last executing test programs:

51m41.986117165s ago: executing program 1 (id=127):
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r4=>0xffffffffffffffff, 0x1})
r5 = ioctl$KVM_CREATE_VM(r4, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xb702, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r6=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r6, 0x400454d0, 0x7ffffffd)

51m41.352929343s ago: executing program 0 (id=128):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013df19, 0x8003}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f00000000c0)=@arm64_core={0x6030000000100040, &(0x7f0000000000)=0x8})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce4, 0x7}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0xc3033, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
r14 = ioctl$KVM_GET_STATS_FD_cpu(r4, 0xaece)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, r13, 0xc, 0x10, r14, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r6, 0x4018aee2, &(0x7f0000000240)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000280)=0xb16d})
syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000bfd000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000b80)={0x0, &(0x7f0000000100)=[@mrs={0xbe, 0x18, {0x603000000013a12e}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r15, 0xae80, 0x0)

51m35.043201643s ago: executing program 1 (id=129):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4020ae46, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000010000000000000008"])
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000000)={0x5, 0x3, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r7 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r9, r10, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r10, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c000})
r11 = syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000200)=@attr_other={0x0, 0x1, 0xc, &(0x7f00000001c0)=0x2})
write$eventfd(r2, &(0x7f00000001c0)=0xfffffffffffffff5, 0x8)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r13, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000bc2000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r13, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000180)={0xf})

51m21.693405112s ago: executing program 0 (id=130):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r3})
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r5, 0x4068aea3, &(0x7f00000000c0)={0xc0, 0x0, 0x8000})
r6 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x29)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r9, 0x2, 0x12, r8, 0x0)
r10 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, r9, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000a1e000/0x400000)=nil)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000240)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
r11 = syz_kvm_add_vcpu$arm64(r0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
munmap(&(0x7f0000d8c000/0x2000)=nil, 0x2000)

51m21.262299712s ago: executing program 1 (id=131):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
r4 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r3, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) (async)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x15)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0) (async)
r6 = eventfd2(0xd, 0x1)
ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000000000)={0x400, 0x8}) (async)
close(r6)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
write$eventfd(r6, 0x0, 0x500)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) (async)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x29)

51m13.734746366s ago: executing program 1 (id=132):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x4001, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x1)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x18)
ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000440)={0x201, 0x1c0, 0x1c0, &(0x7f0000000040)=[0x7fffffff, 0xcb0a, 0xffc00000000000, 0xa12c, 0xb2, 0x7, 0x1, 0x100000001, 0xd, 0x4, 0x1, 0xbc22, 0x8, 0xf, 0x1, 0xfffffffffffffffa, 0x1, 0x7, 0x400, 0x8, 0x7fff, 0xd1, 0x7f, 0x1ff, 0x6, 0x800, 0x3, 0x3, 0x3, 0x5, 0xffffffffffff0000, 0x4f77, 0x9, 0x5, 0xffffffff, 0x3ff, 0x1, 0x2, 0xe, 0x100000000, 0x8000000000000, 0x4, 0x41, 0x7fff, 0xa4, 0xfffffffffffffff8, 0x6da2, 0x7, 0xffff, 0x6, 0x9, 0x2, 0x40, 0x7, 0x5, 0x8, 0xfffffffffffffffb, 0x4, 0xe, 0x401, 0x2, 0x8424, 0x5, 0xff, 0x5, 0x6, 0x8001, 0x893, 0x1, 0x9, 0xfffffffffffffffb, 0x81, 0x4, 0x7, 0x7f, 0x6, 0x0, 0x1000, 0xa321, 0xfffffffffffffffb, 0x7f, 0x6, 0x0, 0x0, 0x1, 0x4, 0x82, 0x0, 0x4, 0x1, 0x3, 0x3, 0x3, 0x4, 0x8, 0xddca, 0x100000000, 0x6, 0x2, 0x9, 0x6, 0x5, 0x45baab2c, 0xe, 0xf, 0x5, 0x1fe, 0x7d6, 0x1, 0x1, 0x0, 0x6, 0x0, 0x9, 0x0, 0x0, 0x5, 0xcb, 0x9, 0x90c, 0x24, 0x0, 0x3, 0x4, 0x100000001, 0x8001, 0x0, 0xa7c1]})
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000008c0)={0x0, &(0x7f0000000480)=[@svc={0x122, 0x40, {0x80, [0x10001, 0x9, 0xa2e, 0x8, 0xfffffffffffffeff]}}, @hvc={0x32, 0x40, {0x8, [0x81, 0x7, 0x0, 0x4, 0xfffffffffffff0bb]}}, @smc={0x1e, 0x40, {0x86000000, [0xffffffffffffffff, 0x5, 0x2, 0x2, 0xd]}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x375}}, @uexit={0x0, 0x18, 0xab}, @eret={0xe6, 0x18, 0x9}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x80, 0xffffffff00000000, 0x6}}, @memwrite={0x6e, 0x30, @generic={0x2, 0x7ef, 0xffffffffffffff80, 0x8}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x171}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x155}}, @smc={0x1e, 0x40, {0x3000000, [0x9, 0x8, 0x200, 0x0, 0xcdb]}}, @uexit={0x0, 0x18, 0xb9}, @memwrite={0x6e, 0x30, @generic={0xeeee8000, 0x2e5, 0x9, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x3, 0x0, 0x9, 0x0, 0x1}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe4, 0x2, 0x4}}, @hvc={0x32, 0x40, {0x80000000, [0xe912, 0x9, 0x0, 0x2, 0x3]}}, @mrs={0xbe, 0x18, {0x603000000013c523}}, @svc={0x122, 0x40, {0xc4000007, [0x7, 0x7, 0xf, 0x9, 0x6]}}, @eret={0xe6, 0x18, 0x5}, @irq_setup={0x46, 0x18, {0x4, 0x72}}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x253}}, @mrs={0xbe, 0x18, {0x603000000013da10}}, @mrs={0xbe, 0x18, {0x603000000013df74}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0xc00, 0x6, 0xb}}, @eret={0xe6, 0x18, 0x5}, @memwrite={0x6e, 0x30, @generic={0x3000, 0xdcd, 0x0, 0x1}}], 0x440}, &(0x7f0000000900)=[@featur2={0x1, 0xa2594063dd84c236}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000980)=@attr_other={0x0, 0x1, 0x4, &(0x7f0000000940)=0x3})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x36)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3f)
mmap$KVM_VCPU(&(0x7f0000fff000/0x1000)=nil, r2, 0x2000005, 0x810, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r4, 0x4010ae42, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil})
ioctl$KVM_SET_SIGNAL_MASK(r3, 0x4004ae8b, &(0x7f0000000a00)={0x75, "3b18ce40dac4a3cb813ba1670a3650574c883862817d03f78447157cae27caee7a31652a1607ee237276795dfffc0dce89f2d475593f7c4c2712e49d5228c227549196d88f8e9d57fe1ada21ddfb891aee12838db92dd9ce53963f909c2c70fe8d1f32bec3c196a91e38c47966760849b7041923e4"})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000a80)={0x1fd, 0x0, 0xdddd1000, 0x1000, &(0x7f0000fff000/0x1000)=nil})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x8040ae9f, &(0x7f0000000ac0)=@arm64)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000b00)={0x2, 0x21})
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x76)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000b40), 0x58001, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r5, 0x4018aee3, &(0x7f0000000bc0)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000b80)})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000c00)=@attr_pmu_init)
ioctl$KVM_CAP_PTP_KVM(r1, 0x4068aea3, &(0x7f0000000c40))
ioctl$KVM_INTERRUPT(r3, 0x4004ae86, &(0x7f0000000cc0)=0x400)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000d00), 0x100, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2a)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000d40), 0x181100, 0x0)
ioctl$KVM_GET_STATS_FD_vm(r4, 0xaece)
ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f0000000dc0)=@attr_other={0x0, 0x101, 0x0, &(0x7f0000000d80)=0x8001})
ioctl$KVM_SET_SIGNAL_MASK(r3, 0x4004ae8b, &(0x7f0000000e00)={0x52, "795bfaf2a14f3bda88c64ef373c3ac3e897a33503a0aedb5e41e4ecf1dc0d73c94e3cc6de8e93f2b2b6ee13f57108669c435f9b1ecc01b24ecd79ed093a7757b498ef93821e969a864b7d743f3085c68da76"})
r8 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x30)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)

51m8.646864836s ago: executing program 0 (id=133):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x80000, 0x10000, 0x0, 0x0, 0x2}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0)
r8 = eventfd2(0x0, 0x0)
close(r8)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
write$eventfd(r8, &(0x7f0000000180)=0x5, 0xfffffde3)
write$eventfd(r8, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x80a0000, 0x11d000})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

50m54.404416353s ago: executing program 1 (id=134):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async, rerun: 32)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async, rerun: 32)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x20080, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2e)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x6)
syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100046, &(0x7f0000000000)=0x14})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2) (async)
r9 = syz_kvm_vgic_v3_setup(r8, 0x2, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x5, 0x4, &(0x7f00000000c0)=0x8})
r10 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r5, 0x4010ae74, &(0x7f00000001c0)={0x5d3, 0x1}) (async)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@mrs={0xbe, 0x18, {0x603000000013df40}}], 0x18}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000140)=@attr_pmu_init) (async, rerun: 32)
r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) (rerun: 32)
r14 = mmap$KVM_VCPU(&(0x7f0000e21000/0x3000)=nil, r13, 0x0, 0x11, r2, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0) (async)
syz_kvm_assert_syzos_uexit$arm64(r14, 0xffffffffffffffff)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000180)=@arm64_sve={0x608000000015036d, &(0x7f0000000200)=0xfffffffffffffffc})

50m53.705834818s ago: executing program 0 (id=135):
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0xe3)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)

50m44.743157849s ago: executing program 0 (id=136):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000240)=@arm64_sve_vls={0x606000000015ffff, 0x0})
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000240)=@arm64_bitmap={0x6030000000160002, &(0x7f00000000c0)=0x2})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000240)=@arm64_sve_vls={0x606000000015ffff, 0x0}) (async)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000240)=@arm64_bitmap={0x6030000000160002, &(0x7f00000000c0)=0x2}) (async)

50m43.86324077s ago: executing program 1 (id=137):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x80001, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$arm64(r1, r3, &(0x7f0000a17000/0x400000)=nil, &(0x7f0000000200)=[{0x0, &(0x7f0000000440)=[@svc={0x122, 0x40, {0x84000052, [0x9, 0x5, 0x55d, 0x0, 0xfc6]}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0xb5}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x26a}}, @irq_setup={0x46, 0x18, {0x2, 0x1d}}, @msr={0x14, 0x20, {0x603000000013807c, 0x4}}, @uexit={0x0, 0x18, 0x8001}, @its_send_cmd={0xaa, 0x28, {0x0, 0x1, 0x3, 0x9, 0x7, 0xffff0001}}, @hvc={0x32, 0x40, {0x30000000, [0x2, 0x7fffffffffffffff, 0xf7b, 0x8e27, 0x6]}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0x379}}, @uexit={0x0, 0x18, 0xfffffffffffffff9}, @its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x2, 0x3, 0x101, 0x80000000, 0x2}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x276}}], 0x1d8}], 0x1, 0x0, &(0x7f0000000240)=[@featur1={0x1, 0x49}], 0x1)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f00000000c0)={0x4, <r8=>0xffffffffffffffff})
ioctl$KVM_CREATE_VM(r8, 0x800454cf, 0x200000000000000)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r9, 0xae03, 0x5d)
r10 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000000)={0x0, 0x0}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0)
r11 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2c)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f0000000040)=@arm64_sys={0x603000000013c021, &(0x7f0000000140)=0x9})
syz_kvm_vgic_v3_setup(r4, 0x2, 0x320)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil})

50m36.065173934s ago: executing program 0 (id=138):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0xe7)
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x4, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x0, 0x40080, 0x400, 0x2, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1fd, 0x2, 0x5000, 0x1000, &(0x7f0000f6e000/0x1000)=nil})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100030, &(0x7f0000000000)=0x3ff})
ioctl$KVM_GET_STATS_FD_cpu(r4, 0xaece)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

49m57.873777852s ago: executing program 32 (id=137):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x80001, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$arm64(r1, r3, &(0x7f0000a17000/0x400000)=nil, &(0x7f0000000200)=[{0x0, &(0x7f0000000440)=[@svc={0x122, 0x40, {0x84000052, [0x9, 0x5, 0x55d, 0x0, 0xfc6]}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0xb5}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x26a}}, @irq_setup={0x46, 0x18, {0x2, 0x1d}}, @msr={0x14, 0x20, {0x603000000013807c, 0x4}}, @uexit={0x0, 0x18, 0x8001}, @its_send_cmd={0xaa, 0x28, {0x0, 0x1, 0x3, 0x9, 0x7, 0xffff0001}}, @hvc={0x32, 0x40, {0x30000000, [0x2, 0x7fffffffffffffff, 0xf7b, 0x8e27, 0x6]}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0x379}}, @uexit={0x0, 0x18, 0xfffffffffffffff9}, @its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x2, 0x3, 0x101, 0x80000000, 0x2}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x276}}], 0x1d8}], 0x1, 0x0, &(0x7f0000000240)=[@featur1={0x1, 0x49}], 0x1)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f00000000c0)={0x4, <r8=>0xffffffffffffffff})
ioctl$KVM_CREATE_VM(r8, 0x800454cf, 0x200000000000000)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r9, 0xae03, 0x5d)
r10 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000000)={0x0, 0x0}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0)
r11 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2c)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f0000000040)=@arm64_sys={0x603000000013c021, &(0x7f0000000140)=0x9})
syz_kvm_vgic_v3_setup(r4, 0x2, 0x320)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil})

49m49.12318263s ago: executing program 33 (id=138):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0xe7)
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x4, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x0, 0x40080, 0x400, 0x2, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1fd, 0x2, 0x5000, 0x1000, &(0x7f0000f6e000/0x1000)=nil})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100030, &(0x7f0000000000)=0x3ff})
ioctl$KVM_GET_STATS_FD_cpu(r4, 0xaece)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

41m7.132719082s ago: executing program 3 (id=175):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$arm64(r3, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000280)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r4 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x5, 0x0, 0x0})

40m52.724337014s ago: executing program 3 (id=177):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, &(0x7f0000000000)={0x4, 0xa4})
r8 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r9, 0x3, 0x11, r7, 0x0)
mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r9, 0x3, 0x11, r8, 0x0)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, r10, 0x2, 0x11, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000100)={0x1001ffd, 0x1})
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r3, 0x4068aea3, &(0x7f0000000140)={0xdf, 0x0, 0x1b000})

40m38.503233849s ago: executing program 3 (id=178):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0xf0)
r3 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bc5000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013e535}}], 0x18}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x84000, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_CAP_HALT_POLL(r0, 0x4068aea3, &(0x7f00000001c0)={0xb6, 0x0, 0x7fffffff})
r8 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000040)={0x0, &(0x7f00000000c0)}, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000100)={0x0, 0x81})

40m26.283025808s ago: executing program 3 (id=180):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
r4 = eventfd2(0xd, 0x1)
close(r4)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
write$eventfd(r4, 0x0, 0x500)
write$eventfd(r4, &(0x7f0000000000)=0x1, 0x8)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000040)=@arm64_fw={0x6030000000140000, &(0x7f0000000000)=0x8})

40m12.235954027s ago: executing program 3 (id=182):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0x40086602, 0x110e22ffff)
r2 = openat$kvm(0x0, 0x0, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)
r3 = eventfd2(0x4, 0x801)
write$eventfd(r3, &(0x7f00000000c0)=0x8, 0x5)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, 0x0, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0x40086602, 0x110e227ffe)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, r1, 0x1000002, 0x810, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x28)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_cpu$arm64(r5, r7, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0a00000000000000cc00000000000000e0ef9ad200c0b8f2410080d2e20080d2430080d2e40180d2020000d4e0be9cd20040b0f2210080d2620080d2630180d2840180d2020000d40000681e0000000b0000399e003c202ea04c8ad200e0b0f2610180d2c20180d2a30080d2640180d2020000d4c0ed81d20000b8f2810180d2820180d2a30180d2640080d2020000d4a0a189d20060b0f2410180d2820180d2230080d2240180d2020000d4804e82d20020b0f2810180d2020180d2830180d2a40080d2020000d4c0035fd6aa00000000000000280000000000000003010700000000000000090000000e0000000000000000003200000000000000400000000000000000000006000000000000000000000000f7780000000000000800000000000000030000000000000009000000000000001e0000000000000040000000000000000900008400000000050000000000000010000000000000007f0d0000000000000010000000000000050000000000000046000000000000001800000000000000000000005a000000be01000000000000180000000000000028981300000030601400000000000000200000000000000085c01300000030600100000001000000320000000000000040000000000000000b000084000000000400000000000000080000000000000006000000000000000600000000000000dd00000000000000be000000000000001800000000000000fe7700000000fb00"], 0x21c}], 0x1, 0x0, 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x3)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000140)={0x4, <r10=>0xffffffffffffffff, 0x1})
write$eventfd(r10, &(0x7f00000001c0)=0x8100000001, 0x2d73)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)

39m57.349949729s ago: executing program 3 (id=184):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2f)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bc5000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013dcf0}}], 0x18}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6e0000000000000030000000000000000000dddd0080"], 0x30}], 0x1, 0x0, 0x0, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r8, 0xc008ae67, &(0x7f0000000000)={0x0, 0x7})
ioctl$KVM_IRQ_LINE_STATUS(r8, 0xc008ae67, &(0x7f0000000100)={0x0, 0x81})
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c43000/0x1000)=nil, r10, 0x3, 0x4000010, 0xffffffffffffffff, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x21)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x2)
r14 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r13, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r13, 0x0)
r15 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x31)
r17 = syz_kvm_setup_syzos_vm$arm64(r16, &(0x7f0000c00000/0x400000)=nil)
r18 = syz_kvm_add_vcpu$arm64(r17, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r18, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013e08d, &(0x7f00000000c0)=0x6db})
openat$kvm(0x0, &(0x7f0000000040), 0x4c4882, 0x0)

39m9.395206367s ago: executing program 34 (id=184):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2f)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bc5000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013dcf0}}], 0x18}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6e0000000000000030000000000000000000dddd0080"], 0x30}], 0x1, 0x0, 0x0, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r8, 0xc008ae67, &(0x7f0000000000)={0x0, 0x7})
ioctl$KVM_IRQ_LINE_STATUS(r8, 0xc008ae67, &(0x7f0000000100)={0x0, 0x81})
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c43000/0x1000)=nil, r10, 0x3, 0x4000010, 0xffffffffffffffff, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x21)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x2)
r14 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r13, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r13, 0x0)
r15 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x31)
r17 = syz_kvm_setup_syzos_vm$arm64(r16, &(0x7f0000c00000/0x400000)=nil)
r18 = syz_kvm_add_vcpu$arm64(r17, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r18, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013e08d, &(0x7f00000000c0)=0x6db})
openat$kvm(0x0, &(0x7f0000000040), 0x4c4882, 0x0)

36m37.645129349s ago: executing program 2 (id=203):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0x84000001, [0x8, 0x939, 0xe, 0x7f, 0x4]}}], 0x40}, &(0x7f00000001c0)=[@featur2={0x1, 0x52}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

36m29.96237219s ago: executing program 2 (id=204):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async, rerun: 32)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x12) (rerun: 32)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x28)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0xc018ae85, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async, rerun: 32)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 32)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000100)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000}) (async)
ioctl$KVM_GET_DEVICE_ATTR(r8, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x8, 0x40000000000000, 0x0})
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f00000001c0)={0xdf, 0x0, 0x8000})

36m19.011772914s ago: executing program 2 (id=205):
mmap$KVM_VCPU(&(0x7f0000fff000/0x1000)=nil, 0x930, 0x0, 0x2010, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0xb, 0x30d2a4fbfbfad6b8, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) (async, rerun: 32)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) (rerun: 32)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r2, 0x400454d4, 0x110c230007)
write$eventfd(0xffffffffffffffff, &(0x7f0000000000)=0x1, 0x8)

36m9.999260886s ago: executing program 2 (id=206):
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r2, 0x400454d1, 0xffffffffffffc)
r3 = eventfd2(0x6, 0x140001)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000100)={0x7, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000000000)={0xffffffffffffffff, 0x5, 0x2})
r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x6832, 0xffffffffffffffff, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r9, 0x4018aee3, 0x0)
write$eventfd(r3, &(0x7f0000000000)=0x3ff, 0x8)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r11, 0x4068aea3, &(0x7f00000003c0)={0xa8, 0x0, 0x1})
ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000000)={0x2710, 0x1, 0x100000, 0x1000, &(0x7f0000ff5000/0x1000)=nil})
ioctl$KVM_GET_DIRTY_LOG(r11, 0x4010ae42, &(0x7f00000000c0)={0x2710, 0x0, &(0x7f0000ffe000/0x1000)=nil})
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f00000003c0)={0x0, 0x0}, &(0x7f0000000400)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_GET_ONE_REG(r15, 0x4010aeab, &(0x7f0000000480)=@arm64_core={0x6030000000100046, &(0x7f0000000200)=0x7})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x2000)

35m54.442511108s ago: executing program 2 (id=207):
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x9)
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@hvc={0x32, 0x40, {0x80000001, [0xfffffffffffffde5, 0x3ff, 0x1, 0x4, 0x9]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x2873f7aecfc88708, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)

35m43.942241708s ago: executing program 2 (id=208):
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x5, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000b1c000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1fc, 0x2, 0x6000, 0x2000, &(0x7f0000f31000/0x2000)=nil})
mmap$KVM_VCPU(&(0x7f0000000000/0xc00000)=nil, 0x930, 0x0, 0x32, 0xffffffffffffffff, 0x0)

34m54.480335454s ago: executing program 35 (id=208):
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x5, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000b1c000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1fc, 0x2, 0x6000, 0x2000, &(0x7f0000f31000/0x2000)=nil})
mmap$KVM_VCPU(&(0x7f0000000000/0xc00000)=nil, 0x930, 0x0, 0x32, 0xffffffffffffffff, 0x0)

28m48.205746849s ago: executing program 4 (id=223):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x36)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r0, 0x4018aee3, &(0x7f0000000280)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000240)={0x800, 0x5}})
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee2, &(0x7f00000000c0)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0xffffffffffffffff})
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r4, 0xc018aec0, &(0x7f00000000c0)={0x1})
ioctl$KVM_GET_API_VERSION(r1, 0xae00, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@mrs={0xbe, 0x18, {0x206d6e52e232dcca}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x5, 0xfffffffe, 0x4000000, 0x0, 0x79}}], 0x40}, 0x0, 0x0) (async)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@mrs={0xbe, 0x18, {0x206d6e52e232dcca}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x5, 0xfffffffe, 0x4000000, 0x0, 0x79}}], 0x40}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f00000001c0)={0x8, 0x77}) (async)
ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f00000001c0)={0x8, 0x77})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
ioctl$KVM_GET_API_VERSION(r7, 0xae00, 0x0) (async)
ioctl$KVM_GET_API_VERSION(r7, 0xae00, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

28m32.033503584s ago: executing program 4 (id=224):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x440103, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, <r3=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x800454d2, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000100)={0x7, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000280)=@attr_other={0x0, 0x8, 0x4, &(0x7f0000000240)=0x1})
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r10, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000fff000/0x1000)=nil, r10, 0x4, 0x16831, r11, 0x0)
close(r0)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000000)={0xffffffffffffffff, 0x5, 0x2})

28m15.086566396s ago: executing program 4 (id=225):
openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408)
openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CLEAR_DIRTY_LOG(r5, 0xc018aec0, &(0x7f0000000000)={0x10001, 0x400, 0xc0, 0x0})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)

28m13.443257481s ago: executing program 5 (id=209):
r0 = eventfd2(0x0, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x5d)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000000)={r0, 0x0, 0x3, r0})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r4, 0x4010aeb5, &(0x7f00000002c0)={0x200}) (async)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve_vls={0x606000000015ffff, &(0x7f0000000000)=0x1})
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x4000, 0x0) (async)
r9 = eventfd2(0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0x4020940d, 0x20000000)

27m59.692875894s ago: executing program 4 (id=226):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000680)=[@its_setup={0x82, 0x28, {0x3, 0x0, 0x16f}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x2, 0x8, 0x8, 0x100}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x3}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x2}}], 0x50}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

27m56.606647163s ago: executing program 5 (id=227):
r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
ioctl$KVM_HAS_DEVICE_ATTR(r0, 0x4018aee3, &(0x7f0000000040)=@attr_other={0x0, 0x7, 0xff, &(0x7f0000000000)=0x4})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xc0040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x23)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r1, 0x4010aeb5, &(0x7f00000000c0)={0x2, 0x9})
ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, &(0x7f0000000100)={0x6, [0xf912, 0x7fffffffffffffff, 0x8, 0x56, 0x10000, 0x200]})
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r0, 0x4010aeb5, &(0x7f0000000140)={0x4, 0x9})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r0, 0x4018aee1, &(0x7f0000000180)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x1})
r2 = ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CLEAR_DIRTY_LOG(r2, 0xc018aec0, &(0x7f00000005c0)={0x4, 0x280, 0x280, &(0x7f00000001c0)=[0xe, 0x70, 0x100010000000000, 0xfc, 0x80000000, 0x7, 0xd282, 0x2, 0x1, 0xbe, 0x10ec8d5f, 0x7, 0x5, 0x1, 0x1, 0x6, 0x4, 0x8, 0x2, 0x8, 0x8, 0x4, 0xb6b, 0x523, 0x76, 0xfffffffffffffffb, 0x40, 0x0, 0x9, 0x1, 0x4, 0x5, 0x0, 0x8, 0x80, 0x7, 0x1, 0xb, 0x1, 0x0, 0x4, 0x6, 0x10001, 0x8001, 0x5, 0x8, 0x1, 0x7, 0x4e, 0x8, 0x1, 0x8000000000000000, 0x10, 0x7f, 0x0, 0x3, 0xbe4, 0x2, 0x6, 0x4, 0xf670, 0x5, 0x5, 0x3, 0x9, 0x4, 0x0, 0x6, 0x25294f14, 0x4, 0x9, 0x2, 0x0, 0x8, 0x5, 0x4, 0x1, 0x61b, 0xd9c6, 0x7fff, 0x200, 0x5, 0x1, 0x1, 0x7fff, 0x200000000, 0x7cb58a56, 0x6, 0x401, 0x1, 0xf2c, 0x1, 0x4, 0xfffffffffffffff8, 0x7, 0x2, 0x7, 0x9, 0x6, 0x6, 0xb4, 0x80, 0xa, 0x5, 0x5, 0x0, 0x7, 0x7, 0xa9, 0x3ff, 0x9, 0xa, 0x7, 0x6, 0xd1d, 0x200, 0xfffffffffffffffb, 0x8, 0x2, 0x5, 0x8, 0xf, 0x1, 0x9, 0x2, 0x400000000, 0x100, 0xcb7c]})
ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000000640)=@attr_arm64={0x0, 0x5, 0x3, &(0x7f0000000600)=0x247})
ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f00000006c0)=@attr_other={0x0, 0x4f, 0x80000001, &(0x7f0000000680)=0x1})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000740)=@attr_other={0x0, 0xfffffffd, 0x0, &(0x7f0000000700)=0x3b})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32)
ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000000780)={0x95b, 0x584})
ioctl$KVM_KVMCLOCK_CTRL(r0, 0xaead)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f00000007c0)={0xeeee0000, 0x182000})
ioctl$KVM_ARM_SET_DEVICE_ADDR(r3, 0x4010aeab, &(0x7f0000000800)={0xfffffffffffffff8, 0xeeee0000})
ioctl$KVM_CHECK_EXTENSION_VM(r4, 0xae03, 0x6)
ioctl$KVM_SET_USER_MEMORY_REGION2(r0, 0x40a0ae49, &(0x7f0000000840)={0x101ff, 0x7, 0xdddd0000, 0x2000, &(0x7f0000ffb000/0x2000)=nil, 0x1, r0})
ioctl$KVM_PRE_FAULT_MEMORY(r2, 0xc040aed5, &(0x7f0000000900)={0xeeee8000, 0x11c800})
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x4)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000940), 0xc2, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x29)
ioctl$KVM_GET_STATS_FD_vm(r0, 0xaece)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r0, 0x4018aee2, &(0x7f0000000980)=@attr_pmu_init)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
close(r2)
eventfd2(0x3, 0x100801)

27m44.280384874s ago: executing program 5 (id=228):
r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000001c0)={0x8, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)})
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x22300, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x28)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f00004e3000/0x2000)=nil, 0x930, 0xa, 0x2013, r6, 0x40000)
r7 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r9, 0x4018aee2, 0xfffffffffffffffe)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000000)=0xc000000000000000})
ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000200)=@attr_arm64={0x0, 0x4, 0x1, &(0x7f0000000040)=0x7f})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0})

27m39.21359606s ago: executing program 4 (id=229):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
r3 = ioctl$KVM_CREATE_VM(r2, 0x894c, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) (async)
r8 = eventfd2(0x0, 0x0)
close(r8) (async)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) (async, rerun: 32)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x3000002, 0x13, r8, 0x0) (async, rerun: 32)
write$eventfd(r8, &(0x7f0000000180)=0x5, 0xfffffde3) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, 0xffffffffffffffff, 0x0) (async, rerun: 64)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) (rerun: 64)
ioctl$KVM_CREATE_VCPU(r3, 0x8008b705, 0x0)

27m26.861736055s ago: executing program 5 (id=230):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2b) (async)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010003c, &(0x7f0000000140)=0x7})
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x4018aee1, 0x0) (async)
r7 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r2, r7, &(0x7f0000bfd000/0x400000)=nil, &(0x7f00000004c0)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x240) (async)
r8 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000bfe000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000b00)={0x0, 0x0}, 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0) (async)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r12, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, r13, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async)
syz_kvm_setup_cpu$arm64(r0, r11, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000001140)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f0000001180)=[@featur2={0x1, 0xac}], 0x1)

27m24.91269613s ago: executing program 4 (id=231):
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3f)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x8, 0x80800)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r6 = syz_kvm_vgic_v3_setup(r4, 0x3, 0xa0)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x1, 0x4, &(0x7f0000000000)=0x4})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x48, 0xdddd1000, 0x0, r2})
close(r2)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000008, [0x99b, 0x100000003, 0x5, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
syz_kvm_add_vcpu$arm64(r9, 0x0, &(0x7f0000000180)=[@featur1={0x1, 0x2a}], 0x1)
r10 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x1)
r13 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r12, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r12, 0x0)
r14 = eventfd2(0xd, 0x1)
close(r14)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
write$eventfd(r14, 0x0, 0x500)
r15 = eventfd2(0x0, 0x0)
close(r15)

26m39.384304681s ago: executing program 36 (id=230):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2b) (async)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010003c, &(0x7f0000000140)=0x7})
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x4018aee1, 0x0) (async)
r7 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r2, r7, &(0x7f0000bfd000/0x400000)=nil, &(0x7f00000004c0)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x240) (async)
r8 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000bfe000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000b00)={0x0, 0x0}, 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0) (async)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r12, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, r13, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async)
syz_kvm_setup_cpu$arm64(r0, r11, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000001140)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f0000001180)=[@featur2={0x1, 0xac}], 0x1)

26m34.874192532s ago: executing program 37 (id=231):
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3f)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x8, 0x80800)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r6 = syz_kvm_vgic_v3_setup(r4, 0x3, 0xa0)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x1, 0x4, &(0x7f0000000000)=0x4})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x48, 0xdddd1000, 0x0, r2})
close(r2)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000008, [0x99b, 0x100000003, 0x5, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
syz_kvm_add_vcpu$arm64(r9, 0x0, &(0x7f0000000180)=[@featur1={0x1, 0x2a}], 0x1)
r10 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x1)
r13 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r12, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r12, 0x0)
r14 = eventfd2(0xd, 0x1)
close(r14)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
write$eventfd(r14, 0x0, 0x500)
r15 = eventfd2(0x0, 0x0)
close(r15)

14m17.473917893s ago: executing program 6 (id=260):
r0 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000000)=[@msr={0x14, 0x20, {0x6030000000138057, 0x8bf}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x3, 0x10, 0xe0000000, 0x4, 0x1}}, @svc={0x122, 0x40, {0xc400000e, [0x8a, 0x240000, 0xffffffffffffffff, 0x0, 0x7]}}, @eret={0xe6, 0x18, 0x1}, @smc={0x1e, 0x40, {0x80000000, [0x5, 0x8000000000000000, 0xdc7, 0x6, 0x4]}}], 0xe0}, &(0x7f0000000140)=[@featur1={0x1, 0x80}], 0x1)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, r0, 0x2000000, 0x8010, r1, 0x0)
ioctl$KVM_GET_ONE_REG(r1, 0x4010aeab, &(0x7f00000001c0)=@arm64_sve_vls={0x606000000015ffff, &(0x7f0000000180)=0x6})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, r0, 0x2000000, 0x10, r1, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x8)
syz_kvm_setup_cpu$arm64(r2, r1, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000580)=[{0x0, &(0x7f0000000200)=[@its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x3, 0x5, 0x80000001, 0x5, 0x2}}, @code={0xa, 0x9c, {"a02f9dd20060b0f2c10080d2220180d2e30180d2640180d2020000d4c0ee93d20000b0f2010080d2820180d2230080d2840180d2020000d4008008d50000311e201589d20000b0f2a10080d2620080d2e30080d2c40180d2020000d4000028d500000078007008d50080401fc0fa93d200a0b0f2210080d2e20080d2c30180d2e40080d2020000d4"}}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x174}}, @code={0xa, 0x84, {"0000621e60a686d20000b8f2410080d2220180d2630180d2840080d2020000d400c0000f000860f8008008d5e00387d200c0b8f2210180d2a20180d2c30180d2040080d2020000d4000028d5008008d500800048204898d200c0b8f2410080d2c20180d2830080d2040080d2020000d4"}}, @irq_setup={0x46, 0x18, {0x1, 0xd8}}, @msr={0x14, 0x20, {0x603000000013e092, 0x6}}, @irq_setup={0x46, 0x18, {0x2, 0x2d}}, @code={0xa, 0xcc, {"c0299dd200a0b8f2410080d2e20180d2430080d2640180d2020000d40058284ea02088d20020b0f2810080d2a20180d2e30080d2c40080d2020000d460a985d20080b8f2c10180d2e20080d2a30180d2c40180d2020000d4007008d5008008d5c07e87d200e0b8f2210180d2620080d2e30080d2c40080d2020000d40008601ee0798bd200e0b8f2210080d2020080d2030180d2640180d2020000d4a09591d20080b0f2610080d2620180d2c30180d2a40180d2020000d4"}}, @mrs={0xbe, 0x18, {0x603000000013df69}}, @irq_setup={0x46, 0x18, {0x4, 0xe1}}, @msr={0x14, 0x20, {0x603000000013a6ee, 0x9}}, @msr={0x14, 0x20, {0x6030000000138066, 0x8}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x3bd}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x0, 0x430, 0x4}}], 0x354}], 0x1, 0x0, &(0x7f00000005c0), 0x1)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3)
ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x4018aee1, &(0x7f0000000640)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000600)={0x88c00000, 0x9, 0x1}})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000680), 0x10080, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r2, 0x4068aea3, &(0x7f00000006c0))
ioctl$KVM_CAP_DIRTY_LOG_RING(r2, 0x4068aea3, &(0x7f0000000740))
ioctl$KVM_ARM_VCPU_FINALIZE(r1, 0x4004aec2, &(0x7f00000007c0)=0x3)
ioctl$KVM_INTERRUPT(r1, 0x4004ae86, &(0x7f0000000800)=0x7ff)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r2, 0x4010aeb5, &(0x7f0000000840)={0x8})
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000880)={0x1, 0x0, [{0x85, 0x2, 0x0, 0x0, @msi={0x8, 0x4, 0x4, 0x5}}]})
openat$kvm(0xffffffffffffff9c, &(0x7f00000008c0), 0x100, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000900), 0x208280, 0x0)
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0x9)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000940)={0x3000, 0x2000})
ioctl$KVM_CLEAR_DIRTY_LOG(r3, 0xc018aec0, &(0x7f0000000d80)={0x10002, 0x340, 0x140, &(0x7f0000000980)=[0x6, 0x4, 0x3, 0x1, 0x2, 0x47fa00000, 0x8, 0x3, 0xff9, 0x2, 0x0, 0xd49, 0x5, 0x4, 0x2, 0x7, 0x0, 0xe, 0x2, 0xd, 0x100000000, 0x1, 0xffff, 0x8000000000000000, 0x9c, 0xd4, 0x200, 0x2, 0xec, 0x7, 0x1, 0x4b08, 0x6, 0x401, 0x6, 0x48ee, 0xba00000, 0xffff, 0xfffffffffffffffa, 0x8, 0x4, 0x4, 0x1, 0x563a, 0x9, 0x7f, 0x5, 0x3, 0x2, 0x9, 0x80000001, 0x80000001, 0xffffffffffff350f, 0xfff, 0x2, 0x16c3, 0x94, 0x6, 0x6, 0x6, 0x8, 0x2, 0x8000000000000000, 0x9, 0x5, 0x9, 0x101, 0xa5, 0x1, 0x3, 0xe9fe, 0x1000, 0xffff, 0x6, 0xe7, 0xe, 0x6, 0x8, 0x7, 0x2, 0x3, 0x0, 0x2, 0x2fdd, 0xfffffffffffffffd, 0x6f9d8410, 0x1, 0x4b, 0x3ff, 0x1, 0x0, 0x7fffffff, 0x81, 0x0, 0xfffffffeffffffff, 0x2, 0x4, 0x5, 0x1, 0xa4, 0x1, 0x0, 0x3, 0xd69, 0x0, 0x8000000000000001, 0xc20c, 0x9, 0x101, 0x2, 0xaa, 0x2, 0x81a6, 0x2, 0x89, 0x80000001, 0x5, 0xa, 0x9, 0x72b, 0x9, 0x2, 0xbc3c, 0x6, 0x2, 0x10000, 0xfffffffffffffffc, 0x7]})
r7 = ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, &(0x7f0000000dc0)={0x5, 0x7})
ioctl$KVM_SET_USER_MEMORY_REGION2(r2, 0x40a0ae49, &(0x7f0000000e00)={0x10001, 0x0, 0x10000, 0x2000, &(0x7f0000d25000/0x2000)=nil, 0x1, r7})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000ec0), 0x32842, 0x0)
r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x35)
syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000b12000/0x400000)=nil)

14m6.273789603s ago: executing program 7 (id=261):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x22)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
r4 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
close(r4)
close(0x4)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

14m3.124511348s ago: executing program 6 (id=262):
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) (async)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
close(r0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x22)
eventfd2(0x0, 0x80000) (async)
r2 = eventfd2(0x0, 0x80000)
eventfd2(0x3ff, 0x0) (async)
r3 = eventfd2(0x3ff, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2, 0x57d7855c, 0x1, r3})
write$eventfd(r3, &(0x7f0000000040)=0x90, 0x8)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x8800, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) (async)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000000c0)="1ac0937b6cddcc03a689072088d63f63d71b50688816f7e810a6ce91066b9eb4a597f74d2661577b62c1742a62cb5450aa96fedae6f685d1b6495ded44d9bfffeadabd1e28b94119", 0x0, 0x48)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101200, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101200, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x19) (async)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x19)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x88000, 0x0)
r8 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2a)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r8, 0x4068aea3, &(0x7f00000001c0))
r9 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x5)
r10 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2a)
syz_kvm_vgic_v3_setup(r10, 0x3, 0x40) (async)
r11 = syz_kvm_vgic_v3_setup(r10, 0x3, 0x40)
r12 = mmap$KVM_VCPU(&(0x7f0000ff9000/0x4000)=nil, r5, 0x100000a, 0x4000010, r0, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(r12, 0x20, &(0x7f0000000240)="33d7451772f207afcc5a6f7392127ad8a6028bc98ab8c915", 0x0, 0x18)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x80002, 0x0)
ioctl$KVM_CHECK_EXTENSION(r13, 0xae03, 0x0) (async)
ioctl$KVM_CHECK_EXTENSION(r13, 0xae03, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil)
ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f00000002c0)={0x3b, 0x4000, 0x0, r3, 0xc})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000340)=@attr_other={0x0, 0x1b74, 0x5aa, &(0x7f0000000300)=0x83ce})
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000380)={0x4, 0x0, [{0x3, 0x3, 0x0, 0x0, @sint={0x4, 0x8}}, {0x6, 0x5, 0x1, 0x0, @msi={0x7, 0x4, 0x101, 0xff}}, {0xd9, 0x3, 0x0, 0x0, @sint={0xcd, 0xc989}}, {0x80000, 0x2, 0x1, 0x0, @irqchip={0x8, 0x2}}]})
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x2f) (async)
r14 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x2f)
syz_kvm_vgic_v3_setup(r14, 0x2, 0x20)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)

13m24.160547172s ago: executing program 6 (id=263):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f0000000040)={0x1000200001fe0000, 0x1})
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000180)={0x0, 0x4, 0x80a0000, 0x2000, &(0x7f0000ffc000/0x2000)=nil, 0x100000000000000, r2})
close(r1)
close(r2)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x29)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r6, 0x2, 0x12, r5, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CLEAR_DIRTY_LOG(r8, 0xc018aec0, &(0x7f00000000c0)={0x5, 0x340, 0x1, 0x0})
r9 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, r6, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)

13m23.08211417s ago: executing program 7 (id=264):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@mrs={0xbe, 0x18, {0x603000000013c807}}, @msr={0x14, 0x20, {0x603000000013e66c, 0xa}}, @memwrite={0x6e, 0x30, @generic={0x8080000, 0x6d2, 0x2, 0x5}}], 0x68}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x400042, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_vgic_v3_setup(r5, 0x1, 0x100)
ioctl$KVM_HAS_DEVICE_ATTR(r6, 0x4018aee3, 0xfffffffffffffffe)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r11, 0x4208ae9b, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000100)={0x7, <r12=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0})
r13 = eventfd2(0x8801, 0x800)
r14 = eventfd2(0x3ff, 0x0)
ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f0000000000)={r14, 0x5, 0x2, r14})
ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f0000000080)={r13, 0x1, 0x2, r14})
ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f0000000140)={r14, 0x5, 0x1, r13})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_API_VERSION(r7, 0xae00, 0x0)

13m4.28679538s ago: executing program 7 (id=265):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_ARM_SET_DEVICE_ADDR(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000000)={0x7fffffff, 0x8000001})
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f0000000000)=ANY=[])
ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, &(0x7f0000000080)={0x5, 0x7ff})
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000010000/0x400000)=nil)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0)

12m58.635338355s ago: executing program 6 (id=266):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x20000000021)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013c4f1, 0x8000}}, @msr={0x14, 0x20, {0x603000000013c4f2, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}, @msr={0x14, 0x20, {0x603000000013dce1, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce2, 0x40008000}}, @msr={0x14, 0x20, {0x603000000013dce3, 0x11}}, @irq_setup={0x46, 0x18, {0x1, 0x4b}}, @svc={0x122, 0x40, {0x84000010, [0x7, 0xfffffffffffffffb, 0x7, 0x7fffffffffffffff, 0x9d2a]}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x5}}], 0x138}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r4, 0x3, 0x10, r3, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bff000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x3}}], 0x68}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x2, &(0x7f0000000200)=0x8080000})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x4, 0x0, 0x0})
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
r11 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r10, 0x3, 0x11, r8, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r11, 0xfffffffffffffffe)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r11, 0xffffffffffffffff)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8400, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x4a00, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r13, 0xae04)
ioctl$KVM_CREATE_VM(r12, 0xae01, 0xfffffffffffffffd)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)

12m47.359975022s ago: executing program 7 (id=267):
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x2132, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x1000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)

12m35.017519684s ago: executing program 7 (id=268):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
r0 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, 0x0, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, 0x0, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x39)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x5, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000b1c000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x1000, &(0x7f0000ffe000/0x1000)=nil})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f00000000c0)={0x6, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000180)=@attr_arm64={0x0, 0x1, 0x3, &(0x7f0000000100)=0x101})
r8 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, r6, 0x3, 0x11, r8, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x2, 0x100)
close(r4)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
close(r10)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000200)=@arm64_fp_extra={0x60200000001000d4, &(0x7f00000001c0)=0x2})
r11 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, 0x0, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000002c0)="e65bf6ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6309fafba2af023314c6a743ad4913910b8364e5f73ea2fc43ac1ebfc0000000100", 0x0, 0x48)

12m34.31620612s ago: executing program 6 (id=269):
openat$kvm(0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x100000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29)
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0x4b47, 0xfffffffffffffffe)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r7 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r6, 0x3, 0x12, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000002c0)="fb016bddfb405ee52cc6a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb2070000000000000000000000c20cecfa0a97ab7800", 0x0, 0x48)
r8 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)

12m19.524386605s ago: executing program 7 (id=270):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x0, 0x100)
r1 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r1, 0x4068aea3, &(0x7f0000000040))
ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0xe, 0x6, &(0x7f00000000c0)=0xf2b})
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x15)
r3 = syz_kvm_vgic_v3_setup(r2, 0x4, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_GET_MP_STATE(r1, 0x8004ae98, &(0x7f0000000140))
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000ac5000/0x400000)=nil)
ioctl$KVM_CAP_ARM_USER_IRQ(r1, 0x4068aea3, &(0x7f0000000180))
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
syz_kvm_setup_cpu$arm64(r4, r1, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000000380)=[{0x0, &(0x7f0000000200)=[@its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x4, 0x10, 0x4, 0x0, 0x3}}, @irq_setup={0x46, 0x18, {0x0, 0x156}}, @svc={0x122, 0x40, {0x6000000, [0xffffffff80000001, 0xce2e, 0x6, 0x7f, 0xfffffffffffffff7]}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x0, 0x7, 0x2, 0x101}}, @svc={0x122, 0x40, {0x84000012, [0x3, 0x3, 0xffffffffffffff7f, 0xbf08, 0xae]}}, @smc={0x1e, 0x40, {0x86000001, [0x4, 0x2, 0x0, 0x6, 0x400]}}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x34}}], 0x150}], 0x1, 0x0, &(0x7f00000003c0)=[@featur1={0x1, 0x44}], 0x1)
close(r3)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r1, 0x4208ae9b, &(0x7f0000000400)={0x20000, 0x0, {[0x9, 0xd, 0x92, 0x81, 0x59b, 0xffffffffffffffff, 0x6c, 0x10, 0x9, 0x100000001, 0x40, 0x6b, 0x9, 0x5, 0x9, 0xff], [0x1918, 0x4, 0x4, 0x3, 0x8, 0xbc6, 0x0, 0x8, 0x2, 0x8, 0x2, 0x200, 0x9d1, 0xfff, 0xda9, 0x5], [0x6, 0x1, 0x410, 0x6, 0x9, 0x40, 0xcff, 0x7, 0x9, 0x6, 0x5, 0x0, 0x10, 0x856, 0x4, 0x4], [0x200, 0x2, 0x1, 0x1ff, 0x8000000000000001, 0x2, 0x8, 0x6, 0x6, 0x4, 0x5, 0x3, 0xff, 0x7ff8000000000, 0x7, 0xbd]}})
ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f0000000680)=@arm64_core={0x603000000010000e, &(0x7f0000000640)=0x674})
ioctl$KVM_GET_REGS(r1, 0x8360ae81, &(0x7f00000006c0))
r5 = ioctl$KVM_GET_STATS_FD_vm(r4, 0xaece)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000780)={0x0, 0x2, 0x2, 0x1000, &(0x7f0000fff000/0x1000)=nil})
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f00000007c0)=0x5)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000800), 0x902, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x36)
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000840)=@arm64={0x6, 0x0, 0x6, '\x00', 0xc0000})
r7 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece)
syz_kvm_setup_cpu$arm64(r5, r7, &(0x7f000093c000/0x400000)=nil, &(0x7f0000000c80)=[{0x0, &(0x7f0000000880)=[@smc={0x1e, 0x40, {0x80003fff, [0x9, 0x0, 0xbf55, 0x6, 0x2]}}, @mrs={0xbe, 0x18, {0x603000000013deae}}, @svc={0x122, 0x40, {0x2000000, [0x8000000000000001, 0x76c, 0x81, 0x7fffffff, 0x5]}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0xda}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x0, 0xa, 0x200, 0x6, 0x3}}, @svc={0x122, 0x40, {0x8400000a, [0x8, 0x2, 0x5, 0x72bb]}}, @msr={0x14, 0x20, {0x603000000013e6c6, 0x3}}, @eret={0xe6, 0x18, 0x9}, @svc={0x122, 0x40, {0xc4000001, [0xfff, 0x1, 0x5, 0x6, 0x8]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0xc0, 0x3, 0xa}}, @irq_setup={0x46, 0x18, {0x4, 0x2f2}}, @svc={0x122, 0x40, {0x5000000, [0xfffffffffffffffa, 0xa0d1, 0x3, 0x6, 0x7]}}, @svc={0x122, 0x40, {0xc4000001, [0x0, 0x0, 0xcf86, 0x3, 0x3]}}, @svc={0x122, 0x40, {0x8400000e, [0xe, 0x9c8f, 0x1, 0xe, 0xfc]}}, @eret={0xe6, 0x18, 0x9}, @smc={0x1e, 0x40, {0x1000, [0x8000, 0x5, 0x66, 0xfffffffffffff0aa, 0x9]}}, @svc={0x122, 0x40, {0x80000000, [0x6, 0x2, 0xffffffffffffffff, 0x7, 0x7]}}, @smc={0x1e, 0x40, {0x4000000, [0x0, 0x3, 0x15d, 0xb, 0x7]}}, @irq_setup={0x46, 0x18, {0x2, 0x2d2}}, @mrs={0xbe, 0x18, {0x603000000013c021}}, @uexit={0x0, 0x18, 0x293}], 0x3c8}], 0x1, 0x0, &(0x7f0000000cc0)=[@featur2={0x1, 0x40}], 0x1)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000d00), 0x2, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x12)

12m13.75381895s ago: executing program 6 (id=271):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x0, 0x80000)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x2, r2, 0x3})
r3 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xeeef0000, 0x0, r3}) (async)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x203, 0x0, 0x2, r2, 0xf})
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000040)={0x0, &(0x7f0000000200)=[@irq_setup={0x46, 0x18, {0x4, 0xfe}}, @svc={0x122, 0x40, {0x3, [0x0, 0x2, 0x0, 0xfffffffffffffffd, 0x9]}}, @msr={0x14, 0x20, {0x603000000013dea1, 0x5}}, @uexit={0x0, 0x18, 0x7fffffffffffffff}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x267}}, @mrs={0xbe, 0x18, {0x603000000013e660}}, @code={0xa, 0x84, {"007008d5000028d50048201e20069ad20000b0f2810080d2420080d2430080d2a40080d2020000d4000080d2007008d5a0eb82d20000b8f2210180d2020180d2630180d2e40080d2020000d4007008d500b8215e80ac8fd20080b8f2210080d2e20180d2430080d2640080d2020000d4"}}, @hvc={0x32, 0x40, {0x8400000c, [0x4, 0x401, 0x26, 0x7f, 0x7]}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x224}}, @code={0xa, 0x84, {"000028d5201a9cd20020b0f2410080d2e20180d2a30080d2640080d2020000d4000080b90000659ea0cf99d20060b8f2810080d2a20180d2030080d2e40080d2020000d400c8a00e0004809a007008d540a980d20020b8f2810180d2420080d2c30180d2a40180d2020000d4007008d5"}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x1fe}}, @memwrite={0x6e, 0x30, @generic={0xeeef0000, 0x171, 0xe45, 0x1}}, @irq_setup={0x46, 0x18, {0x3, 0x7d}}, @smc={0x1e, 0x40, {0x80000002, [0x4, 0x1, 0x9, 0x80000001, 0x401]}}, @hvc={0x32, 0x40, {0x84000051, [0x17f7570c, 0x0, 0xfffffffffffffff9, 0x4, 0x6]}}], 0x330}, &(0x7f0000000080)=[@featur2={0x1, 0x5}], 0x1)

11m31.546907475s ago: executing program 38 (id=270):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x0, 0x100)
r1 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r1, 0x4068aea3, &(0x7f0000000040))
ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0xe, 0x6, &(0x7f00000000c0)=0xf2b})
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x15)
r3 = syz_kvm_vgic_v3_setup(r2, 0x4, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_GET_MP_STATE(r1, 0x8004ae98, &(0x7f0000000140))
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000ac5000/0x400000)=nil)
ioctl$KVM_CAP_ARM_USER_IRQ(r1, 0x4068aea3, &(0x7f0000000180))
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
syz_kvm_setup_cpu$arm64(r4, r1, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000000380)=[{0x0, &(0x7f0000000200)=[@its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x4, 0x10, 0x4, 0x0, 0x3}}, @irq_setup={0x46, 0x18, {0x0, 0x156}}, @svc={0x122, 0x40, {0x6000000, [0xffffffff80000001, 0xce2e, 0x6, 0x7f, 0xfffffffffffffff7]}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x0, 0x7, 0x2, 0x101}}, @svc={0x122, 0x40, {0x84000012, [0x3, 0x3, 0xffffffffffffff7f, 0xbf08, 0xae]}}, @smc={0x1e, 0x40, {0x86000001, [0x4, 0x2, 0x0, 0x6, 0x400]}}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x34}}], 0x150}], 0x1, 0x0, &(0x7f00000003c0)=[@featur1={0x1, 0x44}], 0x1)
close(r3)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r1, 0x4208ae9b, &(0x7f0000000400)={0x20000, 0x0, {[0x9, 0xd, 0x92, 0x81, 0x59b, 0xffffffffffffffff, 0x6c, 0x10, 0x9, 0x100000001, 0x40, 0x6b, 0x9, 0x5, 0x9, 0xff], [0x1918, 0x4, 0x4, 0x3, 0x8, 0xbc6, 0x0, 0x8, 0x2, 0x8, 0x2, 0x200, 0x9d1, 0xfff, 0xda9, 0x5], [0x6, 0x1, 0x410, 0x6, 0x9, 0x40, 0xcff, 0x7, 0x9, 0x6, 0x5, 0x0, 0x10, 0x856, 0x4, 0x4], [0x200, 0x2, 0x1, 0x1ff, 0x8000000000000001, 0x2, 0x8, 0x6, 0x6, 0x4, 0x5, 0x3, 0xff, 0x7ff8000000000, 0x7, 0xbd]}})
ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f0000000680)=@arm64_core={0x603000000010000e, &(0x7f0000000640)=0x674})
ioctl$KVM_GET_REGS(r1, 0x8360ae81, &(0x7f00000006c0))
r5 = ioctl$KVM_GET_STATS_FD_vm(r4, 0xaece)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000780)={0x0, 0x2, 0x2, 0x1000, &(0x7f0000fff000/0x1000)=nil})
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f00000007c0)=0x5)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000800), 0x902, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x36)
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000840)=@arm64={0x6, 0x0, 0x6, '\x00', 0xc0000})
r7 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece)
syz_kvm_setup_cpu$arm64(r5, r7, &(0x7f000093c000/0x400000)=nil, &(0x7f0000000c80)=[{0x0, &(0x7f0000000880)=[@smc={0x1e, 0x40, {0x80003fff, [0x9, 0x0, 0xbf55, 0x6, 0x2]}}, @mrs={0xbe, 0x18, {0x603000000013deae}}, @svc={0x122, 0x40, {0x2000000, [0x8000000000000001, 0x76c, 0x81, 0x7fffffff, 0x5]}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0xda}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x0, 0xa, 0x200, 0x6, 0x3}}, @svc={0x122, 0x40, {0x8400000a, [0x8, 0x2, 0x5, 0x72bb]}}, @msr={0x14, 0x20, {0x603000000013e6c6, 0x3}}, @eret={0xe6, 0x18, 0x9}, @svc={0x122, 0x40, {0xc4000001, [0xfff, 0x1, 0x5, 0x6, 0x8]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0xc0, 0x3, 0xa}}, @irq_setup={0x46, 0x18, {0x4, 0x2f2}}, @svc={0x122, 0x40, {0x5000000, [0xfffffffffffffffa, 0xa0d1, 0x3, 0x6, 0x7]}}, @svc={0x122, 0x40, {0xc4000001, [0x0, 0x0, 0xcf86, 0x3, 0x3]}}, @svc={0x122, 0x40, {0x8400000e, [0xe, 0x9c8f, 0x1, 0xe, 0xfc]}}, @eret={0xe6, 0x18, 0x9}, @smc={0x1e, 0x40, {0x1000, [0x8000, 0x5, 0x66, 0xfffffffffffff0aa, 0x9]}}, @svc={0x122, 0x40, {0x80000000, [0x6, 0x2, 0xffffffffffffffff, 0x7, 0x7]}}, @smc={0x1e, 0x40, {0x4000000, [0x0, 0x3, 0x15d, 0xb, 0x7]}}, @irq_setup={0x46, 0x18, {0x2, 0x2d2}}, @mrs={0xbe, 0x18, {0x603000000013c021}}, @uexit={0x0, 0x18, 0x293}], 0x3c8}], 0x1, 0x0, &(0x7f0000000cc0)=[@featur2={0x1, 0x40}], 0x1)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000d00), 0x2, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x12)

11m24.252653262s ago: executing program 39 (id=271):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x0, 0x80000)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x2, r2, 0x3})
r3 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xeeef0000, 0x0, r3}) (async)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x203, 0x0, 0x2, r2, 0xf})
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000040)={0x0, &(0x7f0000000200)=[@irq_setup={0x46, 0x18, {0x4, 0xfe}}, @svc={0x122, 0x40, {0x3, [0x0, 0x2, 0x0, 0xfffffffffffffffd, 0x9]}}, @msr={0x14, 0x20, {0x603000000013dea1, 0x5}}, @uexit={0x0, 0x18, 0x7fffffffffffffff}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x267}}, @mrs={0xbe, 0x18, {0x603000000013e660}}, @code={0xa, 0x84, {"007008d5000028d50048201e20069ad20000b0f2810080d2420080d2430080d2a40080d2020000d4000080d2007008d5a0eb82d20000b8f2210180d2020180d2630180d2e40080d2020000d4007008d500b8215e80ac8fd20080b8f2210080d2e20180d2430080d2640080d2020000d4"}}, @hvc={0x32, 0x40, {0x8400000c, [0x4, 0x401, 0x26, 0x7f, 0x7]}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x224}}, @code={0xa, 0x84, {"000028d5201a9cd20020b0f2410080d2e20180d2a30080d2640080d2020000d4000080b90000659ea0cf99d20060b8f2810080d2a20180d2030080d2e40080d2020000d400c8a00e0004809a007008d540a980d20020b8f2810180d2420080d2c30180d2a40180d2020000d4007008d5"}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x1fe}}, @memwrite={0x6e, 0x30, @generic={0xeeef0000, 0x171, 0xe45, 0x1}}, @irq_setup={0x46, 0x18, {0x3, 0x7d}}, @smc={0x1e, 0x40, {0x80000002, [0x4, 0x1, 0x9, 0x80000001, 0x401]}}, @hvc={0x32, 0x40, {0x84000051, [0x17f7570c, 0x0, 0xfffffffffffffff9, 0x4, 0x6]}}], 0x330}, &(0x7f0000000080)=[@featur2={0x1, 0x5}], 0x1)

2m36.640903851s ago: executing program 8 (id=272):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000000000000000000002000000ff"])
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r4, 0xae03, 0xcd)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f00000001c0)}, &(0x7f0000000040)=[@featur2={0x1, 0xa5}], 0x1)

2m28.290205925s ago: executing program 9 (id=273):
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0x2, 0xffffffffffffffff, 0x1})

2m12.318792915s ago: executing program 9 (id=274):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013df64, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df7f, 0x8000}}], 0x40}, &(0x7f0000000000)=[@featur1={0x1, 0x8}], 0x1)
r4 = eventfd2(0x0, 0x0)
close(r4)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x103801, 0x0)
write$eventfd(r4, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000180)=@arm64_extra={0x603000000013c025, &(0x7f00000000c0)=0x800})
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000140000, &(0x7f0000000000)=0x7})
r10 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x5)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f00000001c0)={0x6})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000240)={0x4, 0x9, 0x1}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2m11.02445949s ago: executing program 8 (id=275):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
r4 = mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x8)
r5 = eventfd2(0xd, 0x1)
close(r5)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r8, 0xae03, 0xe3)
r9 = openat$kvm(0x0, &(0x7f0000000200), 0x100, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r10, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0x1, 0x1001, 0x2}})
ioctl$KVM_SET_DEVICE_ATTR_vm(r10, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9e, 0x7fffffff, 0x2}})
r11 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3a)
ioctl$KVM_SET_USER_MEMORY_REGION2(r12, 0x40a0ae49, &(0x7f0000000040)={0x1fd, 0x3, 0x116000, 0x2000, &(0x7f0000ffd000/0x2000)=nil, 0x1ff})
r13 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}], 0x20}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r14, 0xae80, 0x0)
write$eventfd(r5, 0x0, 0x500)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000100)="4383fde698b2059f217724103cdb85f0412df5c51faed57c866c449b9a05988451e2d8454aa8a04f60715cb3125d2fa5caf287e80dfaabedabb319f7023efdcfc06716ac0eb1bac2", 0x0, 0x48)
r15 = eventfd2(0x0, 0x0)
close(r15)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40800, 0x0)

1m48.24798727s ago: executing program 9 (id=276):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000280)={0xffffffffffffffff, 0xc8, 0x1})
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r6 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000340)={0x1a64afb6, 0x8000000, 0x0, r6}) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000000)={0x80a0000}) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, <r9=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r9, 0x400454ce, 0x110c230008) (async)
r10 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2) (async)
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000240)=@attr_other={0x0, 0x8, 0x0, &(0x7f0000000300)=0x137}) (async)
r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x26)
syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) (async)
r14 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r15, 0xae60) (async)
r16 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0), 0x0, 0x0) (async)
r17 = syz_kvm_vgic_v3_setup(r13, 0x1, 0x100)
ioctl$KVM_SET_DEVICE_ATTR(r17, 0x4018aee1, &(0x7f0000000100)=@attr_other={0x0, 0x3ff, 0x7, &(0x7f0000000040)=0x9}) (async)
ioctl$KVM_RUN(r16, 0xae80, 0x0)

1m40.147904756s ago: executing program 8 (id=277):
ioctl$KVM_ARM_SET_DEVICE_ADDR(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000000)={0x5, 0x6000})
r0 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x10) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000080)=@attr_other={0x0, 0x2, 0x4, &(0x7f0000000040)=0x4}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x8100, 0x0)
ioctl$KVM_GET_ONE_REG(r0, 0x4010aeab, &(0x7f0000000140)=@arm64_ccsidr={0x6020000000110004, &(0x7f0000000100)})
ioctl$KVM_ARM_PREFERRED_TARGET(r0, 0x8020aeaf, &(0x7f0000000180))
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2c)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f00000001c0)={0x6}) (async)
ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000200)={0x3, 0x0, [{0x3, 0x2, 0x0, 0x0, @adapter={0x1, 0xc0, 0x5, 0x7f, 0x1}}, {0x0, 0x3, 0x1, 0x0, @adapter={0x7, 0x1c2, 0x5, 0x6}}, {0x2, 0x4, 0x0, 0x0, @adapter={0x6, 0x5, 0x5, 0x7, 0x5}}]}) (async)
ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, &(0x7f00000002c0)={0x3, [0x3, 0x1, 0x10001]}) (async)
r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfe000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000580)={0x0, &(0x7f0000000300)=[@msr={0x14, 0x20, {0x603000000013c2a6}}, @eret={0xe6, 0x18, 0x5}, @smc={0x1e, 0x40, {0x84000000, [0x4, 0xd08, 0x3, 0x8, 0x4]}}, @hvc={0x32, 0x40, {0x1000000, [0x1, 0x1, 0x743a550a, 0x8, 0x2]}}, @smc={0x1e, 0x40, {0xc4000014, [0x8001, 0x7f, 0x80000000, 0x7fffffff]}}, @uexit={0x0, 0x18, 0x9b}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x2, 0x4, 0x8000, 0x10000}}, @svc={0x122, 0x40, {0xc4000053, [0x0, 0x2c76, 0x1, 0x4, 0x101]}}, @smc={0x1e, 0x40, {0x84000051, [0x800, 0x2a, 0x0, 0xc3f, 0x3]}}, @uexit={0x0, 0x18, 0x7}, @svc={0x122, 0x40, {0x84000052, [0x311, 0x3ff, 0xa, 0x5]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff0, 0x80000000, 0xd}}, @uexit={0x0, 0x18, 0x8}], 0x258}, &(0x7f00000005c0)=[@featur2={0x1, 0x20}], 0x1)
ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, &(0x7f0000000600)={0x8, [0x2, 0x4, 0x1, 0x5, 0x6, 0x3, 0x3, 0x6]}) (async)
ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000680)={0x1, 0x0, [{0x6, 0x4, 0x1, 0x0, @adapter={0x7, 0xffffffff, 0x8, 0x8000, 0x8}}]}) (async)
ioctl$KVM_GET_ONE_REG(r0, 0x4010aeab, &(0x7f0000000700)=@arm64_fp_extra={0x60200000001000d5, &(0x7f00000006c0)=0x7}) (async)
ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000780)=@arm64_bitmap={0x6030000000160001, &(0x7f0000000740)=0x800})
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r4, 0x4018aee3, &(0x7f0000000800)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f00000007c0)=0x401}) (async)
mmap$KVM_VCPU(&(0x7f0000e71000/0x3000)=nil, 0x0, 0x100000b, 0x10010, r0, 0x0) (async)
syz_kvm_vgic_v3_setup(r2, 0x4, 0x1e0)
ioctl$KVM_GET_VCPU_EVENTS(r0, 0x8040ae9f, &(0x7f0000000840)=@arm64)
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x8040ae9f, &(0x7f0000000880)=@arm64) (async)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r4, 0x4018aee2, &(0x7f0000000900)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f00000008c0)=0xfffffffe}) (async)
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x8040ae9f, &(0x7f0000000940)) (async)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f00000009c0)=@arm64_core={0x603000000010004e, &(0x7f0000000980)=0x800}) (async)
r5 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000a00)={0x1, 0x10}) (async)
syz_kvm_setup_cpu$arm64(r0, r5, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000b00)=[{0x0, &(0x7f0000000a40)=[@mrs={0xbe, 0x18, {0x603000000013deb3}}, @uexit={0x0, 0x18, 0xc}, @its_setup={0x82, 0x28, {0x4, 0x0, 0xdc}}, @memwrite={0x6e, 0x30, @generic={0x2, 0x6ed, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x1, 0x9, 0x2, 0x3, 0x1}}], 0xb0}], 0x1, 0x0, &(0x7f0000000b40)=[@featur1={0x1, 0x24}], 0x1) (async)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r5, 0x4010aeab, &(0x7f0000000b80)={0x7, 0x3000})
ioctl$KVM_GET_ONE_REG(r0, 0x4010aeab, &(0x7f0000000c00)=@arm64_extra={0x603000000013c513, &(0x7f0000000bc0)=0x800})

1m25.160667081s ago: executing program 8 (id=278):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r4 = syz_kvm_vgic_v3_setup(r1, 0x2, 0x100) (async)
r5 = eventfd2(0x1, 0x80001)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r5, 0x3}) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r8, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ff8000/0x4000)=nil, r8, 0x3000005, 0x13, r6, 0x0) (async)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async, rerun: 64)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x5, &(0x7f0000000100)=0xfffffffffffffff7}) (rerun: 64)

1m21.834901108s ago: executing program 9 (id=279):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = eventfd2(0x0, 0x0)
r2 = mmap$KVM_VCPU(&(0x7f0000004000/0x4000)=nil, 0x930, 0xc0ffff, 0x11, r1, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8})
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100008, &(0x7f0000000040)})
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000540)=ANY=[@ANYRESOCT=r9, @ANYRES64=r2, @ANYRES32=r5, @ANYBLOB="2549cfe0eadb0bc031602395dd9f1ec1458aa58711e8f1d27c8c45dec69453c03765420f5ea43b10d63105c54b83eb6b0fd9cdff213a3652b3e4343856088729e7a120ea5bcaba13684193524dc8813adf58b3bf39a0b0902f9904a15cec5afb718e2008fca1bf82d605f1876b5fdd3dfae6f030d865535dc2ec9c7ca73fced8cde1457f89f903bde0c6a6e464c10d11cc518c48720bccb6e22825dbaf4f642d71153a39ff4aa8eea4d416927728744b0d542aa7aee8b98f78b3b300dec88b12b918e760938c5c01f92a9eed041b6f85d2b4cdd41681bc7150d559ea950f9aca039ea40cc33bdd86e768035dc5ed109d8aa79e6aafee46323d5a03d9d4702fd589909140d89c182c60ef0027ba80ef3201b5c4a93ae4c10be9e8aa72bf644334986e2e60b1235d44e7e3d4bdcf6a00d9e62fada7247c761a3331ed0e53ce4b713ebda0d53ddb65bbc29506da9a185236d6f73a65f4237c040c8f7dd5e978846c8585fafecd507fa2ff2d23af623b4ee5181176bca199733c3d6845389fc476e49e0e49eaac01daa3f62b85adcc3ed43c897119a2c1b9799f5677cfbfb665fe26692b64dc2fabaf4bebb4fe8a7295b8d836e20d33de2c23fdf12cdfd36a3d05c04de8f2bff8497634c81cb443c02c82ae6ab605d0ab42b2aee1c7292e5393b93c218488e67ea885cbb0b629364be591bd2fc2258f1d7b9b0ca2b295a590db25594bf54060bf5dcb5f4aa2712a5cf23ff06e4ceb19e0d66920df2ae91fa61ba0acda51b21e407f2605f694702ac5250d3a23b7e02c47f86c7a9ec7ee4d5ddb9cf19f3cb405e4d0da71d629f6c8910dfdf2ac328badfb34d082afa0b02d3e49247880a6d7254100e4ae6430255a740739c9f72b0c0ce7bf22fb2f440ce943b5fb854a5a20d461ddaa4a6e422e91bb8a3086bd6b0e6b25e2538d872b63dbb55368bcdda95c746d7ccce1e1e9ca1c8837a0dd7f1dea9d7ce03cdfe4ef555b76cc90296756eb09d49daefa03e3b34b32477affa63d18ca254ba7392065985b828e044f8faf368fcaae00937587ac8def60a5868dadccfbf24b5e68f4d691d885b01203d36afb24dac6693fe0b9440cce042633ae759dee4979ed4413fea350f2e704f90856ac7fa53cd8624a7e18ee3a15a07361a826c8a0fcf076db4f7e063a60f011d8c7c3a467247f53e3a225b43a6d7826983ea763f42a0317ccd903cb38c1e387833d72644a14613172b0c76aad2e7b262e4550110a020bcd970fa3e5bfb73cd238268bbe2f440309df0302db54448fe2b5f8024451d7f7dd7c5b50815f07fc6e445e414b468a9e16238d05fef4088a3eb3180f5198e980d9715ebeb3950da426627a1bb7edfc823b0d079fb896c4b1a93bdd128ca348daeb63481b520fa92b180ef028c5cbffee9d64a612649a57cb8ec0a852f748444e560b444762f3ed870fb1f189fba6a196491cf260036e3d8948e6e09dd950fec35b6bc08cae4ad3c4731ba1359538c0adb560c742637c75956faf0e2758c157eab92a74ac6b82f452c2f7e98ea47025c7a12d0486caebcc1e20d3fd57e11f033021057848b58f60c7c31cd89e67c1c0894eba3d035fbe78b151d36e57523ab334415c5bcf6e864eda5678e163909131080262073a680bcdf160891852d3b69bbfa2d1ce515fb7f1352f1e69fde6152b49cd077223e28e5cfaa9a0d00b3d80170c4db6d3bb444718810ae58a3e51517c98e50997b933bbced69c516e86027710f7b28019f1e36d924afc035bb273694e93482e91d9d7dd3f2fe8841c5b4ea81f8c75c8c882c8b80213a9371d1dbf7315262f3fd561d09993ca072c9b8f06dbe3817a39724dd6cffe67f09fd1ea7277fff8c63e1f0cbff6c5d36bb1346b5be1dff9ce1bf823c4f280c4251ee59df106c1ea6041d6019ccc277adf6fc3e480f0cf8ebc78bedc0b7afed0f18acf2132a7894311db4a8516b9b5937639b9c7e7e0ae049d4d5e8df646c271b9a880edfc8e12167fbf74490a8426c23cfe9ea9048c82a8e352e00e74c9fcdfca274dbcbaf835eea244f7828bcd3017cd6dc6cdf111194315a70a3e5ca372e47ee712345551e1487efd7e3e6872c33faf4f359c49545d4a2ff4ac7d79ebf8a10ec2dd2db6477a1ad7b583f54627fd7400f405a0034b612b0fa37f1238dfd9ae7447c567a1d84635af03cec676d04241c6c2476eb5a9f4ee978dfe89f6dd3eba2d8148537d025e1f8e82d92ae49b81a8a2ceb15e8ebb51eb5b0e59721c6821dee15cdaf9375acf7d5e742d5dbd1bbe0f85cd71dde6355517f6a58939f48954372bd1f9bf8b228619abaed8c24a480347b6d228a872306ae4afd267f9d0ea7e29af176f4fffa88e6464648fc1096bdc3221c7cfd9af5479cc40f36ce0cbfed6e9ba268d431a2a5424d5e8d8abf941e71cb2c77f2edcbd2957f41a8dac11ec95f333a60b2d8eb19b67fe52ab69fdd455c3b8ec3e656e098522a5dacdecc4b74d1ab790b3c62d7a5c60ac372f158846dd582b2715b1e351061deba506e3ac375c2c9369f2ecb62e942f3282c761a095d9834e445202e7b9e594ec83be130d8f514d27510098c03141daf82f473145c5b4da0c9c084aca8dfa109fa774bc9876e67eabfe8025c7dc4f9a19ece8314f5b980a62fdb728a156e7454626f7f515bf2e6746a2eb3051fb5b8457cb0659d388545b64c761009b6fa301531dfcaf9249b0f4e687bd9a2071293023cede27ef95beeadbe483ca30dfa15c805d8753b48a3001510765c0e0703fda0e17f408acf378b6587e0b0d33e9b8109c94c5e426f711d9a682e8b1d566013a323fa0a466c7800c2ded6df30d3db638b45ce0a2b0bf460f6b38da3af4811f05e21a24d770eb798918563ab752af2240b28d45a3de8526a78078e3d0a91940a862e22792b1dc4e2a995936e4fdcf72a9d73dc124051279576a6178a853c90264926bc12785d1cf019d5ded49ed1e7c70cfa5acc01d3d66c39deac9bf9145a7d2c6229dbae396eae673b19f837029085e3e98fe2010290a0c5128655901e88c974815ec6ec65801f5298e11a0d945eaf3115654fc37114281ddac1ade02f98e32842c48e14b14f153c298e64b56725c853f7d40fa9011749f46b6ddba24ff5c00d1adba456f7299b5cfc2e44bf63588357f9750e991012ba487523d9630b90363bf75560f2c2a3fc8abce2b5ae2404bb00d9a39708fe5f02f249d3c6d9b9ba11a9d431ee90e8cf268d73a12898f6e4e60f84efaf0d547d433afa59955e1a7d3f7288b393ee5c6a1d86effa6c08ed27135c3ef8f397f46d082d0a586c596983670fc83a6bef95ad63144a8c7e6b1d9eca73e5f5786ded3eb879250231ac4497e28a7feba3507fa9591eab29bac1098629377cd0649f240c27d4f669d55b205593be005fa9fb5eaac5850a42a4d12e67c791a0728fafd18a528462a27d1d21a20e32359889ac1eceb4f1ee6f7e56cfd092dd9f8e8e15731929d5143bdae27a50c767227ae9056281bd79dfedf7f110c45a327c8a3cf049edae057baf2354751b9e00085f12472e65c8f6be952d805d3bb5681bc24e959dd1e255068694bcc0c716e7fecc128064dd0cc13a8676c4c3df821782497d2743e8e436f3cfbf2face485c77ed56a7e34efd2cb1bab3cc3f9ab8708bee6f5f36f79f475b57b17c268f0da4746393f500ff53fe6f3e9994024cd1ebcddc25567e406a426a1fe3bb68d1decec16236c871585d03ddcd0876cae68a31b6eca299ba2da1150ace8244c65140c4759f60b726406a5cd7864a9b2424af3078a12affb22f4217bac84c7e17144a0ee4dc2faecbcd1a4285337414ef4e8bef88cf19a5d728af8839e7a5892b14cfd05077b3cc774217064ef0c62ed730044a0f7148beb960356c000357e0689ea38eb814366a270693036f685acc7b3145cb3655822935b5683a3b86c755d294063f82c99d70fd4b30e1bd36b4c0bd2991b0ebc0e6523a7bed1682f1628c6ca93ec9cf326906450ef35d055488f1278303c8f4c8d7e8a80ff2857fef51e38642fd77e5e2fe9c8975bf4b1686b294bc71401a3eaed322dbf12f789bacac3530a4676e2eebc633e370a8417d7ca9732ab731d71dbc530c0f458c0da97622ea1d9edeb3bdef2b875f5c061015b18f1017378704b404d9dffef6c33b025e4ce1345b95abb31f60235a896187c081affe5703bc896e3c620e82b654ac93a84e385e6d7732ed4305209f6cba9a3bd494b6218ea7479d56c0a50c3ac0676cec467934316be5500911fda966b986102a506ac7e417be95e10e3482cd2eda2e963a2de69b146824beef441521048620336c3453dbc1e0386babf5a18fe881247be4dc66c99f04d899503d7a55528b1462717499b14c659273026ea51fef4a17f88acf43e063044ee5ec49cf059e5e6ed2c857b741997e340acb5779a79b0fb480d17ea02de0bf0600d7d970abbd43200319f87228c6e093c6be3a7171b3177d796ea4417313a8c47463365a0d723ec85c436284d50e6aa12c4e617effa46168c62db5a024dbfc6747fad9de51f533799cf24e2e05466288d975de64c4cccba6a43c18cf35d27eeca404d366dfba317a9c1e181ee99f2d1f8fdcc04d4182c568be195a0762521ce7fd0ee7e6769797eeb7876b9de361e4867a09c32deb7d734f5da9677e12f3fb9bc48fda019c0fb40da2ab297b728a9d383d63c76dc4aa3d6ec5bc974822ac1257ec372337b9963772ebaabc0c6a14ae7520580a9eb0c1528e6c42d9123c3f0579c9dd2a7538235eb372c4050089ac995ad10f21fe373fdae436289aebbd811c48d17ac9a3aa89594568408fa732decb7fed5311545dc24034839085a1b0f19613fccc034965ceb96b066b9627453b08719c5c0c464d92f12e1a40caa4824df34d9fc9d7d73d4abae71a5bea27e03f1aaa3a6ad5cb0ec990df25d122f39673754d4e0d594e0c064948501767d0000def3a3fb01418f3ed63a89d863cb6fd9c5c1d4b163c1d53529776f7ce30928e660721c0dd0cddaab199f53a98bcc6328f1503e69e634d8e723df4ff5c006b3b9b6137fdd211905649a35d5bda0a97f3a578e03e5e0334285fe512027bdd25ef6a49691891445df7200224b964deed784f64b8861e01705836d27ddfd60abd2afbd5e688fd60f7a31251f5ed9faaa115f1d1584a15244302bd600d506a7b75ad9db987f4c71b588b2caed42944a6584737b665d02bcd66a7e8d7a2a5f72937ee16830a156b722338b0e6b1f5d5ae778a4a8aee5de52c12e4ab01c4f672f80b3d0081fe18f7437f724cfe3bb898fb18079f461b8114da818851ea94f81e434ab976063b0c897eca022384c2b7f458dae3a9d1649e760b218b32b5c0ecff0b12c5673e886bad953bc1b5ba5ea4ad6f556e8acd4e1c9abc5dd3dd2b35e789c7c10c9417ef79c50228195a19e131172c363db987063cd139f14a87c33f7c74f9f33620c407bdffac45b6edc7a32b5d833f780c514777ff78baf48e0fb9ac2402c24f5cd6dfc14a4bededcc85302647551cb125969a7662fffd075820f4a0171b1d2cb22a0ebb1283e9ed402c25cae7b39e22c0f5a5bf17fed4eec39e9a7fe551106df5acd7bddaca7d28fa7743e47e0a6676f38f4ce740e1aa4796635875fbd6382324a45bfd7fe36351bf8f37ec905eb58c59495378e19aed09cb92677b47402ef6d21f346e92693743c8856d247ec0f43c5089030810d3e499bb8f8a2d4d1b9d15ec1b6dc1aabc58b47c60d001b6a38d5fb9b4dd524384d2867c9cd4b98ed54f95893508b9f265ca2763bd51", @ANYRES32, @ANYRES8=r9, @ANYBLOB="aedd1817651626821dcfc099c25a889ffecc08b2c9fa1e7e6020bda84ffc5996454144ebaa87805265a8f7ef1e72fde647491c5ae00a799f0b31f0c65584573cac5dfbbbf6c5da83ba2fa63af3cd0c25f7f51df3dd"])
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000200)={0x0, &(0x7f0000000500)=[@mrs={0xbe, 0x18, {0x6030000000138056}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r14, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r14, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105})
ioctl$KVM_SET_DEVICE_ATTR_vm(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9e, 0x80000000, 0x2}})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r16, 0xc00caee0, &(0x7f0000000140)={0x4, <r17=>0xffffffffffffffff, 0x1})
write$eventfd(r17, &(0x7f00000001c0)=0xffffffffffffffff, 0xfdef)

1m4.441782283s ago: executing program 8 (id=280):
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x52)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x8001}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_assert_reg(r3, 0x603000000013dce8, 0x8000)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r5, 0x4018aee3, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000000c0)={0x8001, 0x6, 0x2}})
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x400454d9, 0x0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x6)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r6, 0x4018aee3, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x80, 0x1, 0x3}})
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f00000001c0)={0x6, 0x3})
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r9, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000000)=@arm64_sys={0x603000000013c038, 0x0})

49.000455094s ago: executing program 9 (id=281):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x7, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x27)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0)
r8 = syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000080)=@attr_other={0x0, 0x6, 0xffffffffffffffff, 0x0})
r9 = eventfd2(0x8801, 0x800)
r10 = eventfd2(0x3ff, 0x0)
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000000)={r10, 0x5, 0x2, r10})
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000080)={r9, 0x1, 0x2, r10})
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000140)={r10, 0x0, 0x1, r9})
openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000140)={0x4, <r13=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r13, 0x400454c9, 0x110c230008)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
r16 = ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r15, r16, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="be001a000000000018b6ab8d049602b5455fa72a33de0000695f10a9b3f5d2585c"], 0x18}], 0x1, 0x0, 0x0, 0x0)
eventfd2(0x0, 0x0)
eventfd2(0x0, 0x0)

15.663276809s ago: executing program 40 (id=280):
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x52)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x8001}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_assert_reg(r3, 0x603000000013dce8, 0x8000)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r5, 0x4018aee3, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000000c0)={0x8001, 0x6, 0x2}})
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x400454d9, 0x0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x6)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r6, 0x4018aee3, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x80, 0x1, 0x3}})
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f00000001c0)={0x6, 0x3})
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r9, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000000)=@arm64_sys={0x603000000013c038, 0x0})

0s ago: executing program 41 (id=281):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x7, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x27)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0)
r8 = syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000080)=@attr_other={0x0, 0x6, 0xffffffffffffffff, 0x0})
r9 = eventfd2(0x8801, 0x800)
r10 = eventfd2(0x3ff, 0x0)
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000000)={r10, 0x5, 0x2, r10})
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000080)={r9, 0x1, 0x2, r10})
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000140)={r10, 0x0, 0x1, r9})
openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000140)={0x4, <r13=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r13, 0x400454c9, 0x110c230008)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
r16 = ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r15, r16, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="be001a000000000018b6ab8d049602b5455fa72a33de0000695f10a9b3f5d2585c"], 0x18}], 0x1, 0x0, 0x0, 0x0)
eventfd2(0x0, 0x0)
eventfd2(0x0, 0x0)

kernel console output (not intermixed with test programs):

[  382.768571][ T3167] 8021q: adding VLAN 0 to HW filter on device bond0
[  417.868702][ T3167] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:63892' (ED25519) to the list of known hosts.
[  600.249361][   T25] audit: type=1400 audit(599.470:60): avc:  denied  { name_bind } for  pid=3320 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  601.155999][   T25] audit: type=1400 audit(600.380:61): avc:  denied  { execute } for  pid=3321 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  601.176687][   T25] audit: type=1400 audit(600.400:62): avc:  denied  { execute_no_trans } for  pid=3321 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  621.338575][   T25] audit: type=1400 audit(620.560:63): avc:  denied  { mounton } for  pid=3321 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  621.392869][   T25] audit: type=1400 audit(620.610:64): avc:  denied  { mount } for  pid=3321 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  621.475519][ T3321] cgroup: Unknown subsys name 'net'
[  621.547920][   T25] audit: type=1400 audit(620.770:65): avc:  denied  { unmount } for  pid=3321 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  622.030754][ T3321] cgroup: Unknown subsys name 'cpuset'
[  622.175827][ T3321] cgroup: Unknown subsys name 'rlimit'
[  623.124809][   T25] audit: type=1400 audit(622.340:66): avc:  denied  { setattr } for  pid=3321 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  623.149045][   T25] audit: type=1400 audit(622.370:67): avc:  denied  { mounton } for  pid=3321 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  623.165734][   T25] audit: type=1400 audit(622.390:68): avc:  denied  { mount } for  pid=3321 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  624.176725][ T3325] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  624.197221][   T25] audit: type=1400 audit(623.410:69): avc:  denied  { relabelto } for  pid=3325 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  624.216814][   T25] audit: type=1400 audit(623.440:70): avc:  denied  { write } for  pid=3325 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  624.399715][   T25] audit: type=1400 audit(623.620:71): avc:  denied  { read } for  pid=3321 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  624.426039][   T25] audit: type=1400 audit(623.640:72): avc:  denied  { open } for  pid=3321 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  624.468249][ T3321] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  676.783276][   T25] audit: type=1400 audit(675.990:73): avc:  denied  { execmem } for  pid=3326 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  681.137337][   T25] audit: type=1400 audit(680.360:74): avc:  denied  { read } for  pid=3328 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  681.174739][   T25] audit: type=1400 audit(680.370:75): avc:  denied  { open } for  pid=3328 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  681.257782][   T25] audit: type=1400 audit(680.460:76): avc:  denied  { mounton } for  pid=3328 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  681.525327][   T25] audit: type=1400 audit(680.740:77): avc:  denied  { module_request } for  pid=3328 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  681.545229][   T25] audit: type=1400 audit(680.770:78): avc:  denied  { module_request } for  pid=3329 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  682.494936][   T25] audit: type=1400 audit(681.700:79): avc:  denied  { sys_module } for  pid=3329 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  708.527302][ T3328] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  708.793723][ T3328] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  709.317462][ T3329] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  709.484778][ T3329] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  720.695006][ T3328] hsr_slave_0: entered promiscuous mode
[  720.723582][ T3328] hsr_slave_1: entered promiscuous mode
[  722.305989][ T3329] hsr_slave_0: entered promiscuous mode
[  722.360429][ T3329] hsr_slave_1: entered promiscuous mode
[  722.403214][ T3329] debugfs: 'hsr0' already exists in 'hsr'
[  722.408224][ T3329] Cannot create hsr debugfs directory
[  730.583309][   T25] audit: type=1400 audit(729.800:80): avc:  denied  { create } for  pid=3328 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  730.642579][   T25] audit: type=1400 audit(729.850:81): avc:  denied  { write } for  pid=3328 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  730.673866][   T25] audit: type=1400 audit(729.890:82): avc:  denied  { read } for  pid=3328 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  730.849896][ T3328] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  731.317006][ T3328] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  731.556124][ T3328] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  731.869965][ T3328] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  733.349755][ T3329] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  733.569595][ T3329] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  733.803660][ T3329] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  734.016107][ T3329] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  745.578717][ T3328] 8021q: adding VLAN 0 to HW filter on device bond0
[  747.808491][ T3329] 8021q: adding VLAN 0 to HW filter on device bond0
[  800.038069][ T3328] veth0_vlan: entered promiscuous mode
[  800.516880][ T3328] veth1_vlan: entered promiscuous mode
[  801.615358][ T3329] veth0_vlan: entered promiscuous mode
[  802.198968][ T3329] veth1_vlan: entered promiscuous mode
[  803.150029][ T3328] veth0_macvtap: entered promiscuous mode
[  803.526034][ T3328] veth1_macvtap: entered promiscuous mode
[  804.800252][ T3329] veth0_macvtap: entered promiscuous mode
[  805.269382][ T3329] veth1_macvtap: entered promiscuous mode
[  805.724554][ T3355] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  805.755860][ T3436] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  805.793918][ T3437] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  805.837956][ T3437] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  808.415559][   T25] audit: type=1400 audit(807.630:83): avc:  denied  { mount } for  pid=3328 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  808.524261][   T50] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  808.528993][   T50] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  808.552270][   T50] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  808.559419][   T50] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  808.684471][   T25] audit: type=1400 audit(807.900:84): avc:  denied  { mounton } for  pid=3328 comm="syz-executor" path="/syzkaller.01AfJs/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  808.860750][   T25] audit: type=1400 audit(808.060:85): avc:  denied  { mount } for  pid=3328 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  809.217987][   T25] audit: type=1400 audit(808.440:86): avc:  denied  { mounton } for  pid=3328 comm="syz-executor" path="/syzkaller.01AfJs/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  809.352917][   T25] audit: type=1400 audit(808.560:87): avc:  denied  { mounton } for  pid=3328 comm="syz-executor" path="/syzkaller.01AfJs/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3797 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  810.175178][   T25] audit: type=1400 audit(809.390:88): avc:  denied  { unmount } for  pid=3328 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  810.473985][   T25] audit: type=1400 audit(809.690:89): avc:  denied  { mounton } for  pid=3328 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  810.547971][   T25] audit: type=1400 audit(809.770:90): avc:  denied  { mount } for  pid=3328 comm="syz-executor" name="/" dev="gadgetfs" ino=3808 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  810.754551][   T25] audit: type=1400 audit(809.970:91): avc:  denied  { mount } for  pid=3328 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  810.832795][   T25] audit: type=1400 audit(810.020:92): avc:  denied  { mounton } for  pid=3328 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  811.784269][ T3328] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  823.238792][   T25] kauditd_printk_skb: 4 callbacks suppressed
[  823.239701][   T25] audit: type=1400 audit(822.340:97): avc:  denied  { read } for  pid=3487 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  823.240559][   T25] audit: type=1400 audit(822.460:98): avc:  denied  { open } for  pid=3487 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  823.512112][   T25] audit: type=1400 audit(822.700:99): avc:  denied  { ioctl } for  pid=3487 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  826.665678][   T25] audit: type=1400 audit(825.790:100): avc:  denied  { write } for  pid=3488 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  848.697647][ T3506] kvm [3506]: Failed to find VMA for hva 0x20d8d000
[  863.826417][   T25] audit: type=1400 audit(863.040:101): avc:  denied  { setattr } for  pid=3515 comm="syz.0.9" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  890.764185][   T25] audit: type=1400 audit(889.980:102): avc:  denied  { execute } for  pid=3529 comm="syz.0.14" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4601 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  922.050024][   T25] audit: type=1400 audit(921.270:103): avc:  denied  { append } for  pid=3546 comm="syz.1.19" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1039.849885][   T25] audit: type=1400 audit(1039.070:104): avc:  denied  { create } for  pid=3627 comm="syz.0.39" anonclass=[kvm-gmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1040.493891][   T25] audit: type=1400 audit(1039.710:105): avc:  denied  { map } for  pid=3627 comm="syz.0.39" path="anon_inode:[kvm-gmem]" dev="anon_inodefs" ino=6133 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1040.602837][   T25] audit: type=1400 audit(1039.800:106): avc:  denied  { read } for  pid=3627 comm="syz.0.39" path="anon_inode:[kvm-gmem]" dev="anon_inodefs" ino=6133 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1083.000416][   T25] audit: type=1400 audit(1082.220:107): avc:  denied  { ioctl } for  pid=3659 comm="syz.1.47" path="net:[4026532624]" dev="nsfs" ino=4026532624 ioctlcmd=0x582a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1112.074554][ T3680] kvm [3680]: Failed to find VMA for hva 0x21016000
[ 1186.524338][ T3733] kvm [3732]: Unsupported guest access at: eeef0000
[ 1186.524338][ T3733]  { Op0( 2), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read },
[ 1209.808316][ T3746] kvm [3746]: Failed to find VMA for hva 0x20c01000
[ 1210.025804][ T3746] kvm [3746]: Failed to find VMA for hva 0x20c01000
[ 1223.856081][ T3754] kvm [3754]: Failed to find VMA for hva 0x20c01000
[ 1355.873401][ T3839] kvm [3839]: Failed to find VMA for hva 0x20c01000
[ 1408.289635][ T3883] kvm [3883]: Failed to find VMA for hva 0x21016000
[ 1408.339770][ T3884] kvm [3884]: Failed to find VMA for hva 0x21016000
[ 1598.949589][ T3935] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1599.718505][ T3935] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1600.754151][ T3935] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1601.794639][ T3935] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1618.795202][ T3935] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1619.310322][ T3935] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1619.605217][ T3935] bond0 (unregistering): Released all slaves
[ 1621.915483][ T3935] hsr_slave_0: left promiscuous mode
[ 1621.982405][ T3935] hsr_slave_1: left promiscuous mode
[ 1622.363802][ T3935] veth1_macvtap: left promiscuous mode
[ 1622.388793][ T3935] veth0_macvtap: left promiscuous mode
[ 1622.408636][ T3935] veth1_vlan: left promiscuous mode
[ 1622.421873][ T3935] veth0_vlan: left promiscuous mode
[ 1638.758309][ T3935] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1639.860215][ T3935] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1640.768027][ T3935] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1641.789183][ T3935] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1655.767889][ T3935] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1655.844938][ T3935] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1655.899971][ T3935] bond0 (unregistering): Released all slaves
[ 1657.473372][ T3935] hsr_slave_0: left promiscuous mode
[ 1657.525976][ T3935] hsr_slave_1: left promiscuous mode
[ 1658.067228][ T3935] veth1_macvtap: left promiscuous mode
[ 1658.070603][ T3935] veth0_macvtap: left promiscuous mode
[ 1658.093952][ T3935] veth1_vlan: left promiscuous mode
[ 1658.103266][ T3935] veth0_vlan: left promiscuous mode
[ 1675.375075][ T3965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1675.668887][ T3965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1688.404891][ T3974] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1688.575560][ T3974] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1694.555871][ T3965] hsr_slave_0: entered promiscuous mode
[ 1694.619035][ T3965] hsr_slave_1: entered promiscuous mode
[ 1705.900755][ T3965] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1706.265667][ T3965] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1706.507317][ T3965] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1706.689598][ T3965] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1708.494998][ T3974] hsr_slave_0: entered promiscuous mode
[ 1708.517428][ T3974] hsr_slave_1: entered promiscuous mode
[ 1708.538225][ T3974] debugfs: 'hsr0' already exists in 'hsr'
[ 1708.542143][ T3974] Cannot create hsr debugfs directory
[ 1720.964306][ T3974] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1721.235173][ T3974] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1721.446476][ T3974] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1721.748324][ T3974] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1728.163892][ T3965] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1747.767649][ T3974] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1819.419118][ T3965] veth0_vlan: entered promiscuous mode
[ 1820.226093][ T3965] veth1_vlan: entered promiscuous mode
[ 1822.845072][ T3965] veth0_macvtap: entered promiscuous mode
[ 1823.273746][ T3965] veth1_macvtap: entered promiscuous mode
[ 1826.132944][ T3935] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1826.159886][ T4092] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1826.218382][ T4092] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1826.219500][ T4092] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1840.270357][ T3974] veth0_vlan: entered promiscuous mode
[ 1841.157753][ T3974] veth1_vlan: entered promiscuous mode
[ 1844.516787][ T3974] veth0_macvtap: entered promiscuous mode
[ 1845.078806][ T3974] veth1_macvtap: entered promiscuous mode
[ 1849.079664][ T3989] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1849.205439][ T3989] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1849.302548][ T3989] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1849.308178][ T3989] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2242.048566][   T43] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2243.208517][   T43] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2244.666924][   T43] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2245.869800][   T43] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2266.595389][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2267.249334][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2267.598157][   T43] bond0 (unregistering): Released all slaves
[ 2270.354449][   T43] hsr_slave_0: left promiscuous mode
[ 2270.477223][   T43] hsr_slave_1: left promiscuous mode
[ 2271.399214][   T43] veth1_macvtap: left promiscuous mode
[ 2271.486372][   T43] veth0_macvtap: left promiscuous mode
[ 2271.504791][   T43] veth1_vlan: left promiscuous mode
[ 2271.514148][   T43] veth0_vlan: left promiscuous mode
[ 2356.067403][ T4433] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2356.480826][ T4433] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2390.039019][ T4433] hsr_slave_0: entered promiscuous mode
[ 2390.167875][ T4433] hsr_slave_1: entered promiscuous mode
[ 2390.306231][ T4433] debugfs: 'hsr0' already exists in 'hsr'
[ 2390.314783][ T4433] Cannot create hsr debugfs directory
[ 2413.017664][ T4433] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2413.637908][ T4433] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2414.070167][ T4433] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2414.825108][ T4433] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2443.620682][ T4433] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2492.345300][ T3414] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2494.035020][ T3414] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2495.693197][ T3414] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2497.145963][ T3414] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2516.227700][ T3414] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2516.408761][ T3414] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2516.584130][ T3414] bond0 (unregistering): Released all slaves
[ 2520.423194][ T3414] hsr_slave_0: left promiscuous mode
[ 2520.582062][ T3414] hsr_slave_1: left promiscuous mode
[ 2521.442126][ T3414] veth1_macvtap: left promiscuous mode
[ 2521.443557][ T3414] veth0_macvtap: left promiscuous mode
[ 2521.496368][ T3414] veth1_vlan: left promiscuous mode
[ 2521.547462][ T3414] veth0_vlan: left promiscuous mode
[ 2594.898393][ T4600] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2595.148987][ T4600] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2600.855430][ T4433] veth0_vlan: entered promiscuous mode
[ 2601.724288][ T4433] veth1_vlan: entered promiscuous mode
[ 2604.310643][ T4433] veth0_macvtap: entered promiscuous mode
[ 2604.709858][ T4433] veth1_macvtap: entered promiscuous mode
[ 2607.606989][ T3414] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2607.608494][ T3414] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2607.719444][ T3414] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2607.725783][ T3414] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2628.538769][ T4600] hsr_slave_0: entered promiscuous mode
[ 2628.705969][ T4600] hsr_slave_1: entered promiscuous mode
[ 2654.580053][ T4600] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2655.100284][ T4600] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2655.659607][ T4600] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2656.080408][ T4600] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2691.305518][ T4600] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2855.289365][ T4600] veth0_vlan: entered promiscuous mode
[ 2856.546352][ T4600] veth1_vlan: entered promiscuous mode
[ 2860.456136][ T4600] veth0_macvtap: entered promiscuous mode
[ 2861.317060][ T4600] veth1_macvtap: entered promiscuous mode
[ 2864.987945][   T50] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2865.003053][   T50] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2865.027787][   T50] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2865.048800][   T50] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2988.218516][ T4389] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2989.976186][ T4389] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2992.849258][ T4389] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2994.373367][ T4389] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3016.938151][ T4389] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3017.185256][ T4389] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3017.716972][ T4389] bond0 (unregistering): Released all slaves
[ 3020.324811][ T4389] hsr_slave_0: left promiscuous mode
[ 3020.456919][ T4389] hsr_slave_1: left promiscuous mode
[ 3021.294054][ T4389] veth1_macvtap: left promiscuous mode
[ 3021.299247][ T4389] veth0_macvtap: left promiscuous mode
[ 3021.309828][ T4389] veth1_vlan: left promiscuous mode
[ 3021.365627][ T4389] veth0_vlan: left promiscuous mode
[ 3045.480410][ T4389] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3046.926199][ T4389] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3048.530318][ T4389] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3049.930120][ T4389] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3073.203891][ T4389] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3073.520151][ T4389] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3073.865443][ T4389] bond0 (unregistering): Released all slaves
[ 3077.479920][ T4389] hsr_slave_0: left promiscuous mode
[ 3077.671908][ T4389] hsr_slave_1: left promiscuous mode
[ 3078.253075][ T4389] veth1_macvtap: left promiscuous mode
[ 3078.256398][ T4389] veth0_macvtap: left promiscuous mode
[ 3078.303766][ T4389] veth1_vlan: left promiscuous mode
[ 3078.339838][ T4389] veth0_vlan: left promiscuous mode
[ 3135.712425][ T4909] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3136.617330][ T4909] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3138.012354][ T4913] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3138.987144][ T4913] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3163.234108][ T4909] hsr_slave_0: entered promiscuous mode
[ 3163.295645][ T4909] hsr_slave_1: entered promiscuous mode
[ 3166.027651][ T4913] hsr_slave_0: entered promiscuous mode
[ 3166.085735][ T4913] hsr_slave_1: entered promiscuous mode
[ 3166.150756][ T4913] debugfs: 'hsr0' already exists in 'hsr'
[ 3166.215754][ T4913] Cannot create hsr debugfs directory
[ 3186.455040][ T4909] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 3187.179179][ T4909] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 3187.938663][ T4909] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 3188.860012][ T4909] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 3195.905821][ T4913] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 3196.287757][ T4913] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 3196.786501][ T4913] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 3197.455497][ T4913] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 3222.655200][ T4909] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3229.146750][ T4913] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3377.035666][ T4909] veth0_vlan: entered promiscuous mode
[ 3378.393745][ T4909] veth1_vlan: entered promiscuous mode
[ 3383.844049][ T4909] veth0_macvtap: entered promiscuous mode
[ 3385.000728][ T4909] veth1_macvtap: entered promiscuous mode
[ 3385.274440][ T4913] veth0_vlan: entered promiscuous mode
[ 3387.547894][ T4913] veth1_vlan: entered promiscuous mode
[ 3391.988316][ T3414] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3392.003888][ T3414] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3392.043064][ T3414] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3392.074284][ T3414] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3395.853826][ T4913] veth0_macvtap: entered promiscuous mode
[ 3397.124322][ T4913] veth1_macvtap: entered promiscuous mode
[ 3402.663630][ T3437] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3402.684306][ T3437] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3402.702340][ T3437] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3402.716584][ T3437] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3911.010271][ T4441] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3913.296160][ T4441] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3915.184044][ T4441] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3917.177265][ T4441] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3940.276181][ T4441] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3940.623329][ T4441] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3940.928370][ T4441] bond0 (unregistering): Released all slaves
[ 3943.642624][ T4441] hsr_slave_0: left promiscuous mode
[ 3943.964569][ T4441] hsr_slave_1: left promiscuous mode
[ 3944.680092][ T4441] veth1_macvtap: left promiscuous mode
[ 3944.763099][ T4441] veth0_macvtap: left promiscuous mode
[ 3944.778044][ T4441] veth1_vlan: left promiscuous mode
[ 3944.796953][ T4441] veth0_vlan: left promiscuous mode
[ 3982.258881][ T4441] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3983.939157][ T4441] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3985.626008][ T4441] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3987.156148][ T4441] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4011.334890][ T4441] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4011.624876][ T4441] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4011.794726][ T4441] bond0 (unregistering): Released all slaves
[ 4014.418817][ T4441] hsr_slave_0: left promiscuous mode
[ 4014.568031][ T4441] hsr_slave_1: left promiscuous mode
[ 4015.345930][ T4441] veth1_macvtap: left promiscuous mode
[ 4015.363204][ T4441] veth0_macvtap: left promiscuous mode
[ 4015.367729][ T4441] veth1_vlan: left promiscuous mode
[ 4015.406394][ T4441] veth0_vlan: left promiscuous mode
[ 4081.304863][ T5372] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4081.617713][ T5372] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4085.865173][ T5377] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4086.268172][ T5377] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4119.957089][ T5372] hsr_slave_0: entered promiscuous mode
[ 4120.057943][ T5372] hsr_slave_1: entered promiscuous mode
[ 4123.198819][ T5377] hsr_slave_0: entered promiscuous mode
[ 4123.265800][ T5377] hsr_slave_1: entered promiscuous mode
[ 4123.386168][ T5377] debugfs: 'hsr0' already exists in 'hsr'
[ 4123.405917][ T5377] Cannot create hsr debugfs directory
[ 4145.383563][ T5372] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 4146.288168][ T5372] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 4147.039966][ T5372] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 4147.914955][ T5372] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 4156.516775][ T5377] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 4157.216183][ T5377] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 4158.014397][ T5377] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 4158.737138][ T5377] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 4188.974306][ T5372] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4197.680418][ T5377] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4374.357522][ T5372] veth0_vlan: entered promiscuous mode
[ 4375.977717][ T5372] veth1_vlan: entered promiscuous mode
[ 4382.385202][ T5372] veth0_macvtap: entered promiscuous mode
[ 4383.503963][ T5377] veth0_vlan: entered promiscuous mode
[ 4383.936018][ T5372] veth1_macvtap: entered promiscuous mode
[ 4386.808936][ T5377] veth1_vlan: entered promiscuous mode
[ 4392.305365][ T3414] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4392.353704][ T5376] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4392.414710][ T5527] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4392.432334][ T5527] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4395.756109][ T5377] veth0_macvtap: entered promiscuous mode
[ 4397.564890][ T5377] veth1_macvtap: entered promiscuous mode
[ 4405.617604][ T3437] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4405.645444][ T3437] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4405.737312][ T4908] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4405.774977][ T5144] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4495.722724][   T25] audit: type=1400 audit(4494.920:108): avc:  denied  { map } for  pid=5649 comm="syz.8.278" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 4495.903698][   T25] audit: type=1400 audit(4495.110:109): avc:  denied  { execute } for  pid=5649 comm="syz.8.278" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 4730.370314][ T5680] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4731.154918][ T5680] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4752.505094][ T5687] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4753.123472][ T5687] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4793.938580][ T5680] hsr_slave_0: entered promiscuous mode
[ 4794.282043][ T5680] hsr_slave_1: entered promiscuous mode
[ 4794.392939][ T5680] debugfs: 'hsr0' already exists in 'hsr'
[ 4794.434131][ T5680] Cannot create hsr debugfs directory
[ 4821.133409][ T5687] hsr_slave_0: entered promiscuous mode
[ 4821.260171][ T5687] hsr_slave_1: entered promiscuous mode
[ 4821.482765][ T5687] debugfs: 'hsr0' already exists in 'hsr'
[ 4821.525816][ T5687] Cannot create hsr debugfs directory
[ 4870.875557][ T5680] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 4872.057838][ T5680] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 4875.886649][ T5680] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 4877.107255][ T5680] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 4900.320415][ T5687] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 4901.153218][ T5687] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 4901.953532][ T5687] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 4902.808577][ T5687] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 4939.874129][ T5680] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4957.877773][ T5687] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4983.044578][   T27] INFO: task syz.9.281:5668 blocked for more than 430 seconds.
[ 4983.103328][   T27]       Not tainted syzkaller #0
[ 4983.135779][   T27]       Blocked by coredump.
[ 4983.136262][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 4983.136743][   T27] task:syz.9.281       state:D stack:0     pid:5668  tgid:5665  ppid:5377   task_flags:0x40044c flags:0x00000019
[ 4983.138288][   T27] Call trace:
[ 4983.138819][   T27]  __switch_to+0x584/0xb20 (T)
[ 4983.226275][   T27]  __schedule+0x1eec/0x33a4
[ 4983.263412][   T27]  schedule+0xac/0x27c
[ 4983.302117][   T27]  schedule_timeout+0x5c/0x1e4
[ 4983.305179][   T27]  do_wait_for_common+0x28c/0x444
[ 4983.305808][   T27]  wait_for_completion+0x44/0x5c
[ 4983.306312][   T27]  __synchronize_srcu+0x2a4/0x320
[ 4983.306843][   T27]  synchronize_srcu+0x3cc/0x4f0
[ 4983.307328][   T27]  __mmu_notifier_release+0x424/0x614
[ 4983.307780][   T27]  exit_mmap+0xbc/0xbbc
[ 4983.308230][   T27]  __mmput+0x10c/0x530
[ 4983.308724][   T27]  mmput+0x70/0xac
[ 4983.309203][   T27]  exit_mm+0x158/0x258
[ 4983.309664][   T27]  do_exit+0x788/0x2378
[ 4983.310127][   T27]  do_group_exit+0x1d4/0x2ac
[ 4983.310630][   T27]  get_signal+0x1440/0x1554
[ 4983.433170][   T27]  arch_do_signal_or_restart+0x23c/0x4d98
[ 4983.433869][   T27]  exit_to_user_mode_loop+0x7c/0x178
[ 4983.434346][   T27]  el0_svc+0x170/0x234
[ 4983.434868][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 4983.435346][   T27]  el0t_64_sync+0x198/0x19c
[ 4983.436916][   T27] 
[ 4983.436916][   T27] Showing all locks held in the system:
[ 4983.437403][   T27] 1 lock held by khungtaskd/27:
[ 4983.437804][   T27]  #0: ffff800087957208 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[ 4983.440379][   T27] 2 locks held by getty/3195:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 4983.440757][   T27]  #0: 02f00000120328a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 4983.596779][   T27]  #1: 67ff80008c6db2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8
[ 4983.598564][   T27] 2 locks held by syz-executor/3321:
[ 4983.598963][   T27] 3 locks held by kworker/u4:9/4092:
[ 4983.599303][   T27] 2 locks held by kworker/u4:10/4462:
[ 4983.599596][   T27]  #0: 85f000000cc26948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 4983.745418][   T27]  #1: ffff80008e8f7c88 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 4983.747373][   T27] 3 locks held by kworker/u4:1/4908:
[ 4983.747766][   T27] 3 locks held by kworker/u4:12/5374:
[ 4983.748111][   T27] 3 locks held by kworker/u4:14/5376:
[ 4983.748456][   T27] 3 locks held by kworker/u4:15/5527:
[ 4983.748786][   T27] 2 locks held by kworker/0:7/5623:
[ 4983.749117][   T27] 2 locks held by syz.8.280/5660:
[ 4983.749423][   T27] 2 locks held by syz-executor/5680:
[ 4983.749792][   T27] 3 locks held by kworker/u4:16/5822:
[ 4983.750125][   T27] 2 locks held by dhcpcd-run-hook/5826:
[ 4983.750476][   T27] 1 lock held by modprobe/5835:
[ 4983.843880][   T27] 
[ 4983.862737][   T27] =============================================
[ 4983.862737][   T27] 
[ 5004.165068][   T27] INFO: task syz.9.281:5668 blocked for more than 451 seconds.
[ 5004.194120][   T27]       Not tainted syzkaller #0
[ 5004.212884][   T27]       Blocked by coredump.
[ 5004.213489][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 5004.213829][   T27] task:syz.9.281       state:D stack:0     pid:5668  tgid:5665  ppid:5377   task_flags:0x40044c flags:0x00000019
[ 5004.214635][   T27] Call trace:
[ 5004.214920][   T27]  __switch_to+0x584/0xb20 (T)
[ 5004.215416][   T27]  __schedule+0x1eec/0x33a4
[ 5004.215907][   T27]  schedule+0xac/0x27c
[ 5004.216333][   T27]  schedule_timeout+0x5c/0x1e4
[ 5004.216835][   T27]  do_wait_for_common+0x28c/0x444
[ 5004.217292][   T27]  wait_for_completion+0x44/0x5c
[ 5004.217753][   T27]  __synchronize_srcu+0x2a4/0x320
[ 5004.218241][   T27]  synchronize_srcu+0x3cc/0x4f0
[ 5004.218729][   T27]  __mmu_notifier_release+0x424/0x614
[ 5004.219164][   T27]  exit_mmap+0xbc/0xbbc
[ 5004.219580][   T27]  __mmput+0x10c/0x530
[ 5004.220074][   T27]  mmput+0x70/0xac
[ 5004.220532][   T27]  exit_mm+0x158/0x258
[ 5004.373561][   T27]  do_exit+0x788/0x2378
[ 5004.377522][   T27]  do_group_exit+0x1d4/0x2ac
[ 5004.378171][   T27]  get_signal+0x1440/0x1554
[ 5004.378732][   T27]  arch_do_signal_or_restart+0x23c/0x4d98
[ 5004.379243][   T27]  exit_to_user_mode_loop+0x7c/0x178
[ 5004.379686][   T27]  el0_svc+0x170/0x234
[ 5004.380184][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 5004.380679][   T27]  el0t_64_sync+0x198/0x19c
[ 5004.462961][   T27] 
[ 5004.462961][   T27] Showing all locks held in the system:
[ 5004.463347][   T27] 1 lock held by khungtaskd/27:
[ 5004.463688][   T27]  #0: ffff800087957208 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[ 5004.465385][   T27] 3 locks held by kworker/u4:4/50:
[ 5004.465850][   T27] 2 locks held by getty/3195:
[ 5004.466161][   T27]  #0: 02f00000120328a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 5004.467893][   T27]  #1: 67ff80008c6db2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8
[ 5004.469500][   T27] 2 locks held by kworker/u4:6/3414:
[ 5004.469846][   T27] 2 locks held by kworker/u4:9/4092:
[ 5004.470193][   T27] 2 locks held by dhcpcd/4369:
[ 5004.470582][   T27] 3 locks held by kworker/u4:12/5374:
[ 5004.623307][   T27] 3 locks held by kworker/u4:14/5376:
[ 5004.624146][   T27] 3 locks held by kworker/u4:15/5527:
[ 5004.624543][   T27] 2 locks held by syz.8.280/5660:
[ 5004.624893][   T27] 2 locks held by syz-executor/5680:
[ 5004.625194][   T27] 2 locks held by syz-executor/5687:
[ 5004.625551][   T27] 3 locks held by kworker/u4:16/5822:
[ 5004.625890][   T27] 2 locks held by dhcpcd-run-hook/5840:
[ 5004.626292][   T27] 
[ 5004.626537][   T27] =============================================
[ 5004.626537][   T27]