last executing test programs:

2h22m39.368018175s ago: executing program 32 (id=130):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xae)
r3 = eventfd2(0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x34)
ioctl$KVM_CHECK_EXTENSION(r4, 0x8933, 0x6)
write$eventfd(r3, 0xffffffffffffffff, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000200)={0x4, 0xdddd0000, 0x2, r3, 0xa})
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0xef000000, [0x0, 0x1, 0x2, 0x3, 0x4]}}, @hvc={0x32, 0x40, {0x86000000, [0x2, 0x1, 0x2, 0x3, 0x3]}}], 0x80}, 0x0, 0x0)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r1, 0x4068aea3, &(0x7f0000000240)={0xe4, 0x0, 0x71})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

2h22m32.871478019s ago: executing program 33 (id=131):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r2=>0xffffffffffffffff})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x28)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x18}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000140)=@arm64_sve={0x60800000001500e6, 0x0})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x101fd, 0x2, 0xdddd1000, 0x1000, &(0x7f0000ecd000/0x1000)=nil})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_GET_STATS_FD_vm(r11, 0xaece)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000000040)=@attr_other={0x0, 0xc7, 0x3, &(0x7f0000000000)=0x9})

1h53m46.062340437s ago: executing program 34 (id=343):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
r4 = eventfd2(0xd, 0x1)
close(r4)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000040)={0x2, 0x1, 0xf000, 0x1000, &(0x7f0000c02000/0x1000)=nil})
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
write$eventfd(r4, 0x0, 0x0)

1h53m40.574077631s ago: executing program 35 (id=344):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x20080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0xffffffffffffffff}}], 0x20}, &(0x7f00000000c0)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_irq={0x0, 0x0, 0x0, 0x0})
syz_kvm_setup_cpu$arm64(r1, r5, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f00000000c0)=@arm64_sve={0x6080000010150523, &(0x7f0000000100)=0x800})
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, r2, 0x0)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f00000001c0)=@arm64_ccsidr={0x6020000000110003, &(0x7f0000000140)=0x7})

1h43m31.686532745s ago: executing program 36 (id=360):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x1ff, 0x3, 0x2000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_extra={0x603000000013c03b})
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@mrs={0xbe, 0x18, {0x603000000013808c}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
syz_kvm_setup_cpu$arm64(r5, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000100)=@arm64_ccsidr={0x602000000011000b, &(0x7f00000000c0)=0x10})
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r5, 0x4068aea3, &(0x7f0000000000)={0xe4, 0x0, 0x7})

1h43m21.692938685s ago: executing program 37 (id=361):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
syz_kvm_vgic_v3_setup(r1, 0x2, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ec2000/0x3000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0xa, 0x4}})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1h33m0.720207144s ago: executing program 7 (id=379):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@msr={0x14, 0x20, {0x603000000013df40, 0x8000}}], 0x20}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000140)=@attr_pmu_init)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r4, 0x3, 0x11, r3, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r5, 0xffffffffffffffff)
syz_kvm_assert_reg(r3, 0x603000000013df40, 0x8000)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0x80111500, 0x20000000)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000000)={0x5, 0x5})
ioctl$KVM_CREATE_VM(r10, 0x541b, 0x10000000000000)
r11 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f00000001c0)=@arm64_core={0x6030000000100046, &(0x7f0000000100)=0x2})
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r12, 0xae04)
mmap$KVM_VCPU(&(0x7f0000d40000/0x4000)=nil, r13, 0xc, 0x10, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)

1h32m23.062741006s ago: executing program 38 (id=378):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0xfffffffffffffffe, 0x2, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x3, 0xa0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x8, <r6=>0xffffffffffffffff})
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000aed000/0x3000)=nil, r7, 0x1, 0x493cb0997aa2fa72, r6, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x7, 0x4, &(0x7f0000000140)=0x48080000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, &(0x7f0000000240)=@attr_other={0x0, 0x0, 0x5, &(0x7f0000000200)=0x8})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000300)=@attr_arm64={0x0, 0x4, 0x1, 0x0}) (async, rerun: 64)
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x40480, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, &(0x7f00000003c0)=[@hvc={0x32, 0x40, {0x86000001, [0xc, 0x5, 0x2, 0x0, 0x52]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r13, 0x4068aea3, &(0x7f0000000180))
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
r14 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000aad000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r15, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100040, 0x0})

1h32m7.984447785s ago: executing program 39 (id=379):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@msr={0x14, 0x20, {0x603000000013df40, 0x8000}}], 0x20}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000140)=@attr_pmu_init)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r4, 0x3, 0x11, r3, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r5, 0xffffffffffffffff)
syz_kvm_assert_reg(r3, 0x603000000013df40, 0x8000)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0x80111500, 0x20000000)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000000)={0x5, 0x5})
ioctl$KVM_CREATE_VM(r10, 0x541b, 0x10000000000000)
r11 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f00000001c0)=@arm64_core={0x6030000000100046, &(0x7f0000000100)=0x2})
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r12, 0xae04)
mmap$KVM_VCPU(&(0x7f0000d40000/0x4000)=nil, r13, 0xc, 0x10, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)

1h22m17.45180799s ago: executing program 9 (id=383):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x0, r2, 0x2})
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000000)={0x1, 0x0, 0x4, r2, 0x6})
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0xdc032, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e700", 0x0, 0x48)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0x40049409, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@hvc={0x32, 0x40, {0x80000001, [0xfffffffffffffde5, 0x3ff, 0x1, 0x4, 0x9]}}], 0x40}, 0x0, 0x0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x43033, 0xffffffffffffffff, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r9, 0xae03, 0x57)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r10 = eventfd2(0x0, 0x0)
close(r10)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x21)
ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f00000006c0)={0x1fe, 0x380, 0x140, &(0x7f00000001c0)=[0xc, 0x1000, 0x0, 0x80000001, 0xce5, 0x2, 0x4, 0x6, 0x7fffffff, 0x2, 0x5, 0x3ff, 0xf23, 0x10002c6, 0x4, 0xa, 0x4, 0x8, 0x7, 0x319, 0xa3e, 0x4, 0x0, 0x5, 0x3ff, 0x80000000, 0x1f, 0x809, 0x2, 0x39, 0x5, 0x7, 0xf91, 0xffffffffffffffff, 0x7, 0x8, 0x5, 0x5f, 0x8, 0xa38, 0x5, 0xa, 0xd00000000000000, 0x8490, 0x8, 0x5, 0xd06, 0x1, 0x5, 0x200, 0x40, 0x2ae, 0x7, 0x2, 0x26f, 0x3, 0xb, 0x8bb1, 0x5, 0x4b0, 0x5f8, 0x0, 0x0, 0x3, 0x4, 0xfffffffffffffc01, 0x3, 0x5, 0x31813ca6, 0x982, 0x2, 0x2, 0xa26b, 0x113e, 0x3, 0xd2, 0x43, 0x2, 0x3, 0x0, 0x4, 0x1, 0x7, 0x2, 0x6a, 0x6f, 0x9, 0x711b, 0x2, 0x7, 0x8, 0x2, 0x0, 0x8, 0x8, 0x5, 0x8, 0xfff, 0x6, 0x8000000000000001, 0x5, 0x8, 0xf, 0x0, 0x100000000, 0x4, 0x6, 0x801, 0xb, 0xd, 0x101, 0x0, 0x9, 0xffff, 0x1cea, 0xa, 0x3, 0x4fd40000000000, 0x5, 0x9, 0x6, 0x7f, 0x400, 0x7fffffffffffffff, 0xc6d, 0x5, 0x5, 0x2]})
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000680)={0xffff1000, 0x18000})
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r11, 0xae03, 0x7a)

1h21m47.339477688s ago: executing program 9 (id=386):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x8)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xc020660b, 0xe1)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a82616})
syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x4, 0x0)
syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0x2, 0x10000000000000)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f00000001c0)=@arm64_core={0x6030000000100022, &(0x7f0000000000)=0xcb})
r9 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x5)
syz_kvm_vgic_v3_setup(r10, 0x3, 0x640)
r11 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0xffffffffffffffff}}], 0x20}, &(0x7f00000000c0)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r14, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f0000000180)={0x3000, 0x0, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f0000000380)={0x2, 0x25000, 0x1})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r9, 0x4010ae68, &(0x7f0000000100)={0x5000, 0xa000})

1h21m22.505674939s ago: executing program 9 (id=387):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=[@featur2={0x1, 0x56}], 0x1)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x2, 0x200)
r4 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013c081, 0x2}}], 0x20}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = eventfd2(0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0x4020940d, 0x20000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
r10 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r10, 0x4010aeab, 0x0)

1h21m2.670094885s ago: executing program 40 (id=385):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@uexit={0x0, 0x18, 0x2}, @smc={0x1e, 0x40, {0x84000008, [0x2, 0x401, 0xa3a, 0x7, 0x70ad]}}, @svc={0x122, 0x40, {0x84000003, [0x9, 0x0, 0x5, 0x8, 0x1]}}, @eret={0xe6, 0x18, 0x1}, @eret={0xe6, 0x18}, @uexit={0x0, 0x18, 0x5}, @uexit={0x0, 0x18, 0x401}, @smc={0x1e, 0x40, {0x1, [0x7fff, 0x9a, 0x3, 0xfffffffffffffffa, 0x7]}}, @hvc={0x32, 0x40, {0x84000002, [0x7, 0x0, 0x8000, 0x2]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x2, 0xb, 0x9, 0x4000, 0x4}}, @hvc={0x32, 0x40, {0xc4000005, [0x36d, 0x0, 0x9, 0x6, 0x3]}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x0, 0x8, 0x5, 0x5, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013bf57}}], 0x220}, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x3, 0x380)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x100000000, 0x80a0000, 0x2, r3, 0x2})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000040)={0x100000, 0xd000, 0x0, 0x1, 0xfffffff8})
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000480)=[@irq_setup={0x46, 0x18, {0x3, 0xc}}, @code={0xa, 0x84, {"c0ea80d20000b8f2210180d2a20180d2230180d2640080d2020000d4007008d5a05389d20020b0f2610180d2c20080d2430180d2440080d2020000d40050005e0000202e007008d500a4004f008008d5008008d5a0118bd20000b8f2210080d2c20080d2c30080d2240080d2020000d4"}}, @mrs={0xbe, 0x18, {0x603000000013c111}}, @msr={0x14, 0x20, {0x603000000013c109, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x4, 0x200}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x80, 0xf9a2, 0x9}}, @hvc={0x32, 0x40, {0x84000417, [0x5, 0x6, 0x9, 0x80000000, 0x80000001]}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x277}}, @msr={0x14, 0x20, {0x603000000013c644, 0x3}}], 0x1bc}, &(0x7f0000000140)=[@featur2={0x1, 0xa}], 0x1)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = eventfd2(0x8, 0x80800)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xdddd1000, 0x0, r9})
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000000)={0xc, 0xeeef0000, 0x2, r9})
close(r8)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x31)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000700)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f00000007c0)=@arm64_core={0x6030000000100046, &(0x7f0000000780)=0x6e})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1h20m32.670387832s ago: executing program 41 (id=387):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=[@featur2={0x1, 0x56}], 0x1)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x2, 0x200)
r4 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013c081, 0x2}}], 0x20}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = eventfd2(0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0x4020940d, 0x20000000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
r10 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r10, 0x4010aeab, 0x0)

1h7m10.119104624s ago: executing program 42 (id=405):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x300, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x300, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f00000000c0)=@arm64_core={0x603000000010001e, &(0x7f0000000000)=0x400})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x2c)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000040)=@arm64_bitmap={0x6030000000160000, 0x0})
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r13 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r14 = mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x13, r13, 0x40000)
syz_memcpy_off$KVM_EXIT_MMIO(r14, 0x20, &(0x7f0000000000)="4459ee6d6351f88d21d233420e509c0191e534fac2d2936f", 0x0, 0x18)

59m46.962710986s ago: executing program 43 (id=430):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x7, <r2=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000000080)=@attr_arm64={0x0, 0x7, 0x1, 0x0})
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR_vm(r6, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0xc5000020, [0x0, 0x1, 0x2, 0x3, 0x4]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013e08d, &(0x7f00000000c0)=0x6db})
r12 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1000)
r13 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x20)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r13, 0x4010aeb5, &(0x7f0000000000)={0x11f, 0x80000001})
r14 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r15, 0x80811501, 0x20000000)
r16 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r17 = ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0)
r18 = syz_kvm_setup_syzos_vm$arm64(r17, &(0x7f0000c00000/0x400000)=nil)
r19 = syz_kvm_add_vcpu$arm64(r18, &(0x7f0000000180)={0x0, &(0x7f00000001c0)}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r19, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r19, 0xae80, 0x0)
r20 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffe}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r20, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)

50m51.074753543s ago: executing program 2 (id=432):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x37)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000000)={0x7, <r3=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r3, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x7, 0x7fffffffffffffff, 0x0})
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x7a)
r4 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000080)=[@uexit={0x0, 0x18, 0x1}, @code={0xa, 0x84, {"60278ad200a0b8f2c10080d2420080d2e30180d2c40080d2020000d4000008d50070202e008008d500a0200de02e93d20040b8f2a10080d2820080d2c30180d2a40180d2020000d40000002f0000202b000c00b8807d8bd20080b8f2210080d2e20080d2230180d2c40080d2020000d4"}}, @hvc={0x32, 0x40, {0x80000002, [0xfff, 0xc, 0x6, 0xffff, 0x1]}}, @svc={0x122, 0x40, {0x3000000, [0x6f6, 0x8000000000000000, 0x48, 0xbc23, 0x9]}}, @code={0xa, 0x84, {"0044205e0098a10ee0fb86d20040b8f2210180d2a20180d2430080d2c40080d2020000d40080202e0020202e007008d5805b99d20060b8f2610080d2820180d2030180d2840180d2020000d4008008d5000028d560b796d200c0b8f2e10080d2620080d2a30180d2840180d2020000d4"}}, @msr={0x14, 0x20, {0x361f, 0x101}}, @code={0xa, 0x9c, {"000040fde08d84d20000b8f2810180d2a20180d2430180d2840080d2020000d4c07a98d200a0b8f2e10180d2020180d2230180d2a40080d2020000d4000c201e0084205e000080f820508bd20060b8f2c10080d2c20180d2430180d2840080d2020000d40000c06c205395d20060b0f2410180d2c20180d2430180d2440080d2020000d4000028d5"}}, @eret={0xe6, 0x18, 0x6}, @mrs={0xbe, 0x18, {0x603000000013c102}}, @hvc={0x32, 0x40, {0x84000051, [0x7abf, 0xc31e, 0xfffffffffffffff4, 0x2, 0x9]}}, @irq_setup={0x46, 0x18, {0x4, 0x28c}}, @eret={0xe6, 0x18}, @code={0xa, 0x6c, {"000000a8008008d5007008d5000cc09a000c40b8c0839ad20000b8f2410180d2020080d2830080d2440180d2020000d40008c0da206896d20080b8f2610180d2a20180d2a30080d2c40180d2020000d4007008d5007008d5"}}, @code={0xa, 0x9c, {"0078202e007008d500d8217e007008d5c00285d200a0b0f2210180d2020180d2e30080d2a40080d2020000d40080800ca04d90d200c0b0f2a10180d2220080d2430180d2e40180d2020000d4a02286d20080b0f2810080d2220080d2a30180d2a40180d2020000d480c08ad200c0b0f2a10080d2220080d2430080d2c40180d2020000d400a0c00d"}}, @irq_setup={0x46, 0x18, {0x1, 0x2dd}}, @mrs={0xbe, 0x18, {0x603000000013e659}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x3, 0x4, 0xff, 0xffff15b1, 0x3}}, @irq_setup={0x46, 0x18, {0x4, 0x247}}], 0x474}, &(0x7f0000000500)=[@featur2={0x1, 0x4}], 0x1)
ioctl$KVM_S390_VCPU_FAULT(r4, 0x4008ae52, &(0x7f0000000540)=0x8000)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_GET_STATS_FD_vm(r2, 0xaece)
ioctl$KVM_GET_DIRTY_LOG(r6, 0x4010ae42, &(0x7f0000000580)={0x1fd, 0x0, &(0x7f0000ffa000/0x4000)=nil})
r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r7, 0xae03, 0x66)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x37) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000000)={0x7}) (async)
ioctl$KVM_HAS_DEVICE_ATTR(r3, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x7, 0x7fffffffffffffff, 0x0}) (async)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x7a) (async)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000080)=[@uexit={0x0, 0x18, 0x1}, @code={0xa, 0x84, {"60278ad200a0b8f2c10080d2420080d2e30180d2c40080d2020000d4000008d50070202e008008d500a0200de02e93d20040b8f2a10080d2820080d2c30180d2a40180d2020000d40000002f0000202b000c00b8807d8bd20080b8f2210080d2e20080d2230180d2c40080d2020000d4"}}, @hvc={0x32, 0x40, {0x80000002, [0xfff, 0xc, 0x6, 0xffff, 0x1]}}, @svc={0x122, 0x40, {0x3000000, [0x6f6, 0x8000000000000000, 0x48, 0xbc23, 0x9]}}, @code={0xa, 0x84, {"0044205e0098a10ee0fb86d20040b8f2210180d2a20180d2430080d2c40080d2020000d40080202e0020202e007008d5805b99d20060b8f2610080d2820180d2030180d2840180d2020000d4008008d5000028d560b796d200c0b8f2e10080d2620080d2a30180d2840180d2020000d4"}}, @msr={0x14, 0x20, {0x361f, 0x101}}, @code={0xa, 0x9c, {"000040fde08d84d20000b8f2810180d2a20180d2430180d2840080d2020000d4c07a98d200a0b8f2e10180d2020180d2230180d2a40080d2020000d4000c201e0084205e000080f820508bd20060b8f2c10080d2c20180d2430180d2840080d2020000d40000c06c205395d20060b0f2410180d2c20180d2430180d2440080d2020000d4000028d5"}}, @eret={0xe6, 0x18, 0x6}, @mrs={0xbe, 0x18, {0x603000000013c102}}, @hvc={0x32, 0x40, {0x84000051, [0x7abf, 0xc31e, 0xfffffffffffffff4, 0x2, 0x9]}}, @irq_setup={0x46, 0x18, {0x4, 0x28c}}, @eret={0xe6, 0x18}, @code={0xa, 0x6c, {"000000a8008008d5007008d5000cc09a000c40b8c0839ad20000b8f2410180d2020080d2830080d2440180d2020000d40008c0da206896d20080b8f2610180d2a20180d2a30080d2c40180d2020000d4007008d5007008d5"}}, @code={0xa, 0x9c, {"0078202e007008d500d8217e007008d5c00285d200a0b0f2210180d2020180d2e30080d2a40080d2020000d40080800ca04d90d200c0b0f2a10180d2220080d2430180d2e40180d2020000d4a02286d20080b0f2810080d2220080d2a30180d2a40180d2020000d480c08ad200c0b0f2a10080d2220080d2430080d2c40180d2020000d400a0c00d"}}, @irq_setup={0x46, 0x18, {0x1, 0x2dd}}, @mrs={0xbe, 0x18, {0x603000000013e659}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x3, 0x4, 0xff, 0xffff15b1, 0x3}}, @irq_setup={0x46, 0x18, {0x4, 0x247}}], 0x474}, &(0x7f0000000500)=[@featur2={0x1, 0x4}], 0x1) (async)
ioctl$KVM_S390_VCPU_FAULT(r4, 0x4008ae52, &(0x7f0000000540)=0x8000) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_GET_STATS_FD_vm(r2, 0xaece) (async)
ioctl$KVM_GET_DIRTY_LOG(r6, 0x4010ae42, &(0x7f0000000580)={0x1fd, 0x0, &(0x7f0000ffa000/0x4000)=nil}) (async)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async)
ioctl$KVM_CHECK_EXTENSION_VM(r7, 0xae03, 0x66) (async)

50m35.962773519s ago: executing program 2 (id=433):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r1, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xe)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0x3, 0x2})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r5, 0x801054db, 0x1)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)

50m21.46876425s ago: executing program 2 (id=434):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0xa00c0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, <r3=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r3, 0x400454c8, 0x1)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r7, 0xae03, 0xa8)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, <r8=>0xffffffffffffffff})
close(r8)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r10 = syz_kvm_vgic_v3_setup(r9, 0x2, 0x100)
close(r3)
close(r10)

49m58.795173325s ago: executing program 2 (id=435):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, 0xfffffffffffffffe)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0xb)

49m45.17448829s ago: executing program 2 (id=436):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, 0x0, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x27)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r8, 0x4004ae8b, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000300)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x4, 0xd}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x800001, 0x3c0)
r11 = eventfd2(0x2, 0x80801)
write$eventfd(r11, &(0x7f0000000000)=0x200, 0x8)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3e)
r12 = openat$kvm(0xffffffffffffff9c, 0x0, 0xaa301, 0x0)
ioctl$KVM_CHECK_EXTENSION(r12, 0xae03, 0xa2)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r13=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1a)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
openat$kvm(0x0, 0x0, 0x0, 0x0)

49m15.58450692s ago: executing program 2 (id=438):
openat$kvm(0x0, &(0x7f00000000c0), 0xc0980, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0xc0980, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000080)={0x2, 0x0, [{0x3, 0x2, 0x0, 0x0, @adapter={0x2, 0x8000, 0x4003, 0x40, 0x5}}, {0x3, 0x2, 0x1, 0x0, @msi={0x404, 0xfdd, 0x9, 0x101}}]})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x20c01, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x31)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000700)={0x0, 0x0}, 0x0, 0x0) (async)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000700)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f00000007c0)=@arm64_core={0x6030000000100046, &(0x7f0000000780)=0x6e})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) (async)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r14, 0xae03, 0x7f)
r15 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r16, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r16, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f00000000c0)={0x7, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f00000000c0)={0x7, 0xffffffffffffffff, 0x1})

48m30.311377972s ago: executing program 44 (id=437):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x22)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x45a2d2335d771caa, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000000)=@arm64_ccsidr={0x6020000000110008, &(0x7f00000001c0)=0x8})
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r4, 0x4010aeb5, &(0x7f00000000c0)={0x9, 0x8})
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0x10)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0)
r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000140)=[@its_setup={0x82, 0x28, {0x1, 0x2, 0x3f9}}], 0x28}, &(0x7f0000000300)=[@featur1={0x1, 0x11}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x140, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r13, 0x4010aeab, &(0x7f0000000000)=@arm64_extra={0x603000000013c036, 0x0})
munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000)
r14 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r14, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c111, 0x0})
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x8800, 0x0)
ioctl$KVM_CHECK_EXTENSION(r15, 0xae03, 0xf0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

48m25.282084925s ago: executing program 45 (id=438):
openat$kvm(0x0, &(0x7f00000000c0), 0xc0980, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0xc0980, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000080)={0x2, 0x0, [{0x3, 0x2, 0x0, 0x0, @adapter={0x2, 0x8000, 0x4003, 0x40, 0x5}}, {0x3, 0x2, 0x1, 0x0, @msi={0x404, 0xfdd, 0x9, 0x101}}]})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x20c01, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x31)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000700)={0x0, 0x0}, 0x0, 0x0) (async)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000700)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f00000007c0)=@arm64_core={0x6030000000100046, &(0x7f0000000780)=0x6e})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) (async)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r14, 0xae03, 0x7f)
r15 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r16, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r16, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f00000000c0)={0x7, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f00000000c0)={0x7, 0xffffffffffffffff, 0x1})

39m35.953543116s ago: executing program 5 (id=442):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x6030000000100008, &(0x7f0000000140)=0xcb9})
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)

39m23.438228017s ago: executing program 5 (id=444):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, <r6=>0xffffffffffffffff, 0x1})
write$eventfd(r6, &(0x7f00000001c0), 0xf001)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x541b, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@its_setup={0x82, 0x28, {0x1, 0x81, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x100000000000002, 0x60)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async)
write$eventfd(r6, &(0x7f00000001c0), 0xf001) (async)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x541b, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@its_setup={0x82, 0x28, {0x1, 0x81, 0x1}}], 0x28}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r1, 0x100000000000002, 0x60) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async)

39m6.474969272s ago: executing program 4 (id=445):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@its_setup={0x82, 0x28, {0x1, 0x81, 0x1}}], 0x28}, 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000040)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x80000000})
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000280)={0x5})
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000000)={0x0, &(0x7f00000000c0)=[@its_setup={0x82, 0x28, {0x3, 0x2, 0xf5}}, @uexit={0x0, 0x18}, @svc={0x122, 0x40, {0x84000001, [0x7, 0x10000, 0x8, 0x1000, 0x6]}}, @msr={0x14, 0x20, {0x603000000013e669, 0x9}}, @mrs={0xbe, 0x18, {0x603000000013e08e}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x33a}}, @smc={0x1e, 0x40, {0x80008000, [0x7ff, 0x2, 0xe, 0x8, 0x6]}}, @svc={0x122, 0x40, {0x2000, [0x40, 0x800, 0x7, 0xa2, 0x3]}}], 0x160}, &(0x7f0000000240)=[@featur2={0x1, 0x20}], 0x1)
ioctl$KVM_GET_REG_LIST(r11, 0xc008aeb0, 0x0)

39m0.221782981s ago: executing program 5 (id=446):
r0 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000500)={0x0, &(0x7f0000000ac0)=[@code={0xa, 0x9c, {"007008d5603b8dd20020b8f2e10180d2c20080d2c30080d2840080d2020000d4000028d580e19ed20080b0f2610180d2820080d2a30080d2640180d2020000d40040241e000028d5000028d500a4006f20fd95d200a0b0f2c10180d2020180d2030180d2c40080d2020000d440d58dd20060b8f2410180d2420180d2430080d2a40180d2020000d4"}}, @irq_setup={0x46, 0x18, {0x2, 0x3d6}}, @irq_setup={0x46, 0x18, {0x2, 0x213}}, @mrs={0xbe, 0x18, {0x603000000013c4d0}}, @msr={0x14, 0x20, {0x603000000013ff10}}, @hvc={0x32, 0x0, {0x80000001, [0x7f, 0xfffffffffffffffa, 0x8, 0x4]}}, @svc={0x122, 0x40, {0x84000001, [0x4, 0x9, 0xffff, 0x7, 0xfffffffffffffc00]}}, @msr={0x14, 0x8, {0x603000000013e528, 0x8000000000000001}}, @uexit={0x0, 0x18, 0x4}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x3, 0x7, 0x0, 0xc39}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x4, 0xa, 0x40, 0x4}}, @irq_setup={0x46, 0x18, {0x0, 0x65}}, @code={0xa, 0xcc, {"001c200e405e9bd20080b0f2010180d2820180d2030180d2440180d2020000d400a084d20000b8f2010080d2620080d2a30080d2840180d2020000d480ee87d200a0b8f2010180d2620080d2030180d2440180d2020000d4000008d5405287d20020b8f2210180d2a20180d2430180d2840180d2020000d4c04795d20020b8f2210080d2220180d2030080d2240180d2020000d4805e90d200a0b0f2810180d2220180d2430080d2640180d2020000d40010000e008008d5"}}, @memwrite={0x6e, 0x30, @generic={0x3000, 0x236, 0xe, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013f200}}, @mrs={0xbe, 0x18, {0x603000000013df40}}, @msr={0x14, 0x20, {0x603000000013e65a, 0x9}}, @smc={0x1e, 0x40, {0x84000004, [0xde0000000000, 0x4, 0x2, 0x100, 0xc]}}, @smc={0x1e, 0x40, {0x84000003, [0x15, 0x7, 0x3ff, 0xc43, 0xe]}}, @eret={0xe6, 0x18, 0x63}, @code={0xa, 0xb4, {"20e79fd20040b8f2e10180d2420180d2430180d2640080d2020000d40030200e0200a0d4e04995d200c0b0f2210080d2620080d2230180d2640080d2020000d4c05890d20080b8f2810180d2e20080d2e30180d2240080d2020000d4008008d50020000c004487d20040b8f2610180d2e20080d2030180d2240180d2020000d460ad95d20020b0f2810180d2020180d2630180d2840080d2020000d40040002f"}}, @eret={0xe6, 0x18, 0x10001}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x3, 0xe, 0x5, 0x4, 0x3}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x0, 0x8, 0x400, 0x8000}}], 0x4fc}, &(0x7f0000000540)=[@featur2={0x1, 0x80}], 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r0, 0xc040aed5, &(0x7f0000000580)={0xf000, 0x100000})
r1 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2f)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013c081, 0x2}}], 0x20}, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = eventfd2(0x3, 0x800)
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000080)={0x1ff, 0x1000, 0x2, r7, 0x1}) (async)
r8 = eventfd2(0x0, 0x80000)
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000001340)={0x6, 0x0, 0x2, r8, 0x2}) (async, rerun: 64)
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000140)={0x9, 0x0, 0x2, r8, 0xf}) (async, rerun: 64)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, 0x0) (async, rerun: 64)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (rerun: 64)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4000010, 0xffffffffffffffff, 0x0) (async)
write$eventfd(r7, &(0x7f0000000000)=0x2, 0x8)

38m48.189085105s ago: executing program 4 (id=447):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r1, 0x4010aeb5, &(0x7f00000002c0)={0x200})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r4, 0x4010ae42, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x35)

38m30.560760705s ago: executing program 5 (id=448):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xfffffffffffffffd)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000100)=@other={0x5, &(0x7f00000000c0)=0xfffffffffffffbff})
r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000200)={0x0, 0x0}, 0x0, 0xfffffffffffffe82)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x8800, 0x0)
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0xf1)
r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r7, 0xae03, 0x77)
ioctl$KVM_GET_STATS_FD_vm(r7, 0xaece)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000080)=@x86={0x0, 0x3, 0xb, 0x0, 0x8, 0x5, 0x0, 0x3, 0x1, 0x2, 0x1, 0x9, 0x0, 0x0, 0x6, 0x5, 0x4, 0xd0, 0xf8, '\x00', 0x51, 0xfffffffffffffffc})
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x18)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000140)={0x0, &(0x7f0000000000)=[@mrs={0xbe, 0x18, {0x603000000013c640}}], 0x18}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r12 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
syz_kvm_vgic_v3_setup(r12, 0x4, 0x80)
syz_kvm_setup_cpu$arm64(r12, r13, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r13, 0x4208ae9b, &(0x7f0000000240)={0x10003, 0x0, [0x4, 0x1, 0x9, 0x1, 0x10000000000007f, 0x2, 0x351, 0x3ff]})
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x169880, 0x0)
ioctl$KVM_CHECK_EXTENSION(r14, 0x5450, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)

38m29.650906562s ago: executing program 4 (id=449):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x4a8240, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x56b100, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000040)=@arm64_ccsidr={0x6020000000110d00, 0x0})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000c74000/0x1000)=nil, 0x0, 0x1000009, 0x100010, r5, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x2, 0x0, 0xdddd0000, 0x1000, &(0x7f0000e58000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil})

38m18.908287905s ago: executing program 4 (id=450):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r2 = syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, r2, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000f22000/0x1000)=nil, 0x930, 0x1000002, 0x4010, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)

38m9.208703537s ago: executing program 5 (id=451):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = eventfd2(0x8, 0x80800)
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f00000005c0)=@attr_pmu_irq={0x0, 0x0, 0x2000000, 0x0})
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000240)=@other={0x3, &(0x7f0000000000)=0x40})
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000040)={0x9, 0x8000000, 0x1, r5})
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f00000000c0)={0x8, 0xdddd1000, 0x0, r5})
r10 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x8}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x5, 0xfffffffe, 0x2, 0x0, 0x79}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000280)={0x5, <r11=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r10, 0xae80, 0x0)

38m1.836764081s ago: executing program 4 (id=452):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000180), 0x0, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) (async)
ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f0000000000)={0x3ff, 0x10001})
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000100)=@arm64_ccsidr={0x602000000011000e, 0x0}) (async)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2)
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x2}) (async)
r11 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000100)={0x7, <r12=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0}) (async, rerun: 32)
r13 = eventfd2(0x9, 0x800) (async, rerun: 32)
r14 = eventfd2(0x3ff, 0x0)
ioctl$KVM_IRQFD(r11, 0x4020ae76, &(0x7f0000000000)={r13, 0x5, 0x2, r14})
ioctl$KVM_IRQFD(r11, 0x4020ae76, &(0x7f0000000080)={r13, 0x1, 0x2, r14})
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f0000000000)={0x76dc8650, 0x4})
r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r15, 0x40086602, 0x20000000) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r16 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0) (async)
r17 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r17, 0xae01, 0x0)

37m51.563122492s ago: executing program 5 (id=453):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x20000, 0x0)
close(0x3)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x200001, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0xc)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = ioctl$KVM_GET_STATS_FD_cpu(r3, 0xaece)
close(r4)
eventfd2(0x81, 0x0)
ioctl$KVM_CREATE_VM(r1, 0x40086602, 0x20000000)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000380), 0x2, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x101241, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r12, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013e641, 0x0})
r13 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4000ae84, &(0x7f0000000240)={{0xeeee8000, 0x2, 0xe, 0x6, 0x2c, 0x50, 0x8, 0x8, 0x19, 0xda, 0x60, 0x10}, {0x6000, 0xffff1000, 0xd, 0x5, 0x5, 0xc4, 0x2, 0x5, 0x94, 0x0, 0x4}, {0x8080000, 0x3000, 0x0, 0x1, 0x8, 0x0, 0x6, 0x1, 0x4, 0x40, 0x4, 0xd4}, {0xdddd0000, 0x100000, 0xc, 0x5, 0xb9, 0x4, 0x6, 0x1, 0x5, 0x6, 0x1, 0x6}, {0x2, 0x8000000, 0x0, 0x10, 0x1, 0x80, 0x0, 0x80, 0x9, 0x40, 0x0, 0x40}, {0x8081000, 0x33239003, 0x4753fcd8430e353, 0x9, 0x8, 0x9, 0x67, 0x6, 0x0, 0x80, 0xb7, 0x3}, {0x0, 0xd000, 0x3, 0x10, 0xd, 0x6, 0x2, 0x10, 0x7, 0x8, 0x1, 0x9}, {0x4, 0x6000, 0x10, 0x9, 0x2e, 0x8, 0x9, 0x8, 0x9d, 0x5, 0xf, 0x9}, {0xe6e50000, 0xabb}, {0x100000, 0x6}, 0xa0000012, 0x0, 0xd000, 0x100006, 0x7, 0x0, 0xd000, [0x4, 0x3, 0x2, 0xac8]})
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r14, 0x0)
syz_kvm_setup_cpu$arm64(r13, r14, &(0x7f0000009000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
r15 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r16 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r15, 0xae04)
r17 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r16, 0xb, 0x11, r14, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r17, 0xffffffffffffffff)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000160001, &(0x7f00000001c0)=0x100000001})
ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)

37m49.403843081s ago: executing program 4 (id=454):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x5, 0x0, 0x0})
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000140)=@arm64_sve={0x6080000000150355, &(0x7f00000000c0)=0x1})
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x8)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r7, 0x4010ae68, &(0x7f0000000080)={0xeeef0000, 0x4000, 0x1})
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r9, 0x1, 0x100)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r13, 0x4008ae6a, &(0x7f00000002c0)=ANY=[])
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r14 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r14, 0xae03, 0xbb)
r15 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000240)={0x0, &(0x7f0000000280)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x10, 0x6, 0x2}}, @irq_setup={0x46, 0x18, {0x3, 0x4}}, @eret={0xe6, 0x18, 0x3}, @eret={0xe6, 0x18, 0x6}, @smc={0x1e, 0x40, {0xc4000053, [0x0, 0x3534, 0x5, 0x2, 0xffffffffffffffff]}}, @mrs={0xbe, 0x18, {0x603000000013da17}}, @svc={0x122, 0x40, {0x1, [0x5, 0x2, 0x7fff, 0xfffffffffffffff7, 0x6]}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x3de}}, @irq_setup={0x46, 0x18, {0x3, 0x258}}, @uexit={0x0, 0x18, 0x2}, @smc={0x1e, 0x40, {0x84000003, [0x0, 0x9, 0x3000000000000, 0x8001, 0x8001]}}, @svc={0x122, 0x40, {0x84000050, [0x5, 0xaf9b, 0x80000001, 0x2, 0x1]}}, @hvc={0x32, 0x40, {0xc400000d, [0x0, 0x8000000000000001, 0xffffffffffff68bd, 0x100000000, 0x7ff]}}, @uexit={0x0, 0x18, 0x100000000000101}, @smc={0x1e, 0x40, {0x80007fff, [0x6, 0x100000001, 0xe, 0x3e3, 0xffffffff]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff8, 0x9, 0x1}}, @smc={0x1e, 0x40, {0x2000000, [0x101, 0x99, 0x2, 0x9, 0xe1c4]}}], 0x2f0}, 0x0, 0x0)

37m4.533333954s ago: executing program 46 (id=453):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x20000, 0x0)
close(0x3)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x200001, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0xc)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = ioctl$KVM_GET_STATS_FD_cpu(r3, 0xaece)
close(r4)
eventfd2(0x81, 0x0)
ioctl$KVM_CREATE_VM(r1, 0x40086602, 0x20000000)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000380), 0x2, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x101241, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r12, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013e641, 0x0})
r13 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4000ae84, &(0x7f0000000240)={{0xeeee8000, 0x2, 0xe, 0x6, 0x2c, 0x50, 0x8, 0x8, 0x19, 0xda, 0x60, 0x10}, {0x6000, 0xffff1000, 0xd, 0x5, 0x5, 0xc4, 0x2, 0x5, 0x94, 0x0, 0x4}, {0x8080000, 0x3000, 0x0, 0x1, 0x8, 0x0, 0x6, 0x1, 0x4, 0x40, 0x4, 0xd4}, {0xdddd0000, 0x100000, 0xc, 0x5, 0xb9, 0x4, 0x6, 0x1, 0x5, 0x6, 0x1, 0x6}, {0x2, 0x8000000, 0x0, 0x10, 0x1, 0x80, 0x0, 0x80, 0x9, 0x40, 0x0, 0x40}, {0x8081000, 0x33239003, 0x4753fcd8430e353, 0x9, 0x8, 0x9, 0x67, 0x6, 0x0, 0x80, 0xb7, 0x3}, {0x0, 0xd000, 0x3, 0x10, 0xd, 0x6, 0x2, 0x10, 0x7, 0x8, 0x1, 0x9}, {0x4, 0x6000, 0x10, 0x9, 0x2e, 0x8, 0x9, 0x8, 0x9d, 0x5, 0xf, 0x9}, {0xe6e50000, 0xabb}, {0x100000, 0x6}, 0xa0000012, 0x0, 0xd000, 0x100006, 0x7, 0x0, 0xd000, [0x4, 0x3, 0x2, 0xac8]})
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r14, 0x0)
syz_kvm_setup_cpu$arm64(r13, r14, &(0x7f0000009000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
r15 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r16 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r15, 0xae04)
r17 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r16, 0xb, 0x11, r14, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r17, 0xffffffffffffffff)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000160001, &(0x7f00000001c0)=0x100000001})
ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)

36m58.969999462s ago: executing program 47 (id=454):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x5, 0x0, 0x0})
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000140)=@arm64_sve={0x6080000000150355, &(0x7f00000000c0)=0x1})
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x8)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r7, 0x4010ae68, &(0x7f0000000080)={0xeeef0000, 0x4000, 0x1})
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r9, 0x1, 0x100)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r13, 0x4008ae6a, &(0x7f00000002c0)=ANY=[])
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r14 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r14, 0xae03, 0xbb)
r15 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000240)={0x0, &(0x7f0000000280)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x10, 0x6, 0x2}}, @irq_setup={0x46, 0x18, {0x3, 0x4}}, @eret={0xe6, 0x18, 0x3}, @eret={0xe6, 0x18, 0x6}, @smc={0x1e, 0x40, {0xc4000053, [0x0, 0x3534, 0x5, 0x2, 0xffffffffffffffff]}}, @mrs={0xbe, 0x18, {0x603000000013da17}}, @svc={0x122, 0x40, {0x1, [0x5, 0x2, 0x7fff, 0xfffffffffffffff7, 0x6]}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x3de}}, @irq_setup={0x46, 0x18, {0x3, 0x258}}, @uexit={0x0, 0x18, 0x2}, @smc={0x1e, 0x40, {0x84000003, [0x0, 0x9, 0x3000000000000, 0x8001, 0x8001]}}, @svc={0x122, 0x40, {0x84000050, [0x5, 0xaf9b, 0x80000001, 0x2, 0x1]}}, @hvc={0x32, 0x40, {0xc400000d, [0x0, 0x8000000000000001, 0xffffffffffff68bd, 0x100000000, 0x7ff]}}, @uexit={0x0, 0x18, 0x100000000000101}, @smc={0x1e, 0x40, {0x80007fff, [0x6, 0x100000001, 0xe, 0x3e3, 0xffffffff]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff8, 0x9, 0x1}}, @smc={0x1e, 0x40, {0x2000000, [0x101, 0x99, 0x2, 0x9, 0xe1c4]}}], 0x2f0}, 0x0, 0x0)

29m52.251762737s ago: executing program 7 (id=456):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

29m40.21230554s ago: executing program 6 (id=457):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_API_VERSION(0xffffffffffffffff, 0xae00, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x2873f7aecfc88708, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x24)
openat$kvm(0x0, &(0x7f0000000000), 0x2000, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xab)
ioctl$KVM_CHECK_EXTENSION_VM(0xffffffffffffffff, 0xae03, 0xae)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x81)

29m36.72504018s ago: executing program 7 (id=458):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x80111500, 0x20000000)
r0 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0x80111500, 0x1ffffffb)
close(r2)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r6 = syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_HAS_DEVICE_ATTR(r6, 0x4018aee3, &(0x7f0000000380)=@attr_other={0x0, 0x1, 0xc00000, 0x0})
r7 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xc0045878, 0x20000000)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(r0, 0x20, &(0x7f0000000000)="5071964896690418b471ac28f0b5f507b3125fac4a0c3a8c", 0x0, 0x18)
r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138004, 0x8000}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r15, 0xae80, 0x0)
syz_kvm_assert_reg(r15, 0x6030000000138004, 0x8000)
ioctl$KVM_CHECK_EXTENSION_VM(r11, 0xae03, 0x58)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)

29m27.411129782s ago: executing program 6 (id=459):
r0 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000003c0)={0x0, &(0x7f0000000000)=[@smc={0x1e, 0x40, {0x80000002, [0xf3b4, 0x4, 0x6a725be2, 0x1, 0x7f]}}, @svc={0x122, 0x40, {0x3f000000, [0x4, 0x100, 0x2, 0xffffffffffffffff, 0x4]}}, @msr={0x14, 0x20, {0x603000000013e100, 0x3}}, @irq_setup={0x46, 0x18, {0x4, 0x338}}, @uexit={0x0, 0x18, 0x4}, @svc={0x122, 0x40, {0x32000000, [0x4, 0x1, 0x10, 0x8, 0x81]}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x329}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0x123}}, @uexit={0x0, 0x18, 0x21}, @irq_setup={0x46, 0x18, {0x1, 0x1eb}}, @hvc={0x32, 0x40, {0x4000052b, [0x8, 0x5, 0x7fff, 0xffffffffffffff85, 0x7]}}, @msr={0x14, 0x20, {0x603000000013df75, 0x5}}, @msr={0x14, 0x20, {0x603000000013e10a, 0x7fffffff}}, @irq_setup={0x46, 0x18, {0x1, 0x22b}}, @smc={0x1e, 0x40, {0x8, [0x8, 0xf0, 0x8, 0x4]}}, @code={0xa, 0x54, {"007008d5603d8bd200c0b8f2810180d2220180d2030080d2240080d2020000d400c0e21e008008d5007008d5007008d5007008d5000080b9000008d500004008"}}, @irq_setup={0x46, 0x18, {0x4, 0x12e}}, @uexit={0x0, 0x18, 0x4}, @hvc={0x32, 0x40, {0x80003fff, [0x2, 0x3, 0x7, 0x438e1c1d, 0xbc4]}}, @svc={0x122, 0x40, {0x86000001, [0x2, 0xffffffffffffffff, 0x3, 0x4, 0x9]}}, @irq_setup={0x46, 0x18, {0x2, 0x1d7}}], 0x384}, &(0x7f0000000400)=[@featur2={0x1, 0x1}], 0x1)
ioctl$KVM_SET_GUEST_DEBUG(r0, 0x4208ae9b, &(0x7f0000000440)={0x10001, 0x0, [0x1e452a8c, 0x6c, 0xffffffff, 0x7, 0x0, 0x9, 0x7, 0x8000]})
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r0, 0x4018aee3, &(0x7f0000000500)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f00000004c0)=0x2})
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2a)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000540)={0x0, 0x6, 0xeeee8000, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3e)
ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x6c5)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000580)={0x0, 0x1, 0x4, 0x1000, &(0x7f0000fff000/0x1000)=nil})
syz_kvm_setup_cpu$arm64(r1, r0, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000b80)=[{0x0, &(0x7f00000005c0)=[@irq_setup={0x46, 0x18, {0x2, 0x30a}}, @hvc={0x32, 0x40, {0x8400000d, [0x7, 0x6, 0x7349, 0x4, 0x1]}}, @svc={0x122, 0x40, {0x40000000, [0x1000, 0xff12, 0xc2, 0x6, 0x1]}}, @irq_setup={0x46, 0x18, {0x4, 0x397}}, @svc={0x122, 0x40, {0x3000000, [0x400, 0x1000, 0x0, 0x0, 0x6]}}, @msr={0x14, 0x20, {0x603000000013dee3, 0x7}}, @svc={0x122, 0x40, {0x84000010, [0x8, 0x100000000, 0x0, 0x2, 0xa]}}, @smc={0x1e, 0x40, {0x84000012, [0x10, 0x6, 0x9, 0x8, 0x100000000]}}, @msr={0x14, 0x20, {0x603000000013c4cd, 0x8691}}, @code={0xa, 0x84, {"0084200e0000003c002cc01a007008d5e03181d200e0b0f2410180d2020180d2430080d2a40080d2020000d400000092007008d5205196d200a0b8f2810080d2820080d2630180d2c40080d2020000d420ab94d20040b8f2c10080d2020080d2e30180d2840080d2020000d4008008d5"}}, @irq_setup={0x46, 0x18, {0x0, 0x385}}, @code={0xa, 0x9c, {"00d8a02e008008d5007008d500218ed200e0b0f2210180d2a20080d2c30180d2c40180d2020000d460e993d200e0b0f2e10080d2220180d2830080d2840080d2020000d4007008d5a0b78bd200c0b0f2410080d2220080d2a30080d2640180d2020000d4805294d20080b8f2010080d2e20180d2e30080d2440180d2020000d45f2003d5000028d5"}}, @uexit={0x0, 0x18, 0x81}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x2, 0x6, 0x9, 0x9a, 0x4}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x340}}, @eret={0xe6, 0x18, 0xffffffffffffffff}, @svc={0x122, 0x40, {0xc400000d, [0x6, 0x2, 0xed3c, 0x800, 0x413fabb4]}}, @eret={0xe6, 0x18, 0x10}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x400, 0x6, 0x8}}, @hvc={0x32, 0x40, {0x400, [0x0, 0x0, 0xc, 0x5, 0x4]}}, @eret={0xe6, 0x18, 0xffffffffffffff7f}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x2, 0x2, 0x685, 0x2, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x100, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x1, 0x10, 0x3, 0x0, 0x1}}, @msr={0x14, 0x20, {0x603000000013802c, 0x7}}, @mrs={0xbe, 0x18, {0x603000000013e099}}, @smc={0x1e, 0x40, {0x8400000e, [0xf, 0x1, 0x4, 0x1a17, 0x8000000000000000]}}, @uexit={0x0, 0x18, 0x1}, @smc={0x1e, 0x40, {0xf400000d, [0x7, 0x1, 0x8, 0x6, 0x1]}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x2fe}}], 0x5c0}], 0x1, 0x0, &(0x7f0000000bc0)=[@featur2], 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000c00)=@x86={0x63, 0xf8, 0x26, 0x0, 0x3ff, 0x3, 0x3, 0x4, 0x8, 0x6, 0x4, 0x0, 0x0, 0x80, 0x2, 0x9, 0x6, 0x2, 0xc, '\x00', 0x4, 0x3})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000c40)={0xb, <r4=>0xffffffffffffffff})
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x18)
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f0000000c80)={0x3000, 0x8000, 0x1})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000cc0), 0x24001, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x36)
ioctl$KVM_CLEAR_DIRTY_LOG(r7, 0xc018aec0, &(0x7f0000001100)={0x10200, 0x200, 0x340, &(0x7f0000000d00)=[0x5, 0x8, 0x80000000, 0x8000000000000001, 0x5, 0x3, 0x3, 0x8, 0x9, 0x8001, 0x800, 0x4, 0x248d2ed7, 0x3, 0x12a, 0x0, 0x0, 0x2, 0x6, 0x3, 0x4, 0xd, 0xa, 0xffffffffffffffff, 0xc, 0x3, 0x8b, 0x9, 0xa, 0x3, 0x3, 0x2, 0x81, 0x1, 0x5, 0x6, 0xe14e, 0x101, 0x0, 0x9, 0xa39e, 0x9f, 0x8, 0x3, 0x9, 0x35, 0xfff, 0x9, 0x7, 0x8, 0xff, 0x7, 0x7, 0x6d, 0x5, 0x10000, 0x1, 0x9e4, 0x100000001, 0xffffffff, 0xfffffffffffffff8, 0xfffffffffffffffe, 0x79, 0x3ff, 0x9, 0x1, 0x33, 0xffffffffffffff01, 0x7, 0x4, 0xe, 0x4cd2, 0x800, 0x7fffffffffffffff, 0x8, 0xffffffffffffffff, 0x1, 0x9, 0x8000, 0x1, 0x7fff, 0x5, 0x0, 0x7b0d1a5f, 0x100, 0x5, 0x401, 0x7, 0x80000000, 0x35bc, 0x0, 0x4, 0x80, 0x2ce7, 0xa, 0x8, 0x9, 0xf, 0x4, 0x6, 0x7ff, 0x30, 0x2, 0xaa, 0x0, 0x8, 0x3, 0x1, 0x3, 0x129, 0x3, 0x0, 0x1, 0x6c, 0x2, 0x3, 0x1d, 0xffffffff80000001, 0x1, 0x4932, 0x9, 0x7, 0x1, 0x800, 0xd672, 0xfffffffffffffff9, 0x3, 0x1]})
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x15)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r0, 0x4018aee2, &(0x7f0000001180)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000001140)=0x3})
r8 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2a)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f00000011c0)={0x2710, 0x0, 0x1, 0x2000, &(0x7f0000e9e000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r8, 0x4010ae67, &(0x7f0000001200)={0xeef3dfc89000a5b5, 0x8000, 0x1})
syz_kvm_setup_cpu$arm64(r7, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000001400)=[{0x0, &(0x7f0000001240)=[@mrs={0xbe, 0x18, {0x603000000013c00c}}, @eret={0xe6, 0x18, 0xd}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x0, 0x7, 0xb}}, @mrs={0xbe, 0x18, {0x603000000013c10a}}, @code={0xa, 0xb4, {"a0f497d20000b0f2010080d2020180d2c30080d2a40180d2020000d4000028d520ea8ad20040b0f2c10080d2220080d2e30080d2240080d2020000d400c282d20000b8f2210080d2220180d2630180d2640080d2020000d400109fd20000b0f2610080d2820180d2630080d2a40180d2020000d40004805a0040bf0d008008d5c03099d20000b8f2810080d2020080d2a30080d2c40080d2020000d40090200e"}}, @smc={0x1e, 0x40, {0x8400000d, [0x4, 0xfffffffffffffff0, 0x0, 0x7fff, 0x9]}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x3c6}}], 0x194}], 0x1, 0x0, &(0x7f0000001440)=[@featur2={0x1, 0x12}], 0x1)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r0, 0x4018aee3, &(0x7f00000014c0)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000001480)={0x3d29, 0x2, 0x1}})
ioctl$KVM_CHECK_EXTENSION_VM(r5, 0xae03, 0x7)
ioctl$KVM_CAP_DIRTY_LOG_RING(r4, 0x4068aea3, &(0x7f0000001500)={0xc0, 0x0, 0x1c000})
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r0, 0x4018aee2, &(0x7f00000015c0)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000001580)=0x3ef})
ioctl$KVM_GET_DEVICE_ATTR_vm(r5, 0x4018aee2, &(0x7f0000001640)=@attr_other={0x0, 0x4529, 0x3b, &(0x7f0000001600)=0x6a})
r9 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31)
ioctl$KVM_CLEAR_DIRTY_LOG(r9, 0xc018aec0, &(0x7f0000001a80)={0x2, 0x10000, 0x400, &(0x7f0000001680)=[0xea, 0x0, 0x87, 0x9, 0x10001, 0x0, 0x3, 0x6954, 0x8, 0x3, 0x5, 0x2, 0x9, 0x8, 0x0, 0x8001, 0x9, 0x5cb, 0x0, 0x7, 0xfffffffffffffffc, 0x81, 0x0, 0x10, 0x8, 0x5, 0x80000001, 0xffffffffffffffe1, 0x0, 0x1f3, 0x100000000, 0x7, 0x3, 0x7, 0x7a977d38, 0x100000000, 0x2, 0x5, 0x0, 0x7, 0x6, 0x1, 0x200, 0xffff, 0x5, 0x1, 0x1c5f, 0x9738, 0x91, 0x6, 0x7, 0x9, 0x4, 0x8, 0x4, 0xf648, 0x4, 0x10, 0x8, 0x3, 0xfffffffffffffffa, 0x9, 0x100000001, 0x2, 0x4, 0x3, 0x0, 0x80, 0x6, 0x0, 0x8, 0x3, 0x2, 0x6, 0x2, 0xa, 0x340, 0x4, 0x1, 0x5f3b21b5, 0xfffffffffffffff9, 0xf19, 0x1, 0x9, 0x7, 0xfffffffffffffff7, 0x8, 0x5a, 0x6, 0x200, 0x14, 0xf, 0x2a3, 0x3, 0x5, 0x2, 0x7fff, 0x4, 0x6, 0x7, 0x6, 0xa7, 0x3e, 0x7, 0x3, 0x28, 0xc, 0x2e, 0xffffffffffffffff, 0x548, 0x3, 0x0, 0x6, 0x7ff, 0x0, 0x3, 0x5, 0x80, 0x80000001, 0x9, 0x7, 0x7, 0xffff, 0x100000000, 0x100000000, 0xffff, 0x2, 0x2]})

29m16.058354433s ago: executing program 6 (id=460):
openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x2, 0x8, 0x80, 0x80}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000a1e000/0x400000)=nil)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
r4 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r3, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000240)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)

29m11.13896678s ago: executing program 7 (id=461):
openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x2, 0x8, 0x80, 0x80}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r3=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xb8000, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x2f)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000a1e000/0x400000)=nil)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
r7 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r6, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000240)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)

28m57.872470268s ago: executing program 6 (id=462):
openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x2, 0x8, 0x80, 0x80}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r3=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xb8000, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x2f)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000a1e000/0x400000)=nil)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
r7 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r6, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000240)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)

28m52.285239164s ago: executing program 7 (id=463):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1b)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x8})
ioctl$KVM_SIGNAL_MSI(r3, 0x4020aea5, &(0x7f0000000200)={0x8090040, 0x0, 0x0, 0x1})
ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000000)={0x0, 0x100, 0x1c0, 0x0})

28m41.239880302s ago: executing program 6 (id=464):
openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x2, 0x8, 0x80, 0x80}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r3=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xb8000, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x2f)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000a1e000/0x400000)=nil)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
r7 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r6, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000240)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)

28m39.142309999s ago: executing program 7 (id=465):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
r3 = syz_kvm_vgic_v3_setup(r2, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x5, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000140)={0x2, 0x79})
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r12, r13, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r13, 0x4010aeab, &(0x7f0000000100)=@arm64_fp={0x60400000001000a4, &(0x7f0000000140)=0xfffffffffffffffc})
r14 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur2={0x1, 0x12}], 0x1)
ioctl$KVM_RUN(r15, 0xae80, 0x0)
r16 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x3, 0xfffffffd, 0x0, 0x0, 0x0, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r17=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r17, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r16, 0xae80, 0x0)

28m24.523419424s ago: executing program 6 (id=466):
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x24)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000040)={0xdddd1000, 0x2000, 0x1ff, 0x1, 0xfffffffa})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x28)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_setup_cpu$arm64(r3, r5, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000c40)=ANY=[], 0x318}], 0x1, 0x0, &(0x7f0000000080)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_GET_VCPU_EVENTS(r0, 0x8040ae9f, &(0x7f0000000000)=@arm64)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)

27m52.812256529s ago: executing program 48 (id=465):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
r3 = syz_kvm_vgic_v3_setup(r2, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x5, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000140)={0x2, 0x79})
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r12, r13, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r13, 0x4010aeab, &(0x7f0000000100)=@arm64_fp={0x60400000001000a4, &(0x7f0000000140)=0xfffffffffffffffc})
r14 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur2={0x1, 0x12}], 0x1)
ioctl$KVM_RUN(r15, 0xae80, 0x0)
r16 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x3, 0xfffffffd, 0x0, 0x0, 0x0, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r17=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r17, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r16, 0xae80, 0x0)

27m35.610738898s ago: executing program 49 (id=466):
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x24)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000040)={0xdddd1000, 0x2000, 0x1ff, 0x1, 0xfffffffa})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x28)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_setup_cpu$arm64(r3, r5, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000c40)=ANY=[], 0x318}], 0x1, 0x0, &(0x7f0000000080)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_GET_VCPU_EVENTS(r0, 0x8040ae9f, &(0x7f0000000000)=@arm64)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)

20m13.450693604s ago: executing program 9 (id=468):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138004, 0x8000}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_assert_reg(r5, 0x6030000000138004, 0x8000)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = eventfd2(0x4, 0x80801)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000000)={0x0, 0xf000, 0x1, r8, 0x3})
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000080)=@arm64_core={0x6030000000100016, &(0x7f0000000100)=0xc5c5})

19m53.98275991s ago: executing program 9 (id=471):
r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
r1 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000bfe000/0x400000)=nil)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000e8a000/0x2000)=nil, r2, 0x0, 0x1010, r0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f0000000000)=@arm64={0x9, 0x5, 0x6, '\x00', 0x3})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x18000, 0x0)
r4 = ioctl$KVM_GET_STATS_FD_vm(r0, 0xaece)
mmap$KVM_VCPU(&(0x7f0000f8e000/0x4000)=nil, r2, 0x3, 0x1010, r4, 0x0)
r5 = syz_kvm_add_vcpu$arm64(r1, &(0x7f00000002c0)={0x0, &(0x7f0000000080)=[@uexit={0x0, 0x18, 0x1}, @uexit={0x0, 0x18, 0xb}, @code={0xa, 0x84, {"c03c88d20080b0f2810080d2420180d2630180d2840180d2020000d460fc9cd200a0b8f2e10080d2e20180d2230180d2240180d2020000d4e0e799d20080b0f2010180d2020180d2030180d2440180d2020000d4001c602e0008a0f8007008d50000407c0000669e000028d5003c000e"}}, @memwrite={0x6e, 0x30, @generic={0xf000, 0x652, 0x5, 0x1}}, @smc={0x1e, 0x40, {0x8400000c, [0x3561, 0x5, 0x8, 0x3, 0x18000000000]}}, @smc={0x1e, 0x40, {0x40000000, [0xfffffffffffffe01, 0x5, 0x10, 0x10000, 0x3]}}, @irq_setup={0x46, 0x18, {0x2, 0xc2}}, @mrs={0xbe, 0x18, {0x603000000013e712}}, @hvc={0x32, 0x40, {0x8, [0x5, 0x62d, 0x6, 0x7, 0x5]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x300, 0xb, 0x4}}], 0x204}, &(0x7f0000000300)=[@featur2={0x1, 0x8}], 0x1)
mmap$KVM_VCPU(&(0x7f0000c5b000/0x2000)=nil, r2, 0x0, 0x10010, r5, 0x0)
r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x26)
syz_kvm_setup_cpu$arm64(r6, r5, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000880)=[{0x0, &(0x7f0000000340)=[@mrs={0xbe, 0x18, {0x603000000013de90}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x1, 0xb, 0x9, 0x1ff, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x0, 0x6, 0x4, 0x1, 0x4}}, @code={0xa, 0xb4, {"000008d5007008d540f684d200a0b0f2010180d2e20080d2630180d2a40180d2020000d4007008d5c0a287d20020b8f2c10080d2020080d2030180d2840180d2020000d440ed94d200a0b8f2010180d2220180d2e30080d2c40180d2020000d4008008d5e0778cd20040b0f2e10180d2820180d2030080d2440180d2020000d4e0199ed200a0b8f2010080d2020180d2830080d2c40080d2020000d4007008d5"}}, @hvc={0x32, 0x40, {0x6000000, [0x80000000, 0x100000001, 0x2, 0x0, 0x80000000]}}, @irq_setup={0x46, 0x18, {0x0, 0x32e}}, @msr={0x14, 0x20, {0x603000000013c4cc, 0x2}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x47}}, @msr={0x14, 0x20, {0x603000000013e64d, 0x1}}, @irq_setup={0x46, 0x18, {0x0, 0x18d}}, @msr={0x14, 0x20, {0x603000000013c2a4, 0x7fffffff}}, @svc={0x122, 0x40, {0x80000000, [0x8000000000000000, 0x1, 0x6, 0x1, 0x1]}}, @mrs={0xbe, 0x18, {0xc06000000027920e}}, @uexit={0x0, 0x18, 0x2}, @eret={0xe6, 0x18, 0x9}, @msr={0x14, 0x20, {0x603000000013e65f, 0x50000000000}}, @smc={0x1e, 0x40, {0xc5000020, [0xfc, 0x1, 0xb52, 0x84, 0xc]}}, @hvc={0x32, 0x40, {0x84000053, [0x1, 0x6, 0xae21, 0xa40, 0x3]}}, @msr={0x14, 0x20, {0x603000000013c522, 0xffffffffffffffff}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x2, 0xf, 0x0, 0x8, 0x4}}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x1d2}}, @svc={0x122, 0x40, {0x6000000, [0x4, 0x7fffffffffffffff, 0x10001, 0x0, 0xd]}}, @memwrite={0x6e, 0x30, @generic={0x1000, 0xd6e, 0x1, 0x1}}, @eret={0xe6, 0x18, 0xa41}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x180, 0x0, 0x4}}, @msr={0x14, 0x20, {0x603000000013807f, 0xffffffffffffffff}}, @eret={0xe6, 0x18, 0x6}, @msr={0x14, 0x20, {0x603000000013dee2, 0x9}}, @eret={0xe6, 0x18, 0x2}, @irq_setup={0x46, 0x18, {0x0, 0x3c1}}, @msr={0x14, 0x20, {0x603000000013c804, 0x6}}, @mrs={0xbe, 0x18, {0x603000000013df78}}], 0x524}], 0x1, 0x0, &(0x7f00000008c0), 0x1)
r7 = syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000d80)={0x0, &(0x7f0000000900)=[@hvc={0x32, 0x40, {0x80000000, [0x7, 0x9, 0x7fffffffffffffff, 0x6, 0x2]}}, @irq_setup={0x46, 0x18, {0x2, 0x273}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x4, 0xc, 0x0, 0x3, 0x4}}, @irq_setup={0x46, 0x18, {0x4, 0x344}}, @msr={0x14, 0x20, {0x603000000013802f, 0xffff}}, @hvc={0x32, 0x40, {0x30000000, [0x9, 0x518, 0x6, 0x4324, 0x400]}}, @msr={0x14, 0x20, {0x603000000013da28, 0x6}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x0, 0x7fffffff, 0x6}}, @its_send_cmd={0xaa, 0x28, {0x6, 0x1, 0x1, 0x0, 0x6, 0x7, 0x3}}, @mrs={0xbe, 0x18, {0x6030000000138066}}, @code={0xa, 0x3c, {"007008d50000399e007008d5007008d5000008d500c0005f000820f8007008d500004029000028d5"}}, @hvc={0x32, 0x40, {0x1000000, [0x3, 0x3, 0x6, 0x80000001, 0x8]}}, @uexit={0x0, 0x18, 0x4}, @uexit={0x0, 0x18, 0xe}, @smc={0x1e, 0x40, {0xc4000014, [0xe, 0x0, 0xe327, 0x10001, 0x2]}}, @smc={0x1e, 0x40, {0x84000011, [0x8, 0x80, 0x1, 0x7, 0x2a2]}}, @svc={0x122, 0x40, {0x0, [0x4, 0x8, 0x0, 0x3, 0xffffffff]}}, @eret={0xe6, 0x18, 0x9}, @hvc={0x32, 0x40, {0x1, [0x1, 0x9, 0xfffffffffffffffb, 0x4]}}, @svc={0x122, 0x40, {0x100, [0x6, 0x7fff, 0x4, 0x4, 0xd]}}, @irq_setup={0x46, 0x18, {0x0, 0x366}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x2, 0xc, 0x2, 0x7ff, 0x3}}, @svc={0x122, 0x40, {0x800, [0x8000000000000001, 0x7, 0x1c13, 0x86, 0x800]}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x4, 0xb, 0xffffffff, 0x8bd, 0x4}}, @msr={0x14, 0x20, {0x6030000000130203, 0x200}}], 0x454}, &(0x7f0000000dc0)=[@featur2={0x1, 0x2}], 0x1)
mmap$KVM_VCPU(&(0x7f0000fd2000/0x3000)=nil, r2, 0x0, 0x20010, r7, 0x0)
r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x18)
r9 = eventfd2(0xd, 0x801)
ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f0000000e00)={r4, 0x7, 0x1, r9})
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r5, 0x4018aee2, &(0x7f0000000e80)=@attr_irq_timer={0x0, 0x1, 0x2, &(0x7f0000000e40)=0x1d})
syz_kvm_vgic_v3_setup(r4, 0x3, 0x0)
ioctl$KVM_SET_REGS(r0, 0x4360ae82, &(0x7f0000000ec0)={[0x8, 0x7fff, 0x0, 0x1, 0xe0, 0xfff, 0x4, 0x3, 0x5, 0x3, 0x4, 0x500000000000000, 0x80, 0xfff, 0x7, 0x2], 0xd295a77dd6cd7a7, 0x40000})
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r4, 0x4010ae74, &(0x7f0000000f80)={0x2, 0x6, 0x800})
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000fc0)={0x5, <r10=>0xffffffffffffffff, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r8, 0x4010ae67, &(0x7f0000001000)={0x1, 0x103000, 0x1})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f0000001040)={0x4, 0xc000, 0x1})
ioctl$KVM_SET_DEVICE_ATTR_vm(r6, 0x4018aee1, &(0x7f00000010c0)=@attr_other={0x0, 0x8000, 0x6, &(0x7f0000001080)=0x1})
mmap$KVM_VCPU(&(0x7f0000f2a000/0x3000)=nil, 0x0, 0x8, 0x100010, r5, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r0, 0x4010ae74, &(0x7f0000001100)={0x2, 0x4, 0x2})
r11 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r11, &(0x7f0000001400)={0x0, &(0x7f0000001140)=[@eret={0xe6, 0x18, 0xffffffff80000000}, @its_setup={0x82, 0x28, {0x0, 0x0, 0xb3}}, @mrs={0xbe, 0x18, {0x603000000013c4f6}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x380, 0x7, 0x2}}, @smc={0x1e, 0x40, {0x1, [0x0, 0xe, 0x1, 0x7f, 0x1]}}, @msr={0x14, 0x20, {0x603000000013deb6, 0x3}}, @code={0xa, 0x84, {"007008d5008008d5e02289d20020b8f2210180d2c20180d2430080d2040080d2020000d4007008d50048201ee02196d200a0b0f2010180d2620180d2a30180d2840080d2020000d40008403a007008d5000028d5c05385d20080b8f2a10080d2820080d2e30080d2840080d2020000d4"}}, @mrs={0xbe, 0x18, {0x603000000013c00b}}, @smc={0x1e, 0x40, {0x8200ff35, [0x4, 0xffffffffffff0001, 0x9, 0x1000, 0x9]}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x170}}, @msr={0x14, 0x20, {0x603000000013e642, 0x100000001}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1200, 0x46c5}}, @smc={0x1e, 0x40, {0x3f000000, [0x4, 0x800, 0x5, 0x1, 0x7]}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x1, 0x2, 0x800, 0x0, 0x4}}], 0x2a4}, &(0x7f0000001440)=[@featur1={0x1, 0x20}], 0x1)
ioctl$KVM_HAS_DEVICE_ATTR(r10, 0x4018aee3, &(0x7f00000014c0)=@attr_other={0x0, 0x106, 0x397, &(0x7f0000001480)=0xea2})

19m46.142389549s ago: executing program 9 (id=472):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x599002, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000040)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f00000002c0)=0x1d})
r4 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000240)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x5})
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31)
r8 = openat$kvm(0x0, &(0x7f0000000000), 0x29cc80, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0xfffffffffffffffd)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000c6a000/0x3000)=nil, 0x930, 0x1000003, 0x28031, r8, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x0, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f00000000c0)={0x101fc, 0x3, 0x5000, 0x1000, &(0x7f0000f3d000/0x1000)=nil})
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000bfe000/0x400000)=nil)
r10 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000340)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x0, 0x4, 0x1}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r7, 0x4, 0x40)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x2, 0x9, &(0x7f0000000100)=0xc})
r12 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r12, 0x3, 0xa0)
r13 = eventfd2(0x80000003, 0x800)
ioctl$KVM_IRQFD(r9, 0x4020ae76, &(0x7f0000000280)={r13, 0x9})
ioctl$KVM_IRQFD(r12, 0x4020ae76, 0x0)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)

18m59.223557254s ago: executing program 50 (id=472):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x599002, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000040)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f00000002c0)=0x1d})
r4 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000240)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x5})
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31)
r8 = openat$kvm(0x0, &(0x7f0000000000), 0x29cc80, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0xfffffffffffffffd)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000c6a000/0x3000)=nil, 0x930, 0x1000003, 0x28031, r8, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x0, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f00000000c0)={0x101fc, 0x3, 0x5000, 0x1000, &(0x7f0000f3d000/0x1000)=nil})
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000bfe000/0x400000)=nil)
r10 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000340)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x0, 0x4, 0x1}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r7, 0x4, 0x40)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x2, 0x9, &(0x7f0000000100)=0xc})
r12 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r12, 0x3, 0xa0)
r13 = eventfd2(0x80000003, 0x800)
ioctl$KVM_IRQFD(r9, 0x4020ae76, &(0x7f0000000280)={r13, 0x9})
ioctl$KVM_IRQFD(r12, 0x4020ae76, 0x0)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)

15m32.443544956s ago: executing program 8 (id=492):
eventfd2(0x0, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async, rerun: 32)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000000000/0x400000)=nil) (async, rerun: 32)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000040)={0x7, <r2=>0xffffffffffffffff}) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CLEAR_DIRTY_LOG(r4, 0xc018aec0, &(0x7f0000000000)={0x5, 0x340, 0x240, 0x0})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x1})
r5 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0xfffffffffffffffe)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000100)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000080)={0x1fe, 0xa}}) (async)
r10 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f00000004c0)}, &(0x7f00000000c0)=[@featur1={0x1, 0x8}], 0x1) (async)
ioctl$KVM_S390_VCPU_FAULT(r9, 0x4008ae52, &(0x7f0000000000)=0x8)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async, rerun: 64)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (rerun: 64)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_GET_API_VERSION(r6, 0xae00, 0x0) (async, rerun: 32)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 32)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000200)={0x13, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

15m22.69359617s ago: executing program 8 (id=493):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) (async)
r3 = eventfd2(0x0, 0x0)
close(r3) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x103801, 0x0) (async)
write$eventfd(r3, 0x0, 0x0) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000980)={0x0, 0x0}, 0x0, 0x0)

15m13.820695349s ago: executing program 8 (id=494):
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_FINALIZE(r0, 0x4004aec2, &(0x7f0000000040)=0x7) (async)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) (async)
r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r5, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) (async)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async)
r6 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013c081, 0x2}}], 0x20}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000005000/0x1000)=nil, r1, 0xa, 0x3c2a1c3178cda732, r0, 0x0) (async)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000100)={0x7, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000280)=0x400000080a0000}) (async)
ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f0000000000)={0x10001, 0x0, &(0x7f0000009000/0x2000)=nil})

15m4.471354412s ago: executing program 8 (id=495):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x40)
r1 = openat$kvm(0x0, &(0x7f0000000640), 0x4536d43df2569570, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138004, 0x8000}}], 0x20}, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f8e000/0x2000)=nil, 0x930, 0x6, 0x810, 0xffffffffffffffff, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r8, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r8, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r10, 0xae03, 0x58)
r11 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000680)=[@svc={0x122, 0x40, {0x4000000, [0x3, 0xb0, 0xf, 0x4, 0xfd]}}, @smc={0x1e, 0x40, {0x84000001, [0x6, 0x2, 0x5, 0x3]}}, @eret={0xe6, 0x18, 0x1}, @its_setup={0x82, 0x28, {0x0, 0x2, 0xc6}}, @svc={0x122, 0x40, {0x84000052, [0x9, 0x1, 0x1, 0x0, 0xc]}}, @smc={0x1e, 0x40, {0x80, [0x8, 0x479, 0xe6a, 0x100000000, 0x5]}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x81}}, @msr={0x14, 0x20, {0x603000000013808c, 0x1}}, @msr={0x14, 0x20, {0x603000000013df42, 0x2}}, @code={0xa, 0x84, {"e0f59ad20080b0f2610080d2420180d2230180d2040080d2020000d40098200e007008d500a4e00d20c998d20020b0f2e10180d2e20080d2c30080d2840180d2020000d4007008d500000058405798d20020b8f2c10180d2e20080d2630080d2040180d2020000d4000028d500c4202e"}}, @smc={0x1e, 0x40, {0x84000013, [0x81, 0x9ec9, 0x7, 0x7fffffff, 0x7]}}, @svc={0x122, 0x40, {0x2, [0x74, 0x5, 0xc3, 0x100000001, 0x6]}}, @mrs={0xbe, 0x18, {0x603000000013e08a}}, @eret={0xe6, 0x18, 0x7b0}, @smc={0x1e, 0x40, {0x84000012, [0x266, 0x1000, 0x8, 0x7, 0x1]}}, @mrs={0xbe, 0x18, {0x603000000013df55}}, @uexit={0x0, 0x18, 0x78f8}, @its_setup={0x82, 0x28, {0x4, 0x3, 0x32b}}, @svc={0x122, 0x40, {0x31ffffff, [0x4, 0xfffffffffffffff6, 0x0, 0x1, 0x7]}}, @hvc={0x32, 0x40, {0x80000000, [0x7, 0x10, 0x2, 0x2, 0xffffffffffffffff]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x0, 0x4}}], 0x424}, &(0x7f0000000100)=[@featur2={0x1, 0x18}], 0x1)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4020ae46, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000010000000000000008"])
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000140)={0x4, <r14=>0xffffffffffffffff, 0x1})
write$eventfd(r14, &(0x7f00000001c0), 0xfdef)
mmap$KVM_VCPU(&(0x7f0000efe000/0x1000)=nil, r5, 0x3, 0x40010, r11, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_kvm_assert_reg(r4, 0x6030000000138004, 0x8000)
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000000)={0x2})
r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r15, 0xae01, 0x2c)

14m51.273316056s ago: executing program 8 (id=496):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x3, 0xfffffffd, 0x0, 0x0, 0x0, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0x80111500, 0x20000000)
ioctl$KVM_CREATE_VM(r6, 0x5761, 0x2000001c)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

14m42.014653196s ago: executing program 8 (id=497):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r3 = syz_kvm_vgic_v3_setup(r1, 0x2, 0x80)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve={0x6080000000150377, 0x0})
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000200)=@attr_arm64={0x0, 0x6, 0x3, 0x0})
r7 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000100)=@attr_pmu_init)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x31)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, 0x0)
syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013def1, 0xffffffffffffffff}}], 0x20}, &(0x7f00000000c0)=[@featur1={0x1, 0x20}], 0x1)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1f)
r16 = ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r16, 0x0)
syz_kvm_setup_cpu$arm64(r15, r16, &(0x7f0000009000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r16, 0xae80, 0x0)

13m54.82075956s ago: executing program 51 (id=497):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r3 = syz_kvm_vgic_v3_setup(r1, 0x2, 0x80)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve={0x6080000000150377, 0x0})
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000200)=@attr_arm64={0x0, 0x6, 0x3, 0x0})
r7 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000100)=@attr_pmu_init)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x31)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, 0x0)
syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013def1, 0xffffffffffffffff}}], 0x20}, &(0x7f00000000c0)=[@featur1={0x1, 0x20}], 0x1)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1f)
r16 = ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r16, 0x0)
syz_kvm_setup_cpu$arm64(r15, r16, &(0x7f0000009000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r16, 0xae80, 0x0)

10m25.668879706s ago: executing program 0 (id=507):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
r6 = ioctl$KVM_CREATE_VM(r5, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xb704, 0x0)
r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0xc4000012, [0x8, 0x939, 0xe, 0x7f, 0xd]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

10m14.501479025s ago: executing program 0 (id=508):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x200002, 0x0) (async, rerun: 32)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1}) (rerun: 32)
ioctl$KVM_CREATE_VM(r5, 0x400454d0, 0x1) (async, rerun: 32)
r6 = openat$kvm(0x0, &(0x7f00000001c0), 0xc0500, 0x0) (rerun: 32)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x6001, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@memwrite={0x6, 0x30, @vgic_gicr={0x80a0000, 0xa0, 0x1, 0xb}}], 0x30}, 0x0, 0x0) (async, rerun: 32)
syz_kvm_vgic_v3_setup(r10, 0x1, 0x100) (async, rerun: 32)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000080)={0x0, &(0x7f0000000740)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xb0, 0x14, 0x3}}, @irq_setup={0x46, 0x18, {0x1, 0xdf}}], 0x48}, 0x0, 0x0) (async, rerun: 64)
ioctl$KVM_RUN(r12, 0xae80, 0x0) (rerun: 64)
r16 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04) (async)
r17 = ioctl$KVM_GET_STATS_FD_vm(r7, 0xaece)
mmap$KVM_VCPU(&(0x7f00007ee000/0x3000)=nil, r16, 0x1, 0x11, r17, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000140)=@attr_other={0x0, 0x1000, 0x10001, &(0x7f0000000100)=0x7}) (async, rerun: 32)
r18 = openat$kvm(0x0, &(0x7f0000000100), 0x82001, 0x0) (rerun: 32)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x3000007, 0x2012, r18, 0x0) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async)
r19 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_HAS_DEVICE_ATTR(r19, 0x4018aee3, &(0x7f0000000380)=@attr_arm64={0x0, 0x3, 0x4, &(0x7f0000000040)=0xb4})

10m3.843691777s ago: executing program 0 (id=509):
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000a1e000/0x400000)=nil)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x53})
r3 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r1, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0x5451, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000040)={0x8, <r5=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f00000000c0)=@attr_other={0x0, 0x40007, 0x5, &(0x7f0000000080)=0x5})
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)

9m56.281219163s ago: executing program 0 (id=510):
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_setup_cpu$arm64(r0, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000001140)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f0000001180)=[@featur2={0x1, 0xac}], 0x1) (async)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, r4, 0xf, 0x20010, r3, 0x0) (async)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, 0x0) (async)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x8002, 0x0)
ioctl$KVM_CREATE_VM(r7, 0x5452, 0x2000fdfd)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0xe2a00, 0x0)
ioctl$KVM_CREATE_VM(r8, 0x5452, 0x2000fdfd) (async)
r9 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000100)={0x0, &(0x7f0000000000)=[@msr={0x14, 0x20, {0x6030000000139828, 0x3}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil) (async)
r11 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x200)
ioctl$KVM_HAS_DEVICE_ATTR(r11, 0x4018aee3, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000080)=0x9})
r12 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x4010, 0xffffffffffffffff, 0x0)

9m46.106393352s ago: executing program 0 (id=511):
r0 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c2394576000000000000000000000400", 0x0, 0xfffffffffffffec5)

9m35.938241903s ago: executing program 0 (id=512):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000040)={0x2710, 0x2, 0xd000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x1fd, 0x2, 0x8000000, 0x1000, &(0x7f0000c42000/0x1000)=nil})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r10, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r8, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)

8m48.662330857s ago: executing program 52 (id=512):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000040)={0x2710, 0x2, 0xd000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x1fd, 0x2, 0x8000000, 0x1000, &(0x7f0000c42000/0x1000)=nil})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r10, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r8, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)

1m0.568919496s ago: executing program 1 (id=554):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x4, 0x80801)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x0, 0xf000, 0x1, r2, 0x3}) (async)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_HALT_POLL(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000000)={0xb6, 0x0, 0xffffffff80000000}) (async)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_HALT_POLL(r4, 0x4068aea3, &(0x7f0000000280)={0xb6, 0x0, 0x6})
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x0, 0x0, 0x4, 0x0, 0x0, 0x2}}], 0x50}, 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x602bc3, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1000) (async)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000300)={0x8001, 0x6}) (async)
ioctl$KVM_GET_DEVICE_ATTR_vm(r4, 0x4018aee2, &(0x7f0000000400)=@attr_other={0x0, 0x7, 0xcdb6, &(0x7f00000003c0)=0x5})
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000640)={0x0, &(0x7f0000000480)=[@mrs={0xbe, 0x18, {0x603000000013dce5}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x13e}}, @mrs={0xbe, 0x18, {0x603000000013c4ce}}, @msr={0x14, 0x20, {0x603000000013c029}}, @smc={0x1e, 0x40, {0x8, [0x9, 0x8, 0x10001, 0x7, 0x6]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1200, 0xb489}}, @msr={0x14, 0x20, {0x603000000013c663}}, @its_setup={0x82, 0x28, {0x4, 0x3, 0x2d0}}, @svc={0x122, 0x40, {0x84000002, [0x8001, 0x7fffffff, 0x10000, 0x100000000, 0x3]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x40, 0x2, 0xe}}], 0x1a0}, &(0x7f0000000680)=[@featur2={0x1, 0x2}], 0x1) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000180)={0x3000, 0x0, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000380)={0x2, 0x25000, 0x1}) (async)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_vgic_v3_setup(r9, 0x1, 0x100) (async)
r11 = openat$kvm(0x0, &(0x7f0000000200), 0x6c0200, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r13, 0x4018aee2, &(0x7f0000000040)=@attr_other={0x0, 0x2}) (async)
ioctl$KVM_GET_DEVICE_ATTR(r10, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x0, 0x0})
ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f0000000440)={0x2, 0x12000, 0xffffffff})
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8})

56.890689294s ago: executing program 3 (id=555):
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r0, 0x4018aee3, &(0x7f0000000140)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000080)})
r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a82616})
r4 = syz_kvm_add_vcpu$arm64(r1, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x5, 0x2, 0x4}}], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

50.753354772s ago: executing program 1 (id=556):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f000067b000/0x4000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x18)
r4 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x8, 0x40032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, r5, 0x600000c, 0x28031, 0xffffffffffffffff, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f00000003c0)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xd00, 0xf, 0x2}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0xffffffffffd)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r11 = syz_kvm_vgic_v3_setup(r8, 0x41, 0x100)
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000140)=@attr_other={0x0, 0x1, 0xe419, &(0x7f0000000180)=0x7})
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x10, r10, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x8010, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00005c5000/0x4000)=nil, 0x930, 0x200000c, 0x10010, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f46000/0x3000)=nil, 0x3000)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000200)=ANY=[@ANYBLOB="352c4671c6ff475ff21c78fbd0dc85aab802143ec3eb3110e5e4269c14324bda57c06dc13d7fa6862ebb0bf22484e8d230eb5038585ec3a0b6b839600f30ad210bb9cd8661ffb282f8b1c36add530161f088092b95c17c8131108b572c7acd857f2a74ab28cb97bc9bf715879a5b273073"])
r12 = openat$kvm(0x0, &(0x7f0000000100), 0x5c9f40, 0x0)
ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r13, 0xae04)

49.487164335s ago: executing program 3 (id=557):
openat$kvm(0x0, &(0x7f0000000100), 0x468080, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x468080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x3, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x3, 0xffffffffffffffff, 0x1})
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0)
ioctl$KVM_GET_API_VERSION(r2, 0xae00, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2c) (async)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2c)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000040)=@arm64_fw={0x6030000000140000, &(0x7f00000001c0)=0x10000})
r8 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, &(0x7f0000000240)=[@irq_setup={0x5, 0x18}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105}) (async)
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
eventfd2(0x2, 0x0) (async)
eventfd2(0x2, 0x0)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f00000000c0)={0xfe30, 0x7})
r10 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r12, r13, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6e0000000000000030000000000000000000dddd0080"], 0x30}], 0x1, 0x0, 0x0, 0x0) (async)
syz_kvm_setup_cpu$arm64(r12, r13, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6e0000000000000030000000000000000000dddd0080"], 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x37) (async)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x37)
ioctl$KVM_RUN(r13, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r14, 0xae04) (async)
r15 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r14, 0xae04)
mmap$KVM_VCPU(&(0x7f0000d38000/0x4000)=nil, r15, 0x3, 0x12, r9, 0x0)

40.177201962s ago: executing program 1 (id=558):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x2, 0x100)
r4 = eventfd2(0x1, 0x80001)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r4, 0x3})
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8400, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(0xffffffffffffffff, 0x4010aeb5, &(0x7f00000001c0)={0x5, 0x8})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4040aea0, &(0x7f0000000140)=@x86={0x92, 0x8, 0x0, 0x0, 0xf08, 0x2, 0x8, 0x6, 0x8, 0x2, 0x5, 0x4, 0x0, 0x3, 0x6, 0x1, 0x5, 0x7, 0x5, '\x00', 0x3, 0x5})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

33.12093245s ago: executing program 3 (id=559):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x2, 0x100) (async)
r4 = eventfd2(0x1, 0x80001)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r4, 0x3}) (async)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1}) (async, rerun: 64)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async, rerun: 64)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x20000000021) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) (async, rerun: 32)
mmap$KVM_VCPU(&(0x7f0000e2e000/0x1000)=nil, 0x0, 0x3000008, 0x810, 0xffffffffffffffff, 0x0) (async, rerun: 32)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000) (async, rerun: 32)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async, rerun: 32)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000f2a000/0x4000)=nil, 0x930, 0xf, 0x32, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async, rerun: 64)
r7 = eventfd2(0x8, 0x80800) (rerun: 64)
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xdddd1000, 0x0, r7}) (async)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async, rerun: 64)
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (rerun: 64)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f1, 0x8000}}, @msr={0x14, 0x20, {0x603000000013c4f2, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}, @msr={0x14, 0x20, {0x603000000013dce1, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce2, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce3, 0x8000}}, @irq_setup={0x46, 0x18, {0x2, 0x13e}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x118}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r12, 0x3, 0x11, r11, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8400, 0x0)

27.441099123s ago: executing program 1 (id=560):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000700)={0x7, 0x0})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000040)={0x7, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x9, 0x1, &(0x7f0000000040)=0xab})
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000000240)={0x200002f}) (async)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) (async)
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r12 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r12, 0x4010aeab, &(0x7f0000000100)=@arm64_ccsidr={0x6020000000110003, &(0x7f00000001c0)=0x7})

22.473762568s ago: executing program 3 (id=561):
r0 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000bff000/0x400000)=nil)
syz_kvm_vgic_v3_setup(r0, 0x3, 0x200)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r0, 0x4068aea3, &(0x7f0000000000)={0xdf, 0x0, 0x18000})
ioctl$KVM_SET_DEVICE_ATTR(r0, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000080)=0x1})
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r0, 0x4068aea3, &(0x7f0000000100))
ioctl$KVM_CAP_HALT_POLL(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000180)={0xb6, 0x0, 0x4})
ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000000200)={0x4, 0x101})
ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000240)={0x1, 0x6})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xe)
syz_kvm_setup_cpu$arm64(r2, r0, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000840)=[{0x0, &(0x7f0000000280)=[@irq_setup={0x46, 0x18, {0x4, 0x36c}}, @hvc={0x32, 0x40, {0x200, [0x4, 0xe, 0x8, 0xe, 0xd15]}}, @svc={0x122, 0x40, {0x80000000, [0x14f7, 0x8001, 0x81, 0x4, 0x2]}}, @msr={0x14, 0x20, {0x603000000013dea0, 0x7}}, @uexit={0x0, 0x18, 0x6}, @svc={0x122, 0x40, {0xc400000c, [0x1, 0x6, 0x8, 0x3, 0x9]}}, @uexit={0x0, 0x18}, @smc={0x1e, 0x40, {0x84000050, [0x9, 0x9, 0xf, 0x4, 0x9]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xf00, 0x2, 0xc}}, @uexit={0x0, 0x18, 0x6399}, @smc={0x1e, 0x40, {0xc4000012, [0xffff, 0x88, 0x2, 0xfffffffffffffff8, 0xd]}}, @svc={0x122, 0x40, {0xc4000004, [0x9, 0x9, 0x18000, 0x8001, 0x80000001]}}, @eret={0xe6, 0x18, 0x6}, @msr={0x14, 0x20, {0x6030000000138047, 0x4f}}, @smc={0x1e, 0x40, {0xc4000004, [0x7fff, 0xff, 0x5, 0x31]}}, @svc={0x122, 0x40, {0x8400000f, [0xd2c897d, 0x1000, 0xb, 0xffffffff00000001, 0x80]}}, @uexit={0x0, 0x18, 0x4}, @uexit={0x0, 0x18, 0x4}, @eret={0xe6, 0x18, 0x8}, @smc={0x1e, 0x40, {0x86000000, [0x8, 0x5, 0x61, 0x101, 0x9]}}, @smc={0x1e, 0x40, {0x84000014, [0x1, 0x0, 0x2, 0x76, 0x7]}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x4, 0x4, 0xb, 0x8250}}, @svc={0x122, 0x40, {0x1000000, [0x2a, 0x3, 0x4, 0xd, 0x1]}}, @eret={0xe6, 0x18}, @uexit={0x0, 0x18, 0x2}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x400, 0x8, 0x3}}, @svc={0x122, 0x40, {0x84000011, [0x8, 0x8, 0xffffffffffffffff, 0x40, 0x9]}}, @code={0xa, 0x9c, {"c08f8ad20040b0f2610080d2020080d2030080d2a40180d2020000d40000791ea09385d20080b0f2010080d2a20180d2030180d2440080d2020000d4007008d5007008d5606896d200e0b0f2410080d2a20080d2a30080d2840080d2020000d4009c006f0040241e201383d200e0b0f2410080d2420180d2a30180d2240080d2020000d4000008d5"}}, @svc={0x122, 0x40, {0x31000000, [0x1, 0x0, 0xfffffffffffffffe, 0x9, 0xc]}}], 0x594}], 0x1, 0x0, &(0x7f0000000880)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0xf)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000008c0)="f95f6463b7a5f6c788c4bebbf0154fca272aa269cbd25ef17d8181bb38e690000fb7498ae53781e8558c8384659acc71f9f42d935abcfc322fcd691bcc16cc8c12e6c70450e7cfa6", 0x0, 0x48)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000940)={0x36400000, 0x8})
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000cc1000/0x3000)=nil, r3, 0x2000001, 0x4010, r0, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r2, 0x4068aea3, &(0x7f0000000980)={0xdf, 0x0, 0x8000})
ioctl$KVM_SET_DEVICE_ATTR(r0, 0x4018aee1, &(0x7f0000000a40)=@attr_arm64={0x0, 0x8, 0x4, &(0x7f0000000a00)=0x7fffffff})
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000e57000/0x3000)=nil, r4, 0x4, 0x80010, r0, 0x0)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r2, 0x4068aea3, &(0x7f0000000a80))
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c2c000/0x1000)=nil, r5, 0x2000000, 0x8010, r0, 0x0)
write$eventfd(r0, &(0x7f0000000b00)=0xf731, 0x8)
ioctl$KVM_S390_VCPU_FAULT(r0, 0x4008ae52, &(0x7f0000000b40)=0x1)
mmap$KVM_VCPU(&(0x7f0000ecd000/0x3000)=nil, r4, 0x0, 0x10, r0, 0x0)
r6 = ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece)
syz_kvm_vgic_v3_setup(r6, 0x4, 0x100)

13.601061753s ago: executing program 1 (id=562):
r0 = mmap$KVM_VCPU(&(0x7f0000fff000/0x1000)=nil, 0x0, 0x0, 0x10010, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000000)="ca7ae925826ca4df7575673576fb51a447d7098bb68a42b4bdf03a77d8a3fe6b69400690aa6755212f1f2e09e485a9c497c75d6e3ad8702463f84f44a3bf39110ad283b5d85547a3", 0x0, 0x48)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x8)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f00000001c0)=[{0x0, &(0x7f0000000080)=[@smc={0x1e, 0x40, {0x0, [0xda03, 0xfffffffffffffffc, 0x5, 0x863, 0x3]}}, @mrs={0xbe, 0x18, {0x603000000013df56}}, @eret={0xe6, 0x18, 0x7}, @irq_setup={0x46, 0x18, {0x4, 0x77}}, @mrs={0xbe, 0x18, {0x603000000013df49}}, @svc={0x122, 0x40, {0x2, [0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff]}}, @svc={0x122, 0x40, {0xc400000c, [0x0, 0xd5d, 0x4000000000000, 0x7fffffff, 0x3]}}, @msr={0x14, 0x20, {0x603000000013c4d1, 0x80}}], 0x140}], 0x1, 0x0, &(0x7f0000000200)=[@featur2], 0x1)
r3 = ioctl$KVM_GET_STATS_FD_cpu(r2, 0xaece)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x39)
ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000000240)={0x4, [0x0, 0x0, 0x98a6, 0xb70]})
close(r3)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x183080, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f00000002c0)={0x10200, 0x5, 0x0, 0x2000, &(0x7f0000e5a000/0x2000)=nil})
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000340)=@arm64_extra={0x603000000013c03f, &(0x7f0000000300)=0x3})
ioctl$KVM_CHECK_EXTENSION_VM(r4, 0xae03, 0x71e)
ioctl$KVM_SIGNAL_MSI(r3, 0x4020aea5, &(0x7f0000000380)={0xd000, 0x0, 0x9, 0x0, 0x1})
syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000bc4000/0x400000)=nil, &(0x7f0000000440)=[{0x0, &(0x7f00000003c0)=[@uexit={0x0, 0x18, 0x2}, @irq_setup={0x46, 0x18, {0x1, 0x2ff}}, @eret={0xe6, 0x18, 0x7}, @memwrite={0x6e, 0x30, @generic={0x4000, 0x28c, 0x8605, 0x6}}], 0x78}], 0x1, 0x0, &(0x7f0000000480)=[@featur2={0x1, 0xf6}], 0x1)
r5 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece)
ioctl$KVM_RESET_DIRTY_RINGS(r5, 0xaec7)
close(r3)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
r7 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000a00)={0x0, &(0x7f00000004c0)=[@mrs={0xbe, 0x18, {0x603000000013c01d}}, @smc={0x1e, 0x40, {0x3f000000, [0x2, 0x200, 0x4, 0x1, 0x7ff]}}, @svc={0x122, 0x40, {0x4, [0x2, 0x7fffffff, 0x3, 0x0, 0x4]}}, @svc={0x122, 0x40, {0x54, [0xff, 0x200, 0x9, 0xe, 0xff]}}, @hvc={0x32, 0x40, {0x2, [0x7, 0x40, 0x19a0, 0x7, 0x200]}}, @msr={0x14, 0x20, {0x50280000001acb2d, 0x2}}, @code={0xa, 0xb4, {"20c287d200c0b8f2210180d2020080d2c30180d2640080d2020000d4000040f8007008d5401693d20060b8f2810080d2820080d2e30080d2840180d2020000d4c01982d20000b8f2210180d2020080d2430180d2240080d2020000d400fc205e000028d5007008d5c0d487d200a0b8f2810080d2a20180d2e30180d2640080d2020000d440d19cd200e0b8f2410080d2020080d2630180d2440180d2020000d4"}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x295}}, @irq_setup={0x46, 0x18, {0x2, 0x98}}, @smc={0x1e, 0x40, {0x84000005, [0x4, 0x4, 0xff, 0x6, 0x7]}}, @svc={0x122, 0x40, {0x2000, [0x8000000000000000, 0x200, 0x38, 0x9, 0x6]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1048, 0x9}}, @msr={0x14, 0x20, {0x603000000013c64b, 0x3}}, @uexit={0x0, 0x18, 0x7}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x3, 0xa, 0x4, 0xd, 0x1}}, @code={0xa, 0x84, {"00a0004f007008d5007008d540819cd200e0b0f2410080d2020180d2a30080d2840080d2020000d4e0ea97d20080b8f2410180d2420180d2a30180d2c40180d2020000d4007008d51020201e007008d560d689d200c0b0f2410080d2c20080d2e30180d2840180d2020000d40008a0f8"}}, @smc={0x1e, 0x40, {0x4600001b, [0x6, 0x7, 0x6, 0x1, 0x9]}}, @irq_setup={0x46, 0x18, {0x1, 0x103}}, @irq_setup={0x46, 0x18, {0x0, 0x27}}, @hvc={0x32, 0x40, {0xc4000007, [0x7ff, 0x4, 0xe, 0x6, 0xa823]}}, @msr={0x14, 0x20, {0x603000000013f090, 0x4}}, @mrs={0xbe, 0x18, {0x6030000000138007}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x50, 0x37, 0x5}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x100, 0x5, 0x8}}], 0x508}, &(0x7f0000000a40)=[@featur1={0x1, 0xe0}], 0x1)
mmap$KVM_VCPU(&(0x7f0000cc9000/0x1000)=nil, r6, 0x2, 0x2010, r7, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r4, 0x4010ae68, &(0x7f0000000a80)={0xffff1000, 0xc000, 0x1})
ioctl$KVM_SET_GSI_ROUTING(r5, 0x4008ae6a, &(0x7f0000000ac0)={0x6, 0x0, [{0x4, 0x3, 0x1, 0x0, @adapter={0x0, 0x30ac, 0x5fb, 0x9, 0x9}}, {0x31f, 0x1, 0x1, 0x0, @msi={0xa0, 0xffffff87, 0x497, 0x5}}, {0x2, 0x4, 0x0, 0x0, @irqchip={0xc, 0x7ff}}, {0x6, 0x2, 0x1, 0x0, @adapter={0x1, 0x1000, 0x401, 0x400, 0x4}}, {0x3, 0x3, 0x1, 0x0, @sint={0x2, 0x1000}}, {0x8, 0x3, 0x1, 0x0, @sint={0x1004, 0xfffffff0}}]})
ioctl$KVM_CLEAR_DIRTY_LOG(r3, 0xc018aec0, &(0x7f0000001000)={0x2710, 0x300, 0x2c0, &(0x7f0000000c00)=[0x4, 0x4, 0x40, 0x7, 0x9, 0x3, 0x7, 0x40, 0xfffffffffffffffe, 0x3, 0x7, 0x0, 0x7, 0x400, 0x2, 0x7, 0x1000, 0x7f, 0x2, 0x401, 0x200, 0xefc, 0x401, 0x9, 0x1, 0x4, 0x5, 0xf7, 0x800, 0xfffffc0000000000, 0x2, 0x6, 0xb2, 0x1, 0x7a3, 0x3, 0x0, 0x2, 0x2, 0x5, 0x7, 0x8, 0xf, 0x8, 0x8, 0x4, 0x7a, 0x1, 0x7fffffff, 0x9, 0x6, 0x6, 0x9, 0x8, 0x0, 0x80000001, 0x4, 0x0, 0x362, 0x5b1e, 0x6, 0x40, 0xb1, 0x7, 0x40, 0xd00000000, 0x536, 0x8, 0x4c, 0xff, 0xfffffffffffff000, 0x401, 0x0, 0x7fffffffffffffff, 0x8, 0x9, 0x80000000, 0xd, 0x0, 0x6, 0x0, 0x6, 0x1, 0x3f, 0x5, 0x4, 0x100000001, 0x8, 0x8, 0x6, 0x32810, 0x4, 0x4, 0x5, 0x4d3, 0x20000, 0x1, 0x100000001, 0xe14, 0x0, 0x16f, 0x9, 0x3ff, 0x6, 0x9, 0x7, 0x0, 0x7fff, 0x0, 0x7fff, 0x5, 0x9, 0x1ff, 0x4, 0x6, 0x5b, 0x8, 0x6, 0x7, 0x7fffffffffffffff, 0x9, 0x1, 0x9, 0x8, 0xfffffffffffffff9, 0x5, 0xffff, 0x5]})
r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_GET_VCPU_EVENTS(r8, 0x8040ae9f, &(0x7f0000001040))
munmap(&(0x7f0000d53000/0x2000)=nil, 0x2000)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r4, 0x4010ae74, &(0x7f0000001080)={0x4, 0x8, 0x81})
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r7, 0x4018aee3, &(0x7f0000001100)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f00000010c0)=0x3})
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000001140)={0xb, 0xffffffffffffffff, 0x1})

13.344744418s ago: executing program 3 (id=563):
r0 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c26000/0x4000)=nil, r0, 0x300000f, 0x10, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x2000000, 0x30, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000647000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x300000a, 0x53033, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0x0, &(0x7f00000000c0), 0x5911c2, 0x0)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000080)=@arm64_fw={0x6030000000140000, &(0x7f0000000000)=0x8001})
ioctl$KVM_CREATE_VM(r1, 0x401c5820, 0x20000000)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0x80111500, 0x20000000)
close(r1)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0x40049409, 0x0)
mmap$KVM_VCPU(&(0x7f0000dde000/0x4000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e5e000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
openat$kvm(0x0, &(0x7f0000000040), 0x2000, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xffffffffffffffff)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000280)=0x401000080a0000})
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r5, 0x300000a, 0x20010, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, r5, 0xe, 0x16831, 0xffffffffffffffff, 0x0)

4.495336722s ago: executing program 1 (id=564):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r1, &(0x7f00000003c0)={0x0, &(0x7f0000000280)=[@code={0xa, 0x84, {"008008d5007008d5c03a93d20020b8f2210180d2020180d2a30080d2a40180d2020000d40000409be0788ed200a0b0f2210180d2620180d2230180d2240080d2020000d4a00f93d20040b8f2010080d2420180d2a30180d2240080d2020000d4000028d500b8a12e007008d5007008d5"}}, @hvc={0x32, 0x40, {0x80003fff, [0x7f, 0x101, 0x8, 0xfd4a, 0x3]}}, @mrs={0xbe, 0x18, {0x72bf}}, @uexit={0x0, 0x18, 0xa4}, @svc={0x122, 0xfffffffffffffee3, {0xffff, [0x0, 0xded7, 0x2, 0xffffffffffffffff, 0x4e]}}], 0x134}, &(0x7f0000000400)=[@featur2={0x1, 0x5}], 0x1)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x3}}], 0x68}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r6, 0x3, 0x11, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r7, 0xfffffffffffffffe)
ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f0000000240)={0x2710, 0x0, &(0x7f0000c7b000/0x4000)=nil})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000040)={0x7, <r10=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r10, 0x4018aee2, &(0x7f00000001c0)=@attr_other={0x0, 0x0, 0x3, &(0x7f0000000180)=0x4})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r7, 0xffffffffffffffff)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r2, 0x4068aea3, &(0x7f0000000000))

0s ago: executing program 3 (id=565):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x2)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x32, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0xfffffffffffffffd, 0x5}}], 0x28}, 0x0, 0x0)
r7 = syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000300)=@attr_arm64={0x0, 0x4, 0x3, 0x0})
r9 = eventfd2(0x3, 0x1)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x4, 0xeeee0000, 0x2, r9, 0x3})

kernel console output (not intermixed with test programs):

[  380.995604][ T3152] 8021q: adding VLAN 0 to HW filter on device bond0
[  431.167314][ T3152] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:42400' (ED25519) to the list of known hosts.
[  596.551233][   T25] audit: type=1400 audit(595.780:60): avc:  denied  { name_bind } for  pid=3305 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  597.510000][   T25] audit: type=1400 audit(596.740:61): avc:  denied  { execute } for  pid=3306 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  597.535867][   T25] audit: type=1400 audit(596.770:62): avc:  denied  { execute_no_trans } for  pid=3306 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  619.974132][   T25] audit: type=1400 audit(619.210:63): avc:  denied  { mounton } for  pid=3306 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  620.020684][   T25] audit: type=1400 audit(619.240:64): avc:  denied  { mount } for  pid=3306 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  620.099896][ T3306] cgroup: Unknown subsys name 'net'
[  620.152733][   T25] audit: type=1400 audit(619.390:65): avc:  denied  { unmount } for  pid=3306 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  620.539912][ T3306] cgroup: Unknown subsys name 'cpuset'
[  620.643581][ T3306] cgroup: Unknown subsys name 'rlimit'
[  621.542401][   T25] audit: type=1400 audit(620.770:66): avc:  denied  { setattr } for  pid=3306 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  621.568222][   T25] audit: type=1400 audit(620.790:67): avc:  denied  { mounton } for  pid=3306 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  621.587078][   T25] audit: type=1400 audit(620.810:68): avc:  denied  { mount } for  pid=3306 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  622.796252][ T3309] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  622.816171][   T25] audit: type=1400 audit(622.050:69): avc:  denied  { relabelto } for  pid=3309 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  622.845879][   T25] audit: type=1400 audit(622.080:70): avc:  denied  { write } for  pid=3309 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  623.015747][   T25] audit: type=1400 audit(622.250:71): avc:  denied  { read } for  pid=3306 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  623.036038][   T25] audit: type=1400 audit(622.260:72): avc:  denied  { open } for  pid=3306 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  623.082735][ T3306] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  673.454491][   T25] audit: type=1400 audit(672.660:73): avc:  denied  { execmem } for  pid=3310 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  677.887492][   T25] audit: type=1400 audit(677.120:74): avc:  denied  { read } for  pid=3312 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  677.923761][   T25] audit: type=1400 audit(677.160:75): avc:  denied  { open } for  pid=3312 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  677.995050][   T25] audit: type=1400 audit(677.230:76): avc:  denied  { mounton } for  pid=3312 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  678.262935][   T25] audit: type=1400 audit(677.490:78): avc:  denied  { module_request } for  pid=3313 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  678.282377][   T25] audit: type=1400 audit(677.480:77): avc:  denied  { module_request } for  pid=3312 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  679.417024][   T25] audit: type=1400 audit(678.650:79): avc:  denied  { sys_module } for  pid=3313 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  709.187746][ T3313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  709.267248][ T3312] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  709.345421][ T3313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  709.555815][ T3312] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  721.681831][ T3313] hsr_slave_0: entered promiscuous mode
[  721.710707][ T3313] hsr_slave_1: entered promiscuous mode
[  722.568018][ T3312] hsr_slave_0: entered promiscuous mode
[  722.623448][ T3312] hsr_slave_1: entered promiscuous mode
[  722.653809][ T3312] debugfs: 'hsr0' already exists in 'hsr'
[  722.660532][ T3312] Cannot create hsr debugfs directory
[  728.200642][   T25] audit: type=1400 audit(727.430:80): avc:  denied  { create } for  pid=3313 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  728.262851][   T25] audit: type=1400 audit(727.490:81): avc:  denied  { write } for  pid=3313 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  728.290482][   T25] audit: type=1400 audit(727.520:82): avc:  denied  { read } for  pid=3313 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  728.463369][ T3313] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  728.823975][ T3313] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  729.134536][ T3313] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  729.496625][ T3313] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  730.982354][ T3312] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  731.163611][ T3312] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  731.375048][ T3312] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  731.583236][ T3312] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  744.443604][ T3313] 8021q: adding VLAN 0 to HW filter on device bond0
[  746.805260][ T3312] 8021q: adding VLAN 0 to HW filter on device bond0
[  803.412207][ T3313] veth0_vlan: entered promiscuous mode
[  803.887643][ T3313] veth1_vlan: entered promiscuous mode
[  805.916649][ T3313] veth0_macvtap: entered promiscuous mode
[  806.344958][ T3313] veth1_macvtap: entered promiscuous mode
[  806.406156][ T3312] veth0_vlan: entered promiscuous mode
[  807.212444][ T3312] veth1_vlan: entered promiscuous mode
[  808.521437][ T3384] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  808.541187][ T3384] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  808.660324][ T3384] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  808.681454][ T3384] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  810.327143][ T3312] veth0_macvtap: entered promiscuous mode
[  811.054405][ T3312] veth1_macvtap: entered promiscuous mode
[  811.206976][   T25] audit: type=1400 audit(810.350:83): avc:  denied  { mount } for  pid=3313 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  811.367294][   T25] audit: type=1400 audit(810.600:84): avc:  denied  { mounton } for  pid=3313 comm="syz-executor" path="/syzkaller.qz60Eo/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  811.541073][   T25] audit: type=1400 audit(810.770:85): avc:  denied  { mount } for  pid=3313 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  811.797644][   T25] audit: type=1400 audit(811.030:86): avc:  denied  { mounton } for  pid=3313 comm="syz-executor" path="/syzkaller.qz60Eo/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  811.946231][   T25] audit: type=1400 audit(811.180:87): avc:  denied  { mounton } for  pid=3313 comm="syz-executor" path="/syzkaller.qz60Eo/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3728 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  812.700154][   T25] audit: type=1400 audit(811.920:88): avc:  denied  { unmount } for  pid=3313 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  813.068397][   T25] audit: type=1400 audit(812.290:89): avc:  denied  { mounton } for  pid=3313 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  813.196770][   T25] audit: type=1400 audit(812.420:90): avc:  denied  { mount } for  pid=3313 comm="syz-executor" name="/" dev="gadgetfs" ino=3736 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  813.293653][ T3393] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  813.362354][ T3384] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  813.367791][ T3384] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  813.382702][ T3384] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  813.577056][   T25] audit: type=1400 audit(812.790:91): avc:  denied  { mount } for  pid=3313 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  813.676402][   T25] audit: type=1400 audit(812.910:92): avc:  denied  { mounton } for  pid=3313 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  815.285663][ T3313] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  827.496173][   T25] kauditd_printk_skb: 4 callbacks suppressed
[  827.524024][   T25] audit: type=1400 audit(826.700:97): avc:  denied  { read } for  pid=3465 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  827.632400][   T25] audit: type=1400 audit(826.840:98): avc:  denied  { open } for  pid=3465 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  828.540547][   T25] audit: type=1400 audit(827.750:99): avc:  denied  { ioctl } for  pid=3465 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  846.126807][   T25] audit: type=1400 audit(845.310:100): avc:  denied  { execute } for  pid=3473 comm="syz.0.3" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4048 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  857.101741][   T25] audit: type=1400 audit(856.320:101): avc:  denied  { write } for  pid=3482 comm="syz.0.6" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  870.746638][   T25] audit: type=1400 audit(869.970:102): avc:  denied  { append } for  pid=3491 comm="syz.0.9" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  904.876466][   T25] audit: type=1400 audit(904.110:103): avc:  denied  { map } for  pid=3516 comm="syz.0.17" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  904.951721][   T25] audit: type=1400 audit(904.180:104): avc:  denied  { execute } for  pid=3516 comm="syz.0.17" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1039.566475][   T25] audit: type=1400 audit(1038.780:105): avc:  denied  { ioctl } for  pid=3594 comm="syz.0.45" path="net:[4026532620]" dev="nsfs" ino=4026532620 ioctlcmd=0xb706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1091.083115][ T3623] kvm [3623]: Failed to find VMA for hva 0x20db5000
[ 1091.162385][ T3624] kvm [3624]: Failed to find VMA for hva 0x20db5000
[ 1127.416493][   T25] audit: type=1400 audit(1126.650:106): avc:  denied  { setattr } for  pid=3654 comm="syz.1.67" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1151.231451][ T3670] FAULT_INJECTION: forcing a failure.
[ 1151.231451][ T3670] name failslab, interval 1, probability 0, space 0, times 1
[ 1151.236862][ T3670] CPU: 0 UID: 0 PID: 3670 Comm: syz.0.72 Not tainted syzkaller #0 PREEMPT 
[ 1151.237502][ T3670] Hardware name: linux,dummy-virt (DT)
[ 1151.237989][ T3670] Call trace:
[ 1151.238419][ T3670]  show_stack+0x2c/0x3c (C)
[ 1151.240250][ T3670]  __dump_stack+0x30/0x40
[ 1151.240543][ T3670]  dump_stack_lvl+0xd8/0x12c
[ 1151.240750][ T3670]  dump_stack+0x1c/0x28
[ 1151.240945][ T3670]  should_fail_ex+0x570/0x6e0
[ 1151.241204][ T3670]  should_failslab+0xb8/0xec
[ 1151.241501][ T3670]  __kmalloc_noprof+0xdc/0x4b8
[ 1151.241751][ T3670]  tomoyo_realpath_from_path+0xdc/0x628
[ 1151.242036][ T3670]  tomoyo_path_number_perm+0x13c/0x33c
[ 1151.242261][ T3670]  tomoyo_file_ioctl+0x2c/0x3c
[ 1151.242534][ T3670]  security_file_ioctl+0xe8/0x2f0
[ 1151.242799][ T3670]  __arm64_sys_ioctl+0xd0/0x244
[ 1151.243076][ T3670]  invoke_syscall+0x90/0x2b4
[ 1151.243377][ T3670]  el0_svc_common+0x180/0x2f4
[ 1151.243670][ T3670]  do_el0_svc+0x58/0x74
[ 1151.243945][ T3670]  el0_svc+0x58/0x164
[ 1151.244159][ T3670]  el0t_64_sync_handler+0x84/0x12c
[ 1151.244398][ T3670]  el0t_64_sync+0x198/0x19c
[ 1151.427665][ T3670] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1166.807194][ T3681] FAULT_INJECTION: forcing a failure.
[ 1166.807194][ T3681] name failslab, interval 1, probability 0, space 0, times 0
[ 1166.855688][ T3681] CPU: 0 UID: 0 PID: 3681 Comm: syz.1.77 Not tainted syzkaller #0 PREEMPT 
[ 1166.856074][ T3681] Hardware name: linux,dummy-virt (DT)
[ 1166.856182][ T3681] Call trace:
[ 1166.856260][ T3681]  show_stack+0x2c/0x3c (C)
[ 1166.856645][ T3681]  __dump_stack+0x30/0x40
[ 1166.856844][ T3681]  dump_stack_lvl+0xd8/0x12c
[ 1166.857034][ T3681]  dump_stack+0x1c/0x28
[ 1166.857226][ T3681]  should_fail_ex+0x570/0x6e0
[ 1166.857512][ T3681]  should_failslab+0xb8/0xec
[ 1166.857789][ T3681]  __kmalloc_noprof+0xdc/0x4b8
[ 1166.858081][ T3681]  tomoyo_encode+0x27c/0x4ec
[ 1166.858351][ T3681]  tomoyo_realpath_from_path+0x5bc/0x628
[ 1166.858666][ T3681]  tomoyo_path_number_perm+0x13c/0x33c
[ 1166.858901][ T3681]  tomoyo_file_ioctl+0x2c/0x3c
[ 1166.859153][ T3681]  security_file_ioctl+0xe8/0x2f0
[ 1166.859430][ T3681]  __arm64_sys_ioctl+0xd0/0x244
[ 1166.859723][ T3681]  invoke_syscall+0x90/0x2b4
[ 1166.859999][ T3681]  el0_svc_common+0x180/0x2f4
[ 1166.860288][ T3681]  do_el0_svc+0x58/0x74
[ 1166.860566][ T3681]  el0_svc+0x58/0x164
[ 1166.860776][ T3681]  el0t_64_sync_handler+0x84/0x12c
[ 1166.860987][ T3681]  el0t_64_sync+0x198/0x19c
[ 1166.950150][ T3681] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1195.426223][ T3694] FAULT_INJECTION: forcing a failure.
[ 1195.426223][ T3694] name fail_usercopy, interval 1, probability 0, space 0, times 1
[ 1195.462604][ T3694] CPU: 0 UID: 0 PID: 3694 Comm: syz.1.82 Not tainted syzkaller #0 PREEMPT 
[ 1195.462987][ T3694] Hardware name: linux,dummy-virt (DT)
[ 1195.463094][ T3694] Call trace:
[ 1195.463174][ T3694]  show_stack+0x2c/0x3c (C)
[ 1195.463557][ T3694]  __dump_stack+0x30/0x40
[ 1195.463778][ T3694]  dump_stack_lvl+0xd8/0x12c
[ 1195.463976][ T3694]  dump_stack+0x1c/0x28
[ 1195.464160][ T3694]  should_fail_ex+0x570/0x6e0
[ 1195.464430][ T3694]  should_fail+0x14/0x24
[ 1195.464681][ T3694]  should_fail_usercopy+0x20/0x30
[ 1195.464935][ T3694]  _inline_copy_from_user+0x3c/0x18c
[ 1195.465188][ T3694]  kvm_arch_vcpu_ioctl+0x388/0x16b0
[ 1195.465444][ T3694]  kvm_vcpu_ioctl+0x5c4/0xc2c
[ 1195.465721][ T3694]  __arm64_sys_ioctl+0x18c/0x244
[ 1195.466040][ T3694]  invoke_syscall+0x90/0x2b4
[ 1195.466333][ T3694]  el0_svc_common+0x180/0x2f4
[ 1195.466639][ T3694]  do_el0_svc+0x58/0x74
[ 1195.466911][ T3694]  el0_svc+0x58/0x164
[ 1195.467128][ T3694]  el0t_64_sync_handler+0x84/0x12c
[ 1195.467370][ T3694]  el0t_64_sync+0x198/0x19c
[ 1229.928259][ T3709] FAULT_INJECTION: forcing a failure.
[ 1229.928259][ T3709] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1229.953967][ T3709] CPU: 0 UID: 0 PID: 3709 Comm: syz.0.87 Not tainted syzkaller #0 PREEMPT 
[ 1229.954325][ T3709] Hardware name: linux,dummy-virt (DT)
[ 1229.954448][ T3709] Call trace:
[ 1229.954529][ T3709]  show_stack+0x2c/0x3c (C)
[ 1229.954884][ T3709]  __dump_stack+0x30/0x40
[ 1229.955086][ T3709]  dump_stack_lvl+0xd8/0x12c
[ 1229.955295][ T3709]  dump_stack+0x1c/0x28
[ 1229.955510][ T3709]  should_fail_ex+0x570/0x6e0
[ 1229.955766][ T3709]  should_fail+0x14/0x24
[ 1229.956036][ T3709]  should_fail_usercopy+0x20/0x30
[ 1229.956306][ T3709]  _inline_copy_from_user+0x3c/0x18c
[ 1229.956564][ T3709]  kvm_arm_set_reg+0x3d4/0xe34
[ 1229.956789][ T3709]  kvm_arch_vcpu_ioctl+0x5cc/0x16b0
[ 1229.957044][ T3709]  kvm_vcpu_ioctl+0x5c4/0xc2c
[ 1229.957323][ T3709]  __arm64_sys_ioctl+0x18c/0x244
[ 1229.957624][ T3709]  invoke_syscall+0x90/0x2b4
[ 1229.957932][ T3709]  el0_svc_common+0x180/0x2f4
[ 1229.958214][ T3709]  do_el0_svc+0x58/0x74
[ 1229.958507][ T3709]  el0_svc+0x58/0x164
[ 1229.958720][ T3709]  el0t_64_sync_handler+0x84/0x12c
[ 1229.958939][ T3709]  el0t_64_sync+0x198/0x19c
[ 1334.843528][ T3769] kvm [3769]: Failed to find VMA for hva 0x21016000
[ 1602.022989][ T3858] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1602.423830][ T3858] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1613.231892][ T3863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1613.584764][ T3863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1630.952952][ T3858] hsr_slave_0: entered promiscuous mode
[ 1631.033767][ T3858] hsr_slave_1: entered promiscuous mode
[ 1631.090446][ T3858] debugfs: 'hsr0' already exists in 'hsr'
[ 1631.100867][ T3858] Cannot create hsr debugfs directory
[ 1642.066777][ T3863] hsr_slave_0: entered promiscuous mode
[ 1642.258253][ T3863] hsr_slave_1: entered promiscuous mode
[ 1642.408206][ T3863] debugfs: 'hsr0' already exists in 'hsr'
[ 1642.512641][ T3863] Cannot create hsr debugfs directory
[ 1648.857213][ T3858] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1650.020608][ T3858] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1651.655410][ T3858] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1653.427217][ T3858] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1655.062052][   T21] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1655.767495][   T21] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1656.491811][   T21] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1657.476639][   T21] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1663.326797][ T3863] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1663.656727][ T3863] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1664.883940][ T3863] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1665.278490][ T3863] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1679.653881][   T21] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1680.006979][   T21] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1680.355075][   T21] bond0 (unregistering): Released all slaves
[ 1682.374990][   T21] hsr_slave_0: left promiscuous mode
[ 1682.436068][   T21] hsr_slave_1: left promiscuous mode
[ 1682.960598][   T21] veth1_macvtap: left promiscuous mode
[ 1682.964615][   T21] veth0_macvtap: left promiscuous mode
[ 1682.992387][   T21] veth1_vlan: left promiscuous mode
[ 1683.004338][   T21] veth0_vlan: left promiscuous mode
[ 1702.147220][   T21] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1703.188348][   T21] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1704.334406][   T21] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1705.221837][ T3858] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1705.861463][   T21] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1724.316826][   T21] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1724.602554][   T21] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1724.782403][   T21] bond0 (unregistering): Released all slaves
[ 1726.909779][   T21] hsr_slave_0: left promiscuous mode
[ 1726.991300][   T21] hsr_slave_1: left promiscuous mode
[ 1727.634795][   T21] veth1_macvtap: left promiscuous mode
[ 1727.637810][   T21] veth0_macvtap: left promiscuous mode
[ 1727.671402][   T21] veth1_vlan: left promiscuous mode
[ 1727.680767][   T21] veth0_vlan: left promiscuous mode
[ 1750.527659][ T3863] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1823.698029][ T3858] veth0_vlan: entered promiscuous mode
[ 1824.491845][ T3858] veth1_vlan: entered promiscuous mode
[ 1826.844872][ T3858] veth0_macvtap: entered promiscuous mode
[ 1827.354516][ T3858] veth1_macvtap: entered promiscuous mode
[ 1829.970785][ T3853] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1829.984557][ T3349] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1830.011599][ T3349] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1830.079945][ T3349] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1844.232150][ T3863] veth0_vlan: entered promiscuous mode
[ 1845.403302][ T3863] veth1_vlan: entered promiscuous mode
[ 1849.037623][ T3863] veth0_macvtap: entered promiscuous mode
[ 1849.495270][ T3863] veth1_macvtap: entered promiscuous mode
[ 1853.199587][ T3393] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1853.201056][ T3393] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1853.256339][ T3393] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1853.265128][ T3393] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3352.314639][ T4869] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3352.652456][ T4869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3360.596378][ T4872] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3360.951430][ T4872] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3386.107447][ T4869] hsr_slave_0: entered promiscuous mode
[ 3386.196572][ T4869] hsr_slave_1: entered promiscuous mode
[ 3393.993409][ T4872] hsr_slave_0: entered promiscuous mode
[ 3394.027761][ T4872] hsr_slave_1: entered promiscuous mode
[ 3394.055086][ T4872] debugfs: 'hsr0' already exists in 'hsr'
[ 3394.058193][ T4872] Cannot create hsr debugfs directory
[ 3404.349928][ T4869] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 3405.440527][ T4869] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 3407.143340][ T4869] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 3408.060792][ T4869] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 3418.384600][ T4872] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 3418.975656][ T4872] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 3419.573807][ T4872] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 3420.251922][ T4872] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 3450.086728][ T4942] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3451.292457][ T4942] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3452.525463][ T4942] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3453.332698][ T4942] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3458.297951][ T4869] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3470.410101][ T4942] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3470.644849][ T4942] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3470.831587][ T4942] bond0 (unregistering): Released all slaves
[ 3473.771573][ T4942] hsr_slave_0: left promiscuous mode
[ 3474.150336][ T4942] hsr_slave_1: left promiscuous mode
[ 3474.739992][ T4942] veth1_macvtap: left promiscuous mode
[ 3474.741261][ T4942] veth0_macvtap: left promiscuous mode
[ 3474.772183][ T4942] veth1_vlan: left promiscuous mode
[ 3474.783079][ T4942] veth0_vlan: left promiscuous mode
[ 3498.835347][ T4872] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3502.027279][ T4942] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3504.002214][ T4942] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3505.538199][ T4942] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3507.285057][ T4942] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3529.633744][ T4942] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3530.081059][ T4942] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3530.338005][ T4942] bond0 (unregistering): Released all slaves
[ 3532.705516][ T4942] hsr_slave_0: left promiscuous mode
[ 3532.846170][ T4942] hsr_slave_1: left promiscuous mode
[ 3533.570845][ T4942] veth1_macvtap: left promiscuous mode
[ 3533.573217][ T4942] veth0_macvtap: left promiscuous mode
[ 3533.594494][ T4942] veth1_vlan: left promiscuous mode
[ 3533.612786][ T4942] veth0_vlan: left promiscuous mode
[ 3667.442476][ T4872] veth0_vlan: entered promiscuous mode
[ 3668.395471][ T4869] veth0_vlan: entered promiscuous mode
[ 3669.483350][ T4872] veth1_vlan: entered promiscuous mode
[ 3670.373907][ T4869] veth1_vlan: entered promiscuous mode
[ 3674.963331][ T4872] veth0_macvtap: entered promiscuous mode
[ 3675.755690][ T4869] veth0_macvtap: entered promiscuous mode
[ 3676.223651][ T4872] veth1_macvtap: entered promiscuous mode
[ 3677.204928][ T4869] veth1_macvtap: entered promiscuous mode
[ 3681.201771][ T3936] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3681.205582][ T3936] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3681.230244][ T3936] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3681.301801][ T3936] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3681.854793][ T3936] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3681.856262][ T3936] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3681.865328][ T3936] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3681.873783][ T3936] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3716.682556][   T25] audit: type=1400 audit(3715.890:107): avc:  denied  { map } for  pid=5094 comm="syz.4.348" path="pipe:[21652]" dev="pipefs" ino=21652 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 3913.305976][ T3393] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3915.471678][ T3393] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3917.614487][ T3393] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3919.536621][ T3393] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3942.992946][ T3393] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3943.292318][ T3393] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3943.438322][ T3393] bond0 (unregistering): Released all slaves
[ 3947.432361][ T3393] hsr_slave_0: left promiscuous mode
[ 3948.042837][ T3393] hsr_slave_1: left promiscuous mode
[ 3949.030899][ T3393] veth1_macvtap: left promiscuous mode
[ 3949.047388][ T3393] veth0_macvtap: left promiscuous mode
[ 3949.072167][ T3393] veth1_vlan: left promiscuous mode
[ 3949.105532][ T3393] veth0_vlan: left promiscuous mode
[ 3977.877961][ T3393] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3979.716655][ T3393] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3981.127047][ T3393] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3982.433280][ T3393] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4002.158116][ T3393] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4002.287583][ T3393] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4002.403771][ T3393] bond0 (unregistering): Released all slaves
[ 4004.663168][ T3393] hsr_slave_0: left promiscuous mode
[ 4004.732252][ T3393] hsr_slave_1: left promiscuous mode
[ 4005.170071][ T3393] veth1_macvtap: left promiscuous mode
[ 4005.171358][ T3393] veth0_macvtap: left promiscuous mode
[ 4005.214157][ T3393] veth1_vlan: left promiscuous mode
[ 4005.232352][ T3393] veth0_vlan: left promiscuous mode
[ 4059.790240][ T5179] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4060.112197][ T5179] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4066.041805][ T5184] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4066.356000][ T5184] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4094.396981][ T5179] hsr_slave_0: entered promiscuous mode
[ 4094.516878][ T5179] hsr_slave_1: entered promiscuous mode
[ 4102.086188][ T5184] hsr_slave_0: entered promiscuous mode
[ 4102.125487][ T5184] hsr_slave_1: entered promiscuous mode
[ 4102.165934][ T5184] debugfs: 'hsr0' already exists in 'hsr'
[ 4102.176288][ T5184] Cannot create hsr debugfs directory
[ 4116.637099][ T5179] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 4117.392108][ T5179] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 4117.998098][ T5179] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 4119.360214][ T5179] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 4123.741539][ T5184] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 4124.057927][ T5184] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 4124.541882][ T5184] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 4124.866862][ T5184] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 4158.373899][ T5179] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4163.355114][ T5184] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4313.552831][ T5179] veth0_vlan: entered promiscuous mode
[ 4314.698385][ T5179] veth1_vlan: entered promiscuous mode
[ 4319.883616][ T5184] veth0_vlan: entered promiscuous mode
[ 4320.972283][ T5179] veth0_macvtap: entered promiscuous mode
[ 4322.052241][ T5184] veth1_vlan: entered promiscuous mode
[ 4322.496655][ T5179] veth1_macvtap: entered promiscuous mode
[ 4328.635086][ T3936] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4328.661604][ T3931] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4328.702123][ T3393] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4328.730120][ T4876] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4328.745308][ T5184] veth0_macvtap: entered promiscuous mode
[ 4330.411913][ T5184] veth1_macvtap: entered promiscuous mode
[ 4337.681522][ T3936] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4337.700936][ T3936] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4337.732235][ T3936] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4337.740799][ T3936] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4604.884093][ T5350] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4607.044586][ T5350] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4608.666245][ T5350] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4610.573099][ T5350] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4638.000912][ T5350] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4638.605660][ T5350] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4638.822535][ T5350] bond0 (unregistering): Released all slaves
[ 4641.441809][ T5350] hsr_slave_0: left promiscuous mode
[ 4641.631822][ T5350] hsr_slave_1: left promiscuous mode
[ 4642.652817][ T5350] veth1_macvtap: left promiscuous mode
[ 4642.666233][ T5350] veth0_macvtap: left promiscuous mode
[ 4642.695228][ T5350] veth1_vlan: left promiscuous mode
[ 4642.724507][ T5350] veth0_vlan: left promiscuous mode
[ 4677.432060][ T5350] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4679.472867][ T5350] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4681.136906][ T5350] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4683.007564][ T5350] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4713.015652][ T5350] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4713.165383][ T5350] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4713.295124][ T5350] bond0 (unregistering): Released all slaves
[ 4715.531037][ T5350] hsr_slave_0: left promiscuous mode
[ 4715.655766][ T5350] hsr_slave_1: left promiscuous mode
[ 4716.456865][ T5350] veth1_macvtap: left promiscuous mode
[ 4716.520535][ T5350] veth0_macvtap: left promiscuous mode
[ 4716.541882][ T5350] veth1_vlan: left promiscuous mode
[ 4716.552991][ T5350] veth0_vlan: left promiscuous mode
[ 4773.342215][ T5531] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4773.722446][ T5531] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4782.324197][ T5536] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4782.711619][ T5536] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4813.937390][ T5531] hsr_slave_0: entered promiscuous mode
[ 4814.063819][ T5531] hsr_slave_1: entered promiscuous mode
[ 4828.588033][ T5536] hsr_slave_0: entered promiscuous mode
[ 4828.658014][ T5536] hsr_slave_1: entered promiscuous mode
[ 4828.750564][ T5536] debugfs: 'hsr0' already exists in 'hsr'
[ 4828.757146][ T5536] Cannot create hsr debugfs directory
[ 4842.614257][ T5531] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 4843.697140][ T5531] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 4844.651517][ T5531] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 4844.894879][ T5531] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 4856.008384][ T5536] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 4856.435994][ T5536] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 4857.013968][ T5536] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 4857.792973][ T5536] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 4889.816531][ T5531] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4901.342461][ T5536] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5082.105715][ T5531] veth0_vlan: entered promiscuous mode
[ 5083.965674][ T5531] veth1_vlan: entered promiscuous mode
[ 5088.434177][ T5531] veth0_macvtap: entered promiscuous mode
[ 5089.246121][ T5531] veth1_macvtap: entered promiscuous mode
[ 5095.505469][ T5746] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5095.514437][ T5746] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5095.632653][ T5746] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5095.646555][ T5746] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5095.852327][ T5536] veth0_vlan: entered promiscuous mode
[ 5099.015336][ T5536] veth1_vlan: entered promiscuous mode
[ 5106.666028][ T5536] veth0_macvtap: entered promiscuous mode
[ 5108.109397][ T5536] veth1_macvtap: entered promiscuous mode
[ 5113.932961][ T5746] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5113.934581][ T5746] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5114.114242][ T5746] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5114.337867][ T3866] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5313.550112][ T4973] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5316.426048][ T4973] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5319.550434][ T4973] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5322.991041][ T4973] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5366.790952][ T4973] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5367.326479][ T4973] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5368.422949][ T4973] bond0 (unregistering): Released all slaves
[ 5373.342944][ T4973] hsr_slave_0: left promiscuous mode
[ 5373.531893][ T4973] hsr_slave_1: left promiscuous mode
[ 5374.301359][ T4973] veth1_macvtap: left promiscuous mode
[ 5374.302824][ T4973] veth0_macvtap: left promiscuous mode
[ 5374.312704][ T4973] veth1_vlan: left promiscuous mode
[ 5374.395110][ T4973] veth0_vlan: left promiscuous mode
[ 5414.684747][ T4942] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5416.936526][ T4942] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5419.737158][ T4942] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5421.933501][ T4942] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5455.987148][ T4942] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5456.154993][ T4942] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5456.217866][ T4942] bond0 (unregistering): Released all slaves
[ 5460.070502][ T4942] hsr_slave_0: left promiscuous mode
[ 5460.307648][ T4942] hsr_slave_1: left promiscuous mode
[ 5461.248341][ T4942] veth1_macvtap: left promiscuous mode
[ 5461.361995][ T4942] veth0_macvtap: left promiscuous mode
[ 5461.384699][ T4942] veth1_vlan: left promiscuous mode
[ 5461.420670][ T4942] veth0_vlan: left promiscuous mode
[ 5503.162014][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5503.725952][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5529.076190][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5529.573984][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5545.612266][ T5826] hsr_slave_0: entered promiscuous mode
[ 5545.753629][ T5826] hsr_slave_1: entered promiscuous mode
[ 5581.086540][ T5838] hsr_slave_0: entered promiscuous mode
[ 5581.204838][ T5838] hsr_slave_1: entered promiscuous mode
[ 5581.311416][ T5838] debugfs: 'hsr0' already exists in 'hsr'
[ 5581.321314][ T5838] Cannot create hsr debugfs directory
[ 5590.687157][ T5826] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 5591.392205][ T5826] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 5592.671188][ T5826] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 5593.721917][ T5826] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 5623.672934][ T5838] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 5624.695868][ T5838] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 5625.292803][ T5838] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 5625.952925][ T5838] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 5641.794534][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5666.484090][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5797.602434][ T5826] veth0_vlan: entered promiscuous mode
[ 5798.769324][ T5826] veth1_vlan: entered promiscuous mode
[ 5803.409224][ T5826] veth0_macvtap: entered promiscuous mode
[ 5804.233247][ T5826] veth1_macvtap: entered promiscuous mode
[ 5808.708167][ T5848] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5808.749899][ T3866] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5808.793168][ T4942] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5808.804199][   T21] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5826.721449][ T5838] veth0_vlan: entered promiscuous mode
[ 5828.623500][ T5838] veth1_vlan: entered promiscuous mode
[ 5834.266389][ T5838] veth0_macvtap: entered promiscuous mode
[ 5835.169355][ T5838] veth1_macvtap: entered promiscuous mode
[ 5840.800240][ T3936] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5840.802153][ T3936] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5840.810986][ T3936] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5840.811879][ T3936] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 6097.044046][   T51] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6100.384497][   T51] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6103.714167][   T51] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6107.068009][   T51] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6148.345748][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 6149.254712][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 6149.674727][   T51] bond0 (unregistering): Released all slaves
[ 6153.743139][   T51] hsr_slave_0: left promiscuous mode
[ 6154.254959][   T51] hsr_slave_1: left promiscuous mode
[ 6155.740972][   T51] veth1_macvtap: left promiscuous mode
[ 6155.762962][   T51] veth0_macvtap: left promiscuous mode
[ 6155.791856][   T51] veth1_vlan: left promiscuous mode
[ 6155.833368][   T51] veth0_vlan: left promiscuous mode
[ 6307.173470][ T6185] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6307.744286][ T6185] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6365.043940][ T6185] hsr_slave_0: entered promiscuous mode
[ 6365.246523][ T6185] hsr_slave_1: entered promiscuous mode
[ 6413.107374][ T6185] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 6413.912361][ T6185] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 6414.328126][ T6185] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 6414.991834][ T6185] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 6461.227934][ T6185] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6564.856982][ T3393] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6567.104068][ T3393] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6569.496841][ T3393] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6571.687939][ T3393] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6604.516280][ T3393] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 6604.898234][ T3393] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 6605.175286][ T3393] bond0 (unregistering): Released all slaves
[ 6608.906148][ T3393] hsr_slave_0: left promiscuous mode
[ 6609.023472][ T3393] hsr_slave_1: left promiscuous mode
[ 6609.510662][ T3393] veth1_macvtap: left promiscuous mode
[ 6609.514109][ T3393] veth0_macvtap: left promiscuous mode
[ 6609.545484][ T3393] veth1_vlan: left promiscuous mode
[ 6609.562122][ T3393] veth0_vlan: left promiscuous mode
[ 6709.621533][ T6384] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6711.286529][ T6384] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6736.873672][ T4604] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 6737.066233][ T4604] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 6737.216475][ T4604] bond0 (unregistering): Released all slaves
[ 6741.131457][ T4604] hsr_slave_0: left promiscuous mode
[ 6741.256302][ T4604] hsr_slave_1: left promiscuous mode
[ 6793.155856][ T6384] hsr_slave_0: entered promiscuous mode
[ 6793.275546][ T6384] hsr_slave_1: entered promiscuous mode
[ 6825.997121][ T6384] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 6826.427414][ T6384] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 6827.057241][ T6384] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 6827.617545][ T6384] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 6832.301727][ T6461] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6832.744727][ T6461] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6861.582084][ T6384] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6872.276687][ T6461] hsr_slave_0: entered promiscuous mode
[ 6872.435290][ T6461] hsr_slave_1: entered promiscuous mode
[ 6872.541584][ T6461] debugfs: 'hsr0' already exists in 'hsr'
[ 6872.552024][ T6461] Cannot create hsr debugfs directory
[ 6907.227269][ T6461] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 6907.737828][ T6461] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 6908.112438][ T6461] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 6908.633098][ T6461] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 6941.826539][ T6461] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7003.474711][ T6384] veth0_vlan: entered promiscuous mode
[ 7004.832845][ T6384] veth1_vlan: entered promiscuous mode
[ 7008.675598][ T6384] veth0_macvtap: entered promiscuous mode
[ 7009.572463][ T6384] veth1_macvtap: entered promiscuous mode
[ 7013.810033][ T4942] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 7013.817169][ T4942] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 7013.828027][ T4942] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 7013.882025][ T5557] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 7096.541989][ T6461] veth0_vlan: entered promiscuous mode
[ 7098.005228][ T6461] veth1_vlan: entered promiscuous mode
[ 7103.333117][ T6461] veth0_macvtap: entered promiscuous mode
[ 7104.061755][ T6461] veth1_macvtap: entered promiscuous mode
[ 7109.431286][ T3936] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 7109.441010][ T3936] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 7109.454975][ T3936] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 7109.530711][ T3936] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 7237.867993][ T4942] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7241.266719][ T4942] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7244.568454][ T4942] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7247.602225][ T4942] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7275.948015][ T4942] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 7276.163971][ T4942] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 7276.352146][ T4942] bond0 (unregistering): Released all slaves
[ 7279.640792][ T4942] hsr_slave_0: left promiscuous mode
[ 7279.716833][ T4942] hsr_slave_1: left promiscuous mode
[ 7280.931630][ T4942] veth1_macvtap: left promiscuous mode
[ 7280.936073][ T4942] veth0_macvtap: left promiscuous mode
[ 7280.951885][ T4942] veth1_vlan: left promiscuous mode
[ 7280.981357][ T4942] veth0_vlan: left promiscuous mode
[ 7319.176136][ T4942] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7320.574485][ T4942] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7322.244639][ T4942] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7323.781486][ T4942] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7344.861760][ T4942] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 7345.194316][ T4942] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 7345.424922][ T4942] bond0 (unregistering): Released all slaves
[ 7349.550941][ T4942] hsr_slave_0: left promiscuous mode
[ 7349.723223][ T4942] hsr_slave_1: left promiscuous mode
[ 7350.675415][ T4942] veth1_macvtap: left promiscuous mode
[ 7350.691493][ T4942] veth0_macvtap: left promiscuous mode
[ 7350.741087][ T4942] veth1_vlan: left promiscuous mode
[ 7350.764195][ T4942] veth0_vlan: left promiscuous mode
[ 7405.361958][ T6734] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7406.265298][ T6734] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7406.481712][ T6731] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7407.506490][ T6731] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7446.131260][ T6734] hsr_slave_0: entered promiscuous mode
[ 7446.186160][ T6734] hsr_slave_1: entered promiscuous mode
[ 7449.156669][ T6731] hsr_slave_0: entered promiscuous mode
[ 7449.197079][ T6731] hsr_slave_1: entered promiscuous mode
[ 7449.294509][ T6731] debugfs: 'hsr0' already exists in 'hsr'
[ 7449.305653][ T6731] Cannot create hsr debugfs directory
[ 7483.018027][ T6734] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 7483.827951][ T6734] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 7484.716202][ T6734] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 7485.391568][ T6734] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 7491.974328][ T6731] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 7492.513047][ T6731] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 7492.808041][ T6731] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 7493.341146][ T6731] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 7519.394085][ T6734] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7524.773504][ T6731] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7664.796010][ T6734] veth0_vlan: entered promiscuous mode
[ 7666.087057][ T6734] veth1_vlan: entered promiscuous mode
[ 7669.734920][ T6734] veth0_macvtap: entered promiscuous mode
[ 7670.998198][ T6734] veth1_macvtap: entered promiscuous mode
[ 7673.201907][ T6731] veth0_vlan: entered promiscuous mode
[ 7675.177093][ T6731] veth1_vlan: entered promiscuous mode
[ 7677.423445][   T51] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 7677.443333][   T51] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 7677.454167][   T51] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 7677.465051][   T51] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 7682.514575][ T6731] veth0_macvtap: entered promiscuous mode
[ 7683.614076][ T6731] veth1_macvtap: entered promiscuous mode
[ 7688.212983][ T4604] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 7688.278064][   T21] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 7688.341869][   T21] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 7688.342837][   T21] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 7901.824940][ T6400] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7904.083348][ T6400] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7906.078087][ T6400] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7908.073759][ T6400] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7933.658392][ T6400] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 7933.961504][ T6400] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 7934.136615][ T6400] bond0 (unregistering): Released all slaves
[ 7936.390773][ T6400] hsr_slave_0: left promiscuous mode
[ 7936.512242][ T6400] hsr_slave_1: left promiscuous mode
[ 7937.163980][ T6400] veth1_macvtap: left promiscuous mode
[ 7937.175878][ T6400] veth0_macvtap: left promiscuous mode
[ 7937.182314][ T6400] veth1_vlan: left promiscuous mode
[ 7937.214516][ T6400] veth0_vlan: left promiscuous mode
[ 7966.325602][ T6400] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7968.210556][ T6400] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7970.286980][ T6400] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7972.572550][ T6400] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7994.141492][ T6400] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 7994.734481][ T6400] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 7995.164858][ T6400] bond0 (unregistering): Released all slaves
[ 7997.347928][ T6400] hsr_slave_0: left promiscuous mode
[ 7997.376648][ T6400] hsr_slave_1: left promiscuous mode
[ 7997.598196][ T6400] veth1_macvtap: left promiscuous mode
[ 7997.605666][ T6400] veth0_macvtap: left promiscuous mode
[ 7997.614231][ T6400] veth1_vlan: left promiscuous mode
[ 7997.623439][ T6400] veth0_vlan: left promiscuous mode
[ 8052.855936][ T7088] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8053.191805][ T7088] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8056.005411][ T7091] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8056.274862][ T7091] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8085.258035][ T7088] hsr_slave_0: entered promiscuous mode
[ 8085.415613][ T7088] hsr_slave_1: entered promiscuous mode
[ 8089.797826][ T7091] hsr_slave_0: entered promiscuous mode
[ 8089.924095][ T7091] hsr_slave_1: entered promiscuous mode
[ 8089.993216][ T7091] debugfs: 'hsr0' already exists in 'hsr'
[ 8090.023826][ T7091] Cannot create hsr debugfs directory
[ 8114.857590][ T7088] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 8115.583518][ T7088] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 8115.951722][ T7088] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 8116.653209][ T7088] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 8120.668100][ T7091] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 8121.084288][ T7091] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 8121.487003][ T7091] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 8121.943358][ T7091] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 8146.636893][ T7088] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8152.298333][ T7091] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8276.285812][ T7088] veth0_vlan: entered promiscuous mode
[ 8277.374179][ T7088] veth1_vlan: entered promiscuous mode
[ 8282.225059][ T7091] veth0_vlan: entered promiscuous mode
[ 8282.554357][ T7088] veth0_macvtap: entered promiscuous mode
[ 8283.755217][ T7088] veth1_macvtap: entered promiscuous mode
[ 8284.515941][ T7091] veth1_vlan: entered promiscuous mode
[ 8288.216706][ T3936] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8288.383627][ T3936] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8288.388085][ T3936] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8288.534474][ T3393] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8289.965346][ T7091] veth0_macvtap: entered promiscuous mode
[ 8290.982781][ T7091] veth1_macvtap: entered promiscuous mode
[ 8295.139996][ T5540] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8295.172436][ T3936] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8295.176955][ T3936] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8295.196980][ T6400] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8466.301137][   T51] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8468.392735][   T51] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8470.525795][   T51] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8472.605409][   T51] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8499.621980][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 8499.921756][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 8500.112699][   T51] bond0 (unregistering): Released all slaves
[ 8502.467013][   T51] hsr_slave_0: left promiscuous mode
[ 8502.582013][   T51] hsr_slave_1: left promiscuous mode
[ 8503.354823][   T51] veth1_macvtap: left promiscuous mode
[ 8503.411230][   T51] veth0_macvtap: left promiscuous mode
[ 8503.414542][   T51] veth1_vlan: left promiscuous mode
[ 8503.456764][   T51] veth0_vlan: left promiscuous mode
[ 8542.307275][   T51] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8543.322260][   T51] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8544.675760][   T51] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8546.386526][   T51] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8575.801640][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 8576.132335][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 8576.415280][   T51] bond0 (unregistering): Released all slaves
[ 8578.632583][   T51] hsr_slave_0: left promiscuous mode
[ 8578.770853][   T51] hsr_slave_1: left promiscuous mode
[ 8579.391475][   T51] veth1_macvtap: left promiscuous mode
[ 8579.394876][   T51] veth0_macvtap: left promiscuous mode
[ 8579.424151][   T51] veth1_vlan: left promiscuous mode
[ 8579.432140][   T51] veth0_vlan: left promiscuous mode
[ 8629.696675][ T7403] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8630.164744][ T7403] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8642.716981][ T7412] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8643.032616][ T7412] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8660.950713][ T7403] hsr_slave_0: entered promiscuous mode
[ 8661.004442][ T7403] hsr_slave_1: entered promiscuous mode
[ 8675.631480][ T7412] hsr_slave_0: entered promiscuous mode
[ 8675.723545][ T7412] hsr_slave_1: entered promiscuous mode
[ 8675.757761][ T7412] debugfs: 'hsr0' already exists in 'hsr'
[ 8675.860564][ T7412] Cannot create hsr debugfs directory
[ 8695.582761][ T7403] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 8697.227166][ T7403] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 8698.931720][ T7403] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 8699.584389][ T7403] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 8707.147163][ T7412] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 8707.714165][ T7412] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 8708.266153][ T7412] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 8708.707391][ T7412] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 8727.011287][ T7403] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8735.662012][ T7412] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8851.146795][ T7403] veth0_vlan: entered promiscuous mode
[ 8852.022355][ T7403] veth1_vlan: entered promiscuous mode
[ 8855.297440][ T7403] veth0_macvtap: entered promiscuous mode
[ 8855.813414][ T7403] veth1_macvtap: entered promiscuous mode
[ 8859.221391][ T4604] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8859.223499][ T4604] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8859.282610][ T3393] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8859.312270][ T3393] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8862.933582][ T7412] veth0_vlan: entered promiscuous mode
[ 8864.683111][ T7412] veth1_vlan: entered promiscuous mode
[ 8868.884695][ T7412] veth0_macvtap: entered promiscuous mode
[ 8869.651323][ T7412] veth1_macvtap: entered promiscuous mode
[ 8873.694294][ T5746] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8873.815959][ T3939] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8873.824289][ T3939] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8873.882823][ T3939] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8982.617411][ T5540] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8984.877761][ T5540] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8986.753215][ T5540] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8988.785217][ T5540] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9019.323570][ T5540] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 9019.791553][ T5540] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 9020.194987][ T5540] bond0 (unregistering): Released all slaves
[ 9023.056088][ T5540] hsr_slave_0: left promiscuous mode
[ 9023.163589][ T5540] hsr_slave_1: left promiscuous mode
[ 9024.023816][ T5540] veth1_macvtap: left promiscuous mode
[ 9024.037032][ T5540] veth0_macvtap: left promiscuous mode
[ 9024.053539][ T5540] veth1_vlan: left promiscuous mode
[ 9024.102625][ T5540] veth0_vlan: left promiscuous mode
[ 9130.776885][ T7732] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 9131.157077][ T7732] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 9168.274087][ T7732] hsr_slave_0: entered promiscuous mode
[ 9168.356277][ T7732] hsr_slave_1: entered promiscuous mode
[ 9168.493069][ T7732] debugfs: 'hsr0' already exists in 'hsr'
[ 9168.506079][ T7732] Cannot create hsr debugfs directory
[ 9198.013951][ T7732] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 9198.365907][ T7732] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 9198.805075][ T7732] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 9199.401152][ T7732] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 9229.347566][ T7732] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9283.853203][ T5540] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9285.316525][ T5540] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9286.872881][ T5540] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9288.593541][ T5540] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9310.232867][ T5540] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 9310.397106][ T5540] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 9310.517688][ T5540] bond0 (unregistering): Released all slaves
[ 9313.641942][ T5540] hsr_slave_0: left promiscuous mode
[ 9314.052735][ T5540] hsr_slave_1: left promiscuous mode
[ 9314.979590][ T5540] veth1_macvtap: left promiscuous mode
[ 9314.982942][ T5540] veth0_macvtap: left promiscuous mode
[ 9315.033915][ T5540] veth1_vlan: left promiscuous mode
[ 9315.065677][ T5540] veth0_vlan: left promiscuous mode
[ 9361.197748][ T7732] veth0_vlan: entered promiscuous mode
[ 9361.943619][ T7732] veth1_vlan: entered promiscuous mode
[ 9364.434246][ T7732] veth0_macvtap: entered promiscuous mode
[ 9364.793868][ T7732] veth1_macvtap: entered promiscuous mode
[ 9367.036429][ T4604] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 9367.041428][ T4604] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 9367.111473][   T51] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 9367.130838][   T51] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 9376.667038][ T7929] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 9376.894325][ T7996] KVM: debugfs: duplicate directory 7996-6
[ 9377.006514][ T7929] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 9414.024745][ T7929] hsr_slave_0: entered promiscuous mode
[ 9414.113656][ T7929] hsr_slave_1: entered promiscuous mode
[ 9441.597250][ T7929] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 9442.087428][ T7929] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 9442.475912][ T7929] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 9442.814198][ T7929] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 9472.683836][ T7929] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9574.041977][ T7929] veth0_vlan: entered promiscuous mode
[ 9575.484552][ T7929] veth1_vlan: entered promiscuous mode
[ 9581.246587][   T51] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9582.926606][   T51] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9583.714975][ T7929] veth0_macvtap: entered promiscuous mode
[ 9584.614250][   T51] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9585.392727][ T7929] veth1_macvtap: entered promiscuous mode
[ 9586.382771][   T51] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9590.261937][ T3939] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 9590.263413][ T3939] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 9590.294826][ T3939] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 9590.314280][ T3939] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 9603.434852][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 9603.533327][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 9603.590789][   T51] bond0 (unregistering): Released all slaves
[ 9605.129953][   T51] hsr_slave_0: left promiscuous mode
[ 9605.181957][   T51] hsr_slave_1: left promiscuous mode
[ 9605.950207][   T51] veth1_macvtap: left promiscuous mode
[ 9605.952295][   T51] veth0_macvtap: left promiscuous mode
[ 9605.967385][   T51] veth1_vlan: left promiscuous mode
[ 9605.976685][   T51] veth0_vlan: left promiscuous mode
[ 9683.500227][ T8154] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 9683.758038][ T8154] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 9720.116577][ T8154] hsr_slave_0: entered promiscuous mode
[ 9720.216579][ T8154] hsr_slave_1: entered promiscuous mode
[ 9720.276579][ T8154] debugfs: 'hsr0' already exists in 'hsr'
[ 9720.335216][ T8154] Cannot create hsr debugfs directory
[ 9744.704527][ T8154] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 9745.086204][ T8154] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 9745.475245][ T8154] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 9745.777737][ T8154] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 9776.344012][ T8154] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9882.204634][ T8154] veth0_vlan: entered promiscuous mode
[ 9883.102370][ T8154] veth1_vlan: entered promiscuous mode
[ 9886.777062][ T8154] veth0_macvtap: entered promiscuous mode
[ 9887.436414][ T8154] veth1_macvtap: entered promiscuous mode
[ 9891.321932][ T3939] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 9891.327529][ T3939] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 9891.366565][ T3241] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 9891.438066][ T3241] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[10102.917802][ T8528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x27f0000000000000 pfn:0x5a534
[10103.044799][ T8528] flags: 0x1ffea8000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0xaa)
[10103.117768][ T8528] raw: 01ffea8000000000 ffffc1ffc07527c8 ffffc1ffc0646dc8 0000000000000000
[10103.133201][ T8528] raw: 27f0000000000000 0000000000000000 00000000ffffffff 0000000000000000
[10103.180900][ T8528] page dumped because: VM_BUG_ON_PAGE(page_ref_count(page) == 0)
[10103.194798][ T8528] ------------[ cut here ]------------
[10103.195054][ T8528] kernel BUG at ./include/linux/mm.h:1036!
[10103.196799][ T8528] Internal error: Oops - BUG: 00000000f2000800 [#1]  SMP
[10103.201569][ T8528] Modules linked in:
[10103.202977][ T8528] CPU: 0 UID: 0 PID: 8528 Comm: syz.3.565 Not tainted syzkaller #0 PREEMPT 
[10103.204225][ T8528] Hardware name: linux,dummy-virt (DT)
[10103.205254][ T8528] pstate: 61402009 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
[10103.206580][ T8528] pc : kvm_s2_put_page+0x374/0x3a0
[10103.207619][ T8528] lr : kvm_s2_put_page+0x374/0x3a0
[10103.208602][ T8528] sp : ffff80008eea7570
[10103.209358][ T8528] x29: ffff80008eea7570 x28: f0f00000191b7000 x27: f0f00000191b7000
[10103.210981][ T8528] x26: 00000000000000ff x25: ffff80008734e000 x24: ffffc1ffc0000000
[10103.212397][ T8528] x23: ffffc1ffc0694d08 x22: 0000000000000000 x21: ffffc1ffc0694d34
[10103.213762][ T8528] x20: 0000000000000000 x19: ffffc1ffc0694d00 x18: 000000003284155a
[10103.215150][ T8528] x17: 00000000043ec494 x16: 000000003283e152 x15: 00000000f3b52334
[10103.216548][ T8528] x14: ffffffffffffffff x13: fff0000010b6bb08 x12: 0000000000000001
[10103.217893][ T8528] x11: 0000000000080000 x10: 00000000000472d2 x9 : 98f7cd0646e62f00
[10103.219307][ T8528] x8 : 98f7cd0646e62f00 x7 : ffff80008039ebc8 x6 : 0000000000000000
[10103.220677][ T8528] x5 : 0000000000000001 x4 : 0000000000000001 x3 : ffff80008038fdd0
[10103.221974][ T8528] x2 : 0000000000000002 x1 : 0000000100000000 x0 : 000000000000003e
[10103.223436][ T8528] Call trace:
[10103.224136][ T8528]  kvm_s2_put_page+0x374/0x3a0 (P)
[10103.225195][ T8528]  stage2_free_walker+0x1b0/0x264
[10103.226196][ T8528]  __kvm_pgtable_walk+0x7d8/0xa68
[10103.227189][ T8528]  kvm_pgtable_walk+0x294/0x468
[10103.228179][ T8528]  kvm_pgtable_stage2_destroy_range+0x60/0xb4
[10103.229257][ T8528]  kvm_free_stage2_pgd+0x198/0x28c
[10103.230261][ T8528]  kvm_uninit_stage2_mmu+0x20/0x38
[10103.231228][ T8528]  kvm_arch_flush_shadow_all+0x1a8/0x1e0
[10103.232262][ T8528]  kvm_mmu_notifier_release+0x48/0xa8
[10103.233259][ T8528]  mmu_notifier_unregister+0x128/0x42c
[10103.234296][ T8528]  kvm_put_kvm+0x6a0/0xfa8
[10103.235144][ T8528]  kvm_vcpu_release+0x70/0x9c
[10103.236083][ T8528]  __fput+0x4ac/0x980
[10103.236893][ T8528]  ____fput+0x20/0x58
[10103.237727][ T8528]  task_work_run+0x1bc/0x254
[10103.238592][ T8528]  get_signal+0x13ec/0x1554
[10103.239496][ T8528]  do_signal+0x23c/0x4dd0
[10103.240425][ T8528]  do_notify_resume+0xb0/0x270
[10103.241341][ T8528]  el0_svc+0xb8/0x164
[10103.242149][ T8528]  el0t_64_sync_handler+0x84/0x12c
[10103.243090][ T8528]  el0t_64_sync+0x198/0x19c
[10103.244479][ T8528] Code: f00375a1 91112021 aa1303e0 97f9ca6f (d4210000) 
[10103.246340][ T8528] ---[ end trace 0000000000000000 ]---
[10103.247857][ T8528] Kernel panic - not syncing: Oops - BUG: Fatal exception
[10103.249804][ T8528] Kernel Offset: disabled
[10103.250569][ T8528] CPU features: 0x000000,0000d180,2fbe33e1,057ffe1f
[10103.251666][ T8528] Memory Limit: none
[10103.253359][ T8528] Rebooting in 86400 seconds..

VM DIAGNOSIS:
04:50:52  Registers:
info registers vcpu 0

CPU#0
 PC=ffff80008068d878 X00=0000000000000000 X01=0000000000000000
X02=ffff80008eea6b70 X03=ffff80008eea6c18 X04=0000000000002150
X05=0000000000000000 X06=ffff800080489b28 X07=ffff800080015834
X08=00000000000486e6 X09=00000000000000ff X10=0000000000ff0100
X11=0000000000080000 X12=0000000000ff0100 X13=0000000000000007
X14=0000000000000002 X15=ffff800087f699e0 X16=0000000000000000
X17=00000000043ec494 X18=000000003284155a X19=ffff80008eea6d1c
X20=ffff80010eea6d15 X21=0000000000000001 X22=000000007ffffffe
X23=ffff80008eea6c88 X24=ffff80008eea6d1d X25=0000000000000000
X26=ffff80008707f851 X27=ffff80008707f851 X28=ffff80008707f851
X29=ffff80008eea6b80 X30=ffff800080489d64  SP=ffff80008eea6ce0
PSTATE=804023c9 N--- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=2525252525252525:2525252525252525 Z01=6572207265767265:730073250a0d0a0d
Z02=635f6665725f6567:617028454741505f Z03=0000000000000000:00ff00ff00000000
Z04=0000000000000000:000000000f0f0000 Z05=5f65676170284547:41505f4e4f5f4755
Z06=30303030303a676e:697070616d20303a Z07=65646e6920303030:3030303030303030
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000ffffd8efc8c0:0000ffffd8efc8c0 Z17=ffffff80ffffffd8:0000ffffd8efc890
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000