0x9, 0x7, 0x3, 0x80000001, 0xc0]}}, @eret={0xe6, 0x18, 0xfffffffffffffffd}, @svc={0x122, 0x40, {0x6000000, [0x8, 0xfffffffffffffff9, 0x2, 0xc8b, 0x5]}}], 0x478}, &(0x7f0000000040)=[@featur2={0x1, 0x10}], 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x12)
r15 = syz_kvm_vgic_v3_setup(r14, 0x40000000000004, 0xc0)
ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x0, 0x9, &(0x7f0000000000)=0x7})

58m24.147438818s ago: executing program 3 (id=183):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0x6, 0x0, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000000)=0x8090000})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000000)={0x7, <r9=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r9, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x9, 0xfffffffffffffff9, 0x0})
ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r10=>0xffffffffffffffff})
r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x33)
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

58m12.068716546s ago: executing program 2 (id=184):
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0x80087601, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000180)={0x1, 0x104000, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000380)={0x3000})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2, 0x23ac5f9b426ec4b2, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0xdc032, 0xffffffffffffffff, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r3, 0x4010ae68, &(0x7f0000000140)={0x6000, 0x99000, 0x1})
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000540)=[{0x0, 0x0, 0x51c}], 0x1, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r6 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, &(0x7f0000000580)=[@its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x2, 0xa, 0x0, 0x3, 0x3}}, @irq_setup={0x46, 0x18, {0x4, 0x16c}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x2, 0xe, 0x6, 0x5}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x101}}, @eret={0xe6, 0x18, 0x80}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x4, 0x10, 0x9b, 0x3, 0x3}}, @mrs={0xbe, 0x18, {0x603000000013e2b0}}, @code={0xa, 0x84, {"0040611e0090807f20e082d20040b8f2610180d2820180d2e30080d2240180d2020000d420e695d20020b8f2a10080d2820080d2c30080d2a40180d2020000d4007008d5007008d5409a97d20060b0f2610180d2420080d2030180d2040180d2020000d4008008d5007008d50000000d"}}, @svc={0x122, 0x40, {0xc4000010, [0xfff, 0x4, 0x5, 0x1, 0x9]}}, @code={0xa, 0x3c, {"007008d50000401f0004000f000008d5000008d50014002f008008d5000008d500a0ff0d0000229e"}}, @mrs={0xbe, 0x18, {0xa05000000034158a}}, @eret={0xe6, 0x18, 0x100000001}, @uexit={0x0, 0x18, 0x5}, @mrs={0xbe, 0x18, {0x603000000013debf}}, @msr={0x14, 0x20, {0x603000000013defe, 0xb221}}, @code={0xa, 0xcc, {"408786d20080b8f2c10180d2620080d2230080d2440080d2020000d4202097d20060b0f2a10180d2420080d2c30180d2240180d2020000d4601a95d200a0b8f2210080d2620180d2230080d2040080d2020000d4a06c9fd20020b8f2010180d2e20180d2630080d2c40180d2020000d4804789d20060b0f2610080d2e20080d2a30080d2e40180d2020000d4008008d5e0ec86d200c0b8f2010080d2220080d2030080d2640080d2020000d4007008d50078284e007008d5"}}], 0x334}, &(0x7f00000000c0)=[@featur1={0x1, 0x5}], 0x1)
r8 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x80000b, 0x11, r8, 0x0)
syz_kvm_setup_cpu$arm64(r4, r8, &(0x7f0000009000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000100)={0x0, &(0x7f00000008c0)=[@irq_setup={0x46, 0x18, {0x4, 0x169}}, @uexit={0x0, 0x18, 0xff}, @svc={0x122, 0x40, {0xc400000d, [0x10, 0x5, 0x9, 0x800, 0x1]}}, @smc={0x1e, 0x40, {0x8400000c, [0xe76d, 0x100000001, 0x4, 0xf70, 0x8]}}, @irq_setup={0x46, 0x18, {0x4, 0x280}}, @irq_setup={0x46, 0x18, {0x2, 0x183}}, @uexit={0x0, 0x18, 0x401}, @code={0xa, 0x6c, {"00b0205e000008d500fc001b007008d500a0400d000028d500a282d200a0b0f2610080d2020180d2e30080d2440180d2020000d4400b8dd200c0b0f2810080d2020180d2e30180d2e40180d2020000d4007008d50098205e"}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x3, 0xf, 0x8, 0x8}}, @msr={0x14, 0x20, {0x603000000013df47}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x18a}}, @msr={0x14, 0x20, {0x603000000013e6cf, 0xffffffff}}, @mrs={0xbe, 0x18, {0x603000000013c6e5}}, @uexit={0x0, 0x18, 0x3f}, @code={0xa, 0x84, {"0084200e00a4200e000c803c007008d580bd84d20040b0f2810080d2220180d2230080d2640080d2020000d420b39cd20000b8f2410180d2020080d2430080d2040180d2020000d4000008d5000008d5000028d5201b94d20020b0f2210080d2820180d2c30080d2040080d2020000d4"}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x306}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x378}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x3fc}}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x297}}, @uexit={0x0, 0x18, 0x6}, @mrs={0xbe, 0x18, {0x40eabd72c4fca9ae}}], 0x378}, &(0x7f00000001c0)=[@featur2={0x1, 0x13}], 0x1)

57m36.887462697s ago: executing program 34 (id=183):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0x6, 0x0, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000000)=0x8090000})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000000)={0x7, <r9=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r9, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x9, 0xfffffffffffffff9, 0x0})
ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r10=>0xffffffffffffffff})
r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x33)
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

57m24.875492981s ago: executing program 35 (id=184):
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0x80087601, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000180)={0x1, 0x104000, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000380)={0x3000})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2, 0x23ac5f9b426ec4b2, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0xdc032, 0xffffffffffffffff, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r3, 0x4010ae68, &(0x7f0000000140)={0x6000, 0x99000, 0x1})
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000540)=[{0x0, 0x0, 0x51c}], 0x1, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r6 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, &(0x7f0000000580)=[@its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x2, 0xa, 0x0, 0x3, 0x3}}, @irq_setup={0x46, 0x18, {0x4, 0x16c}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x2, 0xe, 0x6, 0x5}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x101}}, @eret={0xe6, 0x18, 0x80}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x4, 0x10, 0x9b, 0x3, 0x3}}, @mrs={0xbe, 0x18, {0x603000000013e2b0}}, @code={0xa, 0x84, {"0040611e0090807f20e082d20040b8f2610180d2820180d2e30080d2240180d2020000d420e695d20020b8f2a10080d2820080d2c30080d2a40180d2020000d4007008d5007008d5409a97d20060b0f2610180d2420080d2030180d2040180d2020000d4008008d5007008d50000000d"}}, @svc={0x122, 0x40, {0xc4000010, [0xfff, 0x4, 0x5, 0x1, 0x9]}}, @code={0xa, 0x3c, {"007008d50000401f0004000f000008d5000008d50014002f008008d5000008d500a0ff0d0000229e"}}, @mrs={0xbe, 0x18, {0xa05000000034158a}}, @eret={0xe6, 0x18, 0x100000001}, @uexit={0x0, 0x18, 0x5}, @mrs={0xbe, 0x18, {0x603000000013debf}}, @msr={0x14, 0x20, {0x603000000013defe, 0xb221}}, @code={0xa, 0xcc, {"408786d20080b8f2c10180d2620080d2230080d2440080d2020000d4202097d20060b0f2a10180d2420080d2c30180d2240180d2020000d4601a95d200a0b8f2210080d2620180d2230080d2040080d2020000d4a06c9fd20020b8f2010180d2e20180d2630080d2c40180d2020000d4804789d20060b0f2610080d2e20080d2a30080d2e40180d2020000d4008008d5e0ec86d200c0b8f2010080d2220080d2030080d2640080d2020000d4007008d50078284e007008d5"}}], 0x334}, &(0x7f00000000c0)=[@featur1={0x1, 0x5}], 0x1)
r8 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x80000b, 0x11, r8, 0x0)
syz_kvm_setup_cpu$arm64(r4, r8, &(0x7f0000009000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000100)={0x0, &(0x7f00000008c0)=[@irq_setup={0x46, 0x18, {0x4, 0x169}}, @uexit={0x0, 0x18, 0xff}, @svc={0x122, 0x40, {0xc400000d, [0x10, 0x5, 0x9, 0x800, 0x1]}}, @smc={0x1e, 0x40, {0x8400000c, [0xe76d, 0x100000001, 0x4, 0xf70, 0x8]}}, @irq_setup={0x46, 0x18, {0x4, 0x280}}, @irq_setup={0x46, 0x18, {0x2, 0x183}}, @uexit={0x0, 0x18, 0x401}, @code={0xa, 0x6c, {"00b0205e000008d500fc001b007008d500a0400d000028d500a282d200a0b0f2610080d2020180d2e30080d2440180d2020000d4400b8dd200c0b0f2810080d2020180d2e30180d2e40180d2020000d4007008d50098205e"}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x3, 0xf, 0x8, 0x8}}, @msr={0x14, 0x20, {0x603000000013df47}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x18a}}, @msr={0x14, 0x20, {0x603000000013e6cf, 0xffffffff}}, @mrs={0xbe, 0x18, {0x603000000013c6e5}}, @uexit={0x0, 0x18, 0x3f}, @code={0xa, 0x84, {"0084200e00a4200e000c803c007008d580bd84d20040b0f2810080d2220180d2230080d2640080d2020000d420b39cd20000b8f2410180d2020080d2430080d2040180d2020000d4000008d5000008d5000028d5201b94d20020b0f2210080d2820180d2c30080d2040080d2020000d4"}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x306}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x378}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x3fc}}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x297}}, @uexit={0x0, 0x18, 0x6}, @mrs={0xbe, 0x18, {0x40eabd72c4fca9ae}}], 0x378}, &(0x7f00000001c0)=[@featur2={0x1, 0x13}], 0x1)

50m27.410305296s ago: executing program 5 (id=195):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4020ae46, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000010000000000000008000000000000ff"]) (async)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r1, 0x4010aeb5, &(0x7f0000000080)={0x2, 0x7})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0x5451, 0x0)
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000040)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x800})
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x66)

50m14.030538364s ago: executing program 5 (id=197):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x6e00, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3f) (async)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x3, 0xa0)
r4 = eventfd2(0x6, 0x800)
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000280)={r4, 0x9}) (async)
ioctl$KVM_IRQFD(r3, 0x4020ae76, 0x0) (async)
close(r3) (async)
syz_kvm_vgic_v3_setup(r1, 0x4, 0x200)

50m1.84832755s ago: executing program 5 (id=199):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x3000)=nil, r1, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000080)=[@its_setup={0x82, 0x28, {0x0, 0x2, 0x2a5}}, @eret={0xe6, 0x18, 0x9}, @msr={0x14, 0x20, {0x6030000000138067, 0x89}}, @code={0xa, 0x54, {"000028d5000000fd000028d5803092d200c0b8f2a10180d2420080d2430080d2840080d2020000d40000679e007008d5007008d50080206e000008d5007008d5"}}, @uexit={0x0, 0x18, 0x7}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x1b4}}, @svc={0x122, 0x40, {0x5000000, [0x401, 0x9, 0x0, 0xd20]}}, @code={0xa, 0x54, {"007008d50008a038000008d5000008d5001c004ea07682d20020b8f2210180d2420080d2c30080d2840180d2020000d40040bf0d007008d500b0005f0000c078"}}, @irq_setup={0x46, 0x18, {0x3, 0x1d1}}, @smc={0x1e, 0x40, {0x87000402, [0x7, 0x6, 0xffff, 0x3, 0x3]}}, @svc={0x122, 0x40, {0x32000000, [0x8, 0x80000000, 0x80000000, 0x7fffffffffffffff, 0x8]}}, @msr={0x14, 0x20, {0x603000000013801e, 0x10000}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x1a2}}, @svc={0x122, 0x40, {0x80, [0x7f, 0x6, 0x4, 0x5, 0x9199]}}, @msr={0x14, 0x20, {0x603000000013def3, 0x6}}, @mrs={0xbe, 0x18, {0x603000000013f289}}, @svc={0x122, 0x40, {0x80000002, [0x7f, 0x5, 0x9, 0xb, 0xff]}}, @hvc={0x32, 0x40, {0x31000000, [0xfffffffffffffffd, 0xa156, 0x40, 0x1000, 0x2]}}, @msr={0x14, 0x20, {0x603000000013c4c9, 0x9}}, @mrs={0xbe, 0x18, {0x6030000000138026}}, @svc={0x122, 0x40, {0x4, [0x5, 0xad, 0x800]}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x3d4}}], 0x400}, &(0x7f0000000480)=[@featur2={0x1, 0xb6}], 0x1)
mmap$KVM_VCPU(&(0x7f0000005000/0x1000)=nil, r1, 0x1000004, 0xdc032, r2, 0x0)

49m51.699970198s ago: executing program 5 (id=201):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x3, 0x1000, 0x0, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x2, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x80)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
syz_kvm_vgic_v3_setup(r8, 0x41, 0x100)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ff8000/0x4000)=nil, 0x0, 0x3000005, 0x41812, r11, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000140)={0x4, <r14=>0xffffffffffffffff, 0x1})
write$eventfd(r14, &(0x7f00000001c0)=0xa, 0x7bef)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000000c0)={0xffffffffffffffff, 0x3})

49m27.918268606s ago: executing program 5 (id=203):
r0 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f1, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce2, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce4, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}], 0x80}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x29)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
r10 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r9, 0x2, 0x11, r8, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
syz_kvm_assert_reg(r5, 0x603000000013dce8, 0x8000)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, 0xffffffffffffffff)

49m7.99596524s ago: executing program 5 (id=206):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000bfd000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r10, 0xc008ae67, 0xfffffffffffffffe) (async)
r11 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000bfd000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000b80)={0x0, &(0x7f00000009c0)=[@hvc={0x32, 0x40, {0xc4000004, [0x4, 0x1, 0x8000000000000000, 0x427f, 0x400003]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x22300, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x28)
r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f00004e3000/0x2000)=nil, 0x930, 0xa, 0x2013, r15, 0x40000) (async)
syz_kvm_setup_cpu$arm64(r5, r15, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="46000000070000000000fdffffff39255e16000000000000"], 0x18}], 0x1, 0x0, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010002a, &(0x7f0000000000)=0x2})

48m21.57749917s ago: executing program 36 (id=206):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000bfd000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r10, 0xc008ae67, 0xfffffffffffffffe) (async)
r11 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000bfd000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000b80)={0x0, &(0x7f00000009c0)=[@hvc={0x32, 0x40, {0xc4000004, [0x4, 0x1, 0x8000000000000000, 0x427f, 0x400003]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x22300, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x28)
r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f00004e3000/0x2000)=nil, 0x930, 0xa, 0x2013, r15, 0x40000) (async)
syz_kvm_setup_cpu$arm64(r5, r15, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="46000000070000000000fdffffff39255e16000000000000"], 0x18}], 0x1, 0x0, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010002a, &(0x7f0000000000)=0x2})

46m31.799352332s ago: executing program 4 (id=216):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x101800, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000700)={0x7, <r4=>0xffffffffffffffff})
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x0, 0x0})
ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000200)=@attr_other={0x0, 0x7, 0xc0, &(0x7f0000000280)=0x1})
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bfd000/0x400000)=nil)
r6 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil)
r7 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
r8 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x4a)
syz_kvm_assert_reg(r9, 0x603000000013df01, 0x8000)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000000)={0xb})
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)

46m16.808479912s ago: executing program 4 (id=217):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x25)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x0, 0x1, 0x100010, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x21)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
r7 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r6, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x49c802, 0x0)
syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0xfffffffffffffffc)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r9, 0x0)
syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000100)={0x7})
syz_kvm_assert_syzos_uexit$arm64(0x0, 0xffffffffffffffff)
ioctl$KVM_IRQ_LINE(r11, 0x4008ae61, 0x0)

46m3.481934381s ago: executing program 4 (id=218):
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0)
r0 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000040)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x4, 0x328}}, @code={0xa, 0x6c, {"007c009b40dc8bd20020b0f2210180d2a20080d2230180d2240080d2020000d40024007f000008d5000000b1007008d5604d91d20080b8f2010180d2620180d2030080d2040080d2020000d40064200e00b4207e000cc09a"}}], 0x84}, &(0x7f0000000080)=[@featur1={0x1, 0xb3}], 0x1)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f000000c000/0x2000)=nil, r2, 0x8, 0x810, r1, 0x0)

45m56.102761682s ago: executing program 4 (id=219):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
r4 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r3, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r3, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x125b02, 0x0) (async)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0xfffffffffffffffd)
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f00000008c0)={0x1000, 0x1000})
close(r6) (async)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x3b) (async)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_GET_REGS(r9, 0x8360ae81, 0x0)

45m45.350953612s ago: executing program 4 (id=220):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000040)={0x4, 0x100000, 0x1})
ioctl$KVM_CAP_ARM_MTE(r1, 0x4068aea3, &(0x7f0000000080))
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000140)=@arm64_sys={0x603000000013e102, &(0x7f0000000100)=0x1})
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000880)={0x0, &(0x7f0000000180)=[@code={0xa, 0xb4, {"00d0205e004296d200a0b0f2210080d2220080d2e30180d2840180d2020000d40000229e008008d5800d87d200a0b8f2010180d2220180d2030080d2c40180d2020000d420039cd20000b0f2e10180d2420180d2430180d2c40080d2020000d420809ad20060b0f2010180d2420180d2030080d2040180d2020000d4007008d50008607c80e583d20020b8f2e10080d2020080d2830180d2640080d2020000d4"}}, @irq_setup={0x46, 0x18, {0x4, 0x2c8}}, @code={0xa, 0x84, {"a0c98ed200a0b8f2a10180d2c20180d2430180d2e40080d2020000d4007008d5000040d300a0e00d000000ea80418bd200c0b8f2810180d2620180d2e30180d2e40180d2020000d400fc000f0024200e40858fd20040b8f2610080d2c20180d2430180d2240080d2020000d4007008d5"}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x237}}, @eret={0xe6, 0x18, 0x7ff}, @msr={0x14, 0x20, {0x603000000013c090, 0x9}}, @hvc={0x32, 0x40, {0xc400000c, [0x4, 0x401, 0x0, 0x6, 0x8]}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x0, 0x6, 0x5, 0x100}}, @hvc={0x32, 0x40, {0x84000009, [0xfffffffffffffffc, 0x9, 0x2, 0xfffffffffffffffc, 0x80]}}, @irq_setup={0x46, 0x18, {0x1, 0x24}}, @hvc={0x32, 0x40, {0x400, [0x9, 0xffffffffffffff7f, 0xffffffff, 0xfffffffffffffffc, 0x1]}}, @hvc={0x32, 0x40, {0xc4000011, [0xd, 0x2c, 0xfff, 0x9, 0xfffffffffffff7f8]}}, @smc={0x1e, 0x40, {0x2000, [0xfffffffffffffffa, 0xe9, 0xefe, 0x9, 0x4]}}, @uexit={0x0, 0x18, 0xb0d2}, @uexit={0x0, 0x18, 0x36}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x4, 0x0, 0x1, 0x3ed31ad6, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1200, 0x4, 0x4}}, @smc={0x1e, 0x40, {0x84000011, [0x3, 0x101, 0x4, 0xfc0000000000, 0xb]}}, @irq_setup={0x46, 0x18, {0x1, 0x24a}}, @irq_setup={0x46, 0x18, {0x2, 0xc2}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x3, 0x6, 0x6, 0x1000, 0x4}}, @eret={0xe6, 0x18, 0x3ff}, @irq_setup={0x46, 0x18, {0x3, 0x31a}}, @mrs={0xbe, 0x18, {0x603000000013df6e}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x0, 0x1, 0x2e5, 0x9, 0x4}}, @code={0xa, 0xcc, {"607d8fd20020b0f2a10080d2620080d2830180d2840180d2020000d420319ed200c0b8f2810080d2c20080d2a30180d2e40180d2020000d4007008d50000006d0000689e80d08ed20020b8f2010180d2a20180d2e30180d2a40080d2020000d4e0c690d200c0b8f2010080d2c20080d2830080d2040180d2020000d4407191d20080b0f2c10180d2c20080d2830180d2a40180d2020000d40088205e006d80d20080b0f2010080d2620080d2e30080d2840180d2020000d4"}}, @irq_setup={0x46, 0x18, {0x4, 0xb3}}, @code={0xa, 0x9c, {"00e991d20000b0f2410180d2c20180d2230080d2640180d2020000d4000028d5003680d20020b8f2c10180d2220080d2e30180d2240180d2020000d4007008d5000028d5000080da007008d5c0049fd20020b8f2210180d2e20180d2830080d2440180d2020000d4008008d5e0c391d20080b0f2a10080d2020180d2e30180d2040180d2020000d4"}}, @hvc={0x32, 0x40, {0xc4000007, [0xc5d0, 0x401, 0x401, 0x49e]}}, @hvc={0x32, 0x40, {0x84000001, [0x1, 0xfffffffffffffffc, 0x3, 0x9e8b, 0x7]}}, @uexit={0x0, 0x18, 0x4}, @uexit={0x0, 0x18, 0x4}], 0x6f0}, &(0x7f00000008c0)=[@featur1={0x1, 0x7}], 0x1)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000940)=@arm64_fw={0x6030000000140002, &(0x7f0000000900)=0xe26})
ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000980)={0x5, 0x16})
ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000dc0)={0x5, 0x340, 0x0, &(0x7f00000009c0)=[0x6, 0x5, 0x1, 0xd, 0x7, 0x9, 0x9, 0x10001, 0x401, 0xce3b, 0x9, 0x6, 0x9, 0x8000, 0x5, 0x9, 0xc21, 0x9, 0x46d0, 0x5, 0x8, 0xa956, 0x163b, 0x9, 0x5, 0x3, 0x5, 0x4, 0x480000000000, 0x622a77f2, 0x8, 0x3ff, 0x4, 0x3c1a, 0x7, 0x7fffffffffffffff, 0x10000, 0x5, 0x4, 0x7, 0x0, 0xffff, 0x8, 0x6, 0x3, 0x2, 0x1e3, 0x46a, 0x4, 0x5, 0x7445, 0x786, 0x0, 0x829, 0x9, 0x7, 0x1, 0x9, 0x3, 0x1a, 0x3, 0x2, 0x4, 0x4, 0x0, 0xd, 0x3, 0x9238, 0x3, 0x8, 0x3, 0x8, 0x10000, 0x1, 0x9, 0x4, 0x2, 0x8, 0x80000001, 0x6, 0x76ae9355, 0x5, 0x10, 0xce, 0x9, 0x40, 0xfffffffffffff801, 0x0, 0x249a, 0x76, 0x9, 0x639b430a, 0x3, 0xfffffffeffffffff, 0x5, 0x4, 0xf, 0x8, 0x0, 0x7, 0x8, 0x69c, 0x7df, 0xffffffffe3f66a85, 0x6, 0x100, 0x7ee, 0x8, 0x2, 0x3, 0x11d, 0x2, 0x7f, 0xfffffffffffffffb, 0x1ff, 0x8000, 0x5, 0x3, 0x0, 0x4, 0x38, 0x5, 0x5, 0x19, 0xfc00000000000000, 0x1, 0x3, 0x79e]})
ioctl$KVM_PRE_FAULT_MEMORY(r3, 0xc040aed5, &(0x7f0000000e00)={0x8000000, 0x19000})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000e40)={0x6000, 0x8000, 0x1})
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000000ec0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000e80)={0x9, 0x2a24}})
r4 = mmap$KVM_VCPU(&(0x7f0000ff9000/0x4000)=nil, 0x0, 0x8, 0x4010, r3, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000f00)="7a6cef20a8b5897c0691f9579e256bfa26c635704f28b21e75a6ca959ee849f4ab59b23368a6a0b47aad309f62f1bc6428e304cc77d7a01d0d217a9b945a2824e29211fbaa90f380", 0x0, 0x48)
ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000001380)={0x1fd, 0x380, 0x140, &(0x7f0000000f80)=[0x6, 0xffffffff, 0x7, 0x1, 0x0, 0x3, 0x1, 0x9, 0x4, 0x2, 0x3, 0x1, 0x6, 0x3, 0x200, 0x3, 0x5a, 0x7, 0xd, 0x8000000000000000, 0x8, 0x4, 0x100, 0x2, 0x6, 0x3b, 0xd, 0x3ff, 0x3, 0x0, 0x1ff, 0x80000000, 0x3, 0x1712, 0x4, 0x9, 0x8, 0x2, 0x6, 0x4, 0x4, 0x7, 0x10001, 0x800, 0x111, 0x1, 0x4, 0x2, 0x4, 0x0, 0x5, 0x9, 0x7c, 0x0, 0x6, 0x493b, 0x7fffffff, 0x4, 0x1, 0xa25, 0x7, 0x861, 0x2, 0x5, 0x1, 0xffffffffffffff35, 0x5, 0x3514, 0x5, 0x6, 0x0, 0x5, 0x9, 0x8e, 0x0, 0x100000001, 0x8, 0x2, 0x5, 0x5, 0x9, 0x5b, 0x1, 0x8, 0x5, 0x3ff, 0x2a71, 0x401, 0xffffffff80000000, 0x100000001, 0x7, 0x4, 0x3c5, 0x0, 0x2, 0x8, 0x7f, 0x100, 0x1, 0x1, 0x6, 0x4, 0x7, 0x5, 0xe0000000000000, 0x7, 0x3, 0x2, 0x7, 0x7, 0x503, 0xfffffffffffffff7, 0x3, 0x9, 0x10000, 0x2, 0x1, 0x59d, 0x50, 0xe, 0x8, 0x5, 0x25a, 0xa, 0x800, 0x8, 0x80000000, 0x10000]})
ioctl$KVM_INTERRUPT(r3, 0x4004ae86, &(0x7f00000013c0)=0x8)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000001400)="8b256c9f9677a197d91b3598f299468668189fe998b0bd04bba7513255c1c783a7c9011db3eb873234951d59de6a344f5d120bb0649fc48b4bdec0f895ae4f2bf0a849a291b8db1d", 0x0, 0x48)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r6 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece)
mmap$KVM_VCPU(&(0x7f0000c28000/0x1000)=nil, r5, 0x4, 0x20010, r6, 0x0)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f00000014c0)=@arm64_bitmap={0x6030000000160002, &(0x7f0000001480)=0x3})
openat$kvm(0xffffffffffffff9c, &(0x7f0000001500), 0x8881, 0x0)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r6, 0x4010aeb5, &(0x7f0000001540)={0xce, 0x5})
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r6, 0x4068aea3, &(0x7f0000001580))
ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, &(0x7f0000001600)={0x7, [0x1, 0x4, 0x8, 0xff, 0x5, 0xf, 0x7]})
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x8040ae9f, &(0x7f0000001640)=@arm64)
ioctl$KVM_DIRTY_TLB(r3, 0x4010aeaa, &(0x7f0000001680)={0x8, 0x401})

45m35.152824709s ago: executing program 4 (id=221):
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x2132, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = eventfd2(0x3, 0x800)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000080)={0x1ff, 0x1000, 0x2, r5, 0x1})
r6 = eventfd2(0x0, 0x80000)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x2, r6, 0x3})
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000140)={0x203, 0x0, 0x2, r6, 0xf})
r7 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000240)="04198bd844c9e8a7b82d748f0f0244293d28bd9400bfc2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c3ad3c9952305abf0", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x2012, r10, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)

44m46.909199557s ago: executing program 37 (id=221):
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x2132, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = eventfd2(0x3, 0x800)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000080)={0x1ff, 0x1000, 0x2, r5, 0x1})
r6 = eventfd2(0x0, 0x80000)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x2, r6, 0x3})
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000140)={0x203, 0x0, 0x2, r6, 0xf})
r7 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000240)="04198bd844c9e8a7b82d748f0f0244293d28bd9400bfc2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c3ad3c9952305abf0", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x2012, r10, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)

40m27.425540184s ago: executing program 6 (id=208):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x39d}}], 0x28}, 0x0, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bff000/0x400000)=nil)
r4 = syz_kvm_vgic_v3_setup(r1, 0xffffffffffbffffc, 0x120) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000240)=@attr_arm64={0x0, 0x7, 0x0, &(0x7f0000000140)=0xd})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x27)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x2, 0x3, 0x1, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013f510}}], 0x40}, 0x0, 0x0)
r10 = syz_kvm_vgic_v3_setup(r7, 0x40000000000004, 0xc0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x5, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0xb})
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x3, 0x4, &(0x7f0000000040)=0x8}) (async)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0x80111500, 0x20000000) (async)
close(r1) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_HAS_DEVICE_ATTR(r10, 0x4018aee3, &(0x7f00000002c0)=@attr_arm64={0x0, 0x8, 0x3, &(0x7f0000000280)=0x5})
ioctl$KVM_CREATE_VM(r13, 0x541b, 0x2000001c)

40m11.435838462s ago: executing program 6 (id=223):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x7, <r4=>0xffffffffffffffff})
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010003c, &(0x7f0000000140)=0x7})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0})
r9 = eventfd2(0x8801, 0x800)
r10 = eventfd2(0x3ff, 0x0)
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000080)={r9, 0x5, 0x2, r10})
close(r9)
r11 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r11, 0x4, 0x1e0)
ioctl$KVM_IRQFD(r11, 0x4020ae76, &(0x7f00000000c0)={r10, 0x401, 0x1})
close(r11)
openat$kvm(0x0, &(0x7f0000000000), 0x72483, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ce0000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x1000000)
ioctl$KVM_CHECK_EXTENSION(r10, 0xae03, 0x9)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000ad1000/0x400000)=nil)

39m23.278071247s ago: executing program 38 (id=223):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x7, <r4=>0xffffffffffffffff})
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010003c, &(0x7f0000000140)=0x7})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0})
r9 = eventfd2(0x8801, 0x800)
r10 = eventfd2(0x3ff, 0x0)
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000080)={r9, 0x5, 0x2, r10})
close(r9)
r11 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r11, 0x4, 0x1e0)
ioctl$KVM_IRQFD(r11, 0x4020ae76, &(0x7f00000000c0)={r10, 0x401, 0x1})
close(r11)
openat$kvm(0x0, &(0x7f0000000000), 0x72483, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ce0000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x1000000)
ioctl$KVM_CHECK_EXTENSION(r10, 0xae03, 0x9)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000ad1000/0x400000)=nil)

37m7.07881031s ago: executing program 7 (id=222):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x3}}], 0x68}, 0x0, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, 0x0, 0x141000, 0x0) (async)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001}) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x40305828, &(0x7f0000000240)=@attr_other={0x0, 0x8, 0x80000000, &(0x7f00000001c0)=0x40})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r13, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) (async)
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve={0x6080000000150377, 0x0}) (async)
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000400)=@arm64_sys={0x603000000013c000, &(0x7f00000003c0)=0x3a5}) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r14=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r15, 0xae03, 0x58)
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x4, 0x0, 0x0}) (async)
r16 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r16, 0x3, 0x11, r3, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)

36m19.238044705s ago: executing program 39 (id=222):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x3}}], 0x68}, 0x0, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, 0x0, 0x141000, 0x0) (async)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001}) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x40305828, &(0x7f0000000240)=@attr_other={0x0, 0x8, 0x80000000, &(0x7f00000001c0)=0x40})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r13, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) (async)
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve={0x6080000000150377, 0x0}) (async)
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000400)=@arm64_sys={0x603000000013c000, &(0x7f00000003c0)=0x3a5}) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r14=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r15, 0xae03, 0x58)
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x4, 0x0, 0x0}) (async)
r16 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r16, 0x3, 0x11, r3, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)

25m1.150287861s ago: executing program 9 (id=246):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8})
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x43ff})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_init)
ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4000ae84, &(0x7f00000002c0)={{0x5000, 0x4, 0xa, 0x0, 0x4, 0x8, 0x80, 0x5, 0xf8, 0x80, 0x90, 0x4}, {0x80a0000, 0xeeef0000, 0x7fc60ce9969c2bbd, 0x81, 0x3, 0x2, 0xd3, 0x7, 0xff, 0x4, 0x7, 0x40}, {0x4, 0x8080000, 0xa, 0xff, 0x9, 0x3b, 0x6, 0xaa, 0x9, 0x9, 0x3, 0x6}, {0x4, 0xeeef0000, 0xd, 0x2, 0x8, 0x2, 0x7, 0x0, 0x6, 0xff, 0x81, 0x93}, {0x1000, 0x8080000, 0x10, 0x7, 0x7, 0x0, 0x6, 0x1, 0x4, 0x40, 0x2, 0x4}, {0x2, 0x0, 0x10, 0x6, 0x3, 0x5, 0x4, 0x2, 0x81, 0x3, 0x8, 0x4}, {0x5000, 0x8000000, 0xa, 0x9, 0xba, 0x7, 0x1, 0x15, 0x9, 0x2b, 0x1, 0x5a}, {0x4000, 0x2000, 0xd, 0xc8, 0xf, 0x1, 0xd9, 0x7, 0x8, 0x2, 0x3, 0x7}, {0x80a0000, 0xfffc}, {0xdddd0000, 0xdac6}, 0xe0000018, 0x0, 0xeeee0002, 0x20601, 0x3, 0x100, 0x1000, [0xffffffff, 0x5, 0x8, 0xff]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
close(0x4)
close(0x5)

25m0.24880158s ago: executing program 8 (id=247):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_setup_cpu$arm64(r1, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000c40)=ANY=[], 0x318}], 0x1, 0x0, &(0x7f0000000080)=[@featur2={0x1, 0x2}], 0x1) (async, rerun: 64)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async, rerun: 64)
ioctl$KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, &(0x7f00000000c0)=@attr_arm64={0x0, 0x4, 0x0, &(0x7f0000000040)=0x30}) (async, rerun: 32)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) (rerun: 32)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) (async)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) (async)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async, rerun: 64)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 64)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000180)=[@hvc={0x32, 0x40, {0x84000007, [0x60e, 0xfffffffffffffffb, 0x4, 0x8, 0x1]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x1, 0x1, 0x0, 0x8001, 0x3}}], 0x68}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000ab8000/0x400000)=nil)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async, rerun: 64)
ioctl$KVM_IRQ_LINE_STATUS(r5, 0xc008ae67, &(0x7f0000000040)={0x10001, 0x10001}) (rerun: 64)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) (async, rerun: 64)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0) (rerun: 64)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)

24m41.82789277s ago: executing program 9 (id=248):
openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0), 0x80000000}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x3, 0xa0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r11, 0x4010ae68, &(0x7f0000000080)={0xeeef0000, 0x5000, 0x1})
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2)
ioctl$KVM_GET_ONE_REG(r12, 0x4010aeab, &(0x7f00000001c0)=@arm64_ccsidr={0x602000000011000b, &(0x7f00000000c0)=0x7})
r13 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x39)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
r17 = syz_kvm_setup_syzos_vm$arm64(r16, &(0x7f0000c00000/0x400000)=nil)
r18 = syz_kvm_add_vcpu$arm64(r17, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r18, 0x4010aeac, &(0x7f0000000140)=@arm64_bitmap={0x6070000000160002, 0x0})
mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x2012, r14, 0x40000)

24m40.343216656s ago: executing program 8 (id=249):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013df62, 0xc00000}}], 0x20}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000000)={0x5, 0x0, [{0x100, 0x1, 0x1, 0x0, @msi={0x0, 0x401, 0x4, 0x200}}, {0x3, 0x5, 0x0, 0x0, @irqchip={0x1, 0x5}}, {0xfff, 0x2, 0x0, 0x0, @adapter={0x80000000, 0x10, 0x2, 0x10001}}, {0x2, 0x3, 0x1, 0x0, @adapter={0x575a, 0x5, 0x7, 0x450b58a5, 0x1}}, {0xfff, 0x3, 0x1, 0x0, @adapter={0x800, 0x6, 0x9, 0x6, 0x3}}]}) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

24m23.721513317s ago: executing program 8 (id=250):
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x20100, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000040)={0x10101, 0x10001})
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)

24m14.24009982s ago: executing program 9 (id=251):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0x40086602, 0x110e22ffff) (async, rerun: 64)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0) (async, rerun: 64)
r3 = eventfd2(0xfffffffa, 0x80001)
write$eventfd(r3, &(0x7f0000000200)=0x8, 0x8)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="37d3116035d7513e9a000200018000", 0x0, 0x43)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0x40086602, 0x110e227ffe) (async)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async, rerun: 32)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (rerun: 32)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) (async)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x40) (async)
ioctl$KVM_CHECK_EXTENSION_VM(r4, 0xae03, 0x8) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x28)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x13}], 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r8, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000240)=[@code={0xa, 0xcc, {"e0ef9ad200c0b8f2410080d2e20080d2430080d2e40180d2020000d4e0be9cd20040b0f2210080d2620080d2630180d2840180d2020000d40000681e0000000b0000399e003c202ea04c8ad200e0b0f2610180d2c20180d2a30080d2640180d2020000d4c0ed81d20000b8f2810180d2820180d2a30180d2640080d2020000d4a0a189d20060b0f2410180d2820180d2230080d2240180d2020000d4804e82d20020b0f2810180d2020180d2830180d2a40080d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x0, 0x0, 0x9, 0xd}}, @hvc={0x32, 0x40, {0x6000000, [0x100004, 0x78f7, 0x8, 0x3, 0x9]}}, @smc={0x1e, 0x40, {0x84000009, [0x5, 0x10, 0xd7f, 0x1000, 0x5]}}, @irq_setup={0x46, 0x18, {0x0, 0x5a}}, @mrs={0xbe, 0x18, {0x6030000000139828}}, @msr={0x14, 0x20, {0x603000000013c085, 0x100000001}}, @uexit={0x0, 0x18, 0x3f0}, @hvc={0x32, 0x40, {0x8400000b, [0x4, 0x8, 0x6, 0x6, 0xdd]}}, @mrs={0xbe, 0x18, {0x77fe}}], 0x234}], 0x1, 0x0, 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async, rerun: 64)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (rerun: 64)

24m4.278569629s ago: executing program 8 (id=252):
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2000000000000e)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
r3 = ioctl$KVM_CREATE_VM(r2, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0x40305839, 0xfffffffffffffffc)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x28)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r7, 0x4010aeb5, &(0x7f0000000100)={0x7, 0x779e})
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000bfe000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000100)={0x7, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000200)=0x8000000})
mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r5, 0x1000004, 0x10, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x19)
syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)

23m56.50842088s ago: executing program 9 (id=253):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100030, &(0x7f0000000000)=0x3ff})
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)

23m39.429855753s ago: executing program 8 (id=254):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xc0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x145541, 0x0)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x100)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3b)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_HAS_DEVICE_ATTR_vm(0xffffffffffffffff, 0x4018aee3, &(0x7f0000000080)=@attr_other={0x0, 0x6, 0x7ff, &(0x7f00000001c0)=0x4})
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@irq_setup={0x46, 0x18, {0x3, 0x323}}, @irq_setup={0x46, 0x18, {0x1, 0x32}}, @irq_setup={0x46, 0x18, {0x3, 0x22c}}, @uexit={0x0, 0x18, 0x2}, @code={0xa, 0x6c, {"0000206a0000204b00c0221e001c202e008008d5000028d50008207840db9ad20060b8f2e10180d2420180d2c30180d2640080d2020000d4c05981d200a0b0f2210080d2c20180d2a30080d2a40080d2020000d40000691e"}}, @eret={0xe6, 0x18, 0x80000000}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x48, 0x3, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013dce1}}, @eret={0xe6, 0x18, 0x5}, @eret={0xe6, 0x18, 0x9}, @code={0xa, 0x54, {"000c205e0050000e00c4200e806c9ed20000b0f2c10180d2620080d2230080d2040080d2020000d4000080130004002f007008d50000591e00084078008008d5"}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x3, 0xb, 0x401, 0x10001}}, @uexit={0x0, 0x18, 0x2}, @smc={0x1e, 0x40, {0xc5000020, [0x7ff, 0x5, 0x5, 0xd, 0x2]}}, @hvc={0x32, 0x40, {0x84000001, [0x8000000000000000, 0x9, 0x6, 0x9, 0x800]}}, @msr={0x14, 0x20, {0x603000000013e6d7, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013e6d3}}, @mrs={0xbe, 0x18, {0x603000000013c2a0}}, @hvc={0x32, 0x40, {0x5000000, [0x9, 0x9, 0xfffffffffffffff8, 0x7, 0x1d]}}, @uexit={0x0, 0x18}, @hvc={0x32, 0x40, {0x4d022840735a5cc, [0x1, 0x5, 0x100000000, 0xa96a, 0x3]}}, @msr={0x14, 0x20, {0x603000000013e662, 0x1}}, @irq_setup={0x46, 0x18, {0x3, 0x14c}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe8}}, @msr={0x14, 0x20, {0xc84db9a1435ee37c, 0x400000009}}, @uexit={0x0, 0x18, 0x4}, @memwrite={0x6e, 0x30, @generic={0x5000, 0x1bd, 0x31975783}}, @mrs={0xbe, 0x18, {0x603000000013e536}}], 0x440}, &(0x7f0000000300)=[@featur2={0x1, 0xdd}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_assert_reg(r4, 0x603000000013dce8, 0x8000)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r9, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9, 0x7, 0x3}})
r10 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r11 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r10, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000000)=@arm64_sys={0x603000000013c038, 0x0})

23m38.278161068s ago: executing program 9 (id=255):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000100)=@arm64_fw={0x6030000000140003, &(0x7f0000000000)=0x100})
r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x3}}], 0x68}, 0x0, 0x0)
r8 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x6, 0x4, 0x0})

23m12.704411576s ago: executing program 9 (id=256):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000080)=@arm64_core={0x6030000000100042, &(0x7f0000000100)=0xc5c8}) (async, rerun: 32)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (rerun: 32)
r12 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000000)={0x0, &(0x7f00000002c0)=[@code={0xa, 0x54, {"80b390d20040b8f2810080d2020180d2230080d2a40080d2020000d40000431e0000791e0000c00c007008d50000021e0000029e007008d50024c09a007008d5"}}, @irq_setup={0x46, 0x18, {0x0, 0x177}}, @msr={0x14, 0x20, {0x603000000013f8cd, 0xffffffffffffffff}}, @uexit={0x0, 0x18, 0x6}, @smc={0x1e, 0x40, {0x3f000000, [0x100000001, 0x2a, 0x101, 0x6, 0x5]}}, @eret={0xe6, 0x18, 0x2}, @eret={0xe6, 0x18, 0x8}, @svc={0x122, 0x40, {0xc400000e, [0x9, 0x1, 0x401, 0xbd, 0xffff]}}, @hvc={0x32, 0x40, {0x84000014, [0x100, 0x60, 0x1, 0x7, 0x3c]}}, @hvc={0x32, 0x40, {0x10, [0x10001, 0xd, 0xff, 0x4, 0x1]}}, @mrs={0xbe, 0x18, {0x603000000013de91}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x13}}, @irq_setup={0x46, 0x18, {0x2, 0x1d7}}], 0x22c}, &(0x7f0000000180)=[@featur2={0x1, 0x2}], 0x1)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r14, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r14, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
ioctl$KVM_CREATE_DEVICE(r14, 0xc018aec0, &(0x7f00000000c0)={0x1}) (async, rerun: 32)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) (async, rerun: 32)
ioctl$KVM_CREATE_DEVICE(r5, 0xc018aec0, &(0x7f00000000c0)={0x1}) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="04198bd844c9e8a7b82d748f0f0244293d28bd9400bfc2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c3ad3c9952305abf0", 0x0, 0x48) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
ioctl$KVM_GET_REGS(r12, 0x8360ae81, &(0x7f0000000500)) (async)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)

23m10.5279609s ago: executing program 8 (id=257):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r4, 0x4068aea3, &(0x7f0000000140)={0xe4, 0x0, 0xa9ca})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x2})
r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000140003, &(0x7f0000000000)=0x7})
r7 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x3e)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000f72000/0x1000)=nil, 0x930, 0x0, 0xe832, 0xffffffffffffffff, 0x0)
eventfd2(0x59, 0x1)
r10 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x0, 0x11, r9, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000001c0)="04198bd844c9e8a7b82d748f0f0244293d28bd9400bfc2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c3ad3c9952305abf0", 0x0, 0xffffffffffffff83)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0)

22m24.269410598s ago: executing program 40 (id=256):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000080)=@arm64_core={0x6030000000100042, &(0x7f0000000100)=0xc5c8}) (async, rerun: 32)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (rerun: 32)
r12 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000000)={0x0, &(0x7f00000002c0)=[@code={0xa, 0x54, {"80b390d20040b8f2810080d2020180d2230080d2a40080d2020000d40000431e0000791e0000c00c007008d50000021e0000029e007008d50024c09a007008d5"}}, @irq_setup={0x46, 0x18, {0x0, 0x177}}, @msr={0x14, 0x20, {0x603000000013f8cd, 0xffffffffffffffff}}, @uexit={0x0, 0x18, 0x6}, @smc={0x1e, 0x40, {0x3f000000, [0x100000001, 0x2a, 0x101, 0x6, 0x5]}}, @eret={0xe6, 0x18, 0x2}, @eret={0xe6, 0x18, 0x8}, @svc={0x122, 0x40, {0xc400000e, [0x9, 0x1, 0x401, 0xbd, 0xffff]}}, @hvc={0x32, 0x40, {0x84000014, [0x100, 0x60, 0x1, 0x7, 0x3c]}}, @hvc={0x32, 0x40, {0x10, [0x10001, 0xd, 0xff, 0x4, 0x1]}}, @mrs={0xbe, 0x18, {0x603000000013de91}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x13}}, @irq_setup={0x46, 0x18, {0x2, 0x1d7}}], 0x22c}, &(0x7f0000000180)=[@featur2={0x1, 0x2}], 0x1)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r14, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r14, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
ioctl$KVM_CREATE_DEVICE(r14, 0xc018aec0, &(0x7f00000000c0)={0x1}) (async, rerun: 32)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) (async, rerun: 32)
ioctl$KVM_CREATE_DEVICE(r5, 0xc018aec0, &(0x7f00000000c0)={0x1}) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="04198bd844c9e8a7b82d748f0f0244293d28bd9400bfc2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c3ad3c9952305abf0", 0x0, 0x48) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
ioctl$KVM_GET_REGS(r12, 0x8360ae81, &(0x7f0000000500)) (async)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)

22m17.341786629s ago: executing program 41 (id=257):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r4, 0x4068aea3, &(0x7f0000000140)={0xe4, 0x0, 0xa9ca})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x2})
r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000140003, &(0x7f0000000000)=0x7})
r7 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x3e)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000f72000/0x1000)=nil, 0x930, 0x0, 0xe832, 0xffffffffffffffff, 0x0)
eventfd2(0x59, 0x1)
r10 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x0, 0x11, r9, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000001c0)="04198bd844c9e8a7b82d748f0f0244293d28bd9400bfc2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c3ad3c9952305abf0", 0x0, 0xffffffffffffff83)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0)

3m7.288256404s ago: executing program 0 (id=316):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8})
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x43ff})
r3 = openat$kvm(0x0, &(0x7f0000000240), 0x80402, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2c)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000040)=@arm64_sys={0x603000000013c021, &(0x7f0000000140)=0x9})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_init)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r10, 0x4018aee2, &(0x7f0000000140)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x7})
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x2, 0x9, 0x0, 0x80}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r13, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000180)={0x8, <r16=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r15, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
close(0x4)
close(0x5)

2m44.708379468s ago: executing program 1 (id=318):
openat$kvm(0x0, &(0x7f0000000040), 0x140, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27)
r2 = syz_kvm_vgic_v3_setup(r1, 0x400002, 0x340)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x29)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f00000001c0)={0x4, <r6=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r6, 0x400454d1, 0x110c230000)
r7 = openat$kvm(0x0, 0x0, 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
r10 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r11 = openat$kvm(0x0, 0x0, 0x88482, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, r12, 0x2000003, 0x11, 0xffffffffffffffff, 0x0)
r13 = openat$kvm(0x0, 0x0, 0x41, 0x0)
ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x0, 0x9, &(0x7f0000000000)=0x7})
r14 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x3c)
r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000280)=@arm64_core={0x6030000000100008, &(0x7f0000000240)=0x82})
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x400000, 0x0)
ioctl$KVM_CREATE_VM(r3, 0x80111500, 0x15)
eventfd2(0xc24c, 0x80800)
openat$kvm(0x0, &(0x7f0000000200), 0x5cd180, 0x0)

2m37.269925297s ago: executing program 0 (id=319):
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x66c0c0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x14)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, 0xffffffffffffffff)
r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000040), 0xfffffffffffffed9}, 0x0, 0x1d)
syz_kvm_vgic_v3_setup(r1, 0x2, 0x100)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r8 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r7, 0x3, 0x11, r3, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x29)
r11 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r11, 0x4b47, 0xfffffffffffffffe)
r12 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1)
r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
r14 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r13, 0x2, 0x12, r12, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f00000002c0)="fb016bddfb405ee52cc6a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb2070000000000000000000000c20cecfa0a97ab7800", 0x0, 0x48)
r15 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r15, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
mmap$KVM_VCPU(&(0x7f0000ff9000/0x4000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
r16 = mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r7, 0x3, 0x11, r6, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r16, 0xffffffffffffffff)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1})
mmap$KVM_VCPU(&(0x7f0000cd1000/0x1000)=nil, r7, 0x1000000, 0x10, r3, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r8, 0xfffffffffffffffe)

2m23.962854829s ago: executing program 1 (id=320):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0x10000, 0x1000, &(0x7f0000c04000/0x1000)=nil})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r4, r5, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c024, &(0x7f00000000c0)})
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f00005b7000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f00000001c0)={0x8, <r12=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r12, 0x4018aee2, &(0x7f00000000c0)=@attr_other={0x0, 0x8, 0xa, 0x0})
r13 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x28)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r13, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000})
ioctl$KVM_CLEAR_DIRTY_LOG(r13, 0xc018aec0, &(0x7f00000001c0)={0x1fe, 0x80, 0x280, 0x0})
syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6e0000000000000030000000000000000000dddd0080"], 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000080)=[@featur1={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r14, 0xae80, 0x0)

2m13.915910233s ago: executing program 0 (id=321):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x37)
ioctl$KVM_CAP_ARM_USER_IRQ(r0, 0x4068aea3, &(0x7f0000000000))
ioctl$KVM_SET_DEVICE_ATTR_vm(r0, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000080)={0x7, 0x758}})
r1 = ioctl$KVM_GET_STATS_FD_vm(r0, 0xaece)
ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000100)={r1, 0x2, 0x1})
r2 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r2, 0x4010ae74, &(0x7f0000000140)={0x9, 0x3ff, 0xe})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0xdf4b3fd67ec819a6, 0x0)
close(r0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CAP_PTP_KVM(r0, 0x4068aea3, &(0x7f00000001c0))
r4 = ioctl$KVM_GET_STATS_FD_cpu(r1, 0xaece)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x34)
close(r1)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000280)=@attr_other={0x0, 0x4, 0x9, &(0x7f0000000240)=0x1})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfe000/0x400000)=nil)
ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000300)=@arm64_fp={0x604000000010006d, &(0x7f00000002c0)=0x4})
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000000340)={0x0, 0x6})
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
ioctl$KVM_CAP_ARM_MTE(r1, 0x4068aea3, &(0x7f0000000380))
ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f0000000400)={0x10201, 0x0, &(0x7f0000c3c000/0x1000)=nil})
syz_kvm_vgic_v3_setup(r0, 0x2, 0x80)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000480)=@arm64_sys={0x603000000013805d, &(0x7f0000000440)=0x100})
r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1b)
ioctl$KVM_IRQ_LINE(r7, 0x4008ae61, &(0x7f00000004c0)={0x0, 0xe2})
ioctl$KVM_GET_MP_STATE(r2, 0x8004ae98, &(0x7f0000000500))
r8 = mmap$KVM_VCPU(&(0x7f0000e69000/0x3000)=nil, r6, 0x8, 0x20010, r1, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(r8, 0x20, &(0x7f0000000540)="72910876182056343ac59f6eb944431f8a08800895da974f", 0x0, 0x18)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r3, &(0x7f0000bff000/0x400000)=nil, &(0x7f00000008c0)=[{0x0, &(0x7f0000000580)=[@msr={0x14, 0x20, {0x603000000013e721, 0xffffffffffffffff}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x3, 0x10, 0xfdb, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013e640}}, @irq_setup={0x46, 0x18, {0x3, 0x36}}, @msr={0x14, 0x20, {0x603000000013def1, 0x9}}, @hvc={0x32, 0x40, {0x3000000, [0x9, 0x8, 0x4, 0x2, 0x1ff]}}, @code={0xa, 0xb4, {"0014c05aa0b38dd20000b0f2210180d2220080d2c30180d2a40180d2020000d480f394d200c0b8f2e10180d2e20080d2030180d2e40080d2020000d4c0b98cd200a0b0f2410180d2e20080d2230080d2240080d2020000d400c0e21e007008d5007008d5a07499d20040b8f2810180d2c20080d2830180d2e40080d2020000d4000997d200c0b8f2a10080d2020080d2830080d2c40080d2020000d4007008d5"}}, @eret={0xe6, 0x18, 0x8}, @eret={0xe6, 0x18, 0x800}, @uexit={0x0, 0x18, 0x4}, @msr={0x14, 0x20, {0x603000000013f667}}, @uexit={0x0, 0x18, 0x7fffffff}, @hvc={0x32, 0x40, {0x80003fff, [0xffff, 0x0, 0x3, 0x6aa]}}, @eret={0xe6, 0x18, 0x6d0d}, @svc={0x122, 0x40, {0x80007fff, [0x1000, 0x184, 0x400, 0x3, 0x7]}}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x2}}, @eret={0xe6, 0x18, 0xd99}, @mrs={0xbe, 0x18, {0x603000000013e6d8}}, @its_send_cmd={0xaa, 0x28, {0x90a7ec797db8d4de, 0x0, 0x3, 0xd, 0x7fffffff, 0x4711, 0x4}}], 0x324}], 0x1, 0x0, &(0x7f0000000900)=[@featur2={0x1, 0xa}], 0x1)

1m58.710854298s ago: executing program 0 (id=322):
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x28)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000000)={0x1fd, 0x1, 0x10000, 0x1000, &(0x7f0000ffc000/0x1000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000000)={0x1fd, 0x1, 0x10000, 0x1000, &(0x7f0000ffc000/0x1000)=nil})
ioctl$KVM_HAS_DEVICE_ATTR(r0, 0x4018aee3, &(0x7f0000000080)=@attr_arm64={0x0, 0x1, 0x1, &(0x7f0000000040)=0x5})
r1 = eventfd2(0x0, 0x400)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f00000000c0)={0x5, 0xf000, 0x1, r1, 0x4})
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) (async)
r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x8040ae9f, &(0x7f0000000100)) (async)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x8040ae9f, &(0x7f0000000100))
r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000180)={0x0, &(0x7f0000000140)=[@its_setup={0x82, 0x28, {0x4, 0x3, 0x2b3}}], 0x28}, &(0x7f00000001c0), 0x1)
syz_kvm_setup_cpu$arm64(r0, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000440)=[{0x0, &(0x7f0000000200)=[@code={0xa, 0x9c, {"0044202e00e4202e006583d200a0b0f2010180d2220080d2a30080d2c40180d2020000d40000803d000c007c1f4000d520ce95d20020b8f2c10080d2820180d2430080d2240180d2020000d400c183d20000b8f2010180d2c20080d2430180d2440180d2020000d400198dd200c0b0f2610180d2620180d2430180d2640080d2020000d4000c8038"}}, @msr={0x14, 0x20, {0x603000000013c4d3, 0x1}}, @its_setup={0x82, 0x28, {0x2, 0x100000000, 0xf2}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x1ec}}, @mrs={0xbe, 0x18, {0x603000000013def5}}, @uexit={0x0, 0x18, 0xfffffffffffffff2}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x4, 0x5, 0x5, 0x7, 0x2}}, @msr={0x14, 0x20, {0x603000000013c011, 0x9}}, @code={0xa, 0x84, {"00000012000008d5000008d520e893d200a0b0f2a10180d2620080d2830180d2c40080d2020000d400a8312e008008d50000c028205a9cd20060b8f2210180d2620180d2230180d2e40180d2020000d4000028d5e0f195d20000b0f2a10080d2420080d2830080d2e40080d2020000d4"}}], 0x208}], 0x1, 0x0, &(0x7f0000000480)=[@featur2={0x1, 0x86}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f0000000500)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f00000004c0)=0x5c7})
mmap$KVM_VCPU(&(0x7f0000dc8000/0x1000)=nil, 0x0, 0x0, 0x12, r2, 0x0) (async)
r4 = mmap$KVM_VCPU(&(0x7f0000dc8000/0x1000)=nil, 0x0, 0x0, 0x12, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000540)="03234a77aaa864a543b8d6ad7037d864367cf1f6dcf55d6b0bdeb213cf364d4a0474c327821c64249228d5cc1586702c035c67a0ce73a71d617f489bbc9aef69c1af1f71a2930cb6", 0x0, 0x48)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000005c0)="56f9c8acf90f1d77edb344bd78a41d1ca7ad7dbf560962681f0736a085aa010f379ab1da52c080d92ea2d6e20501c819deea383178e4e430af8c8359093840103837951ec31cc682", 0x0, 0x48) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000005c0)="56f9c8acf90f1d77edb344bd78a41d1ca7ad7dbf560962681f0736a085aa010f379ab1da52c080d92ea2d6e20501c819deea383178e4e430af8c8359093840103837951ec31cc682", 0x0, 0x48)
ioctl$KVM_CAP_ARM_MTE(r0, 0x4068aea3, &(0x7f0000000640))
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) (async)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x28) (async)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x28)
r6 = ioctl$KVM_GET_STATS_FD_vm(r5, 0xaece)
r7 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000a40)={0x0, &(0x7f00000006c0)=[@uexit={0x0, 0x18, 0x5}, @uexit={0x0, 0x18, 0xe}, @irq_setup={0x46, 0x18, {0x1, 0x333}}, @irq_setup={0x46, 0x18, {0x4, 0xbb}}, @eret={0xe6, 0x18}, @code={0xa, 0x84, {"20578cd200c0b0f2e10180d2220180d2630080d2640080d2020000d400f4a00e0098202e00000037008c006f0010200ea0aa99d20060b0f2210180d2220180d2830180d2a40080d2020000d420909dd200e0b0f2210180d2220180d2030180d2240180d2020000d41f0000b1007008d5"}}, @smc={0x1e, 0x40, {0x8400000b, [0xff, 0xffffffffffffffff, 0x101, 0x9, 0x8001]}}, @code={0xa, 0xb4, {"0004007fc02999d200c0b0f2810180d2220180d2030180d2e40180d2020000d460d68ad200a0b8f2010080d2220080d2430080d2640080d2020000d480749dd20040b0f2010180d2c20180d2830180d2240180d2020000d4000028d5007008d5000008d5c01a90d20000b0f2c10180d2820180d2030080d2e40080d2020000d4601a91d200e0b8f2e10180d2220180d2630080d2a40080d2020000d40000201e"}}, @svc={0x122, 0x40, {0x0, [0x80000000, 0x0, 0x3, 0x8, 0x5]}}, @svc={0x122, 0x40, {0x40000000, [0x1, 0x2, 0xee, 0x0, 0x2]}}, @irq_setup={0x46, 0x18, {0x2, 0x13c}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x4, 0x9, 0xce09, 0x6, 0x2}}, @code={0xa, 0x6c, {"40cf85d20000b8f2c10180d2220180d2630080d2c40180d2020000d400a0400ca0fd9fd20000b8f2610180d2020080d2430180d2640180d2020000d4007008d5000008d5008008d50000208b008008d500d8a07e000028d5"}}, @smc={0x1e, 0x40, {0xc400000d, [0x1, 0x8000000000000000, 0x5, 0x3ff, 0x1]}}, @mrs={0xbe, 0x18, {0x5c9}}], 0x374}, &(0x7f0000000a80)=[@featur2={0x1, 0x40}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vm(r0, 0x4018aee1, &(0x7f0000000b00)=@attr_other={0x0, 0xf, 0x81, &(0x7f0000000ac0)=0x6}) (async)
ioctl$KVM_SET_DEVICE_ATTR_vm(r0, 0x4018aee1, &(0x7f0000000b00)=@attr_other={0x0, 0xf, 0x81, &(0x7f0000000ac0)=0x6})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000b40)={0xb, <r8=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000bc0)=@attr_other={0x0, 0x10, 0x8, &(0x7f0000000b80)=0x3})
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, r9, 0x0, 0x100010, r7, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r5, 0x4068aea3, &(0x7f0000000c00)) (async)
ioctl$KVM_CAP_DIRTY_LOG_RING(r5, 0x4068aea3, &(0x7f0000000c00))
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r10 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2)

1m55.560207668s ago: executing program 1 (id=323):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000780), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0xeeef0000, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000000c0)={0x2515, 0x0, 0x0, 0x1000, &(0x7f0000fec000/0x1000)=nil})
close(r2)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000000)={0x7, <r6=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x7, 0x5, 0x0})
r7 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x3, 0xfffffffd, 0x0, 0x0, 0x0, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)

1m44.197677235s ago: executing program 0 (id=324):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION2(r3, 0x40a0ae49, &(0x7f00000000c0)={0x5, 0x5, 0x2000, 0x1000, &(0x7f0000ffd000/0x1000)=nil, 0x3})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r4=>0xffffffffffffffff, 0x1})
r5 = ioctl$KVM_CREATE_VM(r4, 0x894c, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x8a)
mmap$KVM_VCPU(&(0x7f0000c60000/0x1000)=nil, r6, 0x1000000, 0x80010, r7, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0x8004b706, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r9, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c61000/0x3000)=nil, 0x930, 0x100000f, 0x4019032, 0xffffffffffffffff, 0x0)

1m29.899172346s ago: executing program 1 (id=325):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000080)={0x4, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, 0xffffffffffffffff)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
r6 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000240)="fb2cc4a22332a77b23b08870816d7bb14c94a6ab0600000000000000000067521ce16f8f1f449a7a835673314754ebb2917fc869d22627e700", 0x0, 0xfffffffffffffeda)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r5, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x200000, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r4, 0x4018aee3, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000180)={0x4, 0x7fff, 0x1}})
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@mrs={0xbe, 0x18, {0x603000000013808c}}], 0x18}, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000000)={0xb, 0xffffffffffffffff, 0x1})
r11 = ioctl$KVM_GET_STATS_FD_cpu(r5, 0xaece)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000080)={0x27e2ba4b, 0x4, 0x4, r11})
ioctl$KVM_RUN(r10, 0xae80, 0x0)

1m23.110533268s ago: executing program 0 (id=326):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x41, 0x100)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000bff000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000040)={0x1, 0xffffffffffffffff, 0x1})
syz_kvm_vgic_v3_setup(r5, 0x0, 0x0)
close(0x4)
close(0x5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
syz_kvm_vgic_v3_setup(r1, 0x41, 0x100) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) (async)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000bff000/0x400000)=nil) (async)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000040)={0x1, 0xffffffffffffffff, 0x1}) (async)
syz_kvm_vgic_v3_setup(r5, 0x0, 0x0) (async)
close(0x4) (async)
close(0x5) (async)

1m5.585994707s ago: executing program 1 (id=327):
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) (async)
r0 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, r0, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f7c000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0)

51.073309993s ago: executing program 1 (id=328):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="f21bc75509bf71c9d70236fc044842da01000000000000004c24501958da2e2c18b875c2357c6ed600", 0x0, 0x48)
r2 = eventfd2(0x101, 0x800)
write$eventfd(r2, &(0x7f0000000080)=0xfffffffffffffff7, 0x8)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r3=>0xffffffffffffffff, 0x1})
r4 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f00000001c0)={0x8, <r6=>0xffffffffffffffff})
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x3ff)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000340)=0x8000000000000000})
r7 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000080)={0x1ff, 0xa, 0x1}})
r12 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000240)={0x3, 0x9}})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x4, 0x1, 0x0})
write$eventfd(r3, &(0x7f00000001c0)=0xffffff7f, 0xff25)

33.596001305s ago: executing program 42 (id=326):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x41, 0x100)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000bff000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000040)={0x1, 0xffffffffffffffff, 0x1})
syz_kvm_vgic_v3_setup(r5, 0x0, 0x0)
close(0x4)
close(0x5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
syz_kvm_vgic_v3_setup(r1, 0x41, 0x100) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) (async)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000bff000/0x400000)=nil) (async)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000040)={0x1, 0xffffffffffffffff, 0x1}) (async)
syz_kvm_vgic_v3_setup(r5, 0x0, 0x0) (async)
close(0x4) (async)
close(0x5) (async)

0s ago: executing program 43 (id=328):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="f21bc75509bf71c9d70236fc044842da01000000000000004c24501958da2e2c18b875c2357c6ed600", 0x0, 0x48)
r2 = eventfd2(0x101, 0x800)
write$eventfd(r2, &(0x7f0000000080)=0xfffffffffffffff7, 0x8)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r3=>0xffffffffffffffff, 0x1})
r4 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f00000001c0)={0x8, <r6=>0xffffffffffffffff})
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x3ff)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000340)=0x8000000000000000})
r7 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000080)={0x1ff, 0xa, 0x1}})
r12 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000240)={0x3, 0x9}})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x4, 0x1, 0x0})
write$eventfd(r3, &(0x7f00000001c0)=0xffffff7f, 0xff25)

kernel console output (not intermixed with test programs):

[  371.235366][ T3156] 8021q: adding VLAN 0 to HW filter on device bond0
[  418.474070][ T3156] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:19126' (ED25519) to the list of known hosts.
[  569.582504][   T25] audit: type=1400 audit(568.790:61): avc:  denied  { name_bind } for  pid=3307 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  570.602529][   T25] audit: type=1400 audit(569.820:62): avc:  denied  { execute } for  pid=3308 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  570.651218][   T25] audit: type=1400 audit(569.870:63): avc:  denied  { execute_no_trans } for  pid=3308 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  600.185493][   T25] audit: type=1400 audit(599.400:64): avc:  denied  { mounton } for  pid=3308 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  600.220269][   T25] audit: type=1400 audit(599.430:65): avc:  denied  { mount } for  pid=3308 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  600.300393][ T3308] cgroup: Unknown subsys name 'net'
[  600.345698][   T25] audit: type=1400 audit(599.560:66): avc:  denied  { unmount } for  pid=3308 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  600.714147][ T3308] cgroup: Unknown subsys name 'cpuset'
[  600.813969][ T3308] cgroup: Unknown subsys name 'rlimit'
[  601.710774][   T25] audit: type=1400 audit(600.930:67): avc:  denied  { setattr } for  pid=3308 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  601.728154][   T25] audit: type=1400 audit(600.940:68): avc:  denied  { mounton } for  pid=3308 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  601.759097][   T25] audit: type=1400 audit(600.970:69): avc:  denied  { mount } for  pid=3308 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  602.940407][ T3315] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  602.960961][   T25] audit: type=1400 audit(602.170:70): avc:  denied  { relabelto } for  pid=3315 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  602.980396][   T25] audit: type=1400 audit(602.190:71): avc:  denied  { write } for  pid=3315 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  603.150541][   T25] audit: type=1400 audit(602.360:72): avc:  denied  { read } for  pid=3308 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  603.164995][   T25] audit: type=1400 audit(602.380:73): avc:  denied  { open } for  pid=3308 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  603.210550][ T3308] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  651.924175][   T25] audit: type=1400 audit(651.130:74): avc:  denied  { execmem } for  pid=3316 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  656.491268][   T25] audit: type=1400 audit(655.690:75): avc:  denied  { read } for  pid=3318 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  656.508335][   T25] audit: type=1400 audit(655.720:76): avc:  denied  { open } for  pid=3318 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  656.585421][   T25] audit: type=1400 audit(655.800:77): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  656.845256][   T25] audit: type=1400 audit(656.060:78): avc:  denied  { module_request } for  pid=3318 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  657.905336][   T25] audit: type=1400 audit(657.120:79): avc:  denied  { sys_module } for  pid=3318 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  680.822846][ T3318] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  680.920586][ T3318] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  681.765462][ T3319] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  681.905228][ T3319] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  693.520818][ T3318] hsr_slave_0: entered promiscuous mode
[  693.547701][ T3318] hsr_slave_1: entered promiscuous mode
[  694.415239][ T3319] hsr_slave_0: entered promiscuous mode
[  694.441723][ T3319] hsr_slave_1: entered promiscuous mode
[  694.478858][ T3319] debugfs: 'hsr0' already exists in 'hsr'
[  694.489382][ T3319] Cannot create hsr debugfs directory
[  703.446120][   T25] audit: type=1400 audit(702.660:80): avc:  denied  { create } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  703.548277][   T25] audit: type=1400 audit(702.720:81): avc:  denied  { write } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  703.610161][   T25] audit: type=1400 audit(702.820:82): avc:  denied  { read } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  703.744655][ T3318] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  704.194895][ T3318] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  704.683648][ T3318] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  704.946058][ T3318] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  707.100430][ T3319] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  707.303024][ T3319] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  707.505570][ T3319] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  707.729622][ T3319] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  718.969670][ T3318] 8021q: adding VLAN 0 to HW filter on device bond0
[  721.776046][ T3319] 8021q: adding VLAN 0 to HW filter on device bond0
[  775.247301][ T3318] veth0_vlan: entered promiscuous mode
[  775.802488][ T3318] veth1_vlan: entered promiscuous mode
[  777.412039][ T3318] veth0_macvtap: entered promiscuous mode
[  777.869849][ T3318] veth1_macvtap: entered promiscuous mode
[  778.533891][ T3319] veth0_vlan: entered promiscuous mode
[  779.239537][ T3319] veth1_vlan: entered promiscuous mode
[  780.265913][ T3289] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  780.363352][ T3289] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  780.385084][ T3289] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  780.409995][ T3289] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  781.992917][ T3319] veth0_macvtap: entered promiscuous mode
[  782.583826][ T3319] veth1_macvtap: entered promiscuous mode
[  782.678390][   T25] audit: type=1400 audit(781.880:83): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  783.005451][   T25] audit: type=1400 audit(782.220:84): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.j85wNx/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  783.233495][   T25] audit: type=1400 audit(782.420:85): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  783.480213][   T25] audit: type=1400 audit(782.690:86): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.j85wNx/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  783.593036][   T25] audit: type=1400 audit(782.810:87): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.j85wNx/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3741 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  784.235287][   T25] audit: type=1400 audit(783.450:88): avc:  denied  { unmount } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  784.444456][   T25] audit: type=1400 audit(783.660:89): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  784.552696][ T3372] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  784.609850][ T3372] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  784.613559][ T3372] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  784.633428][ T3372] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  784.667762][   T25] audit: type=1400 audit(783.840:90): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="gadgetfs" ino=3750 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  784.979004][   T25] audit: type=1400 audit(784.190:91): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  785.050684][   T25] audit: type=1400 audit(784.230:92): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  786.786153][ T3318] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  787.688996][   T25] kauditd_printk_skb: 1 callbacks suppressed
[  787.693921][   T25] audit: type=1400 audit(786.840:94): avc:  denied  { read write } for  pid=3318 comm="syz-executor" name="loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  787.722369][   T25] audit: type=1400 audit(786.930:95): avc:  denied  { open } for  pid=3318 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  787.798689][   T25] audit: type=1400 audit(786.930:96): avc:  denied  { ioctl } for  pid=3318 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  796.037847][   T25] audit: type=1400 audit(795.240:97): avc:  denied  { read } for  pid=3470 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  796.065850][   T25] audit: type=1400 audit(795.280:98): avc:  denied  { open } for  pid=3470 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  796.369053][   T25] audit: type=1400 audit(795.580:99): avc:  denied  { ioctl } for  pid=3470 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  797.879639][   T25] audit: type=1400 audit(797.090:100): avc:  denied  { append } for  pid=3472 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  799.028600][   T25] audit: type=1400 audit(798.240:101): avc:  denied  { execute } for  pid=3472 comm="syz.1.2" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3822 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  805.662788][   T25] audit: type=1400 audit(804.870:102): avc:  denied  { write } for  pid=3477 comm="syz.1.4" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1138.723196][   T25] audit: type=1400 audit(1137.920:103): avc:  denied  { setattr } for  pid=3673 comm="syz.1.63" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1328.132267][ T3768] kvm [3768]: Failed to find VMA for hva 0x20e75000
[ 1356.163967][ T3795] KVM: debugfs: duplicate directory 3795-5
[ 1584.840177][   T49] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1586.182790][   T49] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1587.086008][   T49] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1588.419217][   T49] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1598.795937][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1598.922584][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1599.070270][   T49] bond0 (unregistering): Released all slaves
[ 1600.558917][   T49] hsr_slave_0: left promiscuous mode
[ 1600.623423][   T49] hsr_slave_1: left promiscuous mode
[ 1601.188504][   T49] veth1_macvtap: left promiscuous mode
[ 1601.190429][   T49] veth0_macvtap: left promiscuous mode
[ 1601.219044][   T49] veth1_vlan: left promiscuous mode
[ 1601.223411][   T49] veth0_vlan: left promiscuous mode
[ 1622.670841][   T49] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1623.649114][   T49] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1624.572668][   T49] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1625.343416][   T49] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1638.180654][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1638.255938][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1638.314969][   T49] bond0 (unregistering): Released all slaves
[ 1639.185501][   T49] hsr_slave_0: left promiscuous mode
[ 1639.211036][   T49] hsr_slave_1: left promiscuous mode
[ 1639.385513][   T49] veth1_macvtap: left promiscuous mode
[ 1639.402324][   T49] veth0_macvtap: left promiscuous mode
[ 1639.420171][   T49] veth1_vlan: left promiscuous mode
[ 1639.423923][   T49] veth0_vlan: left promiscuous mode
[ 1673.184564][ T3917] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1673.432590][ T3917] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1678.194067][ T3922] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1678.494918][ T3922] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1696.789673][ T3917] hsr_slave_0: entered promiscuous mode
[ 1696.864851][ T3917] hsr_slave_1: entered promiscuous mode
[ 1701.881746][ T3922] hsr_slave_0: entered promiscuous mode
[ 1701.915397][ T3922] hsr_slave_1: entered promiscuous mode
[ 1701.952222][ T3922] debugfs: 'hsr0' already exists in 'hsr'
[ 1701.965840][ T3922] Cannot create hsr debugfs directory
[ 1710.059127][ T3917] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1710.801168][ T3917] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1711.203739][ T3917] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1711.630387][ T3917] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1715.623736][ T3922] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1715.875344][ T3922] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1716.210787][ T3922] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1716.474618][ T3922] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1734.690984][ T3917] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1740.482052][ T3922] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1827.849901][ T3917] veth0_vlan: entered promiscuous mode
[ 1828.609954][ T3917] veth1_vlan: entered promiscuous mode
[ 1831.459552][ T3917] veth0_macvtap: entered promiscuous mode
[ 1831.903220][ T3917] veth1_macvtap: entered promiscuous mode
[ 1833.220312][ T3922] veth0_vlan: entered promiscuous mode
[ 1834.384587][ T3922] veth1_vlan: entered promiscuous mode
[ 1836.045927][   T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1836.078119][   T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1836.089487][   T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1836.132485][ T3933] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1839.721677][ T3922] veth0_macvtap: entered promiscuous mode
[ 1840.259478][ T3922] veth1_macvtap: entered promiscuous mode
[ 1843.498095][   T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1843.630112][ T3933] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1843.634803][ T3933] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1843.674328][ T3892] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2285.435486][ T3939] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2286.890216][ T3939] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2288.512437][ T3939] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2290.215054][ T3939] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2294.275451][ T4383] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2295.278638][ T4383] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2307.372512][ T3939] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2307.474215][ T3939] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2307.544784][ T3939] bond0 (unregistering): Released all slaves
[ 2309.747874][ T3939] hsr_slave_0: left promiscuous mode
[ 2310.139738][ T3939] hsr_slave_1: left promiscuous mode
[ 2311.127990][ T3939] veth1_macvtap: left promiscuous mode
[ 2311.130227][ T3939] veth0_macvtap: left promiscuous mode
[ 2311.151684][ T3939] veth1_vlan: left promiscuous mode
[ 2311.162631][ T3939] veth0_vlan: left promiscuous mode
[ 2328.265716][ T4391] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2328.722486][ T4391] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2333.494465][ T3939] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2335.045845][ T3939] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2336.523479][ T3939] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2337.922348][ T3939] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2355.961960][ T3939] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2356.061038][ T3939] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2356.149403][ T3939] bond0 (unregistering): Released all slaves
[ 2356.993222][ T4383] hsr_slave_0: entered promiscuous mode
[ 2357.053438][ T4383] hsr_slave_1: entered promiscuous mode
[ 2358.658942][ T3939] hsr_slave_0: left promiscuous mode
[ 2358.751261][ T3939] hsr_slave_1: left promiscuous mode
[ 2359.199185][ T3939] veth1_macvtap: left promiscuous mode
[ 2359.209223][ T3939] veth0_macvtap: left promiscuous mode
[ 2359.219000][ T3939] veth1_vlan: left promiscuous mode
[ 2359.226039][ T3939] veth0_vlan: left promiscuous mode
[ 2379.729324][ T4391] hsr_slave_0: entered promiscuous mode
[ 2379.792498][ T4391] hsr_slave_1: entered promiscuous mode
[ 2379.841866][ T4391] debugfs: 'hsr0' already exists in 'hsr'
[ 2379.851841][ T4391] Cannot create hsr debugfs directory
[ 2388.589091][ T4383] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2388.935483][ T4383] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2389.734834][ T4383] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2390.357987][ T4383] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2397.064009][ T4391] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2397.455501][ T4391] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2397.925562][ T4391] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2398.459853][ T4391] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2421.085130][ T4383] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2427.212428][ T4391] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2544.598672][ T4383] veth0_vlan: entered promiscuous mode
[ 2545.399686][ T4383] veth1_vlan: entered promiscuous mode
[ 2548.411231][ T4383] veth0_macvtap: entered promiscuous mode
[ 2549.009038][ T4383] veth1_macvtap: entered promiscuous mode
[ 2552.455111][ T4391] veth0_vlan: entered promiscuous mode
[ 2553.015958][ T4062] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2553.030518][ T4062] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2553.043145][ T4062] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2553.168913][ T4421] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2554.600527][ T4391] veth1_vlan: entered promiscuous mode
[ 2559.100569][ T4391] veth0_macvtap: entered promiscuous mode
[ 2559.821913][ T4391] veth1_macvtap: entered promiscuous mode
[ 2563.120302][ T4062] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2563.287919][ T3371] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2563.459284][ T4420] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2563.483984][ T4420] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2799.594889][ T4062] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2801.823447][ T4062] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2803.671160][ T4062] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2805.474633][ T4062] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2837.192019][ T4062] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2837.609264][ T4062] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2837.870815][ T4062] bond0 (unregistering): Released all slaves
[ 2840.488883][ T4062] hsr_slave_0: left promiscuous mode
[ 2840.692661][ T4062] hsr_slave_1: left promiscuous mode
[ 2841.538114][ T4062] veth1_macvtap: left promiscuous mode
[ 2841.539410][ T4062] veth0_macvtap: left promiscuous mode
[ 2841.551603][ T4062] veth1_vlan: left promiscuous mode
[ 2841.581996][ T4062] veth0_vlan: left promiscuous mode
[ 2944.063106][ T4746] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2944.475449][ T4746] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2978.234883][ T4746] hsr_slave_0: entered promiscuous mode
[ 2978.343173][ T4746] hsr_slave_1: entered promiscuous mode
[ 2978.493785][ T4746] debugfs: 'hsr0' already exists in 'hsr'
[ 2978.550757][ T4746] Cannot create hsr debugfs directory
[ 3000.932659][ T4530] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3002.926132][ T4530] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3004.441695][ T4530] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3006.639849][ T4530] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3011.640328][ T4746] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 3012.256158][ T4746] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 3013.807784][ T4746] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 3015.098166][ T4746] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 3032.832209][ T4530] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3033.072393][ T4530] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3033.223803][ T4530] bond0 (unregistering): Released all slaves
[ 3035.449754][ T4530] hsr_slave_0: left promiscuous mode
[ 3035.554147][ T4530] hsr_slave_1: left promiscuous mode
[ 3036.202775][ T4530] veth1_macvtap: left promiscuous mode
[ 3036.235052][ T4530] veth0_macvtap: left promiscuous mode
[ 3036.251810][ T4530] veth1_vlan: left promiscuous mode
[ 3036.271222][ T4530] veth0_vlan: left promiscuous mode
[ 3083.874529][ T4746] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3113.472858][ T4870] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3113.790427][ T4870] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3150.736096][ T4870] hsr_slave_0: entered promiscuous mode
[ 3150.900182][ T4870] hsr_slave_1: entered promiscuous mode
[ 3167.619046][ T4870] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 3168.073493][ T4870] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 3168.510991][ T4870] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 3168.873620][ T4870] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 3204.013551][ T4870] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3219.823386][ T4746] veth0_vlan: entered promiscuous mode
[ 3220.873758][ T4746] veth1_vlan: entered promiscuous mode
[ 3224.192947][ T4746] veth0_macvtap: entered promiscuous mode
[ 3224.762464][ T4746] veth1_macvtap: entered promiscuous mode
[ 3228.447706][ T4421] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3228.539627][ T4062] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3228.541511][ T4062] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3228.561702][ T4062] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3355.943636][ T3892] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3358.104955][ T3892] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3360.331275][ T3892] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3362.312860][ T3892] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3390.824697][ T3892] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3391.060010][ T3892] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3391.230198][ T3892] bond0 (unregistering): Released all slaves
[ 3393.149310][ T3892] hsr_slave_0: left promiscuous mode
[ 3393.228987][ T3892] hsr_slave_1: left promiscuous mode
[ 3393.549530][ T3892] veth1_macvtap: left promiscuous mode
[ 3393.552887][ T3892] veth0_macvtap: left promiscuous mode
[ 3393.589984][ T3892] veth1_vlan: left promiscuous mode
[ 3393.650204][ T3892] veth0_vlan: left promiscuous mode
[ 3419.677315][ T4870] veth0_vlan: entered promiscuous mode
[ 3421.944285][ T4870] veth1_vlan: entered promiscuous mode
[ 3425.414793][ T4870] veth0_macvtap: entered promiscuous mode
[ 3426.121073][ T4870] veth1_macvtap: entered promiscuous mode
[ 3431.464343][ T3289] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3431.499777][ T3289] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3431.527771][ T3289] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3431.530878][ T3289] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3473.779658][ T5059] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3474.189652][ T5059] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3521.892533][ T5065] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3526.054964][ T5059] hsr_slave_0: entered promiscuous mode
[ 3526.211908][ T5059] hsr_slave_1: entered promiscuous mode
[ 3526.310081][ T5059] debugfs: 'hsr0' already exists in 'hsr'
[ 3526.342313][ T5059] Cannot create hsr debugfs directory
[ 3526.855078][ T5065] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3529.422603][ T5065] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3531.184611][ T5065] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3557.669358][ T5065] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3557.922741][ T5065] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3558.093307][ T5065] bond0 (unregistering): Released all slaves
[ 3560.241786][ T5065] hsr_slave_0: left promiscuous mode
[ 3560.314814][ T5065] hsr_slave_1: left promiscuous mode
[ 3560.651892][ T5065] veth1_macvtap: left promiscuous mode
[ 3560.655140][ T5065] veth0_macvtap: left promiscuous mode
[ 3560.669552][ T5065] veth1_vlan: left promiscuous mode
[ 3560.673199][ T5065] veth0_vlan: left promiscuous mode
[ 3589.807746][ T5059] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 3590.808372][ T5059] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 3591.206149][ T5059] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 3591.733769][ T5059] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 3628.524527][ T5059] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3641.980745][ T5140] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3642.304234][ T5140] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3685.545263][ T5140] hsr_slave_0: entered promiscuous mode
[ 3685.643519][ T5140] hsr_slave_1: entered promiscuous mode
[ 3706.843007][ T5140] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 3707.474742][ T5140] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 3708.073607][ T5140] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 3708.648761][ T5140] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 3747.344926][ T5140] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3793.824939][ T5059] veth0_vlan: entered promiscuous mode
[ 3795.301048][ T5059] veth1_vlan: entered promiscuous mode
[ 3799.592769][ T5059] veth0_macvtap: entered promiscuous mode
[ 3800.341722][ T5059] veth1_macvtap: entered promiscuous mode
[ 3805.012506][ T3289] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3805.040475][ T3289] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3805.071141][   T12] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3805.128438][   T12] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3960.815756][ T5140] veth0_vlan: entered promiscuous mode
[ 3962.791205][ T5140] veth1_vlan: entered promiscuous mode
[ 3967.911603][ T5140] veth0_macvtap: entered promiscuous mode
[ 3968.784967][ T5140] veth1_macvtap: entered promiscuous mode
[ 3974.780494][ T4945] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3974.813710][ T4062] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3974.814558][ T4062] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3974.815301][ T4062] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4378.334683][ T3372] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4381.159691][ T3372] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4383.554190][ T3372] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4386.192825][ T3372] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4420.803904][ T3372] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4421.350010][ T3372] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4421.801859][ T3372] bond0 (unregistering): Released all slaves
[ 4424.967329][ T3372] hsr_slave_0: left promiscuous mode
[ 4425.042859][ T3372] hsr_slave_1: left promiscuous mode
[ 4425.822053][ T3372] veth1_macvtap: left promiscuous mode
[ 4425.909298][ T3372] veth0_macvtap: left promiscuous mode
[ 4425.913051][ T3372] veth1_vlan: left promiscuous mode
[ 4425.959988][ T3372] veth0_vlan: left promiscuous mode
[ 4467.825357][ T3372] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4469.756101][ T3372] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4472.460337][ T3372] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4475.334997][ T3372] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4504.874623][ T3372] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4505.939625][ T3372] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4506.561486][ T3372] bond0 (unregistering): Released all slaves
[ 4509.841691][ T3372] hsr_slave_0: left promiscuous mode
[ 4509.962622][ T3372] hsr_slave_1: left promiscuous mode
[ 4510.629961][ T3372] veth1_macvtap: left promiscuous mode
[ 4510.681164][ T3372] veth0_macvtap: left promiscuous mode
[ 4510.700120][ T3372] veth1_vlan: left promiscuous mode
[ 4510.701633][ T3372] veth0_vlan: left promiscuous mode
[ 4568.284622][ T5539] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4568.799086][ T5539] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4586.621735][ T5542] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4587.100557][ T5542] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4612.300241][ T5539] hsr_slave_0: entered promiscuous mode
[ 4612.406117][ T5539] hsr_slave_1: entered promiscuous mode
[ 4632.958254][ T5542] hsr_slave_0: entered promiscuous mode
[ 4633.063002][ T5542] hsr_slave_1: entered promiscuous mode
[ 4633.202940][ T5542] debugfs: 'hsr0' already exists in 'hsr'
[ 4633.248332][ T5542] Cannot create hsr debugfs directory
[ 4659.261929][ T5539] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 4661.559892][ T5539] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 4664.121371][ T5539] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 4664.876042][ T5539] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 4678.112910][ T5542] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 4678.748401][ T5542] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 4679.205863][ T5542] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 4679.724925][ T5542] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 4707.273488][ T5539] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4719.326131][ T5542] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4850.643837][ T5539] veth0_vlan: entered promiscuous mode
[ 4852.010717][ T5539] veth1_vlan: entered promiscuous mode
[ 4855.479185][ T5539] veth0_macvtap: entered promiscuous mode
[ 4856.122966][ T5539] veth1_macvtap: entered promiscuous mode
[ 4859.760594][ T5709] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4859.780268][ T5709] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4859.804276][ T5709] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4859.828548][ T5709] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4864.680461][ T5542] veth0_vlan: entered promiscuous mode
[ 4867.138812][ T5542] veth1_vlan: entered promiscuous mode
[ 4872.172622][ T5542] veth0_macvtap: entered promiscuous mode
[ 4873.409471][ T5542] veth1_macvtap: entered promiscuous mode
[ 4878.028170][ T5065] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4878.043771][ T3371] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4878.044675][ T3371] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4878.045357][ T3371] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5782.044485][ T6139] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5782.694174][ T6139] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5822.965011][ T6152] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5823.544643][ T6152] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5840.294822][ T6139] hsr_slave_0: entered promiscuous mode
[ 5840.473701][ T6139] hsr_slave_1: entered promiscuous mode
[ 5840.536292][ T6139] debugfs: 'hsr0' already exists in 'hsr'
[ 5840.648371][ T6139] Cannot create hsr debugfs directory
[ 5887.920098][ T6152] hsr_slave_0: entered promiscuous mode
[ 5888.086097][ T6152] hsr_slave_1: entered promiscuous mode
[ 5888.253259][ T6152] debugfs: 'hsr0' already exists in 'hsr'
[ 5888.278167][ T6152] Cannot create hsr debugfs directory
[ 5894.979541][ T6139] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 5895.575514][ T6139] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 5896.360725][ T6139] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 5897.170067][ T6139] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 5938.044565][ T6152] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 5938.557811][ T6152] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 5939.145172][ T6152] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 5939.955535][ T6152] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 5956.756124][ T6139] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5989.804159][ T6152] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6067.823772][   T27] INFO: task syz.1.328:6129 blocked for more than 430 seconds.
[ 6067.824974][   T27]       Not tainted syzkaller #0
[ 6067.825850][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 6067.828505][   T27] task:syz.1.328       state:D stack:0     pid:6129  tgid:6129  ppid:5542   task_flags:0x400040 flags:0x00000019
[ 6067.830012][   T27] Call trace:
[ 6067.830488][   T27]  __switch_to+0x584/0xb20 (T)
[ 6067.832540][   T27]  __schedule+0x1eec/0x33a4
[ 6067.833127][   T27]  schedule+0xac/0x27c
[ 6067.833627][   T27]  schedule_timeout+0x5c/0x1e4
[ 6067.834059][   T27]  do_wait_for_common+0x28c/0x444
[ 6067.834447][   T27]  wait_for_completion+0x44/0x5c
[ 6067.834965][   T27]  __synchronize_srcu+0x2a4/0x320
[ 6067.835447][   T27]  synchronize_srcu+0x3cc/0x4f0
[ 6067.835902][   T27]  mmu_notifier_unregister+0x320/0x42c
[ 6068.035672][   T27]  kvm_put_kvm+0x6a0/0xfa8
[ 6068.068567][   T27]  kvm_vm_release+0x58/0x78
[ 6068.069285][   T27]  __fput+0x4ac/0x980
[ 6068.069736][   T27]  ____fput+0x20/0x58
[ 6068.070166][   T27]  task_work_run+0x1bc/0x254
[ 6068.070587][   T27]  do_notify_resume+0x1bc/0x270
[ 6068.071089][   T27]  el0_svc+0xb8/0x164
[ 6068.071540][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 6068.072012][   T27]  el0t_64_sync+0x198/0x19c
[ 6068.189066][   T27] 
[ 6068.189066][   T27] Showing all locks held in the system:
[ 6068.220134][   T27] 1 lock held by khungtaskd/27:
[ 6068.220709][   T27]  #0: ffff800087876d18 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[ 6068.223323][   T27] 2 locks held by getty/3188:
[ 6068.223726][   T27]  #0: 58f0000011c4a8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 6068.225401][   T27]  #1: 1bff80008c5cb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8
[ 6068.359055][   T27] 2 locks held by syz-executor/3308:
[ 6068.359436][   T27] 3 locks held by kworker/u4:3/3372:
[ 6068.359765][   T27] 2 locks held by kworker/u4:8/3939:
[ 6068.360072][   T27] 2 locks held by kworker/u4:7/4420:
[ 6068.360362][   T27]  #0: f3f000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 6068.362033][   T27]  #1: ffff80008eb27c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 6068.363747][   T27] 3 locks held by kworker/u4:13/5065:
[ 6068.364157][   T27] 2 locks held by syz.0.326/6121:
[ 6068.364462][   T27] 2 locks held by kworker/u4:0/6146:
[ 6068.364781][   T27]  #0: f3f000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 6068.488255][   T27]  #1: ffff80008e7f7c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 6068.490535][   T27] 2 locks held by kworker/u4:9/6273:
[ 6068.490939][   T27] 2 locks held by modprobe/6313:
[ 6068.491242][   T27] 1 lock held by modprobe/6314:
[ 6068.491530][   T27] 2 locks held by cmp/6315:
[ 6068.491990][   T27] 
[ 6068.492250][   T27] =============================================
[ 6068.492250][   T27] 

VM DIAGNOSIS:
02:23:21  Registers:
info registers vcpu 0

CPU#0
 PC=ffff800086500588 X00=fffe8000026b7220 X01=6bf0000026b72200
X02=0000000000000000 X03=0000000000000000 X04=0000000000000001
X05=0000000000000000 X06=0000000000000000 X07=ffff80008534d3c0
X08=b1f000000d9b9d80 X09=0000000000000000 X10=0000000000ff0100
X11=00000000000000ff X12=00000000000000ff X13=0000000000000000
X14=ffff80008000767c X15=00000000000000ff X16=0000000000000001
X17=fff07fffeb67d000 X18=00000000000000ff X19=ffff800080007670
X20=ffff800080550a50 X21=b1f000000d9b9d80 X22=ffff800080007568
X23=ffff8000800078df X24=ffff800080007920 X25=ffff8000800075b8
X26=ffff800087725000 X27=00000000000000ff X28=0000000000000000
X29=ffff800080007520 X30=ffff8000865a3914  SP=ffff800080007520
PSTATE=40402009 -Z-- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=2525252525252525:2525252525252525 Z01=6572207265767265:730073250a0d0a0d
Z02=742065726f6d2072:6f662064656b636f Z03=0000000000000000:00ff00ff00000000
Z04=0000000000000000:000000000f0f0000 Z05=726f6d20726f6620:64656b636f6c6220
Z06=203a29315f657661:6c735f646e6f6220 Z07=206e612073612067:6e6976616c736e45
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000fffffe0cd670:0000fffffe0cd670 Z17=ffffff80ffffffd8:0000fffffe0cd640
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000