last executing test programs:

2h38m31.124843184s ago: executing program 1 (id=8):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x18680, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0xe3)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2)
r4 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x100)
ioctl$KVM_HAS_DEVICE_ATTR(r4, 0x4018aee3, 0xfffffffffffffffe)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x9)

2h38m25.537548236s ago: executing program 1 (id=10):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0x40086602, 0x110e22ffff)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, r3, 0x6, 0x2f1fd986ed107cb6, 0xffffffffffffffff, 0x0)
eventfd2(0x10b, 0x80000)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x20000000)
ioctl$KVM_CHECK_EXTENSION(r4, 0x40086602, 0x110e227ffe)
mmap$KVM_VCPU(&(0x7f0000cc5000/0x4000)=nil, r3, 0x5, 0x40010, 0xffffffffffffffff, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x33)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x1}], 0x1)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_cpu$arm64(r7, r9, &(0x7f0000c00000/0x400000)=nil, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@featur1={0x1, 0x48}], 0x1)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000eec000/0x3000)=nil, 0x930, 0x2, 0x2010, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
ioctl$KVM_CHECK_EXTENSION(r1, 0x40086602, 0x110e227ffe)
ioctl$KVM_SIGNAL_MSI(r5, 0x4020aea5, &(0x7f0000000000)={0xeeee0000, 0xdddd0000, 0x7, 0x1, 0xffff})

2h37m39.038970233s ago: executing program 32 (id=10):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0x40086602, 0x110e22ffff)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, r3, 0x6, 0x2f1fd986ed107cb6, 0xffffffffffffffff, 0x0)
eventfd2(0x10b, 0x80000)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x20000000)
ioctl$KVM_CHECK_EXTENSION(r4, 0x40086602, 0x110e227ffe)
mmap$KVM_VCPU(&(0x7f0000cc5000/0x4000)=nil, r3, 0x5, 0x40010, 0xffffffffffffffff, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x33)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x1}], 0x1)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_cpu$arm64(r7, r9, &(0x7f0000c00000/0x400000)=nil, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@featur1={0x1, 0x48}], 0x1)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000eec000/0x3000)=nil, 0x930, 0x2, 0x2010, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
ioctl$KVM_CHECK_EXTENSION(r1, 0x40086602, 0x110e227ffe)
ioctl$KVM_SIGNAL_MSI(r5, 0x4020aea5, &(0x7f0000000000)={0xeeee0000, 0xdddd0000, 0x7, 0x1, 0xffff})

2h37m29.017892284s ago: executing program 33 (id=11):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000240)={0x0, &(0x7f00000001c0)}, &(0x7f0000000280)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r3, 0x4018aee2, &(0x7f0000000180)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000100)={0x0, 0x19}})
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r2, 0xc018aec0, &(0x7f00000000c0)={0x1})
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_IRQ_LINE_STATUS(r5, 0xc008ae67, &(0x7f0000000040)={0x10001, 0x10001})
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000200)={0x0, &(0x7f0000000500)=[@mrs={0xbe, 0x18, {0x6030000000138056}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, 0x0, 0x1, 0x30, r3, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105})
ioctl$KVM_SET_DEVICE_ATTR_vm(r5, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000340)={0x1, 0x1, 0x1}})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, &(0x7f0000000540)=[@msr={0x14, 0x20, {0x603000000013e648, 0x3}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x2ce}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x0, 0xfffffffffffffff7, 0x8}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x8, 0x9, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013e64b}}, @msr={0x14, 0x20, {0x603000000013c521, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x3, 0xc, 0x10, 0x8, 0x4}}, @eret={0xe6, 0x18, 0x1}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x0, 0x9, 0x4}}, @uexit={0x0, 0x18, 0xffffffffffff0001}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x1, 0x7, 0x6, 0x8, 0x4}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x80, 0x9, 0x8}}, @memwrite={0x6e, 0x30, @generic={0x0, 0x558, 0x0, 0x5}}, @irq_setup={0x46, 0x18, {0x0, 0x2d8}}, @hvc={0x32, 0x40, {0x44007fd2, [0x3, 0x0, 0x7ff, 0x1, 0xa]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe8, 0x7fffffff}}, @eret={0xe6, 0x18, 0x5}, @code={0xa, 0x6c, {"609994d20080b8f2c10180d2820180d2e30180d2440080d2020000d400fc209b0060a00d000008d500f8b02e000c803c007008d50008a0b80040251ea08283d20020b0f2a10080d2820080d2630080d2040080d2020000d4"}}, @code={0xa, 0x6c, {"007008d5007008d5e0b59bd200a0b0f2810080d2220080d2e30080d2c40080d2020000d4007008d51820601e008008d50000002f203194d200c0b8f2a10080d2e20180d2030080d2840080d2020000d4007008d5000008d5"}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x2b1}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x20c}}, @uexit={0x0, 0x18, 0x8}, @mrs={0xbe, 0x18, {0x603000000013e18e}}, @code={0xa, 0xb4, {"007008d500cc8bd20040b8f2810080d2820180d2e30080d2840080d2020000d4e06293d200e0b8f2210080d2e20180d2c30180d2440080d2020000d4000840b800a0202ec03b99d20020b0f2a10180d2620080d2c30180d2c40080d2020000d4000008d5007008d5c00899d20020b8f2410180d2620180d2430180d2640180d2020000d420a68fd20040b0f2610180d2020180d2030080d2040180d2020000d4"}}, @irq_setup={0x46, 0x18, {0x0, 0x246}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x380, 0x4, 0x2}}], 0x4dc}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r10, 0x3, 0xa0)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0xa, 0x5, &(0x7f0000000000)=0x32163595})
r11 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, 0x0, 0x2d}, &(0x7f0000000300)=[@featur1={0x1, 0xa0}], 0x1)
syz_kvm_vgic_v3_setup(r12, 0x204, 0x3a0)

2h23m55.069348334s ago: executing program 34 (id=89):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1d)
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000000040)={0x1, 0x5})
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x68)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
r4 = mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, r1, 0x5, 0x10010, r3, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(r4, 0x20, &(0x7f0000000080)="63dce16986c2bffd1eb574e2fd7762ac6917eb3cb3acd6b6", 0x0, 0x18)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xe)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0xa8000, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000140)=@attr_other={0x0, 0x2, 0xd, &(0x7f0000000100)=0xf})
r7 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000480)={0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0x8, [0x0, 0x7, 0xfca, 0x6, 0x2]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffd0, 0x8, 0x3}}, @code={0xa, 0x84, {"00cc200e00ac202e007008d50000601f00a0006f000890d20040b0f2c10080d2020180d2230180d2040180d2020000d4007008d580f989d200e0b0f2810080d2e20080d2c30080d2240080d2020000d40000006d60de88d20080b8f2410180d2c20080d2030080d2440180d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x4, 0x0, 0x1, 0xe01, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x1, 0x10, 0x1c475f2a, 0x1ff, 0x3}}, @mrs={0xbe, 0x18, {0x603000000013c018}}, @svc={0x122, 0x40, {0x2000, [0x5e0b, 0x6, 0x4, 0x3, 0x3]}}, @eret={0xe6, 0x18, 0x3406}, @irq_setup={0x46, 0x18, {0x2, 0x16a}}, @irq_setup={0x46, 0x18, {0x2, 0xb1}}, @msr={0x14, 0x20, {0x603000000013df47, 0x400}}, @eret={0xe6, 0x18, 0x8}, @svc={0x122, 0x40, {0x84000000, [0x0, 0xbe, 0x4, 0x40]}}, @code={0xa, 0x6c, {"a05699d20020b0f2e10180d2c20180d2830080d2840080d2020000d4003c200e205a86d20080b8f2210180d2220080d2830180d2040180d2020000d4000028d5007008d5007008d5002cc01a0060000e0060df0d001ca00e"}}], 0x2c8}, &(0x7f00000004c0)=[@featur1={0x1, 0x21}], 0x1)
ioctl$KVM_CHECK_EXTENSION_VM(r5, 0xae03, 0x1)
r9 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0xe)
ioctl$KVM_PPC_ALLOCATE_HTAB(r9, 0xc004aea7, &(0x7f0000000500)=0x9)
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0x3)
ioctl$KVM_IRQ_LINE(r9, 0x4008ae61, &(0x7f0000000540)={0x9})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000580)=@attr_set_pmu={0x0, 0x0, 0x3, 0x0})
ioctl$KVM_RESET_DIRTY_RINGS(r5, 0xaec7)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x34)
ioctl$KVM_SIGNAL_MSI(r2, 0x4020aea5, &(0x7f00000005c0)={0x3000, 0xdddd0000, 0xc3, 0x1, 0xe})
ioctl$KVM_GET_REG_LIST(r8, 0xc008aeb0, &(0x7f0000000600)={0x3, [0xc01f, 0x3ff, 0x1]})
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r5, 0x4068aea3, &(0x7f0000000640)={0xe4, 0x0, 0x3c0})
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0x8)
r10 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x23)
ioctl$KVM_CAP_PTP_KVM(r10, 0x4068aea3, &(0x7f00000006c0))

2h23m44.927703709s ago: executing program 35 (id=90):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x200000004087b)
r1 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x20000000)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
r5 = syz_kvm_vgic_v3_setup(r4, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x1, 0x4, &(0x7f00000004c0)=0x1})
r6 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b40c4d7f77baa055a66c0e3f712ee8ba24f023194cc4bf610d6a763ad4913923b8364e5f55ea2fc43ac1b7070000000000001b000000000800", 0x0, 0x48)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x8800, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0xf1)
r8 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r8, 0xae03, 0x59)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000000680)={0x10004, 0x0, &(0x7f0000cf1000/0x4000)=nil})
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)
r11 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000600)={0x0, &(0x7f0000000180)=[@svc={0x122, 0x40, {0x8400000a, [0x8000000000000001, 0xfffffffffffffffa, 0x3, 0x7, 0x5ff]}}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x8c}}, @smc={0x1e, 0x40, {0x84000005, [0x1, 0x7f, 0x161, 0x9, 0x3]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x100, 0x8, 0x4}}, @eret={0xe6, 0x18, 0x3}, @msr={0x14, 0x20, {0x603000000013debd, 0x2}}, @msr={0x14, 0x20, {0x603000000013f289, 0x93}}, @svc={0x122, 0x40, {0xc4000012, [0x7, 0xfffffffffffffffe, 0x1ff, 0x3, 0x8]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x58, 0x6}}, @irq_setup={0x46, 0x18, {0x1, 0xf2}}, @msr={0x14, 0x20, {0x9b218cb36a04f0e4, 0x5}}, @eret={0xe6, 0x18, 0xb}, @svc={0x122, 0x40, {0xc4000003, [0x11dd5572, 0x4, 0x3, 0x2aab, 0x7fff]}}, @hvc={0x32, 0x40, {0x8400000a, [0x2, 0x3, 0x2, 0xe43, 0xdad]}}, @svc={0x122, 0x40, {0x84000001, [0x4f, 0x3, 0x0, 0x7, 0x7]}}, @irq_setup={0x46, 0x18, {0x2, 0x13}}, @code={0xa, 0x9c, {"00fc200e802285d200c0b8f2410180d2a20180d2030180d2240080d2020000d4008008d5e0b79bd200a0b0f2410080d2e20080d2830180d2840180d2020000d4007008d5007008d5007008d5007008d5009180d20000b0f2e10080d2a20080d2c30180d2240180d2020000d480a580d200c0b0f2e10080d2820080d2430180d2040080d2020000d4"}}, @memwrite={0x6e, 0xfffffee0, @vgic_gicr={0x8100000, 0xb0, 0x412, 0x1}}, @code={0xa, 0x84, {"e02b91d20020b8f2610180d2220080d2630180d2c40180d2020000d4e06887d200a0b8f2e10080d2e20080d2c30180d2a40180d2020000d4000000ac007008d5007008d580358fd20040b8f2810080d2020080d2030180d2640180d2020000d4007008d500a0800d007008d5000008d5"}}, @memwrite={0x6e, 0x30, @generic={0xffff1000, 0x238, 0x5}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x159}}], 0x470}, &(0x7f0000000640)=[@featur2={0x1, 0xc2}], 0x1)
mmap$KVM_VCPU(&(0x7f000057c000/0x3000)=nil, r10, 0x200000c, 0x100010, r11, 0x0)
r12 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
close(r2)
ioctl$KVM_GET_DIRTY_LOG(r12, 0x4010ae42, &(0x7f0000000000)={0xa4a605311ad0de6b, 0x0, &(0x7f0000c67000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f000073e000/0x400000)=nil)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_CHECK_EXTENSION(r9, 0xae03, 0xfff)
eventfd2(0x80000001, 0x80000)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x2f)

2h15m52.721142639s ago: executing program 5 (id=101):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = eventfd2(0x0, 0x0)
ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f0000000080)={r6, 0x8, 0x1})
r7 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000400)=@arm64_sys={0x603000000013c000, &(0x7f00000003c0)=0x3a5})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, r12, 0x2000003, 0x11, r10, 0x0)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x2000)=nil, r12, 0x2000009, 0x11, r10, 0x0)
r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r15, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
r16 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQ_LINE(r16, 0x4008ae61, &(0x7f0000000000)={0x8000000, 0x3})
ioctl$KVM_IRQ_LINE_STATUS(r16, 0xc008ae67, &(0x7f0000000040)={0x200, 0xbb})

2h15m6.685458834s ago: executing program 36 (id=101):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = eventfd2(0x0, 0x0)
ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f0000000080)={r6, 0x8, 0x1})
r7 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000400)=@arm64_sys={0x603000000013c000, &(0x7f00000003c0)=0x3a5})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, r12, 0x2000003, 0x11, r10, 0x0)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x2000)=nil, r12, 0x2000009, 0x11, r10, 0x0)
r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r15, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
r16 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQ_LINE(r16, 0x4008ae61, &(0x7f0000000000)={0x8000000, 0x3})
ioctl$KVM_IRQ_LINE_STATUS(r16, 0xc008ae67, &(0x7f0000000040)={0x200, 0xbb})

2h5m56.369648221s ago: executing program 37 (id=104):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x40480, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f00000001c0)={0x0, &(0x7f0000000400), 0x50}, 0x0, 0x0)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f00000003c0)=[@hvc={0x32, 0x40, {0x86000001, [0xc, 0x5, 0x2, 0xfffffffffffffffc, 0x52]}}], 0xffffffb5}, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000400)=@arm64_sys={0x603000000013c000, &(0x7f00000003c0)=0x3a5})
openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f00000000c0)={0x1, <r11=>0xffffffffffffffff, 0x1})
r12 = ioctl$KVM_CREATE_VM(r11, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r12, 0x40305828, 0x0)
r13 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_RESET_DIRTY_RINGS(r13, 0xaec7)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013c01e}}, @msr={0x14, 0x20, {0x603000000013df7f, 0xc}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r15, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
r16 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r17 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r18 = ioctl$KVM_CREATE_VM(r17, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r18, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r18, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r16, 0x4018aee1, &(0x7f0000000200)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000000)=0x10001})

2h5m35.837890959s ago: executing program 38 (id=140):
munmap(&(0x7f0000427000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc0189436, 0x20004000) (async, rerun: 64)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async, rerun: 64)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
write$eventfd(r2, &(0x7f00000001c0)=0x7ffffff, 0x648) (async, rerun: 32)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0) (rerun: 32)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) (async)
r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000180)={0x0, &(0x7f0000000200)=[@eret={0xe6, 0x18, 0xffff}, @uexit={0x0, 0x18, 0x1c}, @mrs={0xbe, 0x18, {0x603000000013c4ce}}, @eret={0xe6, 0x18, 0x6}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x58, 0x401}}, @smc={0x1e, 0x40, {0x80000000, [0x1, 0x2, 0x0, 0xe3, 0x4]}}, @irq_setup={0x46, 0x18, {0x1, 0x12c}}, @hvc={0x32, 0x40, {0x1000000, [0x7560, 0x5, 0x6, 0x0, 0x6]}}, @svc={0x122, 0x40, {0xc5000021, [0x5, 0x4, 0x760a, 0xfffffffffffffffa, 0xffffffffffffa572]}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x89}}], 0x190}, &(0x7f00000001c0)=[@featur2={0x1, 0x20}], 0x1)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x28)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_GET_REGS(r8, 0x8360ae81, 0x0) (async)
mmap$KVM_VCPU(&(0x7f00003fe000/0xc00000)=nil, r4, 0x2000000, 0x70010, r3, 0x0)
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x3000007, 0x4019032, r3, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000)

1h53m33.569428845s ago: executing program 7 (id=162):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xb)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000c6a000/0x3000)=nil, 0x930, 0x1000003, 0x28031, r0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f0000000100)=[@uexit={0x0, 0x18, 0x100000000}, @msr={0x14, 0x20, {0x6030000000138074, 0x8273}}, @mrs={0xbe, 0x18, {0x603000000013df5b}}, @uexit={0x0, 0x18, 0x2}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x3e1}}, @hvc={0x32, 0x40, {0x0, [0x1, 0x723, 0x4, 0x449a5d7a, 0x4]}}, @uexit={0x0, 0x18, 0x9}, @mrs={0xbe, 0x18, {0x603000000013c65d}}, @code={0xa, 0x9c, {"007008d5001ce02e608592d20080b0f2010080d2e20080d2630180d2640080d2020000d4000000ace0b288d20080b8f2a10180d2620080d2030180d2040180d2020000d4c00389d200e0b8f2210180d2c20080d2c30180d2640180d2020000d4e04381d200a0b0f2410080d2a20080d2a30180d2c40080d2020000d40008e03c007008d500dc202e"}}, @svc={0x122, 0x40, {0x84000006, [0x10000, 0x0, 0x8, 0x2, 0x8]}}, @irq_setup={0x46, 0x18, {0x4, 0x176}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff0, 0x10, 0x1}}, @smc={0x1e, 0x40, {0x4, [0xa6ff, 0x9, 0x6, 0x43, 0x7]}}, @irq_setup={0x46, 0x18, {0x2, 0x1a5}}, @eret={0xe6, 0x18, 0xff}, @memwrite={0x6e, 0x30, @generic={0x8080000, 0xbcb, 0x80000001, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x1, 0x7, 0x7, 0x0, 0x3}}, @msr={0x14, 0x20, {0x603000000013c014, 0x10001}}, @hvc={0x32, 0x40, {0xc4000001, [0x6, 0x6, 0xd, 0x2, 0x1000]}}, @hvc={0x32, 0x40, {0xc4000001, [0x0, 0x1, 0x9, 0xa9, 0x8001]}}, @smc={0x1e, 0x40, {0xc4000004, [0x200, 0x7, 0xfffffffffffff658, 0xfffffffffffffff7, 0x100000000]}}, @mrs={0xbe, 0x18, {0x603000000013c663}}, @code={0xa, 0x6c, {"e0de93d200a0b0f2210080d2020080d2630180d2040080d2020000d400108bd20020b0f2e10080d2220080d2830180d2c40080d2020000d40080401f000008d5007008d5008008d5007008d5008008d50004006e008008d5"}}, @irq_setup={0x46, 0x18, {0x0, 0x29e}}, @hvc={0x32, 0x40, {0xc4000003, [0x8, 0x4d4, 0x0, 0x100000000, 0x8]}}, @mrs={0xbe, 0x18, {0x603000000013df45}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x49, 0x10, 0x8000, 0xa, 0x3}}, @svc={0x122, 0x40, {0x1000, [0x8000000000000000, 0x21d7, 0x8, 0xc280, 0x8]}}, @code={0xa, 0x6c, {"000028d5801295d20060b8f2810180d2820180d2430180d2440080d2020000d4007008d5000008d5007008d50058000e604e97d20060b8f2010080d2620080d2430080d2e40080d2020000d400044078008008d5007008d5"}}], 0x594}, &(0x7f0000000080)=[@featur1={0x1, 0x81}], 0x1)
ioctl$KVM_ARM_PREFERRED_TARGET(r3, 0x8020aeaf, &(0x7f00000006c0))
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x101fc, 0x3, 0x5000, 0x1000, &(0x7f0000f3d000/0x1000)=nil})

1h53m12.21611469s ago: executing program 7 (id=164):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
r6 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
syz_memcpy_off$KVM_EXIT_MMIO(r6, 0x20, &(0x7f0000000000)="20716ee07c6cc6bb03a60c77420d807687cbe5f5eba5a50d", 0x0, 0x18)
r7 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r2, r7, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000640)=@arm64_sys={0x603000000013c028, &(0x7f0000000600)=0x5d70})
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r8, 0x4010aeb5, 0x0)

1h52m47.229943036s ago: executing program 7 (id=167):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013dcf0, 0x3}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000aac000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000100)={0x8, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080700})
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0xb1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1h52m25.378766572s ago: executing program 7 (id=169):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ff8000/0x4000)=nil, 0x0, 0x3000005, 0x41812, r3, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000240)={0xdddd1000, 0x1000}) (async)
close(r2)
r4 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1h52m9.577884831s ago: executing program 7 (id=171):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000040)={0x7, <r8=>0xffffffffffffffff})
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
ioctl$KVM_HAS_DEVICE_ATTR(r8, 0x4018aee3, &(0x7f0000000100)=@attr_arm64={0x0, 0x4, 0x0, 0x0})

1h51m27.528650365s ago: executing program 39 (id=170):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xc)
ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000000)={0x7, 0x0, [{0x1, 0x3, 0x1, 0x0, @sint={0x100, 0x6}}, {0x3, 0x3, 0x0, 0x0, @sint={0xb56, 0x4}}, {0x33e, 0x2, 0x0, 0x0, @msi={0x55, 0x5ec0000, 0x2, 0x74}}, {0x2, 0x4, 0x1, 0x0, @irqchip={0x3, 0xb}}, {0xff, 0x4, 0x1, 0x0, @adapter={0x8000, 0xfffffffffffffff9, 0x92, 0x8, 0x5}}, {0xfffffe01, 0x4, 0x0, 0x0, @adapter={0xffffffffffffffff, 0x8001, 0x6, 0xfffffff7, 0x1}}, {0xd, 0x2, 0x0, 0x0, @sint={0x61, 0xffff0ed2}}]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x400, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x400, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x29)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x32)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00000001c0)={0x4, 0xffffffffffffffff, 0x13e32c99aaec09fc})
ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000000200)={0x10003, 0x0, &(0x7f0000ffe000/0x1000)=nil}) (async)
ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000000200)={0x10003, 0x0, &(0x7f0000ffe000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
munmap(&(0x7f0000400000/0xc00000)=nil, 0xc00000)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_ARM_PREFERRED_TARGET(r5, 0x8020aeaf, &(0x7f0000000240))
munmap(&(0x7f0000bfb000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000ee4000/0x2000)=nil, 0x2000)
ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f0000000280)={0x4, 0x0, [{0xffff, 0x4, 0x0, 0x0, @msi={0x10001, 0x9, 0x7f, 0x7}}, {0x5, 0x4, 0x1, 0x0, @sint={0x200, 0xd414}}, {0x8, 0x2, 0x1, 0x0, @sint={0x4, 0x79}}, {0x2e, 0x4, 0x1, 0x0, @sint={0x6}}]})
ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) (async)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f00000003c0)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000380)=0xfffffffc})
mmap$KVM_VCPU(&(0x7f000061b000/0x2000)=nil, r6, 0x1000008, 0x12, r4, 0x0) (async)
mmap$KVM_VCPU(&(0x7f000061b000/0x2000)=nil, r6, 0x1000008, 0x12, r4, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r2, 0x4008ae73, &(0x7f0000000400)={0x3, 0xc556}) (async)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r2, 0x4008ae73, &(0x7f0000000400)={0x3, 0xc556})
eventfd2(0x7, 0x801) (async)
r7 = eventfd2(0x7, 0x801)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000440)={0xffffffffffffffff, 0xfff, 0x1, r7}) (async)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000440)={0xffffffffffffffff, 0xfff, 0x1, r7})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x4a000, 0x0)
ioctl$KVM_CHECK_EXTENSION(r8, 0xae03, 0xde8)
r9 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r2, 0x4068aea3, &(0x7f00000004c0)) (async)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r2, 0x4068aea3, &(0x7f00000004c0))
mmap$KVM_VCPU(&(0x7f0000823000/0x1000)=nil, r6, 0x4, 0x30, r4, 0x0)
r10 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000009c0)={0x0, &(0x7f0000000540)=[@uexit={0x0, 0x18, 0x8}, @code={0xa, 0xb4, {"40a883d20020b8f2e10180d2420080d2a30080d2e40080d2020000d480e687d20080b0f2410080d2020180d2430080d2440180d2020000d400000048008008d5807c80d200e0b0f2810080d2620180d2030080d2a40180d2020000d4005d9ad200e0b0f2a10080d2620080d2830180d2a40080d2020000d4000c403c0000251e202992d200e0b0f2e10080d2620180d2830180d2e40180d2020000d4007008d5"}}, @svc={0x122, 0x40, {0x86000000, [0x9, 0x6, 0x9, 0x1c5, 0xfffffffffffffffe]}}, @irq_setup={0x46, 0x18, {0x1, 0x25c}}, @irq_setup={0x46, 0x18, {0x3, 0x3b4}}, @smc={0x1e, 0x40, {0x84000013, [0x7, 0x3, 0x2, 0x9, 0x1]}}, @uexit={0x0, 0x18, 0xfffffffffffffffa}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x2, 0xb, 0x401, 0x7}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x1cb}}, @msr={0x14, 0x20, {0x603000000013df6b, 0x7}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0xf3}}, @hvc={0x32, 0x40, {0xc4000011, [0x80, 0x4e, 0x7, 0x9, 0x3]}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x4, 0xc, 0x1b, 0x101, 0x3}}, @hvc={0x32, 0x40, {0x32000000, [0x8, 0xd7a, 0x1, 0x6, 0x5]}}, @code={0xa, 0x84, {"40b980d20080b8f2210080d2620180d2c30180d2440080d2020000d4e0549fd200c0b8f2a10180d2420180d2c30180d2c40180d2020000d4007008d5000008d50004200e000440fc80369cd200e0b8f2010080d2a20180d2c30180d2240080d2020000d4000008d5007008d50020c01a"}}, @hvc={0x32, 0x40, {0x80000000, [0xff, 0x9, 0x1, 0xc966, 0x80000000]}}, @irq_setup={0x46, 0x18, {0x0, 0x19e}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x4, 0xc, 0x3, 0x2, 0x1}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x0, 0x8}}, @irq_setup={0x46, 0x18, {0x2, 0xac}}, @hvc={0x32, 0x40, {0x4000, [0x6, 0x1, 0x6c25a22e, 0x6, 0x2]}}], 0x460}, &(0x7f0000000a00)=[@featur2={0x1, 0x8a}], 0x1)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r10, 0x4208ae9b, &(0x7f0000000a40)={0x10000, 0x0, {[0xd, 0x3, 0xffffffff, 0xfffffffffffffa05, 0x1, 0x8001, 0xff, 0xffffffff, 0x15, 0x0, 0xffffffffffffffff, 0x8, 0x58, 0x7, 0x1, 0x400], [0x0, 0x2, 0x4, 0x7, 0x4, 0x4, 0x4, 0x8, 0xd, 0x4f68, 0x5, 0x9, 0xf, 0x4, 0x704d, 0x100000001], [0x0, 0x10001, 0xeb1, 0xffffffffffff4942, 0x380d, 0x4, 0x200, 0x2, 0xd3, 0xd, 0x3, 0x3, 0x2, 0x6, 0xfffffffffffffff8, 0x1000], [0x9, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0xfffffffffffeffff, 0x7, 0xffff, 0xb, 0xffffffff80000000, 0x0, 0x5, 0x101, 0x62e5, 0x1, 0x9e7c]}})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000c80), 0x501800, 0x0)
ioctl$KVM_CHECK_EXTENSION(r11, 0xae03, 0x6) (async)
ioctl$KVM_CHECK_EXTENSION(r11, 0xae03, 0x6)
ioctl$KVM_ARM_VCPU_FINALIZE(r9, 0x4004aec2, &(0x7f0000000cc0)=0x3) (async)
ioctl$KVM_ARM_VCPU_FINALIZE(r9, 0x4004aec2, &(0x7f0000000cc0)=0x3)

1h51m18.586039544s ago: executing program 40 (id=171):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000040)={0x7, <r8=>0xffffffffffffffff})
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
ioctl$KVM_HAS_DEVICE_ATTR(r8, 0x4018aee3, &(0x7f0000000100)=@attr_arm64={0x0, 0x4, 0x0, 0x0})

1h41m42.17894827s ago: executing program 1 (id=173):
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r0 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000580)={0x0, &(0x7f0000000000)=[@uexit={0x0, 0x18, 0x9}, @code={0xa, 0x6c, {"00c0271e7f2003d500f4a02e000860b8007008d5e06c83d200e0b0f2210180d2e20080d2630180d2040080d2020000d4406482d20020b0f2010080d2e20080d2430080d2240180d2020000d4007008d5001ce02e007008d5"}}, @msr={0x14, 0x20, {0x603000000013e300, 0xfffffffffffff001}}, @smc={0x1e, 0x40, {0x84000006, [0xc, 0x9, 0x0, 0x7, 0x8]}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x26c}}, @smc={0x1e, 0x40, {0x84000006, [0x6, 0x7fffffffffffffff, 0x2, 0x5, 0x3]}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x8b}}, @uexit={0x0, 0x18, 0xffffffffffffff00}, @code={0xa, 0x6c, {"40d991d200e0b8f2210180d2220180d2a30080d2040180d2020000d400000072000030d50020202e0020005e000028d520229ad200e0b0f2210180d2220180d2630180d2e40080d2020000d400004028000000a90004002f"}}, @eret={0xe6, 0x18, 0x4}, @mrs={0xbe, 0x18, {0x603000000013c200}}, @svc={0x122, 0x40, {0x84000014, [0x1, 0x9, 0xa, 0x101, 0x40]}}, @svc={0x122, 0x40, {0x40, [0x8, 0x3, 0x5, 0xee00000000000000]}}, @smc={0x1e, 0x40, {0x2, [0x6, 0x5, 0x4, 0x2, 0x6]}}, @svc={0x122, 0x40, {0x80008000, [0x4, 0x1, 0x62, 0xb55]}}, @eret={0xe6, 0x18, 0x1}, @smc={0x1e, 0x40, {0x3000000, [0xf8f, 0x8a47, 0x51, 0x866]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x0, 0xffffffff, 0x8}}, @hvc={0x32, 0x40, {0x4000000, [0x6, 0x9, 0x7fffffff, 0x6, 0x7]}}, @mrs={0xbe, 0x18, {0x603000000013df44}}, @mrs={0xbe, 0x18, {0x603000000013def6}}, @svc={0x122, 0x40, {0xc4000007, [0x81, 0x5, 0x4, 0x81, 0x44]}}, @svc={0x122, 0x40, {0x0, [0x9, 0x7, 0x8, 0x1, 0x7]}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x3ba}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x1a5}}, @hvc={0x32, 0x40, {0x4000, [0x6, 0x1, 0x86, 0x3, 0xcaed]}}], 0x530}, &(0x7f00000005c0)=[@featur2={0x1, 0x6a}], 0x1)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r0, 0x4018aee2, &(0x7f0000000640)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000600)=0x4})
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000280)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x603000000010004c, &(0x7f0000000100)=0x401})
r5 = mmap$KVM_VCPU(&(0x7f000000e000/0x1000)=nil, 0x930, 0x7000007, 0x80031, r4, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)

1h41m16.52117959s ago: executing program 1 (id=174):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2b)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x1, 0xe000, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000080)={0x3000, 0x122000, 0x20000001})
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, r8, 0x2000000, 0x14012, r6, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000001480)={0xfdfd, 0x13000, 0x1})
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x2d)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000680)={0x0, &(0x7f0000000800)=[@svc={0x122, 0x40, {0x80000002, [0x3, 0x1, 0x0, 0x2bb5, 0x76b7]}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x20f}}, @mrs={0xbe, 0x18, {0x603000000013def0}}, @eret={0xe6, 0x18}, @its_setup={0x82, 0x28, {0xffffffffffffffff, 0x4, 0xfe}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x2, 0x8, 0x7, 0x101}}, @msr={0x14, 0x20, {0x603000000013e6d3, 0x7}}, @code={0xa, 0x54, {"007008d5000028d5007008d50080a09b000008d5000820bc008c004f000008d5a03a8ed20080b0f2810180d2420180d2c30180d2c40080d2020000d4007008d5"}}, @eret={0xe6, 0x18, 0x10000}, @hvc={0x32, 0x40, {0x1, [0x4, 0x100000000000, 0x7, 0x401, 0x4]}}, @mrs={0xbe, 0x18, {0x603000000013c210}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x186}}, @eret={0xe6, 0x18, 0x7fffffffffffffff}, @eret={0xe6, 0x18, 0xd}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x1, 0x4, 0x1, 0x731c, 0x2}}, @hvc={0x32, 0x40, {0x40000015, [0x1, 0x6, 0x8000000000000001, 0x40, 0x2]}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0xeb}}, @irq_setup={0x46, 0x18, {0x2, 0xdc}}, @code={0xa, 0xe4, {"007008d5a07d8bd20080b0f2610180d2420080d2230180d2440080d2020000d4a0c39fd20000b8f2210180d2220080d2030180d2840080d2020000d4007196d200c0b0f2210080d2220180d2230080d2640180d2020000d4604b99d20040b8f2e10080d2420180d2e30080d2640080d2020000d480a892d200a0b0f2610080d2220180d2230080d2040080d2020000d4602b9fd20040b8f2e10080d2420080d2a30180d2c40080d2020000d40060000e007008d580ba9dd20060b0f2c10180d2820080d2c30080d2040080d2020000d4"}}, @msr={0x14, 0x20, {0x6030000000138005, 0x8}}, @hvc={0x32, 0x40, {0x1000, [0xcac2, 0x2, 0xa19e, 0x2, 0x4]}}, @code={0xa, 0x84, {"20cc8ed20040b0f2e10080d2a20080d2230080d2e40080d2020000d400d8307ec0a293d20020b0f2810180d2e20180d2e30180d2a40180d2020000d40084600d008008d5000028d5000000b8006080d20060b0f2410180d2e20080d2630180d2c40080d2020000d4005cc09a0024000f"}}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x179}}, @svc={0x122, 0x40, {0x30000000, [0x2, 0xfffffffffffffffa, 0x4, 0x0, 0x80000000]}}, @eret={0xe6, 0x18, 0x1}, @mrs={0xbe, 0x18, {0x603000000013e6d2}}, @uexit={0x0, 0x18, 0x2}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x58, 0x100000001, 0x7}}, @uexit={0x0, 0x18, 0x4}, @irq_setup={0x46, 0x18, {0x4, 0x45}}, @hvc={0x32, 0x40, {0x84000002, [0x7, 0x2, 0x7, 0x6, 0xfffffffffffffffb]}}, @smc={0x1e, 0x40, {0x84000006, [0x9, 0x1, 0xd, 0x5, 0xab0d]}}], 0x624}, &(0x7f00000006c0)=[@featur1={0x1, 0x14}], 0x1)
syz_kvm_vgic_v3_setup(r10, 0x4, 0x20)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r10, 0x4008ae6a, &(0x7f0000000700)={0x4, 0x0, [{0x3, 0x2, 0x1, 0x0, @adapter={0x7, 0x8000000000000000, 0x10001, 0x2, 0x1}}, {0x1800, 0x2, 0x0, 0x0, @adapter={0x2, 0xff, 0x4, 0x2, 0x4}}, {0x90, 0x1, 0x0, 0x0, @sint={0x9}}, {0x6, 0x2, 0x0, 0x0, @msi={0x0, 0xa, 0x2d85, 0x10}}]})
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r14, 0x4068aea3, &(0x7f0000000040)={0xe4, 0x0, 0x1000})
syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000100)={0x0, &(0x7f0000000280)=[@code={0xa, 0xb4, {"000860bc0024002f000028d540e689d20020b8f2a10080d2a20180d2e30180d2e40180d2020000d4a09785d20080b0f2010180d2220080d2630180d2a40080d2020000d4008008d500a0400c400d87d20080b8f2010180d2020080d2630080d2a40180d2020000d4e02684d200c0b8f2a10180d2020080d2c30180d2440180d2020000d4206697d20060b0f2010180d2e20180d2830080d2040180d2020000d4"}}, @eret={0xe6, 0x18, 0xeae}, @hvc={0x32, 0x40, {0x400b00b, [0x6, 0x346fc349, 0x0, 0x0, 0x401]}}, @code={0xa, 0x84, {"e003202a209c87d200c0b8f2010080d2420080d2830180d2440180d2020000d4007008d5e08588d20060b0f2210080d2020080d2c30080d2040080d2020000d4007008d50000402d60569dd20040b0f2a10180d2820080d2e30180d2240080d2020000d4001ce02e007008d500808048"}}, @svc={0x122, 0x40, {0x84000009, [0xe89, 0x3, 0x4, 0x1, 0x6]}}, @smc={0x1e, 0x40, {0x3f000000, [0x1, 0x3, 0x2, 0x4, 0x800]}}], 0x210}, &(0x7f0000000140)=[@featur2={0x1, 0x1a}], 0x1)
ioctl$KVM_RUN(r15, 0xae80, 0x0)
ioctl$KVM_GET_ONE_REG(r12, 0x4010aeab, &(0x7f0000000000)=@arm64_sve={0x60800000001504cb, 0x0})

1h40m42.978290034s ago: executing program 1 (id=175):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x28)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f00000011c0)=@arm64={0x5, 0xff, 0xc, '\x00', 0x1e00000000000})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000000)={0x0, &(0x7f00000005c0)=[@eret={0xe6, 0x18, 0x3}, @mrs={0xbe, 0x18, {0x603000000013deec}}, @hvc={0x32, 0x40, {0x80000000, [0x8, 0x5, 0x5, 0x100000000, 0x2]}}, @code={0xa, 0x84, {"000028d50008c09a200898d20080b8f2a10180d2220080d2e30080d2240180d2020000d4007008d5000cc03800798fd20020b8f2e10180d2220080d2430080d2a40180d2020000d40078207e007008d5408c99d20060b0f2210080d2620180d2a30080d2c40080d2020000d4005c202e"}}, @uexit={0x0, 0x18, 0x1}, @hvc={0x32, 0x40, {0xc4000012, [0x58, 0xfffffffffffffff8, 0xffffffffffffffff, 0x4, 0xea6b]}}, @hvc={0x32, 0x40, {0xc4000010, [0x5, 0x4, 0x10001, 0x7fff, 0x8]}}, @svc={0x122, 0x40, {0xc4000003, [0x5051, 0x8, 0xffff, 0x5, 0x3]}}, @msr={0x14, 0x20, {0x603000000013dce4, 0x8}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x3cc}}, @svc={0x122, 0x40, {0x800, [0x4, 0x3, 0xfc9, 0x80, 0xe83b]}}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x18b}}, @msr={0x14, 0x20, {0x603000000013e722, 0xc}}, @code={0xa, 0x54, {"a03b98d20000b8f2210080d2220180d2230080d2440180d2020000d40074000f0004809a0038207e0000219e007008d50004007f000440b8007008d5007008d5"}}, @eret={0xe6, 0x18, 0x9}, @uexit={0x0, 0x18, 0x4}, @svc={0x122, 0x40, {0x86000000, [0x1, 0x8001, 0x1, 0x3, 0x5]}}, @smc={0x1e, 0x40, {0x84000004, [0x3, 0x7, 0x8, 0xde, 0xfffffffffffffffc]}}, @eret={0xe6, 0x18, 0x7}, @msr={0x14, 0x20, {0x603000000013a038, 0x3}}, @svc={0x122, 0x40, {0x20, [0x0, 0x5, 0x0, 0x1, 0x2]}}, @irq_setup={0x46, 0x18, {0x1, 0x191}}], 0x430}, &(0x7f0000000080), 0x1)
ioctl$KVM_CHECK_EXTENSION_VM(r5, 0xae03, 0x0)

1h39m57.549222674s ago: executing program 41 (id=175):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x28)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f00000011c0)=@arm64={0x5, 0xff, 0xc, '\x00', 0x1e00000000000})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000000)={0x0, &(0x7f00000005c0)=[@eret={0xe6, 0x18, 0x3}, @mrs={0xbe, 0x18, {0x603000000013deec}}, @hvc={0x32, 0x40, {0x80000000, [0x8, 0x5, 0x5, 0x100000000, 0x2]}}, @code={0xa, 0x84, {"000028d50008c09a200898d20080b8f2a10180d2220080d2e30080d2240180d2020000d4007008d5000cc03800798fd20020b8f2e10180d2220080d2430080d2a40180d2020000d40078207e007008d5408c99d20060b0f2210080d2620180d2a30080d2c40080d2020000d4005c202e"}}, @uexit={0x0, 0x18, 0x1}, @hvc={0x32, 0x40, {0xc4000012, [0x58, 0xfffffffffffffff8, 0xffffffffffffffff, 0x4, 0xea6b]}}, @hvc={0x32, 0x40, {0xc4000010, [0x5, 0x4, 0x10001, 0x7fff, 0x8]}}, @svc={0x122, 0x40, {0xc4000003, [0x5051, 0x8, 0xffff, 0x5, 0x3]}}, @msr={0x14, 0x20, {0x603000000013dce4, 0x8}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x3cc}}, @svc={0x122, 0x40, {0x800, [0x4, 0x3, 0xfc9, 0x80, 0xe83b]}}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x18b}}, @msr={0x14, 0x20, {0x603000000013e722, 0xc}}, @code={0xa, 0x54, {"a03b98d20000b8f2210080d2220180d2230080d2440180d2020000d40074000f0004809a0038207e0000219e007008d50004007f000440b8007008d5007008d5"}}, @eret={0xe6, 0x18, 0x9}, @uexit={0x0, 0x18, 0x4}, @svc={0x122, 0x40, {0x86000000, [0x1, 0x8001, 0x1, 0x3, 0x5]}}, @smc={0x1e, 0x40, {0x84000004, [0x3, 0x7, 0x8, 0xde, 0xfffffffffffffffc]}}, @eret={0xe6, 0x18, 0x7}, @msr={0x14, 0x20, {0x603000000013a038, 0x3}}, @svc={0x122, 0x40, {0x20, [0x0, 0x5, 0x0, 0x1, 0x2]}}, @irq_setup={0x46, 0x18, {0x1, 0x191}}], 0x430}, &(0x7f0000000080), 0x1)
ioctl$KVM_CHECK_EXTENSION_VM(r5, 0xae03, 0x0)

1h30m38.06779315s ago: executing program 42 (id=172):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100024, &(0x7f0000000140)=0x7})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x29)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, &(0x7f0000000340)=[@its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x3, 0x10, 0x8, 0x8, 0x2}}, @svc={0x122, 0x40, {0x100, [0x9, 0x7030, 0x3, 0x5, 0x3]}}, @code={0xa, 0x6c, {"008008d50044207e0000809a007008d5006c200e007c001b20ec99d20040b8f2810180d2e20180d2230180d2240180d2020000d4a0a19dd20080b0f2810180d2620080d2630080d2640080d2020000d40820601e000008d5"}}], 0xd4}, 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
r9 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r8, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r8, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000100)={0x202, 0x2, 0x1, 0x1000, &(0x7f0000ffc000/0x1000)=nil})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) (async)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100024, &(0x7f0000000140)=0x7}) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x29) (async)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, &(0x7f0000000340)=[@its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x3, 0x10, 0x8, 0x8, 0x2}}, @svc={0x122, 0x40, {0x100, [0x9, 0x7030, 0x3, 0x5, 0x3]}}, @code={0xa, 0x6c, {"008008d50044207e0000809a007008d5006c200e007c001b20ec99d20040b8f2810180d2e20180d2230180d2240180d2020000d4a0a19dd20080b0f2810180d2620080d2630080d2640080d2020000d40820601e000008d5"}}], 0xd4}, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1) (async)
mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r8, 0x0) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r8, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000100)={0x202, 0x2, 0x1, 0x1000, &(0x7f0000ffc000/0x1000)=nil}) (async)

1h30m22.338676855s ago: executing program 43 (id=178):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000040)={0x0, &(0x7f0000000540)=[@code={0xa, 0x6c, {"000008d5c0f782d20060b8f2a10080d2e20180d2630180d2840180d2020000d4007008d5007008d50020600d0008c038007008d500a0202e201887d200c0b8f2210080d2a20180d2830180d2440180d2020000d40000002d"}}, @irq_setup={0x46, 0x18, {0x3, 0x26b}}, @smc={0x1e, 0x40, {0x1000000, [0x3f, 0x9, 0x0, 0x41]}}, @mrs={0xbe, 0x18, {0x603000000013803d}}, @smc={0x1e, 0x40, {0xc4000014, [0x4, 0x8, 0x0, 0x5, 0x150f9fb8]}}, @mrs={0xbe, 0x18, {0x6030000000138065}}, @uexit={0x0, 0x18, 0x3}, @uexit={0x0, 0x18}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x0, 0x10, 0x200, 0x8, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff4, 0x9, 0xd}}, @eret={0xe6, 0x18, 0x7}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x190}}, @code={0xa, 0x84, {"007008d5a02e8cd200c0b0f2610080d2820080d2e30180d2040080d2020000d480f491d200c0b8f2010180d2420080d2c30180d2c40080d2020000d4205899d200a0b8f2210180d2820080d2630180d2240180d2020000d4000008d500008013007008d5007008d50010202e0088201e"}}, @svc={0x122, 0x40, {0x84000004, [0xd, 0x3, 0xa8, 0x8000000000000001, 0x6]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x3, 0xe, 0x1ff, 0x7f, 0x4}}, @uexit={0x0, 0x18, 0x6}, @msr={0x14, 0x20, {0x603000000013c802, 0x1}}, @svc={0x122, 0x40, {0x84000005, [0x3ff, 0x3, 0x6, 0x9987, 0x9]}}, @eret={0xe6, 0x18, 0x8224}, @smc={0x1e, 0x40, {0x84000010, [0xc2, 0x80000000, 0x9, 0x1]}}, @msr={0x14, 0x20, {0x603000000013e100, 0x9}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x1, 0x1, 0x80, 0x1}}, @hvc={0x32, 0x40, {0x0, [0x4, 0x6, 0x4, 0x2, 0xc037]}}, @eret={0xe6, 0x18, 0xffffffffffffffff}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x0, 0xe, 0x5, 0x6, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013e64a}}, @mrs={0xbe, 0x18, {0x603000000013e6db}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x88}}, @svc={0x122, 0x40, {0x7100800c, [0xb, 0x8f0, 0x8, 0x5, 0x200]}}], 0x520}, &(0x7f0000000080)=[@featur1={0x1, 0x8c}], 0x1)
ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, &(0x7f00000000c0)={0x2, [0x6, 0xb]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil})

1h18m6.836158177s ago: executing program 44 (id=197):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r4, 0x4010ae42, 0x0)
r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x603000000010004c, 0x0})

1h18m0.968081266s ago: executing program 45 (id=198):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013c006, &(0x7f0000000040)=0xffffffffffffffff}) (async)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013c006, &(0x7f0000000040)=0xffffffffffffffff})
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000240)={0x0, &(0x7f0000000000)=[@memwrite={0x6e, 0x30, @generic={0x8080000, 0xdc2, 0x4, 0x9}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x58, 0x9, 0x5}}, @eret={0xe6, 0x18, 0xffffffff}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x3ff}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x0, 0xffffffff, 0x8b2884608622718f}}, @code={0xa, 0x9c, {"807c83d20040b8f2010180d2620180d2830180d2a40180d2020000d4008008d5807292d200a0b8f2c10180d2220080d2c30080d2e40180d2020000d4008008d5008008d5c0be9fd200e0b8f2410080d2c20180d2830080d2440080d2020000d4007008d5406a86d200e0b8f2010080d2820080d2430080d2840080d2020000d4000000fd00b0204e"}}, @svc={0x122, 0x40, {0x6000007, [0x345, 0x5, 0x2, 0x8000, 0x2]}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x151}}], 0x1d4}, 0x0, 0x0) (async)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000240)={0x0, &(0x7f0000000000)=[@memwrite={0x6e, 0x30, @generic={0x8080000, 0xdc2, 0x4, 0x9}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x58, 0x9, 0x5}}, @eret={0xe6, 0x18, 0xffffffff}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x3ff}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x0, 0xffffffff, 0x8b2884608622718f}}, @code={0xa, 0x9c, {"807c83d20040b8f2010180d2620180d2830180d2a40180d2020000d4008008d5807292d200a0b8f2c10180d2220080d2c30080d2e40180d2020000d4008008d5008008d5c0be9fd200e0b8f2410080d2c20180d2830080d2440080d2020000d4007008d5406a86d200e0b8f2010080d2820080d2430080d2840080d2020000d4000000fd00b0204e"}}, @svc={0x122, 0x40, {0x6000007, [0x345, 0x5, 0x2, 0x8000, 0x2]}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x151}}], 0x1d4}, 0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1f)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x38) (async)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x38)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f00000002c0)={0x2, <r6=>0xffffffffffffffff, 0x1})
write$eventfd(r6, &(0x7f00000001c0)=0x7ffffff, 0xfdef)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) (async)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_IRQ_LINE(r8, 0x4008ae61, &(0x7f0000000200)={0x2334, 0xe})
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r8, 0x4068aea3, &(0x7f0000000300)) (async)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r8, 0x4068aea3, &(0x7f0000000300))
syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0) (async)
syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000180)={0x0, &(0x7f0000000080)=[@memwrite={0x6e, 0x30, @generic={0xdddd1000, 0x245, 0x9, 0xe}}], 0x30}, 0x0, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000100)=@arm64_ccsidr={0x6020000000110002, 0xfffffffffffffffe})

1h9m55.148297219s ago: executing program 6 (id=200):
r0 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
munmap(&(0x7f0000187000/0x1000)=nil, 0x1000) (async, rerun: 32)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000000000/0x400000)=nil) (async, rerun: 32)
r2 = mmap$KVM_VCPU(&(0x7f0000148000/0x1000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5) (async, rerun: 32)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) (rerun: 32)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) (async, rerun: 32)
r5 = syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) (rerun: 32)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0x5, 0xfffffffffffffff7, 0x0})

1h9m51.178093831s ago: executing program 5 (id=199):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r2 = syz_kvm_add_vcpu$arm64(r1, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x0, 0x0, 0x6, 0x2, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x100)
r3 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0x1, 0x2012, r5, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f00005e1000/0x3000)=nil, r7, 0x2000009, 0x213011, r5, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_ARM_PREFERRED_TARGET(r2, 0x8020aeaf, &(0x7f0000000040))
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)

1h9m41.730360852s ago: executing program 6 (id=201):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ARM_PREFERRED_TARGET(r2, 0x8020aeaf, &(0x7f0000000000))
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r3=>0xffffffffffffffff})
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r1, 0x4068aea3, &(0x7f0000000080))
ioctl$KVM_HAS_DEVICE_ATTR(r3, 0x4018aee3, &(0x7f0000000940)=@attr_arm64={0x0, 0x4, 0x3, 0x0})

1h9m36.858304798s ago: executing program 5 (id=202):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x27)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000300)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x4, 0xd}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x0, 0x4, 0x6, 0x0, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) (async)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) (async)
close(r7) (async)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r9=>0xffffffffffffffff}) (async)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000140)={0x4, <r12=>0xffffffffffffffff, 0x1})
close(r12)
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
ioctl$KVM_GET_STATS_FD_cpu(r5, 0xaece) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1a)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_CHECK_EXTENSION_VM(r3, 0xae03, 0x645a) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)

1h9m27.806067498s ago: executing program 6 (id=203):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000180)={0x0, &(0x7f0000000300)=[@uexit={0x0, 0x18, 0x4}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x58, 0x2, 0x3}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x3, 0x5, 0x0, 0x6}}, @hvc={0x32, 0x40, {0x84000004, [0x7, 0xe7, 0x40, 0x6, 0x1]}}, @eret={0xe6, 0x18, 0x9}, @svc={0x122, 0x40, {0x40000000, [0xe, 0xffffffffffffff80, 0x6, 0x8, 0x8]}}, @code={0xa, 0x9c, {"008008d5e0ce97d200e0b0f2610180d2020080d2430080d2040080d2020000d4000008d50094005f80fc94d20020b8f2c10080d2e20180d2630080d2040180d2020000d420ec8fd20000b0f2010080d2e20080d2a30180d2840080d2020000d420d183d200c0b0f2610080d2220080d2630080d2440180d2020000d4008008d5008c006f0000000c"}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x24d}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x2, 0x7, 0xb, 0x0, 0x4}}, @irq_setup={0x46, 0x18, {0x0, 0xe}}, @smc={0x1e, 0x40, {0x8400000b, [0x6, 0x1, 0xfffffffffffffffb, 0x10000, 0x1]}}], 0x24c}, &(0x7f00000001c0)=[@featur2={0x1, 0x4}], 0x1)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r1, 0x4018aee3, &(0x7f0000000240)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000200)={0x3, 0x7}})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0x80111500, 0x20000000)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0x80111500, 0x20000000)
write$eventfd(r4, &(0x7f0000000040), 0x8)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000000)={0x7, <r7=>0xffffffffffffffff})
r8 = eventfd2(0x0, 0x80800)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000140)={0x4, <r11=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r11, 0x800454cf, 0x0)
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x0, r8})
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000})
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f00000000c0)={0x8})
mmap$KVM_VCPU(&(0x7f0000f72000/0x1000)=nil, 0x930, 0x0, 0xe832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SIGNAL_MSI(r6, 0x4020aea5, &(0x7f0000000000)={0x6000, 0x6000, 0x0, 0x1, 0x40000043})
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_RESET_DIRTY_RINGS(r13, 0xaec7)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000140)=@attr_other={0x0, 0x8000000, 0x4, &(0x7f0000000280)=0xffffffffffffff00})

1h9m19.878575042s ago: executing program 5 (id=204):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
r4 = eventfd2(0x0, 0x1)
r5 = eventfd2(0xfffffffa, 0x80001)
write$eventfd(r5, &(0x7f0000000200)=0x8, 0x8)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r4, 0x8, 0x2, r5})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x3f, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000d70000/0x3000)=nil, 0x3000)

1h9m7.909005765s ago: executing program 6 (id=205):
r0 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000000)="0936aec61ede75c38c2a0999efc4d5cd48d75d201a1b069fad696d354629d023b4a25bee020cb6308b30ada0be97d0f410b4bef786fa7f8fbfe2e86f97bd20ebbaf6fe53373a1991", 0x0, 0x48)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, &(0x7f00000002c0)=[@code={0xa, 0x6c, {"001c600e00a69ed20080b0f2a10180d2c20180d2830180d2640080d2020000d4007008d500a98ad200a0b0f2610080d2a20180d2c30180d2e40080d2020000d400709f0c007008d50024002f00fca00e000028d5007008d5"}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x20c}}, @eret={0xe6, 0x18, 0x48}, @eret={0xe6, 0x18, 0x21c}, @irq_setup={0x46, 0x18, {0x0, 0x2e5}}, @mrs={0xbe, 0x18, {0x603000000013e643}}, @hvc={0x32, 0x40, {0x8400000a, [0x9, 0x6, 0x10, 0x2, 0x3]}}, @uexit={0x0, 0x18, 0x8d8}, @eret={0xe6, 0x18, 0x2}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x396}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x8, 0x9, 0x8}}, @code={0xa, 0xcc, {"007008d520f59bd200a0b0f2410180d2620180d2e30080d2a40080d2020000d40020002fc09590d20000b0f2c10180d2220180d2430180d2e40080d2020000d40060005e001780d200e0b0f2a10180d2020080d2630080d2840180d2020000d460028fd20040b8f2410080d2c20180d2e30080d2640080d2020000d4008008d560b396d20000b0f2010180d2220180d2c30180d2440180d2020000d4c04191d200a0b0f2e10180d2820180d2a30080d2440080d2020000d4"}}], 0x288}, &(0x7f00000000c0), 0x1)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0xdc032, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e700", 0x0, 0x48)
ioctl$KVM_ARM_PREFERRED_TARGET(r1, 0x8020aeaf, &(0x7f0000000180))

1h8m55.637878519s ago: executing program 6 (id=206):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x2710, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 64)
r5 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) (rerun: 64)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0x84000001, [0x8, 0x939, 0xe, 0x7f, 0x4]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil}) (async)
r9 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x50, 0x6243, 0x5}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async, rerun: 32)
ioctl$KVM_SET_SIGNAL_MASK(r9, 0x4004ae8b, &(0x7f0000000340)={0xe8, "fed05f3fd715bfafabf3217efadec2904b906b7a7402cad05c5caff25a40396f66b404132384d0dcca8da91e22cac0be2a9a7859a3dc63e009afd43667ee7d9636614c941307d09129b9a1b4a3863c511f35d99b555786c699f252e533c442daeb46098c751c26045da6325f336ec51695cdc7ad362209ef6f560a6f9a87d724eba764530abf04fdc4d69df0656560767a97ff9748ebe3a9a4bdf31d888b401b13b41813885a12cdf3c86bf9430f1a46afb3402a535258733f57d15b3b574703b330d94fe600de052ac685a40064f49546d6edbc4a707ce93513d1a755ab60082774e35f2d90c9b9"}) (async, rerun: 32)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xfffffffffffffffe)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0) (async, rerun: 32)
syz_kvm_vgic_v3_setup(r10, 0x1, 0x240) (async, rerun: 32)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, <r13=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x6, 0x0, &(0x7f0000000280)})
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, <r14=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_RUN(r12, 0xae80, 0x0)

1h8m30.810025657s ago: executing program 46 (id=204):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
r4 = eventfd2(0x0, 0x1)
r5 = eventfd2(0xfffffffa, 0x80001)
write$eventfd(r5, &(0x7f0000000200)=0x8, 0x8)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r4, 0x8, 0x2, r5})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x3f, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000d70000/0x3000)=nil, 0x3000)

1h8m8.510428853s ago: executing program 47 (id=206):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x2710, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 64)
r5 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) (rerun: 64)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0x84000001, [0x8, 0x939, 0xe, 0x7f, 0x4]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil}) (async)
r9 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x50, 0x6243, 0x5}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async, rerun: 32)
ioctl$KVM_SET_SIGNAL_MASK(r9, 0x4004ae8b, &(0x7f0000000340)={0xe8, "fed05f3fd715bfafabf3217efadec2904b906b7a7402cad05c5caff25a40396f66b404132384d0dcca8da91e22cac0be2a9a7859a3dc63e009afd43667ee7d9636614c941307d09129b9a1b4a3863c511f35d99b555786c699f252e533c442daeb46098c751c26045da6325f336ec51695cdc7ad362209ef6f560a6f9a87d724eba764530abf04fdc4d69df0656560767a97ff9748ebe3a9a4bdf31d888b401b13b41813885a12cdf3c86bf9430f1a46afb3402a535258733f57d15b3b574703b330d94fe600de052ac685a40064f49546d6edbc4a707ce93513d1a755ab60082774e35f2d90c9b9"}) (async, rerun: 32)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xfffffffffffffffe)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0) (async, rerun: 32)
syz_kvm_vgic_v3_setup(r10, 0x1, 0x240) (async, rerun: 32)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, <r13=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x6, 0x0, &(0x7f0000000280)})
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, <r14=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_RUN(r12, 0xae80, 0x0)

49m34.045938597s ago: executing program 8 (id=287):
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000a1e000/0x400000)=nil)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r2, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
r3 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000000)={0x0, &(0x7f0000000540)}, &(0x7f0000000040)=[@featur2={0x1, 0x2}], 0x1)
syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000140)={0x0, &(0x7f00000002c0)=[@hvc={0x32, 0x40, {0x200ff05, [0x8001, 0xf, 0x3, 0x2, 0xd]}}, @hvc={0x32, 0x40, {0x84000013, [0xa, 0x2, 0x9, 0x0, 0x101]}}, @hvc={0x32, 0x40, {0x0, [0x6, 0x8, 0xfffffffffffffffc, 0x4, 0x6]}}, @code={0xa, 0x9c, {"0000639ec0d597d200c0b0f2810080d2020080d2e30080d2a40180d2020000d4401e8ed20040b0f2810180d2620180d2c30080d2e40080d2020000d480f691d200c0b8f2610180d2020080d2030180d2040080d2020000d400bc200e008008d5007008d55f3003d5000008d5e05192d200e0b8f2e10080d2420080d2830080d2240180d2020000d4"}}, @svc={0x122, 0x40, {0x8600ff01, [0xff, 0x4, 0x1, 0xb1, 0x8]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x8, 0x0, 0x2}}], 0x1cc}, &(0x7f0000000200)=[@featur2], 0x1)
ioctl$KVM_GET_REGS(r3, 0x8360ae81, &(0x7f00000004c0))
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_GET_REG_LIST(r7, 0xc008aeb0, &(0x7f0000000000))
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
close(0xffffffffffffffff)
ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f0000000000)={0xcb, 0x1000, 0x2, 0xffffffffffffffff, 0x8})
mmap$KVM_VCPU(&(0x7f0000009000/0x2000)=nil, 0x0, 0x2000009, 0x11, 0xffffffffffffffff, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r12, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x0)
r16 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r15, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r16, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000b9e000/0x2000)=nil, 0x0, 0x1000001, 0x11, r15, 0x0)

49m16.698060473s ago: executing program 4 (id=289):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) (async)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e) (async)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000080)=@arm64_sys={0x603000000013c4f1, &(0x7f00000001c0)=0x3}) (async, rerun: 64)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (rerun: 64)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)

49m8.692070102s ago: executing program 8 (id=290):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000ab9000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000240)=@attr_other={0x0, 0x8, 0x0, &(0x7f0000000300)=0x137})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xdddd1000, 0x0, r8})
close(r8)
r9 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x603000000010001a, 0x0})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x200200, 0x0)
ioctl$KVM_CHECK_EXTENSION(r10, 0xc020660b, 0x40000000000e1)

48m28.759977357s ago: executing program 48 (id=289):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) (async)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e) (async)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000080)=@arm64_sys={0x603000000013c4f1, &(0x7f00000001c0)=0x3}) (async, rerun: 64)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (rerun: 64)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)

48m20.697401032s ago: executing program 49 (id=290):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000ab9000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000240)=@attr_other={0x0, 0x8, 0x0, &(0x7f0000000300)=0x137})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xdddd1000, 0x0, r8})
close(r8)
r9 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x603000000010001a, 0x0})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x200200, 0x0)
ioctl$KVM_CHECK_EXTENSION(r10, 0xc020660b, 0x40000000000e1)

41m58.668161812s ago: executing program 1 (id=292):
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@its_setup={0x82, 0x28, {0x1, 0x81, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000)
openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000640)=@arm64_sys={0x603000000013c028, &(0x7f0000000600)=0x5d70})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r12, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100034, &(0x7f0000000100)=0x3})
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r8, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x1000)=nil, r8, 0x0, 0x10010, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r4, 0x4068aea3, &(0x7f0000000000))
r13 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r15, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)

41m38.919978338s ago: executing program 7 (id=291):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000040)={0x10001, 0x1})

41m11.661950524s ago: executing program 50 (id=292):
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@its_setup={0x82, 0x28, {0x1, 0x81, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000)
openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000640)=@arm64_sys={0x603000000013c028, &(0x7f0000000600)=0x5d70})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r12, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100034, &(0x7f0000000100)=0x3})
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r8, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x1000)=nil, r8, 0x0, 0x10010, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r4, 0x4068aea3, &(0x7f0000000000))
r13 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r15, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)

40m51.495486854s ago: executing program 51 (id=291):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000040)={0x10001, 0x1})

30m49.227524835s ago: executing program 9 (id=303):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000000), 0x8280, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = mmap$KVM_VCPU(&(0x7f0000eee000/0x4000)=nil, 0x0, 0x3800008, 0x2010, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x0, 0x2000002, 0x12, r5, 0x0)
r7 = eventfd2(0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000bff000/0x400000)=nil)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x600400, 0x0)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000240)={0x0, &(0x7f00000007c0)=[@its_setup={0x82, 0x28, {0x0, 0x2, 0x39a}}, @svc={0x122, 0x40, {0x84000004, [0xffffffff00000001, 0x100000001, 0x3, 0x1, 0xb]}}, @irq_setup={0x46, 0x18, {0x3, 0x91}}, @eret={0xe6, 0x18, 0x6}, @code={0xa, 0xb4, {"006095d20060b0f2a10080d2820080d2830180d2e40180d2020000d4000028d5c0df9ed20000b0f2410080d2c20180d2230080d2a40180d2020000d40050206ea0148ad20000b8f2610180d2e20180d2c30080d2840080d2020000d440a784d200e0b0f2810180d2220080d2630080d2a40180d2020000d40020002f0000209b007008d5a03883d200e0b8f2210180d2c20180d2230180d2440080d2020000d4"}}, @irq_setup={0x46, 0x18, {0x2, 0x1d0}}, @svc={0x122, 0x40, {0x8400000f, [0x3c6, 0x1105, 0xc12f, 0x2, 0x3]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x2, 0x6, 0x7, 0xfff, 0x3}}, @svc={0x122, 0x40, {0xc4008003, [0x8, 0xfffffffffffff975, 0xa, 0x4]}}, @eret={0xe6, 0x18, 0x9}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x80, 0x0, 0xd}}, @its_send_cmd={0xaa, 0x28, {0x3, 0xff, 0x4, 0x4, 0x10000, 0x9, 0x1}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x100, 0x7f, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x2, 0x4, 0x9c28, 0xd, 0x1}}, @eret={0xe6, 0x18, 0x24f}, @msr={0x14, 0x20, {0x603000000013c038, 0x5}}, @uexit={0x0, 0x18, 0x593}, @code={0xa, 0x9c, {"0038216e008008d5c0528ed20020b8f2e10080d2020080d2c30180d2c40080d2020000d4000000320000805260d398d200c0b0f2e10180d2620080d2830080d2840180d2020000d480e19cd200a0b8f2e10080d2e20180d2630180d2840180d2020000d4007008d50080df0de05195d200e0b8f2e10180d2220080d2830080d2640180d2020000d4"}}, @uexit={0x0, 0x18, 0x8}, @svc={0x122, 0x40, {0x1000000, [0x1, 0x1, 0x100002, 0xc, 0x7]}}], 0x418}, &(0x7f0000000280)=[@featur1={0x1, 0xa3}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000040)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x5})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r10, 0x4018aee3, &(0x7f0000000100)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0xfffffffffffffff2})
close(r7)
ioctl$KVM_GET_VCPU_EVENTS(r10, 0x8040ae9f, &(0x7f00000001c0))
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
write$eventfd(r7, &(0x7f0000000180)=0x5, 0xfffffde3)
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)

30m47.299219861s ago: executing program 0 (id=304):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x2, 0x100)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r6 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r5, 0x3, 0x11, r3, 0x0)
r7 = mmap$KVM_VCPU(&(0x7f0000d93000/0x1000)=nil, r5, 0x3, 0x810, r4, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r7, 0xffffffffffffffff)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r6, 0xfffffffffffffffe)

30m36.807547912s ago: executing program 0 (id=305):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0xa0401, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000140)=@arm64_fw={0x6030000000140002, &(0x7f0000000100)=0xc})
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = ioctl$KVM_GET_STATS_FD_cpu(r8, 0xaece)
close(r9)
r10 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013c00b}}], 0x18}, 0x0, 0x0)
munmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_ARM_VCPU_FINALIZE(r4, 0x4004aec2, &(0x7f0000000240)=0x1)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
r13 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r13, 0x80087601, 0x0)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
ioctl$KVM_GET_REG_LIST(r12, 0xc008aeb0, &(0x7f0000000000)={0x7, [0x4, 0xfffffffffffffb6e, 0x3ff, 0x1, 0x6, 0x4000000000003ff, 0x3]})
r14 = ioctl$KVM_GET_STATS_FD_cpu(r4, 0xaece)
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f0000000200)=@attr_other={0x0, 0x3, 0xfffffffffffff000, &(0x7f00000002c0)=0x2})
ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000280)={0x2, 0xffffffffffffffff, 0x1})
r15 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r15, 0xc00caee0, &(0x7f0000000140)={0x4, <r16=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r16, 0x4018aee3, &(0x7f0000000040)=@attr_other={0x0, 0x20000000, 0xfffffffffffffffe, 0x0})

30m31.442639149s ago: executing program 9 (id=306):
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x2012, r2, 0x40000)

30m19.00626439s ago: executing program 9 (id=307):
openat$kvm(0x0, &(0x7f0000000300), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000e10000/0x1000)=nil, 0x930, 0x2000004, 0x4010, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f0000000240)=ANY=[@ANYBLOB="a400"])
r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000540)={0x0, 0x0, 0x63}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013e208, 0x0})
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x4018aee1, &(0x7f0000000100)=@attr_other={0x0, 0x8, 0x4, &(0x7f0000000280)=0x8003})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0xb})
syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000240)}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r9 = openat$kvm(0x0, &(0x7f00000001c0), 0xcc100, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_IRQ_LINE(r10, 0x4008ae61, &(0x7f0000000000)={0x1, 0xe59b8351})
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000340)={0x7, 0xffffffffffffffff, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f00000000c0)={0x4, 0xffffffffffffffff, 0x1})
ioctl$KVM_SIGNAL_MSI(0xffffffffffffffff, 0x4020aea5, &(0x7f0000000380)={0xdddd1000, 0x0, 0x0, 0x0, 0x80da})

30m16.640301299s ago: executing program 0 (id=308):
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000000)=0x3) (async)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x40, [0x10, 0x101, 0x1, 0x8, 0x3]}}, @svc={0x122, 0x40, {0xc5000020, [0x8000000000000001, 0x8000000000000000, 0x1, 0x1, 0x9]}}], 0x80}, &(0x7f0000000100)=[@featur1={0x1, 0xc9}], 0x1) (async)
ioctl$KVM_ARM_PREFERRED_TARGET(r0, 0x8020aeaf, &(0x7f0000000140)) (async)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000180)={0x1, <r2=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000200)=@attr_arm64={0x0, 0x4, 0x4, &(0x7f00000001c0)=0xf14b}) (async)
ioctl$KVM_SET_SREGS(r0, 0x4000ae84, &(0x7f0000000240)={{0xeeee8000, 0xdddd1000, 0x9, 0x2, 0x1, 0x3, 0x85, 0x9, 0x81, 0x11, 0x81, 0x1}, {0x1000, 0x1, 0xf, 0x41, 0x0, 0x7, 0x10, 0x35, 0x1, 0x92, 0x8}, {0x8080000, 0xdddd0000, 0x10, 0x8, 0xf0, 0x97, 0x4, 0x3, 0x6c, 0x4, 0x3, 0xc}, {0x6000, 0x8080000, 0xc, 0x9, 0x2, 0xf, 0x7, 0x0, 0xb3, 0x10, 0x6, 0x6}, {0x5000, 0x10000, 0xc, 0x7, 0x8, 0xda, 0x6, 0x1, 0xa, 0xe, 0x7f, 0x55}, {0x17000, 0x8000000, 0xd, 0x1, 0x0, 0x0, 0x8, 0x9, 0xf8, 0x3, 0x9, 0x1}, {0xeeee0000, 0xffff1000, 0xe, 0x9, 0x7, 0x8, 0x9, 0x4a, 0x6, 0x4, 0x81, 0x2}, {0xdddd0000, 0x100000, 0x8, 0x2, 0xd6, 0xf8, 0x7f, 0xb, 0x3, 0x40, 0x6, 0x6a}, {0xdddd1000, 0x8000}, {0x4000, 0x16a1}, 0x10000, 0x0, 0x4000, 0x800, 0x0, 0x2100, 0x1, [0x8, 0x3, 0x7, 0x9]}) (async)
ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f00000003c0)=@attr_other={0x0, 0xfff, 0x2, &(0x7f0000000380)=0x239b4000000}) (async)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2e)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r3, 0x4068aea3, &(0x7f0000000400))
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r1, 0x4018aee2, &(0x7f0000000480)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x776}) (async)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bfe000/0x400000)=nil) (async)
ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f00000004c0)=0xe28)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r0, 0x4208ae9b, &(0x7f0000000500)={0x20000, 0x0, {[0x5, 0x2, 0x9, 0x9cdc, 0xc56f, 0xfffffffffffffffc, 0x4, 0xfffffffffffffffa, 0x1, 0x80000000, 0x4, 0x100, 0x1, 0x8, 0x1, 0x5e], [0xffffffffffffffff, 0x0, 0x1ff, 0x7d, 0x101, 0x9, 0x4bf, 0x9a, 0x2, 0x3, 0x2, 0x4, 0x9, 0x1, 0x1, 0x8], [0xfffffffffffffffc, 0x9, 0x5, 0x6, 0xf4, 0xffffffffffffffff, 0xffffffffffffffff, 0x9, 0x3, 0x7, 0x9, 0x4, 0x10000, 0x80, 0x40000000000000, 0x4e], [0x4, 0x9, 0xff, 0xd5e0, 0x7fff, 0xb, 0x5, 0x7, 0x2, 0x2, 0xcb, 0x6519, 0x6, 0x8000000000000001, 0x101, 0xfa]}})
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000780)=@attr_arm64={0x0, 0x4, 0x5, &(0x7f0000000740)=0x81})
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x26)
ioctl$KVM_IRQ_LINE(r4, 0x4008ae61, &(0x7f00000007c0)={0x2, 0x80000000}) (async)
ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, &(0x7f0000000800)={0x3, [0x1200, 0x800, 0x0]})
ioctl$KVM_GET_SREGS(r1, 0x8000ae83, &(0x7f0000000840)) (async)
ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, &(0x7f0000000980)={0x8000, 0xffff8000})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000a00)=@attr_arm64={0x0, 0x8, 0x4, &(0x7f00000009c0)=0x4}) (async)
ioctl$KVM_ARM_PREFERRED_TARGET(r1, 0x8020aeaf, &(0x7f0000000a40)) (async)
ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f0000000a80)) (async)
ioctl$KVM_GET_SREGS(r0, 0x8000ae83, &(0x7f0000000ac0))
ioctl$KVM_S390_VCPU_FAULT(r1, 0x4008ae52, &(0x7f0000000c00)=0x9da3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000c40)={0x101ff, 0x2, 0x80a0000, 0x2000, &(0x7f0000e7d000/0x2000)=nil}) (async)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x21)
ioctl$KVM_SIGNAL_MSI(r5, 0x4020aea5, &(0x7f0000000c80)={0xdddd0000, 0x1000, 0x0, 0x0, 0x1c}) (async)
r6 = ioctl$KVM_GET_STATS_FD_cpu(r1, 0xaece)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x3)

30m6.757396535s ago: executing program 0 (id=309):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f00000000c0)=@arm64_core={0x6030000000100038, &(0x7f0000000000)=0x78})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x35)
ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000240)={0x2, 0x1})
ioctl$KVM_CREATE_GUEST_MEMFD(r6, 0xc040aed4, &(0x7f0000000000)={0x7fffffffffffffff, 0x10001})
r7 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x4, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x2, 0x2, 0x9, 0x0, 0x80}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_vgic_v3_setup(r9, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r10, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f00000000c0)})
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000140)={0x4, <r14=>0xffffffffffffffff, 0x1})
r15 = ioctl$KVM_CREATE_VM(r14, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r15, 0x8008b705, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)

30m1.02772501s ago: executing program 9 (id=310):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0x40086602, 0x110e22ffff)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f00000001c0)={0x7, <r6=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r6, 0x4018aee3, &(0x7f0000000b00)=@attr_other={0x0, 0x0, 0x2, 0x0})
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)
eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x20000000)
ioctl$KVM_CHECK_EXTENSION(r3, 0x40086602, 0x110e227ffe)
mmap$KVM_VCPU(&(0x7f0000cc5000/0x4000)=nil, r2, 0x1000001, 0x28031, 0xffffffffffffffff, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x28)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_cpu$arm64(r8, r10, &(0x7f0000c00000/0x400000)=nil, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@featur1={0x1, 0xc0}], 0x1)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000bfd000/0x400000)=nil, r2, 0x6, 0x8010, r10, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
ioctl$KVM_CHECK_EXTENSION(r0, 0x40086602, 0x110e227ffe)

29m46.396297949s ago: executing program 0 (id=311):
openat$kvm(0x0, &(0x7f0000000080), 0x4040, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x21) (async)
r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r4 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000180)={0x80, 0xd5d77004, 0x4, r4}) (async)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
r5 = syz_kvm_add_vcpu$arm64(r1, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1}}], 0x4b}, 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async)
ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x24) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r7 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000400)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @hvc={0x32, 0x40, {0xc4000010, [0x7fff, 0xa, 0xe10, 0x2, 0x101]}}], 0x68}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r0, 0x1, 0x100) (async)
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff}) (async)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x140, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = eventfd2(0x3, 0x800)
ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f0000000540)={0x6, 0xdddce005, 0x0, r11, 0x3})
r12 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r13, 0x4010aeab, &(0x7f0000000140)=@arm64_extra={0x603000000013c01f, &(0x7f0000000240)=0x8})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x2, 0x4, &(0x7f0000000280)=0x2})
ioctl$KVM_RUN(r7, 0xae80, 0x0) (async)
r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r14, 0x3, 0x11, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async)
ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x8040ae9f, &(0x7f0000000580)=@arm64)

29m40.839580728s ago: executing program 9 (id=312):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x26)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x285}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x1, 0x100)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x2710, 0x1, 0x2000, 0x1000, &(0x7f0000c06000/0x1000)=nil})
ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f00000000c0)={0xc0, 0x0, 0x8000})

29m32.871070382s ago: executing program 0 (id=313):
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f00000001c0)}, &(0x7f0000000300)=[@featur2={0x1, 0x5}], 0x1)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_GET_REG_LIST(r7, 0xc008aeb0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r4, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x8, 0xe, &(0x7f0000000000)=0x80000001})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r8 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
ioctl$KVM_CAP_DIRTY_LOG_RING(r8, 0x4068aea3, &(0x7f0000000080))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2) (async)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f00000001c0)}, &(0x7f0000000300)=[@featur2={0x1, 0x5}], 0x1) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) (async)
ioctl$KVM_GET_REG_LIST(r7, 0xc008aeb0, 0x0) (async)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r4, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x8, 0xe, &(0x7f0000000000)=0x80000001}) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) (async)
ioctl$KVM_CAP_DIRTY_LOG_RING(r8, 0x4068aea3, &(0x7f0000000080)) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0) (async)

29m23.550778008s ago: executing program 9 (id=314):
openat$kvm(0xffffffffffffff9c, 0x0, 0x2873f7aecfc88708, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x7})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000000c0)={0x8})
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000000)={0x1fff, 0x0, 0x5, 0x1, 0xda})

28m46.120899977s ago: executing program 52 (id=313):
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f00000001c0)}, &(0x7f0000000300)=[@featur2={0x1, 0x5}], 0x1)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_GET_REG_LIST(r7, 0xc008aeb0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r4, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x8, 0xe, &(0x7f0000000000)=0x80000001})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r8 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
ioctl$KVM_CAP_DIRTY_LOG_RING(r8, 0x4068aea3, &(0x7f0000000080))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2) (async)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f00000001c0)}, &(0x7f0000000300)=[@featur2={0x1, 0x5}], 0x1) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) (async)
ioctl$KVM_GET_REG_LIST(r7, 0xc008aeb0, 0x0) (async)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r4, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x8, 0xe, &(0x7f0000000000)=0x80000001}) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) (async)
ioctl$KVM_CAP_DIRTY_LOG_RING(r8, 0x4068aea3, &(0x7f0000000080)) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0) (async)

28m34.350035367s ago: executing program 53 (id=314):
openat$kvm(0xffffffffffffff9c, 0x0, 0x2873f7aecfc88708, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x7})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000000c0)={0x8})
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000000)={0x1fff, 0x0, 0x5, 0x1, 0xda})

18m51.71818994s ago: executing program 2 (id=349):
mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, 0x930, 0x4, 0x4f833, 0xffffffffffffffff, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
r1 = eventfd2(0x0, 0x0)
write$eventfd(r1, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r0, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000340)=[{0x0, &(0x7f0000000000)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0xa0, 0x1, 0x9}}, @uexit={0x0, 0x18, 0x7}, @irq_setup={0x46, 0x18, {0x1, 0x338}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x4, 0x0, 0x0, 0xc54e, 0x4}}, @svc={0x122, 0x40, {0x8400000b, [0x7, 0x9, 0x7fff, 0xe47, 0x4a]}}, @eret={0xe6, 0x18, 0x3ff}, @eret={0xe6, 0x18, 0x6}, @hvc={0x32, 0x40, {0xc400000d, [0xff, 0x3, 0x5, 0x9, 0x3]}}, @uexit={0x0, 0x18, 0x8}, @smc={0x1e, 0x40, {0x84000003, [0xa18d, 0x11a, 0x8000000000000001, 0x1000000000008, 0x5731]}}, @msr={0x14, 0x20, {0x603000000013e521, 0x2}}, @msr={0x14, 0x20, {0x603000000013807d, 0x6}}, @smc={0x1e, 0x40, {0x84000009, [0x35f, 0xbaf, 0x80, 0x3ff, 0x2]}}, @svc={0x122, 0x40, {0x0, [0x10, 0x5, 0x8000000000000000, 0xfffffffffffffff6, 0x7]}}, @svc={0x122, 0x40, {0xb1b1f658935f22ff, [0x10001, 0x401, 0x9, 0xef, 0x5]}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x2ac}}], 0x2b8}], 0x1, 0x0, &(0x7f0000000380)=[@featur2={0x1, 0x1}], 0x1)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x100)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x40000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r6, 0xae03, 0xe)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x3, 0x0, &(0x7f0000000240)=0x100})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc0189436, 0x20004000)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0xfffffffffffffffe)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000140)={0x4, <r12=>0xffffffffffffffff, 0x1})
write$eventfd(r12, &(0x7f00000001c0)=0x7ffffff, 0x648)
r13 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@mrs={0xbe, 0x18, {0x6030000000138010}}], 0x18}, 0x0, 0x0)
r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r14, 0x3, 0x11, r13, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x2000)=nil, r14, 0x80000f, 0x10, r0, 0x0)
r15 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
ioctl$KVM_GET_ONE_REG(r15, 0x4010aeab, &(0x7f0000000740)=@arm64_ccsidr={0x2, &(0x7f0000000700)=0x4})
r16 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000002c0)={0x0, &(0x7f00000003c0)=[@svc={0x122, 0x40, {0x3f008000, [0x2, 0x0, 0x0, 0xe38, 0x5]}}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x25d}}, @uexit={0x0, 0x18, 0x5429}, @memwrite={0x6e, 0x30, @generic={0xeeee0000, 0xe4e, 0x400, 0xb}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x3be}}, @svc={0x122, 0x40, {0x400, [0x2, 0x2, 0x8, 0x0, 0xc15]}}, @uexit={0x0, 0x18, 0x4}, @code={0xa, 0x84, {"007c0053e0f081d20020b0f2210180d2e20180d2230080d2e40080d2020000d4000008d540c694d20040b0f2c10080d2220080d2230080d2440080d2020000d4000028d5807580d200e0b0f2010180d2a20080d2430080d2240080d2020000d4000008d5007008d50000209e00e4207e"}}, @code={0xa, 0x9c, {"c03782d200c0b0f2810080d2020080d2630080d2840180d2020000d480a085d20020b0f2010080d2420080d2e30180d2040080d2020000d4000028d5007008d5007c202ec0a183d200c0b8f2a10080d2620180d2030080d2240080d2020000d4a07496d200c0b0f2c10180d2220080d2630080d2c40180d2020000d4007008d50000002c000028d5"}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x1, 0x10, 0x400, 0x3ff, 0x4}}], 0x278}, &(0x7f0000000300)=[@featur2={0x1, 0x4}], 0x1)
ioctl$KVM_ARM_PREFERRED_TARGET(r16, 0x8020aeaf, &(0x7f0000000640))
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)

18m46.242441534s ago: executing program 3 (id=350):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0xa0401, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000140)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r4, 0x4018aee3, &(0x7f00000001c0)=@attr_other={0x0, 0x1, 0x1, 0x0}) (async)
r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000000)=@arm64={0x5, 0x6, 0x3, '\x00', 0x3ff}) (async, rerun: 64)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013c029, &(0x7f00000000c0)=0x8}) (async, rerun: 64)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x353700, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, <r8=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r8, 0x894c, 0x0) (async, rerun: 32)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) (rerun: 32)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x21)
close(0xffffffffffffffff) (async, rerun: 32)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x2) (rerun: 32)
r15 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r14, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r15, 0x20, &(0x7f0000000080)="fb4149dd033be3ac2ca5a22332a70000000000000071b14c94a6ab8031d1dfd90f05000000010000521ce16f8f1f449a7a8356733169d22627e700", 0x0, 0x29) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r14, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x4c4882, 0x0)
r16 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_REGS(r16, 0x4360ae82, 0x0) (async)
r17 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
ioctl$KVM_CREATE_VM(r17, 0xae01, 0x0)

18m40.25824338s ago: executing program 2 (id=351):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001}) (async, rerun: 32)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (rerun: 32)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r4=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x40305839, &(0x7f0000000040)=@attr_other={0x0, 0xab, 0x7f, &(0x7f0000000240)=0x5}) (async)
r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce2, 0x7ffe}}, @smc={0x1e, 0x40, {0xc4000007, [0x8, 0x9, 0x5, 0x7fff, 0x5]}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

18m7.45579974s ago: executing program 2 (id=352):
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="7cfaa2bfd6dd76375aa1bde04fceeb33743b07d73b3e9aac", 0x0, 0xffffffffffffff94)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x4020940d, 0x20000000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x22300, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0xf)
close(r3)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
r7 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000040)={0x0, &(0x7f0000000300)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x6000, 0x3, 0x1}}, @msr={0x14, 0x20, {0x603000000013de90, 0x2}}, @uexit={0x0, 0x18, 0x8}, @eret={0xe6, 0x18, 0x8}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x88, 0x8, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x1, 0x10, 0x0, 0x9, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x3, 0xe, 0xfffffffe, 0x7}}, @smc={0x1e, 0x40, {0x2, [0x7b, 0x8, 0x8, 0x10, 0x3]}}, @irq_setup={0x46, 0x18, {0x3, 0x29e}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x4, 0x2, 0x9}}, @uexit={0x0, 0x18, 0x80000001}, @uexit={0x0, 0x18, 0x1}, @hvc={0x32, 0x40, {0x80003fff, [0x6, 0x1, 0x9, 0xd, 0xffffffffffff67bd]}}, @msr={0x14, 0x20, {0x603000000013da15, 0xd8a8}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x2de}}, @smc={0x1e, 0x40, {0x40, [0x7, 0x3, 0x3, 0x8, 0x3]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xc, 0x0, 0x6}}], 0x2b0}, &(0x7f0000000140)=[@featur1={0x1, 0x28}], 0x1)
mmap$KVM_VCPU(&(0x7f0000eb0000/0x1000)=nil, r6, 0x2000001, 0x26681cf8e161c6b5, r7, 0x0)
r8 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r6, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3e)
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f00004e3000/0x2000)=nil, 0x930, 0xa, 0x2013, r9, 0x40000)

18m6.558832951s ago: executing program 3 (id=353):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000000)={0x1fe, 0x400, 0x3c0, &(0x7f0000000300)=[0x7, 0x7fffffff, 0x9, 0x886a, 0x2be, 0x5, 0x44, 0x9, 0xfffffffffffffffa, 0x9, 0x0, 0x800, 0x278, 0x5, 0xd05d, 0x770, 0xc9, 0x2, 0x0, 0x0, 0xfffffffffffffbff, 0x9, 0x31, 0xc51f, 0x8, 0xfffffffffffffffa, 0x3, 0xb446, 0x3f, 0x5d2, 0x7408, 0xffffffffffffffff, 0x14, 0x8, 0x7, 0x1, 0x7, 0x2, 0x5, 0x3, 0x1ff, 0x6, 0x5, 0xffffffffffffffff, 0x40, 0x2, 0x736d, 0x1ff, 0xe9c, 0x0, 0x8000, 0x8183, 0x4, 0xa, 0x0, 0x5d86, 0x9, 0xb, 0xc, 0x8000, 0x80000000, 0x706, 0xfff, 0x2, 0x8, 0x2, 0x2, 0xe4, 0x80000001, 0x2, 0x8, 0x8, 0x6, 0x5, 0x84, 0xeec, 0x5, 0x50a, 0x4, 0x0, 0x4, 0x292, 0x9, 0x2, 0xb7e, 0x9, 0x5, 0x8, 0x6, 0x4, 0x8, 0x0, 0x3, 0x7, 0x6, 0xb7, 0x4, 0xe, 0x2, 0x2, 0x5, 0x331, 0xfbb5, 0x1, 0x6, 0xff31, 0x9, 0x4, 0x31, 0x95b, 0x3ff, 0x7f9b, 0x2, 0x5, 0xa, 0x100, 0x2, 0x4, 0x9, 0x6, 0x445, 0x6, 0x6, 0xa43c, 0x1, 0x80000001, 0x2, 0x5]})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_HALT_POLL(r4, 0x4068aea3, &(0x7f0000000100)={0xb6, 0x0, 0x81})
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x18, {"7f2003d5"}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r1, 0x4010aeb5, &(0x7f00000002c0)={0x200, 0x7})

17m56.29966691s ago: executing program 3 (id=354):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_assert_reg(r4, 0x6, 0x8000)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000280)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x603000000010004c, &(0x7f0000000100)=0x401})
r12 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r13, 0x4040aea0, &(0x7f0000000000)=@x86={0x79, 0x2, 0xf0, 0x0, 0x40007, 0x3c, 0x6, 0x1, 0x2, 0x8, 0xfc, 0x40, 0x0, 0x0, 0x0, 0x1, 0x6, 0x6, 0x35, '\x00', 0x7, 0xde3e})
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x1000)=nil, 0x930, 0x0, 0x28031, r0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f00000000c0)={0x101fc, 0x3, 0x5000, 0x1000, &(0x7f0000f3d000/0x1000)=nil})

17m52.067653539s ago: executing program 2 (id=355):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x3, 0x800)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000080)={0x1ff, 0x1000, 0x2, r2, 0x1})
r3 = eventfd2(0x0, 0x80000)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x2, r3, 0x3})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000140)={0x203, 0x0, 0x2, r3, 0xf})
r4 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000140)={0x4, <r11=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x400454cb, 0x0)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000040)=@arm64_fw={0x6030000000140000, &(0x7f0000000000)=0x10002})
ioctl$KVM_SIGNAL_MSI(0xffffffffffffffff, 0x4020aea5, &(0x7f0000000000)={0x4000, 0x1, 0x80, 0x0, 0xff})
r12 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000200)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r12, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)

17m41.131532567s ago: executing program 2 (id=356):
r0 = openat$kvm(0x0, &(0x7f0000000180), 0x80800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000002c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x603000000010004a, &(0x7f0000000100)=0x9})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f00000001c0)={0xffffffffffffffff, 0x8001, 0x3})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x1)
ioctl$KVM_CHECK_EXTENSION_VM(r9, 0xae03, 0x7f)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4})
r10 = ioctl$KVM_CREATE_VM(r6, 0x894c, 0xfffffffffffffffc)
ioctl$KVM_CREATE_VCPU(r10, 0x8004b706, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x4)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x8400000e, [0x99b, 0x100000003, 0x5, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0x80111500, 0x20000000)
ioctl$KVM_CREATE_VM(r16, 0x541b, 0x10000000000000)
ioctl$KVM_RUN(r14, 0xae80, 0x0)
r17 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000200)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_add_vcpu$arm64(r17, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x3, 0x160)

17m36.190943028s ago: executing program 3 (id=357):
r0 = eventfd2(0x7fff, 0x80801)
write$eventfd(r0, &(0x7f0000000000)=0x8764, 0x8)
r1 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000040)={0x82, 0xe6eef000, 0x0, r0, 0x2})
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000080)={0x1, 0xd000, 0x6, 0x1, 0x1d5})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x6, 0x6000, 0x8, r1, 0x4})
r2 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
write$eventfd(r2, &(0x7f0000000100)=0x6, 0x8)
ioctl$KVM_ARM_VCPU_FINALIZE(r2, 0x4004aec2, &(0x7f0000000140)=0x6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x2710, 0x0, 0xeeef0000, 0x1000, &(0x7f0000ffd000/0x1000)=nil})
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x32)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(0xffffffffffffffff, 0x4068aea3, &(0x7f00000001c0))
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
r4 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000300)={0x0, &(0x7f0000000240)=[@its_setup={0x82, 0x28, {0x2, 0x2, 0x3b1}}, @msr={0x14, 0x20, {0x603000000013e64a, 0x729}}, @msr={0x14, 0x20, {0x603000000013803c, 0x5}}, @mrs={0xbe, 0x18, {0x603000000013800e}}, @msr={0x14, 0x20, {0x603000000013c4d7, 0x101}}], 0xa0}, &(0x7f0000000340)=[@featur2={0x1, 0x43}], 0x1)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, r3, 0x2, 0x2010, r4, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000fec000/0x14000)=nil, r3, 0x4, 0x40010, r1, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f00000003c0)=@arm64_fp_extra={0x60200000001000d4, &(0x7f0000000380)=0x1})
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000400)={r1, 0x496, 0x0, r2})
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x15)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000440)={0x3, 0xeeee8000, 0x0, r1, 0x1})
r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x9)
ioctl$KVM_GET_API_VERSION(r2, 0xae00, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r6, 0x4008ae6a, &(0x7f0000000480)={0x7, 0x0, [{0x0, 0x3, 0x1, 0x0, @adapter={0x5, 0xf5fe, 0x94, 0x80}}, {0x5, 0x0, 0x0, 0x0, @sint={0x2, 0x5}}, {0xd, 0x5, 0x1, 0x0, @msi={0x0, 0x9f, 0x1, 0x925}}, {0x401, 0x5, 0x1, 0x0, @adapter={0x8, 0x80, 0xbcfc, 0x1, 0x4}}, {0x5, 0x3, 0x1, 0x0, @adapter={0x10, 0x7, 0x8, 0x60000000, 0xffff}}, {0x2e1, 0x5, 0x1, 0x0, @irqchip={0x1, 0xe9d}}, {0x317, 0x1, 0x0, 0x0, @irqchip={0x0, 0x8}}]})
ioctl$KVM_IRQ_LINE(r6, 0x4008ae61, &(0x7f0000000600)={0x3, 0x200})
r7 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r7, 0xae03, 0x0)
mmap$KVM_VCPU(&(0x7f0000fee000/0x4000)=nil, r3, 0x1000004, 0x1010, r2, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x10)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000880)={0x0, &(0x7f0000000640)=[@its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x1, 0xa, 0x4, 0x2, 0x3}}, @eret={0xe6, 0x18, 0x9}, @msr={0x14, 0x20, {0x603000000013f290, 0x9}}, @smc={0x1e, 0x40, {0x80, [0xd002, 0x5d70d978, 0x4, 0x7a, 0x5]}}, @code={0xa, 0x6c, {"80ae86d20040b0f2a10180d2a20080d2430080d2040180d2020000d40028285e008008d5e0bc90d200c0b8f2c10080d2220180d2030080d2040180d2020000d400040078030000d4008c207e0004c05a008008d5007008d5"}}, @msr={0x14, 0x20, {0x603000000013e728, 0x1}}, @msr={0x14, 0x20, {0xeda53e3a651f62fb, 0x1000}}, @msr={0x14, 0x20, {0x603000000013c645, 0x2}}, @eret={0xe6, 0x18, 0xb}, @msr={0x14, 0x20, {0x603000000013e21b, 0x2}}, @irq_setup={0x46, 0x18, {0x4, 0xba}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x4, 0x400, 0x2}}, @uexit={0x0, 0x18, 0x7}], 0x204}, &(0x7f00000008c0)=[@featur1={0x1, 0x10}], 0x1)

17m28.86981677s ago: executing program 3 (id=358):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ff8000/0x8000)=nil, r1, 0x1000000, 0xe637a22295c143f8, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x440240, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x440240, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xb}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r9, 0x8000ae8c, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x27)
r11 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x2d)
syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) (async)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x5, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async)
syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x5, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async)
syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@memwrite={0x6e, 0x30, @generic={0x1, 0xff5, 0x5, 0x4}}], 0x30}, 0x0, 0x0) (async)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@memwrite={0x6e, 0x30, @generic={0x1, 0xff5, 0x5, 0x4}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r12, 0x2, 0x100) (async)
syz_kvm_vgic_v3_setup(r12, 0x2, 0x100) (async)
ioctl$KVM_RUN(r14, 0xae80, 0x0) (async)

17m4.166115116s ago: executing program 3 (id=359):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000140)=@arm64_fw={0x6030000000140002, &(0x7f0000000100)=0xc})
r7 = openat$kvm(0x0, &(0x7f0000000000), 0x7a9240, 0x0)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x29)
r9 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0xffffffff, 0x10001, 0x0})
r13 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r14, 0x2, 0x12, r13, 0x0)
mmap$KVM_VCPU(&(0x7f0000f14000/0x1000)=nil, r14, 0x2000001, 0x10, r12, 0x0)
r15 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r15, 0xae80, 0x0)

17m0.539744323s ago: executing program 2 (id=360):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2d)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
r2 = syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000380)={0x0, &(0x7f0000000000)=[@irq_setup={0x46, 0x18, {0x4, 0x249}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0x289}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0xf9}}, @eret={0xe6, 0x18, 0xf67}, @irq_setup={0x46, 0x18, {0x0, 0x1be}}, @irq_setup={0x46, 0x18, {0x3, 0x2b4}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0xc8}}, @code={0xa, 0x9c, {"009d95d200a0b8f2210180d2c20180d2c30180d2840080d2020000d4000000f1a01092d20080b8f2010180d2a20080d2430180d2440180d2020000d4008008d5e09494d20040b8f2010080d2220180d2e30180d2e40180d2020000d4007008d5c0b28bd20040b0f2010080d2220180d2430180d2a40180d2020000d4007008d5007008d5008008d5"}}, @msr={0x14, 0x20, {0x603000000013c65d, 0x3c4000}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x1, 0x7, 0x1ff, 0x1, 0x1}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x78, 0x6, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013809c}}, @eret={0xe6, 0x18, 0xffffffffffffff6b}, @eret={0xe6, 0x18, 0x7133}, @uexit={0x0, 0x18, 0x9}, @msr={0x14, 0x20, {0x603000000013c641, 0xffffffffffffffff}}, @eret={0xe6, 0x18, 0x7fff}, @svc={0x122, 0x40, {0x84000007, [0x8, 0xb728, 0x5, 0x2, 0xd]}}, @code={0xa, 0x6c, {"0000201f007008d5c0e296d200a0b0f2610080d2e20180d2430180d2440080d2020000d4000028d5000028d5007008d5000000fd000c00f80000000ce0ac96d20060b0f2610180d2220180d2e30080d2240180d2020000d4"}}, @msr={0x14, 0x20, {0x603000000013c01e, 0xffff}}], 0x350}, &(0x7f00000003c0)=[@featur2={0x1, 0xb0}], 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x600, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x24)
ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f0000000440)={0x33, 0x5})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f00000004c0)=@arm64_extra={0x603000000013c033, &(0x7f0000000480)=0x6})
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000680)={0x0, &(0x7f0000000500)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x80, 0x200, 0xb}}, @svc={0x122, 0x40, {0x8400000d, [0x3, 0x1, 0x0, 0x1, 0x8]}}, @eret={0xe6, 0x18, 0x80}, @eret={0xe6, 0x18, 0x800}, @code={0xa, 0x84, {"007008d50004005f000c205e007008d50024000f007008d5a0a18ad200a0b8f2a10180d2a20180d2e30080d2a40080d2020000d440d393d200a0b0f2410080d2820080d2030180d2c40080d2020000d4007008d5e0788ed20060b8f2e10180d2820080d2e30180d2840180d2020000d4"}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x256}}], 0x14c}, &(0x7f00000006c0)=[@featur1={0x1, 0xb1}], 0x1)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f0000fd3000/0x1000)=nil, r7, 0x5, 0x4010, r6, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r8, 0x4004ae99, &(0x7f0000000700))
r9 = syz_kvm_vgic_v3_setup(r4, 0x4, 0x120)
ioctl$KVM_HAS_DEVICE_ATTR(r9, 0x4018aee3, &(0x7f0000000780)=@attr_arm64={0x0, 0x0, 0x2, &(0x7f0000000740)=0x4})
eventfd2(0xfffffffb, 0x80000)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x33)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000a80)={0x0, &(0x7f00000007c0)=[@msr={0x14, 0x20, {0x6030000000138054, 0xfffffffffffffffb}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x3b4}}, @hvc={0x32, 0x40, {0x80000002, [0x5, 0x0, 0xbc92, 0x6, 0x200]}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x4, 0x8, 0x0, 0x249cebac, 0x2}}, @irq_setup={0x46, 0x18, {0x2, 0x59}}, @eret={0xe6, 0x18, 0x3}, @smc={0x1e, 0x40, {0x8400000c, [0x800, 0x8, 0x0, 0x9, 0x3]}}, @msr={0x14, 0x20, {0x603000000013def4, 0xfff}}, @irq_setup={0x46, 0x18, {0x2, 0x2c}}, @hvc={0x32, 0x40, {0x40000000, [0x101, 0x10, 0xea, 0x3, 0x2]}}, @uexit={0x0, 0x18, 0x2}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x1, 0x8, 0x9, 0x22ad91b3, 0x1}}, @smc={0x1e, 0x40, {0x20, [0x2, 0x7239, 0x2, 0x7, 0x7]}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x2, 0xd, 0xfff, 0xf, 0x1}}, @hvc={0x32, 0x40, {0x84000050, [0x0, 0x8, 0x6b8, 0x1b, 0x5]}}, @mrs={0xbe, 0x18, {0x6030000000138047}}], 0x298}, &(0x7f0000000ac0)=[@featur2={0x1, 0x10}], 0x1)
ioctl$KVM_CREATE_GUEST_MEMFD(r0, 0xc040aed4, &(0x7f0000000b00)={0x2, 0x9})
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r2, 0x4018aee3, &(0x7f0000000b80)=@attr_other={0x0, 0x3, 0x3, &(0x7f0000000b40)=0x19f})
ioctl$KVM_GET_SREGS(r6, 0x8000ae83, &(0x7f0000000bc0))
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000d00)={0x9, <r10=>0xffffffffffffffff, 0x1})
ioctl$KVM_HAS_DEVICE_ATTR(r10, 0x4018aee3, &(0x7f0000000d80)=@attr_arm64={0x0, 0x2, 0x4, &(0x7f0000000d40)=0x1})
ioctl$KVM_GET_API_VERSION(0xffffffffffffffff, 0xae00, 0x0)
r11 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000dc0)={0x10003, 0x4, 0x2, 0x1000, &(0x7f0000ff8000/0x1000)=nil})
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r11, 0x4068aea3, &(0x7f0000000e00))
ioctl$KVM_S390_VCPU_FAULT(r8, 0x4008ae52, &(0x7f0000000e80)=0xfffffffffffffffe)

16m16.868280556s ago: executing program 54 (id=359):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000140)=@arm64_fw={0x6030000000140002, &(0x7f0000000100)=0xc})
r7 = openat$kvm(0x0, &(0x7f0000000000), 0x7a9240, 0x0)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x29)
r9 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0xffffffff, 0x10001, 0x0})
r13 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r14, 0x2, 0x12, r13, 0x0)
mmap$KVM_VCPU(&(0x7f0000f14000/0x1000)=nil, r14, 0x2000001, 0x10, r12, 0x0)
r15 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r15, 0xae80, 0x0)

16m12.20955663s ago: executing program 55 (id=360):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2d)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
r2 = syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000380)={0x0, &(0x7f0000000000)=[@irq_setup={0x46, 0x18, {0x4, 0x249}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0x289}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0xf9}}, @eret={0xe6, 0x18, 0xf67}, @irq_setup={0x46, 0x18, {0x0, 0x1be}}, @irq_setup={0x46, 0x18, {0x3, 0x2b4}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0xc8}}, @code={0xa, 0x9c, {"009d95d200a0b8f2210180d2c20180d2c30180d2840080d2020000d4000000f1a01092d20080b8f2010180d2a20080d2430180d2440180d2020000d4008008d5e09494d20040b8f2010080d2220180d2e30180d2e40180d2020000d4007008d5c0b28bd20040b0f2010080d2220180d2430180d2a40180d2020000d4007008d5007008d5008008d5"}}, @msr={0x14, 0x20, {0x603000000013c65d, 0x3c4000}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x1, 0x7, 0x1ff, 0x1, 0x1}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x78, 0x6, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013809c}}, @eret={0xe6, 0x18, 0xffffffffffffff6b}, @eret={0xe6, 0x18, 0x7133}, @uexit={0x0, 0x18, 0x9}, @msr={0x14, 0x20, {0x603000000013c641, 0xffffffffffffffff}}, @eret={0xe6, 0x18, 0x7fff}, @svc={0x122, 0x40, {0x84000007, [0x8, 0xb728, 0x5, 0x2, 0xd]}}, @code={0xa, 0x6c, {"0000201f007008d5c0e296d200a0b0f2610080d2e20180d2430180d2440080d2020000d4000028d5000028d5007008d5000000fd000c00f80000000ce0ac96d20060b0f2610180d2220180d2e30080d2240180d2020000d4"}}, @msr={0x14, 0x20, {0x603000000013c01e, 0xffff}}], 0x350}, &(0x7f00000003c0)=[@featur2={0x1, 0xb0}], 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x600, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x24)
ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f0000000440)={0x33, 0x5})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f00000004c0)=@arm64_extra={0x603000000013c033, &(0x7f0000000480)=0x6})
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000680)={0x0, &(0x7f0000000500)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x80, 0x200, 0xb}}, @svc={0x122, 0x40, {0x8400000d, [0x3, 0x1, 0x0, 0x1, 0x8]}}, @eret={0xe6, 0x18, 0x80}, @eret={0xe6, 0x18, 0x800}, @code={0xa, 0x84, {"007008d50004005f000c205e007008d50024000f007008d5a0a18ad200a0b8f2a10180d2a20180d2e30080d2a40080d2020000d440d393d200a0b0f2410080d2820080d2030180d2c40080d2020000d4007008d5e0788ed20060b8f2e10180d2820080d2e30180d2840180d2020000d4"}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x256}}], 0x14c}, &(0x7f00000006c0)=[@featur1={0x1, 0xb1}], 0x1)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f0000fd3000/0x1000)=nil, r7, 0x5, 0x4010, r6, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r8, 0x4004ae99, &(0x7f0000000700))
r9 = syz_kvm_vgic_v3_setup(r4, 0x4, 0x120)
ioctl$KVM_HAS_DEVICE_ATTR(r9, 0x4018aee3, &(0x7f0000000780)=@attr_arm64={0x0, 0x0, 0x2, &(0x7f0000000740)=0x4})
eventfd2(0xfffffffb, 0x80000)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x33)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000a80)={0x0, &(0x7f00000007c0)=[@msr={0x14, 0x20, {0x6030000000138054, 0xfffffffffffffffb}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x3b4}}, @hvc={0x32, 0x40, {0x80000002, [0x5, 0x0, 0xbc92, 0x6, 0x200]}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x4, 0x8, 0x0, 0x249cebac, 0x2}}, @irq_setup={0x46, 0x18, {0x2, 0x59}}, @eret={0xe6, 0x18, 0x3}, @smc={0x1e, 0x40, {0x8400000c, [0x800, 0x8, 0x0, 0x9, 0x3]}}, @msr={0x14, 0x20, {0x603000000013def4, 0xfff}}, @irq_setup={0x46, 0x18, {0x2, 0x2c}}, @hvc={0x32, 0x40, {0x40000000, [0x101, 0x10, 0xea, 0x3, 0x2]}}, @uexit={0x0, 0x18, 0x2}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x1, 0x8, 0x9, 0x22ad91b3, 0x1}}, @smc={0x1e, 0x40, {0x20, [0x2, 0x7239, 0x2, 0x7, 0x7]}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x2, 0xd, 0xfff, 0xf, 0x1}}, @hvc={0x32, 0x40, {0x84000050, [0x0, 0x8, 0x6b8, 0x1b, 0x5]}}, @mrs={0xbe, 0x18, {0x6030000000138047}}], 0x298}, &(0x7f0000000ac0)=[@featur2={0x1, 0x10}], 0x1)
ioctl$KVM_CREATE_GUEST_MEMFD(r0, 0xc040aed4, &(0x7f0000000b00)={0x2, 0x9})
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r2, 0x4018aee3, &(0x7f0000000b80)=@attr_other={0x0, 0x3, 0x3, &(0x7f0000000b40)=0x19f})
ioctl$KVM_GET_SREGS(r6, 0x8000ae83, &(0x7f0000000bc0))
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000d00)={0x9, <r10=>0xffffffffffffffff, 0x1})
ioctl$KVM_HAS_DEVICE_ATTR(r10, 0x4018aee3, &(0x7f0000000d80)=@attr_arm64={0x0, 0x2, 0x4, &(0x7f0000000d40)=0x1})
ioctl$KVM_GET_API_VERSION(0xffffffffffffffff, 0xae00, 0x0)
r11 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000dc0)={0x10003, 0x4, 0x2, 0x1000, &(0x7f0000ff8000/0x1000)=nil})
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r11, 0x4068aea3, &(0x7f0000000e00))
ioctl$KVM_S390_VCPU_FAULT(r8, 0x4008ae52, &(0x7f0000000e80)=0xfffffffffffffffe)

8m50.505887263s ago: executing program 5 (id=361):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0x401c5820, 0xffff98600fff)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6e0000000000000030000000000000000000dddd0080"], 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000000)=0xffffffff)
syz_kvm_vgic_v3_setup(r2, 0x3, 0x220)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)

8m42.12004936s ago: executing program 6 (id=362):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1, 0x6, 0xd000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
r4 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x29)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
r7 = mmap$KVM_VCPU(&(0x7f0000d40000/0x1000)=nil, 0x0, 0x3000017, 0x12, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f0000000000)=@arm64={0xad, 0x40, 0xcd, '\x00', 0x100})
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x13, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00000008c0)={0xb})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil})
r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR_vm(0xffffffffffffffff, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0x10, 0x10, 0x2}})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x28)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x29)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_GET_API_VERSION(r13, 0xae00, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000080)={0x101fd, 0x2, 0xdddd1000, 0x1000, &(0x7f0000ecd000/0x1000)=nil})
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0x86000001, [0x0, 0x1, 0x2, 0x3, 0x4]}}, @hvc={0x32, 0x40, {0x86000000, [0x2, 0x1, 0x2, 0x3, 0x3]}}], 0x80}, 0x0, 0x0)

8m38.250119196s ago: executing program 5 (id=363):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xc0)
r3 = ioctl$KVM_CREATE_VM(r1, 0x80111500, 0x20000000)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r3, 0x4068aea3, &(0x7f0000000100)={0xe4, 0x0, 0x10})
ioctl$KVM_CLEAR_DIRTY_LOG(r3, 0xc018aec0, &(0x7f0000000180)={0x101ff, 0x340, 0x240, &(0x7f0000000380)=[0x0, 0x2216, 0x8487, 0x10000, 0x6a, 0x9, 0x5, 0x2, 0x5, 0x401, 0x6, 0x8, 0x8, 0x5, 0x8, 0xffff, 0x8, 0xb6, 0x0, 0x1, 0x0, 0x1, 0x83b, 0x200, 0x7fff00000000000, 0x80, 0x7, 0x998, 0x8, 0x9b, 0x7, 0xfa1, 0x1, 0xbb6, 0x80000000, 0xfff, 0x9, 0x8001, 0x2000000000000000, 0x8000000000000000, 0x7, 0x5b0, 0x0, 0x5b, 0x3, 0x9, 0x7f, 0x4, 0x4, 0x796, 0x780000000000000, 0x10, 0x9, 0x9, 0x7, 0x2, 0x8000000000000000, 0x9, 0x5, 0xd, 0x7, 0x8, 0x5, 0x5, 0x0, 0x1, 0x7a3, 0x4, 0x909, 0x152, 0xfffffffffffffffc, 0x1cad, 0x29, 0x6, 0x1, 0x7ffb, 0xb17, 0xdde1, 0xc34, 0x2, 0x100000001, 0xffffffffffffffff, 0x6, 0x97b, 0x0, 0x200, 0x200, 0xe, 0xff, 0x5, 0x7, 0x6de, 0x3, 0xea7, 0x10001, 0x4, 0x3, 0x9, 0xf4, 0xfffffffffffffffb, 0x3, 0x9, 0x1, 0x4, 0x609, 0x5, 0xfffffffffeecc6bd, 0x5, 0x5, 0x5, 0x2d, 0x5, 0x80000000, 0x8, 0x4, 0x6, 0x1, 0x1, 0x1, 0xaee, 0x7b, 0xbec, 0x6, 0x1, 0xb5, 0x978, 0x6, 0x9]})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_GET_STATS_FD_vm(r6, 0xaece)
close(r7)
ioctl$KVM_SET_USER_MEMORY_REGION2(r3, 0x40a0ae49, &(0x7f00000001c0)={0x5, 0x1, 0xdddd1000, 0x1000, &(0x7f0000dd2000/0x1000)=nil, 0x10001, r7})
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000000)={0x7})
r8 = eventfd2(0x780004, 0x1)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000100)={0x7, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0xccd, 0xc, &(0x7f0000000280)=0x45d4970})
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000080)={0xfffffffffffffffc, 0xf000, 0x0, r8})
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000})
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f00000000c0)={0x8})
r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r15, 0xc00caee0, &(0x7f0000000040)={0x7, <r16=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x9, 0x1, &(0x7f0000000040)=0xab})

7m54.435948517s ago: executing program 56 (id=362):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1, 0x6, 0xd000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
r4 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x29)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
r7 = mmap$KVM_VCPU(&(0x7f0000d40000/0x1000)=nil, 0x0, 0x3000017, 0x12, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f0000000000)=@arm64={0xad, 0x40, 0xcd, '\x00', 0x100})
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x13, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00000008c0)={0xb})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil})
r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR_vm(0xffffffffffffffff, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0x10, 0x10, 0x2}})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x28)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x29)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_GET_API_VERSION(r13, 0xae00, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000080)={0x101fd, 0x2, 0xdddd1000, 0x1000, &(0x7f0000ecd000/0x1000)=nil})
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0x86000001, [0x0, 0x1, 0x2, 0x3, 0x4]}}, @hvc={0x32, 0x40, {0x86000000, [0x2, 0x1, 0x2, 0x3, 0x3]}}], 0x80}, 0x0, 0x0)

7m45.80280628s ago: executing program 57 (id=363):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xc0)
r3 = ioctl$KVM_CREATE_VM(r1, 0x80111500, 0x20000000)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r3, 0x4068aea3, &(0x7f0000000100)={0xe4, 0x0, 0x10})
ioctl$KVM_CLEAR_DIRTY_LOG(r3, 0xc018aec0, &(0x7f0000000180)={0x101ff, 0x340, 0x240, &(0x7f0000000380)=[0x0, 0x2216, 0x8487, 0x10000, 0x6a, 0x9, 0x5, 0x2, 0x5, 0x401, 0x6, 0x8, 0x8, 0x5, 0x8, 0xffff, 0x8, 0xb6, 0x0, 0x1, 0x0, 0x1, 0x83b, 0x200, 0x7fff00000000000, 0x80, 0x7, 0x998, 0x8, 0x9b, 0x7, 0xfa1, 0x1, 0xbb6, 0x80000000, 0xfff, 0x9, 0x8001, 0x2000000000000000, 0x8000000000000000, 0x7, 0x5b0, 0x0, 0x5b, 0x3, 0x9, 0x7f, 0x4, 0x4, 0x796, 0x780000000000000, 0x10, 0x9, 0x9, 0x7, 0x2, 0x8000000000000000, 0x9, 0x5, 0xd, 0x7, 0x8, 0x5, 0x5, 0x0, 0x1, 0x7a3, 0x4, 0x909, 0x152, 0xfffffffffffffffc, 0x1cad, 0x29, 0x6, 0x1, 0x7ffb, 0xb17, 0xdde1, 0xc34, 0x2, 0x100000001, 0xffffffffffffffff, 0x6, 0x97b, 0x0, 0x200, 0x200, 0xe, 0xff, 0x5, 0x7, 0x6de, 0x3, 0xea7, 0x10001, 0x4, 0x3, 0x9, 0xf4, 0xfffffffffffffffb, 0x3, 0x9, 0x1, 0x4, 0x609, 0x5, 0xfffffffffeecc6bd, 0x5, 0x5, 0x5, 0x2d, 0x5, 0x80000000, 0x8, 0x4, 0x6, 0x1, 0x1, 0x1, 0xaee, 0x7b, 0xbec, 0x6, 0x1, 0xb5, 0x978, 0x6, 0x9]})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_GET_STATS_FD_vm(r6, 0xaece)
close(r7)
ioctl$KVM_SET_USER_MEMORY_REGION2(r3, 0x40a0ae49, &(0x7f00000001c0)={0x5, 0x1, 0xdddd1000, 0x1000, &(0x7f0000dd2000/0x1000)=nil, 0x10001, r7})
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000000)={0x7})
r8 = eventfd2(0x780004, 0x1)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000100)={0x7, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0xccd, 0xc, &(0x7f0000000280)=0x45d4970})
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000080)={0xfffffffffffffffc, 0xf000, 0x0, r8})
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000})
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f00000000c0)={0x8})
r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r15, 0xc00caee0, &(0x7f0000000040)={0x7, <r16=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x9, 0x1, &(0x7f0000000040)=0xab})

1m49.749242467s ago: executing program 4 (id=364):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000be6000/0x400000)=nil)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000200)=ANY=[@ANYBLOB="0500007d01000000000000000200000003000000ffffffff100000000000000000000000000000000000000005000000020000000100000000000000faffffff000800000100000000000000000000000000000000000000000000000500000001000000000000000000000002000000080000000800000002000000000000000000000000000000000000001000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000010000000000000003000000003800"/236])
r2 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f00000011c0)=@attr_set_pmu={0x0, 0x0, 0x3, 0x0})
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000080)={0x4, 0xffffffffffffffff, 0x1})
r12 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r12})
syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r11, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
ioctl$KVM_REGISTER_COALESCED_MMIO(r11, 0x4010ae67, &(0x7f0000000180)={0x5000})
r13 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
r14 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r14})
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000180)={0x5000})
r15 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r15, 0xae80, 0x0)

1m42.978307561s ago: executing program 8 (id=365):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x200000000022)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f00000000c0)}, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000001000/0x2000)=nil, 0x930, 0x2000003, 0x4120932, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x140, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r12, 0x4010aeab, &(0x7f0000000140)=@arm64_core={0x603000000010000c, &(0x7f00000000c0)=0x2})
r13 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f0000000040)=@other={0x2, &(0x7f0000000240)=0x5})
r14 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000140)={0x4, <r15=>0xffffffffffffffff, 0x1})
write$eventfd(r15, &(0x7f00000001c0)=0x7ffffff, 0xfdef)
r16 = syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x8, <r17=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x2, 0x2, &(0x7f0000000180)=0x100000001})
ioctl$KVM_SET_DEVICE_ATTR(r17, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SIGNAL_MSI(r2, 0x4020aea5, &(0x7f0000000200)={0x8090040, 0x0, 0x0, 0x1})

1m31.400114588s ago: executing program 4 (id=366):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000100)={0xc0, 0x0, 0xc000})
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(r3, 0x20, &(0x7f0000000000)="d41a9d41114537046804ab2d424ada524a564dd01a1c4c29", 0x0, 0x18)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013c021}}], 0x18}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0xe)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x480, 0x0)

1m26.619862198s ago: executing program 8 (id=367):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_GET_MP_STATE(r2, 0x8004ae98, &(0x7f00000000c0))
r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8521, 0x0)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x603000000010000a, &(0x7f0000000000)=0x10000})

1m15.841554943s ago: executing program 4 (id=368):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r1, 0x4068aea3, &(0x7f0000000040)={0xe4, 0x0, 0x1000}) (async, rerun: 64)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (rerun: 64)

1m14.80163397s ago: executing program 8 (id=369):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x8, <r2=>0xffffffffffffffff})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x27)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x0, 0x0, 0x6, 0x0, 0x9}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f00000001c0)=@attr_arm64={0x0, 0x8, 0x4, 0x0})
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x100000001}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r11, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8, <r14=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r13, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x3)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r16, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xdddd1000, 0x2000, &(0x7f0000fa4000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r16, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
ioctl$KVM_GET_DIRTY_LOG(r16, 0x4010ae42, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000ffb000/0x3000)=nil})
r17 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r17, 0xae01, 0x0)

1m6.451141946s ago: executing program 4 (id=370):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x40000, 0x0})
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000)

51.465602842s ago: executing program 4 (id=371):
r0 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000000)={0x8, 0x6}) (async)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000000)={0x8, 0x6})
ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000000040)={0x1, 0xdb72})
ioctl$KVM_PRE_FAULT_MEMORY(r0, 0xc040aed5, &(0x7f0000000080)={0x4000, 0x10000})
syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000003c0)={0x0, &(0x7f00000000c0)=[@smc={0x1e, 0x40, {0x84000006, [0x1, 0x7, 0xf820, 0x81, 0x1000]}}, @smc={0x1e, 0x40, {0xffff, [0x2, 0x5, 0x1, 0x58]}}, @code={0xa, 0x9c, {"00c8a00e604690d20080b0f2a10180d2220080d2a30080d2a40180d2020000d4e0fe9ad200c0b0f2210080d2c20180d2430080d2640180d2020000d4e05695d20080b0f2410180d2620180d2c30080d2640080d2020000d400b0200ea0e595d20020b0f2410180d2a20180d2a30180d2040180d2020000d40078202e000028d5007008d5000028d5"}}, @msr={0x14, 0x20, {0x603000000013c200, 0x161}}, @mrs={0xbe, 0x18, {0x603000000013801d}}, @irq_setup={0x46, 0x18, {0x2, 0x375}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x1, 0x0, 0x4, 0x7b8}}, @mrs={0xbe, 0x18, {0x603000000013e6ca}}, @msr={0x14, 0x20, {0x603000000013dce3, 0x5}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x3, 0x1, 0x6, 0x80, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x3, 0x1, 0x5, 0x5, 0x4}}, @svc={0x122, 0x40, {0x40, [0x1000, 0x8000000000000000, 0x10, 0x7ff, 0x1]}}, @uexit={0x0, 0x18, 0x7}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x380, 0x3, 0x6}}, @irq_setup={0x46, 0x18, {0x0, 0x157}}, @memwrite={0x6e, 0x30, @generic={0xeeee0000, 0x2d8, 0x7, 0x2}}], 0x2ec}, &(0x7f0000000400)=[@featur1={0x1, 0x82}], 0x1) (async)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000003c0)={0x0, &(0x7f00000000c0)=[@smc={0x1e, 0x40, {0x84000006, [0x1, 0x7, 0xf820, 0x81, 0x1000]}}, @smc={0x1e, 0x40, {0xffff, [0x2, 0x5, 0x1, 0x58]}}, @code={0xa, 0x9c, {"00c8a00e604690d20080b0f2a10180d2220080d2a30080d2a40180d2020000d4e0fe9ad200c0b0f2210080d2c20180d2430080d2640180d2020000d4e05695d20080b0f2410180d2620180d2c30080d2640080d2020000d400b0200ea0e595d20020b0f2410180d2a20180d2a30180d2040180d2020000d40078202e000028d5007008d5000028d5"}}, @msr={0x14, 0x20, {0x603000000013c200, 0x161}}, @mrs={0xbe, 0x18, {0x603000000013801d}}, @irq_setup={0x46, 0x18, {0x2, 0x375}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x1, 0x0, 0x4, 0x7b8}}, @mrs={0xbe, 0x18, {0x603000000013e6ca}}, @msr={0x14, 0x20, {0x603000000013dce3, 0x5}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x3, 0x1, 0x6, 0x80, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x3, 0x1, 0x5, 0x5, 0x4}}, @svc={0x122, 0x40, {0x40, [0x1000, 0x8000000000000000, 0x10, 0x7ff, 0x1]}}, @uexit={0x0, 0x18, 0x7}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x380, 0x3, 0x6}}, @irq_setup={0x46, 0x18, {0x0, 0x157}}, @memwrite={0x6e, 0x30, @generic={0xeeee0000, 0x2d8, 0x7, 0x2}}], 0x2ec}, &(0x7f0000000400)=[@featur1={0x1, 0x82}], 0x1)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r1, 0x4010aeab, &(0x7f0000000440)={0x6, 0x3004})
ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f00000004c0)=@arm64_sve={0x60800000001501bc, &(0x7f0000000480)})
ioctl$KVM_SET_GUEST_DEBUG_arm64(r0, 0x4208ae9b, &(0x7f0000000500)={0x10002, 0x0, {[0x5, 0x80000000, 0x400, 0x9, 0x9, 0x1, 0x100000000, 0xbd8, 0x8, 0xfffffffffffffff8, 0x0, 0x5, 0xc, 0x9, 0x328, 0x7], [0x93, 0x7fffffff, 0x80000001, 0x9, 0x6, 0x1, 0x866, 0x3, 0x8, 0xff, 0x8000, 0x1, 0x0, 0x7, 0x6e69d30c, 0x8000000000000000], [0x4, 0x4, 0x2, 0x3, 0xffffffffffffff00, 0x5, 0xfffffffffffff806, 0x9, 0xffff, 0xfffffffffffeffff, 0x6, 0x7ff, 0x8001, 0x2, 0x8000, 0x6], [0x9, 0xfffffffffffffffa, 0x9, 0x6, 0xfdf, 0x5, 0xf7bb, 0x8, 0x4, 0xffffffff, 0x508, 0x7fffffffffffffff, 0x10001, 0x7c, 0x5, 0x9]}})
ioctl$KVM_SET_GUEST_DEBUG_arm64(r1, 0x4208ae9b, &(0x7f0000000740)={0x20000, 0x0, {[0x1, 0x0, 0x3946f522, 0x4, 0x40, 0x3d77, 0x9, 0x7, 0x9, 0xffffffff, 0xeb3, 0x7, 0xfffffffffffffffa, 0x9, 0x7, 0xa], [0xfffffffffffffffd, 0x9, 0x7, 0x0, 0xffffffffffffff33, 0x10001, 0x1, 0xc71, 0xb, 0x5, 0x7fff, 0x0, 0x20, 0x5, 0x8000000000000000, 0x6], [0xfffffffffffffffe, 0xc693, 0xfffffffffffffffc, 0x0, 0xd, 0xd505, 0x0, 0x8, 0x2, 0x8, 0x6, 0xe7c, 0x2, 0x5, 0x6017, 0x9], [0x5, 0x400, 0x9, 0x3, 0x1, 0x2, 0x100000001, 0x8, 0xfffffffffffff4b3, 0x2, 0x1, 0x2, 0x0, 0x1, 0x9, 0x9]}})
ioctl$KVM_ARM_SET_DEVICE_ADDR(r0, 0x4010aeab, &(0x7f0000000980)={0x3, 0x80a0000})
ioctl$KVM_CAP_ARM_USER_IRQ(r0, 0x4068aea3, &(0x7f00000009c0)) (async)
ioctl$KVM_CAP_ARM_USER_IRQ(r0, 0x4068aea3, &(0x7f00000009c0))
ioctl$KVM_GET_REGS(r1, 0x8360ae81, &(0x7f0000000a40))
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x17)
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000b00)=@x86={0x79, 0x4, 0x5, 0x0, 0xb, 0x2, 0x6, 0xb, 0x80, 0xe, 0xd5, 0x7f, 0x0, 0x44, 0xffffffff, 0x0, 0x81, 0x4, 0x39, '\x00', 0x8, 0x8000000000000001})
ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000b40)=0x1) (async)
ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000b40)=0x1)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION2(r0, 0x40a0ae49, &(0x7f0000000b80)={0x2, 0x4, 0xf000, 0x1000, &(0x7f0000ffc000/0x1000)=nil, 0x469}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION2(r0, 0x40a0ae49, &(0x7f0000000b80)={0x2, 0x4, 0xf000, 0x1000, &(0x7f0000ffc000/0x1000)=nil, 0x469})
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000dc0)={0x0, &(0x7f0000000c40)=[@uexit={0x0, 0x18, 0x3}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x0, 0x1, 0x8001, 0x8, 0x1}}, @hvc={0x32, 0x40, {0xd, [0x6, 0x1, 0x6, 0x8, 0xf60]}}, @memwrite={0x6e, 0x30, @generic={0x4, 0x18d, 0x1, 0x5}}, @uexit={0x0, 0x18, 0xc7d9}, @code={0xa, 0x6c, {"000008d5008008d50000007200fc200ec0439dd20040b0f2410080d2a20080d2430080d2a40080d2020000d4000000c80028c01a00f78fd200e0b0f2810180d2c20180d2830180d2040080d2020000d4000040fa00b8205e"}}, @uexit={0x0, 0x18, 0xa287}, @irq_setup={0x46, 0x18, {0x1, 0x12}}], 0x164}, &(0x7f0000000e00)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_GET_REGS(r0, 0x8360ae81, &(0x7f0000000e40)) (async)
ioctl$KVM_GET_REGS(r0, 0x8360ae81, &(0x7f0000000e40))
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000f00), 0x181100, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x34) (async)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x34)
syz_kvm_add_vcpu$arm64(r3, &(0x7f00000013c0)={0x0, &(0x7f0000000f40)=[@irq_setup={0x46, 0x18, {0x1, 0x387}}, @msr={0x14, 0x20, {0x603000000013e6cf, 0x7}}, @irq_setup={0x46, 0x18, {0x2, 0x34c}}, @uexit={0x0, 0x18, 0x5}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x340}}, @svc={0x122, 0x40, {0x31000000, [0x2, 0x81, 0x2, 0x6, 0x2]}}, @msr={0x14, 0x20, {0x603000000013c64b, 0xffffffff}}, @mrs={0xbe, 0x18, {0x603000000013c518}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x0, 0x8, 0x8, 0x5, 0x3}}, @uexit={0x0, 0x18, 0x1}, @eret={0xe6, 0x18, 0xd2dd}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe8, 0x0, 0x9}}, @smc={0x1e, 0x40, {0x1000, [0x7, 0x2, 0x9, 0x98f, 0xf1]}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x4, 0x8, 0x7ff, 0x0, 0x4}}, @svc={0x122, 0x40, {0x84000011, [0xf, 0x6, 0xe, 0x7e80a46a, 0x6]}}, @irq_setup={0x46, 0x18, {0x0, 0x2}}, @uexit={0x0, 0x18, 0x9}, @code={0xa, 0x54, {"0000621e000028d5007008d5000028d50028c01a00c8a10ea0fd9bd200a0b0f2610180d2220080d2030180d2c40180d2020000d4000008d5000008d5007008d5"}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x48, 0xf7b3, 0x9}}, @svc={0x122, 0x40, {0x10, [0x5, 0x7, 0xfa, 0xd2, 0x7]}}, @svc={0x122, 0x40, {0x84000009, [0x7f, 0x6ac1dbd2, 0x6, 0xfffffffffffffff8]}}, @code={0xa, 0x84, {"a0428ed20080b0f2c10180d2220080d2630080d2240080d2020000d4000080d2a0c59bd200e0b0f2010080d2820180d2e30080d2040180d2020000d4c09d8cd20020b8f2210180d2820080d2630180d2240080d2020000d4000008d500b8210e007008d5007008d500000032007008d5"}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x2, 0xd, 0xffff, 0xb, 0x1}}, @msr={0x14, 0x20, {0x603000000013de99}}, @msr={0x14, 0x20, {0x603000000013c662, 0x1260}}], 0x458}, &(0x7f0000001400)=[@featur1={0x1, 0x48}], 0x1) (async)
r6 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000013c0)={0x0, &(0x7f0000000f40)=[@irq_setup={0x46, 0x18, {0x1, 0x387}}, @msr={0x14, 0x20, {0x603000000013e6cf, 0x7}}, @irq_setup={0x46, 0x18, {0x2, 0x34c}}, @uexit={0x0, 0x18, 0x5}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x340}}, @svc={0x122, 0x40, {0x31000000, [0x2, 0x81, 0x2, 0x6, 0x2]}}, @msr={0x14, 0x20, {0x603000000013c64b, 0xffffffff}}, @mrs={0xbe, 0x18, {0x603000000013c518}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x0, 0x8, 0x8, 0x5, 0x3}}, @uexit={0x0, 0x18, 0x1}, @eret={0xe6, 0x18, 0xd2dd}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe8, 0x0, 0x9}}, @smc={0x1e, 0x40, {0x1000, [0x7, 0x2, 0x9, 0x98f, 0xf1]}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x4, 0x8, 0x7ff, 0x0, 0x4}}, @svc={0x122, 0x40, {0x84000011, [0xf, 0x6, 0xe, 0x7e80a46a, 0x6]}}, @irq_setup={0x46, 0x18, {0x0, 0x2}}, @uexit={0x0, 0x18, 0x9}, @code={0xa, 0x54, {"0000621e000028d5007008d5000028d50028c01a00c8a10ea0fd9bd200a0b0f2610180d2220080d2030180d2c40180d2020000d4000008d5000008d5007008d5"}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x48, 0xf7b3, 0x9}}, @svc={0x122, 0x40, {0x10, [0x5, 0x7, 0xfa, 0xd2, 0x7]}}, @svc={0x122, 0x40, {0x84000009, [0x7f, 0x6ac1dbd2, 0x6, 0xfffffffffffffff8]}}, @code={0xa, 0x84, {"a0428ed20080b0f2c10180d2220080d2630080d2240080d2020000d4000080d2a0c59bd200e0b0f2010080d2820180d2e30080d2040180d2020000d4c09d8cd20020b8f2210180d2820080d2630180d2240080d2020000d4000008d500b8210e007008d5007008d500000032007008d5"}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x2, 0xd, 0xffff, 0xb, 0x1}}, @msr={0x14, 0x20, {0x603000000013de99}}, @msr={0x14, 0x20, {0x603000000013c662, 0x1260}}], 0x458}, &(0x7f0000001400)=[@featur1={0x1, 0x48}], 0x1)
ioctl$KVM_SET_REGS(r6, 0x4360ae82, &(0x7f0000001440)={[0xcab, 0x7, 0x1, 0xffffffff, 0x7, 0x40, 0x4, 0xffffffffffffffff, 0xc, 0xb, 0x3, 0xc, 0x1ff, 0xb04, 0xfff, 0x7], 0xdddd1000, 0x4000})
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000001540)=@other={0x6, &(0x7f0000001500)=0x80000000000})
ioctl$KVM_SET_GUEST_DEBUG_arm64(0xffffffffffffffff, 0x4208ae9b, &(0x7f0000001580)={0x30000, 0x0, {[0x9, 0x5, 0x6e18, 0x1, 0x7ff, 0xdd, 0xfffffffffffffff7, 0xc, 0x4, 0x2b99, 0x82, 0x3, 0x119, 0x101, 0x2, 0xffffffffffffff01], [0x3, 0x8, 0x7ff, 0x200, 0x821, 0x6, 0x3, 0x9, 0x1, 0xc000000000000000, 0x9, 0x4, 0x98, 0x7, 0x6, 0x7ff], [0x3, 0x8, 0x1, 0x6, 0x2, 0x5, 0x4, 0x6, 0x1, 0x2, 0x4, 0x0, 0xe3, 0x8, 0x3, 0x4], [0x10, 0xbb, 0x7685, 0x3, 0xce3e, 0x6, 0x6, 0x6, 0x10000, 0x5, 0x43, 0xfffffffffffffffc, 0x5, 0xfffffffffffffffe, 0x81, 0x1]}})
r7 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000001840)={0x0, &(0x7f00000017c0)=[@eret={0xe6, 0x18, 0x9}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x53}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x2, 0xf, 0x12c, 0x6ee6, 0x4}}], 0x68}, &(0x7f0000001880)=[@featur1={0x1, 0x1}], 0x1)
ioctl$KVM_GET_STATS_FD_cpu(r7, 0xaece) (async)
ioctl$KVM_GET_STATS_FD_cpu(r7, 0xaece)
ioctl$KVM_ARM_PREFERRED_TARGET(r4, 0x8020aeaf, &(0x7f00000018c0)) (async)
ioctl$KVM_ARM_PREFERRED_TARGET(r4, 0x8020aeaf, &(0x7f00000018c0))
ioctl$KVM_INTERRUPT(r1, 0x4004ae86, &(0x7f0000001900)=0x3)

47.821013696s ago: executing program 8 (id=372):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r3 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_RUN(r7, 0x4000ae8d, 0x0)
r8 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000b80)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000002, [0x99b, 0x100000001, 0x5, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

4.558193092s ago: executing program 58 (id=371):
r0 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000000)={0x8, 0x6}) (async)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000000)={0x8, 0x6})
ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000000040)={0x1, 0xdb72})
ioctl$KVM_PRE_FAULT_MEMORY(r0, 0xc040aed5, &(0x7f0000000080)={0x4000, 0x10000})
syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000003c0)={0x0, &(0x7f00000000c0)=[@smc={0x1e, 0x40, {0x84000006, [0x1, 0x7, 0xf820, 0x81, 0x1000]}}, @smc={0x1e, 0x40, {0xffff, [0x2, 0x5, 0x1, 0x58]}}, @code={0xa, 0x9c, {"00c8a00e604690d20080b0f2a10180d2220080d2a30080d2a40180d2020000d4e0fe9ad200c0b0f2210080d2c20180d2430080d2640180d2020000d4e05695d20080b0f2410180d2620180d2c30080d2640080d2020000d400b0200ea0e595d20020b0f2410180d2a20180d2a30180d2040180d2020000d40078202e000028d5007008d5000028d5"}}, @msr={0x14, 0x20, {0x603000000013c200, 0x161}}, @mrs={0xbe, 0x18, {0x603000000013801d}}, @irq_setup={0x46, 0x18, {0x2, 0x375}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x1, 0x0, 0x4, 0x7b8}}, @mrs={0xbe, 0x18, {0x603000000013e6ca}}, @msr={0x14, 0x20, {0x603000000013dce3, 0x5}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x3, 0x1, 0x6, 0x80, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x3, 0x1, 0x5, 0x5, 0x4}}, @svc={0x122, 0x40, {0x40, [0x1000, 0x8000000000000000, 0x10, 0x7ff, 0x1]}}, @uexit={0x0, 0x18, 0x7}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x380, 0x3, 0x6}}, @irq_setup={0x46, 0x18, {0x0, 0x157}}, @memwrite={0x6e, 0x30, @generic={0xeeee0000, 0x2d8, 0x7, 0x2}}], 0x2ec}, &(0x7f0000000400)=[@featur1={0x1, 0x82}], 0x1) (async)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000003c0)={0x0, &(0x7f00000000c0)=[@smc={0x1e, 0x40, {0x84000006, [0x1, 0x7, 0xf820, 0x81, 0x1000]}}, @smc={0x1e, 0x40, {0xffff, [0x2, 0x5, 0x1, 0x58]}}, @code={0xa, 0x9c, {"00c8a00e604690d20080b0f2a10180d2220080d2a30080d2a40180d2020000d4e0fe9ad200c0b0f2210080d2c20180d2430080d2640180d2020000d4e05695d20080b0f2410180d2620180d2c30080d2640080d2020000d400b0200ea0e595d20020b0f2410180d2a20180d2a30180d2040180d2020000d40078202e000028d5007008d5000028d5"}}, @msr={0x14, 0x20, {0x603000000013c200, 0x161}}, @mrs={0xbe, 0x18, {0x603000000013801d}}, @irq_setup={0x46, 0x18, {0x2, 0x375}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x1, 0x0, 0x4, 0x7b8}}, @mrs={0xbe, 0x18, {0x603000000013e6ca}}, @msr={0x14, 0x20, {0x603000000013dce3, 0x5}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x3, 0x1, 0x6, 0x80, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x3, 0x1, 0x5, 0x5, 0x4}}, @svc={0x122, 0x40, {0x40, [0x1000, 0x8000000000000000, 0x10, 0x7ff, 0x1]}}, @uexit={0x0, 0x18, 0x7}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x380, 0x3, 0x6}}, @irq_setup={0x46, 0x18, {0x0, 0x157}}, @memwrite={0x6e, 0x30, @generic={0xeeee0000, 0x2d8, 0x7, 0x2}}], 0x2ec}, &(0x7f0000000400)=[@featur1={0x1, 0x82}], 0x1)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r1, 0x4010aeab, &(0x7f0000000440)={0x6, 0x3004})
ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f00000004c0)=@arm64_sve={0x60800000001501bc, &(0x7f0000000480)})
ioctl$KVM_SET_GUEST_DEBUG_arm64(r0, 0x4208ae9b, &(0x7f0000000500)={0x10002, 0x0, {[0x5, 0x80000000, 0x400, 0x9, 0x9, 0x1, 0x100000000, 0xbd8, 0x8, 0xfffffffffffffff8, 0x0, 0x5, 0xc, 0x9, 0x328, 0x7], [0x93, 0x7fffffff, 0x80000001, 0x9, 0x6, 0x1, 0x866, 0x3, 0x8, 0xff, 0x8000, 0x1, 0x0, 0x7, 0x6e69d30c, 0x8000000000000000], [0x4, 0x4, 0x2, 0x3, 0xffffffffffffff00, 0x5, 0xfffffffffffff806, 0x9, 0xffff, 0xfffffffffffeffff, 0x6, 0x7ff, 0x8001, 0x2, 0x8000, 0x6], [0x9, 0xfffffffffffffffa, 0x9, 0x6, 0xfdf, 0x5, 0xf7bb, 0x8, 0x4, 0xffffffff, 0x508, 0x7fffffffffffffff, 0x10001, 0x7c, 0x5, 0x9]}})
ioctl$KVM_SET_GUEST_DEBUG_arm64(r1, 0x4208ae9b, &(0x7f0000000740)={0x20000, 0x0, {[0x1, 0x0, 0x3946f522, 0x4, 0x40, 0x3d77, 0x9, 0x7, 0x9, 0xffffffff, 0xeb3, 0x7, 0xfffffffffffffffa, 0x9, 0x7, 0xa], [0xfffffffffffffffd, 0x9, 0x7, 0x0, 0xffffffffffffff33, 0x10001, 0x1, 0xc71, 0xb, 0x5, 0x7fff, 0x0, 0x20, 0x5, 0x8000000000000000, 0x6], [0xfffffffffffffffe, 0xc693, 0xfffffffffffffffc, 0x0, 0xd, 0xd505, 0x0, 0x8, 0x2, 0x8, 0x6, 0xe7c, 0x2, 0x5, 0x6017, 0x9], [0x5, 0x400, 0x9, 0x3, 0x1, 0x2, 0x100000001, 0x8, 0xfffffffffffff4b3, 0x2, 0x1, 0x2, 0x0, 0x1, 0x9, 0x9]}})
ioctl$KVM_ARM_SET_DEVICE_ADDR(r0, 0x4010aeab, &(0x7f0000000980)={0x3, 0x80a0000})
ioctl$KVM_CAP_ARM_USER_IRQ(r0, 0x4068aea3, &(0x7f00000009c0)) (async)
ioctl$KVM_CAP_ARM_USER_IRQ(r0, 0x4068aea3, &(0x7f00000009c0))
ioctl$KVM_GET_REGS(r1, 0x8360ae81, &(0x7f0000000a40))
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x17)
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000b00)=@x86={0x79, 0x4, 0x5, 0x0, 0xb, 0x2, 0x6, 0xb, 0x80, 0xe, 0xd5, 0x7f, 0x0, 0x44, 0xffffffff, 0x0, 0x81, 0x4, 0x39, '\x00', 0x8, 0x8000000000000001})
ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000b40)=0x1) (async)
ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000b40)=0x1)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION2(r0, 0x40a0ae49, &(0x7f0000000b80)={0x2, 0x4, 0xf000, 0x1000, &(0x7f0000ffc000/0x1000)=nil, 0x469}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION2(r0, 0x40a0ae49, &(0x7f0000000b80)={0x2, 0x4, 0xf000, 0x1000, &(0x7f0000ffc000/0x1000)=nil, 0x469})
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000dc0)={0x0, &(0x7f0000000c40)=[@uexit={0x0, 0x18, 0x3}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x0, 0x1, 0x8001, 0x8, 0x1}}, @hvc={0x32, 0x40, {0xd, [0x6, 0x1, 0x6, 0x8, 0xf60]}}, @memwrite={0x6e, 0x30, @generic={0x4, 0x18d, 0x1, 0x5}}, @uexit={0x0, 0x18, 0xc7d9}, @code={0xa, 0x6c, {"000008d5008008d50000007200fc200ec0439dd20040b0f2410080d2a20080d2430080d2a40080d2020000d4000000c80028c01a00f78fd200e0b0f2810180d2c20180d2830180d2040080d2020000d4000040fa00b8205e"}}, @uexit={0x0, 0x18, 0xa287}, @irq_setup={0x46, 0x18, {0x1, 0x12}}], 0x164}, &(0x7f0000000e00)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_GET_REGS(r0, 0x8360ae81, &(0x7f0000000e40)) (async)
ioctl$KVM_GET_REGS(r0, 0x8360ae81, &(0x7f0000000e40))
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000f00), 0x181100, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x34) (async)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x34)
syz_kvm_add_vcpu$arm64(r3, &(0x7f00000013c0)={0x0, &(0x7f0000000f40)=[@irq_setup={0x46, 0x18, {0x1, 0x387}}, @msr={0x14, 0x20, {0x603000000013e6cf, 0x7}}, @irq_setup={0x46, 0x18, {0x2, 0x34c}}, @uexit={0x0, 0x18, 0x5}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x340}}, @svc={0x122, 0x40, {0x31000000, [0x2, 0x81, 0x2, 0x6, 0x2]}}, @msr={0x14, 0x20, {0x603000000013c64b, 0xffffffff}}, @mrs={0xbe, 0x18, {0x603000000013c518}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x0, 0x8, 0x8, 0x5, 0x3}}, @uexit={0x0, 0x18, 0x1}, @eret={0xe6, 0x18, 0xd2dd}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe8, 0x0, 0x9}}, @smc={0x1e, 0x40, {0x1000, [0x7, 0x2, 0x9, 0x98f, 0xf1]}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x4, 0x8, 0x7ff, 0x0, 0x4}}, @svc={0x122, 0x40, {0x84000011, [0xf, 0x6, 0xe, 0x7e80a46a, 0x6]}}, @irq_setup={0x46, 0x18, {0x0, 0x2}}, @uexit={0x0, 0x18, 0x9}, @code={0xa, 0x54, {"0000621e000028d5007008d5000028d50028c01a00c8a10ea0fd9bd200a0b0f2610180d2220080d2030180d2c40180d2020000d4000008d5000008d5007008d5"}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x48, 0xf7b3, 0x9}}, @svc={0x122, 0x40, {0x10, [0x5, 0x7, 0xfa, 0xd2, 0x7]}}, @svc={0x122, 0x40, {0x84000009, [0x7f, 0x6ac1dbd2, 0x6, 0xfffffffffffffff8]}}, @code={0xa, 0x84, {"a0428ed20080b0f2c10180d2220080d2630080d2240080d2020000d4000080d2a0c59bd200e0b0f2010080d2820180d2e30080d2040180d2020000d4c09d8cd20020b8f2210180d2820080d2630180d2240080d2020000d4000008d500b8210e007008d5007008d500000032007008d5"}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x2, 0xd, 0xffff, 0xb, 0x1}}, @msr={0x14, 0x20, {0x603000000013de99}}, @msr={0x14, 0x20, {0x603000000013c662, 0x1260}}], 0x458}, &(0x7f0000001400)=[@featur1={0x1, 0x48}], 0x1) (async)
r6 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000013c0)={0x0, &(0x7f0000000f40)=[@irq_setup={0x46, 0x18, {0x1, 0x387}}, @msr={0x14, 0x20, {0x603000000013e6cf, 0x7}}, @irq_setup={0x46, 0x18, {0x2, 0x34c}}, @uexit={0x0, 0x18, 0x5}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x340}}, @svc={0x122, 0x40, {0x31000000, [0x2, 0x81, 0x2, 0x6, 0x2]}}, @msr={0x14, 0x20, {0x603000000013c64b, 0xffffffff}}, @mrs={0xbe, 0x18, {0x603000000013c518}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x0, 0x8, 0x8, 0x5, 0x3}}, @uexit={0x0, 0x18, 0x1}, @eret={0xe6, 0x18, 0xd2dd}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe8, 0x0, 0x9}}, @smc={0x1e, 0x40, {0x1000, [0x7, 0x2, 0x9, 0x98f, 0xf1]}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x4, 0x8, 0x7ff, 0x0, 0x4}}, @svc={0x122, 0x40, {0x84000011, [0xf, 0x6, 0xe, 0x7e80a46a, 0x6]}}, @irq_setup={0x46, 0x18, {0x0, 0x2}}, @uexit={0x0, 0x18, 0x9}, @code={0xa, 0x54, {"0000621e000028d5007008d5000028d50028c01a00c8a10ea0fd9bd200a0b0f2610180d2220080d2030180d2c40180d2020000d4000008d5000008d5007008d5"}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x48, 0xf7b3, 0x9}}, @svc={0x122, 0x40, {0x10, [0x5, 0x7, 0xfa, 0xd2, 0x7]}}, @svc={0x122, 0x40, {0x84000009, [0x7f, 0x6ac1dbd2, 0x6, 0xfffffffffffffff8]}}, @code={0xa, 0x84, {"a0428ed20080b0f2c10180d2220080d2630080d2240080d2020000d4000080d2a0c59bd200e0b0f2010080d2820180d2e30080d2040180d2020000d4c09d8cd20020b8f2210180d2820080d2630180d2240080d2020000d4000008d500b8210e007008d5007008d500000032007008d5"}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x2, 0xd, 0xffff, 0xb, 0x1}}, @msr={0x14, 0x20, {0x603000000013de99}}, @msr={0x14, 0x20, {0x603000000013c662, 0x1260}}], 0x458}, &(0x7f0000001400)=[@featur1={0x1, 0x48}], 0x1)
ioctl$KVM_SET_REGS(r6, 0x4360ae82, &(0x7f0000001440)={[0xcab, 0x7, 0x1, 0xffffffff, 0x7, 0x40, 0x4, 0xffffffffffffffff, 0xc, 0xb, 0x3, 0xc, 0x1ff, 0xb04, 0xfff, 0x7], 0xdddd1000, 0x4000})
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000001540)=@other={0x6, &(0x7f0000001500)=0x80000000000})
ioctl$KVM_SET_GUEST_DEBUG_arm64(0xffffffffffffffff, 0x4208ae9b, &(0x7f0000001580)={0x30000, 0x0, {[0x9, 0x5, 0x6e18, 0x1, 0x7ff, 0xdd, 0xfffffffffffffff7, 0xc, 0x4, 0x2b99, 0x82, 0x3, 0x119, 0x101, 0x2, 0xffffffffffffff01], [0x3, 0x8, 0x7ff, 0x200, 0x821, 0x6, 0x3, 0x9, 0x1, 0xc000000000000000, 0x9, 0x4, 0x98, 0x7, 0x6, 0x7ff], [0x3, 0x8, 0x1, 0x6, 0x2, 0x5, 0x4, 0x6, 0x1, 0x2, 0x4, 0x0, 0xe3, 0x8, 0x3, 0x4], [0x10, 0xbb, 0x7685, 0x3, 0xce3e, 0x6, 0x6, 0x6, 0x10000, 0x5, 0x43, 0xfffffffffffffffc, 0x5, 0xfffffffffffffffe, 0x81, 0x1]}})
r7 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000001840)={0x0, &(0x7f00000017c0)=[@eret={0xe6, 0x18, 0x9}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x53}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x2, 0xf, 0x12c, 0x6ee6, 0x4}}], 0x68}, &(0x7f0000001880)=[@featur1={0x1, 0x1}], 0x1)
ioctl$KVM_GET_STATS_FD_cpu(r7, 0xaece) (async)
ioctl$KVM_GET_STATS_FD_cpu(r7, 0xaece)
ioctl$KVM_ARM_PREFERRED_TARGET(r4, 0x8020aeaf, &(0x7f00000018c0)) (async)
ioctl$KVM_ARM_PREFERRED_TARGET(r4, 0x8020aeaf, &(0x7f00000018c0))
ioctl$KVM_INTERRUPT(r1, 0x4004ae86, &(0x7f0000001900)=0x3)

0s ago: executing program 59 (id=372):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r3 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_RUN(r7, 0x4000ae8d, 0x0)
r8 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000b80)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000002, [0x99b, 0x100000001, 0x5, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

[  386.944507][ T3150] 8021q: adding VLAN 0 to HW filter on device bond0
[  440.527786][ T3150] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:19160' (ED25519) to the list of known hosts.
[  604.360712][   T25] audit: type=1400 audit(603.570:60): avc:  denied  { name_bind } for  pid=3308 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  606.277391][   T25] audit: type=1400 audit(605.490:61): avc:  denied  { execute } for  pid=3309 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  606.319646][   T25] audit: type=1400 audit(605.510:62): avc:  denied  { execute_no_trans } for  pid=3309 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  626.802376][   T25] audit: type=1400 audit(626.010:63): avc:  denied  { mounton } for  pid=3309 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  626.834889][   T25] audit: type=1400 audit(626.050:64): avc:  denied  { mount } for  pid=3309 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  626.925908][ T3309] cgroup: Unknown subsys name 'net'
[  626.976656][   T25] audit: type=1400 audit(626.190:65): avc:  denied  { unmount } for  pid=3309 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  627.382358][ T3309] cgroup: Unknown subsys name 'cpuset'
[  627.485284][ T3309] cgroup: Unknown subsys name 'rlimit'
[  628.401426][   T25] audit: type=1400 audit(627.610:66): avc:  denied  { setattr } for  pid=3309 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  628.425700][   T25] audit: type=1400 audit(627.640:67): avc:  denied  { mounton } for  pid=3309 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  628.444939][   T25] audit: type=1400 audit(627.650:68): avc:  denied  { mount } for  pid=3309 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  629.683666][ T3312] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  629.703787][   T25] audit: type=1400 audit(628.910:69): avc:  denied  { relabelto } for  pid=3312 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  629.724869][   T25] audit: type=1400 audit(628.940:70): avc:  denied  { write } for  pid=3312 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  629.904148][   T25] audit: type=1400 audit(629.110:71): avc:  denied  { read } for  pid=3309 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  629.920927][   T25] audit: type=1400 audit(629.130:72): avc:  denied  { open } for  pid=3309 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  629.964750][ T3309] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  680.568188][   T25] audit: type=1400 audit(679.780:73): avc:  denied  { execmem } for  pid=3313 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  685.251819][   T25] audit: type=1400 audit(684.450:74): avc:  denied  { read } for  pid=3315 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  685.267792][   T25] audit: type=1400 audit(684.480:75): avc:  denied  { open } for  pid=3315 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  685.354610][   T25] audit: type=1400 audit(684.570:76): avc:  denied  { mounton } for  pid=3315 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  685.653621][   T25] audit: type=1400 audit(684.870:77): avc:  denied  { module_request } for  pid=3316 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  685.675533][   T25] audit: type=1400 audit(684.890:78): avc:  denied  { module_request } for  pid=3315 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  686.777935][   T25] audit: type=1400 audit(685.990:79): avc:  denied  { sys_module } for  pid=3316 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  715.994580][ T3316] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  716.255705][ T3316] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  716.331454][ T3315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  716.541919][ T3315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  728.513680][ T3316] hsr_slave_0: entered promiscuous mode
[  728.541374][ T3316] hsr_slave_1: entered promiscuous mode
[  729.556339][ T3315] hsr_slave_0: entered promiscuous mode
[  729.616756][ T3315] hsr_slave_1: entered promiscuous mode
[  729.658054][ T3315] debugfs: 'hsr0' already exists in 'hsr'
[  729.674577][ T3315] Cannot create hsr debugfs directory
[  734.960185][   T25] audit: type=1400 audit(734.150:80): avc:  denied  { create } for  pid=3316 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  735.081125][   T25] audit: type=1400 audit(734.230:81): avc:  denied  { write } for  pid=3316 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  735.087410][   T25] audit: type=1400 audit(734.290:82): avc:  denied  { read } for  pid=3316 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  735.257467][ T3316] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  735.684136][ T3316] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  735.878130][ T3316] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  736.105364][ T3316] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  737.923439][ T3315] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  738.297674][ T3315] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  738.514423][ T3315] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  738.696457][ T3315] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  750.946323][ T3316] 8021q: adding VLAN 0 to HW filter on device bond0
[  753.634153][ T3315] 8021q: adding VLAN 0 to HW filter on device bond0
[  809.729315][ T3316] veth0_vlan: entered promiscuous mode
[  810.234511][ T3316] veth1_vlan: entered promiscuous mode
[  812.094283][ T3316] veth0_macvtap: entered promiscuous mode
[  812.731846][ T3316] veth1_macvtap: entered promiscuous mode
[  812.807409][ T3315] veth0_vlan: entered promiscuous mode
[  813.451282][ T3315] veth1_vlan: entered promiscuous mode
[  814.831361][   T35] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  814.837886][   T35] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  814.896261][   T35] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  814.913619][   T35] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  816.564940][ T3315] veth0_macvtap: entered promiscuous mode
[  817.459303][ T3315] veth1_macvtap: entered promiscuous mode
[  817.855957][   T25] audit: type=1400 audit(817.070:83): avc:  denied  { mount } for  pid=3316 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  818.165685][   T25] audit: type=1400 audit(817.380:84): avc:  denied  { mounton } for  pid=3316 comm="syz-executor" path="/syzkaller.kuf4UI/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  818.417581][   T25] audit: type=1400 audit(817.630:85): avc:  denied  { mount } for  pid=3316 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  818.952226][   T25] audit: type=1400 audit(818.120:86): avc:  denied  { mounton } for  pid=3316 comm="syz-executor" path="/syzkaller.kuf4UI/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  819.081106][   T25] audit: type=1400 audit(818.290:87): avc:  denied  { mounton } for  pid=3316 comm="syz-executor" path="/syzkaller.kuf4UI/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3773 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  820.127402][   T25] audit: type=1400 audit(819.340:88): avc:  denied  { unmount } for  pid=3316 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  820.531071][   T25] audit: type=1400 audit(819.690:89): avc:  denied  { mounton } for  pid=3316 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  820.581821][ T3325] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  820.608086][ T3325] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  820.626332][ T3325] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  820.647523][ T3325] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  820.777299][   T25] audit: type=1400 audit(819.930:90): avc:  denied  { mount } for  pid=3316 comm="syz-executor" name="/" dev="gadgetfs" ino=3783 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  821.257775][   T25] audit: type=1400 audit(820.470:91): avc:  denied  { mount } for  pid=3316 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  821.400955][   T25] audit: type=1400 audit(820.610:92): avc:  denied  { mounton } for  pid=3316 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  823.564400][ T3316] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  824.255380][   T25] kauditd_printk_skb: 1 callbacks suppressed
[  824.275266][   T25] audit: type=1400 audit(823.460:94): avc:  denied  { read write } for  pid=3316 comm="syz-executor" name="loop0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  824.310936][   T25] audit: type=1400 audit(823.460:95): avc:  denied  { open } for  pid=3316 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  824.331065][   T25] audit: type=1400 audit(823.540:96): avc:  denied  { ioctl } for  pid=3316 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=637 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  838.820878][   T25] audit: type=1400 audit(838.030:97): avc:  denied  { read } for  pid=3471 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  838.901137][   T25] audit: type=1400 audit(838.110:98): avc:  denied  { open } for  pid=3471 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  838.947778][   T25] audit: type=1400 audit(838.160:99): avc:  denied  { ioctl } for  pid=3471 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae04 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  846.678274][   T25] audit: type=1400 audit(845.890:100): avc:  denied  { append } for  pid=3483 comm="syz.1.4" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  869.308303][   T25] audit: type=1400 audit(868.470:101): avc:  denied  { execute } for  pid=3498 comm="syz.0.9" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4154 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  871.891981][   T25] audit: type=1400 audit(871.080:102): avc:  denied  { setattr } for  pid=3501 comm="syz.1.10" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  970.305949][   T35] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  971.237276][   T35] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  971.725250][   T35] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  972.535015][   T35] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  984.661895][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  984.791881][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  984.864777][   T35] bond0 (unregistering): Released all slaves
[  986.603025][   T35] hsr_slave_0: left promiscuous mode
[  986.644637][   T35] hsr_slave_1: left promiscuous mode
[  987.217766][   T35] veth1_macvtap: left promiscuous mode
[  987.262218][   T35] veth0_macvtap: left promiscuous mode
[  987.279281][   T35] veth1_vlan: left promiscuous mode
[  987.301166][   T35] veth0_vlan: left promiscuous mode
[ 1000.855354][ T3511] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1001.284284][ T3511] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1005.496172][   T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1007.012280][   T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1008.244364][   T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1009.747225][   T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1017.415565][ T3518] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1026.895739][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1026.976933][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1027.033921][   T35] bond0 (unregistering): Released all slaves
[ 1027.437888][ T3518] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1029.160878][   T35] hsr_slave_0: left promiscuous mode
[ 1029.441545][   T35] hsr_slave_1: left promiscuous mode
[ 1029.910339][   T35] veth1_macvtap: left promiscuous mode
[ 1029.921490][   T35] veth0_macvtap: left promiscuous mode
[ 1029.925940][   T35] veth1_vlan: left promiscuous mode
[ 1029.936577][   T35] veth0_vlan: left promiscuous mode
[ 1047.383077][ T3511] hsr_slave_0: entered promiscuous mode
[ 1047.445256][ T3511] hsr_slave_1: entered promiscuous mode
[ 1058.404988][ T3511] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1058.787582][ T3511] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1059.053298][ T3511] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1059.502088][ T3511] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1061.487129][ T3518] hsr_slave_0: entered promiscuous mode
[ 1061.538498][ T3518] hsr_slave_1: entered promiscuous mode
[ 1061.593494][ T3518] debugfs: 'hsr0' already exists in 'hsr'
[ 1061.599941][ T3518] Cannot create hsr debugfs directory
[ 1077.617945][ T3518] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1078.090969][ T3518] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1078.432899][ T3518] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1078.773148][ T3518] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1086.468391][ T3511] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1102.233715][ T3518] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1176.196117][ T3511] veth0_vlan: entered promiscuous mode
[ 1176.994584][ T3511] veth1_vlan: entered promiscuous mode
[ 1179.744805][ T3511] veth0_macvtap: entered promiscuous mode
[ 1180.087131][ T3511] veth1_macvtap: entered promiscuous mode
[ 1183.297165][ T3396] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1183.331159][ T3396] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1183.350029][ T3325] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1183.350981][ T3325] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1199.385529][ T3518] veth0_vlan: entered promiscuous mode
[ 1200.543930][ T3518] veth1_vlan: entered promiscuous mode
[ 1204.437980][ T3518] veth0_macvtap: entered promiscuous mode
[ 1205.191788][ T3518] veth1_macvtap: entered promiscuous mode
[ 1208.766049][ T3409] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1208.862079][ T3646] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1208.863159][ T3646] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1208.895656][ T3646] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1212.961849][   T25] audit: type=1400 audit(1212.170:103): avc:  denied  { write } for  pid=3728 comm="syz.2.14" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1422.886381][ T3886] kvm [3886]: Failed to find VMA for hva 0x21016000
[ 1814.503783][ T4090] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1815.194092][ T4090] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1828.667324][ T4098] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1829.521243][ T4098] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1843.682513][ T4090] hsr_slave_0: entered promiscuous mode
[ 1843.724690][ T4090] hsr_slave_1: entered promiscuous mode
[ 1843.752121][ T4090] debugfs: 'hsr0' already exists in 'hsr'
[ 1843.760219][ T4090] Cannot create hsr debugfs directory
[ 1865.625017][ T4098] hsr_slave_0: entered promiscuous mode
[ 1865.714894][ T4098] hsr_slave_1: entered promiscuous mode
[ 1865.804969][ T4098] debugfs: 'hsr0' already exists in 'hsr'
[ 1865.830283][ T4098] Cannot create hsr debugfs directory
[ 1870.678291][ T4090] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1871.354477][ T4090] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1871.888200][ T4090] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1872.481679][ T4090] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1890.096387][ T4098] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1890.662243][ T4098] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1890.967594][ T4098] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1891.413196][ T4098] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1907.186852][ T4090] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1924.751768][ T4098] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1972.704671][ T4210] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1974.684829][ T4210] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1976.327324][ T4210] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1977.951322][ T4210] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2000.077990][ T4210] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2000.413293][ T4210] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2000.582069][ T4210] bond0 (unregistering): Released all slaves
[ 2003.751619][ T4210] hsr_slave_0: left promiscuous mode
[ 2003.807129][ T4210] hsr_slave_1: left promiscuous mode
[ 2004.527230][ T4210] veth1_macvtap: left promiscuous mode
[ 2004.601010][ T4210] veth0_macvtap: left promiscuous mode
[ 2004.615517][ T4210] veth1_vlan: left promiscuous mode
[ 2004.659944][ T4210] veth0_vlan: left promiscuous mode
[ 2029.043258][ T4186] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2030.773962][ T4186] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2032.617837][ T4186] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2034.243898][ T4186] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2057.908035][ T4186] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2058.784029][ T4186] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2059.287462][ T4186] bond0 (unregistering): Released all slaves
[ 2061.735048][ T4186] hsr_slave_0: left promiscuous mode
[ 2061.826993][ T4186] hsr_slave_1: left promiscuous mode
[ 2062.470483][ T4186] veth1_macvtap: left promiscuous mode
[ 2062.473851][ T4186] veth0_macvtap: left promiscuous mode
[ 2062.491828][ T4186] veth1_vlan: left promiscuous mode
[ 2062.521936][ T4186] veth0_vlan: left promiscuous mode
[ 2118.813874][ T4090] veth0_vlan: entered promiscuous mode
[ 2119.854683][ T4090] veth1_vlan: entered promiscuous mode
[ 2122.452942][ T4090] veth0_macvtap: entered promiscuous mode
[ 2122.856311][ T4090] veth1_macvtap: entered promiscuous mode
[ 2126.081025][ T3325] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2126.156962][ T3646] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2126.211854][ T4210] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2126.217648][ T4210] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2133.595032][ T4098] veth0_vlan: entered promiscuous mode
[ 2134.442288][ T4098] veth1_vlan: entered promiscuous mode
[ 2138.156679][ T4098] veth0_macvtap: entered promiscuous mode
[ 2138.855009][ T4098] veth1_macvtap: entered promiscuous mode
[ 2142.951620][ T4210] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2143.032329][ T4210] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2143.074556][ T4186] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2143.090293][ T4186] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2304.256104][ T4186] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2306.607328][ T4186] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2308.942381][ T4186] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2311.292916][ T4186] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2339.622880][ T4186] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2339.962919][ T4186] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2340.186741][ T4186] bond0 (unregistering): Released all slaves
[ 2343.564052][ T4186] hsr_slave_0: left promiscuous mode
[ 2343.754237][ T4186] hsr_slave_1: left promiscuous mode
[ 2344.456453][ T4186] veth1_macvtap: left promiscuous mode
[ 2344.530729][ T4186] veth0_macvtap: left promiscuous mode
[ 2344.563671][ T4186] veth1_vlan: left promiscuous mode
[ 2344.584240][ T4186] veth0_vlan: left promiscuous mode
[ 2399.632965][   T25] audit: type=1400 audit(2398.780:104): avc:  denied  { map } for  pid=4412 comm="syz.4.114" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2399.663716][   T25] audit: type=1400 audit(2398.850:105): avc:  denied  { execute } for  pid=4412 comm="syz.4.114" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2444.826025][ T4358] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2445.214547][ T4358] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2491.296727][ T4358] hsr_slave_0: entered promiscuous mode
[ 2491.463619][ T4358] hsr_slave_1: entered promiscuous mode
[ 2514.907149][ T4358] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 2515.458310][ T4358] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 2516.021650][ T4358] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 2516.555484][ T4358] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 2557.286555][ T4358] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2746.261512][ T4358] veth0_vlan: entered promiscuous mode
[ 2747.287250][ T4358] veth1_vlan: entered promiscuous mode
[ 2751.734155][ T4358] veth0_macvtap: entered promiscuous mode
[ 2752.707981][ T4358] veth1_macvtap: entered promiscuous mode
[ 2757.523182][ T3409] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2757.563859][ T3325] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2757.583683][ T3325] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2757.614832][ T3325] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2866.351178][   T35] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2868.593826][   T35] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2870.993974][   T35] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2872.914267][   T35] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2902.950397][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2903.695722][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2904.165836][   T35] bond0 (unregistering): Released all slaves
[ 2907.071284][   T35] hsr_slave_0: left promiscuous mode
[ 2907.172711][   T35] hsr_slave_1: left promiscuous mode
[ 2907.543827][   T35] veth1_macvtap: left promiscuous mode
[ 2907.554708][   T35] veth0_macvtap: left promiscuous mode
[ 2907.564673][   T35] veth1_vlan: left promiscuous mode
[ 2907.593678][   T35] veth0_vlan: left promiscuous mode
[ 2932.745052][   T35] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2935.120889][   T35] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2936.801915][   T35] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2938.777565][   T35] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2966.643973][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2966.921693][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2966.972668][   T35] bond0 (unregistering): Released all slaves
[ 2968.743825][   T35] hsr_slave_0: left promiscuous mode
[ 2968.810096][   T35] hsr_slave_1: left promiscuous mode
[ 2969.362155][   T35] veth1_macvtap: left promiscuous mode
[ 2969.374410][   T35] veth0_macvtap: left promiscuous mode
[ 2969.387697][   T35] veth1_vlan: left promiscuous mode
[ 2969.407407][   T35] veth0_vlan: left promiscuous mode
[ 3016.311870][ T4685] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3017.551932][ T4685] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3035.023740][ T4696] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3035.287273][ T4696] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3051.802498][ T4685] hsr_slave_0: entered promiscuous mode
[ 3051.905945][ T4685] hsr_slave_1: entered promiscuous mode
[ 3074.415759][ T4696] hsr_slave_0: entered promiscuous mode
[ 3074.564237][ T4696] hsr_slave_1: entered promiscuous mode
[ 3074.651075][ T4696] debugfs: 'hsr0' already exists in 'hsr'
[ 3074.710934][ T4696] Cannot create hsr debugfs directory
[ 3079.005794][ T4685] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 3079.607514][ T4685] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 3080.262013][ T4685] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 3080.782315][ T4685] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 3096.311547][ T4696] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 3096.813985][ T4696] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 3097.294666][ T4696] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 3097.732015][ T4696] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 3120.864748][ T4685] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3135.106532][ T4696] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3297.052324][ T4685] veth0_vlan: entered promiscuous mode
[ 3298.413360][ T4685] veth1_vlan: entered promiscuous mode
[ 3302.685065][ T4685] veth0_macvtap: entered promiscuous mode
[ 3303.565034][ T4685] veth1_macvtap: entered promiscuous mode
[ 3308.131762][ T4700] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3308.338435][ T4181] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3308.360796][ T4181] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3308.517237][ T4181] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3316.088032][ T4696] veth0_vlan: entered promiscuous mode
[ 3318.611461][ T4696] veth1_vlan: entered promiscuous mode
[ 3323.396650][ T4696] veth0_macvtap: entered promiscuous mode
[ 3324.371594][ T4696] veth1_macvtap: entered promiscuous mode
[ 3330.216444][ T4700] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3330.241994][ T4700] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3330.440934][ T4700] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3330.462357][ T4838] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3803.505770][ T4186] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3806.925938][ T4186] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3809.146541][ T4186] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3812.132194][ T4186] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3845.470295][ T4186] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3845.895450][ T4186] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3846.224004][ T4186] bond0 (unregistering): Released all slaves
[ 3849.490604][ T4186] hsr_slave_0: left promiscuous mode
[ 3849.624600][ T4186] hsr_slave_1: left promiscuous mode
[ 3850.614128][ T4186] veth1_macvtap: left promiscuous mode
[ 3850.616109][ T4186] veth0_macvtap: left promiscuous mode
[ 3850.680410][ T4186] veth1_vlan: left promiscuous mode
[ 3850.703755][ T4186] veth0_vlan: left promiscuous mode
[ 3890.753689][ T4115] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3893.205610][ T4115] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3895.264842][ T4115] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3897.282102][ T4115] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3932.705120][ T4115] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3933.302978][ T4115] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3933.484004][ T4115] bond0 (unregistering): Released all slaves
[ 3934.990476][ T5110] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3935.613037][ T5110] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3937.577934][ T4115] hsr_slave_0: left promiscuous mode
[ 3937.853282][ T4115] hsr_slave_1: left promiscuous mode
[ 3938.571907][ T4115] veth1_macvtap: left promiscuous mode
[ 3938.596055][ T4115] veth0_macvtap: left promiscuous mode
[ 3938.606438][ T4115] veth1_vlan: left promiscuous mode
[ 3938.632722][ T4115] veth0_vlan: left promiscuous mode
[ 3968.384813][ T5113] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3969.002503][ T5113] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4005.386999][ T5110] hsr_slave_0: entered promiscuous mode
[ 4005.516535][ T5110] hsr_slave_1: entered promiscuous mode
[ 4010.496198][ T5113] hsr_slave_0: entered promiscuous mode
[ 4010.606843][ T5113] hsr_slave_1: entered promiscuous mode
[ 4010.674885][ T5113] debugfs: 'hsr0' already exists in 'hsr'
[ 4010.710145][ T5113] Cannot create hsr debugfs directory
[ 4035.380633][ T5110] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 4038.223205][ T5110] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 4041.244107][ T5110] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 4044.012715][ T5110] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 4055.262407][ T5113] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 4055.750557][ T5113] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 4056.362604][ T5113] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 4056.868421][ T5113] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 4083.842594][ T5110] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4095.873270][ T5113] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4249.967276][ T5113] veth0_vlan: entered promiscuous mode
[ 4251.262715][ T5113] veth1_vlan: entered promiscuous mode
[ 4255.177879][ T5113] veth0_macvtap: entered promiscuous mode
[ 4256.105204][ T5113] veth1_macvtap: entered promiscuous mode
[ 4260.542528][ T3419] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4260.554426][ T3419] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4260.581921][ T3419] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4260.772438][ T4115] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4270.285013][ T5110] veth0_vlan: entered promiscuous mode
[ 4272.253203][ T5110] veth1_vlan: entered promiscuous mode
[ 4277.505344][ T5110] veth0_macvtap: entered promiscuous mode
[ 4278.493494][ T5110] veth1_macvtap: entered promiscuous mode
[ 4283.923483][ T5117] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4283.926541][ T5117] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4283.994767][ T5117] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4284.049819][ T5117] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4347.045318][ T5117] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4350.036906][ T5117] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4352.709983][ T5117] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4355.091794][ T5117] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4393.417622][ T5117] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4394.151374][ T5117] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4394.656215][ T5117] bond0 (unregistering): Released all slaves
[ 4398.181144][ T5117] hsr_slave_0: left promiscuous mode
[ 4398.371814][ T5117] hsr_slave_1: left promiscuous mode
[ 4399.484960][ T5117] veth1_macvtap: left promiscuous mode
[ 4399.524945][ T5117] veth0_macvtap: left promiscuous mode
[ 4399.581617][ T5117] veth1_vlan: left promiscuous mode
[ 4399.592988][ T5117] veth0_vlan: left promiscuous mode
[ 4444.677165][ T4943] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4447.071741][ T4943] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4449.546165][ T4943] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4451.704601][ T4943] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4481.571575][ T4943] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4481.782940][ T4943] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4481.917573][ T4943] bond0 (unregistering): Released all slaves
[ 4487.032001][ T4943] hsr_slave_0: left promiscuous mode
[ 4487.125837][ T4943] hsr_slave_1: left promiscuous mode
[ 4487.617901][ T4943] veth1_macvtap: left promiscuous mode
[ 4487.682891][ T4943] veth0_macvtap: left promiscuous mode
[ 4487.692322][ T4943] veth1_vlan: left promiscuous mode
[ 4487.693827][ T4943] veth0_vlan: left promiscuous mode
[ 4551.681677][ T5384] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4551.986789][ T5384] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4567.297642][ T5399] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4567.763945][ T5399] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4594.737640][ T5384] hsr_slave_0: entered promiscuous mode
[ 4594.904026][ T5384] hsr_slave_1: entered promiscuous mode
[ 4613.914215][ T5399] hsr_slave_0: entered promiscuous mode
[ 4614.044744][ T5399] hsr_slave_1: entered promiscuous mode
[ 4614.182689][ T5399] debugfs: 'hsr0' already exists in 'hsr'
[ 4614.215842][ T5399] Cannot create hsr debugfs directory
[ 4631.423942][ T5384] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 4633.922256][ T5384] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 4635.191864][ T5384] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 4637.310265][ T5384] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 4659.797353][ T5399] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 4660.724602][ T5399] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 4661.166760][ T5399] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 4661.710711][ T5399] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 4683.545086][ T5384] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4699.856727][ T5399] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4846.280496][ T5399] veth0_vlan: entered promiscuous mode
[ 4847.604763][ T5399] veth1_vlan: entered promiscuous mode
[ 4851.167267][ T5399] veth0_macvtap: entered promiscuous mode
[ 4851.881609][ T5399] veth1_macvtap: entered promiscuous mode
[ 4855.782159][ T4115] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4856.005671][ T5148] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4856.007094][ T5148] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4856.101951][ T5148] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4860.611388][ T5384] veth0_vlan: entered promiscuous mode
[ 4862.886959][ T5384] veth1_vlan: entered promiscuous mode
[ 4868.437675][ T5384] veth0_macvtap: entered promiscuous mode
[ 4869.525215][ T5384] veth1_macvtap: entered promiscuous mode
[ 4874.952048][ T3325] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4875.094833][   T35] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4875.101075][   T35] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4875.124446][   T35] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5044.498250][ T4186] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5048.127486][ T4186] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5050.605673][ T4186] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5053.391713][ T4186] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5083.587102][ T4186] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5084.676754][ T4186] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5085.367089][ T4186] bond0 (unregistering): Released all slaves
[ 5090.082156][ T4186] hsr_slave_0: left promiscuous mode
[ 5090.116512][ T4186] hsr_slave_1: left promiscuous mode
[ 5090.616735][ T4186] veth1_macvtap: left promiscuous mode
[ 5090.664835][ T4186] veth0_macvtap: left promiscuous mode
[ 5090.682860][ T4186] veth1_vlan: left promiscuous mode
[ 5090.702650][ T4186] veth0_vlan: left promiscuous mode
[ 5127.163172][ T4186] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5129.423424][ T4186] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5131.466876][ T4186] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5133.396541][ T4186] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5147.697805][ T5654] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5148.983264][ T5654] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5166.291129][ T4186] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5166.572403][ T4186] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5166.762689][ T4186] bond0 (unregistering): Released all slaves
[ 5169.369868][ T4186] hsr_slave_0: left promiscuous mode
[ 5169.470655][ T4186] hsr_slave_1: left promiscuous mode
[ 5170.352025][ T4186] veth1_macvtap: left promiscuous mode
[ 5170.381250][ T4186] veth0_macvtap: left promiscuous mode
[ 5170.410511][ T4186] veth1_vlan: left promiscuous mode
[ 5170.422185][ T4186] veth0_vlan: left promiscuous mode
[ 5207.202040][ T5661] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5207.706928][ T5661] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5227.562355][ T5654] hsr_slave_0: entered promiscuous mode
[ 5227.623551][ T5654] hsr_slave_1: entered promiscuous mode
[ 5258.888298][ T5661] hsr_slave_0: entered promiscuous mode
[ 5258.985762][ T5661] hsr_slave_1: entered promiscuous mode
[ 5259.037881][ T5661] debugfs: 'hsr0' already exists in 'hsr'
[ 5259.102733][ T5661] Cannot create hsr debugfs directory
[ 5269.744021][ T5654] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 5270.891581][ T5654] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 5272.525070][ T5654] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 5272.918176][ T5654] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 5292.086580][ T5661] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 5292.566634][ T5661] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 5293.178460][ T5661] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 5294.032520][ T5661] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 5315.424609][ T5654] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5331.377130][ T5661] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5451.123541][ T5654] veth0_vlan: entered promiscuous mode
[ 5452.261868][ T5654] veth1_vlan: entered promiscuous mode
[ 5455.374761][ T5654] veth0_macvtap: entered promiscuous mode
[ 5456.109553][ T5654] veth1_macvtap: entered promiscuous mode
[ 5459.704286][   T35] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5459.834220][ T5148] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5459.851370][ T5148] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5459.863177][ T5148] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5468.313664][ T5661] veth0_vlan: entered promiscuous mode
[ 5469.911290][ T5661] veth1_vlan: entered promiscuous mode
[ 5474.371502][ T5661] veth0_macvtap: entered promiscuous mode
[ 5475.411795][ T5661] veth1_macvtap: entered promiscuous mode
[ 5480.501920][ T5148] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5480.751888][ T5891] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5480.757731][ T5891] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5480.795383][ T5891] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5727.011671][ T5335] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5729.427095][ T5335] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5731.478177][ T5335] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5734.004163][ T5335] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5762.072217][ T5335] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5763.058107][ T5335] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5763.355959][ T5335] bond0 (unregistering): Released all slaves
[ 5766.732534][ T5335] hsr_slave_0: left promiscuous mode
[ 5766.910536][ T5335] hsr_slave_1: left promiscuous mode
[ 5767.741234][ T5335] veth1_macvtap: left promiscuous mode
[ 5767.751427][ T5335] veth0_macvtap: left promiscuous mode
[ 5767.791902][ T5335] veth1_vlan: left promiscuous mode
[ 5767.801352][ T5335] veth0_vlan: left promiscuous mode
[ 5801.055390][   T49] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5803.011376][   T49] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5804.453106][   T49] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5805.621489][   T49] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5831.241213][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5831.657380][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5831.923813][   T49] bond0 (unregistering): Released all slaves
[ 5835.082968][   T49] hsr_slave_0: left promiscuous mode
[ 5835.220514][   T49] hsr_slave_1: left promiscuous mode
[ 5835.844269][   T49] veth1_macvtap: left promiscuous mode
[ 5835.855247][   T49] veth0_macvtap: left promiscuous mode
[ 5835.875921][   T49] veth1_vlan: left promiscuous mode
[ 5835.936129][   T49] veth0_vlan: left promiscuous mode
[ 5910.993151][ T6027] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5911.783547][ T6027] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5914.280982][ T6023] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5914.584063][ T6023] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5944.416671][ T6027] hsr_slave_0: entered promiscuous mode
[ 5944.543753][ T6027] hsr_slave_1: entered promiscuous mode
[ 5948.682115][ T6023] hsr_slave_0: entered promiscuous mode
[ 5948.784677][ T6023] hsr_slave_1: entered promiscuous mode
[ 5948.886035][ T6023] debugfs: 'hsr0' already exists in 'hsr'
[ 5948.897514][ T6023] Cannot create hsr debugfs directory
[ 5983.416821][ T6027] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 5984.083599][ T6027] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 5984.503179][ T6027] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 5985.443227][ T6027] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 5989.613977][ T6023] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 5990.041105][ T6023] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 5990.598158][ T6023] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 5991.066735][ T6023] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 6019.197686][ T6027] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6024.007481][ T6023] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6157.864059][ T6027] veth0_vlan: entered promiscuous mode
[ 6158.737299][ T6027] veth1_vlan: entered promiscuous mode
[ 6162.064704][ T6023] veth0_vlan: entered promiscuous mode
[ 6163.713004][ T6023] veth1_vlan: entered promiscuous mode
[ 6163.906239][ T6027] veth0_macvtap: entered promiscuous mode
[ 6164.752351][ T6027] veth1_macvtap: entered promiscuous mode
[ 6168.673310][ T6023] veth0_macvtap: entered promiscuous mode
[ 6169.054215][   T35] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 6169.230878][   T35] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 6169.235743][   T35] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 6169.253441][   T35] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 6169.923836][ T6023] veth1_macvtap: entered promiscuous mode
[ 6174.671244][ T4115] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 6174.672320][ T4115] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 6174.695811][ T4115] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 6174.713441][ T4115] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 6329.454137][   T49] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6332.021026][   T49] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6334.087304][   T49] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6336.186321][   T49] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6361.471281][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 6361.909754][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 6362.348247][   T49] bond0 (unregistering): Released all slaves
[ 6365.072282][   T49] hsr_slave_0: left promiscuous mode
[ 6365.164363][   T49] hsr_slave_1: left promiscuous mode
[ 6366.003760][   T49] veth1_macvtap: left promiscuous mode
[ 6366.014772][   T49] veth0_macvtap: left promiscuous mode
[ 6366.017035][   T49] veth1_vlan: left promiscuous mode
[ 6366.019220][   T49] veth0_vlan: left promiscuous mode
[ 6398.606109][   T49] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6400.349944][   T49] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6402.294271][   T49] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6403.987573][   T49] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6423.541429][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 6423.702614][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 6423.825507][   T49] bond0 (unregistering): Released all slaves
[ 6426.280901][   T49] hsr_slave_0: left promiscuous mode
[ 6426.800716][   T49] hsr_slave_1: left promiscuous mode
[ 6428.021041][   T49] veth1_macvtap: left promiscuous mode
[ 6428.024385][   T49] veth0_macvtap: left promiscuous mode
[ 6428.054546][   T49] veth1_vlan: left promiscuous mode
[ 6428.087561][   T49] veth0_vlan: left promiscuous mode
[ 6452.395692][ T6335] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6453.264296][ T6335] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6466.633560][ T6348] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6467.368301][ T6348] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6480.527182][ T6335] hsr_slave_0: entered promiscuous mode
[ 6480.575216][ T6335] hsr_slave_1: entered promiscuous mode
[ 6504.116043][ T6348] hsr_slave_0: entered promiscuous mode
[ 6504.214647][ T6348] hsr_slave_1: entered promiscuous mode
[ 6504.292029][ T6348] debugfs: 'hsr0' already exists in 'hsr'
[ 6504.302837][ T6348] Cannot create hsr debugfs directory
[ 6513.521561][ T6335] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 6514.370997][ T6335] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 6514.956555][ T6335] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 6515.532122][ T6335] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 6532.727447][ T6348] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 6533.128286][ T6348] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 6533.406926][ T6348] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 6533.853815][ T6348] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 6546.895737][ T6335] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6563.802482][ T6348] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6679.138275][ T6335] veth0_vlan: entered promiscuous mode
[ 6680.255453][ T6335] veth1_vlan: entered promiscuous mode
[ 6683.852764][ T6335] veth0_macvtap: entered promiscuous mode
[ 6684.414488][ T6335] veth1_macvtap: entered promiscuous mode
[ 6688.037825][ T5335] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 6688.071530][ T5335] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 6688.151579][ T5335] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 6688.180652][ T5335] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 6700.396808][ T6348] veth0_vlan: entered promiscuous mode
[ 6702.051184][ T6348] veth1_vlan: entered promiscuous mode
[ 6705.965605][ T6348] veth0_macvtap: entered promiscuous mode
[ 6706.512820][ T6348] veth1_macvtap: entered promiscuous mode
[ 6710.651078][ T5579] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 6710.652356][ T5579] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 6710.801708][ T5579] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 6710.811323][ T5579] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 7060.533952][ T6806] kvm [6806]: Failed to find VMA for hva 0x21016000
[ 7390.358407][   T25] audit: type=1400 audit(7389.560:106): avc:  denied  { map } for  pid=6991 comm="syz.4.285" path="pipe:[24065]" dev="pipefs" ino=24065 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 7487.117326][ T3325] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7488.863941][ T3325] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7490.740584][ T3325] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7492.258184][ T3325] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7515.034985][ T3325] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 7515.311716][ T3325] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 7515.491928][ T3325] bond0 (unregistering): Released all slaves
[ 7519.931429][ T3325] hsr_slave_0: left promiscuous mode
[ 7520.330635][ T3325] hsr_slave_1: left promiscuous mode
[ 7521.343304][ T3325] veth1_macvtap: left promiscuous mode
[ 7521.353947][ T3325] veth0_macvtap: left promiscuous mode
[ 7521.356152][ T3325] veth1_vlan: left promiscuous mode
[ 7521.357665][ T3325] veth0_vlan: left promiscuous mode
[ 7555.413966][ T3325] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7557.065101][ T3325] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7558.746118][ T3325] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7559.947807][ T3325] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7581.531855][ T3325] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 7581.878230][ T3325] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 7582.046222][ T3325] bond0 (unregistering): Released all slaves
[ 7585.797589][ T3325] hsr_slave_0: left promiscuous mode
[ 7585.892858][ T3325] hsr_slave_1: left promiscuous mode
[ 7586.540504][ T3325] veth1_macvtap: left promiscuous mode
[ 7586.541783][ T3325] veth0_macvtap: left promiscuous mode
[ 7586.564981][ T3325] veth1_vlan: left promiscuous mode
[ 7586.593369][ T3325] veth0_vlan: left promiscuous mode
[ 7652.078089][ T7038] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7652.303651][ T7042] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7652.487520][ T7042] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7652.608112][ T7038] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7679.788266][ T7038] hsr_slave_0: entered promiscuous mode
[ 7679.872626][ T7038] hsr_slave_1: entered promiscuous mode
[ 7682.028038][ T7042] hsr_slave_0: entered promiscuous mode
[ 7682.134829][ T7042] hsr_slave_1: entered promiscuous mode
[ 7682.220792][ T7042] debugfs: 'hsr0' already exists in 'hsr'
[ 7682.239902][ T7042] Cannot create hsr debugfs directory
[ 7712.704563][ T7038] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 7713.188199][ T7038] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 7713.433571][ T7038] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 7713.732550][ T7038] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 7718.227092][ T7042] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 7718.568467][ T7042] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 7719.050750][ T7042] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 7719.337825][ T7042] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 7738.247109][ T7038] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7743.917909][ T7042] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7842.576393][ T7042] veth0_vlan: entered promiscuous mode
[ 7843.374927][ T7042] veth1_vlan: entered promiscuous mode
[ 7846.012860][ T7042] veth0_macvtap: entered promiscuous mode
[ 7846.401571][ T7042] veth1_macvtap: entered promiscuous mode
[ 7849.267130][ T7053] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 7849.312859][ T7053] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 7849.347414][ T7053] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 7849.350239][ T7053] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 7858.747704][ T7038] veth0_vlan: entered promiscuous mode
[ 7859.795221][ T7038] veth1_vlan: entered promiscuous mode
[ 7863.213104][ T7038] veth0_macvtap: entered promiscuous mode
[ 7863.635520][ T7038] veth1_macvtap: entered promiscuous mode
[ 7867.092236][ T5117] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 7867.100969][ T5117] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 7867.124964][ T4186] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 7867.236988][ T4186] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8003.744798][ T7314] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8004.224729][ T7314] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8037.495433][ T7328] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8037.931781][ T7328] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8046.171552][ T7314] hsr_slave_0: entered promiscuous mode
[ 8046.267532][ T7314] hsr_slave_1: entered promiscuous mode
[ 8046.393426][ T7314] debugfs: 'hsr0' already exists in 'hsr'
[ 8046.462569][ T7314] Cannot create hsr debugfs directory
[ 8086.423977][ T7314] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 8088.140923][ T7314] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 8089.226799][ T7328] hsr_slave_0: entered promiscuous mode
[ 8089.385465][ T7328] hsr_slave_1: entered promiscuous mode
[ 8089.494009][ T7328] debugfs: 'hsr0' already exists in 'hsr'
[ 8089.542200][ T7328] Cannot create hsr debugfs directory
[ 8089.583494][ T7314] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 8090.264516][ T7314] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 8130.923831][ T7328] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 8131.463907][ T7328] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 8132.174388][ T7328] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 8132.977506][ T7328] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 8140.436944][ T7314] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8178.983930][ T7328] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8255.691682][ T5335] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8257.816404][ T5335] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8259.786621][ T5335] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8261.964541][ T5335] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8289.114220][ T5335] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 8289.468394][ T5335] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 8289.721697][ T5335] bond0 (unregistering): Released all slaves
[ 8294.936877][ T5335] hsr_slave_0: left promiscuous mode
[ 8295.242066][ T5335] hsr_slave_1: left promiscuous mode
[ 8296.371522][ T5335] veth1_macvtap: left promiscuous mode
[ 8296.375524][ T5335] veth0_macvtap: left promiscuous mode
[ 8296.399386][ T5335] veth1_vlan: left promiscuous mode
[ 8296.463807][ T5335] veth0_vlan: left promiscuous mode
[ 8336.794579][ T7497] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8338.284840][ T7497] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8340.145279][ T7497] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8341.584384][ T7497] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8367.210618][ T7497] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 8367.710775][ T7497] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 8367.973817][ T7497] bond0 (unregistering): Released all slaves
[ 8370.313114][ T7497] hsr_slave_0: left promiscuous mode
[ 8370.392042][ T7497] hsr_slave_1: left promiscuous mode
[ 8370.961797][ T7497] veth1_macvtap: left promiscuous mode
[ 8370.990922][ T7497] veth0_macvtap: left promiscuous mode
[ 8371.012957][ T7497] veth1_vlan: left promiscuous mode
[ 8371.040539][ T7497] veth0_vlan: left promiscuous mode
[ 8421.731324][ T7314] veth0_vlan: entered promiscuous mode
[ 8422.832229][ T7328] veth0_vlan: entered promiscuous mode
[ 8423.776884][ T7314] veth1_vlan: entered promiscuous mode
[ 8424.653183][ T7328] veth1_vlan: entered promiscuous mode
[ 8429.144066][ T7314] veth0_macvtap: entered promiscuous mode
[ 8430.092597][ T7328] veth0_macvtap: entered promiscuous mode
[ 8430.625878][ T7314] veth1_macvtap: entered promiscuous mode
[ 8431.152538][ T7328] veth1_macvtap: entered promiscuous mode
[ 8436.024788][ T7497] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8436.043498][ T7497] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8436.093543][ T7427] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8436.120060][ T7445] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8437.176425][ T5335] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8437.183635][ T5335] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8437.364284][ T5335] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8437.380686][ T5335] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8708.442270][ T5148] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8710.723813][ T5148] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8712.583849][ T5148] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8714.637198][ T5148] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8736.835996][ T5148] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 8736.962138][ T5148] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 8737.036686][ T5148] bond0 (unregistering): Released all slaves
[ 8738.998062][ T5148] hsr_slave_0: left promiscuous mode
[ 8739.080550][ T5148] hsr_slave_1: left promiscuous mode
[ 8739.850220][ T5148] veth1_macvtap: left promiscuous mode
[ 8739.853604][ T5148] veth0_macvtap: left promiscuous mode
[ 8739.892532][ T5148] veth1_vlan: left promiscuous mode
[ 8739.930878][ T5148] veth0_vlan: left promiscuous mode
[ 8760.864350][ T5148] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8762.363678][ T5148] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8764.844894][ T5148] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8766.316733][ T5148] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8785.846186][ T5148] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 8786.013326][ T5148] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 8786.131498][ T5148] bond0 (unregistering): Released all slaves
[ 8789.381893][ T5148] hsr_slave_0: left promiscuous mode
[ 8789.712308][ T5148] hsr_slave_1: left promiscuous mode
[ 8790.560161][ T5148] veth1_macvtap: left promiscuous mode
[ 8790.561547][ T5148] veth0_macvtap: left promiscuous mode
[ 8790.564702][ T5148] veth1_vlan: left promiscuous mode
[ 8790.566111][ T5148] veth0_vlan: left promiscuous mode
[ 8819.191038][ T7708] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8819.926390][ T7708] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8820.696020][ T7716] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8821.522284][ T7716] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8848.416659][ T7708] hsr_slave_0: entered promiscuous mode
[ 8848.515138][ T7708] hsr_slave_1: entered promiscuous mode
[ 8851.396172][ T7716] hsr_slave_0: entered promiscuous mode
[ 8851.523836][ T7716] hsr_slave_1: entered promiscuous mode
[ 8851.613226][ T7716] debugfs: 'hsr0' already exists in 'hsr'
[ 8851.614189][ T7716] Cannot create hsr debugfs directory
[ 8873.248048][ T7708] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 8873.667080][ T7708] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 8874.011754][ T7708] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 8874.371153][ T7708] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 8877.724958][ T7716] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 8878.210554][ T7716] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 8878.614415][ T7716] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 8879.057848][ T7716] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 8898.962098][ T7708] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8904.792742][ T7716] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8990.042211][ T7708] veth0_vlan: entered promiscuous mode
[ 8990.673076][ T7708] veth1_vlan: entered promiscuous mode
[ 8993.216300][ T7708] veth0_macvtap: entered promiscuous mode
[ 8993.774189][ T7708] veth1_macvtap: entered promiscuous mode
[ 8995.846896][ T7716] veth0_vlan: entered promiscuous mode
[ 8997.391714][ T7716] veth1_vlan: entered promiscuous mode
[ 8997.809583][ T7053] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8997.813402][ T7053] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8997.851680][ T7497] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8997.856258][ T7497] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 9001.621714][ T7716] veth0_macvtap: entered promiscuous mode
[ 9002.084137][ T7716] veth1_macvtap: entered promiscuous mode
[ 9005.331654][ T7497] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 9005.342631][ T7497] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 9005.386214][ T7497] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 9005.406859][ T7497] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 9516.822221][ T8201] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 9517.372278][ T8201] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 9525.373787][ T7497] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9526.285009][ T8204] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 9527.042427][ T7497] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9527.776067][ T8204] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 9530.238192][ T7497] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9531.472855][ T7497] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9547.836041][ T7497] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 9547.956874][ T7497] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 9548.014820][ T7497] bond0 (unregistering): Released all slaves
[ 9549.906201][ T7497] hsr_slave_0: left promiscuous mode
[ 9549.983476][ T7497] hsr_slave_1: left promiscuous mode
[ 9550.722205][ T7497] veth1_macvtap: left promiscuous mode
[ 9550.725793][ T7497] veth0_macvtap: left promiscuous mode
[ 9550.743591][ T7497] veth1_vlan: left promiscuous mode
[ 9550.774027][ T7497] veth0_vlan: left promiscuous mode
[ 9581.816149][ T7497] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9583.287004][ T7497] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9584.755492][ T7497] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9586.106874][ T7497] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9603.373602][ T7497] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 9603.507665][ T7497] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 9603.611659][ T7497] bond0 (unregistering): Released all slaves
[ 9604.801830][ T7497] hsr_slave_0: left promiscuous mode
[ 9604.850773][ T7497] hsr_slave_1: left promiscuous mode
[ 9605.393580][ T7497] veth1_macvtap: left promiscuous mode
[ 9605.420212][ T7497] veth0_macvtap: left promiscuous mode
[ 9605.432811][ T7497] veth1_vlan: left promiscuous mode
[ 9605.457561][ T7497] veth0_vlan: left promiscuous mode
[ 9632.146260][ T8201] hsr_slave_0: entered promiscuous mode
[ 9632.226068][ T8201] hsr_slave_1: entered promiscuous mode
[ 9633.576321][ T8204] hsr_slave_0: entered promiscuous mode
[ 9633.615504][ T8204] hsr_slave_1: entered promiscuous mode
[ 9633.663396][ T8204] debugfs: 'hsr0' already exists in 'hsr'
[ 9633.689829][ T8204] Cannot create hsr debugfs directory
[ 9658.345490][ T8201] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 9658.954665][ T8201] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 9659.453749][ T8201] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 9660.252296][ T8201] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 9664.572637][ T8204] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 9665.112057][ T8204] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 9665.562776][ T8204] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 9665.978401][ T8204] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 9691.413320][ T8201] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9697.513289][ T8204] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9824.364006][ T8201] veth0_vlan: entered promiscuous mode
[ 9825.476574][ T8201] veth1_vlan: entered promiscuous mode
[ 9828.572056][ T8201] veth0_macvtap: entered promiscuous mode
[ 9829.726712][ T8201] veth1_macvtap: entered promiscuous mode
[ 9831.592385][ T8204] veth0_vlan: entered promiscuous mode
[ 9833.331323][ T8204] veth1_vlan: entered promiscuous mode
[ 9834.733834][ T7445] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 9834.738017][ T7445] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 9834.777469][ T7445] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 9835.012028][ T7445] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 9838.695457][ T8204] veth0_macvtap: entered promiscuous mode
[ 9839.525005][ T8204] veth1_macvtap: entered promiscuous mode
[ 9843.211247][ T7445] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 9843.231862][ T7445] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 9843.271447][ T7445] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 9843.293097][ T7445] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 9926.001208][ T3325] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9929.137718][ T3325] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9930.804047][ T3325] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9932.727019][ T3325] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9954.184862][ T3325] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 9954.287944][ T3325] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 9954.454737][ T3325] bond0 (unregistering): Released all slaves
[ 9957.052131][ T3325] hsr_slave_0: left promiscuous mode
[ 9957.330523][ T3325] hsr_slave_1: left promiscuous mode
[ 9958.130936][ T3325] veth1_macvtap: left promiscuous mode
[ 9958.132264][ T3325] veth0_macvtap: left promiscuous mode
[ 9958.135421][ T3325] veth1_vlan: left promiscuous mode
[ 9958.136890][ T3325] veth0_vlan: left promiscuous mode
[ 9980.872877][ T4186] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9982.587631][ T4186] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9984.160196][ T4186] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9985.751231][ T4186] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[10005.906598][ T4186] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[10006.008314][ T4186] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[10006.094290][ T4186] bond0 (unregistering): Released all slaves
[10007.264936][ T4186] hsr_slave_0: left promiscuous mode
[10007.302359][ T4186] hsr_slave_1: left promiscuous mode
[10007.689189][ T4186] veth1_macvtap: left promiscuous mode
[10007.723756][ T4186] veth0_macvtap: left promiscuous mode
[10007.732807][ T4186] veth1_vlan: left promiscuous mode
[10007.757637][ T4186] veth0_vlan: left promiscuous mode
[10054.573399][ T8508] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[10054.914482][ T8508] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[10059.680637][ T8511] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[10059.981771][ T8511] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[10081.657825][ T8508] hsr_slave_0: entered promiscuous mode
[10081.766180][ T8508] hsr_slave_1: entered promiscuous mode
[10086.098427][ T8511] hsr_slave_0: entered promiscuous mode
[10086.173623][ T8511] hsr_slave_1: entered promiscuous mode
[10086.221380][ T8511] debugfs: 'hsr0' already exists in 'hsr'
[10086.230255][ T8511] Cannot create hsr debugfs directory
[10111.692045][ T8508] netdevsim netdevsim4 netdevsim0: renamed from eth0
[10112.273693][ T8508] netdevsim netdevsim4 netdevsim1: renamed from eth1
[10112.651276][ T8508] netdevsim netdevsim4 netdevsim2: renamed from eth2
[10113.007546][ T8508] netdevsim netdevsim4 netdevsim3: renamed from eth3
[10118.191931][ T8511] netdevsim netdevsim8 netdevsim0: renamed from eth0
[10118.596846][ T8511] netdevsim netdevsim8 netdevsim1: renamed from eth1
[10119.066728][ T8511] netdevsim netdevsim8 netdevsim2: renamed from eth2
[10119.444622][ T8511] netdevsim netdevsim8 netdevsim3: renamed from eth3
[10138.705518][ T8508] 8021q: adding VLAN 0 to HW filter on device bond0
[10142.856570][ T8511] 8021q: adding VLAN 0 to HW filter on device bond0
[10248.572814][ T8508] veth0_vlan: entered promiscuous mode
[10249.231929][ T8508] veth1_vlan: entered promiscuous mode
[10251.938226][ T8508] veth0_macvtap: entered promiscuous mode
[10252.752230][ T8508] veth1_macvtap: entered promiscuous mode
[10253.823948][ T8511] veth0_vlan: entered promiscuous mode
[10255.147708][ T8511] veth1_vlan: entered promiscuous mode
[10256.796358][ T5579] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[10256.802632][ T5579] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[10256.930428][ T5579] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[10256.932102][ T5579] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[10260.071831][ T8511] veth0_macvtap: entered promiscuous mode
[10260.672066][ T8511] veth1_macvtap: entered promiscuous mode
[10263.706589][ T5891] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[10263.712991][ T5891] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[10263.761253][ T5891] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[10263.770460][ T5891] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[10485.043593][ T8824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[10485.513990][ T8824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[10490.263251][ T8827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[10490.618019][ T8827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[10528.343301][ T8824] hsr_slave_0: entered promiscuous mode
[10528.415312][ T8824] hsr_slave_1: entered promiscuous mode
[10528.520549][ T8824] debugfs: 'hsr0' already exists in 'hsr'
[10528.544978][ T8824] Cannot create hsr debugfs directory
[10532.891128][ T8827] hsr_slave_0: entered promiscuous mode
[10532.967857][ T8827] hsr_slave_1: entered promiscuous mode
[10533.102894][ T8827] debugfs: 'hsr0' already exists in 'hsr'
[10533.130098][ T8827] Cannot create hsr debugfs directory
[10573.194600][ T8824] netdevsim netdevsim1 netdevsim0: renamed from eth0
[10574.254187][ T8824] netdevsim netdevsim1 netdevsim1: renamed from eth1
[10575.101760][ T8824] netdevsim netdevsim1 netdevsim2: renamed from eth2
[10576.865000][ T8824] netdevsim netdevsim1 netdevsim3: renamed from eth3
[10583.870675][ T8827] netdevsim netdevsim7 netdevsim0: renamed from eth0
[10584.423578][ T8827] netdevsim netdevsim7 netdevsim1: renamed from eth1
[10584.975715][ T8827] netdevsim netdevsim7 netdevsim2: renamed from eth2
[10585.562409][ T8827] netdevsim netdevsim7 netdevsim3: renamed from eth3
[10625.281361][ T8824] 8021q: adding VLAN 0 to HW filter on device bond0
[10631.523729][ T8827] 8021q: adding VLAN 0 to HW filter on device bond0
[10782.053195][ T8824] veth0_vlan: entered promiscuous mode
[10783.291762][ T8824] veth1_vlan: entered promiscuous mode
[10784.623162][   T27] INFO: task syz.8.372:8802 blocked for more than 430 seconds.
[10784.643017][   T27]       Not tainted syzkaller #0
[10784.693456][   T27]       Blocked by coredump.
[10784.710259][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[10784.710927][   T27] task:syz.8.372       state:D stack:0     pid:8802  tgid:8796  ppid:8511   task_flags:0x40054c flags:0x00000019
[10784.712407][   T27] Call trace:
[10784.712900][   T27]  __switch_to+0x584/0xb20 (T)
[10784.714927][   T27]  __schedule+0x1eec/0x33a4
[10784.715513][   T27]  schedule+0xac/0x27c
[10784.715994][   T27]  schedule_timeout+0x5c/0x1e4
[10784.716410][   T27]  do_wait_for_common+0x28c/0x444
[10784.716897][   T27]  wait_for_completion+0x44/0x5c
[10784.717370][   T27]  __synchronize_srcu+0x2a4/0x320
[10784.717835][   T27]  synchronize_srcu+0x3cc/0x4f0
[10784.718267][   T27]  __mmu_notifier_release+0x424/0x614
[10784.861774][   T27]  exit_mmap+0xb8/0xbb8
[10784.862365][   T27]  __mmput+0x10c/0x528
[10784.862878][   T27]  mmput+0x70/0xac
[10784.863397][   T27]  exit_mm+0x158/0x258
[10784.863857][   T27]  do_exit+0x788/0x2378
[10784.864289][   T27]  do_group_exit+0x1d4/0x2ac
[10784.864765][   T27]  get_signal+0x1440/0x1554
[10784.865220][   T27]  do_signal+0x180/0x4dd0
[10784.865736][   T27]  do_notify_resume+0xb0/0x270
[10784.866169][   T27]  el0_da+0xc4/0x148
[10784.866607][   T27]  el0t_64_sync_handler+0x90/0x12c
[10784.867067][   T27]  el0t_64_sync+0x198/0x19c
SYZFAIL: failed to recv rpc
[10784.979872][   T27] 
[10784.979872][   T27] Showing all locks held in the system:
[10784.994748][   T27] 1 lock held by khungtaskd/27:
[10785.001739][   T27]  #0: ffff800087806858 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[10785.004653][   T27] 2 locks held by getty/3178:
[10785.005048][   T27]  #0: c1f0000011d0a8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[10785.006712][   T27]  #1: 56ff80008c54b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8
[10785.008425][   T27] 3 locks held by kworker/u4:8/7445:
[10785.121559][   T27] 3 locks held by kworker/u4:1/8222:
[10785.121993][   T27] 3 locks held by kworker/u4:2/8258:
[10785.122291][   T27] 3 locks held by kworker/u4:3/8298:
[10785.122608][   T27]  #0: 31f0000011af0d48 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[10785.124432][   T27]  #1: ffff80008e7a7c78 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[10785.126051][   T27]  #2: ffff800087b17900 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x20/0x2c
[10785.127763][   T27] 2 locks held by syz.4.371/8795:
[10785.128086][   T27] 2 locks held by syz-executor/8824:
[10785.128414][   T27] 1 lock held by syz-executor/8827:
[10785.233532][   T27]  #0: ffff800087b17900 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x80c/0x1878
[10785.235471][   T27] 3 locks held by kworker/u4:5/8938:
[10785.235830][   T27] 3 locks held by kworker/u4:9/8952:
[10785.236137][   T27] 1 lock held by rm/9043:
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[10785.301669][   T27] 
[10785.304047][   T27] =============================================
[10785.304047][   T27] 
[10785.304938][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[10785.310136][   T27] CPU: 0 UID: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT 
[10785.311790][   T27] Hardware name: linux,dummy-virt (DT)
[10785.312794][   T27] Call trace:
[10785.313614][   T27]  show_stack+0x2c/0x3c (C)
[10785.314696][   T27]  __dump_stack+0x30/0x40
[10785.315632][   T27]  dump_stack_lvl+0x30/0x12c
[10785.316545][   T27]  dump_stack+0x1c/0x28
[10785.317458][   T27]  vpanic+0x22c/0x59c
[10785.318302][   T27]  vpanic+0x0/0x59c
[10785.319169][   T27]  hung_task_panic+0x0/0x2c
[10785.320128][   T27]  kthread+0x794/0x9a0
[10785.321047][   T27]  ret_from_fork+0x10/0x20
[10785.322945][   T27] Kernel Offset: disabled
[10785.323655][   T27] CPU features: 0x000000,0001a300,5f7c67c1,057ffe1f
[10785.324875][   T27] Memory Limit: none
[10785.327176][   T27] Rebooting in 86400 seconds..

VM DIAGNOSIS:
15:45:48  Registers:
info registers vcpu 0

CPU#0
 PC=ffff80008039fc38 X00=ffff8000871c3b66 X01=0000000000000004
X02=0000000000000001 X03=ffff80008045d46c X04=0000000000000001
X05=0000000000000001 X06=0000000000000000 X07=ffff80008039fbc8
X08=03f000000d849d80 X09=ffff80008c577b40 X10=0000000000ff0100
X11=0000000000000001 X12=0000000000000002 X13=0000000000000028
X14=ffffffffffffffff X15=0000000000000171 X16=0000000000000066
X17=00000000010a6ebd X18=00000000000aae60 X19=ffff80008c577ba0
X20=ffff80008c577b28 X21=03f000000d849d80 X22=03f000000d849d88
X23=0000000000000003 X24=ffff8000800e8e40 X25=ffff80008c577a68
X26=ffff8000876e1560 X27=00000000000000ff X28=03f000000d849d88
X29=ffff80008c5779d0 X30=ffff80008656cb14  SP=ffff80008c5779d0
PSTATE=614020c9 -ZC- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=2525252525252525:2525252525252525 Z01=6572207265767265:730073250a0d0a0d
Z02=742065726f6d2072:6f662064656b636f Z03=0000000000000000:00ff00ff00000000
Z04=0000000000000000:000000000f0f0000 Z05=726f6d20726f6620:64656b636f6c6220
Z06=203a29315f657661:6c735f646e6f6220 Z07=206e612073612067:6e6976616c736e45
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000ffffc044ffe0:0000ffffc044ffe0 Z17=ffffff80ffffffd8:0000ffffc044ffb0
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000