last executing test programs:

1h27m46.526140621s ago: executing program 32 (id=157):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33)
ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000080)={0xc0, 0x0, 0xc000})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8a900, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x5) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013e110, 0x0}) (async)
r7 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x2000)=nil, 0x930, 0xc, 0x80010, r7, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee2, &(0x7f0000000140)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f00000000c0)=0x19})
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r3, 0x4010aeb5, &(0x7f0000000100)={0x0, 0x1})

1h27m35.832754862s ago: executing program 33 (id=159):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x80, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000002c0)={0x0, &(0x7f0000000240)=[@its_setup={0x82, 0x28, {0x3, 0x0, 0x16f}}, @svc={0x122, 0x40, {0x84000003, [0x9, 0x2, 0x4, 0xe1]}}], 0x68}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r6=>0xffffffffffffffff})
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x3}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x29f}}], 0x50}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r8 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x21)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001})
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xa2)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000140)={0x4, <r13=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x40305829, &(0x7f0000000040)=@attr_other={0x0, 0x2, 0x6})
syz_kvm_vgic_v3_setup(r8, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x8, <r14=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)

1h19m36.344003321s ago: executing program 2 (id=189):
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) (async, rerun: 64)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000080)=@arm64_sys={0x603000000013de95, &(0x7f0000000140)}) (async, rerun: 64)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xa08000, 0x0) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)

1h19m25.364551382s ago: executing program 2 (id=191):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000040)={0x7, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000200)=@attr_arm64={0x0, 0x1, 0x1, &(0x7f00000001c0)=0xc})
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31)
ioctl$KVM_CHECK_EXTENSION_VM(r5, 0xae03, 0x80)
r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000080)={0x4, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, 0xffffffffffffffff)

1h18m38.881005091s ago: executing program 34 (id=191):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000040)={0x7, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000200)=@attr_arm64={0x0, 0x1, 0x1, &(0x7f00000001c0)=0xc})
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31)
ioctl$KVM_CHECK_EXTENSION_VM(r5, 0xae03, 0x80)
r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000080)={0x4, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, 0xffffffffffffffff)

1h13m2.232447604s ago: executing program 3 (id=222):
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x0, 0x18, 0x10010, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0xdc032, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bc5000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013dce6}}], 0x18}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000100)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f00000000c0)={0x2, 0x4, 0x1}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000040)={0x7, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000200)=@attr_arm64={0x0, 0x1, 0x1, &(0x7f00000001c0)=0xc})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000b80)={0x0, &(0x7f0000000640)=[@smc={0x1e, 0x40, {0xc4000012, [0x80, 0x4, 0x0, 0x4, 0x8001]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r11, 0x4018aee3, &(0x7f0000000080)=@attr_other={0x0, 0xb, 0x8, &(0x7f0000000040)=0x1})

1h12m50.773038659s ago: executing program 3 (id=223):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000d70000/0x3000)=nil, 0x3000)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000180)=@arm64_core={0x603000000010000e, &(0x7f0000000000)=0x3}) (async)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r6, 0x1, 0x100) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
syz_kvm_setup_cpu$arm64(r6, r8, &(0x7f00009a7000/0x400000)=nil, &(0x7f0000000300)=[{0x0, &(0x7f0000000c00)=[@its_setup={0x82, 0x28, {0x0, 0x4, 0x44}}, @eret={0xe6, 0x18, 0xfff}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x200}}, @svc={0x122, 0x40, {0x86000001, [0x240000000000, 0x2, 0x9, 0x40, 0x40]}}, @mrs={0xbe, 0x18, {0x603000000013c200}}, @irq_setup={0x46, 0x18, {0x3, 0x114}}, @smc={0x1e, 0x40, {0x8, [0x7, 0xb, 0x0, 0x2, 0x3]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x300, 0x401, 0x1}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x1eb}}, @smc={0x1e, 0x40, {0x80008053, [0x5, 0x40, 0x3ff, 0xd9ef]}}, @mrs={0xbe, 0x18, {0x603000000013d801}}], 0x1c8}], 0x1, 0x0, &(0x7f0000000340)=[@featur2={0x1, 0x1}], 0x1)

1h12m0.898376279s ago: executing program 35 (id=223):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil}) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000d70000/0x3000)=nil, 0x3000)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000180)=@arm64_core={0x603000000010000e, &(0x7f0000000000)=0x3}) (async)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r6, 0x1, 0x100) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
syz_kvm_setup_cpu$arm64(r6, r8, &(0x7f00009a7000/0x400000)=nil, &(0x7f0000000300)=[{0x0, &(0x7f0000000c00)=[@its_setup={0x82, 0x28, {0x0, 0x4, 0x44}}, @eret={0xe6, 0x18, 0xfff}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x200}}, @svc={0x122, 0x40, {0x86000001, [0x240000000000, 0x2, 0x9, 0x40, 0x40]}}, @mrs={0xbe, 0x18, {0x603000000013c200}}, @irq_setup={0x46, 0x18, {0x3, 0x114}}, @smc={0x1e, 0x40, {0x8, [0x7, 0xb, 0x0, 0x2, 0x3]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x300, 0x401, 0x1}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x1eb}}, @smc={0x1e, 0x40, {0x80008053, [0x5, 0x40, 0x3ff, 0xd9ef]}}, @mrs={0xbe, 0x18, {0x603000000013d801}}], 0x1c8}], 0x1, 0x0, &(0x7f0000000340)=[@featur2={0x1, 0x1}], 0x1)

51m45.445769602s ago: executing program 5 (id=353):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000200)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f00000000c0)=0xed}) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_GUEST_MEMFD(r5, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x1})
mmap$KVM_VCPU(&(0x7f0000fe0000/0x3000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000011c0)=@attr_set_pmu={0x0, 0x0, 0x3, 0x0})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xe) (async)
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0xe) (async)
r8 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dead, 0x8000}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x48}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

51m28.436104538s ago: executing program 5 (id=355):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2b) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000140003, &(0x7f0000000000)=0x7})
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, <r10=>0xffffffffffffffff, 0x1})
r11 = ioctl$KVM_CREATE_VM(r10, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r11, 0x4030582b, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0xfffffff8, 0xffff, 0x0}) (async)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) (async)
r12 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r3, r12, &(0x7f0000bfd000/0x400000)=nil, &(0x7f00000004c0)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, 0x0)
r13 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x240)
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000100)=@attr_other={0x0, 0xff, 0x10, &(0x7f0000000040)}) (async)
r14 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bfe000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000b00)={0x0, &(0x7f00000007c0)=[@mrs={0xbe, 0x18, {0x603000000013c2a4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x4, 0x2, 0xffffffff, 0x9, 0x2}}, @svc={0x122, 0x40, {0x8400000d, [0x8000000000000000, 0x7, 0x7000, 0xaaf, 0x8000]}}, @hvc={0x32, 0x40, {0xc4000004, [0x7, 0x8, 0xc, 0x4]}}, @msr={0x14, 0x20, {0x603000000013e66b, 0x6}}], 0xe0}, 0x0, 0x0) (async)
ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3}) (async)
openat$kvm(0xffffffffffffff9c, 0x0, 0x141000, 0x0) (async)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001})
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)

51m26.142495618s ago: executing program 4 (id=356):
openat$kvm(0x0, &(0x7f0000000140), 0x404040, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000040)=@arm64_sys={0x603000000013c807, &(0x7f0000000200)=0x7ff})
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0xe)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013c021}}], 0x18}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r2, 0x4010ae74, &(0x7f0000000000)={0x66, 0x8, 0x1})

51m15.810556696s ago: executing program 5 (id=357):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25)
ioctl$KVM_CAP_ARM_MTE(r1, 0x4068aea3, &(0x7f00000000c0))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f00000002c0)=@arm64_sys={0x603000000013c00a, &(0x7f0000000280)=0x3})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000a1e000/0x400000)=nil)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x480000, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2a)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
r7 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r6, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000240)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000bfd000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000b80)={0x0, &(0x7f00000009c0)=[@hvc={0x32, 0x40, {0x84000051, [0x400000000000007, 0xfffffffffffffffa, 0x8000000000000000, 0x427f, 0x400003]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION(r8, 0xae03, 0xfffffffffffffff7)
r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x1)
r15 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r15, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r13, 0x4, 0x220)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000040)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000000)=0x1b})

51m13.228339486s ago: executing program 4 (id=358):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000240)={0x0, &(0x7f0000000080)=[@msr={0x14, 0x20, {0x603000000013e6de, 0xfffffffffffffffc}}, @smc={0x1e, 0x40, {0x0, [0x6, 0x6, 0x101, 0x8, 0x5]}}, @msr={0x14, 0x20, {0x603000000013e667, 0x9}}, @hvc={0x32, 0x40, {0x10, [0x3ff, 0x8c47, 0x0, 0xe, 0x1]}}, @eret={0xe6, 0x18, 0x1}, @memwrite={0x6e, 0x30, @generic={0x0, 0xac7, 0xffffffffffff69f8, 0x8}}, @eret={0xe6, 0x18, 0x3}, @hvc={0x32, 0x40, {0x84000001, [0x2, 0x4, 0x46, 0x101, 0x9]}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x2d2}}], 0x188}, &(0x7f0000000280)=[@featur1={0x1, 0xd2}], 0x1)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x36)
syz_kvm_setup_cpu$arm64(r4, r3, &(0x7f0000009000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

51m1.966573821s ago: executing program 4 (id=359):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bff000/0x400000)=nil) (async, rerun: 64)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async, rerun: 64)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0xc6)

51m0.240831361s ago: executing program 5 (id=360):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bde000/0x400000)=nil)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x20e4586c})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x3, 0x10000, 0x0, 0x6, 0x2}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r10=>0xffffffffffffffff})
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f00000001c0)={0x1, 0x1, 0xeeee8000, 0x1000, &(0x7f0000f95000/0x1000)=nil})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000001, 0x12, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r9, 0xae80, 0x0)

50m49.853091285s ago: executing program 4 (id=361):
r0 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000400)={0x0, &(0x7f0000000000)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xd00, 0x4, 0xe}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x4, 0x0, 0x8, 0x200, 0x4}}, @irq_setup={0x46, 0x18, {0x2, 0x1a4}}, @msr={0x14, 0x20, {0x603000000013c609}}, @eret={0xe6, 0x18, 0xa}, @mrs={0xbe, 0x18, {0x6030000000138044}}, @uexit={0x0, 0x18, 0xa}, @irq_setup={0x46, 0x18, {0x1, 0x181}}, @uexit={0x0, 0x18, 0x6}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x2, 0xd, 0x2, 0x8}}, @uexit={0x0, 0x18, 0x2}, @memwrite={0x6e, 0x30, @generic={0x4000, 0xe71, 0x8e, 0x9}}, @svc={0x122, 0x40, {0x8000, [0x2, 0x1, 0x90, 0x10, 0x9]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xc, 0x1}}, @svc={0x122, 0x40, {0x30000000, [0xfffffffffffffffe, 0xe, 0x10000, 0x7ff, 0xfffffffffffffff8]}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x0, 0xe, 0x184, 0x7, 0x3}}, @eret={0xe6, 0x18, 0x8}, @uexit={0x0, 0x18, 0x4}, @irq_setup={0x46, 0x18, {0x0, 0x2cd}}, @irq_setup={0x46, 0x18, {0x4, 0x9f}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x337}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x32}}, @smc={0x1e, 0x40, {0x3f000000, [0xffffffff, 0xfffffffffffffffc, 0x9, 0x0, 0x10000]}}, @mrs={0xbe, 0x18, {0x6030000000138010}}, @irq_setup={0x46, 0x18, {0x3, 0x162}}, @smc={0x1e, 0x40, {0xc400000c, [0x8001, 0x1b3, 0x9d, 0xffffffff, 0x100000001]}}, @msr={0x14, 0x20, {0x603000000013df06, 0xb}}], 0x3d0}, &(0x7f0000000440), 0x1)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r0, 0x4018aee3, &(0x7f00000004c0)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000480)=0x3}) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r0, 0x4018aee1, &(0x7f0000000540)=@attr_other={0x0, 0x0, 0x0, &(0x7f0000000500)=0xbc3})
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r0, 0x4018aee2, &(0x7f00000005c0)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000580)={0x100, 0xd}})
ioctl$KVM_ARM_VCPU_FINALIZE(r0, 0x4004aec2, &(0x7f0000000600))
ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000640)=0x2)
r1 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r1, 0x4010aeab, &(0x7f0000000680)={0x10}) (async)
ioctl$KVM_GET_REGS(r0, 0x8360ae81, &(0x7f00000006c0)) (async)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r1, 0x4018aee3, &(0x7f00000007c0)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000780)={0x7, 0x5, 0x1}}) (async)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0xd) (async)
ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f0000000800)={0x5, 0x6f}) (async)
close(r0)
ioctl$KVM_DIRTY_TLB(r1, 0x4010aeaa, &(0x7f0000000840)={0x400, 0x3}) (async)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r1, 0x4018aee2, &(0x7f0000000880)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x4})
syz_kvm_setup_cpu$arm64(r2, r0, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000c80)=[{0x0, &(0x7f00000008c0)=[@svc={0x122, 0x40, {0xc1008428, [0x9, 0x8, 0x5, 0xff, 0x2]}}, @svc={0x122, 0x40, {0x84000000, [0x7, 0x7fffffff, 0x1, 0x5, 0x8]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x0, 0x1, 0x80000000, 0x5, 0x4}}, @hvc={0x32, 0x40, {0x3000000, [0x7, 0x7fffffffffffffff, 0x10000, 0x6, 0x9]}}, @mrs={0xbe, 0x18, {0x603000000013ee8e}}, @msr={0x14, 0x20, {0x603000000013c290, 0xfff}}, @svc={0x122, 0x40, {0x5000000, [0x4, 0xffffffffffffffff, 0x8, 0x6de9, 0xc1]}}, @msr={0x14, 0x20, {0x603000000013c2aa, 0xffffffffffffff0c}}, @memwrite={0x6e, 0x30, @generic={0x4000, 0x6c8, 0x3ff, 0x6}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x121}}, @svc={0x122, 0x40, {0x84000009, [0x8001, 0x8, 0x1, 0xf3b, 0xfc]}}, @mrs={0xbe, 0x18, {0x603000000013deae}}, @eret={0xe6, 0x18, 0xe}, @irq_setup={0x46, 0x18, {0x0, 0x1f5}}, @irq_setup={0x46, 0x18, {0x3, 0x139}}, @mrs={0xbe, 0x18, {0x603000000013c646}}, @hvc={0x32, 0x40, {0x84000001, [0x3, 0x7fffffff, 0x1, 0x5, 0x8]}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x3, 0x1, 0xffffffa2, 0x3, 0x2}}, @hvc={0x32, 0x40, {0x800, [0x5, 0x7, 0x9, 0x7fffffffffffffff, 0x10001]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x8, 0x8c, 0x7}}, @eret={0xe6, 0x18, 0xf}, @smc={0x1e, 0x40, {0xc4000003, [0x4, 0x3, 0x9, 0xf6c, 0x7fffffffffffffff]}}], 0x3c0}], 0x1, 0x0, &(0x7f0000000cc0)=[@featur2={0x1, 0x2}], 0x1) (async)
ioctl$KVM_SET_REGS(r2, 0x4360ae82, &(0x7f0000000d00)={[0x203c, 0x7, 0x8, 0x7ff, 0x20, 0xdcc, 0x6, 0x4, 0x2, 0x8, 0xa, 0x81, 0x9, 0x7, 0x10, 0x9], 0x1, 0x200}) (async)
ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000000e00)=@arm64_sve={0x60800000001501a2, &(0x7f0000000dc0)=0x6}) (async)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x9)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000e40)={0x1, 0xffffffffffffffff, 0x1}) (async)
r4 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000001540)={0x0, &(0x7f0000000e80)=[@eret={0xe6, 0x18, 0x9}, @code={0xa, 0x84, {"005c99d200a0b0f2010180d2c20080d2830180d2240180d2020000d4000008d5403b9ad20080b0f2610180d2220080d2630180d2240080d2020000d40020006f0084a00d007008d50014c0da20748dd200a0b8f2610080d2420180d2030180d2040180d2020000d40038000e5f2003d5"}}, @code={0xa, 0x84, {"60ad86d20020b8f2210080d2820180d2a30080d2640080d2020000d40000281e0048601e007008d560a08cd200c0b0f2c10080d2c20080d2830180d2040180d2020000d400082078008008d5a0268dd20040b8f2a10180d2820080d2830080d2240180d2020000d4007008d5000028d5"}}, @its_send_cmd={0xaa, 0x28, {0x0, 0x1, 0x0, 0xa, 0x6, 0x2, 0x1}}, @eret={0xe6, 0x18, 0x4200}, @svc={0x122, 0x40, {0xc4000014, [0x3, 0x21, 0x2d, 0x6, 0xf5e]}}, @hvc={0x32, 0x40, {0x10, [0x0, 0x7ff, 0x8, 0x9, 0x551]}}, @uexit={0x0, 0x18, 0x5}, @svc={0x122, 0x40, {0x32000000, [0x8, 0x6, 0x9, 0x3, 0x7]}}, @smc={0x1e, 0x40, {0x86000001, [0x7, 0x9, 0x9, 0x3b, 0x2]}}, @mrs={0xbe, 0x18, {0x603000000013c00b}}, @hvc={0x32, 0x40, {0x84000012, [0x7, 0xf33, 0x5, 0x4, 0x4]}}, @mrs={0xbe, 0x18, {0x603000000013e667}}, @eret={0xe6, 0x18, 0x4}, @irq_setup={0x46, 0x18, {0x1, 0x22a}}, @uexit={0x0, 0x18, 0x1}, @hvc={0x32, 0x40, {0x30000000, [0x1ff, 0x100, 0x0, 0x1, 0x3]}}, @uexit={0x0, 0x18, 0x3}, @uexit={0x0, 0x18, 0x5e7}, @eret={0xe6, 0x18, 0x9bd1}, @eret={0xe6, 0x18, 0x80000001}, @hvc={0x32, 0x40, {0xc4000003, [0x5, 0x0, 0xffffffff, 0x4, 0x2]}}, @eret={0xe6, 0x18, 0x3}, @memwrite={0x6e, 0x30, @generic={0xeeef0000, 0xc10, 0x2, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x0, 0x0, 0x6, 0x7, 0x1}}, @uexit={0x0, 0x18, 0x9}, @svc={0x122, 0x40, {0x84000003, [0x1, 0x6, 0xc0d, 0x8000000000000000, 0xa9d3]}}, @code={0xa, 0xb4, {"200782d20060b0f2610180d2020080d2030080d2a40080d2020000d420e694d200c0b8f2e10080d2820080d2030180d2040080d2020000d4e02a8ad20080b0f2a10180d2620080d2230180d2640080d2020000d4c0c28ed20000b8f2010180d2220180d2430180d2440180d2020000d40038300e006c200e80b68dd20060b0f2810180d2c20080d2630080d2240080d2020000d4002c004e0008203c0034007f"}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x180, 0xbf1, 0x1}}, @code={0xa, 0xcc, {"e06d83d20080b0f2010180d2c20180d2830180d2240180d2020000d4000008d560b998d20080b0f2010080d2820080d2630080d2040180d2020000d4c0698dd200e0b8f2e10180d2820180d2a30080d2e40080d2020000d480959dd200a0b8f2410180d2820080d2830080d2240180d2020000d400b8315e0040204e007008d540d59cd20020b8f2010180d2220180d2230080d2240080d2020000d4c0289bd20080b0f2810180d2420180d2a30180d2640180d2020000d4"}}], 0x688}, &(0x7f0000001580)=[@featur1={0x1, 0x21}], 0x1)
ioctl$KVM_SET_SREGS(r4, 0x4000ae84, &(0x7f00000015c0)={{0x4000, 0x3000, 0xc, 0x3, 0x4, 0x4, 0x1, 0xc, 0xf, 0xa7, 0x6, 0xfc}, {0x2000, 0x33320000, 0x8, 0x1, 0x6, 0x2, 0x6, 0x4, 0x14, 0x6, 0x21, 0x7f}, {0xd000, 0x0, 0xf, 0xe, 0xe, 0xfc, 0xe0, 0x89, 0x8, 0x6, 0x5, 0x4}, {0x66a6388e183837e0, 0x1, 0x4, 0x7, 0x9, 0x1, 0xa, 0x3, 0x3, 0x0, 0x68, 0xe}, {0xeeef0000, 0xeeee8000, 0xb, 0x8, 0x7f, 0x9, 0x6, 0x6, 0xff, 0x49, 0x1, 0x40}, {0x2000, 0xf000, 0x9, 0x3, 0x3, 0x8, 0x3, 0x46, 0x7, 0x1, 0x7, 0xd7}, {0x2000, 0x0, 0xf, 0x9, 0x4, 0x1, 0x31, 0x9, 0x3, 0x8, 0x1, 0x2}, {0xeeef0000, 0x100000, 0x10, 0x2, 0x1, 0x7, 0x6, 0xff, 0x0, 0x3, 0xf, 0x40}, {0x1, 0x9}, {0xdddd0000, 0x6}, 0x25, 0x0, 0xeeee0000, 0x0, 0x4, 0x6000, 0xeeef0000, [0x0, 0x6, 0x2, 0x8001]}) (async)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000f66000/0x2000)=nil, r5, 0x1000001, 0x10, r4, 0x0) (async)
r6 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r6, 0x4018aee3, &(0x7f0000001740)=@attr_other={0x0, 0x4, 0x81, &(0x7f0000001700)=0x457})
ioctl$KVM_RUN(r1, 0xae80, 0x0) (async)
ioctl$KVM_ARM_VCPU_FINALIZE(r6, 0x4004aec2, &(0x7f0000001780)=0x6) (async)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee3, &(0x7f00000017c0)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x7})
ioctl$KVM_RESET_DIRTY_RINGS(r2, 0xaec7)

50m39.812455932s ago: executing program 4 (id=362):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r3, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x4, 0x300)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000000)={0x0, 0x1, 0xeeee0000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil})

50m35.026411871s ago: executing program 5 (id=363):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x200000026)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r4, r5, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c000})
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000000000)={0x3, 0x0, &(0x7f0000d59000/0x1000)=nil})
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1e)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r7, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ca8000/0x1000)=nil, r7, 0x3000007, 0x13, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0xf65f27cb9c97b696, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})

50m26.318141778s ago: executing program 4 (id=364):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x7})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x34)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0x1, 0x2012, r4, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
mmap$KVM_VCPU(&(0x7f000064d000/0x3000)=nil, r6, 0x200000c, 0x213011, r4, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x202400, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4040aea0, &(0x7f0000000080)=@x86={0x0, 0xfb, 0x3, 0x0, 0x10, 0x7, 0x6, 0xe, 0xf, 0x2, 0x6, 0xfd, 0x0, 0xc03, 0x8, 0x3, 0x10, 0x0, 0x0, '\x00', 0x87, 0xfffffffffffffffe})
r10 = openat$kvm(0x0, &(0x7f00000000c0), 0x30300, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0xe}}], 0x28}, 0x0, 0xfffffffffffffd20)
syz_kvm_vgic_v3_setup(r11, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000100)={0x8, <r13=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x1, &(0x7f0000000180)=0x9})
r14 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)

50m18.654974497s ago: executing program 5 (id=365):
r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r5, 0x4018aee3, &(0x7f0000000100)=@attr_pmu_init)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0x1e)
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000340)={0x5})
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r11, 0x4004ae8b, &(0x7f0000000040)={0x8, "22f1ebbef8b17f4b"})
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r7, 0x8040ae9f, &(0x7f0000000000)=@arm64)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

49m40.167153946s ago: executing program 36 (id=364):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x7})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x34)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0x1, 0x2012, r4, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
mmap$KVM_VCPU(&(0x7f000064d000/0x3000)=nil, r6, 0x200000c, 0x213011, r4, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x202400, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4040aea0, &(0x7f0000000080)=@x86={0x0, 0xfb, 0x3, 0x0, 0x10, 0x7, 0x6, 0xe, 0xf, 0x2, 0x6, 0xfd, 0x0, 0xc03, 0x8, 0x3, 0x10, 0x0, 0x0, '\x00', 0x87, 0xfffffffffffffffe})
r10 = openat$kvm(0x0, &(0x7f00000000c0), 0x30300, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0xe}}], 0x28}, 0x0, 0xfffffffffffffd20)
syz_kvm_vgic_v3_setup(r11, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000100)={0x8, <r13=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x1, &(0x7f0000000180)=0x9})
r14 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)

49m32.81896915s ago: executing program 37 (id=365):
r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r5, 0x4018aee3, &(0x7f0000000100)=@attr_pmu_init)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0x1e)
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000340)={0x5})
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r11, 0x4004ae8b, &(0x7f0000000040)={0x8, "22f1ebbef8b17f4b"})
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r7, 0x8040ae9f, &(0x7f0000000000)=@arm64)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

37m41.200472485s ago: executing program 7 (id=388):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async, rerun: 32)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 32)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000040)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x80000000})
mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000647000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) (async)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013e641, 0x0}) (async)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) (async)
r9 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
r10 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0) (async)
r11 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000040)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0) (async)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r13, 0x4018aee3, 0x0)

37m39.622756555s ago: executing program 6 (id=389):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x0, 0x3c2a1c3178cda732, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[@irq_setup={0x46, 0x18, {0x2, 0x307}}, @eret={0xe6, 0x18, 0x3}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x0, 0xb, 0x900000, 0x7, 0x2}}, @svc={0x122, 0x40, {0xc400000c, [0x0, 0x5, 0x9, 0x3, 0xe08]}}, @eret={0xe6, 0x18, 0x8}, @eret={0xe6, 0x18, 0x7fe0}, @msr={0x14, 0x20, {0x603000000013800c, 0x8}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x2bc}}, @memwrite={0x6e, 0x30, @generic={0xdddd0000, 0x3f7, 0x3, 0x8}}, @mrs={0xbe, 0x18, {0x603000000013c510}}, @code={0xa, 0x54, {"007008d5000028d5000028d50000c00d0080000c007008d5007008d50080009be06b86d20020b0f2610180d2420180d2030180d2c40180d2020000d4000028d5"}}, @msr={0x14, 0x20, {0x603000000013c201, 0x585}}, @uexit={0x0, 0x18, 0x6}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x3, 0x4, 0xd, 0x3}}, @irq_setup={0x46, 0x18, {0x3, 0x30e}}, @msr={0x14, 0x20, {0x603000000013dce6, 0xa4a}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x1, 0x6, 0x7, 0x61}}, @hvc={0x32, 0x40, {0x1000, [0x8, 0x7fffffff, 0x6, 0x57e, 0x8]}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x3, 0x1, 0x4, 0x6, 0x2}}, @uexit={0x0, 0x18, 0x3}, @uexit={0x0, 0x18, 0x8}, @mrs={0xbe, 0x18, {0x603000000013deea}}, @hvc={0x32, 0x40, {0x84000014, [0x9, 0x8, 0x4, 0x0, 0x2]}}, @msr={0x14, 0x20, {0x603000000013e521, 0x5144}}], 0x37c}, &(0x7f0000000040)=[@featur1={0x1, 0xa1}], 0x1)
ioctl$KVM_DIRTY_TLB(r1, 0x4010aeaa, &(0x7f0000000540)={0x1f8, 0x1})
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x1}})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000004000000000000000000000ef000000008101000000000000050000000000000002000000000000000300"/64], 0x40}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x0, 0x3c2a1c3178cda732, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) (async)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[@irq_setup={0x46, 0x18, {0x2, 0x307}}, @eret={0xe6, 0x18, 0x3}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x0, 0xb, 0x900000, 0x7, 0x2}}, @svc={0x122, 0x40, {0xc400000c, [0x0, 0x5, 0x9, 0x3, 0xe08]}}, @eret={0xe6, 0x18, 0x8}, @eret={0xe6, 0x18, 0x7fe0}, @msr={0x14, 0x20, {0x603000000013800c, 0x8}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x2bc}}, @memwrite={0x6e, 0x30, @generic={0xdddd0000, 0x3f7, 0x3, 0x8}}, @mrs={0xbe, 0x18, {0x603000000013c510}}, @code={0xa, 0x54, {"007008d5000028d5000028d50000c00d0080000c007008d5007008d50080009be06b86d20020b0f2610180d2420180d2030180d2c40180d2020000d4000028d5"}}, @msr={0x14, 0x20, {0x603000000013c201, 0x585}}, @uexit={0x0, 0x18, 0x6}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x3, 0x4, 0xd, 0x3}}, @irq_setup={0x46, 0x18, {0x3, 0x30e}}, @msr={0x14, 0x20, {0x603000000013dce6, 0xa4a}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x1, 0x6, 0x7, 0x61}}, @hvc={0x32, 0x40, {0x1000, [0x8, 0x7fffffff, 0x6, 0x57e, 0x8]}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x3, 0x1, 0x4, 0x6, 0x2}}, @uexit={0x0, 0x18, 0x3}, @uexit={0x0, 0x18, 0x8}, @mrs={0xbe, 0x18, {0x603000000013deea}}, @hvc={0x32, 0x40, {0x84000014, [0x9, 0x8, 0x4, 0x0, 0x2]}}, @msr={0x14, 0x20, {0x603000000013e521, 0x5144}}], 0x37c}, &(0x7f0000000040)=[@featur1={0x1, 0xa1}], 0x1) (async)
ioctl$KVM_DIRTY_TLB(r1, 0x4010aeaa, &(0x7f0000000540)={0x1f8, 0x1}) (async)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x1}}) (async)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000004000000000000000000000ef000000008101000000000000050000000000000002000000000000000300"/64], 0x40}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)

37m22.128563108s ago: executing program 7 (id=390):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000000)={0x0, &(0x7f0000000580)=[@irq_setup={0x46, 0x18, {0x3, 0x203}}, @smc={0x1e, 0x40, {0x84008012, [0x8e09, 0x5, 0x3, 0x3, 0x8]}}, @uexit={0x0, 0x18, 0x9}, @code={0xa, 0xb4, {"c0219fd200a0b0f2810180d2c20180d2430180d2840180d2020000d4804c8fd20000b0f2c10080d2820180d2030080d2640080d2020000d40000005e20b990d20000b0f2610080d2c20080d2630180d2840080d2020000d4e09681d20020b8f2a10080d2220180d2a30080d2440180d2020000d4000080a860b182d20080b0f2010080d2020080d2e30180d2240180d2020000d4007008d5000008d50200a0d4"}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x1, 0x7, 0x1, 0x9, 0x3}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x8e}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xf20, 0x0, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013c65b}}, @msr={0x14, 0x20, {0x603000000013e536, 0x3ff}}, @smc={0x1e, 0x40, {0x80000000, [0x3, 0x6, 0xfffffffffffffffb, 0x2d7, 0xda3]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x1, 0xf, 0xa}}, @memwrite={0x6e, 0x30, @generic={0xdddd0000, 0x143, 0x4, 0x6}}, @uexit={0x0, 0x18, 0x27}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x4, 0x6, 0x8, 0xd2, 0x4}}, @msr={0x14, 0x20, {0x6030000000138066, 0x7}}, @smc={0x1e, 0x40, {0x84000013, [0x1, 0x1d21, 0x8, 0x6, 0x4]}}, @msr={0x14, 0x20, {0x603000000013ff11, 0x200}}, @eret={0xe6, 0x18, 0x1}], 0x34c}, 0x0, 0x0) (async)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
r6 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r5, 0x3, 0x11, r4, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r6, 0xffffffffffffffff) (async)
syz_kvm_assert_reg(r4, 0x6030000000138010, 0x8000)
syz_kvm_assert_reg(r4, 0x6030000000138012, 0x8000)
syz_kvm_assert_reg(r4, 0x6030000000138004, 0x8000)
syz_kvm_assert_reg(r4, 0x603000000013800c, 0x8000)
syz_kvm_assert_reg(r4, 0x6030000000138014, 0x8000) (async)
syz_kvm_assert_reg(r4, 0x603000000013801c, 0x8000) (async, rerun: 64)
syz_kvm_assert_reg(r4, 0x6030000000138024, 0x8000) (async, rerun: 64)
syz_kvm_assert_reg(r4, 0x603000000013802c, 0x8000) (async, rerun: 64)
syz_kvm_assert_reg(r4, 0x6030000000138005, 0x8000) (async, rerun: 64)
syz_kvm_assert_reg(r4, 0x603000000013800d, 0x8000) (async, rerun: 64)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27) (rerun: 64)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x0, 0x0, 0x6, 0x4000000, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r7, 0x1, 0x100) (async)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async, rerun: 64)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 64)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

37m19.924612173s ago: executing program 6 (id=391):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x8)
ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000000)={0x7, 0x0, [{0x832, 0x2, 0x0, 0x0, @adapter={0x8568, 0x9, 0x3, 0xf, 0x7}}, {0x9b8, 0x1, 0x0, 0x0, @sint={0x1, 0x1}}, {0x8, 0x5, 0x1, 0x0, @sint={0xee65, 0x2f}}, {0xfffffff7, 0x2, 0x1, 0x0, @irqchip={0x8, 0x1}}, {0x6, 0x4, 0x1, 0x0, @msi={0x3, 0x0, 0x200, 0xffff7fff}}, {0x4, 0x7, 0x0, 0x0, @msi={0x5377, 0x7fffffff, 0x7, 0x1}}, {0xe, 0x5, 0x1, 0x0, @sint={0x4, 0x1000}}]})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x301200, 0x0)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x15)
munmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2e)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f00000001c0)={0xffffffffffffffff, 0x101, 0x3})
ioctl$KVM_ASSIGN_SET_MSIX_NR(0xffffffffffffffff, 0x4008ae73, &(0x7f0000000200)={0xc, 0x3})
munmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000)
r5 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000580)={0x0, &(0x7f0000000240)=[@irq_setup={0x46, 0x18, {0x2, 0x34a}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x3, 0xc, 0x8, 0x9, 0x4}}, @hvc={0x32, 0x40, {0x2000054, [0x2, 0x7, 0x37, 0x8, 0x2]}}, @code={0xa, 0x84, {"80278dd20040b0f2e10080d2620080d2c30180d2c40180d2020000d4c0f781d20020b8f2610180d2a20180d2e30180d2e40180d2020000d40000e00d0008407a00a4ff0d000000ad007008d5000480dac09e85d200c0b8f2610180d2820180d2630180d2440080d2020000d40000806c"}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x225}}, @code={0xa, 0x84, {"000008d5e04b94d20020b8f2810180d2820080d2030180d2e40180d2020000d40040204e800781d20080b0f2810180d2820080d2430180d2040080d2020000d400a4ff0d0000c039e05783d20040b8f2410080d2220080d2030080d2040080d2020000d4007008d500c0651e007c0053"}}, @code={0xa, 0x84, {"000028d500808008000008d5007008d5207f82d200c0b0f2e10180d2420080d2030080d2e40080d2020000d460618bd200c0b0f2a10080d2e20180d2a30080d2640180d2020000d480848ed20060b0f2c10180d2420180d2430180d2440080d2020000d40000202e007008d5000008d5"}}, @svc={0x122, 0x40, {0x200, [0x8000, 0x4, 0x1, 0x9, 0x700]}}, @svc={0x122, 0x40, {0xc4000001, [0x4, 0x5, 0x27, 0x1, 0x7fffffffffffffff]}}, @mrs={0xbe, 0x18, {0x603000000013debc}}, @eret={0xe6, 0x18, 0x8001}, @irq_setup={0x46, 0x18, {0x1, 0x30b}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x3f3}}], 0x324}, &(0x7f00000005c0)=[@featur2={0x1, 0x9c}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x4018aee1, &(0x7f0000000640)=@attr_other={0x0, 0xd, 0xffffffffffffffff, &(0x7f0000000600)=0x47})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f00000006c0)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000680)=0x1c})
ioctl$KVM_SIGNAL_MSI(r3, 0x4020aea5, &(0x7f0000000700)={0x2, 0xdddd0000, 0x2, 0x0, 0xfffffffe})
r7 = eventfd2(0x80000000, 0x80001)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000740)={r7, 0x0, 0x2})
munmap(&(0x7f0000f02000/0x1000)=nil, 0x1000)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000780)={0x4, 0xffffffffffffffff, 0x1})
syz_kvm_vgic_v3_setup(r3, 0x1, 0x20)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000800)=@arm64_fp={0x604000000010007c, &(0x7f00000007c0)=0x6})
mmap$KVM_VCPU(&(0x7f0000eb5000/0x2000)=nil, r2, 0xc, 0x4000010, r6, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
r8 = eventfd2(0x1, 0x0)
ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000840)={r7, 0x1, 0x0, r8})
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000880)={0x0, 0x11c000, 0x1})
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r6, 0x4018aee3, &(0x7f0000000900)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f00000008c0)=0x19})
r9 = ioctl$KVM_CREATE_GUEST_MEMFD(r0, 0xc040aed4, &(0x7f0000000940)={0x5d6, 0x39})
ioctl$KVM_SET_USER_MEMORY_REGION2(r4, 0x40a0ae49, &(0x7f0000000980)={0x2, 0x3, 0x0, 0x1000, &(0x7f0000dd1000/0x1000)=nil, 0xe00, r9})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000a40)={0x4, 0xffffffffffffffff, 0x1})

37m5.882794903s ago: executing program 7 (id=392):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x24) (async)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r2, 0x2, 0x100) (async)
r5 = eventfd2(0x1, 0x80001)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000000)={r5, 0x2}) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1}) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

37m4.565819381s ago: executing program 6 (id=393):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r1, 0x4068aea3, &(0x7f00000001c0)={0xa8, 0x0, 0x3})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x2, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x24)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xf4)
ioctl$KVM_IRQFD(r3, 0x4020ae76, 0xffffffffffffffff)

36m50.807266832s ago: executing program 7 (id=394):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000040)=@arm64_fw={0x6030000000140001, 0x0})
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f00000000c0)={0xdf, 0x0, 0x8000})

36m45.875204103s ago: executing program 6 (id=395):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
r2 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xb)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f00008c1000/0x400000)=nil) (async)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f00008c1000/0x400000)=nil)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_add_vcpu$arm64(r1, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)

36m34.055893717s ago: executing program 7 (id=396):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000000)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f00000002c0)=@arm64_sys={0x603000000013dce8, &(0x7f0000000240)=0x100000001})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)

36m32.313074885s ago: executing program 6 (id=397):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r5, 0x400454d4, 0x110c230008)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2000003, 0x2013, r2, 0x200001fe0000)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)={0x1, 0x0, [{0x5, 0x2, 0x0, 0x0, @msi={0xffff7ee8, 0x5625, 0x5, 0x1}}]})

36m14.332856589s ago: executing program 7 (id=398):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x16, 0x4, 0x1}})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x100000c, 0x4d832, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_vgic_v3_setup(r5, 0x1, 0x100)
ioctl$KVM_HAS_DEVICE_ATTR(r6, 0x4018aee3, &(0x7f0000000380)=@attr_other={0x0, 0x5, 0x0, 0x0})
syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="3200000000000000400000000000000050000084000000000700000085950ab18eb1e520df000000000900000000000000080000006f0f7dfe38078500000000f8ffffed76990b"], 0x40}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r10, r11, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f00000000c0)=@arm64_core={0x6030000000100022, &(0x7f0000000100)=0x8})
r12 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r13 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000340)={0x1a64afb6, 0x8000000, 0x0, r13})
ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000000)={0x8080000, 0x2000})
eventfd2(0x80, 0x80000)
ioctl$KVM_RUN(r12, 0xae80, 0x0)

36m10.860772722s ago: executing program 6 (id=399):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$kvm(0x0, &(0x7f00000000c0), 0x2000, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f00000001c0)={0x8, <r5=>0xffffffffffffffff})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000080)=0x8000000000000000})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r8, 0x4018aee2, 0xfffffffffffffffe)
r9 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION2(r9, 0x40a0ae49, &(0x7f0000000740)={0x3, 0x4, 0xffff1000, 0x2000, &(0x7f0000e03000/0x2000)=nil, 0x7d3})
r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_GET_API_VERSION(r1, 0xae00, 0x0)
r11 = syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r10, 0x4068aea3, &(0x7f0000000000)={0xa8, 0x0, 0x1})
openat$kvm(0x0, &(0x7f0000000300), 0x486000, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000100)={0x4})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000200)=@attr_arm64={0x0, 0x1, 0x3, &(0x7f00000002c0)=0x3})

35m23.506920256s ago: executing program 38 (id=398):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x16, 0x4, 0x1}})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x100000c, 0x4d832, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_vgic_v3_setup(r5, 0x1, 0x100)
ioctl$KVM_HAS_DEVICE_ATTR(r6, 0x4018aee3, &(0x7f0000000380)=@attr_other={0x0, 0x5, 0x0, 0x0})
syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="3200000000000000400000000000000050000084000000000700000085950ab18eb1e520df000000000900000000000000080000006f0f7dfe38078500000000f8ffffed76990b"], 0x40}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r10, r11, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f00000000c0)=@arm64_core={0x6030000000100022, &(0x7f0000000100)=0x8})
r12 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r13 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000340)={0x1a64afb6, 0x8000000, 0x0, r13})
ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000000)={0x8080000, 0x2000})
eventfd2(0x80, 0x80000)
ioctl$KVM_RUN(r12, 0xae80, 0x0)

35m18.285546553s ago: executing program 39 (id=399):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$kvm(0x0, &(0x7f00000000c0), 0x2000, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f00000001c0)={0x8, <r5=>0xffffffffffffffff})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000080)=0x8000000000000000})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r8, 0x4018aee2, 0xfffffffffffffffe)
r9 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION2(r9, 0x40a0ae49, &(0x7f0000000740)={0x3, 0x4, 0xffff1000, 0x2000, &(0x7f0000e03000/0x2000)=nil, 0x7d3})
r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_GET_API_VERSION(r1, 0xae00, 0x0)
r11 = syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r10, 0x4068aea3, &(0x7f0000000000)={0xa8, 0x0, 0x1})
openat$kvm(0x0, &(0x7f0000000300), 0x486000, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000100)={0x4})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000200)=@attr_arm64={0x0, 0x1, 0x3, &(0x7f00000002c0)=0x3})

26m12.947632766s ago: executing program 8 (id=400):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil)
r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000001c0)={0x8, <r2=>0xffffffffffffffff})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000080)=0x8000000000000000})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000000)={0x0, 0x6, 0x2000, 0x2000, &(0x7f0000ec1000/0x2000)=nil})
r7 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x4, 0x220)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x25)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x1}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x3ee}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r10, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, <r13=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r14=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)

25m58.574969215s ago: executing program 9 (id=402):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000040)={0x0, 0x3, 0xdddd4000, 0x2000, &(0x7f0000eb5000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000080)=[@featur1={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r2, 0x800454e0, 0x1000110c230000)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, <r9=>0xffffffffffffffff, 0x1})
r10 = ioctl$KVM_CREATE_VM(r9, 0x894c, 0x0)
close(r10)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x401]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r14, 0xae04)

25m41.752041896s ago: executing program 8 (id=403):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}], 0x28}, 0x0, 0x0)
r4 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000140)={0x0, &(0x7f0000000240)=[@uexit={0x0, 0x18, 0x81}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x180, 0x2, 0x2}}, @mrs={0xbe, 0x18, {0x27d3}}, @msr={0x14, 0x20, {0x603000000013c801, 0xaa9f}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x2, 0xd, 0xd, 0x6, 0x4}}, @code={0xa, 0xb4, {"e0f198d200a0b8f2810180d2020080d2430080d2440080d2020000d400609f0d000040ac00a486d200c0b8f2410080d2420180d2430180d2440180d2020000d4e0098cd20020b8f2610180d2420080d2830080d2440080d2020000d40000209ee0cc8cd20060b8f2410180d2e20180d2430080d2640180d2020000d4000000fd0000a00d20af86d20040b8f2410080d2020080d2c30180d2640080d2020000d4"}}, @code={0xa, 0x6c, {"007008d5000008d5000028d5801981d200c0b0f2a10180d2420180d2830080d2640080d2020000d400e692d20020b0f2a10080d2020080d2e30080d2240080d2020000d400dc202e000000bd008008d5007008d5000028d5"}}, @eret={0xe6, 0x18, 0x1000}, @smc={0x1e, 0x40, {0x80007fff, [0x8, 0x7fffffffffffffff, 0x4, 0x4f3, 0x6]}}, @hvc={0x32, 0x40, {0x84000011, [0x80000000, 0x5, 0x1, 0x6, 0x6]}}, @irq_setup={0x46, 0x18, {0x0, 0x268}}, @mrs={0xbe, 0x18, {0x603000000013e000}}, @smc={0x1e, 0x40, {0x84000000, [0x9f, 0xfffffffffffff800, 0xfffffffffffffffe, 0x8001]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x1, 0x2, 0x1, 0x3}}, @smc={0x1e, 0x40, {0x0, [0x7, 0x200, 0x5, 0x800, 0x7]}}, @code={0xa, 0x84, {"80f68cd200e0b8f2a10080d2220080d2830180d2440080d2020000d4205d93d200c0b0f2610080d2a20180d2a30080d2040080d2020000d4000028d580b299d200e0b0f2a10080d2c20080d2830080d2440080d2020000d4007008d50078214e0000629e007008d50000000e007008d5"}}, @hvc={0x32, 0x40, {0xc5000021, [0x6, 0x4, 0x469b, 0x8, 0x2]}}, @eret={0xe6, 0x18, 0x3}, @msr={0x14, 0x20, {0x603000000013c663, 0x3}}, @svc={0x122, 0x40, {0x84000051, [0x9, 0x7, 0x5, 0x7, 0xd8]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x1, 0x1, 0x8001, 0xffff8001, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x0, 0x7, 0x5, 0x9, 0x2}}, @mrs={0xbe, 0x18, {0x65a0}}, @hvc={0x32, 0x40, {0x100, [0x7, 0x3f2, 0x3, 0x8, 0xf]}}, @msr={0x14, 0x20, {0x603000000013dea8}}, @mrs={0xbe, 0x18, {0x2643}}, @mrs={0xbe, 0x18, {0x603000000013e662}}, @uexit={0x0, 0x18, 0xfffffffffffffffc}], 0x584}, &(0x7f0000000800)=[@featur2={0x1, 0x14}], 0x1)
ioctl$KVM_GET_REGS(r4, 0x8360ae81, &(0x7f0000000840))
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x1000000) (async)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x88, &(0x7f0000000000)=0x10})

25m33.47492906s ago: executing program 9 (id=404):
r0 = syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x0, 0xe0)
ioctl$KVM_SET_DEVICE_ATTR(r0, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x3, 0x0, &(0x7f0000000000)=0x300})
r1 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x7)
ioctl$KVM_CAP_ARM_USER_IRQ(r1, 0x4068aea3, &(0x7f0000000080))
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000bff000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000005c0)={0x0, &(0x7f0000000100)=[@its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x1, 0x0, 0x401, 0x7, 0x3}}, @code={0xa, 0x84, {"0080001b00d8a05e600986d20020b8f2810180d2220180d2230080d2a40180d2020000d400ff9ed200c0b0f2c10080d2620180d2a30080d2c40080d2020000d40000701e008008d5008008d50084c00d00d8307e60d394d20000b8f2c10080d2e20180d2630180d2c40080d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x2, 0xc, 0x1000, 0x0, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x2, 0x1, 0x5, 0x1fffc0, 0x4}}, @uexit={0x0, 0x18, 0x89a7}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x31a}}, @hvc={0x32, 0x40, {0x1000, [0xf, 0xa, 0x4, 0x7]}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x2, 0x4, 0x6, 0x0, 0x3}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x3d3}}, @eret={0xe6, 0x18, 0x32}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x2ff}}, @eret={0xe6, 0x18, 0xff}, @irq_setup={0x46, 0x18, {0x0, 0x2ad}}, @uexit={0x0, 0x18, 0x6}, @smc={0x1e, 0x40, {0x1000, [0x100000000, 0x1, 0x4, 0x10000000000, 0x8]}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0xd7}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x302}}, @code={0xa, 0x54, {"00a0800d20b996d20040b0f2e10080d2020080d2030180d2e40180d2020000d4008008d500a0ff0d008008d50040661e0000189e007008d5007008d5007008d5"}}, @svc={0x122, 0x40, {0xf83bc657eaf4287d, [0xfffffffffffffffc, 0xc43, 0x5, 0x4]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x18, 0x4a464b76}}, @eret={0xe6, 0x18, 0x1}, @code={0xa, 0x54, {"000008d5007008d50000407c007008d5007008d5000440fc00e0ff0dc03d8ed20060b8f2210080d2c20080d2c30180d2440180d2020000d400004029007008d5"}}, @code={0xa, 0x6c, {"208185d20000b8f2810180d2620080d2a30180d2a40180d2020000d4000028d5007008d50050000e008008d5000008d50090802f0084202ea0f896d200e0b0f2410180d2a20180d2030180d2840080d2020000d4000028d5"}}, @uexit={0x0, 0x18, 0xb}, @uexit={0x0, 0x18, 0x6fc}], 0x4b0}, &(0x7f0000000600)=[@featur1={0x1, 0x10}], 0x1)
ioctl$KVM_DIRTY_TLB(r4, 0x4010aeaa, &(0x7f0000000640)={0x9, 0x3})
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2d)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r5, 0x4068aea3, &(0x7f0000000680))
r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x36)
r7 = ioctl$KVM_GET_STATS_FD_vm(r6, 0xaece)
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000700)=@arm64={0x1, 0x0, 0xf, '\x00', 0xfffffffffffffffb})
r8 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000780)=@attr_other={0x0, 0x8, 0x80000001, &(0x7f0000000740)=0x582})
openat$kvm(0xffffffffffffff9c, &(0x7f00000007c0), 0x5000, 0x0)
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000de0000/0x8000)=nil, r9, 0x6, 0x8010, r4, 0x0)
r10 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000f40)={0x0, &(0x7f0000000800)=[@uexit={0x0, 0x18, 0x2}, @svc={0x122, 0x40, {0x80000000, [0xffffffffffffffc0, 0x8, 0x4, 0x6, 0x1]}}, @irq_setup={0x46, 0x18, {0x3, 0x236}}, @svc={0x122, 0x40, {0x4000, [0xfffffffffffffff7, 0x2, 0x9, 0x7, 0x27e]}}, @eret={0xe6, 0x18, 0x7ad}, @smc={0x1e, 0x40, {0x10, [0x6, 0x81, 0x10, 0x5, 0x2]}}, @svc={0x122, 0x40, {0xc4000053, [0xbf79, 0x8000000000000000, 0xa, 0x8001, 0x2]}}, @hvc={0x32, 0x40, {0xc400000e, [0x0, 0x6, 0x7, 0x8, 0x80000001]}}, @uexit={0x0, 0x18, 0x4}, @code={0xa, 0xe4, {"a0c69ed20080b0f2410180d2220180d2030080d2840180d2020000d4603492d20080b0f2c10180d2c20080d2630180d2640180d2020000d4c01682d20080b8f2c10180d2820080d2c30080d2440080d2020000d4e0af96d200e0b8f2c10080d2620080d2230180d2240080d2020000d460c394d200c0b0f2210080d2e20180d2830080d2a40180d2020000d4007008d50040621ec0f188d20060b8f2210080d2820180d2a30180d2240180d2020000d4005c87d20060b8f2210180d2220180d2830180d2440180d2020000d400004093"}}, @irq_setup={0x46, 0x18, {0x1, 0x160}}, @mrs={0xbe, 0x18, {0x603000000013defe}}, @svc={0x122, 0x40, {0x30000000, [0x80000000000, 0x2, 0x3, 0x1ff, 0x7]}}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x1ac}}, @code={0xa, 0x6c, {"000028d50000789e000028d5000008d5202898d20060b0f2210180d2420080d2c30080d2440080d2020000d4000028d5008008d5008008d5008008d500549ed20000b8f2810080d2820180d2c30080d2040180d2020000d4"}}, @msr={0x14, 0x20, {0x603000000013c2a5, 0x7fffffff}}, @hvc={0x32, 0x40, {0x8400000f, [0x2, 0xc, 0x7fffffff, 0xe6, 0x401]}}, @svc={0x122, 0x40, {0xc4000004, [0x282, 0x7fff, 0x3, 0x0, 0x6]}}, @code={0xa, 0x9c, {"007008d5208e8fd20000b8f2c10180d2e20080d2c30180d2440080d2020000d4002886d200a0b8f2a10180d2a20180d2230080d2040180d2020000d4000008d5000080ad000028d50000c02d008786d200a0b0f2e10080d2c20180d2430180d2640180d2020000d40060000ea03b9bd200a0b8f2a10080d2420080d2830080d2040180d2020000d4"}}, @code={0xa, 0x9c, {"c03186d20080b0f2610080d2220080d2030080d2e40180d2020000d4207584d200c0b0f2e10080d2420080d2230180d2840180d2020000d4000008d520a386d200a0b8f2e10080d2c20080d2430180d2240080d2020000d460e99ed20000b0f2a10080d2420080d2230080d2a40180d2020000d400c4200e007008d5007008d50084e00d00c4202e"}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x2, 0xb, 0x4, 0x8, 0x4}}, @memwrite={0x6e, 0x30, @generic={0x100000, 0xb93, 0x4, 0x1}}, @irq_setup={0x46, 0x18, {0x2, 0x25f}}, @smc={0x1e, 0x40, {0x800, [0xa, 0x600000000, 0xfffffffffffffa11, 0x11, 0x8eb8]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x200, 0x3, 0x2}}, @msr={0x14, 0x20, {0x603000000013e099, 0x6}}, @uexit={0x0, 0x18, 0x2}, @eret={0xe6, 0x18, 0x6155}, @its_setup={0x82, 0x28, {0x1, 0x3, 0xa8}}, @msr={0x14, 0x20, {0x603000000013e6c7, 0x4}}, @svc={0x122, 0x40, {0x86000001, [0x10001, 0x8, 0xb, 0x2, 0x5]}}], 0x718}, &(0x7f0000000f80)=[@featur1={0x1, 0x52}], 0x1)
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000001000)=@arm64_core={0x6030000000100030, &(0x7f0000000fc0)=0x9})
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000001040)={0x2, 0x2, 0x8, r7})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r7, 0x4010ae68, &(0x7f0000001080)={0x2000, 0x1000, 0x2})
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000001100)=@arm64_fp_extra={0x60200000001000d5, &(0x7f00000010c0)=0xe03f})
ioctl$KVM_PPC_ALLOCATE_HTAB(r5, 0xc004aea7, &(0x7f0000001140)=0x4)
syz_kvm_setup_cpu$arm64(r6, r4, &(0x7f000096f000/0x400000)=nil, &(0x7f0000001240)=[{0x0, &(0x7f0000001180)=[@eret={0xe6, 0x18, 0x200}, @msr={0x14, 0x20, {0x603000000013c65b, 0x9}}, @smc={0x1e, 0x40, {0x8400000c, [0x5, 0x12, 0x77dfda3c, 0x3]}}, @eret={0xe6, 0x18, 0x9}], 0x90}], 0x1, 0x0, &(0x7f0000001280)=[@featur2={0x1, 0xc0}], 0x1)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r7, 0x4018aee3, &(0x7f0000001300)=@attr_other={0x0, 0x8b48, 0x8, &(0x7f00000012c0)=0x301c})
ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000001380)=@attr_other={0x0, 0x7, 0x8000, &(0x7f0000001340)=0x7})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000013c0)={0x5})
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r5, 0x4068aea3, &(0x7f0000001400)={0xe4, 0x0, 0x100000000})
mmap$KVM_VCPU(&(0x7f0000ffd000/0x1000)=nil, r9, 0x3000001, 0x4000010, r4, 0x0)

25m24.328533522s ago: executing program 8 (id=405):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0x1c4, 0x3}) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r2, 0x4068aea3, &(0x7f00000000c0)) (async)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x101800, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000700)={0x7, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x0, 0x0}) (async)
ioctl$KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f0000000200)=@attr_other={0x0, 0x5, 0x8, &(0x7f0000000000)=0xcb1})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) (async)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) (async)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r10 = syz_kvm_vgic_v3_setup(r7, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000100)={0x4, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x5, 0x0, &(0x7f00000002c0)=0x2c172c22}) (async)
r11 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION2(r13, 0x40a0ae49, &(0x7f0000000040)={0x1fd, 0x2, 0xffff1000, 0x2000, &(0x7f0000ffd000/0x2000)=nil, 0x1ff}) (async)
r14 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}], 0x20}, 0x0, 0x0)

25m17.00510786s ago: executing program 9 (id=406):
ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) (async)
r0 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000000040)=@arm64_bitmap={0x6030000000160001, &(0x7f0000000000)=0x484956da})
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000140)={0x0, &(0x7f0000000080)=[@smc={0x1e, 0x40, {0x0, [0x8, 0x9, 0xff, 0x4, 0xa]}}, @eret={0xe6, 0x18}, @svc={0x122, 0x40, {0xc4000011, [0x3, 0x6, 0xb1, 0x793, 0x4]}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0x12c}}], 0xc0}, &(0x7f0000000180)=[@featur1={0x1, 0x80}], 0x1)
ioctl$KVM_ARM_VCPU_INIT(r1, 0x4020aeae, &(0x7f00000001c0)={0x4, 0x10})
ioctl$KVM_GET_SREGS(r0, 0x8000ae83, &(0x7f0000000200))
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r0, 0x4018aee3, &(0x7f0000000380)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000340)=0x3ff})
syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000004c0)={0x0, &(0x7f00000003c0)=[@eret={0xe6, 0x18, 0x4722}, @mrs={0xbe, 0x18, {0x603000000013e535}}, @irq_setup={0x46, 0x18, {0x3, 0x3bc}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x3, 0xa, 0x3, 0xa93, 0x1}}, @hvc={0x32, 0x40, {0x84000004, [0x3ff, 0x0, 0x5, 0xffffffffffffff7b, 0x5]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x2000, 0x4}}], 0xe0}, &(0x7f0000000500)=[@featur2={0x1, 0x36}], 0x1) (async)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000004c0)={0x0, &(0x7f00000003c0)=[@eret={0xe6, 0x18, 0x4722}, @mrs={0xbe, 0x18, {0x603000000013e535}}, @irq_setup={0x46, 0x18, {0x3, 0x3bc}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x3, 0xa, 0x3, 0xa93, 0x1}}, @hvc={0x32, 0x40, {0x84000004, [0x3ff, 0x0, 0x5, 0xffffffffffffff7b, 0x5]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x2000, 0x4}}], 0xe0}, &(0x7f0000000500)=[@featur2={0x1, 0x36}], 0x1)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000540)=0x1)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000580)={0x6, 0x0, [{0x0, 0x1, 0x1, 0x0, @adapter={0x5, 0x2, 0x0, 0xf01, 0x5}}, {0xd40, 0x4, 0x0, 0x0, @irqchip={0x2, 0x7ff}}, {0x5, 0x1, 0x1, 0x0, @adapter={0x0, 0x4, 0x4f01, 0x1, 0x249}}, {0x6, 0x0, 0x0, 0x0, @adapter={0x2eedc3b1, 0x7ff, 0x400000, 0xffffca6b, 0x34e}}, {0xa62, 0x1, 0x1, 0x0, @irqchip={0xfff, 0x6}}, {0x6, 0x1, 0x0, 0x0, @sint={0x2, 0x2}}]})
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f00000006c0)={0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f00000006c0)={0x1, <r3=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000740)=@attr_other={0x0, 0x9, 0x3, &(0x7f0000000700)}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000740)=@attr_other={0x0, 0x9, 0x3, &(0x7f0000000700)})
ioctl$KVM_S390_VCPU_FAULT(r0, 0x4008ae52, &(0x7f0000000780)=0x1)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f00000007c0)={0x9, 0xf}) (async)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f00000007c0)={0x9, 0xf})
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000840)=@attr_other={0x0, 0xd9, 0x2, &(0x7f0000000800)=0x327})
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) (async)
r4 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r4, 0x4018aee2, &(0x7f00000008c0)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000880)={0x6, 0x6}}) (async)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r4, 0x4018aee2, &(0x7f00000008c0)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000880)={0x6, 0x6}})
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000900)={0x9, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_REGS(r2, 0x4360ae82, &(0x7f0000000940)={[0x4, 0x200, 0x9, 0x2, 0x7, 0x5, 0x9, 0x2, 0x6, 0x7ff, 0x3ff, 0xfffffffffffffffa, 0x2, 0xffffffffffffaf98, 0x3, 0x5], 0x6000, 0x114200})
ioctl$KVM_GET_REG_LIST(r5, 0xc008aeb0, &(0x7f0000000a00)={0x7, [0x6, 0x2, 0x6, 0x5, 0xc61d, 0x6, 0x2]}) (async)
ioctl$KVM_GET_REG_LIST(r5, 0xc008aeb0, &(0x7f0000000a00)={0x7, [0x6, 0x2, 0x6, 0x5, 0xc61d, 0x6, 0x2]})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r1, 0x4018aee1, &(0x7f0000000a40)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x7})
ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000000ac0)=@arm64_extra={0x603000000013c02b, &(0x7f0000000a80)=0x8000}) (async)
ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000000ac0)=@arm64_extra={0x603000000013c02b, &(0x7f0000000a80)=0x8000})
ioctl$KVM_ARM_PREFERRED_TARGET(r2, 0x8020aeaf, &(0x7f0000000b00))
ioctl$KVM_ARM_SET_DEVICE_ADDR(r2, 0x4010aeab, &(0x7f0000000b40)={0x1, 0x1})
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000b80)={0xe4, 0x0, 0x7})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f0000000c00)={0x8032000, 0x104000, 0x1}) (async)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f0000000c00)={0x8032000, 0x104000, 0x1})
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r0, 0x4068aea3, &(0x7f0000000c40)={0xe4, 0x0, 0x5b})
ioctl$KVM_GET_VCPU_EVENTS(r1, 0x8040ae9f, &(0x7f0000000cc0)=@arm64)
r6 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000bff000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000f80)={0x0, &(0x7f0000000d00)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x18, 0x0, 0x9}}, @uexit={0x0, 0x18, 0x5}, @eret={0xe6, 0x18, 0x6}, @smc={0x1e, 0x40, {0x1, [0x1, 0x10, 0x5, 0x200, 0x3]}}, @smc={0x1e, 0x40, {0x8400000f, [0x8, 0x8001, 0x9, 0x9, 0x702]}}, @msr={0x14, 0x20, {0x603000000013e729, 0xd0d}}, @hvc={0x32, 0x40, {0x8400000c, [0xdf87, 0xa, 0x8000000000000001, 0x5, 0x9]}}, @hvc={0x32, 0x40, {0x100, [0x325, 0x0, 0x9, 0x7, 0x5]}}, @hvc={0x32, 0x40, {0xffff, [0x3, 0xffffffff, 0x3, 0x0, 0xfffffffffffffff8]}}, @uexit={0x0, 0x18, 0x3}, @mrs={0xbe, 0x18, {0x603000000013e722}}, @eret={0xe6, 0x18, 0x2}, @svc={0x122, 0x40, {0x80008000, [0x41467c0d, 0x2, 0x9, 0x800, 0x2]}}], 0x248}, &(0x7f0000000fc0)=[@featur2={0x1, 0x80}], 0x1)
ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, &(0x7f0000001040)=@arm64_sve_vls={0x606000000015ffff, &(0x7f0000001000)=0x8})

25m0.562825014s ago: executing program 8 (id=407):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x24)
ioctl$KVM_IRQFD(r1, 0x4020ae76, 0xffffffffffffffff)
r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
write$eventfd(r7, &(0x7f00000001c0)=0x7ffffff, 0xfffffd77)
r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_REG_LIST(r10, 0xc008aeb0, &(0x7f0000000380)={0x20000135})
r11 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0xfffffffffffffdb2)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000040)=@attr_irq_timer={0x0, 0x1, 0x0, 0x0})

24m59.895921288s ago: executing program 9 (id=408):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}, @msr={0x14, 0x20, {0x603000000013dcf3, 0x7fffffff}}], 0x40}, &(0x7f0000000300)=[@featur2={0x1, 0x80}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x2})
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x3c)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f00000002c0)=@arm64_sys={0x603000000013dcf3, &(0x7f00000000c0)=0x3})
ioctl$KVM_SET_MP_STATE(r5, 0x4004ae99, &(0x7f0000000000)=0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r10, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc6})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)

24m31.88451925s ago: executing program 8 (id=409):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r2=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000000940)=@attr_arm64={0x0, 0x4, 0x500, 0x0})
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0xb2)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x21)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
r9 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r8, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r8, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x5b7882, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000140), 0x208000, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
r13 = syz_kvm_vgic_v3_setup(r11, 0x2, 0x80)
ioctl$KVM_GET_DEVICE_ATTR(r13, 0x4018aee2, &(0x7f0000000200)=@attr_arm64={0x0, 0x6, 0x3, 0x0})
r14 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@mrs={0xbe, 0x18, {0x603000000013dce5}}], 0x18}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x2, <r16=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0x7c3a, 0xfffffffffffffff0, &(0x7f0000000080)})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r15, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)

24m30.778355894s ago: executing program 9 (id=410):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8})
r4 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000bfd000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x2d0})
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x2002, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r8, 0xae03, 0x3)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000280)=@arm64_sys={0x603000000013808c, &(0x7f00000001c0)=0x8})
ioctl$KVM_CHECK_EXTENSION_VM(r6, 0xae03, 0x24)

24m4.275025923s ago: executing program 9 (id=411):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f00000002c0)={0x1, 0x0, [{0x10000, 0x1, 0x1, 0x0, @adapter={0x7b, 0x9, 0x0, 0x443, 0x8}}]})
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xe4)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x30)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r6, 0x4018aee3, 0xffffffffffffffff)
r7 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x2d)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f00000001c0)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)})
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000240)={0x5, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000000)=0xc000000000000000})
syz_kvm_setup_cpu$arm64(r10, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000180)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1f)
r12 = syz_kvm_vgic_v3_setup(r4, 0x4, 0x320)
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x7, 0x0, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r13 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x1d)
ioctl$KVM_IRQ_LINE_STATUS(r13, 0xc008ae67, &(0x7f0000000000)={0xcf0, 0x101})

24m0.61989261s ago: executing program 8 (id=412):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@msr={0x14, 0x20, {0x603000000013e7fc, 0x8000}}], 0x20}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2, 0x23ac5f9b426ec4b1, 0xffffffffffffffff, 0xc007000000000000)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
ioctl$KVM_SET_SREGS(r9, 0x4000ae84, 0xfffffffffffffffe)
r10 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x10000000001, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x0, 0x0, 0x10000, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x1, 0x180)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r10, 0xae80, 0x0)

23m16.290664136s ago: executing program 40 (id=411):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f00000002c0)={0x1, 0x0, [{0x10000, 0x1, 0x1, 0x0, @adapter={0x7b, 0x9, 0x0, 0x443, 0x8}}]})
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xe4)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x30)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r6, 0x4018aee3, 0xffffffffffffffff)
r7 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x2d)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f00000001c0)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)})
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000240)={0x5, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000000)=0xc000000000000000})
syz_kvm_setup_cpu$arm64(r10, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000180)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1f)
r12 = syz_kvm_vgic_v3_setup(r4, 0x4, 0x320)
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x7, 0x0, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r13 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x1d)
ioctl$KVM_IRQ_LINE_STATUS(r13, 0xc008ae67, &(0x7f0000000000)={0xcf0, 0x101})

23m8.293539024s ago: executing program 41 (id=412):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@msr={0x14, 0x20, {0x603000000013e7fc, 0x8000}}], 0x20}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2, 0x23ac5f9b426ec4b1, 0xffffffffffffffff, 0xc007000000000000)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
ioctl$KVM_SET_SREGS(r9, 0x4000ae84, 0xfffffffffffffffe)
r10 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x10000000001, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x0, 0x0, 0x10000, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x1, 0x180)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r10, 0xae80, 0x0)

13m28.853624576s ago: executing program 0 (id=414):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x8)
syz_kvm_vgic_v3_setup(r0, 0x3, 0x200) (async)
r1 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x0, 0xef39, 0x2}}) (async, rerun: 32)
ioctl$KVM_SET_SIGNAL_MASK(r1, 0x4004ae8b, &(0x7f0000000080)={0xd6, "635ca435ab57d875bd36cfacb77f55f146d74a7f1be31a2612a43269c8fc797eddf5ff6b1e533700199def81de977855fc43f0c7f86acab0163b8f07ecfdc71d318b71bf3fbbaec1a1abc3e115757780da7389be439ec0cac658db51aa69d3c2899b3a50c091c80918778fa3b1d52112af3de0a02ebf91653b8a865e0c39f2242edbcb214e712696fe8e620d92791f69ee08003ada32f210bb8c4a9ed7272f3d0696ae68caca26968df3f0c02b625dabc54263185d4c70d13d4c364cfa9ad61c660a25c7118685b68cb24d85989f1101476459021e91"}) (async, rerun: 32)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x40)
syz_kvm_setup_cpu$arm64(r2, r1, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000600)=[{0x0, &(0x7f0000000180)=[@mrs={0xbe, 0x18, {0x603000000013df73}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x4, 0x3, 0x773a, 0x8, 0x2}}, @svc={0x122, 0x40, {0x89000052, [0x4, 0x8000000000000001, 0x0, 0x0, 0x9]}}, @hvc={0x32, 0x40, {0x80000002, [0x7, 0x18000000000000, 0x409, 0x3, 0x9]}}, @uexit={0x0, 0x18, 0x90}, @irq_setup={0x46, 0x18, {0x4, 0x66}}, @code={0xa, 0x6c, {"000008d5008008d5000028d520c897d20060b8f2210180d2a20080d2c30180d2240080d2020000d40040002f00c0e21e007008d5a09f8fd200c0b8f2410080d2220180d2030180d2040080d2020000d4000c205e000860f8"}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xffe8, 0xb9aa, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013e536}}, @eret={0xe6, 0x18, 0x2}, @irq_setup={0x46, 0x18, {0x0, 0x169}}, @irq_setup={0x46, 0x18, {0x0, 0x15e}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x3fd}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x180, 0x5, 0x2}}, @eret={0xe6, 0x18, 0x7}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xd00, 0xfffffffffffffffe, 0x8}}, @code={0xa, 0x9c, {"002cc01a80e08ed20080b0f2e10180d2e20080d2830080d2e40080d2020000d400a4df0d80c882d200e0b8f2c10180d2c20180d2230180d2640080d2020000d4000028d5e09d99d200e0b0f2a10180d2420180d2030080d2840180d2020000d4002c205e00800088c0c78cd200c0b8f2010180d2220080d2c30180d2e40180d2020000d40080800d"}}, @svc={0x122, 0x40, {0x40, [0x5, 0xa, 0x4, 0x0, 0x4]}}, @hvc={0x32, 0x40, {0x8600ff01, [0xe89, 0x8, 0xf100000000, 0xffffffffffffff81, 0x81]}}, @uexit={0x0, 0x18, 0x80}, @svc={0x122, 0x40, {0x84000013, [0x101, 0x1, 0x7, 0x1, 0xffffffffffffffff]}}, @msr={0x14, 0x20, {0x603000000013df5f, 0x7fffffff}}, @uexit={0x0, 0x18, 0x2}, @mrs={0xbe, 0x18, {0x603000000013df6e}}, @eret={0xe6, 0x18, 0x1}], 0x468}], 0x1, 0x0, &(0x7f0000000640)=[@featur2={0x1, 0x94}], 0x1) (async)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r2, 0x4010aeb5, &(0x7f0000000680)={0x80000001})
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x39)
r5 = mmap$KVM_VCPU(&(0x7f0000ffc000/0x1000)=nil, 0x0, 0x2000001, 0x30, r1, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000006c0)="e69affcbe69ae5c62a7d1c817311a6bd759f30bd90749d2d2fc98f5b4e2ba69526aee4f0fd634a9022f1b6ab49666a5ecf3e7ffecf684db516b6fd225a9b9e0128d488aca91bbf6e", 0x0, 0x48) (async)
r6 = ioctl$KVM_GET_STATS_FD_cpu(r1, 0xaece)
ioctl$KVM_SET_USER_MEMORY_REGION2(r0, 0x40a0ae49, &(0x7f0000000740)={0x2, 0x2, 0x80a0000, 0x2000, &(0x7f0000c4a000/0x2000)=nil, 0xa648, r6})
ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, &(0x7f0000000800)={0x9, [0x1, 0x500000000, 0x80000000, 0x7, 0xfffffffffffffc8a, 0x5, 0x10001, 0x7, 0x3]}) (async, rerun: 64)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async, rerun: 64)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000880)={r1, 0x2, 0x2, r1}) (async, rerun: 32)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x37) (rerun: 32)
close(r7)
ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f00000008c0)={0x5, 0x2}) (async)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000800000/0x800000)=nil, r8, 0x8, 0x10, r1, 0x0) (async)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000900), 0x4400, 0x0)
ioctl$KVM_CHECK_EXTENSION(r9, 0xae03, 0x7fff)
ioctl$KVM_SET_GSI_ROUTING(r4, 0x4008ae6a, &(0x7f0000000940)={0x2, 0x0, [{0x5, 0x4, 0x0, 0x0, @irqchip={0x7}}, {0x7, 0x5, 0x0, 0x0, @msi={0x1000, 0x101, 0x3c, 0x2}}]}) (async)
r10 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000a00)=@arm64_sve={0x608000000015003a, &(0x7f00000009c0)=0x7ff}) (async)
ioctl$KVM_ARM_PREFERRED_TARGET(r6, 0x8020aeaf, &(0x7f0000000a40)) (async)
ioctl$KVM_CLEAR_DIRTY_LOG(r7, 0xc018aec0, &(0x7f0000000e80)={0x10200, 0x300, 0x2c0, &(0x7f0000000a80)=[0xd9, 0x5000000, 0xfffffffffffffffd, 0x200, 0x5, 0x0, 0x90bf, 0x5, 0x1, 0xffffffffffffffff, 0xff, 0x8000000000000000, 0x0, 0x2, 0x8, 0x6, 0x1ff, 0x1, 0x8, 0x100000001, 0xfffffffffffffff9, 0x100000000, 0x48, 0x3, 0xed3e, 0x3, 0x10, 0x23d, 0xfffffffffffffffa, 0x0, 0x8, 0x80000000, 0x8, 0x313, 0x250, 0x2, 0x7ff, 0xe02, 0x7, 0x0, 0x70, 0x8, 0xd87e, 0x4, 0x1, 0x2, 0x9, 0x10fab711, 0x1, 0x6, 0x9, 0x4, 0xc5b9, 0x80, 0x3, 0x7ff, 0x5, 0x4, 0x7, 0x9, 0xba27, 0xa29, 0x80000001, 0x5, 0xfffffffffffffffc, 0x5, 0xfffffffffffffe01, 0xfffffffffffffff6, 0x64bfaeb5, 0xac, 0x7, 0x4, 0xffffffff00000000, 0x10, 0xffffffffffffffff, 0x6, 0x8001, 0x200, 0x40, 0x1, 0x8000, 0x0, 0x6, 0x3ff, 0x3, 0x1, 0x7, 0x101, 0x1, 0x8, 0x6, 0x100000001, 0x6, 0x5, 0x1, 0x1, 0x8, 0x80000000, 0x4, 0x6, 0x5, 0x1, 0xdd8e, 0x1000, 0x8, 0x6, 0x4, 0x75e8a471, 0x8, 0x8000, 0x8, 0x3, 0xff, 0xfffffffffffffff7, 0x0, 0x5, 0xffffffff, 0x0, 0x1, 0x3, 0xff, 0x3, 0x6, 0x8001, 0x5, 0x1, 0x7f, 0xd5ff]})

13m26.481011916s ago: executing program 1 (id=415):
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r1, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x3, 0x1000, 0x40000000, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8})

13m13.37733951s ago: executing program 0 (id=416):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0x80086601, 0x20000000)
eventfd2(0xe9e9, 0x800) (async)
r2 = eventfd2(0xe9e9, 0x800)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x7, 0x3000, 0x0, r2, 0xa})

13m0.913177154s ago: executing program 1 (id=417):
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r3 = openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1b)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f00000000c0)={0xbbfbfe6201889764, 0xffffffffffffffff, 0x1})
ioctl$KVM_SIGNAL_MSI(r5, 0x4020aea5, &(0x7f0000000040)={0xffff1000, 0xe6eea004, 0x81, 0x1, 0x3f8})
r6 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r8, 0xae03, 0x29)

12m59.643414053s ago: executing program 0 (id=418):
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r5 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r4, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r4, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, r4, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x401c5820, &(0x7f00000000c0)=@attr_other={0x0, 0x8dc, 0xfffffffffffffffd, 0x0})
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000c0c000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_GUEST_MEMFD(r7, 0xc040aed4, &(0x7f0000000080)={0xffff, 0x9})
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f1, 0x8000}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x141000, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
r16 = ioctl$KVM_CREATE_GUEST_MEMFD(r15, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x1})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r16, 0x0)
ioctl$KVM_CREATE_GUEST_MEMFD(r13, 0xc040aed4, &(0x7f0000000000)={0x7, 0x2})

12m33.982101621s ago: executing program 1 (id=419):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
r2 = eventfd2(0x8, 0x80800)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x19)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r3, 0x4068aea3, &(0x7f0000000100)={0xe4, 0x0, 0x3})
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000000c0)={r2, 0x3})
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2, 0x9, 0x3, r2})

12m28.987241248s ago: executing program 0 (id=420):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0xc400000e, [0x99b, 0x100000003, 0x5, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x21)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
r7 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r6, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0x801c581f, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000140)={0x4, <r11=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r11, 0x800454e0, 0x1000110c230000)
openat$kvm(0x0, &(0x7f0000000100), 0x109100, 0x0)
r12 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x29)
ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1)
r13 = syz_kvm_vgic_v3_setup(r10, 0x2, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r13, 0x4018aee2, &(0x7f0000000040)=@attr_other={0x0, 0x7, 0x4678, 0x0})
syz_kvm_vgic_v3_setup(r1, 0x3, 0xc0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000140), 0x86000, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x13)
r16 = ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r15, r16, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000380)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)

12m15.550631678s ago: executing program 1 (id=421):
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000)
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000040)={0x10000, 0x1, 0x4, 0x2000, &(0x7f0000d21000/0x2000)=nil, 0xf9e2})
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000003000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000) (async)
openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async)
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000040)={0x10000, 0x1, 0x4, 0x2000, &(0x7f0000d21000/0x2000)=nil, 0xf9e2}) (async)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000003000/0x4000)=nil, 0x4000) (async)

12m2.784141714s ago: executing program 0 (id=422):
eventfd2(0x0, 0x0) (async)
r0 = eventfd2(0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x28)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
r4 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r3, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f00000001c0)={0x8, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)})
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x1, 0x4000, 0x1000, &(0x7f0000000000/0x1000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x1, 0x4000, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000000)=0xc000000000000000})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) (async)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2)
r12 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r11, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r11, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x401c5820, &(0x7f00000000c0)=@attr_other={0x0, 0x8dc, 0xfffffffffffffffd, 0x0}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x401c5820, &(0x7f00000000c0)=@attr_other={0x0, 0x8dc, 0xfffffffffffffffd, 0x0})
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408) (async)
r14 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r13, 0x4068aea3, &(0x7f00000003c0))
ioctl$KVM_CHECK_EXTENSION(r14, 0x541b, 0xac)
mmap$KVM_VCPU(&(0x7f0000004000/0x4000)=nil, 0x930, 0x0, 0x11, r0, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000004000/0x4000)=nil, 0x930, 0x0, 0x11, r0, 0x0)

11m55.054921079s ago: executing program 1 (id=423):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000500)=[@smc={0x1e, 0x40, {0x8400000f, [0x7, 0x81, 0xffffffff, 0x3, 0x4]}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x80000, 0x10000, 0x0, 0x0, 0x2}}], 0x68}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x9e) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = eventfd2(0xeffffffd, 0x801)
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000000)={0x200, 0x4000, 0x4, r7, 0x1}) (async)
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r7, 0x3}) (async)
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f00000000c0)={0x1000000000003, 0x0, 0x2, r7, 0xf})
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000240)=ANY=[@ANYBLOB="0400000000000000ff7f00000500000000000000000000000000000008000000000000000000000000000000000000000000000000000000030000000400000001000000000000000800000000000005000000000000000007000000000000000600000005000000040000f3040000000100000000000000b5ae0000000000000700000000000000000000000100000007000000030000f606000000010000000100000000000000100000000400"/200])
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_CAP_ARM_MTE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000380))
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async)
r9 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x800)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, &(0x7f0000000040)=[@svc={0x122, 0x40, {0xc400000d, [0xf, 0xffffffffffffffc0, 0x8000000000000001, 0x3, 0x42]}}], 0x40}, &(0x7f0000000100)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_SET_SIGNAL_MASK(r3, 0x4004ae8b, &(0x7f0000000400)={0xda, "b4b39e1dee90b69d23add400f59ac9dc141d5aac984f813a5cbb577f3930f7bf5db2eb7e7bea5d682e0d9cabce7b8a3848837875b287c30b6e269953abe6d1992809418bdbe61f79efa15e8b764678b47bd7d74ab19e663279aac76aa4b2b2305c483aa5a26f131d62a284c989bf124a068a8b4e3b36556ed0c32db31f9f2255814bc26c1c868c7b8544ad185ffd00c813c2e72a818b38ecbc2ad413b9673af21af33176a475fbb6628bd77186725096e954b5853e6cef49808f3bb34cebc58efb00851a64153c32bd633401200698e8a9beaa9d3a9220f15bf7"}) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_RUN(r12, 0xae80, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000007, 0x4f833, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000) (async)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r13, 0x80111500, 0xfffffffffffff000)

11m38.82329938s ago: executing program 0 (id=424):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION2(r3, 0x40a0ae49, &(0x7f0000000200)={0x18102, 0x1, 0xf000, 0x2000, &(0x7f0000299000/0x2000)=nil, 0x9})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x41, 0x100)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000100)={0x0, &(0x7f0000000680)=[@its_setup={0x82, 0x28, {0x3, 0x0, 0x16f}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x2, 0x8, 0x8, 0x100}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r10=>0xffffffffffffffff})
r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r13, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x2, 0x1000000000000004}}, @mrs={0xbe, 0x18, {0x603000000013e081}}], 0x40}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r9, 0xae80, 0x0)

11m31.910918965s ago: executing program 1 (id=425):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000740)={0x3, 0x4, 0xffff1000, 0x2000, &(0x7f0000e03000/0x2000)=nil, 0x7d3}) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x8800, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xf0)

10m50.98317767s ago: executing program 42 (id=424):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION2(r3, 0x40a0ae49, &(0x7f0000000200)={0x18102, 0x1, 0xf000, 0x2000, &(0x7f0000299000/0x2000)=nil, 0x9})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x41, 0x100)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000100)={0x0, &(0x7f0000000680)=[@its_setup={0x82, 0x28, {0x3, 0x0, 0x16f}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x2, 0x8, 0x8, 0x100}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r10=>0xffffffffffffffff})
r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r13, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x2, 0x1000000000000004}}, @mrs={0xbe, 0x18, {0x603000000013e081}}], 0x40}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r9, 0xae80, 0x0)

10m41.676571716s ago: executing program 43 (id=425):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000740)={0x3, 0x4, 0xffff1000, 0x2000, &(0x7f0000e03000/0x2000)=nil, 0x7d3}) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x8800, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xf0)

1m53.078633064s ago: executing program 2 (id=426):
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r1, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
r4 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r3, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000040)=[{0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0000001800"/24], 0x18}], 0x1, 0x0, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, r1, 0x4, 0x10, 0xffffffffffffffff, 0x0)

1m49.312201238s ago: executing program 3 (id=427):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="7cfaa2bfd6dd76375aa1bde04fceeb33743b07d73b3e9aac", 0x0, 0xffffffffffffff94)
r3 = eventfd2(0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0x4020940d, 0x20000000)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve_vls={0x606000000015ffff, 0x0})

1m41.482150535s ago: executing program 2 (id=428):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
ioctl$KVM_CREATE_DEVICE(r3, 0xc018aec0, &(0x7f00000000c0)={0x1})
r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1m35.038948536s ago: executing program 3 (id=429):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x38)
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000000)={0x10201, 0x0, &(0x7f0000ce8000/0x11000)=nil})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000040)=@arm64_extra={0x603000000013c036, &(0x7f0000000100)=0x78b})
r7 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
r8 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r7, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000100)={0x0, &(0x7f0000000680)=[@its_setup={0x82, 0x28, {0x3, 0x0, 0x16f}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x2, 0x8, 0x8, 0x100}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r10, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, <r13=>0xffffffffffffffff})
r14 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r16, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r12, 0xae80, 0x0)

1m21.83045293s ago: executing program 2 (id=430):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1fd, 0x3, 0xeeeed000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bc2000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a000000000000002000000000000000002080d2a0bbbbf21f004299"], 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

1m8.266288522s ago: executing program 3 (id=431):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x20)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x19) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x288441, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x220200, 0x0) (async)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bfd000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000b80)={0x0, &(0x7f00000009c0)}, &(0x7f0000000bc0)=[@featur2={0x1, 0x10}], 0x1)
ioctl$KVM_RUN(r7, 0xae80, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000100)=@arm64_extra={0x603000000013c025, &(0x7f00000000c0)=0x6}) (async)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x400004, 0x0) (async)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r10, 0x4018aee3, &(0x7f0000000100)=@attr_irq_timer={0x0, 0x1, 0x0, 0x0}) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000b75000/0x400000)=nil) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2, 0x23ac5f9b426ec4b2, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0xdc032, 0xffffffffffffffff, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000200)=@arm64_core={0x603000000010001c, &(0x7f00000001c0)=0x9})

1m4.870895741s ago: executing program 2 (id=432):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x34)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r5, 0x2, 0x12, r4, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r9, 0x8040aeb6, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9, 0x7fffffff, 0x2}})
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r10, 0x3, 0x11, r6, 0x0)
ioctl$KVM_INTERRUPT(r6, 0x4004ae86, &(0x7f0000000000)=0x4b3f2b6d)
mmap$KVM_VCPU(&(0x7f0000010000/0x2000)=nil, 0x930, 0x180000b, 0x11, r6, 0x0)

49.56436963s ago: executing program 3 (id=433):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x5, 0xb, 0x0, 0x2, 0x6, 0x6, 0x9, 0x8, 0x89, 0x6, 0x2, 0x0, 0x6, 0x6, 0xe2, 0x3, 0x29, 0x0, '\x00', 0x10, 0x6}) (async)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r4=>0xffffffffffffffff, 0x1})
write$eventfd(r4, &(0x7f00000001c0), 0xe80) (async)
r5 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f00000000c0)})

17.082283884s ago: executing program 44 (id=432):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x34)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r5, 0x2, 0x12, r4, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r9, 0x8040aeb6, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9, 0x7fffffff, 0x2}})
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r10, 0x3, 0x11, r6, 0x0)
ioctl$KVM_INTERRUPT(r6, 0x4004ae86, &(0x7f0000000000)=0x4b3f2b6d)
mmap$KVM_VCPU(&(0x7f0000010000/0x2000)=nil, 0x930, 0x180000b, 0x11, r6, 0x0)

0s ago: executing program 45 (id=433):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x5, 0xb, 0x0, 0x2, 0x6, 0x6, 0x9, 0x8, 0x89, 0x6, 0x2, 0x0, 0x6, 0x6, 0xe2, 0x3, 0x29, 0x0, '\x00', 0x10, 0x6}) (async)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r4=>0xffffffffffffffff, 0x1})
write$eventfd(r4, &(0x7f00000001c0), 0xe80) (async)
r5 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f00000000c0)})

kernel console output (not intermixed with test programs):

[  386.084121][ T3166] 8021q: adding VLAN 0 to HW filter on device bond0
[  420.914240][ T3166] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:20830' (ED25519) to the list of known hosts.
[  600.403183][   T25] audit: type=1400 audit(599.610:60): avc:  denied  { name_bind } for  pid=3324 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  602.087839][   T25] audit: type=1400 audit(601.290:61): avc:  denied  { execute } for  pid=3325 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  602.128076][   T25] audit: type=1400 audit(601.330:62): avc:  denied  { execute_no_trans } for  pid=3325 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  623.825107][   T25] audit: type=1400 audit(623.030:63): avc:  denied  { mounton } for  pid=3325 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  623.887734][   T25] audit: type=1400 audit(623.090:64): avc:  denied  { mount } for  pid=3325 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  623.973157][ T3325] cgroup: Unknown subsys name 'net'
[  624.029267][   T25] audit: type=1400 audit(623.230:65): avc:  denied  { unmount } for  pid=3325 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  624.515468][ T3325] cgroup: Unknown subsys name 'cpuset'
[  624.659025][ T3325] cgroup: Unknown subsys name 'rlimit'
[  625.987787][   T25] audit: type=1400 audit(625.190:66): avc:  denied  { setattr } for  pid=3325 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  626.012366][   T25] audit: type=1400 audit(625.220:67): avc:  denied  { mounton } for  pid=3325 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  626.029348][   T25] audit: type=1400 audit(625.230:68): avc:  denied  { mount } for  pid=3325 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  627.050646][ T3329] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  627.071480][   T25] audit: type=1400 audit(626.270:69): avc:  denied  { relabelto } for  pid=3329 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  627.107628][   T25] audit: type=1400 audit(626.300:70): avc:  denied  { write } for  pid=3329 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  627.283343][   T25] audit: type=1400 audit(626.490:71): avc:  denied  { read } for  pid=3325 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  627.304097][   T25] audit: type=1400 audit(626.510:72): avc:  denied  { open } for  pid=3325 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  627.350591][ T3325] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  679.565332][   T25] audit: type=1400 audit(678.770:73): avc:  denied  { execmem } for  pid=3330 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  683.890006][   T25] audit: type=1400 audit(683.100:74): avc:  denied  { read } for  pid=3332 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  683.905250][   T25] audit: type=1400 audit(683.110:75): avc:  denied  { open } for  pid=3332 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  683.997820][   T25] audit: type=1400 audit(683.200:76): avc:  denied  { mounton } for  pid=3332 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  684.291568][   T25] audit: type=1400 audit(683.490:77): avc:  denied  { module_request } for  pid=3333 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  684.304470][   T25] audit: type=1400 audit(683.510:78): avc:  denied  { module_request } for  pid=3332 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  685.255368][   T25] audit: type=1400 audit(684.460:79): avc:  denied  { sys_module } for  pid=3333 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  711.125066][ T3333] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  711.247977][ T3333] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  712.382183][ T3332] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  712.519533][ T3332] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  723.247592][ T3333] hsr_slave_0: entered promiscuous mode
[  723.300343][ T3333] hsr_slave_1: entered promiscuous mode
[  724.702566][ T3332] hsr_slave_0: entered promiscuous mode
[  724.742968][ T3332] hsr_slave_1: entered promiscuous mode
[  724.774526][ T3332] debugfs: 'hsr0' already exists in 'hsr'
[  724.785329][ T3332] Cannot create hsr debugfs directory
[  729.747160][   T25] audit: type=1400 audit(728.940:80): avc:  denied  { create } for  pid=3333 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  729.802697][   T25] audit: type=1400 audit(729.010:81): avc:  denied  { write } for  pid=3333 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  729.847766][   T25] audit: type=1400 audit(729.050:82): avc:  denied  { read } for  pid=3333 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  730.014556][ T3333] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  730.453861][ T3333] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  730.711679][ T3333] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  731.040346][ T3333] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  732.580169][ T3332] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  732.751142][ T3332] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  733.018161][ T3332] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  733.238614][ T3332] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  744.597499][ T3333] 8021q: adding VLAN 0 to HW filter on device bond0
[  747.140614][ T3332] 8021q: adding VLAN 0 to HW filter on device bond0
[  798.694785][ T3333] veth0_vlan: entered promiscuous mode
[  799.260980][ T3333] veth1_vlan: entered promiscuous mode
[  800.731407][ T3332] veth0_vlan: entered promiscuous mode
[  801.542413][ T3333] veth0_macvtap: entered promiscuous mode
[  801.725205][ T3332] veth1_vlan: entered promiscuous mode
[  801.933176][ T3333] veth1_macvtap: entered promiscuous mode
[  804.241314][ T3332] veth0_macvtap: entered promiscuous mode
[  804.334201][   T35] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  804.543098][   T35] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  804.569276][   T35] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  804.655248][   T35] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  804.931052][ T3332] veth1_macvtap: entered promiscuous mode
[  807.091634][   T25] audit: type=1400 audit(806.300:83): avc:  denied  { mount } for  pid=3333 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  807.208169][   T25] audit: type=1400 audit(806.410:84): avc:  denied  { mounton } for  pid=3333 comm="syz-executor" path="/syzkaller.wGtJjw/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  807.421596][   T25] audit: type=1400 audit(806.630:85): avc:  denied  { mount } for  pid=3333 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  807.649708][ T3437] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  807.661620][ T3437] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  807.732996][ T3437] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  807.739629][ T3437] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  807.840458][   T25] audit: type=1400 audit(807.000:86): avc:  denied  { mounton } for  pid=3333 comm="syz-executor" path="/syzkaller.wGtJjw/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  808.027024][   T25] audit: type=1400 audit(807.220:87): avc:  denied  { mounton } for  pid=3333 comm="syz-executor" path="/syzkaller.wGtJjw/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3790 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  808.641496][   T25] audit: type=1400 audit(807.850:88): avc:  denied  { unmount } for  pid=3333 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  808.812269][   T25] audit: type=1400 audit(808.010:89): avc:  denied  { mounton } for  pid=3333 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  808.912671][   T25] audit: type=1400 audit(808.120:90): avc:  denied  { mount } for  pid=3333 comm="syz-executor" name="/" dev="gadgetfs" ino=3801 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  809.285195][   T25] audit: type=1400 audit(808.490:91): avc:  denied  { mount } for  pid=3333 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  809.462760][   T25] audit: type=1400 audit(808.670:92): avc:  denied  { mounton } for  pid=3333 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  810.819872][ T3333] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  825.432426][   T25] kauditd_printk_skb: 4 callbacks suppressed
[  825.442103][   T25] audit: type=1400 audit(824.550:97): avc:  denied  { execute } for  pid=3485 comm="syz.1.2" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3838 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  825.882639][   T25] audit: type=1400 audit(825.090:98): avc:  denied  { read } for  pid=3485 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  825.987256][   T25] audit: type=1400 audit(825.190:99): avc:  denied  { open } for  pid=3485 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  826.168031][   T25] audit: type=1400 audit(825.350:100): avc:  denied  { ioctl } for  pid=3485 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  862.064786][   T25] audit: type=1400 audit(861.270:101): avc:  denied  { append } for  pid=3518 comm="syz.1.10" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  862.182470][   T25] audit: type=1400 audit(861.390:102): avc:  denied  { write } for  pid=3518 comm="syz.1.10" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  915.704816][   T25] audit: type=1400 audit(914.910:103): avc:  denied  { create } for  pid=3553 comm="syz.1.21" anonclass=[kvm-gmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  984.804230][   T25] audit: type=1400 audit(983.960:104): avc:  denied  { setattr } for  pid=3588 comm="syz.0.35" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  990.903500][   T25] audit: type=1400 audit(990.080:105): avc:  denied  { map } for  pid=3593 comm="syz.1.37" path="anon_inode:[kvm-gmem]" dev="anon_inodefs" ino=5629 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  990.970770][   T25] audit: type=1400 audit(990.180:106): avc:  denied  { read } for  pid=3593 comm="syz.1.37" path="anon_inode:[kvm-gmem]" dev="anon_inodefs" ino=5629 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1071.659262][   T25] audit: type=1400 audit(1070.810:107): avc:  denied  { ioctl } for  pid=3653 comm="syz.1.52" path="net:[4026532626]" dev="nsfs" ino=4026532626 ioctlcmd=0xb709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1112.359937][ T3677] kvm [3677]: Failed to find VMA for hva 0x21016000
[ 1234.541399][ T3762] kvm [3762]: Failed to find VMA for hva 0x20bc6000
[ 1334.711122][ T3810] kvm [3810]: Failed to find VMA for hva 0x21016000
[ 1378.321595][ T3821] debugfs: 'vgic-its-state@8080000' already exists in '3821-4'
[ 1471.722077][   T25] audit: type=1400 audit(1470.920:108): avc:  denied  { map } for  pid=3881 comm="syz.0.118" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1471.758760][   T25] audit: type=1400 audit(1470.930:109): avc:  denied  { execute } for  pid=3881 comm="syz.0.118" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1653.095425][ T3999] kvm [3998]: Unsupported guest access at: eeef0000
[ 1653.095425][ T3999]  { Op0( 2), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read },
[ 1734.638603][   T52] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1735.955061][   T52] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1737.315412][   T52] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1738.328147][   T52] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1753.219767][   T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1753.322537][   T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1753.399350][   T52] bond0 (unregistering): Released all slaves
[ 1754.740803][   T52] hsr_slave_0: left promiscuous mode
[ 1754.781888][   T52] hsr_slave_1: left promiscuous mode
[ 1755.186928][   T52] veth1_macvtap: left promiscuous mode
[ 1755.191025][   T52] veth0_macvtap: left promiscuous mode
[ 1755.210241][   T52] veth1_vlan: left promiscuous mode
[ 1755.230654][   T52] veth0_vlan: left promiscuous mode
[ 1774.189394][   T52] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1775.259181][   T52] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1776.444521][   T52] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1777.600260][   T52] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1793.388818][   T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1793.548818][   T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1793.629434][   T52] bond0 (unregistering): Released all slaves
[ 1795.662397][   T52] hsr_slave_0: left promiscuous mode
[ 1795.918876][   T52] hsr_slave_1: left promiscuous mode
[ 1796.687923][   T52] veth1_macvtap: left promiscuous mode
[ 1796.717415][   T52] veth0_macvtap: left promiscuous mode
[ 1796.723715][   T52] veth1_vlan: left promiscuous mode
[ 1796.725312][   T52] veth0_vlan: left promiscuous mode
[ 1809.122660][ T4014] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1809.446741][ T4014] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1823.222285][ T4025] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1823.438870][ T4025] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1827.832797][ T4014] hsr_slave_0: entered promiscuous mode
[ 1827.921940][ T4014] hsr_slave_1: entered promiscuous mode
[ 1839.374641][ T4014] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1839.701731][ T4014] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1839.970903][ T4014] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1840.259349][ T4014] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1843.465297][ T4025] hsr_slave_0: entered promiscuous mode
[ 1843.562065][ T4025] hsr_slave_1: entered promiscuous mode
[ 1843.595254][ T4025] debugfs: 'hsr0' already exists in 'hsr'
[ 1843.648232][ T4025] Cannot create hsr debugfs directory
[ 1858.073526][ T4025] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1858.521809][ T4025] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1859.107252][ T4025] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1859.388774][ T4025] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1865.674877][ T4014] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1883.859856][ T4025] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1952.298988][ T4014] veth0_vlan: entered promiscuous mode
[ 1953.538587][ T4014] veth1_vlan: entered promiscuous mode
[ 1956.213629][ T4014] veth0_macvtap: entered promiscuous mode
[ 1956.650128][ T4014] veth1_macvtap: entered promiscuous mode
[ 1959.407164][ T3379] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1959.409402][ T3379] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1959.453645][ T3379] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1959.464047][ T3379] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1975.979716][ T4025] veth0_vlan: entered promiscuous mode
[ 1977.340294][ T4025] veth1_vlan: entered promiscuous mode
[ 1981.009342][ T4025] veth0_macvtap: entered promiscuous mode
[ 1981.805368][ T4025] veth1_macvtap: entered promiscuous mode
[ 1985.769429][ T3900] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1985.773684][ T3900] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1985.825083][ T3900] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1985.847360][ T3900] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2273.508862][ T3437] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2275.891440][ T3437] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2278.200850][ T3437] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2280.080156][ T3437] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2306.372471][ T3437] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2306.761521][ T3437] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2306.950214][ T3437] bond0 (unregistering): Released all slaves
[ 2309.339138][ T3437] hsr_slave_0: left promiscuous mode
[ 2309.437015][ T3437] hsr_slave_1: left promiscuous mode
[ 2310.220467][ T3437] veth1_macvtap: left promiscuous mode
[ 2310.229330][ T3437] veth0_macvtap: left promiscuous mode
[ 2310.253807][ T3437] veth1_vlan: left promiscuous mode
[ 2310.299217][ T3437] veth0_vlan: left promiscuous mode
[ 2397.771262][ T4426] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2398.345242][ T4426] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2434.580924][ T4426] hsr_slave_0: entered promiscuous mode
[ 2434.761799][ T4426] hsr_slave_1: entered promiscuous mode
[ 2453.735004][ T4426] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2454.159583][ T4426] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2454.725369][ T4426] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2455.224520][ T4426] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2489.681685][ T4426] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2512.969996][ T4611] FAULT_INJECTION: forcing a failure.
[ 2512.969996][ T4611] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 2513.037998][ T4611] CPU: 0 UID: 0 PID: 4611 Comm: syz.3.217 Not tainted syzkaller #0 PREEMPT 
[ 2513.038698][ T4611] Hardware name: linux,dummy-virt (DT)
[ 2513.039191][ T4611] Call trace:
[ 2513.039604][ T4611]  show_stack+0x2c/0x3c (C)
[ 2513.041487][ T4611]  __dump_stack+0x30/0x40
[ 2513.041760][ T4611]  dump_stack_lvl+0xd8/0x12c
[ 2513.041995][ T4611]  dump_stack+0x1c/0x28
[ 2513.042199][ T4611]  should_fail_ex+0x570/0x6e0
[ 2513.042432][ T4611]  should_fail_alloc_page+0xd4/0xd8
[ 2513.042693][ T4611]  prepare_alloc_pages+0x20c/0x5e0
[ 2513.043021][ T4611]  __alloc_frozen_pages_noprof+0xd8/0x2d0
[ 2513.043226][ T4611]  alloc_pages_mpol+0x204/0x4c8
[ 2513.043512][ T4611]  folio_alloc_mpol_noprof+0x4c/0x2b4
[ 2513.043806][ T4611]  vma_alloc_folio_noprof+0x348/0x494
[ 2513.044117][ T4611]  vma_alloc_zeroed_movable_folio+0x80/0xa0
[ 2513.044399][ T4611]  folio_prealloc+0x3c/0x1c4
[ 2513.044688][ T4611]  handle_mm_fault+0x3eb0/0x5860
[ 2513.044987][ T4611]  do_page_fault+0x414/0x1508
[ 2513.045258][ T4611]  do_translation_fault+0xbc/0xfc
[ 2513.045545][ T4611]  do_mem_abort+0x50/0x110
[ 2513.045809][ T4611]  el0_da+0x64/0x210
[ 2513.046124][ T4611]  el0t_64_sync_handler+0x90/0x12c
[ 2513.046412][ T4611]  el0t_64_sync+0x198/0x19c
[ 2513.209744][ T4611] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 2630.572586][ T4426] veth0_vlan: entered promiscuous mode
[ 2631.579974][ T4426] veth1_vlan: entered promiscuous mode
[ 2635.100638][ T4426] veth0_macvtap: entered promiscuous mode
[ 2635.780019][ T4426] veth1_macvtap: entered promiscuous mode
[ 2639.404391][ T4027] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2639.417598][ T4027] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2639.451886][ T4027] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2639.510046][ T4027] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2676.354551][ T3684] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2678.121309][ T3684] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2679.563870][ T3684] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2681.371264][ T3684] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2708.514606][ T3684] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2708.942437][ T3684] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2709.298739][ T3684] bond0 (unregistering): Released all slaves
[ 2712.659346][ T3684] hsr_slave_0: left promiscuous mode
[ 2712.822226][ T3684] hsr_slave_1: left promiscuous mode
[ 2713.731668][ T3684] veth1_macvtap: left promiscuous mode
[ 2713.758124][ T3684] veth0_macvtap: left promiscuous mode
[ 2713.799016][ T3684] veth1_vlan: left promiscuous mode
[ 2713.811971][ T3684] veth0_vlan: left promiscuous mode
[ 2805.301054][ T4709] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2805.600138][ T4709] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2844.843065][ T4709] hsr_slave_0: entered promiscuous mode
[ 2844.981351][ T4709] hsr_slave_1: entered promiscuous mode
[ 2845.078412][ T4709] debugfs: 'hsr0' already exists in 'hsr'
[ 2845.099743][ T4709] Cannot create hsr debugfs directory
[ 2863.834222][ T4709] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2864.331380][ T4709] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2864.887991][ T4709] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2865.225140][ T4709] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2902.261424][ T4709] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3066.765007][ T4709] veth0_vlan: entered promiscuous mode
[ 3068.489438][ T4709] veth1_vlan: entered promiscuous mode
[ 3072.723837][ T4709] veth0_macvtap: entered promiscuous mode
[ 3073.671416][ T4709] veth1_macvtap: entered promiscuous mode
[ 3078.793553][ T4143] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3078.871800][ T4470] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3078.921586][ T4470] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3079.052751][ T4470] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3467.320057][ T5150] FAULT_INJECTION: forcing a failure.
[ 3467.320057][ T5150] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3467.325342][ T5150] CPU: 0 UID: 0 PID: 5150 Comm: syz.4.304 Not tainted syzkaller #0 PREEMPT 
[ 3467.325685][ T5150] Hardware name: linux,dummy-virt (DT)
[ 3467.325795][ T5150] Call trace:
[ 3467.325881][ T5150]  show_stack+0x2c/0x3c (C)
[ 3467.326281][ T5150]  __dump_stack+0x30/0x40
[ 3467.326505][ T5150]  dump_stack_lvl+0xd8/0x12c
[ 3467.326714][ T5150]  dump_stack+0x1c/0x28
[ 3467.326920][ T5150]  should_fail_ex+0x570/0x6e0
[ 3467.327166][ T5150]  should_fail_alloc_page+0xd4/0xd8
[ 3467.327386][ T5150]  prepare_alloc_pages+0x20c/0x5e0
[ 3467.327678][ T5150]  __alloc_frozen_pages_noprof+0xd8/0x2d0
[ 3467.327877][ T5150]  alloc_pages_mpol+0x204/0x4c8
[ 3467.328191][ T5150]  folio_alloc_mpol_noprof+0x4c/0x2b4
[ 3467.328482][ T5150]  vma_alloc_folio_noprof+0x348/0x494
[ 3467.328770][ T5150]  vma_alloc_zeroed_movable_folio+0x80/0xa0
[ 3467.329075][ T5150]  folio_prealloc+0x3c/0x1c4
[ 3467.329404][ T5150]  handle_mm_fault+0x3eb0/0x5860
[ 3467.329689][ T5150]  do_page_fault+0x414/0x1508
[ 3467.329970][ T5150]  do_translation_fault+0xbc/0xfc
[ 3467.330253][ T5150]  do_mem_abort+0x50/0x110
[ 3467.330540][ T5150]  el0_da+0x64/0x210
[ 3467.330833][ T5150]  el0t_64_sync_handler+0x90/0x12c
[ 3467.331151][ T5150]  el0t_64_sync+0x198/0x19c
[ 3467.477570][ T5150] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 3563.334554][ T5200] FAULT_INJECTION: forcing a failure.
[ 3563.334554][ T5200] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3563.400376][ T5200] CPU: 0 UID: 0 PID: 5200 Comm: syz.4.315 Not tainted syzkaller #0 PREEMPT 
[ 3563.400766][ T5200] Hardware name: linux,dummy-virt (DT)
[ 3563.400876][ T5200] Call trace:
[ 3563.400975][ T5200]  show_stack+0x2c/0x3c (C)
[ 3563.401353][ T5200]  __dump_stack+0x30/0x40
[ 3563.401555][ T5200]  dump_stack_lvl+0xd8/0x12c
[ 3563.401750][ T5200]  dump_stack+0x1c/0x28
[ 3563.401956][ T5200]  should_fail_ex+0x570/0x6e0
[ 3563.402203][ T5200]  should_fail_alloc_page+0xd4/0xd8
[ 3563.402440][ T5200]  prepare_alloc_pages+0x20c/0x5e0
[ 3563.402797][ T5200]  __alloc_frozen_pages_noprof+0xd8/0x2d0
[ 3563.403026][ T5200]  alloc_pages_mpol+0x204/0x4c8
[ 3563.403340][ T5200]  folio_alloc_mpol_noprof+0x4c/0x2b4
[ 3563.403629][ T5200]  vma_alloc_folio_noprof+0x348/0x494
[ 3563.403933][ T5200]  vma_alloc_zeroed_movable_folio+0x80/0xa0
[ 3563.404234][ T5200]  folio_prealloc+0x3c/0x1c4
[ 3563.404524][ T5200]  handle_mm_fault+0x3eb0/0x5860
[ 3563.404798][ T5200]  do_page_fault+0x414/0x1508
[ 3563.405082][ T5200]  do_translation_fault+0xbc/0xfc
[ 3563.405360][ T5200]  do_mem_abort+0x50/0x110
[ 3563.405635][ T5200]  el0_da+0x64/0x210
[ 3563.405943][ T5200]  el0t_64_sync_handler+0x90/0x12c
[ 3563.406256][ T5200]  el0t_64_sync+0x198/0x19c
[ 3563.534997][ T5200] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 3815.012027][ T5298] FAULT_INJECTION: forcing a failure.
[ 3815.012027][ T5298] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3815.068181][ T5298] CPU: 0 UID: 0 PID: 5298 Comm: syz.5.345 Not tainted syzkaller #0 PREEMPT 
[ 3815.068563][ T5298] Hardware name: linux,dummy-virt (DT)
[ 3815.068670][ T5298] Call trace:
[ 3815.068750][ T5298]  show_stack+0x2c/0x3c (C)
[ 3815.069132][ T5298]  __dump_stack+0x30/0x40
[ 3815.069330][ T5298]  dump_stack_lvl+0xd8/0x12c
[ 3815.069517][ T5298]  dump_stack+0x1c/0x28
[ 3815.069706][ T5298]  should_fail_ex+0x570/0x6e0
[ 3815.069961][ T5298]  should_fail_alloc_page+0xd4/0xd8
[ 3815.070192][ T5298]  prepare_alloc_pages+0x20c/0x5e0
[ 3815.070514][ T5298]  __alloc_frozen_pages_noprof+0xd8/0x2d0
[ 3815.070727][ T5298]  alloc_pages_mpol+0x204/0x4c8
[ 3815.071042][ T5298]  folio_alloc_mpol_noprof+0x4c/0x2b4
[ 3815.071335][ T5298]  vma_alloc_folio_noprof+0x348/0x494
[ 3815.071625][ T5298]  vma_alloc_zeroed_movable_folio+0x80/0xa0
[ 3815.071914][ T5298]  folio_prealloc+0x3c/0x1c4
[ 3815.072224][ T5298]  handle_mm_fault+0x3eb0/0x5860
[ 3815.072501][ T5298]  do_page_fault+0x414/0x1508
[ 3815.072760][ T5298]  do_translation_fault+0xbc/0xfc
[ 3815.073043][ T5298]  do_mem_abort+0x50/0x110
[ 3815.073305][ T5298]  el0_da+0x64/0x210
[ 3815.073583][ T5298]  el0t_64_sync_handler+0x90/0x12c
[ 3815.073875][ T5298]  el0t_64_sync+0x198/0x19c
[ 3815.200129][ T5298] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 4083.064578][ T5370] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4083.638386][ T5370] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4096.160993][ T5374] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4096.614265][ T5374] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4124.293506][ T5370] hsr_slave_0: entered promiscuous mode
[ 4124.384901][ T5370] hsr_slave_1: entered promiscuous mode
[ 4124.497956][ T5370] debugfs: 'hsr0' already exists in 'hsr'
[ 4124.507132][ T5370] Cannot create hsr debugfs directory
[ 4134.617498][ T5374] hsr_slave_0: entered promiscuous mode
[ 4134.703352][ T5374] hsr_slave_1: entered promiscuous mode
[ 4134.802037][ T5374] debugfs: 'hsr0' already exists in 'hsr'
[ 4134.807062][ T5374] Cannot create hsr debugfs directory
[ 4155.057004][ T5370] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 4156.174003][ T5370] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 4156.993229][ T5370] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 4158.020382][ T5370] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 4166.393125][ T5374] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 4166.945055][ T5374] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 4167.515032][ T5374] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 4168.140940][ T5374] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 4196.151568][ T5370] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4206.215412][ T5374] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4283.532818][ T3684] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4285.695009][ T3684] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4287.659130][ T3684] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4289.703089][ T3684] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4312.767598][ T3684] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4312.945452][ T3684] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4313.132157][ T3684] bond0 (unregistering): Released all slaves
[ 4317.231226][ T3684] hsr_slave_0: left promiscuous mode
[ 4317.688207][ T3684] hsr_slave_1: left promiscuous mode
[ 4318.714069][ T3684] veth1_macvtap: left promiscuous mode
[ 4318.792705][ T3684] veth0_macvtap: left promiscuous mode
[ 4318.798974][ T3684] veth1_vlan: left promiscuous mode
[ 4318.800494][ T3684] veth0_vlan: left promiscuous mode
[ 4356.860735][ T3684] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4358.563650][ T3684] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4360.403985][ T3684] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4361.854713][ T3684] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4389.418110][ T3684] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4389.808519][ T3684] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4390.217927][ T3684] bond0 (unregistering): Released all slaves
[ 4395.281497][ T3684] hsr_slave_0: left promiscuous mode
[ 4395.460217][ T3684] hsr_slave_1: left promiscuous mode
[ 4396.279897][ T3684] veth1_macvtap: left promiscuous mode
[ 4396.309837][ T3684] veth0_macvtap: left promiscuous mode
[ 4396.348910][ T3684] veth1_vlan: left promiscuous mode
[ 4396.399926][ T3684] veth0_vlan: left promiscuous mode
[ 4458.718307][ T5374] veth0_vlan: entered promiscuous mode
[ 4459.758216][ T5370] veth0_vlan: entered promiscuous mode
[ 4461.229402][ T5374] veth1_vlan: entered promiscuous mode
[ 4461.903188][ T5370] veth1_vlan: entered promiscuous mode
[ 4467.529893][ T5374] veth0_macvtap: entered promiscuous mode
[ 4468.161230][ T5370] veth0_macvtap: entered promiscuous mode
[ 4468.982427][ T5374] veth1_macvtap: entered promiscuous mode
[ 4469.651070][ T5370] veth1_macvtap: entered promiscuous mode
[ 4475.049161][ T5457] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4475.062484][ T3684] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4475.097034][ T3684] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4475.102427][ T3684] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4476.100659][ T3684] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4476.130602][ T5457] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4476.137728][ T5457] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4476.194639][ T5457] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4868.104437][ T5747] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4871.114201][ T5747] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4874.390951][ T5747] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4877.412800][ T5747] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4911.885194][ T5747] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4912.243913][ T5747] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4912.488457][ T5747] bond0 (unregistering): Released all slaves
[ 4915.977671][ T5747] hsr_slave_0: left promiscuous mode
[ 4916.277955][ T5747] hsr_slave_1: left promiscuous mode
[ 4917.518810][ T5747] veth1_macvtap: left promiscuous mode
[ 4917.531742][ T5747] veth0_macvtap: left promiscuous mode
[ 4917.541742][ T5747] veth1_vlan: left promiscuous mode
[ 4917.562019][ T5747] veth0_vlan: left promiscuous mode
[ 4956.190315][ T5747] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4958.028620][ T5747] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4959.881863][ T5747] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4961.232391][ T5747] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4984.514394][ T5747] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4984.740537][ T5747] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4984.898726][ T5747] bond0 (unregistering): Released all slaves
[ 4988.758649][ T5747] hsr_slave_0: left promiscuous mode
[ 4989.158828][ T5747] hsr_slave_1: left promiscuous mode
[ 4989.908539][ T5747] veth1_macvtap: left promiscuous mode
[ 4989.909902][ T5747] veth0_macvtap: left promiscuous mode
[ 4989.930134][ T5747] veth1_vlan: left promiscuous mode
[ 4989.969336][ T5747] veth0_vlan: left promiscuous mode
[ 5072.358958][ T5766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5072.439102][ T5762] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5072.644820][ T5766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5073.270013][ T5762] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5106.132894][ T5766] hsr_slave_0: entered promiscuous mode
[ 5106.241316][ T5766] hsr_slave_1: entered promiscuous mode
[ 5110.231360][ T5762] hsr_slave_0: entered promiscuous mode
[ 5110.312711][ T5762] hsr_slave_1: entered promiscuous mode
[ 5110.417741][ T5762] debugfs: 'hsr0' already exists in 'hsr'
[ 5110.436881][ T5762] Cannot create hsr debugfs directory
[ 5131.837940][ T5766] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 5132.691044][ T5766] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 5133.421401][ T5766] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 5135.278183][ T5766] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 5141.088076][ T5762] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 5141.804661][ T5762] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 5142.407450][ T5762] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 5142.880522][ T5762] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 5175.013252][ T5766] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5183.593584][ T5762] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5353.804356][ T5766] veth0_vlan: entered promiscuous mode
[ 5355.174330][ T5766] veth1_vlan: entered promiscuous mode
[ 5361.100441][ T5762] veth0_vlan: entered promiscuous mode
[ 5362.040647][ T5766] veth0_macvtap: entered promiscuous mode
[ 5363.434608][ T5766] veth1_macvtap: entered promiscuous mode
[ 5364.243664][ T5762] veth1_vlan: entered promiscuous mode
[ 5370.587327][ T5513] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5370.612487][ T5513] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5370.698668][ T3437] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5370.710694][ T5771] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5372.683747][ T5762] veth0_macvtap: entered promiscuous mode
[ 5373.973952][ T5762] veth1_macvtap: entered promiscuous mode
[ 5382.537264][ T5946] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5382.578939][ T5758] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5382.737226][ T5348] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5382.760174][ T5348] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5615.628481][ T5771] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5618.051925][ T5771] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5620.874279][ T5771] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5623.473291][ T5771] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5662.891770][ T5771] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5663.381879][ T5771] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5663.651917][ T5771] bond0 (unregistering): Released all slaves
[ 5667.191596][ T5771] hsr_slave_0: left promiscuous mode
[ 5667.397676][ T5771] hsr_slave_1: left promiscuous mode
[ 5668.762643][ T5771] veth1_macvtap: left promiscuous mode
[ 5668.797147][ T5771] veth0_macvtap: left promiscuous mode
[ 5668.801578][ T5771] veth1_vlan: left promiscuous mode
[ 5668.848193][ T5771] veth0_vlan: left promiscuous mode
[ 5712.861744][ T5946] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5715.124039][ T5946] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5717.314954][ T5946] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5719.504741][ T5946] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5753.037424][ T5946] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5754.064094][ T5946] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5755.021387][ T5946] bond0 (unregistering): Released all slaves
[ 5758.969202][ T5946] hsr_slave_0: left promiscuous mode
[ 5759.092810][ T5946] hsr_slave_1: left promiscuous mode
[ 5759.474911][ T5946] veth1_macvtap: left promiscuous mode
[ 5759.525066][ T5946] veth0_macvtap: left promiscuous mode
[ 5759.547928][ T5946] veth1_vlan: left promiscuous mode
[ 5759.572236][ T5946] veth0_vlan: left promiscuous mode
[ 5834.114733][ T6103] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5834.569901][ T6103] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5841.954297][ T6106] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5842.413701][ T6106] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5879.959883][ T6103] hsr_slave_0: entered promiscuous mode
[ 5880.032613][ T6103] hsr_slave_1: entered promiscuous mode
[ 5886.962592][ T6106] hsr_slave_0: entered promiscuous mode
[ 5886.984311][ T6106] hsr_slave_1: entered promiscuous mode
[ 5887.000849][ T6106] debugfs: 'hsr0' already exists in 'hsr'
[ 5887.038780][ T6106] Cannot create hsr debugfs directory
[ 5923.772768][ T6103] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 5924.305170][ T6103] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 5926.869400][ T6103] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 5929.697575][ T6103] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 5944.748093][ T6106] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 5945.204824][ T6106] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 5945.765491][ T6106] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 5946.520150][ T6106] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 5972.542139][ T6103] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5985.973065][ T6106] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6117.323445][ T6103] veth0_vlan: entered promiscuous mode
[ 6118.908778][ T6103] veth1_vlan: entered promiscuous mode
[ 6123.230142][ T6103] veth0_macvtap: entered promiscuous mode
[ 6124.272045][ T6103] veth1_macvtap: entered promiscuous mode
[ 6128.779092][ T5513] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 6128.795324][ T5513] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 6129.079745][ T5383] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 6129.082621][ T5383] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 6132.270310][ T6106] veth0_vlan: entered promiscuous mode
[ 6134.813844][ T6106] veth1_vlan: entered promiscuous mode
[ 6140.774562][ T6106] veth0_macvtap: entered promiscuous mode
[ 6141.814337][ T6106] veth1_macvtap: entered promiscuous mode
[ 6147.533751][ T6102] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 6147.744553][ T6102] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 6147.809844][ T5497] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 6147.993711][ T5497] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 6375.819582][ T5513] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6378.489965][ T5513] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6381.095387][ T5513] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6383.392890][ T5513] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6418.573223][ T5513] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 6419.712270][ T5513] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 6420.653086][ T5513] bond0 (unregistering): Released all slaves
[ 6424.427610][ T5513] hsr_slave_0: left promiscuous mode
[ 6424.607835][ T5513] hsr_slave_1: left promiscuous mode
[ 6425.609593][ T5513] veth1_macvtap: left promiscuous mode
[ 6425.633251][ T5513] veth0_macvtap: left promiscuous mode
[ 6425.652859][ T5513] veth1_vlan: left promiscuous mode
[ 6425.689736][ T5513] veth0_vlan: left promiscuous mode
[ 6479.935458][ T5513] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6481.988574][ T5513] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6483.701352][ T5513] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6485.642679][ T5513] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6517.467984][ T5513] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 6518.898344][ T5513] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 6519.214915][ T5513] bond0 (unregistering): Released all slaves
[ 6523.281561][ T5513] hsr_slave_0: left promiscuous mode
[ 6523.487580][ T5513] hsr_slave_1: left promiscuous mode
[ 6524.369462][ T5513] veth1_macvtap: left promiscuous mode
[ 6524.407772][ T5513] veth0_macvtap: left promiscuous mode
[ 6524.418687][ T5513] veth1_vlan: left promiscuous mode
[ 6524.420224][ T5513] veth0_vlan: left promiscuous mode
[ 6583.388695][ T6428] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6583.760542][ T6428] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6589.131668][ T6432] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6589.599634][ T6432] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6619.101734][ T6428] hsr_slave_0: entered promiscuous mode
[ 6619.232972][ T6428] hsr_slave_1: entered promiscuous mode
[ 6624.474800][ T6432] hsr_slave_0: entered promiscuous mode
[ 6624.620836][ T6432] hsr_slave_1: entered promiscuous mode
[ 6624.681750][ T6432] debugfs: 'hsr0' already exists in 'hsr'
[ 6624.737555][ T6432] Cannot create hsr debugfs directory
[ 6664.622759][ T6428] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 6665.402750][ T6428] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 6665.958657][ T6428] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 6667.029918][ T6428] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 6672.141596][ T6432] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 6672.595402][ T6432] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 6673.179329][ T6432] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 6673.689397][ T6432] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 6703.140890][ T6428] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6709.553886][ T6432] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6827.399287][ T6428] veth0_vlan: entered promiscuous mode
[ 6828.640494][ T6428] veth1_vlan: entered promiscuous mode
[ 6833.000238][ T6432] veth0_vlan: entered promiscuous mode
[ 6835.059604][ T6432] veth1_vlan: entered promiscuous mode
[ 6835.623809][ T6428] veth0_macvtap: entered promiscuous mode
[ 6836.719999][ T6428] veth1_macvtap: entered promiscuous mode
[ 6842.129806][ T6432] veth0_macvtap: entered promiscuous mode
[ 6843.462215][ T4143] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 6843.471584][ T4143] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 6843.483820][ T4143] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 6843.900259][ T6432] veth1_macvtap: entered promiscuous mode
[ 6844.003377][ T4143] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 6849.656885][ T5758] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 6849.718966][ T6102] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 6849.837123][ T6450] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 6849.840764][ T6450] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 7089.568331][ T6726] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7090.084316][ T6726] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7107.595332][ T6734] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7108.172592][ T6734] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7141.950359][ T6726] hsr_slave_0: entered promiscuous mode
[ 7142.044224][ T6726] hsr_slave_1: entered promiscuous mode
[ 7142.218308][ T6726] debugfs: 'hsr0' already exists in 'hsr'
[ 7142.243124][ T6726] Cannot create hsr debugfs directory
[ 7165.614368][ T6734] hsr_slave_0: entered promiscuous mode
[ 7165.762327][ T6734] hsr_slave_1: entered promiscuous mode
[ 7165.929289][ T6734] debugfs: 'hsr0' already exists in 'hsr'
[ 7165.937824][ T6734] Cannot create hsr debugfs directory
[ 7204.870988][ T6726] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 7208.292337][ T6726] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 7209.345235][ T6726] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 7212.510632][ T6726] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 7231.431785][ T6734] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 7232.288637][ T6734] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 7232.930236][ T6734] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 7233.645430][ T6734] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 7267.613464][ T6726] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7282.330660][ T6734] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7361.291941][   T27] INFO: task syz.3.433:6712 blocked for more than 430 seconds.
[ 7361.317975][   T27]       Not tainted syzkaller #0
[ 7361.359772][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 7361.360577][   T27] task:syz.3.433       state:D stack:0     pid:6712  tgid:6712  ppid:6432   task_flags:0x400040 flags:0x00000019
[ 7361.361801][   T27] Call trace:
[ 7361.362237][   T27]  __switch_to+0x584/0xb20 (T)
[ 7361.362859][   T27]  __schedule+0x1eec/0x33a4
[ 7361.363350][   T27]  schedule+0xac/0x27c
[ 7361.363781][   T27]  schedule_timeout+0x5c/0x1e4
[ 7361.364291][   T27]  do_wait_for_common+0x28c/0x444
[ 7361.364736][   T27]  wait_for_completion+0x44/0x5c
[ 7361.365203][   T27]  __synchronize_srcu+0x2a4/0x320
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 7361.498310][   T27]  synchronize_srcu+0x3cc/0x4f0
[ 7361.499032][   T27]  mmu_notifier_unregister+0x320/0x42c
[ 7361.499509][   T27]  kvm_put_kvm+0x698/0xbe8
[ 7361.499931][   T27]  kvm_vm_release+0x58/0x78
[ 7361.500389][   T27]  __fput+0x4ac/0x980
[ 7361.500855][   T27]  ____fput+0x20/0x58
[ 7361.501337][   T27]  task_work_run+0x1bc/0x254
[ 7361.501761][   T27]  exit_to_user_mode_loop+0xfc/0x178
[ 7361.502213][   T27]  el0_svc+0x170/0x234
[ 7361.502728][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 7361.503257][   T27]  el0t_64_sync+0x198/0x19c
[ 7361.504688][   T27] 
[ 7361.504688][   T27] Showing all locks held in the system:
[ 7361.505184][   T27] 1 lock held by khungtaskd/27:
[ 7361.672168][   T27]  #0: ffff800087957208 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[ 7361.675225][   T27] 2 locks held by getty/3194:
[ 7361.749600][   T27]  #0: d0f00000120328a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 7361.808654][   T27]  #1: 15ff80008c6db2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8
[ 7361.810384][   T27] 2 locks held by syz-executor/3325:
[ 7361.810760][   T27] 3 locks held by kworker/u4:9/4143:
[ 7361.811127][   T27] 3 locks held by kworker/u4:0/5348:
[ 7361.811438][   T27] 3 locks held by kworker/u4:4/5383:
[ 7361.811739][   T27] 2 locks held by kworker/u4:15/5513:
[ 7361.812050][   T27]  #0: 1bf000000cc26948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 7361.813634][   T27]  #1: ffff80008cf87c88 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 7361.815283][   T27] 3 locks held by kworker/u4:3/5758:
[ 7362.000309][   T27]  #0: fff0000072d6bd58 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x2f0/0x33a4
[ 7362.002216][   T27]  #1: fff0000072d57588 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x6c/0x6e8
[ 7362.003928][   T27]  #2: fff0000072d58e98 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x5c8/0xe7c
[ 7362.114153][   T27] 3 locks held by kworker/u4:11/5783:
[ 7362.119538][   T27]  #0: fff0000072d6bd58 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x2f0/0x33a4
[ 7362.121404][   T27]  #1: fff0000072d57588 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x6c/0x6e8
[ 7362.123092][   T27]  #2: fff0000072d58e98 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x5c8/0xe7c
[ 7362.124725][   T27] 3 locks held by kworker/u4:7/6102:
[ 7362.125074][   T27] 2 locks held by kworker/u4:10/6122:
[ 7362.125375][   T27]  #0: 1bf000000cc26948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 7362.268801][   T27]  #1: ffff80008e7f7c88 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 7362.270438][   T27] 2 locks held by kworker/u4:16/6128:
[ 7362.270819][   T27] 3 locks held by kworker/u4:2/6450:
[ 7362.271202][   T27] 2 locks held by syz.2.432/6704:
[ 7362.271533][   T27] 3 locks held by kworker/u4:1/6772:
[ 7362.271860][   T27] 2 locks held by kworker/u4:5/6853:
[ 7362.272195][   T27] 2 locks held by kworker/u4:6/6855:
[ 7362.272537][   T27]  #0: 1bf000000cc26948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 7362.274163][   T27]  #1: ffff80008fa37c88 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 7362.447946][   T27] 2 locks held by modprobe/6913:
[ 7362.467325][   T27] 
[ 7362.467751][   T27] =============================================
[ 7362.467751][   T27]