last executing test programs:

46m41.8603574s ago: executing program 0 (id=76):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil)
r2 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r4 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r3, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0)
r5 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000000)=@arm64_sys={0xf0780000002e2172, 0x0})
ioctl$KVM_CREATE_VM(r5, 0x401c5820, 0x20000001)

46m33.438851002s ago: executing program 0 (id=78):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100018, &(0x7f0000000100)=0xffffffffffffffff})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0x80111500, 0x20000000)
write$eventfd(r5, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xfff)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000140)={0x3ff, 0x0, 0x0, 0x1000, &(0x7f0000fff000/0x1000)=nil})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000040)={0x6, <r9=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r9, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x0, 0x6, 0x0})

46m32.771865265s ago: executing program 1 (id=79):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x2, 0x0})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r4=>0xffffffffffffffff, 0x1})
r5 = ioctl$KVM_CREATE_VM(r4, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0x40305839, 0xfffffffffffffffc)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000240)}, 0x0, 0x0)
munmap(&(0x7f0000f3d000/0x3000)=nil, 0x3000)
syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x5, <r8=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)

46m25.649128744s ago: executing program 0 (id=80):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x400454d0, 0x1)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r2, 0x400454d0, 0x1)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x2a040, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0xd8)
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2c)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bff000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000000)=@arm64_ccsidr={0x6030000000110001, 0x0})

46m24.579653325s ago: executing program 1 (id=81):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4020ae46, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000010000000000000008"])
close(r1)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
write$eventfd(r2, &(0x7f00000001c0), 0xfdef)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f0000000000)={0xdf, 0x0, 0x12000})
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)

46m18.427190632s ago: executing program 1 (id=82):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013df62, 0xc00001}}], 0x20}, &(0x7f0000000000)=[@featur2={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0x401c5820, 0xffff98600fff)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x11)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

46m17.104623918s ago: executing program 0 (id=83):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000600)={0x0, &(0x7f0000000100)=[@hvc={0x32, 0x40, {0x1, [0x8, 0x6, 0x5, 0x8001, 0x200]}}, @svc={0x122, 0x40, {0x30000000, [0x3, 0x80000001, 0x5, 0x6, 0x8]}}, @irq_setup={0x46, 0x18, {0x3, 0x377}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x0, 0xf, 0xb05, 0x3, 0x3}}, @mrs={0xbe, 0x18, {0x603000000013c00a}}, @code={0xa, 0x6c, {"00b0205e007008d520e08dd20060b8f2210180d2420180d2630080d2e40080d2020000d4000040bd000440b80004801a000008d5007008d5007008d5002d8ed20000b8f2210180d2420080d2230180d2a40180d2020000d4"}}, @uexit={0x0, 0x18, 0x8}, @code={0xa, 0x6c, {"0048202e007008d5007008d50018200e0004803880a696d20060b8f2a10180d2a20180d2830080d2a40180d2020000d40098202e000008d5007008d5204b9bd20080b8f2c10180d2020180d2830080d2440180d2020000d4"}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x56}}, @hvc={0x32, 0x40, {0x20, [0x7e, 0x7f, 0x5, 0xd9, 0x2]}}, @irq_setup={0x46, 0x18, {0x3, 0x2ae}}, @hvc={0x32, 0x40, {0x800, [0x5, 0x9, 0x2, 0xff, 0x1]}}, @code={0xa, 0x6c, {"0000200b207991d20000b0f2810180d2a20180d2a30080d2640080d2020000d4e003bfd6007008d520d794d200e0b0f2610080d2e20080d2e30080d2440080d2020000d4000008d50084002f0098205e000440bc0000c0a9"}}, @hvc={0x32, 0x40, {0xc5000020, [0x0, 0x4, 0x5, 0x4, 0x8001]}}, @mrs={0xbe, 0x18, {0x603000000013e659}}, @code={0xa, 0x84, {"00368fd20080b0f2010180d2c20180d2030080d2640080d2020000d4000008d5000008d500849f0d008008d50028202e00003fd600806088a05199d200e0b0f2810180d2220180d2c30180d2c40180d2020000d4c0b085d20040b8f2c10080d2820080d2a30180d2040180d2020000d4"}}, @mrs={0xbe, 0x18, {0x603000000013e201}}, @eret={0xe6, 0x18, 0x8001}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x1bd}}, @code={0xa, 0x54, {"008008d59f2003d5007008d500e684d200e0b8f2810180d2820080d2e30080d2a40080d2020000d4000008d5000008d50048214e00c8b02e007008d5000000eb"}}, @irq_setup={0x46, 0x18, {0x2, 0xc9}}, @msr={0x14, 0x20, {0x603000000013df12, 0x4}}, @hvc={0x32, 0x40, {0x40000000, [0x2, 0x1, 0xf, 0xff, 0x3]}}], 0x4f4}, &(0x7f0000000640)=[@featur2={0x1, 0xbc}], 0x1)
r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
r7 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x4, 0x220)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000040)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000000)=0x1b})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000b10000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000b80)={0x0, &(0x7f00000009c0)=[@hvc={0x32, 0x40, {0x84000006, [0x4, 0x1, 0x8000000000000000, 0x427f, 0x400003]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r11, 0xae80, 0x0)

46m11.452540257s ago: executing program 1 (id=84):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0xe0180, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x0, 0x0, 0x6, 0x2, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

46m5.992537058s ago: executing program 0 (id=85):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x23)
r1 = ioctl$KVM_CREATE_GUEST_MEMFD(r0, 0xc040aed4, &(0x7f0000000000)={0x2, 0x8001})
ioctl$KVM_CAP_DIRTY_LOG_RING(r0, 0x4068aea3, &(0x7f0000000040)={0xc0, 0x0, 0x18000})
ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f00000000c0)={0xe, 0x3})
ioctl$KVM_HAS_DEVICE_ATTR_vm(r0, 0x4018aee3, &(0x7f0000000140)=@attr_other={0x0, 0x8, 0x6, &(0x7f0000000100)=0x7})
ioctl$KVM_CAP_DIRTY_LOG_RING(r0, 0x4068aea3, &(0x7f0000000180)={0xc0, 0x0, 0xa000})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x4000, 0x0)
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000240)={0x8, 0xffffffffffffffff, 0x1})
ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000280)={0x5, 0x0, [{0x6, 0x2, 0x0, 0x0, @sint={0xa, 0x9}}, {0x3, 0x0, 0x0, 0x0, @adapter={0x1, 0x1, 0x5, 0x6, 0x4}}, {0xa, 0x3, 0x1, 0x0, @sint={0x10001, 0x1}}, {0x81, 0x4, 0x0, 0x0, @msi={0xff, 0x3, 0x4, 0x8}}, {0x0, 0x1, 0x1, 0x0, @msi={0x9, 0x7, 0x6c2c0c24, 0x10000}}]})
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x12800, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r0, 0x4018aee1, &(0x7f0000000400)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000003c0)={0xfffffffd, 0x9}})
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f0000000440)={0xffff1000, 0x300000})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f0000000480)={0x8080000, 0x100000, 0x1})
r4 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2)
syz_kvm_setup_cpu$arm64(r0, r4, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000640)=[{0x0, &(0x7f00000004c0)=[@its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x1, 0x9, 0x6, 0x7}}, @mrs={0xbe, 0x18, {0x603000000013df4a}}, @mrs={0xbe, 0x18, {0x603000000013deec}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x2b9}}, @smc={0x1e, 0x40, {0x8400000e, [0x2a, 0x6, 0xfffffffffffffff6, 0x6, 0x8000000000000001]}}, @uexit={0x0, 0x18, 0x2}, @msr={0x14, 0x20, {0x603000000013df4a, 0x5}}, @memwrite={0x6e, 0x30, @generic={0xeeee0000, 0x211, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x0, 0xf, 0xffffff81, 0x1ff, 0x2}}, @eret={0xe6, 0x18, 0x100000001}], 0x168}], 0x1, 0x0, &(0x7f0000000680)=[@featur1={0x1, 0x40}], 0x1)
r5 = eventfd2(0x6, 0x0)
r6 = eventfd2(0x4, 0x801)
ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f00000006c0)={r5, 0xd, 0x3, r6})
ioctl$KVM_ARM_VCPU_FINALIZE(r4, 0x4004aec2, &(0x7f0000000700)=0x1)
munmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
ioctl$KVM_GET_DEVICE_ATTR_vm(r0, 0x4018aee2, &(0x7f0000000780)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000740)={0x9, 0x100, 0x2}})
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f00000007c0)={0x5, 0x0, [{0x2, 0x2, 0x0, 0x0, @sint={0x0, 0x5}}, {0xfffffff7, 0x3, 0x1, 0x0, @adapter={0x0, 0x1, 0x6, 0x7, 0x8}}, {0x4, 0x3, 0x0, 0x0, @msi={0x10001, 0xd9b8, 0x7, 0x2}}, {0x5, 0x2bde02fec27a937e, 0x1, 0x0, @msi={0x6, 0x6, 0x200, 0x5}}, {0x2, 0x2, 0x0, 0x0, @irqchip={0x8, 0x80000000}}]})
r7 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x35)
ioctl$KVM_CLEAR_DIRTY_LOG(r7, 0xc018aec0, &(0x7f0000000cc0)={0x101f8, 0x80, 0x200, &(0x7f00000008c0)=[0x3, 0x672, 0xfac, 0xe, 0x6, 0x9, 0x9, 0x5, 0x1ff, 0x1, 0x3, 0x5, 0xc000000000, 0x9, 0x7faecbbd, 0x81, 0x2, 0x5, 0x0, 0x0, 0x7, 0x8, 0xfffffffffffffffc, 0x1, 0xffffffffffffffff, 0x80000000, 0x1, 0x4f0, 0x3, 0x3, 0x2fd, 0x8c49, 0x81, 0x8, 0x80000000, 0xff, 0x7, 0x5, 0xfffffffffffffff8, 0x2, 0x0, 0xd5, 0xffffffffffff0001, 0x31, 0x9, 0x7, 0x1d80000000, 0xfffffffffffffff8, 0x7fffffffffffffff, 0x9, 0x7, 0x4f23, 0x5, 0x9, 0x2, 0x7fff, 0x2, 0x7fff, 0x8, 0x6, 0x3, 0x4, 0x3, 0x3, 0xfa, 0x7, 0x0, 0x7, 0x7, 0x9, 0x5bf, 0x271b, 0xad8, 0x875, 0x100, 0x3, 0x2, 0xffffffff, 0x4, 0xff, 0x8, 0x4, 0x1, 0x6, 0xdd, 0xb, 0xfffffffffffffe19, 0x7, 0x10, 0xffffffffffff7c0a, 0x9, 0xe, 0x1, 0x401, 0x29e4f76b, 0x8, 0x7fffffffffffffff, 0x7f, 0x2, 0x10, 0x6, 0x1f, 0x2, 0x8000000000000001, 0x6, 0x1ff, 0x3, 0xd9, 0x80, 0x5, 0x8000000000000000, 0x9, 0x9, 0xe, 0xfffffffffffffc01, 0xffffffffffffffff, 0x80000001, 0x9, 0x10001, 0x2, 0x4c9e, 0x6, 0x58b, 0x8, 0x7, 0x6f6, 0x2773f1de, 0x4]})
ioctl$KVM_SET_DEVICE_ATTR_vm(r0, 0x4018aee1, &(0x7f0000000d40)=@attr_other={0x0, 0x8001, 0x4, &(0x7f0000000d00)=0x80})
r8 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x32)
ioctl$KVM_SET_USER_MEMORY_REGION2(r8, 0x40a0ae49, &(0x7f0000000d80)={0x101ff, 0x4, 0x0, 0x2000, &(0x7f0000f9f000/0x2000)=nil, 0xe14c, r1})
r9 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x26)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r9, 0x4068aea3, &(0x7f0000000e40))

46m4.238461145s ago: executing program 1 (id=86):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r2 = syz_kvm_vgic_v3_setup(r1, 0x2, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x7, 0x0, &(0x7f00000000c0)=0x4})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r5, 0x400454d0, 0x7ffffffe)

46m0.670303566s ago: executing program 0 (id=87):
r0 = openat$kvm(0x0, &(0x7f00000001c0), 0xd40, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x0, 0x2000000, 0x10010, r0, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000000)="fbea9e3c84a6d225e5713e5f9a04e60df84df6362ac3342456be467f5f859dd997ad7529afcd7997760b5bb94bab2dee55f98136f387e2171c7332553b01b7026b3275357348e4a5", 0x0, 0x48)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x7, <r3=>0xffffffffffffffff})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33)
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000180)=@attr_arm64={0x0, 0x3, 0x3, 0x0})
r4 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000200), 0x200, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x800000031)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100024, &(0x7f0000000140)=0x7})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000680)="38cee153c8c71be280010000002c8659dcc9225b48cb5cb00c73b0bc3018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)

45m56.287424584s ago: executing program 1 (id=88):
r0 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)

45m14.382551594s ago: executing program 32 (id=87):
r0 = openat$kvm(0x0, &(0x7f00000001c0), 0xd40, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x0, 0x2000000, 0x10010, r0, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000000)="fbea9e3c84a6d225e5713e5f9a04e60df84df6362ac3342456be467f5f859dd997ad7529afcd7997760b5bb94bab2dee55f98136f387e2171c7332553b01b7026b3275357348e4a5", 0x0, 0x48)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x7, <r3=>0xffffffffffffffff})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33)
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000180)=@attr_arm64={0x0, 0x3, 0x3, 0x0})
r4 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000200), 0x200, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x800000031)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100024, &(0x7f0000000140)=0x7})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000680)="38cee153c8c71be280010000002c8659dcc9225b48cb5cb00c73b0bc3018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)

45m9.350457036s ago: executing program 33 (id=88):
r0 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)

36m6.650824067s ago: executing program 2 (id=126):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1e000000000000004000000000000000000000ef00000000fcffffffffffff1bf3a3b292e50d9600020000000100000003000000000000000400000000000000320000000000000040000000000000005200008400"], 0x80}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

35m56.741576082s ago: executing program 2 (id=128):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x10000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000040)=@arm64_sys={0x603000000013e000, 0x0})
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x40480, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x501b80, 0x0)
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0x7e)
r7 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x20000000)
r8 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r9 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r9, 0xae03, 0x59)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r11, 0x4010ae42, &(0x7f0000000000)={0xa4a605311ad0de6b, 0x0, &(0x7f0000c67000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f000076b000/0x400000)=nil)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r12 = openat$kvm(0x0, &(0x7f0000000180), 0x131002, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x34)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r13, r14, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f00000001c0)=@arm64_core={0x6030000000100022, &(0x7f0000000000)=0xcb})
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000280)={0x0, &(0x7f0000000580)=[@eret={0xe6, 0x18, 0x1000}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x2, 0xb, 0x4, 0x3}}, @irq_setup={0x46, 0x18, {0x0, 0x10}}, @msr={0x14, 0x20, {0x603000000013e108, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013f247}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x0, 0x9b, 0x8}}, @smc={0x1e, 0x40, {0x8400000e, [0x5, 0x4, 0x5, 0x3, 0x132f]}}, @code={0xa, 0x54, {"007008d5008008d5007008d5a0239ad200a0b8f2e10180d2e20080d2030080d2040080d2020000d4007008d50000299e00c8a07e000020ca008008d50048210e"}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x139}}, @mrs={0xbe, 0x18, {0x603000000013df7e}}, @msr={0x14, 0x20, {0x1cb, 0xd}}, @code={0xa, 0x6c, {"a0598cd200a0b8f2c10180d2c20080d2830080d2240180d2020000d4000028d50000621e000028d5000008d5007008d5008008d5007008d560ef90d20060b0f2a10180d2c20080d2030180d2240080d2020000d4000040a8"}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x2, 0x1ff, 0xfffffffd, 0x0, 0x1}}, @eret={0xe6, 0x18, 0x10000}, @svc={0x122, 0x40, {0x100, [0xfffffffffffffff8, 0x7, 0x2e, 0x100, 0x1]}}, @smc={0x1e, 0x40, {0x84000011, [0x1e9, 0x1000, 0xfffffffffffffffc, 0x4, 0xf879]}}, @irq_setup={0x46, 0x18, {0x3, 0x18f}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x2, 0x4, 0x1000, 0x2a, 0x3}}, @svc={0x122, 0x40, {0x1000, [0x8, 0x8000000000000336, 0x9, 0x1, 0x1]}}, @msr={0x14, 0x20, {0x603000000013e289, 0x8000}}, @smc={0x1e, 0x40, {0x8400000f, [0xfffffffffffffffc, 0x4, 0x0, 0x8, 0x200]}}, @irq_setup={0x46, 0x18, {0x0, 0x354}}, @irq_setup={0x46, 0x18, {0x3, 0x3b5}}, @code={0xa, 0x84, {"c05787d200c0b0f2410180d2420080d2c30180d2640080d2020000d4c0589cd20060b8f2c10180d2020180d2830080d2a40080d2020000d4000008d500a4df0d001c004e000008d50060004f40e691d20060b0f2410180d2a20180d2430080d2240080d2020000d4009c006f00cca00e"}}, @irq_setup={0x46, 0x18, {0x4, 0x1a7}}, @eret={0xe6, 0x18, 0x6}, @code={0xa, 0x6c, {"0008403a40199ed20040b0f2210180d2a20080d2230080d2e40180d2020000d4008008d5000028d5404393d20080b8f2610080d2c20080d2830080d2640080d2020000d4007008d5007008d5007008d5000008d50000429e"}}, @msr={0x14, 0x20, {0x603000000013e6dc}}], 0x530}, 0x0, 0x0)
r15 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)

35m32.5890455s ago: executing program 2 (id=131):
r0 = openat$kvm(0x0, &(0x7f00000001c0), 0x82241, 0x0)
mmap$KVM_VCPU(&(0x7f0000c6a000/0x3000)=nil, 0x930, 0x1000003, 0x28031, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000040)=[@memwrite={0x6e, 0x30, @generic={0xeeee8000, 0x417, 0x5, 0x5}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x176}}, @irq_setup={0x46, 0x18, {0x3, 0x182}}], 0x70}, &(0x7f0000000180)=[@featur1={0x1, 0x80}], 0x1) (async)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000edd000/0x3000)=nil, r2, 0x100000a, 0x10, r1, 0x0) (async)
munmap(&(0x7f0000d9d000/0xf000)=nil, 0xf000)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) (async)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) (async)
r5 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x6030000000100004, &(0x7f0000000000)=0x300000000000}) (async)
r8 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) (async)
ioctl$KVM_SET_REGS(r1, 0x4360ae82, &(0x7f0000000200)={[0xc, 0xd9, 0x7fff, 0x1, 0x0, 0x7, 0xff, 0x800, 0x9, 0x4, 0x1, 0xaa, 0x2, 0x80, 0x6b, 0x2d8], 0x6000, 0x2000})
ioctl$KVM_GET_REG_LIST(r8, 0xc008aeb0, &(0x7f0000000000)) (async)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)

35m19.109546508s ago: executing program 2 (id=133):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x900, 0x0)
openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0xc4000003, [0x664b7dee, 0x939, 0xe, 0x7f, 0x4]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1) (async)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0xc4000003, [0x664b7dee, 0x939, 0xe, 0x7f, 0x4]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20e0c0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20e0c0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xf3)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000040)={0x7}) (async)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000040)={0x7})
ioctl$KVM_HAS_DEVICE_ATTR_vm(r6, 0x4018aee3, &(0x7f0000000080)=@attr_other={0x0, 0x4, 0x100, &(0x7f0000000040)=0x6})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x31) (async)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000d70000/0x3000)=nil, 0x3000)
r9 = eventfd2(0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vm(r6, 0x4018aee2, &(0x7f0000000180)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa2b5, 0x7}})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3f)
ioctl$KVM_CREATE_VM(r9, 0x4020940d, 0x20000000)
eventfd2(0x5, 0x0)

35m8.952728748s ago: executing program 2 (id=135):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f00000002c0)=@arm64_sys={0x603000000013df11, &(0x7f00000000c0)=0x5}) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0x1, 0x1001, 0x2}}) (async)
ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9e, 0x7fffffff, 0x2}})

34m57.893350798s ago: executing program 2 (id=137):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f0000000680)=[@hvc={0x32, 0x40, {0xc400000c, [0x4, 0xa, 0xffff, 0x3ff, 0x3]}}, @irq_setup={0x46, 0x18, {0x3, 0x174}}, @msr={0x14, 0x20, {0x603000000013e681, 0xac8}}, @smc={0x1e, 0x40, {0xffff, [0x9, 0x3, 0x5, 0x1, 0xffffffffea58b233]}}, @svc={0x122, 0x40, {0xc400000e, [0x80, 0x2, 0x5, 0x0, 0xc2e8]}}, @uexit={0x0, 0x18, 0x4}, @irq_setup={0x46, 0x18, {0x3, 0x1f6}}, @smc={0x1e, 0x40, {0x0, [0x8, 0x6, 0xe, 0x3, 0x10001]}}, @msr={0x14, 0x20, {0x603000000013c00c, 0x418}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x4, 0xd1, 0xa}}, @irq_setup={0x46, 0x18, {0x2, 0x183}}, @msr={0x14, 0x20, {0x603000000013dce6, 0x4a}}, @smc={0x1e, 0x40, {0x4400c00d, [0x0, 0x10001, 0x80000001, 0x4, 0x4]}}, @eret={0xe6, 0x18, 0x6}, @svc={0x122, 0x40, {0xc400000c, [0xffffffff, 0x9, 0x5, 0x9e2, 0x10000]}}, @irq_setup={0x46, 0x18, {0x0, 0x233}}, @uexit={0x0, 0x18, 0x40}, @msr={0x14, 0x20, {0x603000000013c687, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013e531}}, @eret={0xe6, 0x18}, @msr={0x14, 0x20, {0xe5e1c8d848be997d, 0xabe3}}, @svc={0x122, 0x40, {0xc4000012, [0x8, 0x101, 0x4, 0x3, 0x80]}}], 0x368}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x3, 0xa0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x32)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x3, 0xa0)
r7 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000000)={0x7})
r9 = eventfd2(0x1, 0x181800)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x4, r9})
ioctl$KVM_REGISTER_COALESCED_MMIO(r8, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000})
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f00000000c0)={0x8})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SIGNAL_MSI(r8, 0x4020aea5, &(0x7f0000000000)={0x6000})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x189900, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r3, 0x4018aee2, &(0x7f0000000240)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000140)=0x13})
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x24)
ioctl$KVM_IRQFD(r5, 0x4020ae76, 0xffffffffffffffff)
r11 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000a00)=[@irq_setup={0x46, 0x18, {0x4, 0x35}}, @svc={0x122, 0x40, {0x8000, [0x101, 0x1, 0x3ff, 0x8, 0xfffffffffffffff7]}}, @irq_setup={0x46, 0x18, {0x3, 0x293}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x2e0}}, @code={0xa, 0x9c, {"0040ff0dc0c586d20060b0f2410080d2c20080d2230180d2840080d2020000d40040c00d00af80d200e0b8f2e10080d2420080d2e30080d2840180d2020000d4008008d5000080a90000202bc01f89d20060b8f2810180d2420180d2e30080d2840080d2020000d4805894d200a0b8f2e10180d2220180d2830180d2240080d2020000d4000008d5"}}, @eret={0xe6, 0x18, 0x70d}, @hvc={0x32, 0x40, {0x5000000, [0xfff, 0x3, 0x33, 0xff, 0x3]}}, @msr={0x14, 0x20, {0x603000000013df4a}}, @mrs={0xbe, 0x18, {0x603000000013deba}}, @mrs={0xbe, 0x18, {0x603000000013e65f}}, @smc={0x1e, 0x40, {0xc5000020, [0x2ea8f96b, 0xe2f, 0x5, 0x9, 0x7]}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0x2b6}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x290}}, @msr={0x14, 0x20, {0x0, 0x400}}, @mrs={0xbe, 0x18, {0x603000000013deea}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe0, 0x0, 0xc}}, @msr={0x14, 0x20, {0x603000000013c524, 0xb}}, @hvc={0x32, 0x40, {0x2000000, [0x6, 0xffffffffffffffbf, 0xb42c, 0x9, 0x100000001]}}], 0x334}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r12=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x8, <r13=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

34m11.410559141s ago: executing program 34 (id=137):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f0000000680)=[@hvc={0x32, 0x40, {0xc400000c, [0x4, 0xa, 0xffff, 0x3ff, 0x3]}}, @irq_setup={0x46, 0x18, {0x3, 0x174}}, @msr={0x14, 0x20, {0x603000000013e681, 0xac8}}, @smc={0x1e, 0x40, {0xffff, [0x9, 0x3, 0x5, 0x1, 0xffffffffea58b233]}}, @svc={0x122, 0x40, {0xc400000e, [0x80, 0x2, 0x5, 0x0, 0xc2e8]}}, @uexit={0x0, 0x18, 0x4}, @irq_setup={0x46, 0x18, {0x3, 0x1f6}}, @smc={0x1e, 0x40, {0x0, [0x8, 0x6, 0xe, 0x3, 0x10001]}}, @msr={0x14, 0x20, {0x603000000013c00c, 0x418}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x4, 0xd1, 0xa}}, @irq_setup={0x46, 0x18, {0x2, 0x183}}, @msr={0x14, 0x20, {0x603000000013dce6, 0x4a}}, @smc={0x1e, 0x40, {0x4400c00d, [0x0, 0x10001, 0x80000001, 0x4, 0x4]}}, @eret={0xe6, 0x18, 0x6}, @svc={0x122, 0x40, {0xc400000c, [0xffffffff, 0x9, 0x5, 0x9e2, 0x10000]}}, @irq_setup={0x46, 0x18, {0x0, 0x233}}, @uexit={0x0, 0x18, 0x40}, @msr={0x14, 0x20, {0x603000000013c687, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013e531}}, @eret={0xe6, 0x18}, @msr={0x14, 0x20, {0xe5e1c8d848be997d, 0xabe3}}, @svc={0x122, 0x40, {0xc4000012, [0x8, 0x101, 0x4, 0x3, 0x80]}}], 0x368}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x3, 0xa0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x32)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x3, 0xa0)
r7 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000000)={0x7})
r9 = eventfd2(0x1, 0x181800)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x4, r9})
ioctl$KVM_REGISTER_COALESCED_MMIO(r8, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000})
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f00000000c0)={0x8})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SIGNAL_MSI(r8, 0x4020aea5, &(0x7f0000000000)={0x6000})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x189900, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r3, 0x4018aee2, &(0x7f0000000240)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000140)=0x13})
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x24)
ioctl$KVM_IRQFD(r5, 0x4020ae76, 0xffffffffffffffff)
r11 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000a00)=[@irq_setup={0x46, 0x18, {0x4, 0x35}}, @svc={0x122, 0x40, {0x8000, [0x101, 0x1, 0x3ff, 0x8, 0xfffffffffffffff7]}}, @irq_setup={0x46, 0x18, {0x3, 0x293}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x2e0}}, @code={0xa, 0x9c, {"0040ff0dc0c586d20060b0f2410080d2c20080d2230180d2840080d2020000d40040c00d00af80d200e0b8f2e10080d2420080d2e30080d2840180d2020000d4008008d5000080a90000202bc01f89d20060b8f2810180d2420180d2e30080d2840080d2020000d4805894d200a0b8f2e10180d2220180d2830180d2240080d2020000d4000008d5"}}, @eret={0xe6, 0x18, 0x70d}, @hvc={0x32, 0x40, {0x5000000, [0xfff, 0x3, 0x33, 0xff, 0x3]}}, @msr={0x14, 0x20, {0x603000000013df4a}}, @mrs={0xbe, 0x18, {0x603000000013deba}}, @mrs={0xbe, 0x18, {0x603000000013e65f}}, @smc={0x1e, 0x40, {0xc5000020, [0x2ea8f96b, 0xe2f, 0x5, 0x9, 0x7]}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0x2b6}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x290}}, @msr={0x14, 0x20, {0x0, 0x400}}, @mrs={0xbe, 0x18, {0x603000000013deea}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe0, 0x0, 0xc}}, @msr={0x14, 0x20, {0x603000000013c524, 0xb}}, @hvc={0x32, 0x40, {0x2000000, [0x6, 0xffffffffffffffbf, 0xb42c, 0x9, 0x100000001]}}], 0x334}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x4, 0x220)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r12=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x8, <r13=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

33m29.601381468s ago: executing program 3 (id=143):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r7 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000006c0)={0x0, &(0x7f0000000680)=[@mrs={0xbe, 0x18, {0x603000000013c646}}], 0x18}, &(0x7f0000000700)=[@featur2={0x1, 0x20}], 0x1) (async, rerun: 32)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (rerun: 32)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) (async)
syz_kvm_add_vcpu$arm64(0x0, 0x0, &(0x7f0000000140)=[@featur2={0x1, 0xe1}], 0x1) (async, rerun: 32)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) (rerun: 32)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x21)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r11, 0x4018aee2, &(0x7f00000000c0)=@attr_other={0x0, 0x2, 0x7f, &(0x7f0000000340)=0x8}) (async)
ioctl$KVM_ARM_PREFERRED_TARGET(r7, 0x8020aeaf, &(0x7f0000000740)) (async, rerun: 32)
r12 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (rerun: 32)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r13, 0x0) (async)
ioctl$KVM_ARM_VCPU_FINALIZE(r5, 0x4004aec2, &(0x7f0000000000)=0x2)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
r14 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) (async)
r16 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r17 = ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0)
r18 = syz_kvm_setup_syzos_vm$arm64(r17, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r18, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}], 0x20}, 0x0, 0x0) (async, rerun: 64)
syz_kvm_add_vcpu$arm64(r18, &(0x7f0000000100)={0x0, &(0x7f0000000200)=[@mrs={0xbe, 0x18, {0x603000000013df67}}, @code={0xa, 0x9c, {"e03d80d20040b8f2010180d2e20180d2a30080d2a40180d2020000d4007008d5000028d560448ad20020b0f2010180d2420180d2e30080d2440080d2020000d40080000d0070000f0040000ca0429fd20020b0f2a10080d2820180d2030180d2440180d2020000d40048c01a80dd95d20060b8f2c10080d2c20180d2430080d2840180d2020000d4"}}, @eret={0xe6, 0x18, 0x6}, @mrs={0xbe, 0x18, {0x603000000013dce0}}, @eret={0xe6, 0x18}, @eret={0xe6, 0x18, 0x4}, @code={0xa, 0x3c, {"0028c09a007008d500a4004f00000054002c004e0078202e0034202e007008d5007008d50050800f"}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x300, 0x2, 0x4}}, @irq_setup={0x46, 0x18, {0x2, 0x1f4}}, @smc={0x1e, 0x40, {0x80003fff, [0xe, 0x0, 0x3, 0x7, 0x3]}}, @msr={0x14, 0x20, {0x603000000013deab, 0x3}}, @irq_setup={0x46, 0x18, {0x1, 0x293}}, @mrs={0xbe, 0x18, {0x603000000013df4d}}, @smc={0x1e, 0x40, {0x8600ff01, [0x10001, 0x4, 0x5, 0x2, 0xe5a5]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0xffe8}}, @smc={0x1e, 0x40, {0x3000040f, [0x9, 0x5, 0xffffffffffff8268, 0x1000000000, 0xc7]}}, @hvc={0x32, 0x40, {0x86000001, [0x400, 0x0, 0x80000000, 0x1, 0xbe7]}}, @mrs={0xbe, 0x18, {0x603000000013e6df}}, @irq_setup={0x46, 0x18, {0x2, 0x4d}}, @irq_setup={0x46, 0x18, {0x4, 0x12b}}, @eret={0xe6, 0x18, 0x6}, @smc={0x1e, 0x40, {0x84000008, [0x7, 0x10000, 0xc, 0x80000000, 0xe4]}}, @uexit={0x0, 0x18, 0x9}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x2d7}}, @hvc={0x32, 0x40, {0xc5000020, [0x3, 0x81, 0x3, 0x800, 0x7f]}}], 0x438}, &(0x7f0000000640)=[@featur2={0x1, 0x8}], 0x1) (async, rerun: 64)
ioctl$KVM_CREATE_DEVICE(r15, 0xc00caee0, &(0x7f0000000180)={0x8, <r19=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r19, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x4, 0x8, 0x0})

33m20.673683349s ago: executing program 3 (id=144):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0xc6)

33m13.909262617s ago: executing program 3 (id=145):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, &(0x7f0000000100)=[@smc={0x1e, 0x40, {0x84000003, [0x99a, 0x7, 0xaca, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013e08d, &(0x7f00000000c0)=0x6db})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

32m32.228462495s ago: executing program 3 (id=146):
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x2132, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
r4 = ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
close(r7)
r9 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_setup_cpu$arm64(r1, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000c40)=ANY=[], 0x318}], 0x1, 0x0, &(0x7f0000000080)=[@featur2={0x1, 0x2}], 0x1)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, r10, 0x300000c, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)

32m16.798531901s ago: executing program 3 (id=147):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x8)
syz_kvm_vgic_v3_setup(r0, 0x2, 0x160)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1) (async)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0xffffffffffffffff, 0x1, 0x1fa}}], 0x28}, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x40000000002)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) (async)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000040)={0x9, 0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0}) (async, rerun: 64)
syz_kvm_vgic_v3_setup(r2, 0x4, 0x220) (rerun: 64)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8001, 0x0) (async, rerun: 32)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (rerun: 32)
r9 = mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0) (async, rerun: 32)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async, rerun: 32)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
r11 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r10, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000340)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000240)="244c304522eb7bbccf3e4860ba5548169c65d4c5a1ace8f04a5c6f64ee74dd70819ac6ee1d19191d3b2b304954c39a1891e52e8063a6abcea265c96986cc1172fc66b8479fcd88e0", 0x0, 0x48)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_assert_reg(r15, 0x603000000053c4f1, 0x8800)

32m5.422103705s ago: executing program 3 (id=148):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100010, &(0x7f0000000100)})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x296882, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r12})
syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r11, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
ioctl$KVM_REGISTER_COALESCED_MMIO(r11, 0x4010ae67, &(0x7f0000000180)={0x10000, 0x4000})
r13 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
r14 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r16, 0x4018aee2, &(0x7f0000000140)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f00000000c0)=0x19})
r17 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r18 = syz_kvm_add_vcpu$arm64(r17, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r18, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x603000000010004c, 0x0})
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)

31m17.299410026s ago: executing program 35 (id=148):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100010, &(0x7f0000000100)})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x296882, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r12})
syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r11, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
ioctl$KVM_REGISTER_COALESCED_MMIO(r11, 0x4010ae67, &(0x7f0000000180)={0x10000, 0x4000})
r13 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
r14 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r16, 0x4018aee2, &(0x7f0000000140)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f00000000c0)=0x19})
r17 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r18 = syz_kvm_add_vcpu$arm64(r17, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r18, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x603000000010004c, 0x0})
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)

26m8.492420403s ago: executing program 4 (id=154):
r0 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0xc3)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CLEAR_DIRTY_LOG(r4, 0xc018aec0, 0xfffffffffffffffe)
ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000180)={0x69, "36953fa363511d6bcdc6130b7129d308410867a50d191ad23422db9e3a44f999057b002fa6116e5e30615623138b76d2a08de6bdf07a58ca73f2d4a6b12fe3ee1c8be2c30f141e6bfa6d8d820b860dce656b17a1c3e4d7a09540b2b32cc859446fa1eb1c1046d48be5"})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0xc3) (async)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_CLEAR_DIRTY_LOG(r4, 0xc018aec0, 0xfffffffffffffffe) (async)
ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000180)={0x69, "36953fa363511d6bcdc6130b7129d308410867a50d191ad23422db9e3a44f999057b002fa6116e5e30615623138b76d2a08de6bdf07a58ca73f2d4a6b12fe3ee1c8be2c30f141e6bfa6d8d820b860dce656b17a1c3e4d7a09540b2b32cc859446fa1eb1c1046d48be5"}) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) (async)

25m51.858969934s ago: executing program 4 (id=155):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000bde000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x20e4586c})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x2c}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_fp_extra={0x60200000003000d5, &(0x7f0000000100)=0x7fffffff})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
close(r0)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_assert_reg(r14, 0x6, 0x8000)
ioctl$KVM_SET_GSI_ROUTING(r10, 0x4008ae6a, &(0x7f00000000c0)={0x1, 0x0, [{0xc, 0x2, 0x1, 0x0, @msi={0xebb, 0x394c794c, 0x7f, 0x800}}]})
close(r10)

25m28.382386546s ago: executing program 4 (id=156):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x29)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, &(0x7f0000000340)=[@its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x3, 0x10, 0x8, 0x8, 0x2}}, @svc={0x122, 0x40, {0x100, [0x9, 0x7030, 0x3, 0x5, 0x3]}}, @code={0xa, 0x6c, {"008008d50044207e0000809a007008d5006c200e007c001b20ec99d20040b8f2810180d2e20180d2230180d2240180d2020000d4a0a19dd20080b0f2810180d2620080d2630080d2640080d2020000d40820601e000008d5"}}], 0xd4}, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r5 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r4, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x202, 0x2, 0x1, 0x1000, &(0x7f0000ffc000/0x1000)=nil})
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000100)={0x7, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x4, 0x3, 0x0})
r11 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r7, r11, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000240)=@arm64_bitmap={0x6030000000160002, &(0x7f00000000c0)=0x3})

25m7.029964147s ago: executing program 4 (id=157):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0xa050000000344ea0, 0x1}}, @smc={0x1e, 0x40, {0x84000051, [0x6, 0x7, 0x4, 0xfffffffffffffffc, 0x429]}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0xe, 0x8, 0x9b5, 0x1}}, @code={0xa, 0x9c, {"0048200e005486d200a0b0f2a10180d2020080d2c30080d2e40080d2020000d4000c8038007008d5007008d580b987d200c0b0f2410080d2620180d2c30080d2640080d2020000d4605a91d200e0b0f2e10080d2c20080d2830080d2040180d2020000d40024007f007008d5e0f685d20020b0f2610080d2a20080d2430080d2040180d2020000d4"}}, @svc={0x122, 0x40, {0xd434e81996c489fe, [0x0, 0xe72, 0x2, 0x4, 0x1]}}, @memwrite={0x6e, 0x30, @generic={0x3000, 0x70, 0xff, 0x5}}, @uexit={0x0, 0x18, 0x1}, @smc={0x1e, 0x40, {0x84000005, [0xfffffffffffffff3, 0x100, 0x7, 0x9b37, 0x4]}}, @hvc={0x32, 0x40, {0x3f000000, [0x0, 0x88a, 0x7e97, 0x0, 0xfffffffffffffff8]}}, @smc={0x1e, 0x40, {0x8600ff01, [0x2, 0x1, 0x1ff, 0x8000, 0x66f]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffdc, 0xffff, 0x1}}, @uexit={0x0, 0x18, 0x1}, @code={0xa, 0x84, {"007008d500e0200e0050c01a000008d500419cd200a0b8f2610180d2a20180d2830180d2640080d2020000d4000000f9804e81d20000b0f2410080d2c20180d2230080d2840180d2020000d4007008d5000028d5602393d20080b8f2610080d2c20080d2c30080d2840180d2020000d4"}}], 0x338}, &(0x7f0000000040)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_GET_ONE_REG(r1, 0x4010aeab, &(0x7f00000000c0)=@arm64_fp_extra={0x60200000001000d4, &(0x7f0000000080)=0x8}) (async)
ioctl$KVM_GET_ONE_REG(r1, 0x4010aeab, &(0x7f00000000c0)=@arm64_fp_extra={0x60200000001000d4, &(0x7f0000000080)=0x8})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

24m56.419745641s ago: executing program 4 (id=158):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x22500, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x7)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x20)
r11 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r11, r12, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r13, 0x401c5820, 0x8000000000000001)
r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000d11000/0x4000)=nil, r14, 0x0, 0x20010, r12, 0x0)
ioctl$KVM_GET_ONE_REG(r12, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100032, &(0x7f00000000c0)=0x3ff})
r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x0)
r17 = syz_kvm_vgic_v3_setup(r16, 0x1, 0x100)
ioctl$KVM_GET_DEVICE_ATTR(r17, 0x4018aee2, &(0x7f0000000180)=@attr_other={0x0, 0x5, 0x70, &(0x7f0000000240)=0x80000001})
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100024, &(0x7f0000000140)=0x7})
r18 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e)
ioctl$KVM_CREATE_VCPU(r18, 0xae41, 0x0)

24m34.780915111s ago: executing program 5 (id=149):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x82001, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x3000007, 0x2012, r0, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x2000000000001}}, @its_send_cmd={0xaa, 0x28, {0x1}}], 0x50}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100) (async)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000a1e000/0x400000)=nil) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
r7 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
close(r7) (async)
ioctl$KVM_SET_USER_MEMORY_REGION2(r2, 0x40a0ae49, &(0x7f0000000340)={0x3, 0x5, 0x10000, 0x1000, &(0x7f0000d82000/0x1000)=nil, 0x1, r7})
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
r9 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r8, 0x0, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000240)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
r10 = syz_kvm_add_vcpu$arm64(0x0, 0x0, &(0x7f0000000300)=[@featur2={0x1, 0xb5656113b9f8541a}], 0x1) (async)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000180)=[@uexit={0x0, 0x18, 0xb}, @code={0xa, 0x9c, {"205f93d20020b8f2e10180d2e20080d2e30080d2a40180d2020000d4007008d5007008d5007008d560b584d200a0b0f2410180d2a20180d2e30080d2640180d2020000d40050200e0004601e007008d580d58bd200a0b0f2a10180d2c20180d2230080d2a40180d2020000d4402689d200e0b8f2c10080d2a20080d2030180d2a40180d2020000d4"}}, @msr={0x14, 0x20, {0x603000000013c647, 0x10000}}, @eret={0xe6, 0x18, 0x81}, @irq_setup={0x46, 0x18, {0x0, 0x2ef}}, @smc={0x1e, 0x40, {0x0, [0x2, 0x8, 0x8000000000000000, 0x5, 0x80000001]}}, @hvc={0x32, 0x40, {0x3, [0x0, 0xc, 0x9, 0x1be4, 0x1]}}], 0x184}, 0x0, 0x0) (async)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r12, 0x4008ae6a, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000000000000000000001"])
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_SET_VCPU_EVENTS(r10, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x80, 0x49, '\x00', 0x1})

24m24.370148306s ago: executing program 4 (id=159):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000080)=@arm64_core={0x6030000000100016, &(0x7f0000000100)=0xc5c5})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil}) (async)
r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8})
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x43ff})
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x6000, 0x4, 0xa}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r9, 0x1, 0x100) (async)
ioctl$KVM_RUN(r11, 0xae80, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_init) (async)
ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
close(0x4) (async)
close(0x5)

24m20.619934399s ago: executing program 5 (id=160):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x3) (async)
r7 = syz_kvm_vgic_v3_setup(r6, 0x0, 0x0)
close(0x4)
close(0x5)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_GET_DEVICE_ATTR(r7, 0x4018aee2, &(0x7f0000000240)=@attr_arm64={0x0, 0x4, 0x2, &(0x7f0000000100)=0x3ff}) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000000c0)={0x2}) (async, rerun: 32)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2e) (async, rerun: 32)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2) (async)
syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_vgic_v3_setup(r9, 0x4, 0x220) (async)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8}) (async)
r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x5)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000140)={0x5})
r11 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r14, 0xae80, 0x20)

23m36.326931721s ago: executing program 36 (id=159):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000080)=@arm64_core={0x6030000000100016, &(0x7f0000000100)=0xc5c5})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil}) (async)
r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8})
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x43ff})
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x6000, 0x4, 0xa}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r9, 0x1, 0x100) (async)
ioctl$KVM_RUN(r11, 0xae80, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_init) (async)
ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
close(0x4) (async)
close(0x5)

23m29.429918767s ago: executing program 37 (id=160):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x3) (async)
r7 = syz_kvm_vgic_v3_setup(r6, 0x0, 0x0)
close(0x4)
close(0x5)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_GET_DEVICE_ATTR(r7, 0x4018aee2, &(0x7f0000000240)=@attr_arm64={0x0, 0x4, 0x2, &(0x7f0000000100)=0x3ff}) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000000c0)={0x2}) (async, rerun: 32)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2e) (async, rerun: 32)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2) (async)
syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_vgic_v3_setup(r9, 0x4, 0x220) (async)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8}) (async)
r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x5)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000140)={0x5})
r11 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r14, 0xae80, 0x20)

13m33.993810674s ago: executing program 7 (id=172):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0x40049409, 0x0) (async, rerun: 32)
r4 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) (rerun: 32)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013df64, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df7f, 0x8000}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) (async, rerun: 64)
r8 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (rerun: 64)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000240)={0x4, 0x9, 0x1}}) (async)
ioctl$KVM_RUN(r7, 0xae80, 0x0) (async)
syz_kvm_vgic_v3_setup(r1, 0x4, 0x3a0)
r9 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

13m23.039552812s ago: executing program 6 (id=173):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async, rerun: 64)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) (rerun: 64)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x28)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) (async)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RESET_DIRTY_RINGS(r1, 0xaec7) (async)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000080)=@arm64_ccsidr={0x602000000011000d, &(0x7f0000000000)=0xffff})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async, rerun: 32)
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (rerun: 32)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_assert_reg(r11, 0x603000000013dce5, 0x8000) (async)
syz_kvm_assert_reg(r11, 0x603000000013dce9, 0x8000) (async)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000100)={0x7, <r15=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000280)=0x400000080a0000}) (async)
ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0) (async, rerun: 64)
r16 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) (rerun: 64)
ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x1) (async)
syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_add_vcpu$arm64(r16, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)

13m16.282022843s ago: executing program 7 (id=174):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_vgic_v3_setup(r1, 0x4, 0x200) (async)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil) (async, rerun: 64)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 64)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r7, 0x3, 0x0)
r10 = eventfd2(0x1, 0x80001)
ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f0000000000)={r10, 0x3}) (async, rerun: 32)
ioctl$KVM_RUN(r9, 0xae80, 0x0) (rerun: 32)
write$eventfd(r10, &(0x7f0000000100)=0x800, 0x8) (async, rerun: 32)
r11 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@memwrite={0x6, 0x30, @vgic_gicr={0x80a0000, 0xa0, 0x7fffffffffffffff, 0xb}}], 0x30}, 0x0, 0x0) (rerun: 32)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) (async)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, &(0x7f0000000740)=[@its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x1, 0x8, 0x1, 0x7ff, 0x1}}, @irq_setup={0x46, 0x18, {0x1, 0xdf}}], 0x40}, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x1, &(0x7f0000000080)=0x3})
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0xc400000d, [0x99b, 0x100000003, 0x5, 0x101]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async, rerun: 64)
r15 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x27) (rerun: 64)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) (async, rerun: 32)
ioctl$KVM_IRQFD(r15, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0x1, 0x1, r15}) (rerun: 32)

13m3.86639806s ago: executing program 6 (id=175):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x23)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r0, 0x4010aeb5, &(0x7f0000000000)={0x7, 0x1000})
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_CAP_PTP_KVM(r0, 0x4068aea3, &(0x7f0000000040))
r2 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000bfe000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000500)={0x0, &(0x7f00000000c0)=[@its_setup={0x82, 0x28, {0x4, 0x1, 0x9e}}, @svc={0x122, 0x40, {0x84000006, [0xc, 0x7, 0x9, 0xffffffffffffffff, 0x7fffffffffffffff]}}, @eret={0xe6, 0x18, 0xb3d}, @msr={0x14, 0x20, {0x6030000000138025, 0x5}}, @code={0xa, 0x84, {"0040661e00d8a02e00fc205ee0f58bd200c0b8f2a10180d2020080d2e30080d2c40180d2020000d40020800de0c088d20000b8f2c10080d2a20080d2430180d2640080d2020000d4e0008bd20000b0f2e10180d2420180d2630180d2a40080d2020000d4000028d5000008d500004048"}}, @hvc={0x32, 0x40, {0x84000003, [0x2, 0x6, 0x5, 0x0, 0x6]}}, @its_setup={0x82, 0x28, {0x4, 0x3, 0x178}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x0, 0x5, 0xf81, 0x401, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x1, 0x4, 0x0, 0x80000001, 0x1}}, @uexit={0x0, 0x18, 0x7}, @svc={0x122, 0x40, {0x84000051, [0x5, 0x0, 0x7, 0x50, 0x1]}}, @code={0xa, 0x54, {"000028d5000028d50010204e00b8200e007008d5000028d5a0389ed200c0b0f2010080d2420180d2630180d2e40080d2020000d4000028d51f0020ab007008d5"}}, @mrs={0xbe, 0x18, {0x42a3}}, @irq_setup={0x46, 0x18, {0x1, 0x2c3}}, @svc={0x122, 0x40, {0xc5000020, [0x40000000000, 0x9, 0x3, 0xf598, 0x3]}}, @eret={0xe6, 0x18, 0x3}, @hvc={0x32, 0x40, {0x84000052, [0x3, 0x5c46882d, 0x7, 0x4, 0x4]}}, @eret={0xe6, 0x18, 0x3}, @irq_setup={0x46, 0x18, {0x2, 0x22a}}, @memwrite={0x6e, 0x30, @generic={0x100000, 0x391, 0x4, 0x5}}, @eret={0xe6, 0x18}, @uexit={0x0, 0x18, 0x1}, @eret={0xe6, 0x18, 0x216}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x0, 0x3, 0x88, 0xffffffff, 0x1}}, @eret={0xe6, 0x18, 0xd}], 0x438}, &(0x7f0000000540), 0x1)
r4 = ioctl$KVM_GET_STATS_FD_vm(r0, 0xaece)
r5 = eventfd2(0xc, 0x801)
ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000580)={r4, 0x1, 0x1, r5})
ioctl$KVM_HAS_DEVICE_ATTR_vm(0xffffffffffffffff, 0x4018aee3, &(0x7f0000000600)=@attr_other={0x0, 0x8000, 0x5, &(0x7f00000005c0)=0xb64})
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f0000000640)={0xeeee8000, 0x5000, 0x8})
ioctl$KVM_SET_DEVICE_ATTR(r0, 0x4018aee1, &(0x7f00000006c0)=@attr_other={0x0, 0x1ff, 0x101, &(0x7f0000000680)=0x2})
ioctl$KVM_SET_SIGNAL_MASK(r4, 0x4004ae8b, &(0x7f0000000700)={0x45, "220d320a1911632518f4f2d5ff9595d85081f6453d0b3f0a6d36f0242da090262fbdc8dd6c753891091bfd52aa7e2e8ba7dcbb6621343fa54384b88fa093eee0ccc8ae871d"})
r6 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000900)={0x0, &(0x7f0000000780)=[@its_setup={0x82, 0x28, {0x3, 0x0, 0x137}}, @uexit={0x0, 0x18, 0xb5}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x89}}, @code={0xa, 0xb4, {"0000ff0de00300eb807e8cd20060b0f2810080d2e20180d2a30180d2240180d2020000d4a0a782d20060b8f2610180d2020080d2630180d2040180d2020000d4605e9bd20080b0f2210080d2620080d2e30180d2440180d2020000d400c0005f007008d5e08c81d20060b8f2810080d2a20080d2a30180d2e40080d2020000d4000008d5a0fd83d200e0b0f2010080d2020080d2430180d2840080d2020000d4"}}, @svc={0x122, 0x40, {0x8400000d, [0x2, 0xfff, 0x6, 0x6, 0x9]}}], 0x15c}, &(0x7f0000000940)=[@featur1={0x1, 0x84}], 0x1)
r8 = ioctl$KVM_GET_STATS_FD_cpu(r7, 0xaece)
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000980)=@arm64={0x34, 0x2d, 0x9, '\x00', 0x9})
ioctl$KVM_SET_REGS(r6, 0x4360ae82, &(0x7f00000009c0)={[0x7, 0x1, 0x8, 0x4, 0x8, 0x68c, 0xff, 0x6, 0x7, 0x4, 0x0, 0x0, 0x2, 0x3, 0x6, 0xecb], 0xeeee8000, 0x210})
ioctl$KVM_SET_SIGNAL_MASK(r1, 0x4004ae8b, &(0x7f0000000a80)={0x70, "ce0f22a711b2e836b11cc9acffa1140a17e6661b16b01d8b8203e30630b65d929b4c0b3573856e406e31c10c75951759825be6640d0615463defae82f7c5b1b8352bd73a22e34ccf3488f885fc741a032dcac6f450bfbb10259c6842f508447ef643f4c89c4b33aeca3a0084e4ac29e0"})
ioctl$KVM_CAP_HALT_POLL(r8, 0x4068aea3, &(0x7f0000000b00)={0xb6, 0x0, 0xfb2})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r1, 0x4018aee1, &(0x7f0000000bc0)=@attr_other={0x0, 0x8000, 0x8, &(0x7f0000000b80)=0x9})
ioctl$KVM_INTERRUPT(r3, 0x4004ae86, &(0x7f0000000c00)=0x10000)
syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f0000000c40)={0x2, 0x1000})
close(r8)
ioctl$KVM_SIGNAL_MSI(r4, 0x4020aea5, &(0x7f0000000c80)={0x2000, 0xdddd1000, 0x40, 0x0, 0x80})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000cc0), 0x40002, 0x0)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000d00)={0x153, 0x3000, 0x2, r4})
ioctl$KVM_HAS_DEVICE_ATTR_vm(r8, 0x4018aee3, &(0x7f0000000d80)=@attr_other={0x0, 0x5, 0x8, &(0x7f0000000d40)=0x7})

12m56.429713444s ago: executing program 7 (id=176):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x8000000008)
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000100)={0x4, 0x4, 0x8003000, 0x1000, &(0x7f0000e55000/0x1000)=nil, 0x9})
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bfd000/0x400000)=nil)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f00000000c0)={0x1, 0xbe71})
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bfd000/0x400000)=nil)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = ioctl$KVM_GET_STATS_FD_cpu(r8, 0xaece)
close(r9)
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f00000001c0)=0x3)
ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece)

12m49.32199431s ago: executing program 6 (id=177):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x38)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0x40087602, 0x1)
r4 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x1, r4, 0x2})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x2, r4, 0x3})

12m36.182475322s ago: executing program 7 (id=178):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xe7) (async, rerun: 32)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1e) (rerun: 32)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r4, 0x4208ae9b, &(0x7f0000000300)={0x30001, 0x0, {[0x5944, 0x100000001, 0x7, 0x8, 0x4, 0x9, 0x100, 0x80000001, 0x0, 0xffffffffffffffff, 0x11cf28a3, 0x200, 0x8, 0x800, 0x8, 0x8], [0x7, 0x0, 0xaea, 0x200, 0xed1, 0x1, 0x4a1b08d7, 0x3, 0x7, 0x9bca, 0x0, 0x1, 0x10001, 0x3, 0x7, 0x9], [0x2, 0x7, 0x0, 0x7fffffff, 0x4c, 0x2, 0x2, 0xffffffffffffff26, 0x3c1e, 0xa7e6, 0x3, 0x80000000, 0xfffffffffffffffa, 0x6a, 0x5, 0x5], [0xff, 0x8, 0x2, 0x400, 0x3, 0x7fffffffffffffff, 0x4a, 0x9, 0x9e, 0x1, 0x0, 0x7, 0x8001, 0x6, 0x7, 0x4]}}) (async, rerun: 64)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r3, 0x4010aeb5, &(0x7f00000002c0)={0x200}) (async, rerun: 64)
syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)

12m34.002394723s ago: executing program 6 (id=179):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0xda880, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f0000cb6000/0x3000)=nil, r4, 0x2000003, 0x30, r2, 0x0) (async)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async, rerun: 64)
mmap$KVM_VCPU(&(0x7f0000009000/0x2000)=nil, r4, 0x2000009, 0x11, r2, 0x0) (async, rerun: 64)
r7 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x0, r11, 0x2})
ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f0000000000)={0x1, 0x0, 0x4, r11, 0x6})
r12 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x20) (async, rerun: 32)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 32)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x2000000000000000)
r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil)
r17 = syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r17, 0x4018aee1, &(0x7f0000000180)=@attr_pmu_irq={0x0, 0x0, 0x0, 0x0}) (async)
r18 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x1800002, 0x11, r18, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r18, 0x0) (async)
ioctl$KVM_GET_ONE_REG(r18, 0x4010aeab, &(0x7f00000000c0)=@arm64_sve_vls={0x606000000015ffff, &(0x7f0000000000)=0x5})

12m21.319646722s ago: executing program 7 (id=180):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xa)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000240)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x200}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8003}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0xa, 0x4}})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

12m12.683023993s ago: executing program 6 (id=181):
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x24)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0xf, 0x32, 0xffffffffffffffff, 0x0)

12m4.767246303s ago: executing program 7 (id=182):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x6832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r4, 0x4018aee2, &(0x7f0000000140)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f00000000c0)=0x19})
munmap(&(0x7f0000bea000/0x1000)=nil, 0x1000)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
mmap$KVM_VCPU(&(0x7f0000f0c000/0x11000)=nil, r6, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000dc8000/0x2000)=nil, r6, 0x100000d, 0x4b21a7e9ce51101e, r4, 0x0)
r7 = openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0x40086602, 0x110e22ffff)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)
write$eventfd(0xffffffffffffffff, &(0x7f0000000080)=0x8, 0x8)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="37d3116035d7513e9a000200018000", 0x0, 0x43)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x2e)
ioctl$KVM_CHECK_EXTENSION(r8, 0x40086602, 0x110e227ffe)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, r6, 0x2, 0x1010, r4, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r9 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x28)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)

11m57.580152573s ago: executing program 6 (id=183):
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000000), 0xa40, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f00000001c0)=@arm64_sys={0x603000000013c01c, 0x0})
r5 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0xc4000012, [0x8, 0x939, 0xe, 0x7f, 0xd]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x7, 0x2010, r9, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)

11m16.81873892s ago: executing program 38 (id=182):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x6832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r4, 0x4018aee2, &(0x7f0000000140)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f00000000c0)=0x19})
munmap(&(0x7f0000bea000/0x1000)=nil, 0x1000)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
mmap$KVM_VCPU(&(0x7f0000f0c000/0x11000)=nil, r6, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000dc8000/0x2000)=nil, r6, 0x100000d, 0x4b21a7e9ce51101e, r4, 0x0)
r7 = openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0x40086602, 0x110e22ffff)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)
write$eventfd(0xffffffffffffffff, &(0x7f0000000080)=0x8, 0x8)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="37d3116035d7513e9a000200018000", 0x0, 0x43)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x2e)
ioctl$KVM_CHECK_EXTENSION(r8, 0x40086602, 0x110e227ffe)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, r6, 0x2, 0x1010, r4, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r9 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x28)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)

11m7.317059838s ago: executing program 39 (id=183):
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000000), 0xa40, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f00000001c0)=@arm64_sys={0x603000000013c01c, 0x0})
r5 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0xc4000012, [0x8, 0x939, 0xe, 0x7f, 0xd]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x7, 0x2010, r9, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0)

2m8.010338943s ago: executing program 8 (id=184):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x302, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CLEAR_DIRTY_LOG(r5, 0xc018aec0, 0xfffffffffffffffe)
r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f00000001c0)=0x2})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = eventfd2(0x4, 0x80000)
r9 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r6, 0x4008ae73, &(0x7f0000000240)={0x4})
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000000)={0x9})
r10 = syz_kvm_vgic_v3_setup(r9, 0x1, 0x100)
ioctl$KVM_IRQFD(r9, 0x4020ae76, &(0x7f00000000c0)={r8, 0x3})
write$eventfd(r8, &(0x7f0000000140)=0x3, 0x8)
r11 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013df19, 0x9}}], 0x20}, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r6, 0xae03, 0x1000)
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000100)=@attr_other={0x0, 0x5, 0x800, &(0x7f0000000080)=0x10000})
ioctl$KVM_RUN(r11, 0xae80, 0x0)

2m1.428477234s ago: executing program 9 (id=185):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x34401, 0x0)
r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@mrs={0xbe, 0x18, {0x603000000013c800}}], 0x18}, 0x0, 0xfffffffffffffffb)
r4 = ioctl$KVM_CREATE_VM(r2, 0x40086602, 0x20000000)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2000000)
r6 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x0, 0x280000b, 0x30, r3, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x3, 0x60)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
close(r10)
ioctl$KVM_SET_USER_MEMORY_REGION2(r7, 0x40a0ae49, &(0x7f00000002c0)={0x10001, 0x2, 0x3000, 0x1000, &(0x7f0000c88000/0x1000)=nil, 0xffffffffffffffff, r10})
r11 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f0000000100)=@arm64_ccsidr={0x6020000000110003, &(0x7f00000001c0)=0x40007})
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000240)="3c8a78d07280f9cde64208131b076dee78a1d1d9ec547e44eb0b868dfa3639193c40c570d948f4b48dec91cd9548183843f6b76e67fd42d495661eda1a84e8dda6f7de7e155fc5ed", 0x0, 0x48)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000180)={0x8})
syz_kvm_vgic_v3_setup(r13, 0x4, 0x140)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil)
r17 = syz_kvm_add_vcpu$arm64(r16, &(0x7f00000003c0)={0x0, 0x0}, &(0x7f0000000400)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_GET_ONE_REG(r17, 0x4010aeab, &(0x7f0000000480)=@arm64_fw={0x6030000000140000, &(0x7f0000000440)=0xdd})
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x1000001, 0x4010, r5, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000040)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0})

1m40.70168589s ago: executing program 8 (id=186):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x8, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080700})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80902, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x77)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = eventfd2(0x8, 0x80800)
r7 = eventfd2(0x8, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f00000000c0)={0x7ffffffffffffffe, 0xeeee0000, 0x8, r7})
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x0, r6, 0x2})
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, r6, 0x3})
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r9, 0xae03, 0x52)

1m33.350039222s ago: executing program 9 (id=187):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x24)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r2, r4, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0xfffffff3}], 0xaaaaaaaaaaaaab8, 0x0, 0x0, 0xffffff47)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f00000002c0)=@arm64_fp_extra={0x60200000001000d5, &(0x7f00000000c0)=0x4})
openat$kvm(0x0, 0x0, 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x29)
r7 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000100)={0x4, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x1, 0x2, 0x0})
ioctl$KVM_CHECK_EXTENSION(r7, 0x4b47, 0xfffffffffffffffe)
r11 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
r13 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r12, 0x2, 0x12, r11, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f00000002c0)="fb016bddfb405ee52cc6a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb2070000000000000000000000c20cecfa0a97ab7800", 0x0, 0x48)
r14 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
mmap$KVM_VCPU(&(0x7f0000c4c000/0x2000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1m14.146326676s ago: executing program 8 (id=188):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r4, 0x4018aee3, &(0x7f00000000c0)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x3})
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000040)={0x4, 0xffda, 0x1}})
r9 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x5edc}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000080)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013c4d7, 0x1000}}, @code={0xa, 0x9c, {"0004000e205797d20080b8f2210180d2420080d2630080d2440080d2020000d4007008d5000028d540e898d200a0b0f2010080d2020080d2c30080d2e40180d2020000d460fe8ed20000b0f2010180d2620080d2030080d2040180d2020000d40010800f000080ad60db98d200a0b0f2a10180d2020180d2430080d2440180d2020000d400000034"}}, @msr={0x14, 0x20, {0x6030000000130204, 0x3}}, @memwrite={0x6e, 0x30, @generic={0x5000, 0x696, 0xc, 0xf41029bfc5b49acb}}, @smc={0x1e, 0x40, {0x52413fadcb471753, [0x8, 0x5, 0x2, 0x100000001, 0x78]}}, @mrs={0xbe, 0x18, {0x603000000013e718}}, @smc={0x1e, 0x40, {0x84000014, [0xfffffffffffffff8, 0x7ff, 0x1, 0x8, 0x7a]}}, @svc={0x122, 0x40, {0xc400000c, [0x0, 0x1, 0x4, 0x5, 0x5]}}, @svc={0x122, 0x40, {0x84000053, [0xfffffffffffff001, 0xff, 0x9, 0x8, 0x5]}}, @uexit={0x0, 0x18}, @mrs={0xbe, 0x18, {0xd787e2d8bb4fcaed}}, @hvc={0x32, 0x40, {0xc4000003, [0x0, 0x7, 0x80, 0x5, 0x6]}}, @svc={0x122, 0x40, {0x84000011, [0x8, 0x4, 0x8, 0x6, 0xf3]}}, @irq_setup={0x46, 0x18, {0x0, 0xf0}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0xbb}}, @eret={0xe6, 0x18, 0xc}], 0x32c}, &(0x7f00000000c0)=[@featur2], 0x1)
eventfd2(0x6, 0x80801)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

1m3.467277195s ago: executing program 9 (id=189):
r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
openat$kvm(0x0, 0x0, 0x0, 0x0) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000001c0)={0x8, <r2=>0xffffffffffffffff})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async, rerun: 64)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0) (async, rerun: 64)
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f0000000280)=0x3})
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x8}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x3, 0xfffffffd, 0xf}}], 0x50}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
r7 = mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x0, 0x1000005, 0x11, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(r7, 0x20, &(0x7f0000000300)="8fe0f6196f80c710d2423418a548f6c5b8e80629f623b92f", 0x0, 0x18) (async, rerun: 64)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff}) (rerun: 64)
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000340)=0x8000000000000000})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x4, 0x1, 0x0})

51.709387707s ago: executing program 8 (id=190):
openat$kvm(0x0, &(0x7f0000000000), 0x17b041, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x10004)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000980)=[@code={0xa, 0x6d, {"0080000f007008d5008008d5007008d500a4004fc0d782d20040b8f2010080d2820180d2630080d2040080d202170000d4d48e98d200e0b0f2210080d2c20080d2830180d2440080d2020000d400d0204e0040601e0090200c"}}, @code={0xa, 0xb4, {"a0d588d200a0b8f2a10180d2a20080d2230080d2640080d2020000d4e0ff9ed20020b8f2210080d2620180d2a30080d2440180d2020000d4a0048ed20060b0f2a10180d2a20180d2230180d2640180d2020000d4003680d200c0b0f2210180d2620080d2a30180d2040080d2020000d4209a89d20000b0f2010180d2a20080d2e30180d2040080d2020000d4007008d5000028d5008008d5006c202e00b8205e"}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x1, 0xc, 0x8, 0xd9, 0x2}}, @irq_setup={0x46, 0x18, {0x1, 0x3b4}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe4, 0x2, 0x4}}, @hvc={0x32, 0x40, {0x84000051, [0x6, 0x8001, 0x1, 0x5, 0x4]}}, @svc={0x122, 0x40, {0xc400000c, [0xa, 0x6, 0x8, 0x2, 0x4]}}, @svc={0x122, 0x40, {0x84000001, [0x5, 0x2, 0x7fff, 0x100000000]}}, @mrs={0xbe, 0x18, {0x603000000013801e}}, @irq_setup={0x46, 0x18, {0x0, 0x9}}, @mrs={0xbe, 0x18, {0x603000000013805d}}, @svc={0x122, 0x40, {0xc4000007, [0x5, 0x8000, 0x3, 0x10000, 0x9]}}, @eret={0xe6, 0x18, 0xd}, @mrs={0xbe, 0x18, {0x603000000013e219}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff8, 0x3, 0xb}}, @code={0xa, 0x84, {"0080204e007008d50004006e60569ed200a0b8f2e10180d2e20080d2830080d2040080d2020000d40000002ee04499d20080b0f2210180d2620080d2030080d2640180d2020000d400208dd20040b8f2010180d2e20180d2030180d2e40080d2020000d4000008d50000009100c0211e"}}, @hvc={0x32, 0x40, {0x80000001, [0x0, 0x5, 0x9, 0x6, 0x7bfc]}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x9c}}, @irq_setup={0x46, 0x18, {0x0, 0x1c2}}, @svc={0x122, 0x40, {0x8, [0xe, 0x100, 0x2, 0xfffffffffffffffe, 0x1]}}, @svc={0x122, 0x40, {0x84000052, [0x0, 0x200, 0xffffffffffff8001, 0x8001, 0x7]}}, @hvc={0x32, 0x40, {0x80007fff, [0x4, 0x7ff, 0x7, 0x33, 0x6c]}}, @msr={0x14, 0x20, {0x603000000013e664, 0x7}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x3, 0xa, 0x0, 0xfffffff7, 0x2}}, @svc={0x122, 0x40, {0x4000000, [0x3756, 0x200, 0x7, 0xfffffffffffffff3, 0x46]}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x54}}, @uexit={0x0, 0x18, 0x694d921f}, @eret={0xe6, 0x18, 0x5}, @mrs={0xbe, 0x18, {0x603000000013def3}}], 0x5f5}, 0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x100)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3b)
r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f0000000240)}, &(0x7f0000000200)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000300)={0x0, &(0x7f00000000c0)=[@smc={0x1e, 0xed, {0xc4000001, [0x8, 0x939, 0xe, 0x7f, 0x20004]}}], 0x40}, &(0x7f00000001c0), 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)

14.479624045s ago: executing program 40 (id=189):
r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34)
openat$kvm(0x0, 0x0, 0x0, 0x0) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000001c0)={0x8, <r2=>0xffffffffffffffff})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async, rerun: 64)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0) (async, rerun: 64)
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f0000000280)=0x3})
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x8}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x3, 0xfffffffd, 0xf}}], 0x50}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
r7 = mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x0, 0x1000005, 0x11, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(r7, 0x20, &(0x7f0000000300)="8fe0f6196f80c710d2423418a548f6c5b8e80629f623b92f", 0x0, 0x18) (async, rerun: 64)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r8=>0xffffffffffffffff}) (rerun: 64)
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000340)=0x8000000000000000})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x4, 0x1, 0x0})

0s ago: executing program 41 (id=190):
openat$kvm(0x0, &(0x7f0000000000), 0x17b041, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x10004)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000980)=[@code={0xa, 0x6d, {"0080000f007008d5008008d5007008d500a4004fc0d782d20040b8f2010080d2820180d2630080d2040080d202170000d4d48e98d200e0b0f2210080d2c20080d2830180d2440080d2020000d400d0204e0040601e0090200c"}}, @code={0xa, 0xb4, {"a0d588d200a0b8f2a10180d2a20080d2230080d2640080d2020000d4e0ff9ed20020b8f2210080d2620180d2a30080d2440180d2020000d4a0048ed20060b0f2a10180d2a20180d2230180d2640180d2020000d4003680d200c0b0f2210180d2620080d2a30180d2040080d2020000d4209a89d20000b0f2010180d2a20080d2e30180d2040080d2020000d4007008d5000028d5008008d5006c202e00b8205e"}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x1, 0xc, 0x8, 0xd9, 0x2}}, @irq_setup={0x46, 0x18, {0x1, 0x3b4}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe4, 0x2, 0x4}}, @hvc={0x32, 0x40, {0x84000051, [0x6, 0x8001, 0x1, 0x5, 0x4]}}, @svc={0x122, 0x40, {0xc400000c, [0xa, 0x6, 0x8, 0x2, 0x4]}}, @svc={0x122, 0x40, {0x84000001, [0x5, 0x2, 0x7fff, 0x100000000]}}, @mrs={0xbe, 0x18, {0x603000000013801e}}, @irq_setup={0x46, 0x18, {0x0, 0x9}}, @mrs={0xbe, 0x18, {0x603000000013805d}}, @svc={0x122, 0x40, {0xc4000007, [0x5, 0x8000, 0x3, 0x10000, 0x9]}}, @eret={0xe6, 0x18, 0xd}, @mrs={0xbe, 0x18, {0x603000000013e219}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff8, 0x3, 0xb}}, @code={0xa, 0x84, {"0080204e007008d50004006e60569ed200a0b8f2e10180d2e20080d2830080d2040080d2020000d40000002ee04499d20080b0f2210180d2620080d2030080d2640180d2020000d400208dd20040b8f2010180d2e20180d2030180d2e40080d2020000d4000008d50000009100c0211e"}}, @hvc={0x32, 0x40, {0x80000001, [0x0, 0x5, 0x9, 0x6, 0x7bfc]}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x9c}}, @irq_setup={0x46, 0x18, {0x0, 0x1c2}}, @svc={0x122, 0x40, {0x8, [0xe, 0x100, 0x2, 0xfffffffffffffffe, 0x1]}}, @svc={0x122, 0x40, {0x84000052, [0x0, 0x200, 0xffffffffffff8001, 0x8001, 0x7]}}, @hvc={0x32, 0x40, {0x80007fff, [0x4, 0x7ff, 0x7, 0x33, 0x6c]}}, @msr={0x14, 0x20, {0x603000000013e664, 0x7}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x3, 0xa, 0x0, 0xfffffff7, 0x2}}, @svc={0x122, 0x40, {0x4000000, [0x3756, 0x200, 0x7, 0xfffffffffffffff3, 0x46]}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x54}}, @uexit={0x0, 0x18, 0x694d921f}, @eret={0xe6, 0x18, 0x5}, @mrs={0xbe, 0x18, {0x603000000013def3}}], 0x5f5}, 0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x100)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3b)
r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f0000000240)}, &(0x7f0000000200)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000300)={0x0, &(0x7f00000000c0)=[@smc={0x1e, 0xed, {0xc4000001, [0x8, 0x939, 0xe, 0x7f, 0x20004]}}], 0x40}, &(0x7f00000001c0), 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)

kernel console output (not intermixed with test programs):

[  386.209688][ T3156] 8021q: adding VLAN 0 to HW filter on device bond0
[  449.129634][ T3156] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:35294' (ED25519) to the list of known hosts.
[  602.819081][   T25] audit: type=1400 audit(602.020:60): avc:  denied  { name_bind } for  pid=3314 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  604.734023][   T25] audit: type=1400 audit(603.930:61): avc:  denied  { execute } for  pid=3315 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  604.760557][   T25] audit: type=1400 audit(603.960:62): avc:  denied  { execute_no_trans } for  pid=3315 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  626.590324][   T25] audit: type=1400 audit(625.790:63): avc:  denied  { mounton } for  pid=3315 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  626.625780][   T25] audit: type=1400 audit(625.830:64): avc:  denied  { mount } for  pid=3315 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  626.714669][ T3315] cgroup: Unknown subsys name 'net'
[  626.764232][   T25] audit: type=1400 audit(625.970:65): avc:  denied  { unmount } for  pid=3315 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  627.140313][ T3315] cgroup: Unknown subsys name 'cpuset'
[  627.246506][ T3315] cgroup: Unknown subsys name 'rlimit'
[  628.166601][   T25] audit: type=1400 audit(627.370:66): avc:  denied  { setattr } for  pid=3315 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  628.193836][   T25] audit: type=1400 audit(627.390:67): avc:  denied  { mounton } for  pid=3315 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  628.210013][   T25] audit: type=1400 audit(627.410:68): avc:  denied  { mount } for  pid=3315 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  629.818852][ T3318] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  629.838489][   T25] audit: type=1400 audit(629.040:69): avc:  denied  { relabelto } for  pid=3318 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  629.867522][   T25] audit: type=1400 audit(629.070:70): avc:  denied  { write } for  pid=3318 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  630.049206][   T25] audit: type=1400 audit(629.250:71): avc:  denied  { read } for  pid=3315 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  630.074907][   T25] audit: type=1400 audit(629.270:72): avc:  denied  { open } for  pid=3315 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  630.118167][ T3315] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  681.546159][   T25] audit: type=1400 audit(680.750:73): avc:  denied  { execmem } for  pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  685.998636][   T25] audit: type=1400 audit(685.200:74): avc:  denied  { read } for  pid=3322 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  686.035980][   T25] audit: type=1400 audit(685.220:75): avc:  denied  { open } for  pid=3322 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  686.090323][   T25] audit: type=1400 audit(685.290:76): avc:  denied  { mounton } for  pid=3321 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  686.369467][   T25] audit: type=1400 audit(685.570:77): avc:  denied  { module_request } for  pid=3322 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  687.477902][   T25] audit: type=1400 audit(686.680:78): avc:  denied  { sys_module } for  pid=3322 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  715.863734][ T3322] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  716.816031][ T3322] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  717.079708][ T3321] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  717.330228][ T3321] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  729.244294][ T3322] hsr_slave_0: entered promiscuous mode
[  729.273037][ T3322] hsr_slave_1: entered promiscuous mode
[  730.102438][ T3321] hsr_slave_0: entered promiscuous mode
[  730.138160][ T3321] hsr_slave_1: entered promiscuous mode
[  730.170006][ T3321] debugfs: 'hsr0' already exists in 'hsr'
[  730.195111][ T3321] Cannot create hsr debugfs directory
[  735.562639][   T25] audit: type=1400 audit(734.760:79): avc:  denied  { create } for  pid=3322 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  735.587006][   T25] audit: type=1400 audit(734.780:80): avc:  denied  { write } for  pid=3322 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  735.672819][   T25] audit: type=1400 audit(734.860:81): avc:  denied  { read } for  pid=3322 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  735.858253][ T3322] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  736.299631][ T3322] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  736.545365][ T3322] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  736.903302][ T3322] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  738.600125][ T3321] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  738.976887][ T3321] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  739.294043][ T3321] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  739.544596][ T3321] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  756.212888][ T3322] 8021q: adding VLAN 0 to HW filter on device bond0
[  758.826350][ T3321] 8021q: adding VLAN 0 to HW filter on device bond0
[  814.926769][ T3322] veth0_vlan: entered promiscuous mode
[  815.364132][ T3322] veth1_vlan: entered promiscuous mode
[  817.271385][ T3321] veth0_vlan: entered promiscuous mode
[  818.073613][ T3322] veth0_macvtap: entered promiscuous mode
[  818.584564][ T3322] veth1_macvtap: entered promiscuous mode
[  818.683875][ T3321] veth1_vlan: entered promiscuous mode
[  821.956803][   T42] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  821.977232][   T42] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  821.993203][   T42] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  822.013602][   T42] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  822.377488][ T3321] veth0_macvtap: entered promiscuous mode
[  822.994905][ T3321] veth1_macvtap: entered promiscuous mode
[  825.557548][   T25] audit: type=1400 audit(824.760:82): avc:  denied  { mount } for  pid=3322 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  825.923258][   T25] audit: type=1400 audit(825.120:83): avc:  denied  { mounton } for  pid=3322 comm="syz-executor" path="/syzkaller.I1euLC/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  826.243209][   T25] audit: type=1400 audit(825.440:84): avc:  denied  { mount } for  pid=3322 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  826.702818][   T25] audit: type=1400 audit(825.870:85): avc:  denied  { mounton } for  pid=3322 comm="syz-executor" path="/syzkaller.I1euLC/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  826.750388][ T3420] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  826.765615][ T3420] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  826.799084][ T3420] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  826.807615][ T3420] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  827.083538][   T25] audit: type=1400 audit(826.270:86): avc:  denied  { mounton } for  pid=3322 comm="syz-executor" path="/syzkaller.I1euLC/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3782 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  828.229236][   T25] audit: type=1400 audit(827.420:87): avc:  denied  { unmount } for  pid=3322 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  828.575354][   T25] audit: type=1400 audit(827.780:88): avc:  denied  { mounton } for  pid=3322 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  828.665049][   T25] audit: type=1400 audit(827.860:89): avc:  denied  { mount } for  pid=3322 comm="syz-executor" name="/" dev="gadgetfs" ino=3795 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  829.258689][   T25] audit: type=1400 audit(828.410:90): avc:  denied  { mount } for  pid=3322 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  829.523426][   T25] audit: type=1400 audit(828.690:91): avc:  denied  { mounton } for  pid=3322 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  830.934111][ T3322] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  832.678413][   T25] kauditd_printk_skb: 1 callbacks suppressed
[  832.703983][   T25] audit: type=1400 audit(831.880:93): avc:  denied  { read write } for  pid=3322 comm="syz-executor" name="loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  832.773001][   T25] audit: type=1400 audit(831.970:94): avc:  denied  { open } for  pid=3322 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  832.852680][   T25] audit: type=1400 audit(832.040:95): avc:  denied  { ioctl } for  pid=3322 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  842.847758][   T25] audit: type=1400 audit(842.050:96): avc:  denied  { read } for  pid=3480 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  842.864055][   T25] audit: type=1400 audit(842.060:97): avc:  denied  { open } for  pid=3480 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  843.006320][   T25] audit: type=1400 audit(842.210:98): avc:  denied  { ioctl } for  pid=3480 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  858.470273][   T25] audit: type=1400 audit(857.670:99): avc:  denied  { write } for  pid=3496 comm="syz.0.5" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  860.078027][   T25] audit: type=1400 audit(859.270:100): avc:  denied  { append } for  pid=3496 comm="syz.0.5" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  865.682110][   T25] audit: type=1400 audit(864.870:101): avc:  denied  { execute } for  pid=3499 comm="syz.1.6" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4086 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  926.852842][   T25] audit: type=1400 audit(926.040:102): avc:  denied  { setattr } for  pid=3539 comm="syz.1.19" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1148.466968][ T3661] kvm [3661]: Failed to find VMA for hva 0x20c01000
[ 1152.738310][   T25] audit: type=1400 audit(1151.940:103): avc:  denied  { map } for  pid=3666 comm="syz.1.53" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1153.417997][ T3667] kvm [3667]: Failed to find VMA for hva 0x20e8a000
[ 1153.538903][ T3667] kvm [3667]: Failed to find VMA for hva 0x20e8a000
[ 1371.688957][ T2120] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1373.017159][ T2120] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1374.097266][ T2120] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1375.458428][ T2120] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1389.148981][ T2120] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1389.244910][ T2120] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1389.309284][ T2120] bond0 (unregistering): Released all slaves
[ 1390.905801][ T2120] hsr_slave_0: left promiscuous mode
[ 1390.975617][ T2120] hsr_slave_1: left promiscuous mode
[ 1391.723208][ T2120] veth1_macvtap: left promiscuous mode
[ 1391.727305][ T2120] veth0_macvtap: left promiscuous mode
[ 1391.772949][ T2120] veth1_vlan: left promiscuous mode
[ 1391.797065][ T2120] veth0_vlan: left promiscuous mode
[ 1410.459829][ T2120] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1411.238157][ T2120] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1412.286495][ T2120] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1413.254555][ T2120] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1429.283915][ T2120] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1429.569797][ T2120] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1429.723597][ T2120] bond0 (unregistering): Released all slaves
[ 1432.224431][ T2120] hsr_slave_0: left promiscuous mode
[ 1432.332833][ T2120] hsr_slave_1: left promiscuous mode
[ 1432.833330][ T2120] veth1_macvtap: left promiscuous mode
[ 1432.836638][ T2120] veth0_macvtap: left promiscuous mode
[ 1432.854344][ T2120] veth1_vlan: left promiscuous mode
[ 1432.875631][ T2120] veth0_vlan: left promiscuous mode
[ 1460.088731][ T3772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1460.348145][ T3772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1465.284915][ T3776] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1465.543144][ T3776] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1481.179467][ T3772] hsr_slave_0: entered promiscuous mode
[ 1481.245899][ T3772] hsr_slave_1: entered promiscuous mode
[ 1487.496876][ T3776] hsr_slave_0: entered promiscuous mode
[ 1487.549303][ T3776] hsr_slave_1: entered promiscuous mode
[ 1487.603101][ T3776] debugfs: 'hsr0' already exists in 'hsr'
[ 1487.612487][ T3776] Cannot create hsr debugfs directory
[ 1501.804006][ T3772] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1502.152904][ T3772] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1502.396369][ T3772] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1502.963285][ T3772] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1506.756944][ T3776] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1507.056715][ T3776] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1507.336123][ T3776] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1507.596172][ T3776] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1526.059154][ T3772] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1530.983318][ T3776] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1624.244748][ T3772] veth0_vlan: entered promiscuous mode
[ 1625.105136][ T3772] veth1_vlan: entered promiscuous mode
[ 1628.518131][ T3772] veth0_macvtap: entered promiscuous mode
[ 1629.439970][ T3772] veth1_macvtap: entered promiscuous mode
[ 1632.093625][ T3776] veth0_vlan: entered promiscuous mode
[ 1633.847100][ T3776] veth1_vlan: entered promiscuous mode
[ 1634.540020][ T3402] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1634.546882][ T3402] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1634.572930][ T3402] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1634.742985][ T3402] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1639.113214][ T3776] veth0_macvtap: entered promiscuous mode
[ 1639.756282][ T3776] veth1_macvtap: entered promiscuous mode
[ 1642.902527][   T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1642.908403][   T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1642.964738][   T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1642.992168][   T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2044.833120][   T42] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2046.867091][   T42] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2048.569673][   T42] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2050.179473][   T42] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2073.950426][   T42] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2074.254376][   T42] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2074.435588][   T42] bond0 (unregistering): Released all slaves
[ 2076.714601][   T42] hsr_slave_0: left promiscuous mode
[ 2076.794885][   T42] hsr_slave_1: left promiscuous mode
[ 2077.193131][   T42] veth1_macvtap: left promiscuous mode
[ 2077.200093][   T42] veth0_macvtap: left promiscuous mode
[ 2077.215364][   T42] veth1_vlan: left promiscuous mode
[ 2077.234680][   T42] veth0_vlan: left promiscuous mode
[ 2144.057842][ T4263] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2144.538000][ T4263] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2179.209041][ T4263] hsr_slave_0: entered promiscuous mode
[ 2179.255795][ T4263] hsr_slave_1: entered promiscuous mode
[ 2204.978890][ T3420] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2206.798129][ T3420] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2208.278849][ T3420] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2208.886396][ T4263] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2209.360231][ T4263] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2210.465161][ T3420] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2210.986919][ T4263] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2211.495959][ T4263] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2234.579312][ T3420] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2235.278654][ T3420] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2235.447569][ T3420] bond0 (unregistering): Released all slaves
[ 2238.062409][ T3420] hsr_slave_0: left promiscuous mode
[ 2238.214157][ T3420] hsr_slave_1: left promiscuous mode
[ 2239.015548][ T3420] veth1_macvtap: left promiscuous mode
[ 2239.025315][ T3420] veth0_macvtap: left promiscuous mode
[ 2239.048277][ T3420] veth1_vlan: left promiscuous mode
[ 2239.082978][ T3420] veth0_vlan: left promiscuous mode
[ 2270.966057][ T4263] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2310.186454][ T4362] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2310.459248][ T4362] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2343.342700][ T4362] hsr_slave_0: entered promiscuous mode
[ 2343.416796][ T4362] hsr_slave_1: entered promiscuous mode
[ 2343.527024][ T4362] debugfs: 'hsr0' already exists in 'hsr'
[ 2343.552307][ T4362] Cannot create hsr debugfs directory
[ 2362.515661][ T4362] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2363.072593][ T4362] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2363.417979][ T4362] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2363.719989][ T4362] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2392.569025][ T4362] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2399.517666][ T4263] veth0_vlan: entered promiscuous mode
[ 2400.660151][ T4263] veth1_vlan: entered promiscuous mode
[ 2404.346755][ T4263] veth0_macvtap: entered promiscuous mode
[ 2404.925899][ T4263] veth1_macvtap: entered promiscuous mode
[ 2408.354042][ T4499] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2408.396195][ T4499] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2408.442900][ T2120] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2408.536846][ T4278] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2566.940143][ T4362] veth0_vlan: entered promiscuous mode
[ 2568.515903][ T4362] veth1_vlan: entered promiscuous mode
[ 2572.701468][ T4362] veth0_macvtap: entered promiscuous mode
[ 2573.656928][ T4362] veth1_macvtap: entered promiscuous mode
[ 2577.649532][ T3420] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2577.658742][ T3420] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2577.680320][ T3420] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2577.732237][ T3420] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2594.721975][   T25] audit: type=1400 audit(2593.920:104): avc:  denied  { execute } for  pid=4618 comm="syz.5.149" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2675.314602][ T3975] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2678.209748][ T3975] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2679.818355][ T3975] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2681.544452][ T3975] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2705.185550][ T3975] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2705.367933][ T3975] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2705.529765][ T3975] bond0 (unregistering): Released all slaves
[ 2709.746294][ T3975] hsr_slave_0: left promiscuous mode
[ 2709.933008][ T3975] hsr_slave_1: left promiscuous mode
[ 2710.863052][ T3975] veth1_macvtap: left promiscuous mode
[ 2710.864454][ T3975] veth0_macvtap: left promiscuous mode
[ 2710.903634][ T3975] veth1_vlan: left promiscuous mode
[ 2710.913384][ T3975] veth0_vlan: left promiscuous mode
[ 2741.610371][ T3975] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2743.238501][ T3975] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2744.687595][ T3975] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2745.757928][ T3975] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2769.022837][ T3975] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2769.375091][ T3975] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2769.535341][ T3975] bond0 (unregistering): Released all slaves
[ 2773.302171][ T3975] hsr_slave_0: left promiscuous mode
[ 2773.389950][ T3975] hsr_slave_1: left promiscuous mode
[ 2774.125576][ T3975] veth1_macvtap: left promiscuous mode
[ 2774.128160][ T3975] veth0_macvtap: left promiscuous mode
[ 2774.143807][ T3975] veth1_vlan: left promiscuous mode
[ 2774.145379][ T3975] veth0_vlan: left promiscuous mode
[ 2842.759652][ T4662] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2843.043619][ T4659] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2843.275620][ T4662] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2843.455490][ T4659] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2874.648011][ T4659] hsr_slave_0: entered promiscuous mode
[ 2874.745825][ T4659] hsr_slave_1: entered promiscuous mode
[ 2878.704295][ T4662] hsr_slave_0: entered promiscuous mode
[ 2878.824513][ T4662] hsr_slave_1: entered promiscuous mode
[ 2878.892386][ T4662] debugfs: 'hsr0' already exists in 'hsr'
[ 2878.893291][ T4662] Cannot create hsr debugfs directory
[ 2899.163166][ T4659] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 2899.730337][ T4659] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 2900.370487][ T4659] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 2901.084902][ T4659] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 2906.686654][ T4662] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 2907.239830][ T4662] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 2907.757460][ T4662] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 2908.199669][ T4662] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 2935.409921][ T4659] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2943.113888][ T4662] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3103.149123][ T4659] veth0_vlan: entered promiscuous mode
[ 3104.194179][ T4659] veth1_vlan: entered promiscuous mode
[ 3108.963489][ T4662] veth0_vlan: entered promiscuous mode
[ 3110.034882][ T4659] veth0_macvtap: entered promiscuous mode
[ 3111.474857][ T4659] veth1_macvtap: entered promiscuous mode
[ 3111.883895][ T4662] veth1_vlan: entered promiscuous mode
[ 3118.575618][ T3778] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3118.636325][ T4677] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3118.674410][ T4677] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3118.832218][ T4677] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3119.078481][ T4662] veth0_macvtap: entered promiscuous mode
[ 3120.734721][ T4662] veth1_macvtap: entered promiscuous mode
[ 3127.826349][ T4677] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3127.828504][ T4677] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3127.839068][ T4677] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3127.926226][ T4677] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3434.958652][ T5060] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3437.238613][ T5060] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3439.559943][ T5060] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3441.566374][ T5060] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3467.317850][ T5060] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3467.495819][ T5060] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3467.639379][ T5060] bond0 (unregistering): Released all slaves
[ 3470.544919][ T5060] hsr_slave_0: left promiscuous mode
[ 3471.134688][ T5060] hsr_slave_1: left promiscuous mode
[ 3472.565968][ T5060] veth1_macvtap: left promiscuous mode
[ 3472.622639][ T5060] veth0_macvtap: left promiscuous mode
[ 3472.643708][ T5060] veth1_vlan: left promiscuous mode
[ 3472.645354][ T5060] veth0_vlan: left promiscuous mode
[ 3513.688256][ T4298] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3515.243993][ T4298] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3516.954811][ T4298] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3519.133568][ T4298] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3545.635937][ T4298] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3546.483505][ T4298] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3547.133164][ T4298] bond0 (unregistering): Released all slaves
[ 3551.942697][ T4298] hsr_slave_0: left promiscuous mode
[ 3552.102731][ T4298] hsr_slave_1: left promiscuous mode
[ 3552.915361][ T4298] veth1_macvtap: left promiscuous mode
[ 3552.917181][ T4298] veth0_macvtap: left promiscuous mode
[ 3552.924589][ T4298] veth1_vlan: left promiscuous mode
[ 3552.926142][ T4298] veth0_vlan: left promiscuous mode
[ 3601.739147][ T5057] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3602.185745][ T5057] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3608.144516][ T5062] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3608.625164][ T5062] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3640.179121][ T5057] hsr_slave_0: entered promiscuous mode
[ 3640.225741][ T5057] hsr_slave_1: entered promiscuous mode
[ 3645.474566][ T5062] hsr_slave_0: entered promiscuous mode
[ 3645.557380][ T5062] hsr_slave_1: entered promiscuous mode
[ 3645.579515][ T5062] debugfs: 'hsr0' already exists in 'hsr'
[ 3645.606152][ T5062] Cannot create hsr debugfs directory
[ 3666.659177][ T5057] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 3667.807141][ T5057] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 3668.606770][ T5057] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 3670.495033][ T5057] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 3677.315002][ T5062] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 3677.873033][ T5062] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 3678.456147][ T5062] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 3679.223065][ T5062] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 3712.765357][ T5057] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3719.446615][ T5062] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3899.736616][ T5057] veth0_vlan: entered promiscuous mode
[ 3901.348406][ T5057] veth1_vlan: entered promiscuous mode
[ 3907.404635][ T5062] veth0_vlan: entered promiscuous mode
[ 3908.656507][ T5057] veth0_macvtap: entered promiscuous mode
[ 3909.860164][ T5062] veth1_vlan: entered promiscuous mode
[ 3910.528951][ T5057] veth1_macvtap: entered promiscuous mode
[ 3917.448060][ T5062] veth0_macvtap: entered promiscuous mode
[ 3918.564768][ T4278] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3918.573694][ T4278] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3918.608378][ T4499] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3918.703072][ T3778] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3919.030088][ T5062] veth1_macvtap: entered promiscuous mode
[ 3928.532566][ T4278] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3928.533999][ T4278] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3928.721832][   T49] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3928.750127][   T49] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4237.089539][ T5355] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4237.718568][ T5355] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4253.557030][ T5359] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4254.204857][ T5359] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4304.277872][ T5355] hsr_slave_0: entered promiscuous mode
[ 4304.428574][ T5355] hsr_slave_1: entered promiscuous mode
[ 4304.598481][ T5355] debugfs: 'hsr0' already exists in 'hsr'
[ 4304.605041][ T5355] Cannot create hsr debugfs directory
[ 4324.790459][ T5359] hsr_slave_0: entered promiscuous mode
[ 4324.928763][ T5359] hsr_slave_1: entered promiscuous mode
[ 4325.124586][ T5359] debugfs: 'hsr0' already exists in 'hsr'
[ 4325.173353][ T5359] Cannot create hsr debugfs directory
[ 4378.603567][ T5355] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 4382.793124][ T5355] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 4386.352497][ T5355] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 4387.536431][ T5355] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 4406.258637][ T5359] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 4406.940019][ T5359] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 4407.616658][ T5359] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 4408.378995][ T5359] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 4448.288100][ T5355] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4464.065495][ T5359] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4476.157887][   T27] INFO: task syz.8.190:5342 blocked for more than 430 seconds.
[ 4476.233039][   T27]       Not tainted syzkaller #0
[ 4476.265921][   T27]       Blocked by coredump.
[ 4476.266385][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 4476.266859][   T27] task:syz.8.190       state:D stack:0     pid:5342  tgid:5340  ppid:5057   task_flags:0x40044c flags:0x00000019
[ 4476.268357][   T27] Call trace:
[ 4476.268881][   T27]  __switch_to+0x584/0xb20 (T)
[ 4476.387194][   T27]  __schedule+0x1eec/0x33a4
[ 4476.387974][   T27]  schedule+0xac/0x27c
[ 4476.388536][   T27]  schedule_timeout+0x5c/0x1e4
[ 4476.389017][   T27]  do_wait_for_common+0x28c/0x444
[ 4476.389434][   T27]  wait_for_completion+0x44/0x5c
[ 4476.389942][   T27]  __synchronize_srcu+0x2a4/0x320
[ 4476.390440][   T27]  synchronize_srcu+0x3cc/0x4f0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 4476.562381][   T27]  __mmu_notifier_release+0x424/0x614
[ 4476.563054][   T27]  exit_mmap+0xb8/0xbb8
[ 4476.563545][   T27]  __mmput+0x10c/0x528
[ 4476.564059][   T27]  mmput+0x70/0xac
[ 4476.564547][   T27]  exit_mm+0x158/0x258
[ 4476.565023][   T27]  do_exit+0x788/0x2378
[ 4476.565465][   T27]  do_group_exit+0x1d4/0x2ac
[ 4476.565917][   T27]  get_signal+0x1440/0x1554
[ 4476.566394][   T27]  do_signal+0x23c/0x4dd0
[ 4476.566896][   T27]  do_notify_resume+0xb0/0x270
[ 4476.567341][   T27]  el0_svc+0xb8/0x164
[ 4476.567766][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 4476.568228][   T27]  el0t_64_sync+0x198/0x19c
[ 4476.693049][   T27] 
[ 4476.693049][   T27] Showing all locks held in the system:
[ 4476.718864][   T27] 1 lock held by khungtaskd/27:
[ 4476.719480][   T27]  #0: ffff800087876d18 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[ 4476.758966][   T27] 2 locks held by kworker/u4:4/49:
[ 4476.759377][   T27]  #0: c8f000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 4476.776988][   T27]  #1: ffff80008cb07c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 4476.778862][   T27] 1 lock held by klogd/3119:
[ 4476.779232][   T27] 2 locks held by getty/3185:
[ 4476.779526][   T27]  #0: d4f0000011c4e8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 4476.913399][   T27]  #1: 49ff80008c5cb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8
[ 4476.915231][   T27] 2 locks held by syz-executor/3315:
[ 4476.915569][   T27] 3 locks held by kworker/u4:5/3402:
[ 4476.915882][   T27] 3 locks held by kworker/u4:1/3778:
[ 4476.916233][   T27] 2 locks held by kworker/0:4/4503:
[ 4476.916596][   T27] 3 locks held by kworker/u4:0/4677:
[ 4476.916940][   T27] 2 locks held by kworker/u4:13/4824:
[ 4476.917268][   T27]  #0: c8f000000cc20948 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a18
[ 4476.918918][   T27]  #1: ffff80008f1a7c78 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a18
[ 4477.095216][   T27] 3 locks held by kworker/u4:3/5060:
[ 4477.116473][   T27] 2 locks held by syz.9.189/5336:
[ 4477.117046][   T27] 3 locks held by kworker/u4:10/5363:
[ 4477.117428][   T27] 3 locks held by kworker/u4:11/5500:
[ 4477.117734][   T27] 1 lock held by modprobe/5501:
[ 4477.118060][   T27] 1 lock held by modprobe/5502:
[ 4477.118366][   T27] 3 locks held by rm/5503:
[ 4477.154249][   T27] 
[ 4477.154817][   T27] =============================================
[ 4477.154817][   T27] 
[ 4497.303225][   T27] INFO: task syz.8.190:5342 blocked for more than 451 seconds.
[ 4497.313075][   T27]       Not tainted syzkaller #0
[ 4497.322470][   T27]       Blocked by coredump.
[ 4497.322888][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 4497.323166][   T27] task:syz.8.190       state:D stack:0     pid:5342  tgid:5340  ppid:5057   task_flags:0x40044c flags:0x00000019
[ 4497.323894][   T27] Call trace:
[ 4497.324163][   T27]  __switch_to+0x584/0xb20 (T)
[ 4497.324768][   T27]  __schedule+0x1eec/0x33a4
[ 4497.325301][   T27]  schedule+0xac/0x27c
[ 4497.325789][   T27]  schedule_timeout+0x5c/0x1e4
[ 4497.326220][   T27]  do_wait_for_common+0x28c/0x444
[ 4497.326605][   T27]  wait_for_completion+0x44/0x5c
[ 4497.327106][   T27]  __synchronize_srcu+0x2a4/0x320
[ 4497.327557][   T27]  synchronize_srcu+0x3cc/0x4f0
[ 4497.328016][   T27]  __mmu_notifier_release+0x424/0x614
[ 4497.328493][   T27]  exit_mmap+0xb8/0xbb8
[ 4497.328992][   T27]  __mmput+0x10c/0x528
[ 4497.329462][   T27]  mmput+0x70/0xac
[ 4497.329930][   T27]  exit_mm+0x158/0x258
[ 4497.330376][   T27]  do_exit+0x788/0x2378
[ 4497.508202][   T27]  do_group_exit+0x1d4/0x2ac
[ 4497.508880][   T27]  get_signal+0x1440/0x1554
[ 4497.509375][   T27]  do_signal+0x23c/0x4dd0
[ 4497.509880][   T27]  do_notify_resume+0xb0/0x270
[ 4497.510331][   T27]  el0_svc+0xb8/0x164
[ 4497.593792][   T27]  el0t_64_sync_handler+0x84/0x12c
[ 4497.594483][   T27]  el0t_64_sync+0x198/0x19c
[ 4497.595192][   T27] 
[ 4497.595192][   T27] Showing all locks held in the system:
[ 4497.595513][   T27] 1 lock held by khungtaskd/27:
[ 4497.595847][   T27]  #0: ffff800087876d18 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48
[ 4497.597571][   T27] 2 locks held by kworker/u4:4/49:
[ 4497.598025][   T27] 3 locks held by kworker/u4:6/2120:
[ 4497.598349][   T27] 1 lock held by klogd/3119:
[ 4497.598659][   T27] 2 locks held by getty/3185:
[ 4497.598984][   T27]  #0: d4f0000011c4e8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c
[ 4497.703918][   T27]  #1: 49ff80008c5cb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x12b8
[ 4497.706149][   T27] 3 locks held by kworker/u4:1/3778:
[ 4497.706519][   T27] 3 locks held by kworker/u4:12/4499:
[ 4497.706869][   T27] 2 locks held by kworker/u4:13/4824:
[ 4497.707265][   T27] 2 locks held by syz.9.189/5336:
[ 4497.707578][   T27] 3 locks held by kworker/u4:10/5363:
[ 4497.707945][   T27] 3 locks held by kworker/u4:11/5500:
[ 4497.708260][   T27] 2 locks held by dhcpcd-run-hook/5509:
[ 4497.708673][   T27] 
[ 4497.708947][   T27] =============================================
[ 4497.708947][   T27] 

VM DIAGNOSIS:
20:48:57  Registers:
info registers vcpu 0

CPU#0
 PC=ffff8000860188f8 X00=0000000000000001 X01=ffff80008712372d
X02=0000000000000008 X03=0000000000000002 X04=0000000000000000
X05=0000000000000000 X06=0000000000000000 X07=ffff8000860188c8
X08=00000000000000c0 X09=0000000000000000 X10=0000000000ff0100
X11=00000000000000fe X12=89f0000016c96330 X13=0000000000000028
X14=ffffffffffffffff X15=ffff800080007680 X16=ffff800080010e20
X17=000000000000003e X18=00000000000000ff X19=efff800000000000
X20=beff80008c5f9000 X21=74f0000019845100 X22=0000000000000001
X23=8ef0000015d474c0 X24=000000000000005a X25=0000000000000000
X26=000000000000ffff X27=e5f0000026bb6cce X28=74f00000198451d8
X29=ffff800080007720 X30=ffff800080385578  SP=ffff800080007720
PSTATE=604020c9 -ZC- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=63696d6f74616269:6c2f343662696c2f Z01=00312e6f732e6369:6d6f746162696c2f
Z02=0000000000000000:fffffffffff00000 Z03=0000000000000000:0000000000000000
Z04=3333333333333333:3333333333333333 Z05=0000000000000000:0000000c00000000
Z06=0000000000000000:0000000000000000 Z07=0000000000000000:0000000000000000
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000000000000000:0000000000000000 Z17=0000000000000000:0000000000000000
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000