last executing test programs:

1h13m33.22243481s ago: executing program 1 (id=39):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x29)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
r3 = syz_kvm_vgic_v3_setup(r2, 0x2, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000040)=@attr_other={0x0, 0x7, 0x4678, 0x0})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000040)={0x0, 0x0}, 0x0, 0x0)

1h13m24.192355318s ago: executing program 1 (id=41):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000200)={0x0, 0x0}, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x1, 0x100)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r7, 0x4018aee2, &(0x7f00000002c0)=@attr_pmu_irq={0x0, 0x0, 0x0, 0x0})
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f0000000000)={0x0, 0xf000, 0x1, 0xffffffffffffffff, 0x20})
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f00000000c0)={0x8})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000200)={0x0, 0x0}, 0x0, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) (async)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r7, 0x4018aee2, &(0x7f00000002c0)=@attr_pmu_irq={0x0, 0x0, 0x0, 0x0}) (async)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) (async)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) (async)
ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f0000000000)={0x0, 0xf000, 0x1, 0xffffffffffffffff, 0x20}) (async)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f00000000c0)={0x8}) (async)

1h13m14.044473583s ago: executing program 1 (id=42):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0) (async)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffb}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1h13m7.616863578s ago: executing program 1 (id=44):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xb)
r1 = eventfd2(0x0, 0x800)
ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f0000000000)={0x6, 0x4, 0x0, r1, 0x5})
ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000040)={0xffff25c1, 0x4})
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x10002, 0x4, 0xeeee8000, 0x1000, &(0x7f0000fff000/0x1000)=nil})
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r0, 0x4010aeb5, &(0x7f00000000c0)={0x8, 0x1b0})
syz_kvm_setup_cpu$arm64(r0, 0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000000780)=[{0x0, &(0x7f0000000100)=[@uexit={0x0, 0x18, 0x1}, @eret={0xe6, 0x18, 0x3}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x0, 0xffffffffffffff2f}}, @code={0xa, 0x6c, {"000028d5009091d200c0b8f2a10080d2620080d2a30080d2640180d2020000d40000003c008008d50060002f0084007f007008d5000008d50014200e80668bd200e0b8f2a10080d2220180d2a30180d2640180d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x3, 0x4, 0x3, 0xd6, 0x1}}, @svc={0x122, 0x40, {0x8000, [0x0, 0x401, 0x7, 0x3, 0x200]}}, @hvc={0x32, 0x40, {0x86000001, [0xfffffffffffffffc, 0x6, 0x4, 0x200]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x280, 0x80000000, 0x1}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0xffd0, 0x28, 0x7}}, @svc={0x122, 0x40, {0x962ed7c107d2086, [0x80, 0x10001, 0x10000, 0x4424, 0x80]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x400, 0x3, 0xefeb577168913516}}, @svc={0x122, 0x40, {0x84000002, [0x8, 0x2, 0x9, 0xfffffffffffffffe, 0x7]}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x18c}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x4, 0x6, 0x4, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x1, 0xd, 0xfffffffc, 0xb1, 0x1}}, @svc={0x122, 0x40, {0xc4000007, [0xffff, 0x6d, 0x2, 0x9, 0xbd1a]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x2000, 0x8000000000000001, 0x2}}, @uexit={0x0, 0x18, 0xcc}, @hvc={0x32, 0x40, {0x80003fff, [0x58df, 0x4, 0x100]}}, @svc={0x122, 0x40, {0x8400000c, [0x8f9b, 0xa910, 0x9, 0x1e5, 0x1ff]}}, @irq_setup={0x46, 0x18, {0x4, 0x30b}}, @hvc={0x32, 0x40, {0x2000000, [0xff, 0x100000001, 0x1, 0xbb, 0x200]}}, @irq_setup={0x46, 0x18, {0x1, 0x27a}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x3ab}}, @hvc={0x32, 0x40, {0xc400000c, [0x0, 0x6, 0x0, 0x3, 0x100000000]}}, @svc={0x122, 0x40, {0x2000, [0x400000000000, 0x9, 0x0, 0x8, 0x7fff]}}, @mrs={0xbe, 0x18, {0x603000000013dce4}}, @memwrite={0x6e, 0x30, @generic={0xd000, 0xcee, 0x8000000000000001, 0x9}}, @mrs={0xbe, 0x18, {0x603000000013df61}}, @msr={0x14, 0x20, {0x603000000013c4d0, 0x4}}, @code={0xa, 0x6c, {"007008d5008008d5003c000e605582d200a0b8f2a10080d2420180d2c30080d2240180d2020000d400c0641e0000805a007008d50090200e00f8b02e002892d20060b8f2010080d2620180d2e30180d2040180d2020000d4"}}, @smc={0x1e, 0x40, {0x8500000d, [0x9, 0xd, 0x0, 0x6]}}], 0x648}], 0x1, 0x0, &(0x7f00000007c0)=[@featur1={0x1, 0x61}], 0x1)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r0, 0x4068aea3, &(0x7f0000000800))
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r0, 0x4068aea3, &(0x7f0000000880)={0xe4, 0x0, 0x9})
ioctl$KVM_CAP_ARM_USER_IRQ(r0, 0x4068aea3, &(0x7f0000000900))
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x33)
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000000980)={0x3, 0x0, &(0x7f0000c0f000/0x4000)=nil})
ioctl$KVM_CAP_ARM_USER_IRQ(r2, 0x4068aea3, &(0x7f00000009c0))
r3 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r0, 0x4068aea3, &(0x7f0000000a40)={0xe4, 0x0, 0xf})
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x0, 0x20)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r0, 0x4068aea3, &(0x7f0000000ac0)={0xe4, 0x0, 0x8})
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000b80)=@arm64_sys={0x6030000000138047, &(0x7f0000000b40)=0x1})
munmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000)
ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000bc0)={0x1ceb, 0x8})
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000000c00)={0x1ff, 0x0, &(0x7f0000dc0000/0x4000)=nil})
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x4018aee1, &(0x7f0000000c80)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000c40)={0xffffffff, 0x400, 0x3}})
eventfd2(0x3, 0x80000)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000cc0)={0x5, 0xeeee0000, 0x8, r1, 0xa})
ioctl$KVM_ARM_PREFERRED_TARGET(r3, 0x8020aeaf, &(0x7f0000000d00))
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
eventfd2(0xfffffff1, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)

1h13m2.651362619s ago: executing program 1 (id=46):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_GET_REGS(r3, 0x8360ae81, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ec2000/0x3000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x4000010, 0xffffffffffffffff, 0x0)

1h12m56.419351074s ago: executing program 1 (id=48):
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r0 = eventfd2(0x0, 0x80000)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2)
syz_kvm_vgic_v3_setup(r2, 0x2, 0x100)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000000)={r0, 0x3})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x28)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x34)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000040)={0x7, <r7=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r7, 0x4018aee3, &(0x7f0000000100)=@attr_arm64={0x0, 0x4, 0x0, 0x0})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x1, 0x1000, 0x1000, &(0x7f0000ecd000/0x1000)=nil})
mmap$KVM_VCPU(&(0x7f0000000000/0xc00000)=nil, 0x930, 0xf, 0x32, 0xffffffffffffffff, 0x0)

1h12m10.969305927s ago: executing program 32 (id=47):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x3, 0xfffffffd}}], 0x50}, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000200)={0x0, &(0x7f0000000240)=[@svc={0x122, 0x40, {0x0, [0x1, 0x5, 0x80, 0x4, 0xfffffffffffffffc]}}, @uexit={0x0, 0x18, 0x2}, @eret={0xe6, 0x18, 0x8000}, @hvc={0x32, 0x40, {0x84000004, [0x101, 0x9, 0x7, 0xffffffffffffffff, 0x6]}}, @svc={0x122, 0x40, {0x84000007, [0xd552000, 0x5, 0x6, 0xfffffffffffffffc, 0x40]}}, @memwrite={0x6e, 0x30, @generic={0xeeef0000, 0x5f6, 0x60fd, 0x4}}, @irq_setup={0x46, 0x18, {0x2, 0x127}}, @svc={0x122, 0x40, {0x84000011, [0x7f, 0x2, 0x3800, 0x2, 0x4e2]}}, @msr={0x14, 0x20, {0x603000000013e9a5, 0xff}}, @irq_setup={0x46, 0x18, {0x4, 0x2a7}}, @code={0xa, 0x6c, {"0000000b0068a038000008d5408f8ed20080b0f2c10080d2a20080d2030080d2640180d2020000d4000008d5007008d5000040ad005686d200a0b0f2010180d2820180d2e30180d2e40180d2020000d40080c0c8007008d5"}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x10, 0x8, 0x30970138496d9a1f}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0x295}}, @uexit={0x0, 0x18, 0xaa}, @irq_setup={0x46, 0x18, {0x3, 0x116}}, @code={0xa, 0x6c, {"0008c01a402692d20080b8f2810180d2420080d2630080d2a40180d2020000d400006088000028d5007008d500c0201e007008d5e00a82d20000b8f2410180d2e20180d2430080d2040080d2020000d400a4ff0d008008d5"}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x2, 0x7, 0x2, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x0, 0xf, 0x200, 0x3, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x3, 0x8, 0x100, 0x5, 0x4}}, @code={0xa, 0x6c, {"403982d200a0b8f2a10180d2220180d2430080d2240180d2020000d4007008d500682038007008d5007008d5007008d5a0fd87d20040b0f2210180d2020080d2230180d2640080d2020000d4007008d50098a10e0000699e"}}, @msr={0x14, 0x20, {0x603000000013e6dc, 0x5}}, @code={0xa, 0x84, {"40a183d200a0b0f2410080d2420080d2830080d2240180d2020000d480a39dd200a0b8f2c10180d2820080d2430080d2a40180d2020000d4007008d5a05e9ed20040b0f2610180d2620080d2430080d2640080d2020000d4000028d5007008d5007008d5000028d50000406c004cc09a"}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0xe2}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x1, 0xd, 0x663, 0x81, 0x3}}, @msr={0x14, 0x20, {0x1e06, 0xe8e}}, @eret={0xe6, 0x18, 0x6}, @msr={0x14, 0x20, {0x603000000013f39a, 0x1}}, @eret={0xe6, 0x18}, @its_setup={0x82, 0x28, {0x2, 0x200, 0x9e}}, @hvc={0x32, 0x40, {0x8400000a, [0x0, 0x1, 0xfffffffffffffff7, 0x9, 0x8]}}], 0x5c0}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105})
ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x603000000010004a, 0x0})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x15)
ioctl$KVM_GET_DEVICE_ATTR_vm(r9, 0x4018aee2, &(0x7f0000000040)=@attr_other={0x0, 0x400, 0x3, &(0x7f0000000000)=0xd1a})

1h12m7.9923372s ago: executing program 33 (id=48):
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r0 = eventfd2(0x0, 0x80000)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2)
syz_kvm_vgic_v3_setup(r2, 0x2, 0x100)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000000)={r0, 0x3})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x28)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x34)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000040)={0x7, <r7=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r7, 0x4018aee3, &(0x7f0000000100)=@attr_arm64={0x0, 0x4, 0x0, 0x0})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x1, 0x1000, 0x1000, &(0x7f0000ecd000/0x1000)=nil})
mmap$KVM_VCPU(&(0x7f0000000000/0xc00000)=nil, 0x930, 0xf, 0x32, 0xffffffffffffffff, 0x0)

1h6m1.792115182s ago: executing program 2 (id=60):
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 32)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (rerun: 32)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r1, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f00000000c0)={0x7fffffffffffffff, 0x5000, 0x0, r5, 0x8})
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x2c}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000140)=@arm64_fp_extra={0x60200000003000d5, &(0x7f0000000100)=0x7fffffff}) (async)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, r5, 0x3}) (async)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x80111500, 0x20000000)
r9 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r10 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) (async, rerun: 32)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 32)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000040)=[{0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="000000000000a7b33eb86bc3dd5723f83af003c012366c1800000000090000000000000000"], 0x18}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)

1h5m49.622659063s ago: executing program 2 (id=62):
munmap(&(0x7f000049b000/0x400000)=nil, 0x400000)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x25)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000ec2000/0x3000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000040)={0x5})
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f00004dc000/0x400000)=nil)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)

1h5m37.417774147s ago: executing program 2 (id=64):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x27)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x0, 0x0, 0x6, 0x0, 0x9}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r8 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur2={0x1, 0x12}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9, 0x10}})
ioctl$KVM_RUN(r8, 0xae80, 0x0)

1h4m55.023527528s ago: executing program 2 (id=67):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0xc3033, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001}) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x40305839, &(0x7f0000000040)=@attr_other={0x1000000, 0xab, 0x7f, &(0x7f0000000240)=0x5})
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) (async)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0x3, <r3=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000080)=@attr_other={0x0, 0xffff, 0x7, &(0x7f0000000040)=0x7}) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)

1h4m44.821960842s ago: executing program 2 (id=68):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3e)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000000c0)={0xc000, 0x109000, 0xfffffffc})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000080)={0x1})

1h4m33.859695875s ago: executing program 2 (id=70):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000280)=@arm64_sve={0x60800000001502ba, 0x0})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x20e4586c})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x31)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0, 0xffffffffffffff9b}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r10, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013e641, 0x0})
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f0000000140)=@arm64_extra={0x603000000013c023, &(0x7f0000000000)=0x2})
ioctl$KVM_GET_SREGS(r10, 0x8000ae83, &(0x7f0000000140))

1h3m46.569906893s ago: executing program 34 (id=70):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000280)=@arm64_sve={0x60800000001502ba, 0x0})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x20e4586c})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x31)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0, 0xffffffffffffff9b}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r10, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013e641, 0x0})
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f0000000140)=@arm64_extra={0x603000000013c023, &(0x7f0000000000)=0x2})
ioctl$KVM_GET_SREGS(r10, 0x8000ae83, &(0x7f0000000140))

51m35.952458548s ago: executing program 3 (id=139):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1c)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000000000000000000001"])
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000b80)={0x0, &(0x7f0000000640)=[@smc={0x1e, 0x40, {0xc4000012, [0x0, 0x4, 0x0, 0x4, 0x8001]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r9, 0x4020ae46, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r1]) (async)
ioctl$KVM_SET_GSI_ROUTING(r9, 0x4020ae46, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r1])
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000a67000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) (async)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000080)=@arm64_core={0x6030000000100048, &(0x7f0000000040)=0x40}) (async)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000080)=@arm64_core={0x6030000000100048, &(0x7f0000000040)=0x40})

51m35.255836163s ago: executing program 4 (id=140):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000003c0)={0x0, &(0x7f0000000080)=[@msr={0x14, 0x20, {0x603000000013e728, 0xa31}}, @eret={0xe6, 0x18, 0x3}, @irq_setup={0x46, 0x18, {0x2, 0x25b}}, @uexit={0x0, 0x18, 0x4}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x2, 0x4, 0x6, 0x267, 0x3}}, @mrs={0xbe, 0x18, {0x603000000013e642}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x3, 0x8, 0x5, 0x9, 0x2}}, @hvc={0x32, 0x40, {0x80, [0xfffffffffffffff7, 0x2, 0x33c1, 0x6, 0x3]}}, @hvc={0x32, 0x40, {0x8000, [0x5, 0x7f, 0x6, 0x6, 0x48c4e6f]}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0xf}}, @svc={0x122, 0x40, {0x80003fff, [0xea9f, 0x6, 0x1]}}, @code={0xa, 0x9c, {"00b896d20020b8f2c10180d2820080d2e30080d2040180d2020000d4000028d5007008d540ec84d20060b0f2410080d2820080d2630180d2c40080d2020000d4008008d500a4004f20e090d200c0b0f2e10180d2e20080d2c30080d2a40080d2020000d4c0289dd200e0b8f2c10080d2e20080d2830180d2e40180d2020000d4008008d500088078"}}, @hvc={0x32, 0x40, {0xf699c59920e78a8a, [0x8, 0x3, 0x100000000, 0x0, 0x1]}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x4, 0x8, 0x9, 0x8}}, @hvc={0x32, 0x40, {0x400, [0xc2f9, 0x1, 0x401, 0x0, 0xffffffffffffffff]}}, @smc={0x1e, 0x40, {0x8400000a, [0xe7, 0xf, 0x3fa, 0x739, 0x6]}}], 0x33c}, &(0x7f0000000400), 0x1)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x32, r2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, r4, 0x0, 0x40032, 0xffffffffffffffff, 0x0)

51m23.783578433s ago: executing program 4 (id=141):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3a)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000140)={0x0, &(0x7f0000000900)=[@code={0xa, 0x6c, {"008008d500198ed200c0b0f2610180d2c20080d2830180d2640180d2020000d4000860bc00000053ecca08d500fca00ea03e83d200a0b8f2610080d2820080d2c30080d2640080d2020000d4000008d5008008d5008008d5"}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffd0, 0x9c16, 0x3}}, @smc={0x1e, 0x40, {0xffff, [0x9, 0x4, 0xd0f, 0x2, 0x2]}}, @uexit={0x0, 0x18, 0xf89}, @mrs={0xbe, 0x18, {0x603000000013c01e}}, @eret={0xe6, 0x18, 0x1000}, @svc={0x122, 0x40, {0x84000002, [0x10000, 0x4, 0x8, 0x7, 0x6]}}, @smc={0x1e, 0x40, {0x1a, [0x2, 0xffffffffffffff80, 0x1, 0x8, 0x1]}}], 0x1a4}, &(0x7f0000000180)=[@featur2={0x1, 0x18}], 0x1)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f00000001c0)=[{0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e00000000000000400000000000000001000080000000000a00000000000000ccc5743500000000a5d80000000000000400000000000000ffff0000000000003200000000000000400000000000000052000084000000000500000000000000280800000000000001800000000000000900000000000000060000000000000032000000000000004000000000000000000000800000000001000000000000800500000000000000a30f000000000000040000000000000006000000000000004600000000000000180000000000000000000000e4000000820000000000000028000000000000000300000000000000000000000000000079030000000000006e0000000000000030000000000000000000000800000000003000000000000005000000000000000100000000000000e600000000000000180000000000000000000100000000001e0000000000000040000000000000000000008000000000569c000000000000000000000000080005000000000000000100000000000000f8d10000000000006e0000000000000030000000000000000000080800000000e8ff03000000000004000000000040000000000000000000aa0000000000000028000000000000000e0004000000080000000900000000000000020000000000be00000000000000180000000000000018e7130000003060aa00000000000000280000000000000009000200000001000000fcffffff07000000040000000000e60000000000000018000000000000000300000000000000be00000000000000180000000000000032c0130000003060be000000000000001800000000000000a4c213000000306032000000000000004000000000000000100000c40000000006000000000000000e000000000000000600000000000000010000000000000008000000000000004600000000000000180000000000000004000000630300004600000000000000180000000000000002000000360100000a000000000000009c00000000000000000c803c007008d5000040f8005cc09a000030d5e0599ed200a0b0f2210180d2020080d2e30180d2440180d2020000d4a02a83d20000b0f2210080d2020180d2e30180d2840180d2020000d40039d1d20060b8f2210180d2420180d2230080d2240080d2020000d420fe84d20080b0f2410080d2020080d2430080d2440180d2020000d400f8a15ec0035fd6e60000000000000018000000000000000200000000000000320000000000000040000000000000000c0000c400000000ff010000000000000500000000000000010000000000000001000080ffffffffff070000000000000000000000000000180000000000000056000000000000008200000000000000280000000000000003000000000000000000000000000000f900000000000000aa0000000000000028000000000000000f0002000000010000000200000004000000000000000000"], 0x434}], 0x1, 0x0, &(0x7f0000000200)=[@featur2={0x1, 0x10}], 0x1)
r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r5, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0)
ioctl$KVM_GET_REG_LIST(r5, 0xc008aeb0, &(0x7f00000000c0)={0x8, [0x1ff, 0xe, 0x7f, 0x9, 0x3, 0x4, 0x5, 0x7]})
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r7, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r9, 0x1, 0x100)
r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x1)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r11, 0x4, 0x220)
ioctl$KVM_RUN(r13, 0xae80, 0x0)

51m22.595503007s ago: executing program 3 (id=142):
munmap(&(0x7f0000c8f000/0x4000)=nil, 0x4000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) (async)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f00000000c0)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000100)=0x4}) (async, rerun: 32)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) (rerun: 32)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (async, rerun: 32)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r10, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) (async, rerun: 32)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000e9d000/0x1000)=nil, 0x1000) (async, rerun: 64)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async, rerun: 64)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r8, 0x4008ae73, &(0x7f0000000180)={0xffff, 0x100})
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) (async, rerun: 64)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (rerun: 64)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r5, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x0, 0x23ac5f9b426e84b2, 0xffffffffffffffff, 0x0) (async, rerun: 32)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x20e4586c}) (async, rerun: 32)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

51m9.416196179s ago: executing program 3 (id=143):
munmap(&(0x7f0000c8f000/0x4000)=nil, 0x4000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x22)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x20e4586c})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x29)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r8, 0x2, 0x12, r7, 0x0)
r9 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, r8, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)

51m5.621239043s ago: executing program 4 (id=144):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = eventfd2(0x7, 0x1)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x20)
eventfd2(0x80, 0x1)
r2 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000140)={r1, 0xc5, 0x0, r1})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r5, 0x800454e1, 0x110c230004)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r6, 0x4010aeab, &(0x7f0000000000)={0xffffffff, 0x100000})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

50m57.059548691s ago: executing program 4 (id=145):
r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000001c0)={0x8, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x1, 0x4000, 0x1000, &(0x7f0000000000/0x1000)=nil}) (async)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x25)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x0, 0x0, 0x6, 0x2, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) (async)
ioctl$KVM_CAP_DIRTY_LOG_RING(r4, 0x4068aea3, &(0x7f0000000300)={0xc0, 0x0, 0x9000})
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2c)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000040)=@arm64_bitmap={0x6030000000160000, &(0x7f0000000000)=0xe}) (async)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xb702, 0x0) (async)
openat$kvm(0x0, 0x0, 0x141001, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r12, 0x0, 0x0, 0x0)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r11, 0x2, 0x100) (async)
ioctl$KVM_RUN(r13, 0xae80, 0x0) (async)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r14=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})

50m52.049286535s ago: executing program 3 (id=146):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x23)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r4=>0xffffffffffffffff, 0x1})
write$eventfd(r4, &(0x7f00000001c0)=0x7ffffff, 0xfdef)
ioctl$KVM_CAP_PTP_KVM(r1, 0x4068aea3, &(0x7f0000000280)) (async)
ioctl$KVM_CAP_PTP_KVM(r1, 0x4068aea3, &(0x7f0000000280))

50m41.700115333s ago: executing program 4 (id=147):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x200, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000000)={0x4, <r4=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x5, 0x0})
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x18)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bde000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
r12 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r11, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r11, 0x0)
r13 = eventfd2(0x0, 0x0)
close(r13)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
r14 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
write$eventfd(r13, &(0x7f0000000180)=0x5, 0xfffffde3)
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r15 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)

50m41.113830261s ago: executing program 3 (id=148):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r2, 0x400454c8, 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x21)
eventfd2(0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
r6 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r5, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000000)=[@featur1={0x1, 0xa}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000080)={0xc, 0xca}})
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x4c4882, 0x0)
ioctl$KVM_CHECK_EXTENSION(r11, 0x40086602, 0x110e227ffe)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
eventfd2(0xfffffffa, 0x80001)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, 0x0, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r12, 0x40086602, 0x110e227ffe)
mmap$KVM_VCPU(&(0x7f0000006000/0x4000)=nil, 0x930, 0x1000002, 0x100010, 0xffffffffffffffff, 0x0)

50m28.259726427s ago: executing program 3 (id=149):
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r5, 0x4010ae68, &(0x7f00000000c0)={0xffff1000, 0x6000, 0x1})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x3d1}}, @eret={0xe6, 0x18, 0xffffffffffffffff}, @irq_setup={0x46, 0x18, {0x2, 0x14b}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x3b7}}, @svc={0x122, 0x40, {0xc4000011, [0x6, 0x0, 0xfffffffffffffffb, 0x0, 0xd13]}}, @mrs={0xbe, 0x18, {0x603000000013e6ce}}, @hvc={0x32, 0x40, {0xbe0076bf, [0x7, 0x4, 0x1, 0x3, 0xd1c]}}, @hvc={0x32, 0x40, {0xc5000020, [0x9, 0x9, 0x0, 0xfff3, 0x7fffffff]}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x2, 0x6, 0x80, 0x2, 0x2}}, @code={0xa, 0x84, {"600891d200a0b8f2410080d2620180d2c30080d2640180d2020000d4000008d5007008d5007008d5403491d200e0b0f2a10180d2420180d2a30180d2840080d2020000d4007008d5000028d5007c0013e08a95d20080b8f2610180d2e20080d2e30080d2840080d2020000d4000000fc"}}, @svc={0x122, 0x40, {0x80003fff, [0x4000000000000000, 0x7fffffff, 0xeab8, 0xf, 0x9]}}, @code={0xa, 0xb4, {"80578fd20060b8f2610180d2c20180d2830180d2440080d2020000d400a0200e00808048e0a791d20040b8f2010180d2420180d2030080d2e40080d2020000d4008008d5007008d5800f8bd200a0b8f2010080d2420080d2630180d2240080d2020000d40088202ee0778ed200a0b0f2e10080d2e20180d2630180d2840080d2020000d480ca98d20040b8f2c10080d2a20080d2030080d2440180d2020000d4"}}, @mrs={0xbe, 0x18, {0x603000000013c02d}}, @code={0xa, 0x84, {"000880380038207e007008d50024c01ac0a293d200c0b8f2610080d2220080d2030080d2240180d2020000d4007008d50000000ca0f483d200e0b8f2610080d2420180d2630180d2640080d2020000d40088207ee06c89d200a0b8f2410180d2620180d2a30180d2840080d2020000d4"}}, @irq_setup={0x46, 0x18, {0x3, 0x291}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x2, 0x4, 0x6, 0x7}}, @hvc={0x32, 0x40, {0x10800000c, [0x80000000, 0x1000, 0x1ff, 0xfffffffffffffffb, 0x1]}}, @hvc={0x32, 0x40, {0xc5000021, [0x8, 0x6, 0x8, 0x8001, 0x5]}}, @uexit={0x0, 0x18, 0x10000}, @hvc={0x32, 0x40, {0x80003fff, [0x9, 0x8, 0x7e, 0x17, 0x8]}}], 0x4ac}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r7, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = eventfd2(0x5, 0x800)
ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f0000000040)={0x5, 0x8080000, 0x2, r13, 0x8})
ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f00000000c0)={0x8000000008000800, 0x0, 0x0, r13, 0x2})
ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f0000000000)={0x1, 0x0, 0x0, r13, 0x6})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x2, 0x200)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x31)
r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)

50m19.232266165s ago: executing program 4 (id=150):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
syz_kvm_vgic_v3_setup(r4, 0x0, 0x60)
r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013c021}}], 0x18}, 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
ioctl$KVM_SET_SREGS(r8, 0x4000ae84, 0xfffffffffffffffe)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)

49m41.41358625s ago: executing program 35 (id=149):
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r5, 0x4010ae68, &(0x7f00000000c0)={0xffff1000, 0x6000, 0x1})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x3d1}}, @eret={0xe6, 0x18, 0xffffffffffffffff}, @irq_setup={0x46, 0x18, {0x2, 0x14b}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x3b7}}, @svc={0x122, 0x40, {0xc4000011, [0x6, 0x0, 0xfffffffffffffffb, 0x0, 0xd13]}}, @mrs={0xbe, 0x18, {0x603000000013e6ce}}, @hvc={0x32, 0x40, {0xbe0076bf, [0x7, 0x4, 0x1, 0x3, 0xd1c]}}, @hvc={0x32, 0x40, {0xc5000020, [0x9, 0x9, 0x0, 0xfff3, 0x7fffffff]}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x2, 0x6, 0x80, 0x2, 0x2}}, @code={0xa, 0x84, {"600891d200a0b8f2410080d2620180d2c30080d2640180d2020000d4000008d5007008d5007008d5403491d200e0b0f2a10180d2420180d2a30180d2840080d2020000d4007008d5000028d5007c0013e08a95d20080b8f2610180d2e20080d2e30080d2840080d2020000d4000000fc"}}, @svc={0x122, 0x40, {0x80003fff, [0x4000000000000000, 0x7fffffff, 0xeab8, 0xf, 0x9]}}, @code={0xa, 0xb4, {"80578fd20060b8f2610180d2c20180d2830180d2440080d2020000d400a0200e00808048e0a791d20040b8f2010180d2420180d2030080d2e40080d2020000d4008008d5007008d5800f8bd200a0b8f2010080d2420080d2630180d2240080d2020000d40088202ee0778ed200a0b0f2e10080d2e20180d2630180d2840080d2020000d480ca98d20040b8f2c10080d2a20080d2030080d2440180d2020000d4"}}, @mrs={0xbe, 0x18, {0x603000000013c02d}}, @code={0xa, 0x84, {"000880380038207e007008d50024c01ac0a293d200c0b8f2610080d2220080d2030080d2240180d2020000d4007008d50000000ca0f483d200e0b8f2610080d2420180d2630180d2640080d2020000d40088207ee06c89d200a0b8f2410180d2620180d2a30180d2840080d2020000d4"}}, @irq_setup={0x46, 0x18, {0x3, 0x291}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x2, 0x4, 0x6, 0x7}}, @hvc={0x32, 0x40, {0x10800000c, [0x80000000, 0x1000, 0x1ff, 0xfffffffffffffffb, 0x1]}}, @hvc={0x32, 0x40, {0xc5000021, [0x8, 0x6, 0x8, 0x8001, 0x5]}}, @uexit={0x0, 0x18, 0x10000}, @hvc={0x32, 0x40, {0x80003fff, [0x9, 0x8, 0x7e, 0x17, 0x8]}}], 0x4ac}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r7, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = eventfd2(0x5, 0x800)
ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f0000000040)={0x5, 0x8080000, 0x2, r13, 0x8})
ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f00000000c0)={0x8000000008000800, 0x0, 0x0, r13, 0x2})
ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f0000000000)={0x1, 0x0, 0x0, r13, 0x6})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x2, 0x200)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x31)
r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)

49m32.694415777s ago: executing program 36 (id=150):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
syz_kvm_vgic_v3_setup(r4, 0x0, 0x60)
r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013c021}}], 0x18}, 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
ioctl$KVM_SET_SREGS(r8, 0x4000ae84, 0xfffffffffffffffe)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)

30m28.02000027s ago: executing program 6 (id=240):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2000081ffffffc)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x29)

30m26.534725256s ago: executing program 5 (id=241):
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x4019032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x20000000)
write$eventfd(r1, &(0x7f0000000040), 0x8)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)

30m18.483004409s ago: executing program 6 (id=242):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
r4 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, 0xffffffffffffffff, 0x3})
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
r7 = syz_kvm_vgic_v3_setup(r6, 0x2, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r7, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x7, 0x0, &(0x7f00000000c0)=0x4})
ioctl$KVM_CREATE_VM(r4, 0x401c5820, 0x20000001)

30m15.43298427s ago: executing program 5 (id=243):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x0, 0x0, 0x6, 0x2, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000080)={0x4, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, 0xffffffffffffffff)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

30m3.395052296s ago: executing program 6 (id=244):
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x3, 0xa0)
r0 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x7})
r2 = eventfd2(0x0, 0x80800)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x4, r2})
r3 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0xd000, 0xa000})
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r5, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
r7 = syz_kvm_vgic_v3_setup(r6, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r7, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x1, 0x800000000008, &(0x7f00000004c0)=0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000000c0)={0x8})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000000)={0x6000})
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_IRQ_LINE(r9, 0x4008ae61, &(0x7f0000000000)={0x8, 0x4})
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000300)=[@memwrite={0x6e, 0x30, @generic={0x10000, 0x3b6, 0xed}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r9, 0x1, 0x100)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
syz_kvm_setup_cpu$arm64(r9, r11, &(0x7f0000715000/0x400000)=nil, &(0x7f0000000040)=[{0x0, &(0x7f0000000900)=[@uexit={0x0, 0x18, 0x76}, @irq_setup={0x46, 0x18, {0x1, 0x1a8}}, @irq_setup={0x46, 0x18, {0x0, 0xc6}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x1, 0x1, 0xfffffac1, 0x10001, 0x4}}, @msr={0x14, 0x20, {0x603000000013deb7, 0x2}}, @irq_setup={0x46, 0x18, {0x0, 0x2c1}}, @smc={0x1e, 0x40, {0xc4000007, [0xad0, 0x0, 0x80000001, 0x8, 0x6]}}, @uexit={0x0, 0x18, 0x4}, @svc={0x122, 0x40, {0x8, [0x2, 0x0, 0x6, 0x7fff, 0x5]}}, @svc={0x122, 0x40, {0x80007fff, [0x10000, 0x7ff, 0x2, 0x100000000, 0x9]}}, @svc={0x122, 0x40, {0xc4000011, [0xcfca, 0x846, 0x3, 0xffffffffffff0001, 0x4]}}, @mrs={0xbe, 0x18, {0x603000000013debd}}, @hvc={0x32, 0x40, {0x8400000d, [0x8000000000000001, 0x800, 0x1, 0x937, 0x9]}}, @svc={0x122, 0x40, {0x8400000f, [0x2, 0x9b39, 0xfffffffffffffffc, 0xfffffffffffffffa, 0xffffffffffff8000]}}, @msr={0x14, 0x20, {0x603000000013f528, 0x4}}, @uexit={0x0, 0x18, 0x6}, @memwrite={0x6e, 0x30, @generic={0xf000, 0xc8d, 0xfffffffffffffff0, 0x4}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x157}}, @irq_setup={0x46, 0x18, {0x4}}, @code={0xa, 0x6c, {"000000940044202e807787d200a0b0f2210180d2220180d2630080d2e40080d2020000d40070202e007008d50000006c000008d5206e9ad20080b8f2e10080d2620080d2830180d2e40080d2020000d400fc205e0000004a"}}, @mrs={0xbe, 0x18, {0x603000000013c299}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x3, 0x10, 0x0, 0x9, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013debf}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x2, 0xf, 0x5, 0x8, 0x3}}, @code={0xa, 0x6c, {"000008d5008008d500a0002fe00300cb007008d5007008d500439ad20080b8f2a10180d2020080d2030080d2a40080d2020000d420cd97d20020b0f2010180d2c20080d2630180d2a40080d2020000d4000008d5008000c8"}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0xb0, 0x4}}, @svc={0x122, 0x40, {0x80008000, [0x803cc, 0x8001, 0x0, 0xf163, 0x3]}}, @mrs={0xbe, 0x18, {0x603000000013801e}}, @eret={0xe6, 0x18, 0x25c}, @msr={0x14, 0x20, {0x603000000013df77, 0x46}}], 0x518}], 0x1, 0x0, &(0x7f0000000100)=[@featur1={0x1, 0x49}], 0x1)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r1, 0x4068aea3, &(0x7f0000000140))

29m59.935195837s ago: executing program 5 (id=245):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x25) (async)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x25)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil) (async)
r1 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_HALT_POLL(r0, 0x4068aea3, &(0x7f0000000240)={0xb6, 0x0, 0x4})
r2 = syz_kvm_add_vcpu$arm64(r1, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2000000002, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x4000000, 0x0, 0x6, 0x2, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_vgic_v3_setup(r0, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000180)={0x8, <r3=>0xffffffffffffffff})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) (async)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_IRQ_LINE(r7, 0x4008ae61, &(0x7f0000000000)={0x800035a3, 0x9})
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0)
r10 = syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, 0x0)
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, 0x0)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000100)={0x0, 0x5000, 0x0, 0xffffffffffffffff, 0xc})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000000)={0x0, &(0x7f00000002c0)=[@mrs={0xbe, 0x18, {0x603000000013c2ab}}, @mrs={0xbe, 0x18, {0x603000000013e6cc}}, @uexit={0x0, 0x18, 0x6}, @code={0xa, 0x84, {"0000002e205e85d20080b0f2c10080d2220080d2630080d2c40080d2020000d4007008d5c0449bd20000b8f2210180d2020080d2430080d2240180d2020000d40000399e000008d5002cc09a000008d5000028d500a487d20060b0f2210080d2a20080d2a30180d2040080d2020000d4"}}, @msr={0x14, 0x20, {0x603000000013c288, 0x5}}, @svc={0x122, 0x40, {0x80000000, [0x3, 0x7e9, 0x789, 0x80, 0x10]}}, @svc={0x122, 0x40, {0x14c00001a, [0x4, 0x80000000, 0x2, 0xe640, 0xfffffffffffffff0]}}, @smc={0x1e, 0x40, {0x4000, [0xc0, 0x1, 0xa7b, 0x10000]}}, @mrs={0xbe, 0x18, {0x603000000013deea}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x102}}, @msr={0x14, 0x20, {0x603000000013e088}}, @irq_setup={0x46, 0x18, {0x2, 0xe}}, @msr={0x14, 0x20, {0x603000000013df76, 0x7}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x325}}, @hvc={0x32, 0x40, {0x8400100c, [0xc1b, 0x1ff, 0x92, 0x8000, 0xfffffffffffffff6]}}, @svc={0x122, 0x40, {0x0, [0x7ae, 0x5, 0x8, 0x1, 0x4]}}], 0x2ec}, &(0x7f0000000080)=[@featur2], 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000040)={0x1ff, 0x4}) (async)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000040)={0x1ff, 0x4})

29m45.541267976s ago: executing program 5 (id=246):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r5 = syz_kvm_vgic_v3_setup(r1, 0x2, 0x100)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r6, 0x3, 0x11, r3, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000001c0)="67192d2a48ec87c383aae01e3b8dbaa59fbd01418c4926dd29553e635afe7263f8fdb244d948a46e2ea2ac791c3fca1346b68a99c0620d12389cdcb575337d8dc04e2e92d3dd403d", 0x0, 0x48)
r8 = mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r6, 0x3, 0x11, r4, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r9, 0xae03, 0x51)
syz_kvm_assert_syzos_uexit$arm64(r8, 0xffffffffffffffff)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000000)=0xffffffffffffffff})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r7, 0xfffffffffffffffe)

29m40.971217107s ago: executing program 6 (id=247):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000003c0)={0x0, 0x0}, &(0x7f0000000400)=[@featur1={0x1, 0x4}], 0x1) (async)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000003c0)={0x0, 0x0}, &(0x7f0000000400)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x18)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000480)=@arm64_fw={0x6030000000140000, &(0x7f0000000440)=0xdd}) (async)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000480)=@arm64_fw={0x6030000000140000, &(0x7f0000000440)=0xdd})

29m28.425060745s ago: executing program 5 (id=248):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x285140, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
syz_kvm_vgic_v3_setup(r1, 0x4, 0x3a0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f00000003c0)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x0, 0xf, 0x2}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x3, 0x180)
syz_kvm_vgic_v3_setup(r4, 0x4, 0x240)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000140)=@arm64_fw={0x6030000000140002, &(0x7f0000000100)=0xc})
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

29m28.247522842s ago: executing program 6 (id=249):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000011c0)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000140)=0xffff}) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6e0000000000000030000000000000000000dddd0080"], 0x30}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

29m15.316430398s ago: executing program 5 (id=250):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x181a01, 0x0)
mmap$KVM_VCPU(&(0x7f0000842000/0x1000)=nil, 0x930, 0x1000005, 0x5c1fd1b6164b3f1, 0xffffffffffffffff, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000040)={0x7})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0})
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013e641, 0x0})
openat$kvm(0x0, &(0x7f00000000c0), 0x181a01, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000842000/0x1000)=nil, 0x930, 0x1000005, 0x5c1fd1b6164b3f1, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) (async)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000040)={0x7}) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0}) (async)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013e641, 0x0}) (async)

29m14.69561438s ago: executing program 6 (id=251):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f00000011c0)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f00000000c0)=0x8})
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r8 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000000)={0x1ff, 0x7, 0xffff1000, 0x2000, &(0x7f0000e4c000/0x2000)=nil})

28m26.81306447s ago: executing program 37 (id=251):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f00000011c0)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f00000000c0)=0x8})
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r8 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000000)={0x1ff, 0x7, 0xffff1000, 0x2000, &(0x7f0000e4c000/0x2000)=nil})

28m20.665854998s ago: executing program 38 (id=250):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x181a01, 0x0)
mmap$KVM_VCPU(&(0x7f0000842000/0x1000)=nil, 0x930, 0x1000005, 0x5c1fd1b6164b3f1, 0xffffffffffffffff, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000040)={0x7})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0})
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013e641, 0x0})
openat$kvm(0x0, &(0x7f00000000c0), 0x181a01, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000842000/0x1000)=nil, 0x930, 0x1000005, 0x5c1fd1b6164b3f1, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) (async)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000040)={0x7}) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0}) (async)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000080)=@arm64_sys={0x603000000013e641, 0x0}) (async)

17m23.597647052s ago: executing program 7 (id=268):
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
r2 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000080)=[@its_setup={0x82, 0x28, {0x4, 0x3, 0x43}}], 0x28}, &(0x7f0000000100)=[@featur2={0x1, 0x81}], 0x1)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x12, r2, 0x0)
munmap(&(0x7f0000e9d000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000db9000/0x2000)=nil})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x0, 0x23ac5f9b426e84b2, 0xffffffffffffffff, 0x0)

17m6.93176409s ago: executing program 7 (id=269):
openat$kvm(0x0, &(0x7f0000000000), 0x316043, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0x4b47, 0xfffffffffffffffe)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x1a10c0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r4 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r3, 0x2, 0x12, r1, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000002c0)="fb016bddfb405ee52cc6a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb2070000000000000000000000c20cecfa0a97ab7800", 0x0, 0x48)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r6, 0x4068aea3, &(0x7f00000000c0)={0xc0, 0x0, 0x8000})
r7 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
r8 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x39)
ioctl$KVM_CHECK_EXTENSION_VM(r8, 0xae03, 0x52)

16m59.29161089s ago: executing program 8 (id=270):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r4 = syz_kvm_vgic_v3_setup(r1, 0x2, 0x100)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r5, 0x3, 0x11, r3, 0x0)
syz_kvm_assert_syzos_uexit$arm64(0x0, 0xffffffffffffffff)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000000)=0xffffffffffffffff})

16m42.509121841s ago: executing program 7 (id=271):
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x0, 0x3000004, 0x2010, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000ae2000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000100)=@arm64_ccsidr={0x6020000080110003, 0x0})
ioctl$KVM_SET_GUEST_DEBUG_arm64(r3, 0x4208ae9b, &(0x7f0000000280)={0x30000, 0x0, {[0x10001, 0x4, 0x0, 0x401, 0x1703, 0x2, 0x3ff, 0x8, 0x1, 0x100000000, 0x2, 0x7, 0x6, 0x1400, 0x3, 0x3], [0x4, 0x8, 0xd959, 0x5be, 0x1, 0x2, 0x3, 0x7, 0x1, 0x3, 0x2, 0x8000, 0x7, 0x4, 0x7, 0xcc], [0x15, 0x3, 0x9, 0x100000001, 0x6, 0x6, 0x5c6, 0x5, 0xffffffffffffff66, 0xcd, 0x7, 0x3, 0x8, 0x8000000000000001, 0x4, 0x7], [0x7, 0x9, 0xe590, 0x0, 0x7, 0x80000000, 0x3ff, 0x1, 0x0, 0xb28f, 0x5b, 0x64d, 0x3, 0x6, 0x75c, 0x80000001]}})
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r6, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000bff000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000200)=@arm64_sve={0x6080000000150398, &(0x7f00000001c0)=0x6})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x28)

16m40.821304829s ago: executing program 8 (id=272):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x6)
r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x20)
ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0xffffffff, 0x4, 0x0})

16m27.72478083s ago: executing program 8 (id=273):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r2})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x100000, 0x37d03030d7a92616})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000040)={0x7, 0xffffffffffffffff, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x5000})

16m14.122838769s ago: executing program 7 (id=274):
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0) (async, rerun: 32)
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 32)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a82616}) (async, rerun: 32)
r3 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000080)=[@memwrite={0x6e, 0x0, @vgic_gicr={0x80e0000, 0x280, 0x3ff, 0xf}}], 0xfff6}, 0x0, 0x0) (rerun: 32)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async)
r7 = eventfd2(0xffff10c0, 0x801)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000100)={0xf09, 0x8080000, 0x0, r7}) (async)
r8 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
r9 = syz_kvm_vgic_v3_setup(r5, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8}) (async, rerun: 64)
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x0, 0x2, &(0x7f0000000140)=0x6}) (async, rerun: 64)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r11, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616}) (async, rerun: 32)
r12 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x30) (rerun: 32)
ioctl$KVM_REGISTER_COALESCED_MMIO(r12, 0x4010ae67, &(0x7f0000000240)={0x8080000, 0x1000})

16m6.072653002s ago: executing program 8 (id=275):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = eventfd2(0x8, 0x80800) (async)
r3 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x7ffffffffffffffe, 0xeeee0000, 0x8, r3}) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async, rerun: 64)
munmap(&(0x7f0000f7c000/0x2000)=nil, 0x2000) (async, rerun: 64)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) (async, rerun: 32)
r4 = openat$kvm(0x0, 0x0, 0x0, 0x0) (rerun: 32)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r5, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000f7e000/0x4000)=nil, 0x4000) (async, rerun: 32)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x1, r2, 0x3}) (async, rerun: 32)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_KVMCLOCK_CTRL(r6, 0xaead) (async)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, r2, 0x3})

15m55.788068447s ago: executing program 7 (id=276):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r4 = syz_kvm_vgic_v3_setup(r1, 0x2, 0x100)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r5, 0x3, 0x11, r3, 0x0)
syz_kvm_assert_syzos_uexit$arm64(0x0, 0xffffffffffffffff)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000000)=0xffffffffffffffff})

15m48.651670311s ago: executing program 8 (id=277):
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0xdc032, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x408001, 0x0)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xa8341, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000a89000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000080)=[@featur1={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r12 = syz_kvm_vgic_v3_setup(r5, 0x4, 0x220)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(r12, 0x4018aee3, &(0x7f0000000240)=@attr_other={0x0, 0x6, 0x0, 0x0})
r13 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, &(0x7f0000000140)=[@irq_setup={0x46, 0x18, {0x1, 0x24a}}, @mrs={0xbe, 0x18, {0x603000000013c110}}], 0x30}, &(0x7f00000001c0)=[@featur2={0x1, 0x81}], 0x1)
ioctl$KVM_GET_REG_LIST(r15, 0xc008aeb0, &(0x7f0000000380)={0x20000135})
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@smc={0x1e, 0x40, {0x3f000000, [0x100, 0x2000000000000, 0x5, 0xfffffffffffffff9, 0x2]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)

15m35.737902014s ago: executing program 7 (id=278):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x1, 0x6000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000240)={0x0, &(0x7f0000000340)}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x3, 0xa0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000100)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x39)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0xfffffffffffffffd, 0x5}}], 0x28}, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
r12 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x28)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1)
r14 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r13, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x0, 0x1000001, 0x11, r13, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)

15m29.68218317s ago: executing program 8 (id=279):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x200, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
r8 = ioctl$KVM_CREATE_VM(r7, 0x894c, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r11, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1}) (async)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f00000001c0)=@arm64_sys={0x6030000000138064, &(0x7f00000000c0)=0x8000})
ioctl$KVM_CREATE_VCPU(r8, 0xb702, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000080), 0x141001, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000100))
r12 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x5, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async)
r15 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000100)={0x0, &(0x7f00000001c0)=[@irq_setup={0x5, 0x18}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r12, 0x2, 0x100) (async)
ioctl$KVM_RUN(r15, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r14, 0xae80, 0x0)
r16 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r16, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0})
r17 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013df19, 0x8003}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r17, 0xae80, 0x0)

14m47.633528609s ago: executing program 39 (id=278):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x1, 0x6000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000240)={0x0, &(0x7f0000000340)}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x3, 0xa0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000100)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x39)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0xfffffffffffffffd, 0x5}}], 0x28}, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
r12 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x28)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1)
r14 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r13, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x0, 0x1000001, 0x11, r13, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)

14m39.448979987s ago: executing program 40 (id=279):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x200, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
r8 = ioctl$KVM_CREATE_VM(r7, 0x894c, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r11, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1}) (async)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f00000001c0)=@arm64_sys={0x6030000000138064, &(0x7f00000000c0)=0x8000})
ioctl$KVM_CREATE_VCPU(r8, 0xb702, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000080), 0x141001, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000100))
r12 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x5, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async)
r15 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000100)={0x0, &(0x7f00000001c0)=[@irq_setup={0x5, 0x18}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r12, 0x2, 0x100) (async)
ioctl$KVM_RUN(r15, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r14, 0xae80, 0x0)
r16 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r16, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0})
r17 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013df19, 0x8003}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r17, 0xae80, 0x0)

2m52.549974222s ago: executing program 0 (id=294):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x77) (async)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x0, 0x0, 0x6, 0x2, 0x4}}], 0x50}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100) (async)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

2m43.415200013s ago: executing program 9 (id=295):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x3, 0xfffffffd}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
r5 = eventfd2(0xa, 0x80000)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r5, 0x100, 0x3})
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2m34.941875048s ago: executing program 0 (id=296):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0x84000001, [0x8, 0x939, 0xe, 0x7f, 0x4]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000080)=@attr_pmu_init)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 64)
ioctl$KVM_CLEAR_DIRTY_LOG(r4, 0xc018aec0, 0xfffffffffffffffe) (rerun: 64)
r9 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r9, 0x4018aee2, &(0x7f0000000140)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x7}) (async)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async, rerun: 64)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async, rerun: 64)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async, rerun: 64)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r11, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0) (rerun: 64)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r12, 0xae04)
mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r13, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)

2m26.022231093s ago: executing program 9 (id=297):
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_vgic_v3_setup(r1, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8})
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000000)={0x10001, 0x0, &(0x7f0000ffc000/0x4000)=nil})

2m12.27339648s ago: executing program 0 (id=298):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x2000, 0x1000, &(0x7f0000c06000/0x1000)=nil})

2m6.84946125s ago: executing program 9 (id=299):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2, 0x23ac5f9b426ec4b1, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000000)=@arm64_fp_extra={0x60200000001000d1, 0x0})
syz_kvm_vgic_v3_setup(r1, 0x4, 0x200) (async)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, 0x0)

1m53.299912733s ago: executing program 0 (id=300):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x20001}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, 0x0, 0x0, 0x0)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x100)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x7})
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

1m46.361200312s ago: executing program 9 (id=301):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x22300, 0x0)
r1 = eventfd2(0x0, 0x0)
close(r1)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
write$eventfd(r1, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r2, 0x4068aea3, &(0x7f0000000100)={0xdf, 0x0, 0x8000})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x3)
ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000000)=@arm64_fp={0x60400000001000ac, 0x0})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000080)={0xffff1000, 0x1000})
r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r10, 0x4010aeab, &(0x7f0000000200)=@arm64_core={0x603000000010002a, &(0x7f0000000000)=0xc0})
mmap$KVM_VCPU(&(0x7f00004e3000/0x2000)=nil, 0x930, 0xa, 0x2013, r6, 0x40000)

1m29.336296701s ago: executing program 0 (id=302):
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x8, 0x23ac5f9b426ec4b1, 0xffffffffffffffff, 0x0)
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r2, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, r2, 0xe, 0x16831, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, r2, 0x6000002, 0x4d832, 0xffffffffffffffff, 0x0) (async)
syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000040)=[@irq_setup={0x46, 0x18, {0x4, 0x1a9}}, @svc={0x122, 0x40, {0xc400000d, [0x79, 0x7, 0x0, 0x860f]}}], 0x58}, &(0x7f0000000100)=[@featur1={0x1, 0x32}], 0x1)
r3 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000140)={0x0, &(0x7f00000001c0)=[@its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x0, 0xb, 0x3, 0x470}}, @mrs={0xbe, 0x18, {0x603000000013c4c9}}, @its_send_cmd={0xaa, 0x28, {0xa, 0xfc, 0x2, 0x4, 0x8, 0x9, 0x3}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x30f}}, @svc={0x122, 0x40, {0x84000009, [0xb813, 0x7c, 0x5968577f, 0x7, 0x1]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0xd00, 0x8, 0x5}}, @code={0xa, 0xb4, {"009b8ad20080b8f2410180d2e20080d2030080d2e40180d2020000d4000008d5c05897d20060b0f2010180d2820180d2e30180d2e40080d2020000d4c0719cd200e0b8f2e10080d2e20180d2630180d2440180d2020000d4007008d5e07c98d20080b8f2010080d2a20080d2830180d2440180d2020000d4007008d50000601f00b8a15e20da80d200e0b8f2c10080d2020080d2a30180d2a40180d2020000d4"}}, @smc={0x1e, 0x40, {0x800, [0x4, 0x7, 0x920, 0x5]}}, @mrs={0xbe, 0x18, {0x603000000013e6d6}}, @code={0xa, 0x9c, {"207f97d20020b8f2810180d2c20080d2430080d2840180d2020000d40004805a80d181d20080b0f2c10180d2420080d2a30080d2840080d2020000d40040df0d0084ff0d804991d20080b8f2010080d2a20080d2030180d2040080d2020000d40078202e000028d50060206e60cb80d20040b0f2010080d2820080d2e30080d2e40080d2020000d4"}}, @svc={0x122, 0x40, {0x40, [0x9, 0x7, 0x80000000, 0x100000001, 0x6]}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x1}}, @irq_setup={0x46, 0x18, {0x2, 0x20a}}, @smc={0x1e, 0x40, {0x18d00000e, [0x3, 0x4, 0x55, 0xfffffffffffffff8, 0xff]}}, @hvc={0x32, 0x40, {0x8400000c, [0x40, 0x100000001, 0xd, 0x3, 0xe]}}, @irq_setup={0x46, 0x18, {0x4, 0x1b8}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1000, 0xffffffff, 0x7}}, @eret={0xe6, 0x18, 0x1}], 0x408}, &(0x7f0000000600)=[@featur1={0x1, 0x20}], 0x1)
mmap$KVM_VCPU(&(0x7f0000c6e000/0x3000)=nil, r2, 0x0, 0x13, r3, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x10b200, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f00000000c0)={0x8, <r7=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r7, 0x4018aee2, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000100)=0x4})
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000640)=@x86={0x5, 0x76, 0xb2, 0x0, 0x2, 0x81, 0x8, 0x3, 0x0, 0x0, 0xff, 0x0, 0x0, 0x2, 0x3, 0x0, 0x9, 0xe, 0xfc, '\x00', 0x7, 0xbc}) (async)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r8, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, r8, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000) (async)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0xfffffffffffffffc)
ioctl$KVM_CHECK_EXTENSION_VM(r10, 0xae03, 0xf3)

1m19.222481314s ago: executing program 9 (id=303):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f00008ee000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000340)=[@svc={0x122, 0x40, {0x8000, [0xfffffffffffffffb, 0x5, 0xc, 0x3, 0x4]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x3, 0x0, 0x4, 0x5, 0x2}}, @smc={0x1e, 0x40, {0xc4000005, [0xc6f, 0x3ff, 0x1, 0x4, 0x4]}}, @memwrite={0x6e, 0x30, @generic={0x1, 0x1f0, 0x1, 0x5}}, @mrs={0xbe, 0x18, {0x603000000013c2a5}}], 0xf0}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r8 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x21)
r10 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r10, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r10, 0x0)
r11 = syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r12, 0xae01, 0x2d)
r13 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000a67000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r14, 0xae80, 0x0)
r15 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ff9000/0x4000)=nil, r15, 0x8, 0x13, r10, 0x0)
r16 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r16, 0x3, 0x11, r8, 0x0)
mmap$KVM_VCPU(&(0x7f0000e24000/0x4000)=nil, r16, 0x0, 0x11, r11, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0)

1m3.244068343s ago: executing program 0 (id=304):
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2a040, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x49)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000180)={0x4, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x70, 0x1, &(0x7f00000000c0)=0x7fffffff})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x20)
r8 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x34)
r11 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x12)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000100)={0x4, <r14=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r14, 0x4018aee3, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(r14, 0x4018aee3, 0x0)
ioctl$KVM_DIRTY_TLB(r7, 0x4010aeaa, &(0x7f0000000200)={0xfff, 0x5})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
close(r10)
openat$kvm(0xffffffffffffff9c, 0x0, 0x80, 0x0)
r15 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000100)={0x5, 0xd0})
ioctl$KVM_GET_ONE_REG(r15, 0x4010aeab, &(0x7f0000000000)=@arm64_fp={0x60400000001000ac, 0x0})
syz_kvm_setup_cpu$arm64(r10, r15, &(0x7f0000bfd000/0x400000)=nil, &(0x7f00000002c0)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)

51.022609869s ago: executing program 9 (id=305):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x5afa00, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f00000002c0)=@arm64_fw={0x6030000000140003, &(0x7f0000000000)=0x7})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x400454cb, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f00000008c0)={0x2000, 0x0, 0x4}) (async)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000180)) (async)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x100010, 0xffffffffffffffff, 0x0) (async)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x22300, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x28)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r11, 0x4068aea3, &(0x7f0000000100)={0xdf, 0x0, 0x8000}) (async)
r12 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f00004e3000/0x2000)=nil, 0x930, 0xa, 0x2013, r12, 0x40000) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, r3, 0x0)
r13 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000000000/0x400000)=nil) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) (async)
eventfd2(0x1c, 0x801)
ioctl$KVM_KVMCLOCK_CTRL(r8, 0xaead)
close(r4)

15.123136196s ago: executing program 41 (id=304):
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2a040, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x49)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000180)={0x4, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x70, 0x1, &(0x7f00000000c0)=0x7fffffff})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x20)
r8 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x34)
r11 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x12)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000100)={0x4, <r14=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r14, 0x4018aee3, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(r14, 0x4018aee3, 0x0)
ioctl$KVM_DIRTY_TLB(r7, 0x4010aeaa, &(0x7f0000000200)={0xfff, 0x5})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
close(r10)
openat$kvm(0xffffffffffffff9c, 0x0, 0x80, 0x0)
r15 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000100)={0x5, 0xd0})
ioctl$KVM_GET_ONE_REG(r15, 0x4010aeab, &(0x7f0000000000)=@arm64_fp={0x60400000001000ac, 0x0})
syz_kvm_setup_cpu$arm64(r10, r15, &(0x7f0000bfd000/0x400000)=nil, &(0x7f00000002c0)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)

0s ago: executing program 42 (id=305):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x5afa00, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f00000002c0)=@arm64_fw={0x6030000000140003, &(0x7f0000000000)=0x7})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x400454cb, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f00000008c0)={0x2000, 0x0, 0x4}) (async)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000180)) (async)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x100010, 0xffffffffffffffff, 0x0) (async)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x22300, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x28)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r11, 0x4068aea3, &(0x7f0000000100)={0xdf, 0x0, 0x8000}) (async)
r12 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f00004e3000/0x2000)=nil, 0x930, 0xa, 0x2013, r12, 0x40000) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, r3, 0x0)
r13 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000000000/0x400000)=nil) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) (async)
eventfd2(0x1c, 0x801)
ioctl$KVM_KVMCLOCK_CTRL(r8, 0xaead)
close(r4)

kernel console output (not intermixed with test programs):

[  375.452752][ T3156] 8021q: adding VLAN 0 to HW filter on device bond0
[  424.877094][ T3156] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:59708' (ED25519) to the list of known hosts.
[  586.531817][   T25] audit: type=1400 audit(585.750:61): avc:  denied  { name_bind } for  pid=3311 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  587.479683][   T25] audit: type=1400 audit(586.690:62): avc:  denied  { execute } for  pid=3312 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  587.494546][   T25] audit: type=1400 audit(586.710:63): avc:  denied  { execute_no_trans } for  pid=3312 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  610.460872][   T25] audit: type=1400 audit(609.680:64): avc:  denied  { mounton } for  pid=3312 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  610.492378][   T25] audit: type=1400 audit(609.720:65): avc:  denied  { mount } for  pid=3312 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  610.575402][ T3312] cgroup: Unknown subsys name 'net'
[  610.624650][   T25] audit: type=1400 audit(609.850:66): avc:  denied  { unmount } for  pid=3312 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  611.016053][ T3312] cgroup: Unknown subsys name 'cpuset'
[  611.124455][ T3312] cgroup: Unknown subsys name 'rlimit'
[  612.056180][   T25] audit: type=1400 audit(611.280:67): avc:  denied  { setattr } for  pid=3312 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  612.075679][   T25] audit: type=1400 audit(611.300:68): avc:  denied  { mounton } for  pid=3312 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  612.104851][   T25] audit: type=1400 audit(611.330:69): avc:  denied  { mount } for  pid=3312 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  613.315299][ T3315] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  613.336265][   T25] audit: type=1400 audit(612.560:70): avc:  denied  { relabelto } for  pid=3315 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  613.362114][   T25] audit: type=1400 audit(612.590:71): avc:  denied  { write } for  pid=3315 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  613.542109][   T25] audit: type=1400 audit(612.770:72): avc:  denied  { read } for  pid=3312 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  613.556821][   T25] audit: type=1400 audit(612.780:73): avc:  denied  { open } for  pid=3312 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  613.606049][ T3312] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  664.181344][   T25] audit: type=1400 audit(663.400:74): avc:  denied  { execmem } for  pid=3316 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  668.681827][   T25] audit: type=1400 audit(667.890:75): avc:  denied  { read } for  pid=3318 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  668.700465][   T25] audit: type=1400 audit(667.920:76): avc:  denied  { open } for  pid=3318 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  668.777369][   T25] audit: type=1400 audit(668.000:77): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  669.044395][   T25] audit: type=1400 audit(668.270:78): avc:  denied  { module_request } for  pid=3318 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  670.210388][   T25] audit: type=1400 audit(669.420:79): avc:  denied  { sys_module } for  pid=3318 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  693.892006][ T3318] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  693.974575][ T3319] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  694.064956][ T3318] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  694.430265][ T3319] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  711.394912][ T3318] hsr_slave_0: entered promiscuous mode
[  711.422575][ T3318] hsr_slave_1: entered promiscuous mode
[  712.198835][ T3319] hsr_slave_0: entered promiscuous mode
[  712.222062][ T3319] hsr_slave_1: entered promiscuous mode
[  712.269619][ T3319] debugfs: 'hsr0' already exists in 'hsr'
[  712.273652][ T3319] Cannot create hsr debugfs directory
[  717.599829][   T25] audit: type=1400 audit(716.820:80): avc:  denied  { create } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  717.645617][   T25] audit: type=1400 audit(716.870:81): avc:  denied  { write } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  717.680174][   T25] audit: type=1400 audit(716.890:82): avc:  denied  { read } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  717.834657][ T3318] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  718.207271][ T3318] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  718.562539][ T3318] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  718.850602][ T3318] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  720.316096][ T3319] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  720.523480][ T3319] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  720.675413][ T3319] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  720.880443][ T3319] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  733.483522][ T3318] 8021q: adding VLAN 0 to HW filter on device bond0
[  735.333559][ T3319] 8021q: adding VLAN 0 to HW filter on device bond0
[  790.712432][ T3318] veth0_vlan: entered promiscuous mode
[  791.111381][ T3318] veth1_vlan: entered promiscuous mode
[  792.638520][ T3319] veth0_vlan: entered promiscuous mode
[  793.288286][ T3318] veth0_macvtap: entered promiscuous mode
[  793.434287][ T3319] veth1_vlan: entered promiscuous mode
[  793.963571][ T3318] veth1_macvtap: entered promiscuous mode
[  795.741762][ T3319] veth0_macvtap: entered promiscuous mode
[  796.116916][ T3368] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  796.172962][ T3368] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  796.266749][ T3319] veth1_macvtap: entered promiscuous mode
[  796.305142][ T3368] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  796.319540][ T3368] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  798.915867][   T25] audit: type=1400 audit(798.140:83): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  799.109299][   T25] audit: type=1400 audit(798.330:84): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.xkz7bD/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  799.292708][   T25] audit: type=1400 audit(798.510:85): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  799.391385][ T3399] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  799.396020][ T3399] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  799.439483][ T3399] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  799.451319][ T3399] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  799.653181][   T25] audit: type=1400 audit(798.860:86): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.xkz7bD/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  799.731647][   T25] audit: type=1400 audit(798.950:87): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.xkz7bD/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3753 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  800.560481][   T25] audit: type=1400 audit(799.780:88): avc:  denied  { unmount } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  800.944574][   T25] audit: type=1400 audit(800.120:89): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  801.090375][   T25] audit: type=1400 audit(800.260:90): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="gadgetfs" ino=3766 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  801.638755][   T25] audit: type=1400 audit(800.860:91): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  801.749658][   T25] audit: type=1400 audit(800.970:92): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  803.412323][ T3318] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  805.162247][   T25] kauditd_printk_skb: 1 callbacks suppressed
[  805.179583][   T25] audit: type=1400 audit(804.290:94): avc:  denied  { read write } for  pid=3319 comm="syz-executor" name="loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  805.180863][   T25] audit: type=1400 audit(804.400:95): avc:  denied  { open } for  pid=3319 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  805.222895][   T25] audit: type=1400 audit(804.420:96): avc:  denied  { open } for  pid=3318 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  805.239736][   T25] audit: type=1400 audit(804.460:97): avc:  denied  { ioctl } for  pid=3318 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  816.596190][   T25] audit: type=1400 audit(815.820:98): avc:  denied  { read } for  pid=3473 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  816.674122][   T25] audit: type=1400 audit(815.900:99): avc:  denied  { open } for  pid=3473 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  817.149344][   T25] audit: type=1400 audit(816.360:100): avc:  denied  { ioctl } for  pid=3473 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  856.592271][   T25] audit: type=1400 audit(855.820:101): avc:  denied  { map } for  pid=3493 comm="syz.1.8" path="pipe:[2768]" dev="pipefs" ino=2768 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  867.735032][   T25] audit: type=1400 audit(866.960:102): avc:  denied  { write } for  pid=3500 comm="syz.0.10" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  884.013129][   T25] audit: type=1400 audit(883.230:103): avc:  denied  { execute } for  pid=3510 comm="syz.1.13" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4495 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  908.669734][   T25] audit: type=1400 audit(907.890:104): avc:  denied  { ioctl } for  pid=3524 comm="syz.0.17" path="net:[4026532624]" dev="nsfs" ino=4026532624 ioctlcmd=0xb702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  937.574206][   T25] audit: type=1400 audit(936.800:105): avc:  denied  { append } for  pid=3541 comm="syz.0.24" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1163.864282][ T3623] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1164.162278][ T3623] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1167.040991][ T3626] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1167.292401][ T3626] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1187.444735][ T3623] hsr_slave_0: entered promiscuous mode
[ 1187.555071][ T3623] hsr_slave_1: entered promiscuous mode
[ 1187.680207][ T3623] debugfs: 'hsr0' already exists in 'hsr'
[ 1187.691411][ T3623] Cannot create hsr debugfs directory
[ 1192.224732][ T3626] hsr_slave_0: entered promiscuous mode
[ 1192.374197][ T3626] hsr_slave_1: entered promiscuous mode
[ 1192.467360][ T3626] debugfs: 'hsr0' already exists in 'hsr'
[ 1192.502549][ T3626] Cannot create hsr debugfs directory
[ 1209.212746][ T3368] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1209.931930][ T3368] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1210.566026][ T3368] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1211.073345][ T3368] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1212.313870][ T3623] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1212.761391][ T3623] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1213.552815][ T3623] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1214.120979][ T3623] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1222.526832][ T3368] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1222.634416][ T3368] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1222.703574][ T3368] bond0 (unregistering): Released all slaves
[ 1224.903447][ T3368] hsr_slave_0: left promiscuous mode
[ 1224.972541][ T3368] hsr_slave_1: left promiscuous mode
[ 1225.362616][ T3368] veth1_macvtap: left promiscuous mode
[ 1225.366474][ T3368] veth0_macvtap: left promiscuous mode
[ 1225.381061][ T3368] veth1_vlan: left promiscuous mode
[ 1225.385391][ T3368] veth0_vlan: left promiscuous mode
[ 1237.809259][ T3626] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1238.397286][ T3626] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1239.015903][ T3626] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1239.457022][ T3626] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1243.604873][   T49] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1244.892339][   T49] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1246.287254][   T49] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1247.855412][   T49] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1268.519900][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1268.789247][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1268.904537][   T49] bond0 (unregistering): Released all slaves
[ 1271.209891][   T49] hsr_slave_0: left promiscuous mode
[ 1271.571180][   T49] hsr_slave_1: left promiscuous mode
[ 1272.541994][   T49] veth1_macvtap: left promiscuous mode
[ 1272.549430][   T49] veth0_macvtap: left promiscuous mode
[ 1272.579799][   T49] veth1_vlan: left promiscuous mode
[ 1272.586415][   T49] veth0_vlan: left promiscuous mode
[ 1293.174365][ T3626] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1293.424952][ T3623] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1385.697151][ T3626] veth0_vlan: entered promiscuous mode
[ 1387.000165][ T3623] veth0_vlan: entered promiscuous mode
[ 1387.445325][ T3626] veth1_vlan: entered promiscuous mode
[ 1388.945487][ T3623] veth1_vlan: entered promiscuous mode
[ 1391.825234][ T3626] veth0_macvtap: entered promiscuous mode
[ 1392.821251][ T3626] veth1_macvtap: entered promiscuous mode
[ 1393.771898][ T3623] veth0_macvtap: entered promiscuous mode
[ 1394.465272][ T3623] veth1_macvtap: entered promiscuous mode
[ 1396.427149][ T3703] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1396.432744][ T3703] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1396.459993][ T3703] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1396.482182][ T3703] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1399.137103][ T3399] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1399.151540][ T3399] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1399.163757][ T3399] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1399.175817][ T3399] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1622.913573][ T3702] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1625.321258][ T3702] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1627.301786][ T3702] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1629.442742][ T3702] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1655.472074][ T3702] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1656.200385][ T3702] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1656.489660][ T3702] bond0 (unregistering): Released all slaves
[ 1659.483548][ T3702] hsr_slave_0: left promiscuous mode
[ 1659.581344][ T3702] hsr_slave_1: left promiscuous mode
[ 1660.362794][ T3702] veth1_macvtap: left promiscuous mode
[ 1660.373613][ T3702] veth0_macvtap: left promiscuous mode
[ 1660.390608][ T3702] veth1_vlan: left promiscuous mode
[ 1660.452143][ T3702] veth0_vlan: left promiscuous mode
[ 1664.533887][   T25] audit: type=1400 audit(1663.700:106): avc:  denied  { map } for  pid=3999 comm="syz.3.77" path="/" dev="tmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 1746.905013][ T3972] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1747.281023][ T3972] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1781.532576][ T3972] hsr_slave_0: entered promiscuous mode
[ 1781.634386][ T3972] hsr_slave_1: entered promiscuous mode
[ 1802.850109][ T3972] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1803.302516][ T3972] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1803.646978][ T3972] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1804.006223][ T3972] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1837.083430][ T3972] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1983.538411][ T3972] veth0_vlan: entered promiscuous mode
[ 1984.932161][ T3972] veth1_vlan: entered promiscuous mode
[ 1989.084084][ T3972] veth0_macvtap: entered promiscuous mode
[ 1990.075479][ T3972] veth1_macvtap: entered promiscuous mode
[ 1994.090237][   T35] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1994.101383][ T3702] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1994.229790][ T3974] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1994.230862][ T3974] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2068.419220][   T25] audit: type=1400 audit(2067.640:107): avc:  denied  { setattr } for  pid=4268 comm="syz.4.107" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2494.187271][ T3974] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2495.262562][ T3974] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2496.446866][ T3974] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2497.681547][ T3974] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2513.076215][ T3974] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2513.316024][ T3974] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2513.524028][ T3974] bond0 (unregistering): Released all slaves
[ 2516.149977][ T3974] hsr_slave_0: left promiscuous mode
[ 2516.200743][ T3974] hsr_slave_1: left promiscuous mode
[ 2516.830558][ T3974] veth1_macvtap: left promiscuous mode
[ 2516.840157][ T3974] veth0_macvtap: left promiscuous mode
[ 2516.842332][ T3974] veth1_vlan: left promiscuous mode
[ 2516.843811][ T3974] veth0_vlan: left promiscuous mode
[ 2540.342266][ T3974] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2541.784829][ T3974] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2544.291990][ T3974] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2545.625423][ T3974] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2563.706665][ T3974] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2563.782729][ T3974] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2563.880653][ T3974] bond0 (unregistering): Released all slaves
[ 2566.079586][ T3974] hsr_slave_0: left promiscuous mode
[ 2566.199030][ T3974] hsr_slave_1: left promiscuous mode
[ 2566.949214][ T3974] veth1_macvtap: left promiscuous mode
[ 2566.950485][ T3974] veth0_macvtap: left promiscuous mode
[ 2566.973562][ T3974] veth1_vlan: left promiscuous mode
[ 2567.012191][ T3974] veth0_vlan: left promiscuous mode
[ 2600.107132][ T4455] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2600.364442][ T4455] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2603.252282][ T4459] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2603.521259][ T4459] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2626.827069][ T4455] hsr_slave_0: entered promiscuous mode
[ 2626.913032][ T4455] hsr_slave_1: entered promiscuous mode
[ 2630.142948][ T4459] hsr_slave_0: entered promiscuous mode
[ 2630.235549][ T4459] hsr_slave_1: entered promiscuous mode
[ 2630.266275][ T4459] debugfs: 'hsr0' already exists in 'hsr'
[ 2630.299727][ T4459] Cannot create hsr debugfs directory
[ 2648.504845][ T4455] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2649.342491][ T4455] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2649.752225][ T4455] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2650.507492][ T4455] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2656.373135][ T4459] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 2656.958852][ T4459] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 2657.490869][ T4459] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 2658.042411][ T4459] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 2681.600360][ T4455] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2686.874448][ T4459] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2826.394653][ T4455] veth0_vlan: entered promiscuous mode
[ 2827.516564][ T4455] veth1_vlan: entered promiscuous mode
[ 2832.931957][ T4459] veth0_vlan: entered promiscuous mode
[ 2833.096037][ T4455] veth0_macvtap: entered promiscuous mode
[ 2834.431926][ T4455] veth1_macvtap: entered promiscuous mode
[ 2835.360418][ T4459] veth1_vlan: entered promiscuous mode
[ 2839.969877][   T49] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2839.982476][   T49] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2840.399751][   T49] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2840.622661][   T35] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2842.972293][ T4459] veth0_macvtap: entered promiscuous mode
[ 2844.600324][ T4459] veth1_macvtap: entered promiscuous mode
[ 2850.352304][ T4413] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2850.383265][ T4413] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2850.443529][ T4413] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2850.456017][ T4413] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3744.403930][ T4479] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3747.459759][ T4479] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3749.062805][ T4479] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3750.381744][ T4479] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3768.247110][ T4479] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3768.403727][ T4479] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3768.526675][ T4479] bond0 (unregistering): Released all slaves
[ 3771.161850][ T4479] hsr_slave_0: left promiscuous mode
[ 3771.441964][ T4479] hsr_slave_1: left promiscuous mode
[ 3772.235393][ T4479] veth1_macvtap: left promiscuous mode
[ 3772.236748][ T4479] veth0_macvtap: left promiscuous mode
[ 3772.275681][ T4479] veth1_vlan: left promiscuous mode
[ 3772.331575][ T4479] veth0_vlan: left promiscuous mode
[ 3804.586162][ T3368] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3806.369513][ T3368] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3807.954696][ T3368] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3809.433922][ T3368] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3829.541375][ T3368] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3830.132528][ T3368] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3830.341792][ T3368] bond0 (unregistering): Released all slaves
[ 3832.580830][ T3368] hsr_slave_0: left promiscuous mode
[ 3832.701037][ T3368] hsr_slave_1: left promiscuous mode
[ 3833.288947][ T3368] veth1_macvtap: left promiscuous mode
[ 3833.292358][ T3368] veth0_macvtap: left promiscuous mode
[ 3833.301584][ T3368] veth1_vlan: left promiscuous mode
[ 3833.319584][ T3368] veth0_vlan: left promiscuous mode
[ 3900.344297][ T5146] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3901.726898][ T5146] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3902.041681][ T5142] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3903.093032][ T5142] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3937.859395][ T5146] hsr_slave_0: entered promiscuous mode
[ 3938.011674][ T5146] hsr_slave_1: entered promiscuous mode
[ 3940.563024][ T5142] hsr_slave_0: entered promiscuous mode
[ 3940.694538][ T5142] hsr_slave_1: entered promiscuous mode
[ 3940.750844][ T5142] debugfs: 'hsr0' already exists in 'hsr'
[ 3940.754720][ T5142] Cannot create hsr debugfs directory
[ 3957.586730][ T5146] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 3958.594075][ T5146] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 3959.717093][ T5146] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 3961.370263][ T5146] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 3967.837296][ T5142] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 3968.443159][ T5142] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 3969.131061][ T5142] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 3969.789662][ T5142] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 4002.566839][ T5146] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4008.385419][ T5142] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4180.775066][ T5146] veth0_vlan: entered promiscuous mode
[ 4181.934741][ T5146] veth1_vlan: entered promiscuous mode
[ 4186.914090][ T5142] veth0_vlan: entered promiscuous mode
[ 4187.672002][ T5146] veth0_macvtap: entered promiscuous mode
[ 4188.950613][ T5146] veth1_macvtap: entered promiscuous mode
[ 4189.611929][ T5142] veth1_vlan: entered promiscuous mode
[ 4195.050193][ T4685] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4195.094153][ T5326] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4195.624183][ T5326] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4195.632034][ T5326] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4196.701049][ T5142] veth0_macvtap: entered promiscuous mode
[ 4198.283118][ T5142] veth1_macvtap: entered promiscuous mode
[ 4205.840492][ T5157] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4205.870714][ T4871] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4205.922710][ T5157] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4206.036617][ T4604] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4594.346104][ T4604] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4596.434810][ T4604] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4598.821078][ T4604] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4601.127017][ T4604] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4630.645842][ T4604] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4631.275364][ T4604] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4631.551595][ T4604] bond0 (unregistering): Released all slaves
[ 4634.870578][ T4604] hsr_slave_0: left promiscuous mode
[ 4635.030377][ T4604] hsr_slave_1: left promiscuous mode
[ 4635.926414][ T4604] veth1_macvtap: left promiscuous mode
[ 4636.010841][ T4604] veth0_macvtap: left promiscuous mode
[ 4636.021354][ T4604] veth1_vlan: left promiscuous mode
[ 4636.054934][ T4604] veth0_vlan: left promiscuous mode
[ 4682.726976][ T4604] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4684.653956][ T4604] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4686.545149][ T4604] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4689.131553][ T4604] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4717.545385][ T4604] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4717.790528][ T4604] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4717.913116][ T4604] bond0 (unregistering): Released all slaves
[ 4719.493558][ T4604] hsr_slave_0: left promiscuous mode
[ 4719.563302][ T4604] hsr_slave_1: left promiscuous mode
[ 4720.212552][ T4604] veth1_macvtap: left promiscuous mode
[ 4720.215961][ T4604] veth0_macvtap: left promiscuous mode
[ 4720.261565][ T4604] veth1_vlan: left promiscuous mode
[ 4720.271708][ T4604] veth0_vlan: left promiscuous mode
[ 4776.036472][ T5546] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4776.445359][ T5546] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4784.590343][ T5550] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4785.003562][ T5550] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4817.536203][ T5546] hsr_slave_0: entered promiscuous mode
[ 4817.692023][ T5546] hsr_slave_1: entered promiscuous mode
[ 4828.731719][ T5550] hsr_slave_0: entered promiscuous mode
[ 4828.832501][ T5550] hsr_slave_1: entered promiscuous mode
[ 4828.913220][ T5550] debugfs: 'hsr0' already exists in 'hsr'
[ 4828.918575][ T5550] Cannot create hsr debugfs directory
[ 4846.687427][ T5546] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 4849.436133][ T5546] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 4850.251335][ T5546] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 4851.801943][ T5546] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 4865.669996][ T5550] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 4866.156504][ T5550] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 4866.756198][ T5550] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 4867.366906][ T5550] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 4896.474244][ T5546] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4908.713045][ T5550] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5058.912582][ T5550] veth0_vlan: entered promiscuous mode
[ 5060.195864][ T5550] veth1_vlan: entered promiscuous mode
[ 5064.426284][ T5550] veth0_macvtap: entered promiscuous mode
[ 5065.376164][ T5550] veth1_macvtap: entered promiscuous mode
[ 5070.213639][ T4604] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5070.462055][ T5156] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5070.704766][ T5156] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5070.724106][ T5156] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5079.973438][ T5546] veth0_vlan: entered promiscuous mode
[ 5082.025083][ T5546] veth1_vlan: entered promiscuous mode
[ 5087.341857][ T5546] veth0_macvtap: entered promiscuous mode
[ 5088.496821][ T5546] veth1_macvtap: entered promiscuous mode
[ 5093.581430][ T5768] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5093.619815][ T5768] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5093.635465][ T5157] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5093.848857][ T3399] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5593.012082][ T5924] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5593.562211][ T5924] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5610.732089][ T5931] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5611.236551][ T5931] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5658.283863][ T5924] hsr_slave_0: entered promiscuous mode
[ 5658.444947][ T5924] hsr_slave_1: entered promiscuous mode
[ 5658.527365][ T5924] debugfs: 'hsr0' already exists in 'hsr'
[ 5658.654195][ T5924] Cannot create hsr debugfs directory
[ 5679.279884][ T5931] hsr_slave_0: entered promiscuous mode
[ 5679.434121][ T5931] hsr_slave_1: entered promiscuous mode
[ 5679.551285][ T5931] debugfs: 'hsr0' already exists in 'hsr'
[ 5679.552289][ T5931] Cannot create hsr debugfs directory
[ 5726.420574][ T5924] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 5730.116736][ T5924] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 5734.360319][ T5924] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 5735.485645][ T5924] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 5753.955923][ T5931] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 5754.702381][ T5931] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 5755.555264][ T5931] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 5756.490321][ T5931] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 5796.016227][ T5924] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5811.143384][ T5931] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5832.291093][   T27] INFO: task syz.9.305:5910 blocked for more than 430 seconds.
[ 5832.322289][   T27]       Not tainted syzkaller #0
[ 5832.351949][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 5832.433038][   T27] task:syz.9.305       state:D stack:0     pid:5910  tgid:5910  ppid:5546   task_flags:0x400040 flags:0x00000019
[ 5832.456311][   T27] Call trace:
[ 5832.456867][   T27]  __switch_to+0x584/0xb20 (T)
[ 5832.532346][   T27]  __schedule+0x1eec/0x33a4
[ 5832.533160][   T27]  schedule+0xac/0x27c
[ 5832.533739][   T27]  schedule_timeout+0x5c/0x1e4
[ 5832.534184][   T27]  do_wait_for_common+0x28c/0x444
[ 5832.534583][   T27]  wait_for_completion+0x44/0x5c
[ 5832.535081][   T27]  __synchronize_srcu+0x2a4/0x320
[ 5832.535526][   T27]  synchronize_srcu+0x3cc/0x4f0
[ 5832.535983][   T27]  mmu_notifier_unregister+0x320/0x42c
[ 5832.536428][   T27]  kvm_put_kvm+0x6a0/0xfa8
[ 5832.536853][   T27]  kvm_vm_release+0x58/0x78
[ 5832.537325][   T27]  __fput+0x4ac/0x980
[ 5832.670214][   T27]  ____fput+0x20/0x58
[ 5832.670825][   T27]  task_work_run+0x1bc/0x254
[ 5832.671266][   T27]  do_notify_resume+0x1bc/0x270
[ 5832.671741][   T27]  el0_svc+0xb8/0x164
[ 5832.672177][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 5832.672602][   T27]  el0t_64_sync+0x198/0x19c
[ 5832.706519][   T27] 
[ 5832.706519][   T27] Showing all locks held in the system:
[ 5832.707200][   T27] 1 lock held by khungtaskd/27:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 5832.771627][   T27]  #0: ffff800087876d18 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[ 5832.892553][   T27] 1 lock held by klogd/3119:
[ 5832.892987][   T27] 2 locks held by getty/3187:
[ 5832.893343][   T27]  #0: 87f000001204e8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 5832.895003][   T27]  #1: 9cff80008c5cb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8
[ 5832.896672][   T27] 2 locks held by syz-executor/3312:
[ 5832.897006][   T27] 3 locks held by kworker/u4:6/3368:
[ 5832.897329][   T27] 3 locks held by kworker/u4:7/3399:
[ 5833.049916][   T27] 2 locks held by kworker/u4:8/3702:
[ 5833.050350][   T27]  #0: 69f000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 5833.052120][   T27]  #1: ffff80008ff97c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 5833.053897][   T27] 2 locks held by kworker/u4:12/4604:
[ 5833.054252][   T27] 3 locks held by kworker/u4:4/4871:
[ 5833.054563][   T27] 2 locks held by kworker/u4:0/5035:
[ 5833.054890][   T27]  #0: 69f000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 5833.056504][   T27]  #1: ffff80008f867c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 5833.251417][   T27] 3 locks held by kworker/u4:5/5156:
[ 5833.251791][   T27] 3 locks held by kworker/u4:10/5157:
[ 5833.252140][   T27] 3 locks held by kworker/u4:14/5557:
[ 5833.252481][   T27] 3 locks held by kworker/u4:13/5768:
[ 5833.252814][   T27] 2 locks held by syz.0.304/5908:
[ 5833.253119][   T27] 3 locks held by kworker/u4:2/5928:
[ 5833.253488][   T27] 2 locks held by kworker/u4:16/6045:
[ 5833.253823][   T27]  #0: 69f000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 5833.255464][   T27]  #1: ffff80008f5b7c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 5833.257138][   T27] 2 locks held by modprobe/6071:
[ 5833.368700][   T27] 2 locks held by modprobe/6072:
[ 5833.369630][   T27] 
[ 5833.369943][   T27] =============================================
[ 5833.369943][   T27] 
[ 5853.439695][   T27] INFO: task syz.9.305:5910 blocked for more than 451 seconds.
[ 5853.449955][   T27]       Not tainted syzkaller #0
[ 5853.464337][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 5853.464952][   T27] task:syz.9.305       state:D stack:0     pid:5910  tgid:5910  ppid:5546   task_flags:0x400040 flags:0x00000019
[ 5853.465762][   T27] Call trace:
[ 5853.466025][   T27]  __switch_to+0x584/0xb20 (T)
[ 5853.466565][   T27]  __schedule+0x1eec/0x33a4
[ 5853.467067][   T27]  schedule+0xac/0x27c
[ 5853.550954][   T27]  schedule_timeout+0x5c/0x1e4
[ 5853.599919][   T27]  do_wait_for_common+0x28c/0x444
[ 5853.600562][   T27]  wait_for_completion+0x44/0x5c
[ 5853.601116][   T27]  __synchronize_srcu+0x2a4/0x320
[ 5853.601635][   T27]  synchronize_srcu+0x3cc/0x4f0
[ 5853.602089][   T27]  mmu_notifier_unregister+0x320/0x42c
[ 5853.602527][   T27]  kvm_put_kvm+0x6a0/0xfa8
[ 5853.602949][   T27]  kvm_vm_release+0x58/0x78
[ 5853.603379][   T27]  __fput+0x4ac/0x980
[ 5853.603772][   T27]  ____fput+0x20/0x58
[ 5853.604145][   T27]  task_work_run+0x1bc/0x254
[ 5853.604534][   T27]  do_notify_resume+0x1bc/0x270
[ 5853.604997][   T27]  el0_svc+0xb8/0x164
[ 5853.605442][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 5853.605903][   T27]  el0t_64_sync+0x198/0x19c
[ 5853.606518][   T27] 
[ 5853.606518][   T27] Showing all locks held in the system:
[ 5853.606842][   T27] 1 lock held by khungtaskd/27:
[ 5853.607150][   T27]  #0: ffff800087876d18 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[ 5853.752774][   T27] 1 lock held by klogd/3119:
[ 5853.753152][   T27] 2 locks held by getty/3187:
[ 5853.753495][   T27]  #0: 87f000001204e8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 5853.755089][   T27]  #1: 9cff80008c5cb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8
[ 5853.756710][   T27] 3 locks held by kworker/u4:6/3368:
[ 5853.757064][   T27] 3 locks held by kworker/u4:12/4604:
[ 5853.757420][   T27] 3 locks held by kworker/u4:0/5035:
[ 5853.892189][   T27] 2 locks held by kworker/u4:10/5157:
[ 5853.892632][   T27]  #0: 69f000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 5853.894441][   T27]  #1: ffff80008ce87c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 5853.896083][   T27] 2 locks held by kworker/0:1/5375:
[ 5853.896427][   T27] 3 locks held by kworker/u4:14/5557:
[ 5853.896787][   T27] 2 locks held by syz.0.304/5908:
[ 5853.897096][   T27] 3 locks held by kworker/u4:2/5928:
[ 5853.969800][   T27] 3 locks held by kworker/u4:15/5965:
[ 5853.981811][   T27] 2 locks held by kworker/u4:16/6045:
[ 5853.982262][   T27] 2 locks held by modprobe/6077:
[ 5854.008587][   T27] 
[ 5854.009100][   T27] =============================================
[ 5854.009100][   T27] 

VM DIAGNOSIS:
06:01:27  Registers:
info registers vcpu 0

CPU#0
 PC=ffff800080385758 X00=0000000000000001 X01=ffff80008712372d
X02=00000000000002bf X03=0000000000000002 X04=0000000000000000
X05=0000000000000000 X06=0000000000000000 X07=0000000000000000
X08=0000000000000102 X09=ffff800087fa19a8 X10=0000000000000038
X11=0000000000000101 X12=0000000000000102 X13=0000000000000028
X14=ffffffffffffffff X15=ffff800080007680 X16=ffff800080010e20
X17=0000000000000053 X18=00000000000000ff X19=efff800000000000
X20=37f0000027334d00 X21=3cf0000012575000 X22=0000000000000002
X23=37f0000027334de4 X24=0000000000000002 X25=0000000000000037
X26=000000000000ffff X27=f3f000001472c04e X28=37f0000027334dd8
X29=ffff8000800079a0 X30=ffff8000853f9e34  SP=ffff800080007850
PSTATE=20402009 --C- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=2525252525252525:2525252525252525 Z01=65642f000a732520:7325207334362e25
Z02=742065726f6d2072:6f662064656b636f Z03=000000ff0000ff00:00ff0000000000ff
Z04=0000000000000000:000f00f00f00000f Z05=64656b636f6c6220:303139353a353033
Z06=203a29315f657661:6c735f646e6f6220 Z07=206e612073612067:6e6976616c736e45
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000ffffe55605e0:0000ffffe55605e0 Z17=ffffff80ffffffd0:0000ffffe55605b0
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000