last executing test programs:

51m45.918229101s ago: executing program 1 (id=150):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x8040aeb6, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9, 0x7fffffff, 0x2}}) (async)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x284080, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000040)=@arm64_core={0x6030000000100026})
r7 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r8 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x6) (async)
r9 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x20}, 0x0, 0x0)
ioctl$KVM_CREATE_GUEST_MEMFD(r3, 0xc040aed4, &(0x7f00000000c0)={0x0, 0x4}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x121000, 0x0) (async)
close(r4) (async)
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async)
r10 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
ioctl$KVM_GET_REG_LIST(r10, 0xc008aeb0, &(0x7f0000000080)={0x2, [0x1, 0x0]})

51m42.951068058s ago: executing program 0 (id=151):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, 0x0)
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f00000001c0)=@arm64_sve={0x68800000001505b9, &(0x7f0000000240)=0x80000001}) (async, rerun: 64)
syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
r8 = openat$kvm(0x0, 0x0, 0x2280, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x100000000000) (async)
r10 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x1, r10, 0xb})
ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, r10, 0x3})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async)
munmap(&(0x7f0000f1a000/0x2000)=nil, 0x2000) (async, rerun: 64)
r11 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) (rerun: 64)
syz_kvm_assert_reg(r11, 0x603000000013df12, 0x8000) (async)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x8, <r12=>0xffffffffffffffff, 0x1})
r13 = ioctl$KVM_CREATE_VM(r12, 0x894c, 0x0) (async, rerun: 64)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 64)
ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r13, 0xb702, 0x0) (async)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x6) (async, rerun: 64)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8400, 0x0) (rerun: 64)

51m36.601139737s ago: executing program 1 (id=152):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x10001, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async, rerun: 64)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async, rerun: 64)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (async, rerun: 64)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 64)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) (async)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) (async)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_vgic_v3_setup(r4, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x5, 0x5, &(0x7f0000000280)=0xfffffffffffffffa})
mmap$KVM_VCPU(&(0x7f00006b6000/0x4000)=nil, r2, 0x6, 0x8032, 0xffffffffffffffff, 0x0) (async, rerun: 64)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) (async, rerun: 64)
munmap(&(0x7f0000ce0000/0x3000)=nil, 0x3000) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x1000000)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x288000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xdddd1000, 0x0, r9}) (async, rerun: 32)
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0x10) (rerun: 32)

51m34.957758433s ago: executing program 0 (id=153):
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r0 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, r0, 0x6, 0x4f832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0)

51m28.255961509s ago: executing program 0 (id=154):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x80111500, 0x20000000) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x80111500, 0x20000000)
r0 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r1 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000000000)={0x10002, 0x0, &(0x7f0000e28000/0x1000)=nil})
eventfd2(0x3ff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0xc0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)

51m26.588758007s ago: executing program 1 (id=155):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f00000001c0)=@arm64_core={0x6030000000100046, &(0x7f0000000100)=0x2})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0xc80, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0x2, 0x10000000000000)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
syz_kvm_vgic_v3_setup(r8, 0x4, 0x3a0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r6, 0x3000001, 0x16831, 0xffffffffffffffff, 0x0)

51m20.711122875s ago: executing program 0 (id=156):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async, rerun: 64)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async, rerun: 64)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, <r3=>0xffffffffffffffff, 0x1})
r4 = ioctl$KVM_CREATE_VM(r3, 0x894c, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xb701, 0x0) (async, rerun: 64)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 64)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000100)={0x4, <r8=>0xffffffffffffffff}) (async, rerun: 64)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 64)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async, rerun: 64)
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000080)=@attr_arm64={0x0, 0x1, 0x2, &(0x7f0000000240)=0x8}) (async, rerun: 64)
ioctl$KVM_CREATE_VCPU(r5, 0xb701, 0xfffffffffffffffe)
r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x23) (async)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r10, r11, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1e000000000000004000000000000000000000ef000000003a08000000000000010000000000000002c0f7000000000003000000000000000402000000000000140000000000000020000000000000008480130000003060a3"], 0x60}], 0x1, 0x0, 0x0, 0x0) (async, rerun: 64)
ioctl$KVM_RUN(r11, 0xae80, 0x0) (rerun: 64)

51m16.229228434s ago: executing program 1 (id=157):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x8, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000200)=@attr_other={0x0, 0x7, 0x8, &(0x7f0000000140)=0x2})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0xa000, 0x0)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x3, 0xa0)
r4 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000000)={0x7})
r6 = eventfd2(0x0, 0x80800)
r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x8)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f00000001c0)={0x0, 0xffff1000, 0x9, r6})
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f00000002c0)={0xeeee8000, 0x10000, 0x2})
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f00000000c0)={0x8})
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000200)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r11, 0x4040aea0, &(0x7f0000000000)=@x86={0x0, 0x3, 0xb, 0x0, 0xe09, 0x6, 0x0, 0x3, 0x9, 0x2, 0xd5, 0x8, 0x0, 0x0, 0x6, 0x2, 0x4, 0xd0, 0xf8, '\x00', 0x51, 0xfffffffffffffffc})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
ioctl$KVM_SIGNAL_MSI(r5, 0x4020aea5, &(0x7f0000000000)={0x6000})
r12 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x12)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x18, {"7f2003d5"}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r14, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r12, 0xc008ae67, &(0x7f0000000100)={0x0, 0x81})

51m13.451489811s ago: executing program 0 (id=158):
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$arm64(r1, 0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000647000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)

51m6.81811408s ago: executing program 1 (id=159):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CLEAR_DIRTY_LOG(r2, 0xc018aec0, &(0x7f0000000000)={0x1, 0x300, 0x2c0, 0x0})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_HALT_POLL(r3, 0x4068aea3, &(0x7f0000000100)={0xb6, 0x0, 0x81})
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x18, {"7f2003d5"}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

51m4.043081736s ago: executing program 0 (id=160):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000040)=@arm64_ccsidr={0x6020000000110000, &(0x7f0000000000)=0x3})
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000100)=@arm64_ccsidr={0x6020000000110006, &(0x7f00000000c0)=0x2})
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x33)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000240)=0x1000008080000})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x5, 0xffffffff, &(0x7f0000000180)=0x2})

50m57.157575152s ago: executing program 1 (id=161):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r1, 0x4068aea3, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r3, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, r5, 0x0, 0x40032, 0xffffffffffffffff, 0x0)

50m17.716896127s ago: executing program 32 (id=160):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000040)=@arm64_ccsidr={0x6020000000110000, &(0x7f0000000000)=0x3})
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000100)=@arm64_ccsidr={0x6020000000110006, &(0x7f00000000c0)=0x2})
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x33)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000240)=0x1000008080000})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x5, 0xffffffff, &(0x7f0000000180)=0x2})

50m10.01605445s ago: executing program 33 (id=161):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r1, 0x4068aea3, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r3, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, r5, 0x0, 0x40032, 0xffffffffffffffff, 0x0)

41m42.65161871s ago: executing program 3 (id=193):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2a)
ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000000)=0x3)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000040)={0x5000, 0x181000})
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r2, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)

41m28.995542227s ago: executing program 3 (id=195):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
close(r2)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x23)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0xf)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0xa, <r4=>0xffffffffffffffff, 0x1})
ioctl$KVM_HAS_DEVICE_ATTR(r4, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x1, 0x9, &(0x7f0000000000)=0x8001})
ioctl$KVM_GET_DEVICE_ATTR_vm(r2, 0x4018aee2, &(0x7f0000000180)=@attr_arm64={0x0, 0x0, 0x0, 0x0})

41m12.846952495s ago: executing program 3 (id=197):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x40000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="be00000000000000180000000000000001c8"], 0x18}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR_vm(r5, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0xc5000020, [0x0, 0x1, 0x2, 0x3, 0x4]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
close(r2)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000000)={0x8, <r9=>0xffffffffffffffff})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, 0x0)

40m58.030637846s ago: executing program 3 (id=199):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xb)
ioctl$KVM_CREATE_GUEST_MEMFD(r0, 0xc040aed4, &(0x7f0000000000)={0x6, 0x2})
munmap(&(0x7f0000c00000/0x400000)=nil, 0x400000)
r1 = eventfd2(0x8, 0x80800)
r2 = eventfd2(0x30000, 0x80000)
ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000040)={r1, 0x5, 0x1, r2})
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r0, 0x4068aea3, &(0x7f0000000080)={0xe4, 0x0, 0x468})
r3 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4000ae84, &(0x7f0000000100)={{0x5000, 0x4000, 0x4, 0xf, 0xc, 0x4b, 0x4, 0x4, 0x2, 0xc, 0x7, 0x3}, {0x1, 0x4000, 0x8, 0x4, 0x8, 0x1, 0xf, 0xff, 0x9, 0xfe, 0x2, 0x5}, {0x3000, 0x3000, 0x8b082e60abbe0e78, 0x8, 0x0, 0xd1, 0x6d, 0x10, 0x14, 0x3, 0x23, 0xc}, {0x4, 0xeeee8000, 0xc, 0x8, 0x6, 0xa0, 0x3, 0x2b, 0x0, 0x4f, 0x5, 0x8}, {0x8000000, 0xeeee0000, 0x7, 0x6, 0x5, 0x5, 0xc, 0x9, 0x7, 0x8, 0x1, 0x9}, {0x100000, 0x3000, 0xf, 0xa, 0x0, 0xcb, 0x5, 0x7, 0xf7, 0x2, 0x5, 0xb}, {0x3000, 0x2000, 0xa, 0x3, 0x1, 0x6, 0x40, 0x8, 0xfb, 0xd, 0x0, 0xa}, {0x2000, 0xeeef0000, 0xa, 0xff, 0xff, 0x8, 0x40, 0x4, 0x80, 0xbf, 0x9, 0x9}, {0x8000000, 0x8}, {0x3000, 0xa2}, 0x80000001, 0x0, 0xeeee8000, 0x100004, 0xc, 0x800, 0x8080000, [0x0, 0x10000, 0xfffffffffffffff8, 0x7]})
r4 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000240)=@arm64={0x0, 0x9, 0x4, '\x00', 0x9})
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2b)
ioctl$KVM_GET_DEVICE_ATTR_vm(r5, 0x4018aee2, &(0x7f00000002c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000280)={0x6, 0x3ff, 0x7703cf0ab1ead1e6}})
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x17)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000300)={0x2, 0xffffffffffffffff, 0x1})
ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000340)={0xbc, 0x2})
ioctl$KVM_HAS_DEVICE_ATTR_vm(r0, 0x4018aee3, &(0x7f00000003c0)=@attr_other={0x0, 0x0, 0x4, &(0x7f0000000380)=0x3})
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f0000000400)={0x100000, 0x11000, 0x1})
syz_kvm_vgic_v3_setup(r6, 0x0, 0xe0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000bff000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000c06000/0x2000)=nil, 0x0, 0x1, 0x8010, r3, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r5, 0x4018aee1, &(0x7f0000000480)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000440)={0x1b6271c7, 0x1, 0x2}})
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000700)={0x0, &(0x7f00000004c0)=[@smc={0x1e, 0x40, {0x80003fff, [0x3, 0x7, 0x4, 0x80, 0x4]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x3, 0x1, 0x7, 0x1, 0x1}}, @svc={0x122, 0x40, {0x80000000, [0xf, 0x2, 0x1, 0x6, 0x7]}}, @eret={0xe6, 0x18, 0x9}, @uexit={0x0, 0x18, 0x4}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x10040, 0x4, 0x1}}, @msr={0x14, 0x20, {0x603000000013e664, 0x8}}, @eret={0xe6, 0x18, 0xc}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x280, 0xd, 0x6}}, @smc={0x1e, 0x40, {0x84000052, [0x7, 0x9, 0x2, 0x7f, 0x2]}}, @uexit={0x0, 0x18, 0x56a}, @mrs={0xbe, 0x18, {0x603000000013dee2}}, @irq_setup={0x46, 0x18, {0x4, 0x319}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0xa0, 0x5d36b8f4, 0x5}}], 0x228}, &(0x7f0000000740)=[@featur2={0x1, 0x40}], 0x1)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_FINALIZE(r7, 0x4004aec2, &(0x7f0000000780)=0x3)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c24000/0x1000)=nil, r8, 0x0, 0x12, r3, 0x0)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000bc2000/0x400000)=nil)

40m48.567802151s ago: executing program 3 (id=200):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x0, 0x8000000, 0x1000, &(0x7f0000d8d000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r5, 0x3, 0x11, r4, 0x40000)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, r5, 0xe, 0x10a010, 0xffffffffffffffff, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x690700, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0)

40m33.73533867s ago: executing program 3 (id=203):
munmap(&(0x7f0000c2e000/0x3000)=nil, 0x3000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x115600, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x39d}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0xffffffffffbffffc, 0x120)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x4, 0x1, 0x0})
r9 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000280)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000100)=@arm64_extra={0x603000000013c02a, &(0x7f0000000180)})
r12 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000140)={0x4, <r13=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r13, 0x800454d3, 0xfffffffffffffffa)
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f00000000c0)={0x5, 0x5, 0x2000, 0x1000, &(0x7f0000ffd000/0x1000)=nil, 0x3})
munmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000)
r14 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000dc0)=[@hvc={0x32, 0x40, {0x8000, [0x0, 0x3ff, 0xeb, 0x66ff, 0x6]}}, @memwrite={0x6e, 0x30, @generic={0xd000, 0xcca, 0x7, 0x8}}, @hvc={0x32, 0x40, {0x8400000a, [0x2, 0x1, 0x8, 0x0, 0x8000000000000000]}}, @code={0xa, 0x3c, {"0084000f0000802c008008d5007008d5007008d51f000071007008d5000028d50090205e007008d5"}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x0, 0x3, 0x7, 0x1, 0x2}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x2f7}}, @svc={0x122, 0x40, {0x84000002, [0x8, 0x6, 0x594, 0x1000000000000000, 0x800]}}, @msr={0x14, 0x20, {0x603000000013c01d, 0x7}}, @eret={0xe6, 0x18, 0x2}, @mrs={0xbe, 0x18, {0x603000000013f090}}, @msr={0x14, 0x20, {0x603000000013deb4, 0x100}}, @msr={0x14, 0x20, {0x603000000013801a, 0x7}}, @smc={0x1e, 0x40, {0x84000011, [0x3, 0x8, 0x625, 0x2, 0xf]}}, @irq_setup={0x46, 0x18, {0x2, 0x2a}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x227}}, @msr={0x14, 0x20, {0x603000000013df62}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x7, 0xe, 0x9fe, 0x3, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013e510}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0xdb0, 0x5, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013bef3}}, @irq_setup={0x46, 0x18, {0x3, 0x4b}}, @msr={0x14, 0x20, {0x603000000013df69, 0x7}}, @uexit={0x0, 0x18, 0x4}, @hvc={0x32, 0x40, {0x84000003, [0x9, 0x4, 0x3, 0x6, 0x3]}}], 0x3c4}, &(0x7f0000000040)=[@featur2={0x1, 0x11}], 0x1)
ioctl$KVM_GET_ONE_REG(r14, 0x4010aeab, &(0x7f0000000600)=@arm64_sys={0x6030000000138007, &(0x7f00000005c0)=0x928})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x1000000)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x110, 0xffffffffffffffff, 0x0)

39m45.958481153s ago: executing program 34 (id=203):
munmap(&(0x7f0000c2e000/0x3000)=nil, 0x3000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x115600, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x39d}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0xffffffffffbffffc, 0x120)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x4, 0x1, 0x0})
r9 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000280)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000100)=@arm64_extra={0x603000000013c02a, &(0x7f0000000180)})
r12 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000140)={0x4, <r13=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r13, 0x800454d3, 0xfffffffffffffffa)
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f00000000c0)={0x5, 0x5, 0x2000, 0x1000, &(0x7f0000ffd000/0x1000)=nil, 0x3})
munmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000)
r14 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000dc0)=[@hvc={0x32, 0x40, {0x8000, [0x0, 0x3ff, 0xeb, 0x66ff, 0x6]}}, @memwrite={0x6e, 0x30, @generic={0xd000, 0xcca, 0x7, 0x8}}, @hvc={0x32, 0x40, {0x8400000a, [0x2, 0x1, 0x8, 0x0, 0x8000000000000000]}}, @code={0xa, 0x3c, {"0084000f0000802c008008d5007008d5007008d51f000071007008d5000028d50090205e007008d5"}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x0, 0x3, 0x7, 0x1, 0x2}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x2f7}}, @svc={0x122, 0x40, {0x84000002, [0x8, 0x6, 0x594, 0x1000000000000000, 0x800]}}, @msr={0x14, 0x20, {0x603000000013c01d, 0x7}}, @eret={0xe6, 0x18, 0x2}, @mrs={0xbe, 0x18, {0x603000000013f090}}, @msr={0x14, 0x20, {0x603000000013deb4, 0x100}}, @msr={0x14, 0x20, {0x603000000013801a, 0x7}}, @smc={0x1e, 0x40, {0x84000011, [0x3, 0x8, 0x625, 0x2, 0xf]}}, @irq_setup={0x46, 0x18, {0x2, 0x2a}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x227}}, @msr={0x14, 0x20, {0x603000000013df62}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x7, 0xe, 0x9fe, 0x3, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013e510}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0xdb0, 0x5, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013bef3}}, @irq_setup={0x46, 0x18, {0x3, 0x4b}}, @msr={0x14, 0x20, {0x603000000013df69, 0x7}}, @uexit={0x0, 0x18, 0x4}, @hvc={0x32, 0x40, {0x84000003, [0x9, 0x4, 0x3, 0x6, 0x3]}}], 0x3c4}, &(0x7f0000000040)=[@featur2={0x1, 0x11}], 0x1)
ioctl$KVM_GET_ONE_REG(r14, 0x4010aeab, &(0x7f0000000600)=@arm64_sys={0x6030000000138007, &(0x7f00000005c0)=0x928})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x1000000)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x110, 0xffffffffffffffff, 0x0)

35m31.200928322s ago: executing program 2 (id=227):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x2, 0x100)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r6 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r5, 0x490458f4c1e2a4a1, 0x11, r3, 0x0)
r7 = mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r5, 0x3, 0x11, r4, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r7, 0xffffffffffffffff)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r6, 0xfffffffffffffffe)

35m18.68767808s ago: executing program 2 (id=228):
r0 = openat$kvm(0x0, &(0x7f00000001c0), 0x2083, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000073000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000000)=[@mrs={0xbe, 0x18, {0x603000000013c2a4}}], 0x18}, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

35m4.661400465s ago: executing program 2 (id=229):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x200, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2c)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013df19, 0x8003}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) (async)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000240)=@arm64_ccsidr={0x6020000000110006, &(0x7f0000000100)=0x100}) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000c6a000/0x3000)=nil, 0x930, 0x1000003, 0x28031, 0xffffffffffffffff, 0x0) (async)
r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000200)=[@featur1={0x1, 0xa}], 0x1)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000080)=@arm64_ccsidr={0x1000, &(0x7f00000000c0)=0x1})

34m52.162464425s ago: executing program 2 (id=230):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, r1, 0x3, 0x11, r2, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0x5452, 0xa00000000000000)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000100)={0x8})
r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x3d)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r12, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)

34m35.829884035s ago: executing program 2 (id=231):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610f3ff67521cd66f8f1f447d35b20700000000000000000000000100", 0x0, 0x48)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x25)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x0, 0x0, 0x6, 0x2, 0x4}}], 0x50}, 0x0, 0x0) (async)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x0, 0x0, 0x6, 0x2, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8}) (async)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x1, 0xffffffffffffffff, 0x1})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xb00f2, 0x0) (async)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xb00f2, 0x0)

34m20.597034501s ago: executing program 2 (id=232):
syz_kvm_add_vcpu$arm64(0x0, 0x0, &(0x7f0000000300)=[@featur2={0x1, 0xb5656113b9f8541a}], 0x1)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000180)=[@uexit={0x0, 0x18, 0xb}, @code={0xa, 0x9c, {"205f93d20020b8f2e10180d2e20080d2e30080d2a40180d2020000d4007008d5007008d5007008d560b584d200a0b0f2410180d2a20180d2e30080d2640180d2020000d40050200e0004601e007008d580d58bd200a0b0f2a10180d2c20180d2230080d2a40180d2020000d4402689d200e0b8f2c10080d2a20080d2030180d2a40180d2020000d4"}}, @msr={0x14, 0x20, {0x603000000013c647, 0x10000}}, @eret={0xe6, 0x18, 0x81}, @irq_setup={0x46, 0x18, {0x0, 0x2ef}}, @smc={0x1e, 0x40, {0x0, [0x2, 0x8, 0x8000000000000000, 0x5, 0x80000001]}}, @hvc={0x32, 0x40, {0x3, [0x0, 0xc, 0x9, 0x1be4, 0x1]}}], 0x184}, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000100)=@arm64_extra={0x603000000013c02a, &(0x7f0000000180)})
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
eventfd2(0x2, 0x801)
r6 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013df64, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df7f, 0x8000}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
r10 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000240)={0x4, 0x9, 0x1}})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000000000000000000001"])

33m32.610269173s ago: executing program 35 (id=232):
syz_kvm_add_vcpu$arm64(0x0, 0x0, &(0x7f0000000300)=[@featur2={0x1, 0xb5656113b9f8541a}], 0x1)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000180)=[@uexit={0x0, 0x18, 0xb}, @code={0xa, 0x9c, {"205f93d20020b8f2e10180d2e20080d2e30080d2a40180d2020000d4007008d5007008d5007008d560b584d200a0b0f2410180d2a20180d2e30080d2640180d2020000d40050200e0004601e007008d580d58bd200a0b0f2a10180d2c20180d2230080d2a40180d2020000d4402689d200e0b8f2c10080d2a20080d2030180d2a40180d2020000d4"}}, @msr={0x14, 0x20, {0x603000000013c647, 0x10000}}, @eret={0xe6, 0x18, 0x81}, @irq_setup={0x46, 0x18, {0x0, 0x2ef}}, @smc={0x1e, 0x40, {0x0, [0x2, 0x8, 0x8000000000000000, 0x5, 0x80000001]}}, @hvc={0x32, 0x40, {0x3, [0x0, 0xc, 0x9, 0x1be4, 0x1]}}], 0x184}, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000100)=@arm64_extra={0x603000000013c02a, &(0x7f0000000180)})
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
eventfd2(0x2, 0x801)
r6 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013df64, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df7f, 0x8000}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
r10 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000240)={0x4, 0x9, 0x1}})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000000000000000000001"])

26m22.27007381s ago: executing program 4 (id=257):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xe6)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_FINALIZE(r3, 0x4004aec2, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f0000007000/0x2000)=nil, r8, 0x3, 0x11, r6, 0x0)
ioctl$KVM_SET_MP_STATE(r6, 0x4004ae99, &(0x7f0000000140)=0x4)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x0, 0xefbf, 0x2}})
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
syz_kvm_setup_cpu$arm64(r10, 0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000000900)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
close(r10)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r6, 0x0)

25m59.357282877s ago: executing program 4 (id=258):
ioctl$KVM_GET_DEVICE_ATTR_vm(0xffffffffffffffff, 0x4018aee2, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x80000000})
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xe)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r0, 0x4068aea3, &(0x7f0000000080))
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000600)={0x0, &(0x7f0000000100)=[@code={0xa, 0x54, {"1f0000eb00c0df0d007008d500b8a10e20fe88d200a0b8f2410080d2e20080d2630080d2640180d2020000d40000291e0058201e000c601e0000789e000008d5"}}, @uexit={0x0, 0x18, 0x7fff}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x4, 0x3, 0xa}}, @svc={0x122, 0x40, {0x20, [0x10000, 0xb82a, 0x8, 0xff, 0x3]}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x3c7}}, @irq_setup={0x46, 0x18, {0x3, 0x3d1}}, @svc={0x122, 0x40, {0x84000051, [0x6, 0x1, 0x9, 0x100000001, 0x5]}}, @eret={0xe6, 0x18, 0x7f}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x1, 0xb, 0x1, 0x6}}, @mrs={0xbe, 0x18, {0x603000000013c213}}, @msr={0x14, 0x20, {0x603000000013c645, 0x6}}, @eret={0xe6, 0x18, 0x5}, @msr={0x14, 0x20, {0x603000000013c015, 0x8}}, @irq_setup={0x46, 0x18, {0x0, 0x2a7}}, @svc={0x122, 0x40, {0x80003fff, [0x80000001, 0xfd, 0x5, 0x8]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x3, 0xe, 0x101, 0x2, 0x3}}, @hvc={0x32, 0x40, {0xffff, [0x80, 0x3, 0xfffffffffffffff8, 0xffffffffc83be412, 0x8]}}, @uexit={0x0, 0x18, 0x8}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x2, 0x6, 0x4, 0x9, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013df5a}}, @irq_setup={0x46, 0x18, {0x0, 0x18e}}, @irq_setup={0x46, 0x18, {0x3, 0x178}}, @mrs={0xbe, 0x18, {0x6030000000138065}}, @svc={0x122, 0x40, {0x80008000, [0x4, 0x5, 0x8001, 0x1ff, 0x8]}}, @svc={0x122, 0x40, {0x80007fff, [0xfffffffffffffff1, 0x4, 0xf, 0x80000001, 0x28e]}}, @svc={0x122, 0x40, {0x0, [0x9, 0x5f71, 0xbd, 0x7f, 0x7]}}, @hvc={0x32, 0x40, {0x80, [0x10001, 0xffffffff, 0xa2c1000000000000, 0xa7dd, 0x1]}}, @hvc={0x32, 0x40, {0xc4000007, [0x1, 0xffffffffffffffff, 0x3ff, 0x5, 0xfff]}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x4, 0x5, 0xe1, 0xe}}], 0x4d4}, &(0x7f0000000640)=[@featur2={0x1, 0x15}], 0x1)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, r1, 0x8, 0x100010, r2, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil})
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f00000006c0)={0x101, 0x5})
r3 = ioctl$KVM_GET_STATS_FD_vm(r0, 0xaece)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000700), 0x80040, 0x0)
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x3e)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000740)={0x10004, 0x7, 0x4, 0x2000, &(0x7f0000e83000/0x2000)=nil})
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r5, 0x4010aeb5, &(0x7f0000000780)={0x3ff, 0x5})
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f00000007c0)={0x5, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000840)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f0000000800)=0x9})
ioctl$KVM_SIGNAL_MSI(r0, 0x4020aea5, &(0x7f0000000880)={0x0, 0x0, 0x4, 0x0, 0x3})
r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x26)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r7, 0x4008ae73, &(0x7f00000008c0)={0x9, 0x4})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000900)=@arm64={0xfe, 0x8f, 0x6, '\x00', 0xfffffffffffffff7})
ioctl$KVM_RESET_DIRTY_RINGS(r5, 0xaec7)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000940), 0x1c1002, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, r1, 0x8b04a01fa48abab6, 0x13, r2, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000980)={0x9})
r8 = ioctl$KVM_GET_STATS_FD_vm(r5, 0xaece)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000b0c000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f00000009c0)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x80000000})
ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000a00)={0x1000, 0x1000})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000a40)={0x10000, 0x5, 0x1, 0x1000, &(0x7f0000f85000/0x1000)=nil})

25m46.897574751s ago: executing program 4 (id=259):
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0x80111500, 0x20000000)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000e5f000/0x3000)=nil, r5, 0x3, 0x13, r3, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r6, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async)
openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r2, 0x80111500, 0x20000000) (async)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) (async)
mmap$KVM_VCPU(&(0x7f0000e5f000/0x3000)=nil, r5, 0x3, 0x13, r3, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async)
mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r6, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0) (async)

25m34.28563132s ago: executing program 5 (id=233):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000080)=[@featur1={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000140)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x20020, 0x10, 0x4}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x78, 0x8001, 0x2}}, @svc={0x122, 0x40, {0x84000051, [0xffffffffffffffff, 0x89, 0x0, 0xc, 0x6]}}], 0xa0}, &(0x7f0000000200)=[@featur2={0x1, 0x62}], 0x1)

25m30.695741515s ago: executing program 4 (id=260):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3e)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x8030aeb4, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9e, 0xfffffffd}})

25m22.325040305s ago: executing program 5 (id=261):
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0x2, <r0=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r0, 0x4018aee1, &(0x7f0000000080)=@attr_arm64={0x0, 0x1, 0x0, &(0x7f0000000040)=0xc})
eventfd2(0x400, 0x80000)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x17)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x100000000)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f00000000c0)={0xdf, 0x0, 0x2000})
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000800)={0x0, &(0x7f0000000140)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x88f4d265a6c39308, 0x0, 0x6}}, @mrs={0xbe, 0x18, {0x603000000013df57}}, @eret={0xe6, 0x18, 0x9}, @code={0xa, 0x84, {"008008d5e0919bd20060b8f2010080d2a20180d2e30180d2c40180d2020000d4007008d520d098d20080b8f2810180d2a20180d2c30080d2040180d2020000d4007008d5008008d5008008d500d0005fa0c898d20060b0f2410180d2a20180d2c30180d2e40180d2020000d400000018"}}, @msr={0x14, 0x20, {0x6030000000138002, 0xa}}, @uexit={0x0, 0x18, 0x8}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff0, 0x400, 0x4}}, @msr={0x14, 0x20, {0x603000000013df76, 0x4}}, @msr={0x14, 0x20, {0x603000000013c017, 0x1}}, @svc={0x122, 0x40, {0xc400000d, [0x5, 0xd, 0x8, 0x2, 0xd02]}}, @smc={0x1e, 0x40, {0x3f000000, [0x10, 0x8, 0xf30, 0x1, 0x2]}}, @hvc={0x32, 0x40, {0x80000000, [0x9, 0x1, 0xf8, 0x70, 0x8]}}, @irq_setup={0x46, 0x18, {0x0, 0x292}}, @hvc={0x32, 0x40, {0x40, [0x7, 0x0, 0x100000000, 0x6, 0x93dc]}}, @hvc={0x32, 0x40, {0x200, [0xb71a, 0x5, 0x9, 0x8bf, 0x9]}}, @code={0xa, 0x54, {"0000c02c007008d50060200e00f4a02ee0c781d20000b8f2410080d2a20180d2c30180d2a40080d2020000d4007008d5007008d5000c4038007008d500e4005f"}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x11f}}, @hvc={0x32, 0x40, {0x84000009, [0x4, 0x6, 0x8, 0x4, 0x8]}}, @uexit={0x0, 0x18, 0x80}, @smc={0x1e, 0x40, {0x80007fff, [0x7fffffffffffffff, 0x3, 0x58, 0x1, 0x9]}}, @hvc={0x32, 0x40, {0x84000051, [0x4, 0x9, 0x0, 0x0, 0x500000000]}}, @irq_setup={0x46, 0x18, {0x1, 0x12}}, @msr={0x14, 0x20, {0x603000000013c201, 0x9}}, @code={0xa, 0x84, {"007008d5007008d5007008d5804581d200a0b0f2210180d2620180d2830180d2840080d2020000d420969bd200a0b8f2a10180d2220080d2230080d2640180d2020000d40088200e602292d200e0b8f2a10180d2420080d2230180d2e40080d2020000d4007008d50044207e007008d5"}}, @hvc={0x32, 0x40, {0x1000, [0x7, 0x6, 0x9, 0x4, 0x30d5]}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x23}}, @code={0xa, 0x84, {"000c0078000028d5007008d5007008d5605781d20000b8f2e10080d2220080d2e30180d2a40080d2020000d480a79ad20000b0f2410080d2820180d2c30080d2640080d2020000d480c896d200a0b8f2410080d2620180d2030080d2a40080d2020000d40070200e007008d5000008d5"}}, @irq_setup={0x46, 0x18, {0x4, 0x2c0}}, @code={0xa, 0x84, {"000008d5000028d50004002f0000003820cb8ed20000b0f2e10180d2a20080d2430080d2640080d2020000d4007008d50040261e000008d520b19dd20040b8f2a10180d2a20180d2c30180d2240180d2020000d4a04788d200a0b8f2a10080d2020080d2030180d2e40080d2020000d4"}}, @mrs={0xbe, 0x18, {0x603000000013dce9}}], 0x694}, &(0x7f0000000840)=[@featur1={0x1, 0xac}], 0x1)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, r2, 0x200000d, 0x10, r3, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000880), 0x400, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x3)
ioctl$KVM_GET_MP_STATE(r3, 0x8004ae98, &(0x7f00000008c0))
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000000940)=@attr_other={0x0, 0x8001, 0x7, &(0x7f0000000900)=0x6})
ioctl$KVM_INTERRUPT(r3, 0x4004ae86, &(0x7f0000000980)=0x7)
ioctl$KVM_GET_DEVICE_ATTR(r0, 0x4018aee2, &(0x7f0000000a00)=@attr_other={0x0, 0xf, 0x0, &(0x7f00000009c0)=0x2})
ioctl$KVM_SET_DEVICE_ATTR(r0, 0x4018aee1, &(0x7f0000000a80)=@attr_other={0x0, 0xffffffff, 0x2, &(0x7f0000000a40)=0x7})
ioctl$KVM_ARM_VCPU_FINALIZE(r3, 0x4004aec2, &(0x7f0000000ac0)=0x6)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000b00)={0x8080000, 0x1c000})
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x35)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000b80)=@arm64_ccsidr={0x6020000000110006, &(0x7f0000000b40)=0x7b87})
ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000000bc0)={0x3, [0x7fff, 0x1, 0x2]})
ioctl$KVM_SET_DEVICE_ATTR(r0, 0x4018aee1, &(0x7f0000000c40)=@attr_arm64={0x0, 0x7, 0x0, &(0x7f0000000c00)=0x200000})
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2b)
r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x17)
ioctl$KVM_CHECK_EXTENSION_VM(r7, 0xae03, 0x7)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x23)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000cc0)=@arm64_sys={0x603000000013defd, &(0x7f0000000c80)=0x3})
ioctl$KVM_CAP_ARM_USER_IRQ(r5, 0x4068aea3, &(0x7f0000000d00))
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xe)

25m20.507898325s ago: executing program 4 (id=262):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x2, 0x2, 0x7c}}], 0x28}, 0x0, 0x0)
r5 = syz_kvm_vgic_v3_setup(r2, 0xffffffffffbffffc, 0x300)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x5, 0x0, &(0x7f0000000000)=0x6})
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x400001e)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000100)={0xf09, 0x8080000, 0x0, r8})
syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x28)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
close(r11)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x2e)
close(r11)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f0000000580)=[@msr={0x14, 0x20, {0x603000000013c4f1, 0x8000}}, @smc={0x1e, 0x40, {0x84000006, [0xa000400000000000, 0x0, 0x5, 0x2, 0xfffffffffffffffe]}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x32d}}, @memwrite={0x6e, 0x30, @generic={0x8000000, 0xcc5, 0x200}}, @msr={0x14, 0x20, {0x603000000013e6c7, 0xffffffffffff604f}}, @msr={0x14, 0x20, {0x603000000013df53, 0x8000}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x358}}, @msr={0x14, 0x20, {0x603000000013dce5, 0xffffffff}}, @hvc={0x32, 0x40, {0x40000000, [0x6e, 0xffd, 0x3d1e, 0x89, 0x5]}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8002}}], 0x1a0}, &(0x7f0000000300)=[@featur1={0x1, 0xa}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r14, 0x3, 0x11, r13, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)

25m6.487656275s ago: executing program 5 (id=263):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000700)={0x7, 0x0})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000240)={0x200002f}) (async)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000240)={0x200002f})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x12c)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000040)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x80000000})
openat$kvm(0x0, &(0x7f0000000040), 0x42800, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x42800, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x2000006, 0x10, r3, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x2000006, 0x10, r3, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x10, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x10, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e700", 0x0, 0x48)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0xaf832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0, 0x58030, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000) (async)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r2, 0x4068aea3, &(0x7f0000000300)={0xdf, 0x0, 0x4000})
munmap(&(0x7f0000f7c000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000d85000/0x1000)=nil, 0x930, 0x2, 0x10, r3, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur2={0x1, 0x12}], 0x1)

24m57.808863415s ago: executing program 4 (id=264):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x7e)
r1 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x20000000)
r2 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x3cd040, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x59)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013e08d, &(0x7f00000000c0)=0x6db})
r10 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r10, r11, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1e000000000000004000000000000000000000ef000000003a08000000000000010000000000000002c0f70000000000030000000000000004020000000000001400000000000000200000000000000084"], 0x60}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r11, 0x8040ae9f, &(0x7f0000000080))
r12 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r12, 0x4010ae42, &(0x7f0000000000)={0xa4a605311ad0de6b, 0x0, &(0x7f0000c67000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f000073e000/0x400000)=nil)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)

24m19.207589925s ago: executing program 36 (id=263):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000700)={0x7, 0x0})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000240)={0x200002f}) (async)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000240)={0x200002f})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x12c)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000040)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x80000000})
openat$kvm(0x0, &(0x7f0000000040), 0x42800, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x42800, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x2000006, 0x10, r3, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x2000006, 0x10, r3, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x10, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x10, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e700", 0x0, 0x48)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0xaf832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0, 0x58030, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000) (async)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r2, 0x4068aea3, &(0x7f0000000300)={0xdf, 0x0, 0x4000})
munmap(&(0x7f0000f7c000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000d85000/0x1000)=nil, 0x930, 0x2, 0x10, r3, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur2={0x1, 0x12}], 0x1)

24m9.906891928s ago: executing program 37 (id=264):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x7e)
r1 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x20000000)
r2 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x3cd040, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x59)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013e08d, &(0x7f00000000c0)=0x6db})
r10 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r10, r11, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1e000000000000004000000000000000000000ef000000003a08000000000000010000000000000002c0f70000000000030000000000000004020000000000001400000000000000200000000000000084"], 0x60}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r11, 0x8040ae9f, &(0x7f0000000080))
r12 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r12, 0x4010ae42, &(0x7f0000000000)={0xa4a605311ad0de6b, 0x0, &(0x7f0000c67000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f000073e000/0x400000)=nil)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)

16m29.815806935s ago: executing program 6 (id=265):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x400]}}], 0x40}, 0x0, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x30, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, 0x0, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0x40086602, 0x110e22ffff)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
write$eventfd(0xffffffffffffffff, 0x0, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, 0x0, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x28)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r5, 0x3, 0x40b2811, r4, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

16m14.678408287s ago: executing program 7 (id=266):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r4, 0x3, 0x11, r3, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x200, 0x0)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000180)=[@hvc={0x32, 0x40, {0x84000007, [0x60e, 0xfffffffffffffffb, 0x4, 0x8, 0x1]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x1, 0x1, 0x0, 0x8001, 0x3}}], 0x68}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
close(0x4)
close(0x5)
mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, 0x0, 0x2000003, 0x11, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31)
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)

16m5.221472578s ago: executing program 6 (id=267):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2d)
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000000500)={0x10002, 0x0, &(0x7f00004db000/0x4000)=nil})
r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000480)={0x0, &(0x7f0000000080)=[@smc={0x1e, 0x40, {0x84000003, [0x0, 0xd, 0x8]}}, @uexit={0x0, 0x18, 0x4}, @hvc={0x32, 0x40, {0x80000000, [0x9, 0x5, 0xfffffffffffffffa, 0x6, 0x20000000]}}, @irq_setup={0x46, 0x18, {0x4, 0x1c7}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x96}}, @uexit={0x0, 0x18, 0x8}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x1, 0xd, 0x4, 0x9, 0x1}}, @hvc={0x32, 0x40, {0x86000000, [0x2, 0x6, 0xf6d, 0x7e5, 0x1]}}, @msr={0x14, 0x20, {0x603000000013df7f, 0x4}}], 0x178}, &(0x7f00000004c0)=[@featur2={0x1, 0x14}], 0x1)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, r3, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0x40086602, 0x110e22ffff)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)
r5 = eventfd2(0xfffffffa, 0x80001)
write$eventfd(r5, &(0x7f0000000200)=0x8, 0x8)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="37d3116035d7513e9a000200018000", 0x0, 0x43)
ioctl$KVM_CHECK_EXTENSION(r4, 0x40086602, 0x110e227ffe)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x28)
r8 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f000041e000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_cpu$arm64(r7, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0a00000000000000cc00000000000000e0ef9ad200c0b8f2410080d2e20080d2430080d2e40180d2020000d4e0be9cd20040040000000000000080d2630180d2840180d2020000d40000681e0000000b0000399e003c202ea04c8ad200e0b0f2610180d2c20180d2a30080d2640180d2020000d4c0ed81d20000b8f2810180d2820180d2a30180d2640080d2020000d4a0a189d20060b0f2410180d2820180d2230080d2240180d2020000d4804e82d20020b0f2810180d2020180d2830180d2a40080d2020000d4c0035fd6aa00000000000000280000000000000003010400000000000000090000000e0000000000000000003200000000000000400000000000000000000006000000000000000000000000f7780000000000000800000000000000030000000000000009000000000000001e0000000000000040000000000000000900008400000000050000000000000010000000000000007f0d0000000000000010000000000000050000000000000046000000000000001800000000000000000000005a000000be00000000000000180000000000000028981300000030601400000000000000200000000000000085c01300000030600100000001000000320000000000000040000000000000000b000084000000000400000000000000080000000000000006000000000000000600000000000000dd00000000000000be000000000000001800000000000000fe77000000000000"], 0x21c}], 0x1, 0x0, 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)

15m26.11719928s ago: executing program 38 (id=266):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r4, 0x3, 0x11, r3, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x200, 0x0)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000180)=[@hvc={0x32, 0x40, {0x84000007, [0x60e, 0xfffffffffffffffb, 0x4, 0x8, 0x1]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x1, 0x1, 0x0, 0x8001, 0x3}}], 0x68}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
close(0x4)
close(0x5)
mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, 0x0, 0x2000003, 0x11, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31)
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)

15m14.538023348s ago: executing program 39 (id=267):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2d)
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000000500)={0x10002, 0x0, &(0x7f00004db000/0x4000)=nil})
r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000480)={0x0, &(0x7f0000000080)=[@smc={0x1e, 0x40, {0x84000003, [0x0, 0xd, 0x8]}}, @uexit={0x0, 0x18, 0x4}, @hvc={0x32, 0x40, {0x80000000, [0x9, 0x5, 0xfffffffffffffffa, 0x6, 0x20000000]}}, @irq_setup={0x46, 0x18, {0x4, 0x1c7}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x96}}, @uexit={0x0, 0x18, 0x8}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x1, 0xd, 0x4, 0x9, 0x1}}, @hvc={0x32, 0x40, {0x86000000, [0x2, 0x6, 0xf6d, 0x7e5, 0x1]}}, @msr={0x14, 0x20, {0x603000000013df7f, 0x4}}], 0x178}, &(0x7f00000004c0)=[@featur2={0x1, 0x14}], 0x1)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, r3, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0x40086602, 0x110e22ffff)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)
r5 = eventfd2(0xfffffffa, 0x80001)
write$eventfd(r5, &(0x7f0000000200)=0x8, 0x8)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="37d3116035d7513e9a000200018000", 0x0, 0x43)
ioctl$KVM_CHECK_EXTENSION(r4, 0x40086602, 0x110e227ffe)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x28)
r8 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f000041e000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_cpu$arm64(r7, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0a00000000000000cc00000000000000e0ef9ad200c0b8f2410080d2e20080d2430080d2e40180d2020000d4e0be9cd20040040000000000000080d2630180d2840180d2020000d40000681e0000000b0000399e003c202ea04c8ad200e0b0f2610180d2c20180d2a30080d2640180d2020000d4c0ed81d20000b8f2810180d2820180d2a30180d2640080d2020000d4a0a189d20060b0f2410180d2820180d2230080d2240180d2020000d4804e82d20020b0f2810180d2020180d2830180d2a40080d2020000d4c0035fd6aa00000000000000280000000000000003010400000000000000090000000e0000000000000000003200000000000000400000000000000000000006000000000000000000000000f7780000000000000800000000000000030000000000000009000000000000001e0000000000000040000000000000000900008400000000050000000000000010000000000000007f0d0000000000000010000000000000050000000000000046000000000000001800000000000000000000005a000000be00000000000000180000000000000028981300000030601400000000000000200000000000000085c01300000030600100000001000000320000000000000040000000000000000b000084000000000400000000000000080000000000000006000000000000000600000000000000dd00000000000000be000000000000001800000000000000fe77000000000000"], 0x21c}], 0x1, 0x0, 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)

3m32.66720585s ago: executing program 8 (id=278):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x7e)
r1 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x2, 0x100)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000000)={0x8000000, 0x5000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x20000000)
r6 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x3000003, 0x4010, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r7 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x59)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r9, 0x4010ae42, &(0x7f0000000000)={0xa4a605311ad0de6b, 0x0, &(0x7f0000c67000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f000073e000/0x400000)=nil)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)

3m2.37770476s ago: executing program 8 (id=280):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000080)={0x1ff, 0x401}})
r5 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, 0x0)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_REG_LIST(r10, 0xc008aeb0, 0xffffffffffffffff)
r11 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f00000000c0)={0x0, &(0x7f0000000300)=[@mrs={0xbe, 0x18, {0x603000000013c298}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)

2m53.25333047s ago: executing program 9 (id=281):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x0, 0x200000000000001}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x2, 0x9, 0x0, 0xfffffffd}}], 0x50}, 0x0, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1d)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x3) (async)
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) (async)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) (async)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r1, 0x4010aeb5, 0xffffffffffffffff)
syz_kvm_vgic_v3_setup(r7, 0x4, 0x3a0) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) (async)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x43ff})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_init)
ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, 0x0) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
close(0x4)
close(0x5) (async)
r11 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1b6}}], 0x28}, 0x0, 0x7) (async)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8})

2m31.520731531s ago: executing program 8 (id=282):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$arm64(r1, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, &(0x7f0000000200)=[@uexit={0x0, 0x18, 0x10}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x2d7}}, @eret={0xe6, 0x18, 0xffffffff}, @mrs={0xbe, 0x18, {0x6030000000138057}}, @eret={0xe6, 0x18, 0x200}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x1, 0xf, 0x9cff, 0x80000000, 0x2}}, @hvc={0x32, 0x40, {0x84000005, [0xf70, 0x5, 0x100, 0x1, 0x9c2d]}}, @hvc={0x32, 0x40, {0xc4000005, [0x1, 0x6c, 0x9, 0x7fffffff, 0x2]}}, @svc={0x122, 0x40, {0x20, [0x7, 0x1, 0x4, 0xb3, 0x7]}}, @memwrite={0x6e, 0x30, @generic={0xf7ffd000, 0xfed, 0x7, 0x8}}, @uexit={0x0, 0x18, 0x3}, @msr={0x14, 0x20, {0x603000000013c008, 0x4}}, @code={0xa, 0x9c, {"000028d5a04a94d200a0b0f2810180d2620080d2630080d2840080d2020000d4a0a49ed20000b8f2e10080d2e20080d2230080d2e40180d2020000d40004803c00009f0d000028d500808088604e89d20080b0f2010080d2620180d2430180d2240180d2020000d460a78bd20060b8f2810180d2020080d2a30180d2c40180d2020000d400f8b07e"}}, @irq_setup={0x46, 0x18, {0x2, 0x16f}}, @mrs={0xbe, 0x18, {0x603000000013e015}}, @msr={0x14, 0x20, {0x603000000013df6d, 0x800}}, @uexit={0x0, 0x18, 0x8000000000000001}, @hvc={0x32, 0x40, {0x8, [0x1ff, 0x0, 0x3, 0x7]}}, @code={0xa, 0xcc, {"80b782d200e0b0f2210180d2820180d2e30180d2240180d2020000d4c02099d20080b8f2410080d2e20180d2a30180d2c40080d2020000d4007008d50000202b007008d580db8cd20060b0f2010180d2820080d2630080d2a40180d2020000d480f68ad20040b0f2c10180d2020080d2830080d2640180d2020000d40088210e20c08dd200c0b8f2410080d2620180d2630080d2240180d2020000d4e04c90d200c0b0f2210180d2e20080d2c30080d2c40180d2020000d4"}}, @uexit={0x0, 0x18, 0xc42a}, @irq_setup={0x46, 0x18, {0x2, 0x3b7}}, @smc={0x1e, 0x40, {0x0, [0x6a, 0x8, 0x2, 0x0, 0x8]}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x113}}, @irq_setup={0x46, 0x18, {0x4, 0x7b}}, @msr={0x14, 0x20, {0x603000000013dea4, 0x920}}, @uexit={0x0, 0x18, 0x6}, @irq_setup={0x46, 0x18, {0x4, 0x260}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffd0, 0x10, 0x8}}, @smc={0x1e, 0x40, {0x84000008, [0x1, 0x37d, 0x7, 0x0, 0x6]}}], 0x558}], 0x1, 0x0, &(0x7f0000000140)=[@featur2={0x1, 0xe6}], 0x1)
r2 = openat$kvm(0x0, &(0x7f00000000c0), 0x8b41, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000080)={0xb})
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r7, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000521000/0x3000)=nil, r7, 0xa, 0x40010, r5, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x13, r8, 0x0)
ioctl$KVM_SET_MP_STATE(r5, 0x4004ae99, &(0x7f00000001c0)=0x3)

2m27.139641731s ago: executing program 9 (id=283):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000040)=0xe7})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000080)=0xe7})
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000001c0)={0x0, &(0x7f00000003c0)=[@hvc={0x32, 0x40, {0x80000001, [0xb, 0x6, 0x3, 0x8, 0xecf]}}, @code={0xa, 0x9c, {"000028d5407c89d200a0b8f2c10180d2620180d2830080d2640180d2020000d4a0bc80d20040b0f2810080d2820180d2830180d2c40180d2020000d4007c209b0018200e0068284e00f887d200c0b0f2410080d2620080d2430080d2840080d2020000d4007c009b60b19dd200e0b0f2010080d2e20180d2230080d2440180d2020000d40018200e"}}, @hvc={0x32, 0x40, {0x84000052, [0x7, 0x1, 0x9, 0x7, 0x100000001]}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x3f6}}, @smc={0x1e, 0x40, {0x0, [0x9, 0x5f46, 0x9, 0x200, 0x100000001]}}, @uexit={0x0, 0x18, 0x1}, @mrs={0xbe, 0x18, {0x603000000013df77}}, @uexit={0x0, 0x18}, @mrs={0xbe, 0x18, {0x603000000013dea0}}, @uexit={0x0, 0x18, 0x3}, @smc={0x1e, 0x40, {0x86000001, [0xffffffffffff7fff, 0x3, 0x0, 0x5, 0x8]}}, @code={0xa, 0x84, {"0060c00c007008d540da80d200e0b0f2210180d2a20180d2230180d2840080d2020000d400a4006f000028d5007008d50000429e40ac86d20080b0f2410180d2220180d2c30080d2a40080d2020000d440c692d200e0b8f2010180d2220080d2630080d2640180d2020000d4008008d5"}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff8, 0x4, 0x8}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x10040, 0x6}}], 0x320}, &(0x7f0000000200)=[@featur2={0x1, 0x12}], 0x1)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_REG_LIST(r10, 0xc008aeb0, &(0x7f0000000380)={0x20000135})
r11 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x40)
syz_kvm_setup_cpu$arm64(r11, r12, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r12, 0x4010aeab, &(0x7f00000000c0)=@arm64_core={0x603000000010004e, &(0x7f0000000100)=0x8000})
r13 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f00000011c0)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f00000000c0)=0x8})
ioctl$KVM_RUN(r14, 0xae80, 0x0)

2m2.195617813s ago: executing program 8 (id=284):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r4 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r3, 0x2, 0x12, r2, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r6, 0xae03, 0xf0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)

1m57.265538705s ago: executing program 9 (id=285):
r0 = syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x200)
ioctl$KVM_HAS_DEVICE_ATTR(r0, 0x4018aee3, &(0x7f0000000040)=@attr_arm64={0x0, 0x1, 0x4, &(0x7f0000000000)=0xa2a5}) (async)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000080)={0xa8, 0x0, 0x3})
r1 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r1, 0x4018aee3, &(0x7f0000000140)=@attr_other={0x0, 0x2, 0xffff, &(0x7f0000000100)=0x2}) (async)
munmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000) (async)
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000180)={0x10003, 0x0, &(0x7f0000ffc000/0x2000)=nil})
ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000000200)=@attr_other={0x0, 0x6b, 0x2, &(0x7f00000001c0)=0xfffffffffffffff9})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x50000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x5)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000280)={0x10200, 0x4, 0x1000, 0x2000, &(0x7f0000ffa000/0x2000)=nil}) (async)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) (async)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0xb) (async)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r1, 0x4010aeb5, &(0x7f00000002c0)={0x9, 0x2}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000300)={0x0, 0x0, 0xf000, 0x1000, &(0x7f0000ffa000/0x1000)=nil})
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000340)={0x1fd, 0x0, &(0x7f0000ffa000/0x1000)=nil}) (async)
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000380)={0x2, 0x0, &(0x7f0000ffa000/0x3000)=nil})
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r1, 0x4018aee2, &(0x7f0000000400)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f00000003c0)={0x4, 0x9, 0x1}}) (async)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000000480)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000440)={0x2, 0x8, 0x2}})
munmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000004c0)={0x10001, 0x0, 0x10000, 0x1000, &(0x7f0000ffa000/0x1000)=nil}) (async)
ioctl$KVM_CAP_ARM_USER_IRQ(r4, 0x4068aea3, &(0x7f0000000500))
munmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) (async)
ioctl$KVM_RUN(r1, 0xae80, 0x0) (async)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(0xffffffffffffffff, 0x4010aeb5, &(0x7f0000000580)={0x9, 0xac}) (async)
ioctl$KVM_SIGNAL_MSI(r3, 0x4020aea5, &(0x7f00000005c0)={0x4, 0x1, 0x2, 0x1, 0x800})
ioctl$KVM_CAP_ARM_USER_IRQ(r4, 0x4068aea3, &(0x7f0000000600)) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000680)={0x10000, 0x6, 0x8000000, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) (async)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r4, 0x4068aea3, &(0x7f00000006c0))

1m39.743442673s ago: executing program 9 (id=286):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x408c00, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3b)
syz_kvm_setup_cpu$arm64(r2, r1, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000600)=ANY=[], 0xf0}], 0x0, 0x0, &(0x7f0000000240)=[@featur2={0x1, 0x100}], 0x1)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000100)=ANY=[@ANYBLOB="0400000000000000010400000300000000000000000000000800000000000000873a433900000000060000000800000002000000090000000000000002000000010000000000000005000000000000000800000000000000030000000000000003000000ff0300000100000004000000000000000000000003000000000000000200000000000000010000000000008007000000c60000000900000002000000010000000000000065ec000000000000020000000000000005000000000000000e000000c606000022"])
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f00000002c0)={0x5, 0x8})
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x3ff})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_GET_STATS_FD_cpu(r1, 0xaece)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8800, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x300, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x28)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r8, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000}) (async)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r8, 0x4068aea3, &(0x7f0000000140)={0xdf, 0x0, 0x2000})
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x23)

1m37.059880439s ago: executing program 8 (id=287):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async)
r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 32)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 32)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000adb000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0) (async)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r2, 0x4018aee2, &(0x7f0000000140)=@attr_other={0x0, 0x9, 0x5, &(0x7f0000000200)=0x5}) (async)
r7 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x8)
r9 = eventfd2(0x0, 0x800)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x1}) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, 0x0, 0x1000004, 0x11, r9, 0x0) (async)
r10 = syz_kvm_vgic_v3_setup(r8, 0x1, 0x300) (async)
r11 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x10000003fffffffd)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r13, 0x4018aee2, 0x0) (async)
syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000002000/0x400000)=nil) (async)
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0xc, 0x952, &(0x7f0000000000)=0x7}) (async)
r14 = openat$kvm(0x0, &(0x7f00000001c0), 0x329100, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x31)
r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil)
r17 = syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r17, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010003c, &(0x7f0000000140)=0x7})
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)

1m15.029395505s ago: executing program 8 (id=288):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x17)
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000000)={0x6, <r1=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR_vm(r0, 0x4018aee1, &(0x7f0000000080)=@attr_other={0x0, 0x8, 0x4, &(0x7f0000000040)=0x6})
ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f00000000c0)={0xfffffffd, 0x100})
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000100)={0xa, 0xffffffffffffffff, 0x1})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1e)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x34)
ioctl$KVM_SET_DEVICE_ATTR_vm(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0xfffeffff, 0x0, &(0x7f0000000180)=0x1df})
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bfd000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000400)={0x0, &(0x7f0000000200)=[@msr={0x14, 0x20, {0x603000000013c527, 0x30000000000}}, @mrs={0xbe, 0x18, {0x603000000013e293}}, @mrs={0xbe, 0x18, {0x603000000013878b}}, @irq_setup={0x46, 0x18, {0x3, 0x31}}, @msr={0x14, 0x20, {0x603000000013d801}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x282}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x100, 0x10001}}, @svc={0x122, 0x40, {0xc4000014, [0x8000000000000000, 0x60, 0x2, 0x3ddd, 0x46]}}, @hvc={0x32, 0x40, {0x84000052, [0xffffffffffffffff, 0xe, 0xfff, 0x4, 0x100000000]}}, @mrs={0xbe, 0x18, {0x603000000013e2b0}}, @hvc={0x32, 0x40, {0xc4000003, [0x9, 0x373, 0x8, 0x3, 0x101]}}, @uexit={0x0, 0x18, 0x88f}, @irq_setup={0x46, 0x18, {0x3, 0xc0}}], 0x1e8}, &(0x7f0000000440)=[@featur2={0x1, 0x84}], 0x1)
ioctl$KVM_CHECK_EXTENSION_VM(r5, 0xae03, 0xa)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r0, 0x4068aea3, &(0x7f0000000480)={0xe4, 0x0, 0x8})
ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f0000000540)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000500)=0x3})
r8 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x20)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000580)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x9f0})
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f00000005c0)={0x6, <r9=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f0000000640)=@attr_other={0x0, 0x8001, 0x0, &(0x7f0000000600)=0x1})
syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000a40)=[{0x0, &(0x7f0000000680)=[@code={0xa, 0x84, {"0300a0d4007008d5000c407c008008d5a01698d20060b8f2e10080d2420180d2e30080d2040080d2020000d4c0ad8cd20080b8f2010180d2a20080d2830080d2240080d2020000d4008008d580d291d200c0b0f2810080d2820180d2630080d2e40180d2020000d40000204b0000031e"}}, @mrs={0xbe, 0x18, {0x603000000013def7}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x18, 0x6, 0x4}}, @code={0xa, 0x9c, {"008008d50060204e40259ed200a0b8f2c10180d2a20080d2630080d2440180d2020000d400609f0c60e693d200c0b0f2c10080d2e20080d2c30180d2440180d2020000d40054200e007ca09b80bd89d200a0b0f2a10180d2020080d2830180d2840080d2020000d4000008d560488bd20020b0f2610180d2e20180d2c30080d2040180d2020000d4"}}, @eret={0xe6, 0x18, 0xab}, @hvc={0x32, 0x40, {0x20, [0xf4f, 0xb87, 0x1ff, 0x3800000, 0x9]}}, @eret={0xe6, 0x18, 0x2}, @code={0xa, 0x6c, {"000028d5000800f8000008d5007008d5007008d5e003202a20f88bd200e0b0f2a10080d2020080d2a30180d2c40180d2020000d4008008d5000028d520ea81d200c0b0f2410080d2e20080d2430080d2240080d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x1, 0xf, 0x1000, 0x1, 0x4}}, @eret={0xe6, 0x18, 0x5}, @hvc={0x32, 0x40, {0x8400000c, [0x3, 0xe000000000000000, 0x6, 0x4, 0x9]}}, @uexit={0x0, 0x18, 0xfffffffffffffe02}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x1b0}}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x2dd}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x38f}}, @hvc={0x32, 0x40, {0x84000051, [0x5, 0x4, 0x5, 0x7, 0x2]}}], 0x394}], 0x1, 0x0, &(0x7f0000000a80)=[@featur1={0x1, 0x1}], 0x1)
r10 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x11)
ioctl$KVM_CAP_DIRTY_LOG_RING(r10, 0x4068aea3, &(0x7f0000000ac0)={0xc0, 0x0, 0xc000})
r11 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x4)
r12 = eventfd2(0x7, 0x0)
ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f0000000b40)={0x401, 0x100000, 0x8, r12, 0x9})
ioctl$KVM_HAS_DEVICE_ATTR_vm(r3, 0x4018aee3, &(0x7f0000000bc0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000b80)={0x3, 0x8, 0x2}})
syz_kvm_vgic_v3_setup(r0, 0x4, 0x40)
syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r8, 0x4068aea3, &(0x7f0000000c00)={0xe4, 0x0, 0x100000001})

1m13.357064259s ago: executing program 9 (id=289):
ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000000)={0x5d, "ea2851aa8aac21a8293dce9b1be442f329d76d67d7e252a214c7577c0d44c471bca786d39e2e17101d265eb20001697a47d3cd092159e62bea6e6f7fb96d6f91dfe9c6109f3988487f81db3b355f89ac0c872867a0062af08617b67029"}) (async)
ioctl$KVM_ARM_SET_DEVICE_ADDR(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000080)={0x2, 0x8080000})
r0 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r0, 0x4018aee3, &(0x7f0000000100)=@attr_other={0x0, 0x311f, 0x2, &(0x7f00000000c0)})
ioctl$KVM_ARM_SET_DEVICE_ADDR(r0, 0x4010aeab, &(0x7f0000000140)={0x100000000, 0x2}) (async)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r0, 0x4018aee3, &(0x7f00000001c0)=@attr_other={0x0, 0x3, 0x10000, &(0x7f0000000180)=0xfffffffffffffff7})
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000200)={0x1fe, 0x1, 0x10000, 0x1000, &(0x7f0000fff000/0x1000)=nil}) (async)
ioctl$KVM_ARM_VCPU_FINALIZE(r0, 0x4004aec2, &(0x7f0000000240)=0x7)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x8, 0x0, &(0x7f0000000280)=0xfd})
ioctl$KVM_GET_REGS(r0, 0x8360ae81, &(0x7f0000000300)) (async)
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f00000003c0)={0xa, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000000400)={0xfd, 0x3}) (async)
ioctl$KVM_SET_REGS(r0, 0x4360ae82, &(0x7f0000000440)={[0x9, 0x3, 0x5, 0x6, 0x0, 0xa9, 0x8, 0x10001, 0x4, 0x0, 0x3ff, 0x1, 0x6, 0xfffffffffffffffc, 0x3, 0xb], 0x5000, 0x40000}) (async)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000600)={0x0, &(0x7f0000000500)=[@its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x2, 0x8, 0x8, 0xffffff7e, 0x3}}, @irq_setup={0x46, 0x18, {0x3, 0x800}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x0, 0x9, 0x3}}, @eret={0xe6, 0x18}, @mrs={0xbe, 0x18, {0x603000000013c529}}, @hvc={0x32, 0x40, {0x800, [0x9, 0x4, 0x14, 0x1, 0x7]}}], 0xe0}, &(0x7f0000000640)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_INTERRUPT(r1, 0x4004ae86, &(0x7f0000000680)=0xe97)
ioctl$KVM_HAS_DEVICE_ATTR(r0, 0x4018aee3, &(0x7f0000000700)=@attr_other={0x0, 0x8, 0x3, &(0x7f00000006c0)=0x4}) (async)
ioctl$KVM_GET_ONE_REG(r1, 0x4010aeab, &(0x7f0000000780)=@arm64_fw={0x6030000000140000, &(0x7f0000000740)=0x5}) (async)
ioctl$KVM_INTERRUPT(r1, 0x4004ae86, &(0x7f00000007c0)=0x1000)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r0, 0x4018aee2, &(0x7f0000000800)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0xfffffffffffffffc}) (async)
ioctl$KVM_SET_REGS(r0, 0x4360ae82, &(0x7f0000000840)={[0x9, 0xc27, 0x7, 0x6, 0x3, 0x5, 0x77, 0x2400000000000, 0xd, 0x9, 0x0, 0x8, 0x6, 0xa, 0x0, 0x80000001], 0x1, 0x28080}) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f0000000900)={0xd000, 0x100000}) (async)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async)
ioctl$KVM_GET_ONE_REG(r0, 0x4010aeab, &(0x7f0000000980)=@arm64_extra={0x603000000013c103, &(0x7f0000000940)=0x40})
syz_kvm_vgic_v3_setup(r0, 0x1, 0x180)
ioctl$KVM_ARM_PREFERRED_TARGET(r1, 0x8020aeaf, &(0x7f00000009c0)) (async)
ioctl$KVM_GET_VCPU_EVENTS(r0, 0x8040ae9f, &(0x7f0000000a00)) (async)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) (async)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r0, 0x4010aeab, &(0x7f0000000a40)={0xffffffffffffff34, 0x5498979e5335e667})
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000a80)={0x1})

55.899711989s ago: executing program 9 (id=290):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0xe00, 0x100000001, 0x5}}], 0x30}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1)
mmap$KVM_VCPU(&(0x7f0000c81000/0x2000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000647000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000f06000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
write$eventfd(r7, &(0x7f00000001c0)=0x7ffffff, 0xfffffd77)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r8, 0xae03, 0xa8)

26.457185669s ago: executing program 40 (id=288):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x17)
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000000)={0x6, <r1=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR_vm(r0, 0x4018aee1, &(0x7f0000000080)=@attr_other={0x0, 0x8, 0x4, &(0x7f0000000040)=0x6})
ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f00000000c0)={0xfffffffd, 0x100})
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000100)={0xa, 0xffffffffffffffff, 0x1})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1e)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x34)
ioctl$KVM_SET_DEVICE_ATTR_vm(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0xfffeffff, 0x0, &(0x7f0000000180)=0x1df})
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bfd000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000400)={0x0, &(0x7f0000000200)=[@msr={0x14, 0x20, {0x603000000013c527, 0x30000000000}}, @mrs={0xbe, 0x18, {0x603000000013e293}}, @mrs={0xbe, 0x18, {0x603000000013878b}}, @irq_setup={0x46, 0x18, {0x3, 0x31}}, @msr={0x14, 0x20, {0x603000000013d801}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x282}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x100, 0x10001}}, @svc={0x122, 0x40, {0xc4000014, [0x8000000000000000, 0x60, 0x2, 0x3ddd, 0x46]}}, @hvc={0x32, 0x40, {0x84000052, [0xffffffffffffffff, 0xe, 0xfff, 0x4, 0x100000000]}}, @mrs={0xbe, 0x18, {0x603000000013e2b0}}, @hvc={0x32, 0x40, {0xc4000003, [0x9, 0x373, 0x8, 0x3, 0x101]}}, @uexit={0x0, 0x18, 0x88f}, @irq_setup={0x46, 0x18, {0x3, 0xc0}}], 0x1e8}, &(0x7f0000000440)=[@featur2={0x1, 0x84}], 0x1)
ioctl$KVM_CHECK_EXTENSION_VM(r5, 0xae03, 0xa)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r0, 0x4068aea3, &(0x7f0000000480)={0xe4, 0x0, 0x8})
ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f0000000540)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000500)=0x3})
r8 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x20)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000580)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x9f0})
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f00000005c0)={0x6, <r9=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f0000000640)=@attr_other={0x0, 0x8001, 0x0, &(0x7f0000000600)=0x1})
syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000a40)=[{0x0, &(0x7f0000000680)=[@code={0xa, 0x84, {"0300a0d4007008d5000c407c008008d5a01698d20060b8f2e10080d2420180d2e30080d2040080d2020000d4c0ad8cd20080b8f2010180d2a20080d2830080d2240080d2020000d4008008d580d291d200c0b0f2810080d2820180d2630080d2e40180d2020000d40000204b0000031e"}}, @mrs={0xbe, 0x18, {0x603000000013def7}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x18, 0x6, 0x4}}, @code={0xa, 0x9c, {"008008d50060204e40259ed200a0b8f2c10180d2a20080d2630080d2440180d2020000d400609f0c60e693d200c0b0f2c10080d2e20080d2c30180d2440180d2020000d40054200e007ca09b80bd89d200a0b0f2a10180d2020080d2830180d2840080d2020000d4000008d560488bd20020b0f2610180d2e20180d2c30080d2040180d2020000d4"}}, @eret={0xe6, 0x18, 0xab}, @hvc={0x32, 0x40, {0x20, [0xf4f, 0xb87, 0x1ff, 0x3800000, 0x9]}}, @eret={0xe6, 0x18, 0x2}, @code={0xa, 0x6c, {"000028d5000800f8000008d5007008d5007008d5e003202a20f88bd200e0b0f2a10080d2020080d2a30180d2c40180d2020000d4008008d5000028d520ea81d200c0b0f2410080d2e20080d2430080d2240080d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x1, 0xf, 0x1000, 0x1, 0x4}}, @eret={0xe6, 0x18, 0x5}, @hvc={0x32, 0x40, {0x8400000c, [0x3, 0xe000000000000000, 0x6, 0x4, 0x9]}}, @uexit={0x0, 0x18, 0xfffffffffffffe02}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x1b0}}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x2dd}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x38f}}, @hvc={0x32, 0x40, {0x84000051, [0x5, 0x4, 0x5, 0x7, 0x2]}}], 0x394}], 0x1, 0x0, &(0x7f0000000a80)=[@featur1={0x1, 0x1}], 0x1)
r10 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x11)
ioctl$KVM_CAP_DIRTY_LOG_RING(r10, 0x4068aea3, &(0x7f0000000ac0)={0xc0, 0x0, 0xc000})
r11 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x4)
r12 = eventfd2(0x7, 0x0)
ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f0000000b40)={0x401, 0x100000, 0x8, r12, 0x9})
ioctl$KVM_HAS_DEVICE_ATTR_vm(r3, 0x4018aee3, &(0x7f0000000bc0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000b80)={0x3, 0x8, 0x2}})
syz_kvm_vgic_v3_setup(r0, 0x4, 0x40)
syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r8, 0x4068aea3, &(0x7f0000000c00)={0xe4, 0x0, 0x100000001})

0s ago: executing program 41 (id=290):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0xe00, 0x100000001, 0x5}}], 0x30}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1)
mmap$KVM_VCPU(&(0x7f0000c81000/0x2000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000647000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000f06000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
write$eventfd(r7, &(0x7f00000001c0)=0x7ffffff, 0xfffffd77)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r8, 0xae03, 0xa8)

kernel console output (not intermixed with test programs):

[  389.820070][ T3157] 8021q: adding VLAN 0 to HW filter on device bond0
[  440.603818][ T3157] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:5277' (ED25519) to the list of known hosts.
[  605.497272][   T25] audit: type=1400 audit(604.680:60): avc:  denied  { name_bind } for  pid=3309 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  607.434060][   T25] audit: type=1400 audit(606.620:61): avc:  denied  { execute } for  pid=3310 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  607.494150][   T25] audit: type=1400 audit(606.640:62): avc:  denied  { execute_no_trans } for  pid=3310 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  628.975640][   T25] audit: type=1400 audit(628.160:63): avc:  denied  { mounton } for  pid=3310 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  629.007660][   T25] audit: type=1400 audit(628.190:64): avc:  denied  { mount } for  pid=3310 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  629.091004][ T3310] cgroup: Unknown subsys name 'net'
[  629.145189][   T25] audit: type=1400 audit(628.330:65): avc:  denied  { unmount } for  pid=3310 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  629.547653][ T3310] cgroup: Unknown subsys name 'cpuset'
[  629.652553][ T3310] cgroup: Unknown subsys name 'rlimit'
[  630.582159][   T25] audit: type=1400 audit(629.770:66): avc:  denied  { setattr } for  pid=3310 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  630.602256][   T25] audit: type=1400 audit(629.790:67): avc:  denied  { mounton } for  pid=3310 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  630.632023][   T25] audit: type=1400 audit(629.820:68): avc:  denied  { mount } for  pid=3310 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  632.242134][ T3313] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  632.262852][   T25] audit: type=1400 audit(631.450:69): avc:  denied  { relabelto } for  pid=3313 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  632.290162][   T25] audit: type=1400 audit(631.470:70): avc:  denied  { write } for  pid=3313 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  632.480256][   T25] audit: type=1400 audit(631.660:71): avc:  denied  { read } for  pid=3310 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  632.498908][   T25] audit: type=1400 audit(631.680:72): avc:  denied  { open } for  pid=3310 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  632.544623][ T3310] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  684.383260][   T25] audit: type=1400 audit(683.570:73): avc:  denied  { execmem } for  pid=3314 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  688.884594][   T25] audit: type=1400 audit(688.070:74): avc:  denied  { read } for  pid=3316 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  688.931127][   T25] audit: type=1400 audit(688.090:75): avc:  denied  { open } for  pid=3317 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  688.990933][   T25] audit: type=1400 audit(688.160:76): avc:  denied  { mounton } for  pid=3316 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  689.221209][   T25] audit: type=1400 audit(688.410:77): avc:  denied  { module_request } for  pid=3316 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  690.372180][   T25] audit: type=1400 audit(689.560:78): avc:  denied  { sys_module } for  pid=3316 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  719.623680][ T3316] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  720.033632][ T3316] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  720.251693][ T3317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  720.529311][ T3317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  732.491328][ T3316] hsr_slave_0: entered promiscuous mode
[  732.520396][ T3316] hsr_slave_1: entered promiscuous mode
[  733.414950][ T3317] hsr_slave_0: entered promiscuous mode
[  733.455272][ T3317] hsr_slave_1: entered promiscuous mode
[  733.488488][ T3317] debugfs: 'hsr0' already exists in 'hsr'
[  733.492640][ T3317] Cannot create hsr debugfs directory
[  739.182062][   T25] audit: type=1400 audit(738.370:79): avc:  denied  { create } for  pid=3316 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  739.230263][   T25] audit: type=1400 audit(738.420:80): avc:  denied  { write } for  pid=3316 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  739.288496][   T25] audit: type=1400 audit(738.470:81): avc:  denied  { read } for  pid=3316 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  739.421635][ T3316] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  739.761148][ T3316] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  740.099432][ T3316] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  740.420218][ T3316] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  741.879847][ T3317] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  742.092208][ T3317] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  742.283677][ T3317] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  742.448702][ T3317] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  755.815351][ T3316] 8021q: adding VLAN 0 to HW filter on device bond0
[  758.259571][ T3317] 8021q: adding VLAN 0 to HW filter on device bond0
[  815.332577][ T3316] veth0_vlan: entered promiscuous mode
[  815.794162][ T3316] veth1_vlan: entered promiscuous mode
[  817.851034][ T3317] veth0_vlan: entered promiscuous mode
[  818.975117][ T3316] veth0_macvtap: entered promiscuous mode
[  819.251709][ T3317] veth1_vlan: entered promiscuous mode
[  819.641633][ T3316] veth1_macvtap: entered promiscuous mode
[  822.743054][ T3330] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  822.904980][ T3330] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  822.928987][ T3330] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  822.958195][ T3330] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  823.239781][ T3317] veth0_macvtap: entered promiscuous mode
[  824.275477][ T3317] veth1_macvtap: entered promiscuous mode
[  826.428078][   T25] audit: type=1400 audit(825.560:82): avc:  denied  { mount } for  pid=3316 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  826.630509][   T25] audit: type=1400 audit(825.810:83): avc:  denied  { mounton } for  pid=3316 comm="syz-executor" path="/syzkaller.kkUX7i/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  826.928697][   T25] audit: type=1400 audit(826.060:84): avc:  denied  { mount } for  pid=3316 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  827.487655][   T25] audit: type=1400 audit(826.600:85): avc:  denied  { mounton } for  pid=3316 comm="syz-executor" path="/syzkaller.kkUX7i/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  827.683349][   T25] audit: type=1400 audit(826.870:86): avc:  denied  { mounton } for  pid=3316 comm="syz-executor" path="/syzkaller.kkUX7i/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3766 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  827.818592][ T3330] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  827.930128][ T3330] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  827.932350][ T3330] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  827.984355][ T3330] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  828.672782][   T25] audit: type=1400 audit(827.800:87): avc:  denied  { unmount } for  pid=3316 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  829.018895][   T25] audit: type=1400 audit(828.200:88): avc:  denied  { mounton } for  pid=3316 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  829.185637][   T25] audit: type=1400 audit(828.290:89): avc:  denied  { mount } for  pid=3316 comm="syz-executor" name="/" dev="gadgetfs" ino=3776 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  829.828300][   T25] audit: type=1400 audit(829.010:90): avc:  denied  { mount } for  pid=3316 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  830.032279][   T25] audit: type=1400 audit(829.210:91): avc:  denied  { mounton } for  pid=3316 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  831.685242][ T3316] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  833.229461][   T25] kauditd_printk_skb: 1 callbacks suppressed
[  833.258411][   T25] audit: type=1400 audit(832.390:93): avc:  denied  { read write } for  pid=3316 comm="syz-executor" name="loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  833.277575][   T25] audit: type=1400 audit(832.450:94): avc:  denied  { open } for  pid=3316 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  833.351685][   T25] audit: type=1400 audit(832.530:95): avc:  denied  { ioctl } for  pid=3316 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  843.168998][   T25] audit: type=1400 audit(842.350:96): avc:  denied  { read } for  pid=3470 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  843.240370][   T25] audit: type=1400 audit(842.420:97): avc:  denied  { open } for  pid=3470 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  843.329275][   T25] audit: type=1400 audit(842.510:98): avc:  denied  { ioctl } for  pid=3470 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  867.252853][   T25] audit: type=1400 audit(866.440:99): avc:  denied  { append } for  pid=3493 comm="syz.0.6" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  870.582985][   T25] audit: type=1400 audit(869.760:100): avc:  denied  { write } for  pid=3493 comm="syz.0.6" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  916.643217][   T25] audit: type=1400 audit(915.810:101): avc:  denied  { execute } for  pid=3522 comm="syz.1.15" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4623 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[ 1047.358920][ T3601] kvm [3601]: Failed to find VMA for hva 0x21016000
[ 1471.230837][   T25] audit: type=1400 audit(1470.420:102): avc:  denied  { ioctl } for  pid=3873 comm="syz.1.126" path="net:[4026532628]" dev="nsfs" ino=4026532628 ioctlcmd=0xb703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1481.708741][   T25] audit: type=1400 audit(1480.880:103): avc:  denied  { setattr } for  pid=3879 comm="syz.0.127" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1579.041962][ T3943] kvm [3943]: Failed to find VMA for hva 0x20e8b000
[ 1718.460936][ T4014] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1719.305769][ T4014] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1720.610274][ T4014] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1721.813350][ T4014] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1738.523064][ T4014] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1738.675080][ T4014] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1738.792682][ T4014] bond0 (unregistering): Released all slaves
[ 1741.540331][ T4014] hsr_slave_0: left promiscuous mode
[ 1741.715203][ T4014] hsr_slave_1: left promiscuous mode
[ 1742.199058][ T4014] veth1_macvtap: left promiscuous mode
[ 1742.203070][ T4014] veth0_macvtap: left promiscuous mode
[ 1742.241553][ T4014] veth1_vlan: left promiscuous mode
[ 1742.245947][ T4014] veth0_vlan: left promiscuous mode
[ 1759.932301][ T4014] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1760.920870][ T4014] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1761.820254][ T4014] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1763.293319][ T4014] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1776.900635][ T4014] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1776.975163][ T4014] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1777.033354][ T4014] bond0 (unregistering): Released all slaves
[ 1778.348791][ T4014] hsr_slave_0: left promiscuous mode
[ 1778.398805][ T4014] hsr_slave_1: left promiscuous mode
[ 1778.962893][ T4014] veth1_macvtap: left promiscuous mode
[ 1778.987726][ T4014] veth0_macvtap: left promiscuous mode
[ 1779.000154][ T4014] veth1_vlan: left promiscuous mode
[ 1779.001768][ T4014] veth0_vlan: left promiscuous mode
[ 1808.333744][ T4003] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1808.560760][ T4003] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1812.462705][ T4011] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1812.734693][ T4011] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1828.993147][ T4003] hsr_slave_0: entered promiscuous mode
[ 1829.035207][ T4003] hsr_slave_1: entered promiscuous mode
[ 1834.559805][ T4011] hsr_slave_0: entered promiscuous mode
[ 1834.614463][ T4011] hsr_slave_1: entered promiscuous mode
[ 1834.662603][ T4011] debugfs: 'hsr0' already exists in 'hsr'
[ 1834.665604][ T4011] Cannot create hsr debugfs directory
[ 1845.067469][ T4003] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1845.707583][ T4003] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1846.091140][ T4003] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1846.544492][ T4003] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1851.868536][ T4011] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1852.290965][ T4011] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1852.644988][ T4011] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1853.134628][ T4011] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1875.161280][ T4003] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1879.821856][ T4011] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1972.616950][ T4003] veth0_vlan: entered promiscuous mode
[ 1973.629447][ T4003] veth1_vlan: entered promiscuous mode
[ 1977.230945][ T4003] veth0_macvtap: entered promiscuous mode
[ 1978.300716][ T4003] veth1_macvtap: entered promiscuous mode
[ 1979.774109][ T4011] veth0_vlan: entered promiscuous mode
[ 1981.415995][ T4011] veth1_vlan: entered promiscuous mode
[ 1983.910557][ T4221] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1983.918098][ T4221] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1983.999514][   T21] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1984.004701][   T21] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1987.764504][ T4011] veth0_macvtap: entered promiscuous mode
[ 1988.763621][ T4011] veth1_macvtap: entered promiscuous mode
[ 1993.009227][ T4014] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1993.100634][ T3330] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1993.103371][ T3330] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1993.150051][ T3330] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2218.853504][   T25] audit: type=1400 audit(2218.040:104): avc:  denied  { map } for  pid=4394 comm="syz.2.194" path="/" dev="tmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 2355.171124][ T4019] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2356.923739][ T4019] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2358.464565][ T4019] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2360.401062][ T4019] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2381.084360][ T4019] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2381.460224][ T4019] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2381.682967][ T4019] bond0 (unregistering): Released all slaves
[ 2383.543807][ T4019] hsr_slave_0: left promiscuous mode
[ 2383.678880][ T4019] hsr_slave_1: left promiscuous mode
[ 2384.337284][ T4019] veth1_macvtap: left promiscuous mode
[ 2384.340711][ T4019] veth0_macvtap: left promiscuous mode
[ 2384.379905][ T4019] veth1_vlan: left promiscuous mode
[ 2384.392833][ T4019] veth0_vlan: left promiscuous mode
[ 2474.332067][ T4468] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2474.774340][ T4468] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2508.884804][ T4468] hsr_slave_0: entered promiscuous mode
[ 2508.991190][ T4468] hsr_slave_1: entered promiscuous mode
[ 2509.063199][ T4468] debugfs: 'hsr0' already exists in 'hsr'
[ 2509.078195][ T4468] Cannot create hsr debugfs directory
[ 2530.174619][ T4468] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2530.709157][ T4468] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2531.195420][ T4468] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2531.691876][ T4468] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2564.074977][ T4468] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2624.225956][   T25] audit: type=1400 audit(2623.410:105): avc:  denied  { map } for  pid=4650 comm="syz.2.230" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2721.102348][ T4468] veth0_vlan: entered promiscuous mode
[ 2722.358259][ T4468] veth1_vlan: entered promiscuous mode
[ 2727.451883][ T4468] veth0_macvtap: entered promiscuous mode
[ 2728.220285][ T3330] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2729.195425][ T4468] veth1_macvtap: entered promiscuous mode
[ 2730.120994][ T3330] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2731.555950][ T3330] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2733.131048][ T3330] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2735.648285][ T3399] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2735.781385][ T3399] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2735.795407][ T3399] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2735.828665][ T4019] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2758.289461][ T3330] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2758.569833][ T3330] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2758.729791][ T3330] bond0 (unregistering): Released all slaves
[ 2761.020299][ T3330] hsr_slave_0: left promiscuous mode
[ 2761.104861][ T3330] hsr_slave_1: left promiscuous mode
[ 2762.099195][ T3330] veth1_macvtap: left promiscuous mode
[ 2762.120131][ T3330] veth0_macvtap: left promiscuous mode
[ 2762.139394][ T3330] veth1_vlan: left promiscuous mode
[ 2762.159249][ T3330] veth0_vlan: left promiscuous mode
[ 2864.582150][ T4707] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2864.993080][ T4707] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2909.112467][ T4707] hsr_slave_0: entered promiscuous mode
[ 2909.252001][ T4707] hsr_slave_1: entered promiscuous mode
[ 2931.435222][ T4707] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2932.212373][ T4707] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2932.754942][ T4707] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2933.510540][ T4707] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2974.214214][ T4707] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3156.058820][ T4707] veth0_vlan: entered promiscuous mode
[ 3157.078938][ T4707] veth1_vlan: entered promiscuous mode
[ 3161.238886][ T4707] veth0_macvtap: entered promiscuous mode
[ 3162.153883][ T4707] veth1_macvtap: entered promiscuous mode
[ 3166.559758][ T4967] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3166.569826][ T4967] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3166.657478][ T4967] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3166.661394][ T4967] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3172.867798][   T25] audit: type=1400 audit(3172.040:106): avc:  denied  { map } for  pid=4977 comm="syz.4.259" path="pipe:[15515]" dev="pipefs" ino=15515 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 3282.462635][ T4718] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3284.990941][ T4718] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3287.313689][ T4718] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3289.337818][ T4718] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3316.920116][ T4718] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3317.308966][ T4718] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3317.572972][ T4718] bond0 (unregistering): Released all slaves
[ 3320.411697][ T4718] hsr_slave_0: left promiscuous mode
[ 3320.549850][ T4718] hsr_slave_1: left promiscuous mode
[ 3321.278669][ T4718] veth1_macvtap: left promiscuous mode
[ 3321.282939][ T4718] veth0_macvtap: left promiscuous mode
[ 3321.301264][ T4718] veth1_vlan: left promiscuous mode
[ 3321.328477][ T4718] veth0_vlan: left promiscuous mode
[ 3346.483311][ T4718] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3347.999898][ T4718] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3349.399031][ T4718] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3351.599270][ T4718] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3379.259567][ T4718] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3379.424777][ T4718] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3379.561699][ T4718] bond0 (unregistering): Released all slaves
[ 3381.679433][ T4718] hsr_slave_0: left promiscuous mode
[ 3381.739537][ T4718] hsr_slave_1: left promiscuous mode
[ 3382.299896][ T4718] veth1_macvtap: left promiscuous mode
[ 3382.303254][ T4718] veth0_macvtap: left promiscuous mode
[ 3382.328954][ T4718] veth1_vlan: left promiscuous mode
[ 3382.348368][ T4718] veth0_vlan: left promiscuous mode
[ 3423.602431][ T5009] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3424.004055][ T5009] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3437.263982][ T5014] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3437.655225][ T5014] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3457.159423][ T5009] hsr_slave_0: entered promiscuous mode
[ 3457.233480][ T5009] hsr_slave_1: entered promiscuous mode
[ 3470.493071][ T5014] hsr_slave_0: entered promiscuous mode
[ 3470.762045][ T5014] hsr_slave_1: entered promiscuous mode
[ 3470.950593][ T5014] debugfs: 'hsr0' already exists in 'hsr'
[ 3470.972014][ T5014] Cannot create hsr debugfs directory
[ 3479.718484][ T5009] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 3480.937822][ T5009] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 3482.082589][ T5009] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 3482.867720][ T5009] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 3497.413425][ T5014] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 3498.014906][ T5014] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 3498.610261][ T5014] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 3499.259304][ T5014] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 3522.614344][ T5009] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3533.822501][ T5014] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3695.605630][ T5009] veth0_vlan: entered promiscuous mode
[ 3696.549221][ T5009] veth1_vlan: entered promiscuous mode
[ 3700.254637][ T5009] veth0_macvtap: entered promiscuous mode
[ 3700.893435][ T5009] veth1_macvtap: entered promiscuous mode
[ 3705.365153][   T21] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3705.533257][ T4967] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3705.538185][ T4967] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3705.670445][ T5231] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3708.340195][ T5014] veth0_vlan: entered promiscuous mode
[ 3711.580340][ T5014] veth1_vlan: entered promiscuous mode
[ 3718.024269][ T5014] veth0_macvtap: entered promiscuous mode
[ 3718.749168][ T5014] veth1_macvtap: entered promiscuous mode
[ 3723.759391][ T4014] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3723.775844][ T4014] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3723.778116][ T4014] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3723.778932][ T4014] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3845.922826][ T4221] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3848.371054][ T4221] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3850.855072][ T4221] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3853.370593][ T4221] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3882.190040][ T4221] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3882.370422][ T4221] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3882.435389][ T4221] bond0 (unregistering): Released all slaves
[ 3885.829298][ T4221] hsr_slave_0: left promiscuous mode
[ 3886.120501][ T4221] hsr_slave_1: left promiscuous mode
[ 3886.894496][ T4221] veth1_macvtap: left promiscuous mode
[ 3886.981964][ T4221] veth0_macvtap: left promiscuous mode
[ 3886.993428][ T4221] veth1_vlan: left promiscuous mode
[ 3887.038513][ T4221] veth0_vlan: left promiscuous mode
[ 3928.619537][ T4221] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3930.363568][ T4221] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3932.493266][ T4221] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3934.023704][ T4221] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3962.383189][ T4221] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3962.621470][ T4221] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3962.799500][ T4221] bond0 (unregistering): Released all slaves
[ 3966.437523][ T4221] hsr_slave_0: left promiscuous mode
[ 3966.799223][ T4221] hsr_slave_1: left promiscuous mode
[ 3967.780300][ T4221] veth1_macvtap: left promiscuous mode
[ 3967.787757][ T4221] veth0_macvtap: left promiscuous mode
[ 3967.801103][ T4221] veth1_vlan: left promiscuous mode
[ 3967.839006][ T4221] veth0_vlan: left promiscuous mode
[ 4020.711626][ T5285] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4021.144281][ T5285] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4026.402558][ T5290] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4026.858707][ T5290] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4060.694228][ T5285] hsr_slave_0: entered promiscuous mode
[ 4060.803544][ T5285] hsr_slave_1: entered promiscuous mode
[ 4065.694321][ T5290] hsr_slave_0: entered promiscuous mode
[ 4065.751812][ T5290] hsr_slave_1: entered promiscuous mode
[ 4065.800176][ T5290] debugfs: 'hsr0' already exists in 'hsr'
[ 4065.807618][ T5290] Cannot create hsr debugfs directory
[ 4088.185154][ T5285] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 4089.215146][ T5285] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 4089.893820][ T5285] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 4091.008753][ T5285] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 4099.479655][ T5290] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 4099.964414][ T5290] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 4100.644912][ T5290] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 4101.318676][ T5290] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 4135.912590][ T5285] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4143.688306][ T5290] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4331.672939][ T5285] veth0_vlan: entered promiscuous mode
[ 4333.343551][ T5285] veth1_vlan: entered promiscuous mode
[ 4339.999320][ T5290] veth0_vlan: entered promiscuous mode
[ 4340.680807][ T5285] veth0_macvtap: entered promiscuous mode
[ 4342.110459][ T5285] veth1_macvtap: entered promiscuous mode
[ 4343.083539][ T5290] veth1_vlan: entered promiscuous mode
[ 4350.170382][ T3330] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4350.397775][   T21] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4350.418684][ T4492] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4350.468391][ T5231] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4352.231248][ T5290] veth0_macvtap: entered promiscuous mode
[ 4354.260741][ T5290] veth1_macvtap: entered promiscuous mode
[ 4362.350937][ T4221] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4362.509496][ T4718] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4362.568211][ T4718] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4362.578979][ T4718] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4874.111693][ T5662] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4874.735101][ T5662] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4901.253655][ T5669] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4901.905386][ T5669] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4945.102916][ T5662] hsr_slave_0: entered promiscuous mode
[ 4945.312180][ T5662] hsr_slave_1: entered promiscuous mode
[ 4945.454645][ T5662] debugfs: 'hsr0' already exists in 'hsr'
[ 4945.597453][ T5662] Cannot create hsr debugfs directory
[ 4981.173538][ T5669] hsr_slave_0: entered promiscuous mode
[ 4981.419840][ T5669] hsr_slave_1: entered promiscuous mode
[ 4981.522875][ T5669] debugfs: 'hsr0' already exists in 'hsr'
[ 4981.573837][ T5669] Cannot create hsr debugfs directory
[ 5025.038782][ T5662] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 5029.330827][ T5662] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 5033.899245][ T5662] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 5035.334202][ T5662] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 5055.505620][ T5669] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 5056.469908][ T5669] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 5057.220109][ T5669] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 5057.925327][ T5669] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 5099.305181][ T5662] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5113.611352][   T27] INFO: task syz.9.290:5650 blocked for more than 430 seconds.
[ 5113.682877][   T27]       Not tainted syzkaller #0
[ 5113.703626][   T27]       Blocked by coredump.
[ 5113.704134][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 5113.704614][   T27] task:syz.9.290       state:D stack:0     pid:5650  tgid:5649  ppid:5290   task_flags:0x40044c flags:0x00000019
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 5113.790447][   T27] Call trace:
[ 5113.808098][   T27]  __switch_to+0x584/0xb20 (T)
[ 5113.810375][   T27]  __schedule+0x1eec/0x33a4
[ 5113.811005][   T27]  schedule+0xac/0x27c
[ 5113.811519][   T27]  schedule_timeout+0x5c/0x1e4
[ 5113.811972][   T27]  do_wait_for_common+0x28c/0x444
[ 5113.812395][   T27]  wait_for_completion+0x44/0x5c
[ 5113.812901][   T27]  __synchronize_srcu+0x2a4/0x320
[ 5113.813410][   T27]  synchronize_srcu+0x3cc/0x4f0
[ 5113.813889][   T27]  __mmu_notifier_release+0x424/0x614
[ 5113.814376][   T27]  exit_mmap+0xb8/0xbb8
[ 5113.814866][   T27]  __mmput+0x10c/0x528
[ 5113.815353][   T27]  mmput+0x70/0xac
[ 5113.815818][   T27]  exit_mm+0x158/0x258
[ 5113.975507][   T27]  do_exit+0x788/0x2378
[ 5113.998440][   T27]  do_group_exit+0x1d4/0x2ac
[ 5114.005097][   T27]  get_signal+0x1440/0x1554
[ 5114.005903][   T27]  do_signal+0x23c/0x4dd0
[ 5114.048278][   T27]  do_notify_resume+0xb0/0x270
[ 5114.048907][   T27]  el0_svc+0xb8/0x164
[ 5114.049413][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 5114.049888][   T27]  el0t_64_sync+0x198/0x19c
[ 5114.051521][   T27] 
[ 5114.051521][   T27] Showing all locks held in the system:
[ 5114.052020][   T27] 1 lock held by khungtaskd/27:
[ 5114.052413][   T27]  #0: ffff800087876d18 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[ 5114.055010][   T27] 1 lock held by klogd/3120:
[ 5114.055387][   T27] 3 locks held by dhcpcd/3157:
[ 5114.055716][   T27] 2 locks held by getty/3186:
[ 5114.210230][   T27]  #0: 60f0000011c4a8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 5114.212544][   T27]  #1: 03ff80008c5cb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8
[ 5114.214379][   T27] 2 locks held by syz-executor/3310:
[ 5114.214726][   T27] 3 locks held by kworker/u4:2/3330:
[ 5114.215069][   T27] 3 locks held by kworker/u4:3/4014:
[ 5114.215449][   T27] 3 locks held by kworker/u4:4/4967:
[ 5114.215766][   T27] 3 locks held by kworker/u4:12/5021:
[ 5114.339966][   T27] 3 locks held by kworker/u4:15/5300:
[ 5114.360130][   T27] 2 locks held by syz.8.288/5640:
[ 5114.360623][   T27] 2 locks held by kworker/u4:9/5673:
[ 5114.360967][   T27]  #0: 4cf000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 5114.362815][   T27]  #1: ffff80008fd67c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 5114.364618][   T27] 4 locks held by modprobe/5808:
[ 5114.365047][   T27] 4 locks held by dhcpcd/5809:
[ 5114.365592][   T27] 
[ 5114.365901][   T27] =============================================
[ 5114.365901][   T27] 
[ 5121.458924][ T5669] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5134.762512][   T27] INFO: task syz.9.290:5650 blocked for more than 451 seconds.
[ 5134.763408][   T27]       Not tainted syzkaller #0
[ 5134.767235][   T27]       Blocked by coredump.
[ 5134.767599][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 5134.767885][   T27] task:syz.9.290       state:D stack:0     pid:5650  tgid:5649  ppid:5290   task_flags:0x40044c flags:0x00000019
[ 5134.768642][   T27] Call trace:
[ 5134.768924][   T27]  __switch_to+0x584/0xb20 (T)
[ 5134.769515][   T27]  __schedule+0x1eec/0x33a4
[ 5134.770038][   T27]  schedule+0xac/0x27c
[ 5134.770524][   T27]  schedule_timeout+0x5c/0x1e4
[ 5134.770975][   T27]  do_wait_for_common+0x28c/0x444
[ 5134.771394][   T27]  wait_for_completion+0x44/0x5c
[ 5134.771905][   T27]  __synchronize_srcu+0x2a4/0x320
[ 5134.772385][   T27]  synchronize_srcu+0x3cc/0x4f0
[ 5134.772846][   T27]  __mmu_notifier_release+0x424/0x614
[ 5134.773319][   T27]  exit_mmap+0xb8/0xbb8
[ 5134.773830][   T27]  __mmput+0x10c/0x528
[ 5134.774323][   T27]  mmput+0x70/0xac
[ 5134.774776][   T27]  exit_mm+0x158/0x258
[ 5134.775247][   T27]  do_exit+0x788/0x2378
[ 5134.775684][   T27]  do_group_exit+0x1d4/0x2ac
[ 5134.988692][   T27]  get_signal+0x1440/0x1554
[ 5134.989394][   T27]  do_signal+0x23c/0x4dd0
[ 5134.989956][   T27]  do_notify_resume+0xb0/0x270
[ 5134.990422][   T27]  el0_svc+0xb8/0x164
[ 5134.990875][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 5134.991346][   T27]  el0t_64_sync+0x198/0x19c
[ 5134.992044][   T27] 
[ 5134.992044][   T27] Showing all locks held in the system:
[ 5134.992354][   T27] 2 locks held by kworker/u4:1/21:
[ 5134.992678][   T27]  #0: 4cf000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 5134.994483][   T27]  #1: ffff80008c667c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 5135.169266][   T27] 1 lock held by khungtaskd/27:
[ 5135.169743][   T27]  #0: ffff800087876d18 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[ 5135.171677][   T27] 2 locks held by getty/3186:
[ 5135.172038][   T27]  #0: 60f0000011c4a8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 5135.173724][   T27]  #1: 03ff80008c5cb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8
[ 5135.175445][   T27] 3 locks held by kworker/u4:2/3330:
[ 5135.175773][   T27] 3 locks held by kworker/u4:8/4019:
[ 5135.298002][   T27]  #0: fff0000072d78d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x2f0/0x33a4
[ 5135.300284][   T27]  #1: fff0000072d64548 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x6c/0x6e8
[ 5135.302007][   T27]  #2: fff0000072d65e58 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x5c8/0xe7c
[ 5135.303645][   T27] 2 locks held by kworker/u4:7/4492:
[ 5135.303999][   T27]  #0: 4cf000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 5135.305680][   T27]  #1: ffff80008cea7c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 5135.481056][   T27] 3 locks held by kworker/u4:11/4718:
[ 5135.481474][   T27] 2 locks held by kworker/u4:4/4967:
[ 5135.481826][   T27] 3 locks held by kworker/u4:12/5021:
[ 5135.482173][   T27] 3 locks held by kworker/u4:15/5300:
[ 5135.482530][   T27] 2 locks held by syz.8.288/5640:
[ 5135.482852][   T27] 2 locks held by syz-executor/5662:
[ 5135.483182][   T27] 2 locks held by syz-executor/5669:
[ 5135.483487][   T27] 3 locks held by kworker/u4:6/5671:
[ 5135.483811][   T27] 2 locks held by kworker/u4:9/5673:
[ 5135.484135][   T27]  #0: 4cf000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 5135.485904][   T27]  #1: ffff80008fd67c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 5135.648904][   T27] 3 locks held by kworker/u4:13/5718:
[ 5135.649284][   T27] 3 locks held by kworker/u4:16/5747:
[ 5135.649683][   T27] 1 lock held by modprobe/5814:
[ 5135.650034][   T27] 1 lock held by modprobe/5815:
[ 5135.702547][   T27] 
[ 5135.718160][   T27] =============================================
[ 5135.718160][   T27] 

VM DIAGNOSIS:
08:05:03  Registers:
info registers vcpu 0

CPU#0
 PC=ffff800081987830 X00=0000000000000001 X01=ffff80008736205f
X02=0000000000000008 X03=0000000000000002 X04=0000000000000000
X05=0000000000000000 X06=0000000000000000 X07=ffff800085a0b5ac
X08=70f000000de30108 X09=0000000000000070 X10=0fff000000de3010
X11=ffff800087fe5a20 X12=30f000000d9bc5b0 X13=0000000000000028
X14=0000000000002000 X15=ffff800080007680 X16=ffff800080010e20
X17=00000000000000d6 X18=00000000000000ff X19=0000000000000000
X20=000000000000012f X21=0000000000000001 X22=ffff80008c462100
X23=000000000000ffff X24=0000000000000c90 X25=000000000f02000a
X26=0000000000000016 X27=0000000000000007 X28=c0f0000026fb8994
X29=ffff800080007760 X30=ffff800085a0b5f8  SP=ffff800080007750
PSTATE=60402009 -ZC- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=0000000000000000:0000000000000000 Z01=0000ffffbba75b30:0000ffffbba76060
Z02=0000ffffbb7bf6e0:0000ffffbb7bf0d0 Z03=0000ffffbbaa6d10:0000ffffbba75600
Z04=0000ffffbba76ad0:0000ffffbba765a0 Z05=0000ffffbb7bf6e0:0000ffffbb7bf0d0
Z06=0000000000000000:0000000000000000 Z07=0000000000000000:0000000000000000
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000000000000000:0000000000000000 Z17=0000000000000000:0000000000000000
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000