last executing test programs:

2h41m58.957455444s ago: executing program 32 (id=73):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2b)
ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r3, 0x4068aea3, &(0x7f0000000040))
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, 0xffffffffffffffff)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2d)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
ioctl$KVM_CAP_HALT_POLL(r7, 0x4068aea3, &(0x7f0000000000)={0xb6, 0x0, 0xfff})
mmap$KVM_VCPU(&(0x7f0000e7e000/0x4000)=nil, 0x930, 0xe, 0x100010, 0xffffffffffffffff, 0x0)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r8 = syz_kvm_vgic_v3_setup(r5, 0x3, 0x200)
r9 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
eventfd2(0xba88, 0x80401)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000be6000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138047, 0x8000}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0x5, 0xc, 0x0})

2h41m55.007407434s ago: executing program 33 (id=74):
openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x8})
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000200)={0x80a0000, 0x0, 0x94, 0x1})
r3 = openat$kvm(0x0, &(0x7f00000001c0), 0x1, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x34)
ioctl$KVM_IRQ_LINE_STATUS(r4, 0xc008ae67, 0xfffffffffffffffe)

2h35m16.782097951s ago: executing program 34 (id=77):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000100)={0x1002000, 0x1})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x2710, 0x2, 0xd000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000003c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f00000001c0)=@arm64_sve={0x6080000000150008, 0x0})

2h31m12.747950467s ago: executing program 35 (id=93):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000c000000020000000100000000000000bb0e00004c794c397f0000000008000000000000000000000000000000d2ed394546b829b3b7e2ddc4f735d9edc724d54dcc7a44fafc032067c95cb628069a4c01fcdaf8af"])
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000100)={0x10002, 0x2, 0x1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000d70000/0x3000)=nil, 0x3000)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x602000, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffb}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
r10 = openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000080), 0x62a581, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f00000000c0)={0xbbfbfe6201889764, 0xffffffffffffffff, 0x1})
ioctl$KVM_SET_USER_MEMORY_REGION2(r9, 0x40a0ae49, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)

2h26m18.568387977s ago: executing program 36 (id=101):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x20)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000a67000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2)
r11 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r10, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r10, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x125b02, 0x0)
r12 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r12, 0x4020aeae, 0xfffffffffffffffe)
r13 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
r14 = mmap$KVM_VCPU(&(0x7f0000b9e000/0x3000)=nil, 0x0, 0x2000000, 0x11, r13, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f00000001c0)="e08fe253e7b92a9275d72813f016291c984db8aebfcb34b7c83426f4b2f8d645ae7974ec0e3fa59c11d9f776a079dd11d8166fd2f3f62fcc89ffc6e84e107f51817f1c4daea6ef69", 0x0, 0x48)
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f0000000080)=@arm64_core={0x6030000000100030, &(0x7f0000000040)=0x40})
r15 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
r17 = ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r17, 0x4040aea0, 0xfffffffffffffffe)
r18 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_GET_ONE_REG(r13, 0x4010aeab, &(0x7f0000000180)=@arm64_sve={0x608000000015017c, &(0x7f0000000100)=0x1})
r19 = syz_kvm_add_vcpu$arm64(r18, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r19, 0x4010aeac, &(0x7f00000000c0)=@arm64_core={0x6030000000100038, &(0x7f0000000140)=0x7})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

2h21m59.438798106s ago: executing program 37 (id=108):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x27)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x0, 0x0, 0x6, 0x0, 0x9}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r8 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010002a, &(0x7f00000000c0)=0xc})

2h16m21.896763869s ago: executing program 38 (id=114):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x22300, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x28)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r5, 0x4068aea3, &(0x7f0000000100)={0xdf, 0x0, 0xc800})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f00004e3000/0x2000)=nil, 0x930, 0xa, 0x2013, r6, 0x40000)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xdddd1000, 0x0, r9})
close(r9)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, 0x0, 0x0, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000100)="4bead90a8a524c79f126541ba60686d7378e2f7235828bcf3fa4a80d5e3c6753e0fbf42973da38e59cd4b2dc174f7f7ed37dd8abc6a52715ea2d8a070028857f943eed4506eaf7a1", 0x0, 0x48)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x31)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r11, 0xae03, 0x7e)
r12 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
ioctl$KVM_CREATE_VM(r10, 0x40086602, 0x20200004)
r13 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r14 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r14, 0xae03, 0x59)
r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r16, 0x4010ae42, &(0x7f0000000000)={0xa4a605311ad0de6b, 0x0, &(0x7f0000c67000/0x2000)=nil})

2h6m30.146917882s ago: executing program 39 (id=135):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x70080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000100)={0x5, 0x5})
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f00000001c0)=@arm64_bitmap={0x6030000000160002, &(0x7f0000000180)=0x10})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_vgic_v3_setup(r4, 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100024, &(0x7f0000000140)=0x7})
close(0x4)
close(0x5)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x6832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x5, 0x7, 0x3000, 0x2000, &(0x7f0000e18000/0x2000)=nil})
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80010, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
r9 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2)
ioctl$KVM_GET_DIRTY_LOG(r9, 0x4010ae42, &(0x7f0000000000)={0x101ff, 0x0, &(0x7f0000ffd000/0x2000)=nil})

2h6m9.81080689s ago: executing program 40 (id=136):
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x8131, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000240)=[@msr={0x14, 0x20, {0x603000000013c4f1, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce2, 0x8000}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x391}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}], 0x88}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x11)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r4, 0x4010aeb5, &(0x7f0000000000)={0x5, 0x1})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r7, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x8, 0x4, 0x0})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_assert_reg(r3, 0x8, 0x8000)

1h51m16.657675595s ago: executing program 41 (id=170):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$arm64(r6, 0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
r7 = mmap$KVM_VCPU(&(0x7f0000d08000/0x3000)=nil, 0x0, 0x8, 0x40010, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000180)="39ae73b52dee7225f24b5ffbff1229319cdcdf4daed97070a4fa74833c7be77cfc334927d3b1a7a75fff27518873d325cf23720fdc612c4f44a6fb09b11a1b774bc8aeae9aab44cf", 0x0, 0x48)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r8 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_vgic_v3_setup(r4, 0x4, 0x3a0)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x2c)
r12 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r13, 0xae01, 0xc)
ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x1)
syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000040)=@arm64_bitmap={0x6030000000160001, &(0x7f0000000240)=0x6})
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve_vls={0x606000000015ffff, &(0x7f0000000080)=0x2})
r14 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_FINALIZE(r14, 0x4004aec2, &(0x7f0000000140)=0x7)

1h51m9.349117238s ago: executing program 42 (id=171):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x302, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0x5452, 0xa00000000000000)
r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000200)=[@its_setup={0x82, 0x28, {0x4, 0x0, 0xf6}}, @eret={0xe6, 0x18, 0x9}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x2, 0x9, 0x7, 0x56d8}}, @code={0xa, 0x9c, {"401a9dd20060b0f2210180d2c20080d2430180d2240080d2020000d460838ed20060b8f2410080d2820180d2430080d2440080d2020000d4000440b8807984d20060b8f2c10180d2420180d2a30180d2840180d2020000d4000000ca007008d5007008d5008008d500d8215e00f59fd20000b8f2210080d2c20180d2a30080d2240080d2020000d4"}}, @eret={0xe6, 0x18, 0x2}, @code={0xa, 0xcc, {"007008d5007008d500aa8cd20040b8f2810180d2220080d2230080d2240080d2020000d4400097d20080b8f2010080d2a20180d2c30180d2c40080d2020000d4a0d387d20060b8f2610180d2020080d2830180d2a40080d2020000d4c00890d200c0b8f2a10180d2c20080d2230180d2040180d2020000d4602492d20060b0f2010080d2820080d2630180d2040080d2020000d460c89cd200c0b8f2810180d2620180d2630080d2640180d2020000d4000000ac00000034"}}, @code={0xa, 0x84, {"000028d5c01b9bd20060b0f2010180d2420080d2430180d2640180d2020000d4000000390000301ec04791d200c0b0f2610180d2c20180d2830080d2040080d2020000d4007d8ad200e0b8f2a10180d2420180d2c30180d2a40180d2020000d4007008d5000028d5000028d5007008d5"}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x62}}, @msr={0x14, 0x20, {0x603000000013c2a1}}, @hvc={0x32, 0x40, {0x80003fff, [0x7, 0x9, 0xffffffffffff0000, 0xa, 0x6]}}, @msr={0x14, 0x20, {0x603000000013c602, 0x1}}, @uexit={0x0, 0x18, 0x3}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x0, 0x0, 0x2}}, @hvc={0x32, 0x40, {0xc4000012, [0x3, 0x4, 0x6, 0x6, 0x5]}}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x6}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0xc4}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x84}}, @irq_setup={0x46, 0x18, {0x4, 0x30d}}, @hvc={0x32, 0x40, {0x80003fff, [0x10, 0x40, 0x2, 0x3, 0x1]}}, @svc={0x122, 0x40, {0x4000000, [0x100000001, 0xa4f, 0x7, 0xb8e1]}}, @svc={0x122, 0x40, {0x84000000, [0x1, 0xe, 0x10, 0xba, 0x7fff]}}, @smc={0x1e, 0x40, {0x2000, [0x5a6, 0x6, 0x5, 0xcc83, 0x1ff]}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0xd5}}, @uexit={0x0, 0x18, 0x3}, @smc={0x1e, 0x40, {0x80007fff, [0x1000, 0x4, 0x5, 0x4, 0x8]}}, @eret={0xe6, 0x18, 0x7}], 0x5c4}, &(0x7f0000000100)=[@featur2={0x1, 0xa0}], 0x1)
r4 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, &(0x7f0000000800)=[@uexit={0x0, 0x18}, @mrs={0xbe, 0x18, {0x603000000013e6cf}}, @mrs={0xbe, 0x18, {0x603000000013dea9}}, @msr={0x14, 0x20, {0x603000000013e518, 0x7f}}, @eret={0xe6, 0x18, 0x81}, @uexit={0x0, 0x18}, @hvc={0x32, 0x40, {0x84000008, [0x81, 0x7, 0x3, 0x10000, 0x2]}}], 0xd8}, &(0x7f0000000900)=[@featur2], 0x1)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000040)={0x2710, 0x2, 0xd000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r3, 0x4018aee2, &(0x7f00000000c0)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000140)})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r8, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000100)={0x8})
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000000)={0x4})
r9 = syz_kvm_vgic_v3_setup(r2, 0x0, 0x40)
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000980)=@attr_arm64={0x0, 0x2, 0x2, &(0x7f0000000940)=0x7})
r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013df19, 0x9}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)

1h38m44.655575217s ago: executing program 1 (id=201):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0xffffffffffffffff}}], 0x20}, &(0x7f00000000c0)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x10003, 0x6, 0x5000, 0x1000, &(0x7f0000f4a000/0x1000)=nil})
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x2002, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000bfe000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000000)={0x1fe, 0x0, 0xdddd0000, 0x2000, &(0x7f0000f1a000/0x2000)=nil})
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000300)={0x6, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000380)=@attr_other={0x0, 0xffffff60, 0x6, &(0x7f0000000340)=0x9})
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x33)
r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000240)={0x1ff, 0x5, 0xeeef0000, 0x2000, &(0x7f0000d23000/0x2000)=nil})
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@memwrite={0x6e, 0x30, @generic={0xdddd0000, 0x7f8, 0x4ec, 0x8}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x5, 0xfffffffe, 0x0, 0x0, 0x79}}], 0x58}, 0x0, 0x0)
r14 = syz_kvm_vgic_v3_setup(r11, 0x1, 0x3a0)
ioctl$KVM_GET_DEVICE_ATTR(r14, 0x4018aee2, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000180)={0x8})

1h37m57.37549512s ago: executing program 43 (id=201):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0xffffffffffffffff}}], 0x20}, &(0x7f00000000c0)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x10003, 0x6, 0x5000, 0x1000, &(0x7f0000f4a000/0x1000)=nil})
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x2002, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000bfe000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000000)={0x1fe, 0x0, 0xdddd0000, 0x2000, &(0x7f0000f1a000/0x2000)=nil})
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000300)={0x6, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000380)=@attr_other={0x0, 0xffffff60, 0x6, &(0x7f0000000340)=0x9})
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x33)
r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000240)={0x1ff, 0x5, 0xeeef0000, 0x2000, &(0x7f0000d23000/0x2000)=nil})
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@memwrite={0x6e, 0x30, @generic={0xdddd0000, 0x7f8, 0x4ec, 0x8}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x5, 0xfffffffe, 0x0, 0x0, 0x79}}], 0x58}, 0x0, 0x0)
r14 = syz_kvm_vgic_v3_setup(r11, 0x1, 0x3a0)
ioctl$KVM_GET_DEVICE_ATTR(r14, 0x4018aee2, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000180)={0x8})

1h37m37.068403896s ago: executing program 44 (id=202):
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000000)={0x5, 0x3, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000000)={0xffffffffffffffff, 0x3})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000100)={0xffffffffffffffff, 0xb16b, 0x2})
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f00000002c0)={0x0, 0x0, 0x8, 0xffffffffffffffff, 0x8})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x2, 0x27b}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x40000002}}], 0x40}, 0x0, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000000240)={0x5000, 0x2000, 0x1})
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080001})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x88, &(0x7f0000000000)=0x10})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f0000e5b000/0x4000)=nil, r8, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
r11 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r10, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
syz_kvm_setup_cpu$arm64(r2, r5, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000040)=[{0x0, &(0x7f0000000280)=ANY=[@ANYRESHEX=r5], 0x18}], 0x1, 0x0, 0x0, 0xffffffffffffff78)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r12, 0xae04)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r13, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, r13, 0x6000006, 0x2010, 0xffffffffffffffff, 0x0)

1h26m43.777626836s ago: executing program 45 (id=212):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x200, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x200, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x2710, 0x2, 0xd000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x6, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013df19, 0x8003}}], 0x20}, 0x0, 0x0)
syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000200)=[@msr={0x14, 0x20, {0x603000000013de90, 0x7}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x90, 0x40, 0x3}}, @smc={0x1e, 0x40, {0x31000000, [0x7fff, 0x58, 0x80000001, 0x5, 0xf44]}}, @code={0xa, 0x6c, {"a0278ad200a0b0f2e10180d2620180d2630080d2a40080d2020000d400809f0cc04f85d20040b8f2210080d2020180d2e30180d2240180d2020000d4004c205e000008d5000028d5007008d50080004800c0221e0004c0da"}}, @eret={0xe6, 0x18, 0x40}, @hvc={0x32, 0x40, {0x30000000, [0x0, 0x6, 0xfffffffffffffffb, 0x2, 0x5]}}, @eret={0xe6, 0x18, 0x3}, @uexit={0x0, 0x18}, @irq_setup={0x46, 0x18, {0x3, 0x34b}}, @code={0xa, 0xb4, {"008008d580bc86d200a0b0f2210180d2c20180d2a30180d2e40080d2020000d4605880d20080b8f2a10080d2620080d2c30080d2040080d2020000d4000008d5000008d5007008d5e003006bc02793d20060b0f2210080d2220180d2630080d2240180d2020000d4606588d20000b0f2a10180d2420080d2e30180d2e40080d2020000d4002a88d20020b8f2a10080d2420080d2c30080d2840080d2020000d4"}}, @memwrite={0x6e, 0x30, @generic={0x4, 0x3d2, 0x7, 0x7}}, @code={0xa, 0x84, {"0040df0d000c003880f890d20080b8f2010080d2420180d2230180d2040080d2020000d460d187d200a0b0f2210180d2a20180d2c30180d2840180d2020000d4000020cb007008d5007008d50010805f203189d20020b0f2610180d2c20180d2630080d2e40180d2020000d4007008d5"}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x4, 0x9, 0x2d, 0x2, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013c4ca}}], 0x344}, &(0x7f0000000100)=[@featur2], 0x1) (async)
r6 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000200)=[@msr={0x14, 0x20, {0x603000000013de90, 0x7}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x90, 0x40, 0x3}}, @smc={0x1e, 0x40, {0x31000000, [0x7fff, 0x58, 0x80000001, 0x5, 0xf44]}}, @code={0xa, 0x6c, {"a0278ad200a0b0f2e10180d2620180d2630080d2a40080d2020000d400809f0cc04f85d20040b8f2210080d2020180d2e30180d2240180d2020000d4004c205e000008d5000028d5007008d50080004800c0221e0004c0da"}}, @eret={0xe6, 0x18, 0x40}, @hvc={0x32, 0x40, {0x30000000, [0x0, 0x6, 0xfffffffffffffffb, 0x2, 0x5]}}, @eret={0xe6, 0x18, 0x3}, @uexit={0x0, 0x18}, @irq_setup={0x46, 0x18, {0x3, 0x34b}}, @code={0xa, 0xb4, {"008008d580bc86d200a0b0f2210180d2c20180d2a30180d2e40080d2020000d4605880d20080b8f2a10080d2620080d2c30080d2040080d2020000d4000008d5000008d5007008d5e003006bc02793d20060b0f2210080d2220180d2630080d2240180d2020000d4606588d20000b0f2a10180d2420080d2e30180d2e40080d2020000d4002a88d20020b8f2a10080d2420080d2c30080d2840080d2020000d4"}}, @memwrite={0x6e, 0x30, @generic={0x4, 0x3d2, 0x7, 0x7}}, @code={0xa, 0x84, {"0040df0d000c003880f890d20080b8f2010080d2420180d2230180d2040080d2020000d460d187d200a0b0f2210180d2a20180d2c30180d2840180d2020000d4000020cb007008d5007008d50010805f203189d20020b0f2610180d2c20180d2630080d2e40180d2020000d4007008d5"}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x4, 0x9, 0x2d, 0x2, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013c4ca}}], 0x344}, &(0x7f0000000100)=[@featur2], 0x1)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
munmap(&(0x7f0000e20000/0xe000)=nil, 0xe000) (async)
munmap(&(0x7f0000e20000/0xe000)=nil, 0xe000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000c6a000/0x3000)=nil, 0x930, 0x1000003, 0x28031, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c6a000/0x3000)=nil, 0x930, 0x1000003, 0x28031, 0xffffffffffffffff, 0x0)

1h26m26.219201283s ago: executing program 46 (id=214):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000)
munmap(&(0x7f0000584000/0x800000)=nil, 0x800000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x8, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x8, 0x40000000000000, 0x0})

1h7m2.490595043s ago: executing program 47 (id=296):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x60000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00000001c0)={0x8, <r4=>0xffffffffffffffff})
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)})
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000000)=0xc000000000000000})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000040)={0x40, 0x14000, 0x0, 0xffffffffffffffff, 0x9})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000008c0)={0x2000, 0x0, 0x4})

1h6m58.528745573s ago: executing program 48 (id=297):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r5 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r4, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r4, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x401c5820, &(0x7f00000000c0)=@attr_other={0x0, 0x8dc, 0xfffffffffffffffd, 0x0})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x31)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100024, &(0x7f0000000140)=0x7})
r11 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000040)={0x7, <r12=>0xffffffffffffffff})
ioctl$KVM_IRQ_LINE(r11, 0x4008ae61, &(0x7f0000000000)={0x7267, 0x6})
ioctl$KVM_HAS_DEVICE_ATTR(r12, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x2, 0x6, 0x0})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0xd)

58m52.822229367s ago: executing program 8 (id=308):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0xc6)
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000080)=@arm64_core={0x6030000000100042, &(0x7f0000000100)=0xc5c8})
r5 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f932, 0xffffffffffffffff, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
r9 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil})
syz_kvm_setup_cpu$arm64(r8, r4, &(0x7f0000a99000/0x400000)=nil, &(0x7f00000000c0)=[{0x0, &(0x7f0000000700)=[@hvc={0x32, 0x40, {0x80003fff, [0x6, 0xfffffffffffffff7, 0xe, 0x4, 0x2]}}, @hvc={0x32, 0x40, {0x200, [0x67, 0x43, 0x81, 0x5, 0xfffffffffffffffd]}}, @svc={0x122, 0x40, {0x84000051, [0x9, 0x100000001, 0x6, 0x2b89, 0x4]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x300, 0x1, 0xa}}, @uexit={0x0, 0x18}, @eret={0xe6, 0x18, 0x4}, @eret={0xe6, 0x18, 0x1e}, @eret={0xe6, 0x18, 0x1ff}, @code={0xa, 0x6c, {"000028d5e0179dd200a0b8f2010080d2e20180d2c30180d2440180d2020000d4008008d5007008d500b8205e002cc09a0010805f20a39ed20060b0f2810080d2620180d2230180d2a40080d2020000d400000013007008d5"}}, @msr={0x14, 0x20, {0x603000000013dce6, 0x1}}, @memwrite={0x6e, 0x30, @generic={0x111000, 0x24f, 0x7, 0x1}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x228}}, @eret={0xe6, 0x18, 0xffffffffffff0001}, @eret={0xe6, 0x18, 0x900000}, @irq_setup={0x46, 0x18, {0x2, 0x112}}, @eret={0xe6, 0x18, 0x3}, @smc={0x1e, 0x40, {0x80000040, [0x6, 0x7fffffff, 0x3, 0xd6]}}, @irq_setup={0x46, 0x18, {0x1, 0x118}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x4, 0xa, 0x6, 0x5, 0x4}}, @hvc={0x32, 0x40, {0x80003fff, [0x2, 0xfff, 0x4, 0x3, 0x6e1d]}}, @smc={0x1e, 0x40, {0xc5000020, [0x9, 0xffffffff, 0x6, 0x6, 0x2]}}, @smc={0x1e, 0x40, {0x30000000, [0x535, 0x5d, 0x1ff, 0x5, 0xf]}}, @mrs={0xbe, 0x18, {0x603000000013e6de}}, @code={0xa, 0x54, {"204f89d20080b0f2c10080d2420080d2230180d2e40080d2020000d4000000c8008008d50000001c0084207e0000400d007008d5008008d50034205e000028d5"}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0xc0, 0x7fffffff, 0x9}}, @memwrite={0x6e, 0x30, @generic={0x4, 0x67e, 0x1, 0x4}}, @smc={0x1e, 0x40, {0x2000, [0x1, 0x4, 0x9, 0x9, 0x1]}}], 0x4e0}], 0x1, 0x0, &(0x7f0000000140)=[@featur2={0x1, 0xc3}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vm(0xffffffffffffffff, 0x4018aee1, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f0000fc3000/0x1000)=nil, r10, 0x1000000, 0x80010, r4, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x1000004, 0x10010, 0xffffffffffffffff, 0x0)

58m5.555497894s ago: executing program 49 (id=308):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0xc6)
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000080)=@arm64_core={0x6030000000100042, &(0x7f0000000100)=0xc5c8})
r5 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f932, 0xffffffffffffffff, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
r9 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil})
syz_kvm_setup_cpu$arm64(r8, r4, &(0x7f0000a99000/0x400000)=nil, &(0x7f00000000c0)=[{0x0, &(0x7f0000000700)=[@hvc={0x32, 0x40, {0x80003fff, [0x6, 0xfffffffffffffff7, 0xe, 0x4, 0x2]}}, @hvc={0x32, 0x40, {0x200, [0x67, 0x43, 0x81, 0x5, 0xfffffffffffffffd]}}, @svc={0x122, 0x40, {0x84000051, [0x9, 0x100000001, 0x6, 0x2b89, 0x4]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x300, 0x1, 0xa}}, @uexit={0x0, 0x18}, @eret={0xe6, 0x18, 0x4}, @eret={0xe6, 0x18, 0x1e}, @eret={0xe6, 0x18, 0x1ff}, @code={0xa, 0x6c, {"000028d5e0179dd200a0b8f2010080d2e20180d2c30180d2440180d2020000d4008008d5007008d500b8205e002cc09a0010805f20a39ed20060b0f2810080d2620180d2230180d2a40080d2020000d400000013007008d5"}}, @msr={0x14, 0x20, {0x603000000013dce6, 0x1}}, @memwrite={0x6e, 0x30, @generic={0x111000, 0x24f, 0x7, 0x1}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x228}}, @eret={0xe6, 0x18, 0xffffffffffff0001}, @eret={0xe6, 0x18, 0x900000}, @irq_setup={0x46, 0x18, {0x2, 0x112}}, @eret={0xe6, 0x18, 0x3}, @smc={0x1e, 0x40, {0x80000040, [0x6, 0x7fffffff, 0x3, 0xd6]}}, @irq_setup={0x46, 0x18, {0x1, 0x118}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x4, 0xa, 0x6, 0x5, 0x4}}, @hvc={0x32, 0x40, {0x80003fff, [0x2, 0xfff, 0x4, 0x3, 0x6e1d]}}, @smc={0x1e, 0x40, {0xc5000020, [0x9, 0xffffffff, 0x6, 0x6, 0x2]}}, @smc={0x1e, 0x40, {0x30000000, [0x535, 0x5d, 0x1ff, 0x5, 0xf]}}, @mrs={0xbe, 0x18, {0x603000000013e6de}}, @code={0xa, 0x54, {"204f89d20080b0f2c10080d2420080d2230180d2e40080d2020000d4000000c8008008d50000001c0084207e0000400d007008d5008008d50034205e000028d5"}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0xc0, 0x7fffffff, 0x9}}, @memwrite={0x6e, 0x30, @generic={0x4, 0x67e, 0x1, 0x4}}, @smc={0x1e, 0x40, {0x2000, [0x1, 0x4, 0x9, 0x9, 0x1]}}], 0x4e0}], 0x1, 0x0, &(0x7f0000000140)=[@featur2={0x1, 0xc3}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vm(0xffffffffffffffff, 0x4018aee1, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f0000fc3000/0x1000)=nil, r10, 0x1000000, 0x80010, r4, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x1000004, 0x10010, 0xffffffffffffffff, 0x0)

57m56.069547115s ago: executing program 7 (id=311):
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async, rerun: 32)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) (async, rerun: 32)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r1, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, r1, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x4019032, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) (async, rerun: 32)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x2a040, 0x0) (rerun: 32)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xd8) (async)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x5, 0x0, &(0x7f00000000c0)=0x10001}) (async)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x20)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async)
r11 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) (async, rerun: 64)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) (rerun: 64)
r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x12)
ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000100)={0x4, <r14=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r14, 0x4018aee3, 0x0)

57m43.380617307s ago: executing program 7 (id=312):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, r1, 0xc, 0x10, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x20000000)
munmap(&(0x7f0000001000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r2, 0x541b, 0x2000001c)

57m31.509204974s ago: executing program 7 (id=313):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x2, 0x100)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r1, 0x4068aea3, &(0x7f00000000c0))
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000040)={0x40, 0x14000, 0x0, 0xffffffffffffffff, 0x9})

57m17.009359082s ago: executing program 7 (id=314):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x300, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x28)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r4, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000})
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xfffffffffffffffc)
mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x2012, r5, 0x40000)
r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x2, 0x100)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r9 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r8, 0x3, 0x11, r6, 0x0)
r10 = mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r8, 0x3, 0x11, r7, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r10, 0xffffffffffffffff)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r9, 0xfffffffffffffffe)
r11 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x3)
ioctl$KVM_GET_SREGS(r15, 0x8000ae83, 0x0)
ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
r16 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0)
r17 = ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r17, 0xae41, 0x0)

57m1.87174837s ago: executing program 7 (id=315):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x9)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_KVMCLOCK_CTRL(r2, 0xaead) (async)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r4, 0xb, 0x11, r2, 0x0) (async)
r5 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)

56m49.210066459s ago: executing program 7 (id=316):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
r5 = ioctl$KVM_CREATE_GUEST_MEMFD(0xffffffffffffffff, 0xc040aed4, &(0x7f00000000c0)={0x4, 0x6549})
ioctl$KVM_SET_USER_MEMORY_REGION2(r4, 0x40a0ae49, &(0x7f0000000240)={0x1, 0x1, 0x100000, 0x2000, &(0x7f0000f74000/0x2000)=nil, 0x400, r5})
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r7, 0xae03, 0x46)
r8 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2000000000000002)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x31)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r13, r14, &(0x7f0000e8a000/0x18000)=nil, &(0x7f00000001c0)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100018, &(0x7f0000000180)=0xb})
r15 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x21)
r16 = ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r16, 0x0)
syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
r17 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r17, 0x8, 0x13, r16, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, r17, 0x1000001, 0x12, r16, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)

56m0.838495863s ago: executing program 50 (id=316):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
r5 = ioctl$KVM_CREATE_GUEST_MEMFD(0xffffffffffffffff, 0xc040aed4, &(0x7f00000000c0)={0x4, 0x6549})
ioctl$KVM_SET_USER_MEMORY_REGION2(r4, 0x40a0ae49, &(0x7f0000000240)={0x1, 0x1, 0x100000, 0x2000, &(0x7f0000f74000/0x2000)=nil, 0x400, r5})
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r7, 0xae03, 0x46)
r8 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2000000000000002)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x31)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r13, r14, &(0x7f0000e8a000/0x18000)=nil, &(0x7f00000001c0)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100018, &(0x7f0000000180)=0xb})
r15 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x21)
r16 = ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r16, 0x0)
syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0)
r17 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r17, 0x8, 0x13, r16, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, r17, 0x1000001, 0x12, r16, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)

38m40.409885929s ago: executing program 9 (id=413):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x3000)=nil, r1, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r1, 0x2000008, 0x11, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) (async)
r8 = eventfd2(0x0, 0x0) (async)
r9 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce5, 0x7fff}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0xa, 0x4}}) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r12, 0x4018aee3, &(0x7f0000000100)=@attr_pmu_init) (async)
ioctl$KVM_RUN(r12, 0xae80, 0x0) (async)
close(r8) (async)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) (async)
write$eventfd(r8, &(0x7f0000000180)=0x5, 0xfffffde3) (async)
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQ_LINE(r3, 0x5452, &(0x7f0000000100)={0x1000020, 0x1}) (async)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x0)

38m38.801223498s ago: executing program 0 (id=414):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x2)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)

38m25.048715902s ago: executing program 0 (id=415):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r2=>0xffffffffffffffff}) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000280)={0x1, 0xffffffffffffffff, 0x1}) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x28)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_setup_cpu$arm64(r3, r6, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000001140)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f0000001180)=[@featur2={0x1, 0xac}], 0x1) (async)
ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000000940)=@attr_arm64={0x0, 0x0, 0x4, 0x0}) (async, rerun: 32)
r7 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 32)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x331600, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x18)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300), 0x1)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x20000, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0x40086602, 0x20000000)
ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000240)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f00000001c0)=0x368})
close(r12)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2) (async)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x2) (async, rerun: 64)
r16 = syz_kvm_vgic_v3_setup(r15, 0x2, 0x40) (rerun: 64)
ioctl$KVM_GET_DEVICE_ATTR(r16, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x7, 0x0, &(0x7f00000000c0)=0x4})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000100)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0x1fe, 0x2}}) (async)
syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0xffffffffffffffff}}], 0x20}, &(0x7f00000002c0)=[@featur1={0x1, 0x8}], 0x1)

38m24.768452332s ago: executing program 9 (id=416):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x302, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x200000000002b)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013df19, 0x9}}], 0x20}, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
r9 = syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0)
r10 = syz_kvm_vgic_v3_setup(r8, 0x4, 0x220)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(r10, 0x4018aee3, &(0x7f0000000240)=@attr_arm64={0x0, 0x5, 0x3, 0x0})
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0x51)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION(r12, 0xae03, 0x10)
r13 = syz_kvm_vgic_v3_setup(r5, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r13, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x1, 0x800000000008, &(0x7f00000004c0)=0x1})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

38m9.058156381s ago: executing program 0 (id=417):
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r1, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000db4000/0x4000)=nil, r1, 0xe, 0x8010, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x4019032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, r1, 0x6000002, 0x4d832, 0xffffffffffffffff, 0x0)

38m6.409280459s ago: executing program 9 (id=418):
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x1, 0x0})
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r4, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000cfd000/0x2000)=nil, r4, 0x1, 0x4000010, r5, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x40) (async)
ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x1, 0x0}) (async)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) (async)
mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r4, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) (async)
mmap$KVM_VCPU(&(0x7f0000cfd000/0x2000)=nil, r4, 0x1, 0x4000010, r5, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async)

37m56.315380918s ago: executing program 0 (id=419):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x128180, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000000)={0x7, <r3=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x5, 0x0})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000bde000/0x400000)=nil)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x36)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000bfd000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x4, 0x220)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
r13 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r12, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d200", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r12, 0x0)
r14 = eventfd2(0x308000, 0x801)
close(r14)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
r15 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r15, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
write$eventfd(r14, &(0x7f0000000180)=0x5, 0xfffffde3)
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x6, 0x7, &(0x7f0000000240)=0xfffffffffffffffe})

37m49.34011417s ago: executing program 9 (id=420):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f00000001c0)=@arm64_core={0x603000000010001e, &(0x7f0000000180)=0x2})
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="46000000000000001800000000000000e62c4d4f20000000"], 0x18}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r6, 0x4008ae61, &(0x7f0000000100)={0x1000020, 0x1})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04)
mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r9, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r10, 0x4010ae67, &(0x7f0000000180)={0x3000, 0x0, 0x1})

37m30.428807714s ago: executing program 0 (id=421):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f0000000300)=[@svc={0x122, 0x40, {0x84000011, [0x3, 0x3, 0x400, 0x762, 0x9]}}, @svc={0x122, 0x40, {0x1000, [0xd29f, 0x3, 0xbe99, 0x7, 0x5]}}, @irq_setup={0x46, 0x18, {0x4, 0x95}}, @code={0xa, 0x84, {"008008d5000028d580fd84d20040b8f2410180d2420180d2230080d2640080d2020000d40094000f0038202e007008d5008797d20080b0f2610180d2820180d2630080d2240080d2020000d4e09595d20020b8f2210080d2220180d2630080d2a40080d2020000d4000008d5007008d5"}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x180, 0x2}}, @irq_setup={0x46, 0x18, {0x1, 0x337}}, @code={0xa, 0x6c, {"0084002f007008d5008008d580df82d20020b0f2810180d2220180d2830080d2840180d2020000d4001ca00e0000204ea0ff9fd200e0b8f2210080d2020080d2430180d2a40080d2020000d4007008d5007008d500fc005f"}}, @smc={0x1e, 0x40, {0x32000000, [0xff, 0x1000, 0xe, 0x5, 0x7]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x14, 0x6, 0xa}}, @irq_setup={0x46, 0x18, {0x0, 0x1b1}}, @uexit={0x0, 0x18, 0x5}, @code={0xa, 0xb4, {"007008d5007008d500fc005f00ab98d200a0b8f2210080d2220080d2830080d2640080d2020000d4202287d20080b8f2610080d2c20080d2830080d2040180d2020000d4204b9ad200e0b8f2c10080d2e20180d2030180d2c40080d2020000d4003c000e20b48ed20060b8f2210080d2620180d2430080d2c40180d2020000d4a04e92d20000b0f2a10080d2820080d2430080d2840180d2020000d40000291e"}}, @msr={0x14, 0x20, {0x603000000013e6d8, 0x6}}, @smc={0x1e, 0x40, {0xc5004021, [0x3, 0x81, 0x6, 0x6, 0xff]}}, @memwrite={0x6e, 0x30, @generic={0x80a0000, 0xb19, 0xffffffff, 0x8}}, @eret={0xe6, 0x18, 0x784}, @eret={0xe6, 0x18, 0x517}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x2, 0x1, 0x1, 0x5, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xf20, 0xad8, 0x4}}, @hvc={0x32, 0x40, {0x0, [0x1ff, 0x3, 0x2, 0xfff, 0x9]}}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x200}}], 0x4a4}, &(0x7f0000000040)=[@featur2={0x1, 0x22}], 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r4, 0x4008ae6a, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000000000000000000002000000ff"])

37m26.757571779s ago: executing program 9 (id=422):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r4, 0x4008ae6a, &(0x7f00000002c0)={0x2, 0x0, [{0x0, 0x2, 0x1, 0x0, @adapter={0xffffffff87bdf123, 0x100, 0xfffffffffffffff9, 0x4, 0x80000001}}, {0x10000, 0x1, 0x1, 0x0, @adapter={0x7b, 0x9, 0x0, 0x443, 0x8}}]})
r5 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000340)=@attr_other={0x0, 0x2, 0x287, 0x0})
ioctl$KVM_HAS_DEVICE_ATTR_vm(r0, 0x4018aee3, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0xffffffff, 0x80000000, 0x2}})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
r9 = syz_kvm_vgic_v3_setup(r8, 0x1, 0x40)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000140)={0x4, <r13=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r13, 0x400454ca, 0xd8ffffffffff0f00)
r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ff8000/0x8000)=nil, r14, 0x7, 0xe637a22295c143f8, 0xffffffffffffffff, 0x0)
r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
ioctl$KVM_IRQFD(r16, 0x4020ae76, &(0x7f0000000080)={0xffffffffffffffff, 0x8, 0x7ffffffe})
ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x5, 0x80000000, 0x0})

37m15.418290968s ago: executing program 0 (id=423):
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000d28000/0x2000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010003c, &(0x7f0000000140)=0x7})
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f00000004c0)="2a2e3b5ee9feba7a8783937c0000ef870800610db80eb57d", 0x0, 0x18)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0xc0180, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = eventfd2(0x40000000, 0x80000)
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x2, r7, 0x3})
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000080)={0x5, 0x0, 0x2, r7, 0xa})
mmap$KVM_VCPU(&(0x7f0000fd0000/0x2000)=nil, r4, 0x2, 0x1010, 0xffffffffffffffff, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_GET_STATS_FD_vm(r10, 0xaece)
close(r11)
r12 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010002a, &(0x7f00000000c0)=0xc})
r15 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000440)={0x0, &(0x7f0000000980)=[@its_setup={0x82, 0x28, {0x2, 0x0, 0x339}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffd0, 0x0, 0x4}}, @smc={0x1e, 0x40, {0x0, [0x5bd, 0x6, 0x1, 0x5, 0x4003]}}, @mrs={0xbe, 0x18, {0x3874}}, @hvc={0x32, 0x40, {0x84000013, [0x4, 0x2, 0x6, 0xb, 0x3ff]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x300, 0x9, 0x1}}, @smc={0x1e, 0x40, {0x80000001, [0xa80, 0x1, 0xce, 0xb]}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x1ea}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x90, 0x4}}, @smc={0x1e, 0x40, {0x32000000, [0x2, 0x3, 0x4, 0x9, 0x3]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x3, 0xb, 0x8, 0x7fff, 0x2}}, @svc={0x122, 0x40, {0x86000001, [0x1, 0xfffffffffffff183, 0x1, 0x4, 0xfffffffffffffffd]}}, @code={0xa, 0x84, {"008008d5a08a83d20020b8f2810080d2a20180d2430080d2840180d2020000d40000291e40218cd20060b0f2810180d2220080d2830180d2240080d2020000d4000008d5007008d5e0079f1ae0ee92d20020b0f2210180d2c20180d2630080d2240080d2020000d400c4a02e007008d5"}}, @mrs={0xbe, 0x18, {0x603000000013e6d9}}, @eret={0xe6, 0x18, 0x81}, @code={0xa, 0x9c, {"007008d500c48ed20040b8f2210180d2420180d2430080d2240180d2020000d4808798d20000b0f2a10080d2e20080d2630180d2440180d2020000d4000000b9a0e882d200c0b0f2010080d2e20080d2630080d2e40180d2020000d40080000de003007a40cb87d20000b0f2010180d2c20180d2830180d2240080d2020000d4000028d500a0e00d"}}, @hvc={0x32, 0x40, {0x80000000, [0xc10, 0x0, 0xed8b, 0x8, 0x5]}}, @smc={0x1e, 0x40, {0x84000003, [0x8a, 0x6, 0xff, 0x0, 0x5]}}, @mrs={0xbe, 0x18, {0x603000000013e532}}, @irq_setup={0x46, 0x18, {0x4, 0x239}}, @uexit={0x0, 0x18, 0x6}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x10000027e}}], 0x4a0}, &(0x7f0000000480)=[@featur1={0x1, 0x51}], 0x1)
ioctl$KVM_ARM_VCPU_INIT(r15, 0x4020aeae, &(0x7f00000001c0)={0x0, 0x26})
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000000)={0xb, <r16=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0xfffffffd, 0x966e, &(0x7f0000000140)=0x7})
mmap$KVM_VCPU(&(0x7f0000cd3000/0x2000)=nil, r4, 0x0, 0x4000010, r15, 0x0)

37m4.802743881s ago: executing program 9 (id=424):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x4c4882, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000000)={0x7})
r6 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000080)={0x0, 0xf000, 0x0, r6})
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000})
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f00000000c0)={0x8})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
ioctl$KVM_SIGNAL_MSI(r5, 0x4020aea5, &(0x7f0000000000)={0x6000})

36m28.056778174s ago: executing program 51 (id=423):
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000d28000/0x2000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010003c, &(0x7f0000000140)=0x7})
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f00000004c0)="2a2e3b5ee9feba7a8783937c0000ef870800610db80eb57d", 0x0, 0x18)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0xc0180, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = eventfd2(0x40000000, 0x80000)
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x2, r7, 0x3})
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000080)={0x5, 0x0, 0x2, r7, 0xa})
mmap$KVM_VCPU(&(0x7f0000fd0000/0x2000)=nil, r4, 0x2, 0x1010, 0xffffffffffffffff, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_GET_STATS_FD_vm(r10, 0xaece)
close(r11)
r12 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010002a, &(0x7f00000000c0)=0xc})
r15 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000440)={0x0, &(0x7f0000000980)=[@its_setup={0x82, 0x28, {0x2, 0x0, 0x339}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffd0, 0x0, 0x4}}, @smc={0x1e, 0x40, {0x0, [0x5bd, 0x6, 0x1, 0x5, 0x4003]}}, @mrs={0xbe, 0x18, {0x3874}}, @hvc={0x32, 0x40, {0x84000013, [0x4, 0x2, 0x6, 0xb, 0x3ff]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x300, 0x9, 0x1}}, @smc={0x1e, 0x40, {0x80000001, [0xa80, 0x1, 0xce, 0xb]}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x1ea}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x90, 0x4}}, @smc={0x1e, 0x40, {0x32000000, [0x2, 0x3, 0x4, 0x9, 0x3]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x3, 0xb, 0x8, 0x7fff, 0x2}}, @svc={0x122, 0x40, {0x86000001, [0x1, 0xfffffffffffff183, 0x1, 0x4, 0xfffffffffffffffd]}}, @code={0xa, 0x84, {"008008d5a08a83d20020b8f2810080d2a20180d2430080d2840180d2020000d40000291e40218cd20060b0f2810180d2220080d2830180d2240080d2020000d4000008d5007008d5e0079f1ae0ee92d20020b0f2210180d2c20180d2630080d2240080d2020000d400c4a02e007008d5"}}, @mrs={0xbe, 0x18, {0x603000000013e6d9}}, @eret={0xe6, 0x18, 0x81}, @code={0xa, 0x9c, {"007008d500c48ed20040b8f2210180d2420180d2430080d2240180d2020000d4808798d20000b0f2a10080d2e20080d2630180d2440180d2020000d4000000b9a0e882d200c0b0f2010080d2e20080d2630080d2e40180d2020000d40080000de003007a40cb87d20000b0f2010180d2c20180d2830180d2240080d2020000d4000028d500a0e00d"}}, @hvc={0x32, 0x40, {0x80000000, [0xc10, 0x0, 0xed8b, 0x8, 0x5]}}, @smc={0x1e, 0x40, {0x84000003, [0x8a, 0x6, 0xff, 0x0, 0x5]}}, @mrs={0xbe, 0x18, {0x603000000013e532}}, @irq_setup={0x46, 0x18, {0x4, 0x239}}, @uexit={0x0, 0x18, 0x6}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x10000027e}}], 0x4a0}, &(0x7f0000000480)=[@featur1={0x1, 0x51}], 0x1)
ioctl$KVM_ARM_VCPU_INIT(r15, 0x4020aeae, &(0x7f00000001c0)={0x0, 0x26})
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000000)={0xb, <r16=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0xfffffffd, 0x966e, &(0x7f0000000140)=0x7})
mmap$KVM_VCPU(&(0x7f0000cd3000/0x2000)=nil, r4, 0x0, 0x4000010, r15, 0x0)

36m13.77935495s ago: executing program 52 (id=424):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x4c4882, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000000)={0x7})
r6 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000080)={0x0, 0xf000, 0x0, r6})
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000})
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f00000000c0)={0x8})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
ioctl$KVM_SIGNAL_MSI(r5, 0x4020aea5, &(0x7f0000000000)={0x6000})

29m21.569291306s ago: executing program 1 (id=425):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000080)={0x4, <r3=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, 0xffffffffffffffff)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000ab8000/0x400000)=nil)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r4, 0xc008ae67, &(0x7f0000000040)={0x10001, 0x10001})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x4019032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000)

29m12.403141703s ago: executing program 3 (id=426):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xfffbff7fffffffff)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000000)={0x1, 0xe59b8351})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

29m10.860384624s ago: executing program 1 (id=427):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000200)={0x5, 0x3, 0x2, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000040)=@arm64_fw={0x6030000000140000, &(0x7f0000000000)=0x8})
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x20)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000140)={0x4, <r12=>0xffffffffffffffff, 0x1})
r13 = ioctl$KVM_CREATE_VM(r12, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r13, 0x40305829, 0xd0ffffffffff0f00)
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r15, 0xc00caee0, &(0x7f0000000140)={0x4, <r16=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r16, 0x894c, 0x0)
r17 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r18 = syz_kvm_add_vcpu$arm64(r17, &(0x7f0000000b80)={0x0, &(0x7f0000000100)=[@smc={0x1e, 0x40, {0x84000009, [0x99a, 0x7, 0xaca, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r18, 0xae80, 0x0)
ioctl$KVM_RUN(r18, 0xae80, 0x0)
r19 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000a67000/0x400000)=nil)
r20 = syz_kvm_add_vcpu$arm64(r19, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r20, 0x4010aeac, &(0x7f0000000080)=@arm64_core={0x6030000000100048, &(0x7f0000000040)=0x40})

29m2.987260327s ago: executing program 3 (id=428):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x2, 0x100)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r6 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r5, 0x3, 0x11, r3, 0x0)
r7 = mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r5, 0x7, 0x11, r4, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r7, 0xffffffffffffffff)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r6, 0xfffffffffffffffe)

28m49.07048666s ago: executing program 3 (id=429):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000d07000/0x4000)=nil, r1, 0x0, 0xc010, r2, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000f7c000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) (async)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r3, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async)
r4 = eventfd2(0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000000)={r4, 0x0, 0x3, r4}) (async)
r5 = eventfd2(0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0x4020940d, 0x20000000) (async)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) (async)
r6 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r7, 0xae03, 0xaa) (async)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) (async)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0) (async)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x6030000000100004, &(0x7f0000000000)=0x300000000000})

28m46.67866127s ago: executing program 1 (id=430):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2c)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013df19, 0x8003}}], 0x20}, 0x0, 0x0)
syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000000)={0x0, &(0x7f0000000200)=[@code={0xa, 0x6c, {"000008d500040078007008d5e03886d20020b8f2e10180d2620080d2230180d2840180d2020000d4007008d5e0e693d20020b0f2610180d2420180d2830080d2040080d2020000d4007008d500209f0de00300eb000028d5"}}, @uexit={0x0, 0x18, 0x9}, @smc={0x1e, 0x40, {0x84000052, [0x7, 0x80000000, 0x8, 0xffffffff, 0x44]}}, @irq_setup={0x46, 0x18, {0x0, 0x11}}, @svc={0x122, 0x40, {0x100, [0x10000, 0x1, 0xcc0, 0x1, 0x9]}}, @uexit={0x0, 0x18, 0x4}, @hvc={0x32, 0x40, {0x1, [0xffffffffffffffff, 0xf, 0x10, 0x3, 0x200]}}, @smc={0x1e, 0x40, {0x800, [0x0, 0x4a9f, 0x3, 0x100]}}, @msr={0x14, 0x20, {0x603000000013defa, 0x50c8}}, @irq_setup={0x46, 0x18, {0x1, 0x313}}, @eret={0xe6, 0x18, 0x9}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x4, 0x9, 0x3, 0xa688, 0x2}}, @eret={0xe6, 0x18, 0x7}, @irq_setup={0x46, 0x18, {0x4, 0x300}}, @code={0xa, 0xcc, {"c05381d20000b8f2810180d2420180d2a30080d2040180d2020000d4a04f99d20060b0f2210180d2a20080d2030080d2040180d2020000d40000301e40269bd20020b8f2210180d2820180d2630180d2440080d2020000d40040000ee0388bd20020b8f2810180d2220180d2030080d2840080d2020000d4007008d5e0279fd20040b0f2010080d2c20180d2830080d2840080d2020000d4202e99d20000b0f2a10080d2c20080d2430080d2a40080d2020000d40064002f"}}, @mrs={0xbe, 0x18, {0x603000000013806f}}, @uexit={0x0, 0x18, 0x8000}, @code={0xa, 0x6c, {"000028d5007008d500a0400c007008d5a01c87d20080b0f2410080d2620080d2630180d2040080d2020000d400004029008008d5003c0053a09480d200a0b8f2010080d2020080d2e30180d2040080d2020000d4008008d5"}}, @hvc={0x32, 0x40, {0x80, [0x9, 0x2, 0x8, 0x7fffffff, 0x4]}}, @code={0xa, 0x9c, {"0088207ee08c97d200e0b8f2210080d2420080d2430080d2040080d2020000d4606a85d200c0b8f2410180d2220080d2830180d2e40180d2020000d4007008d5007008d5804285d20000b8f2810080d2c20080d2a30180d2840080d2020000d40028216e00a8300ea01e8ed20060b8f2810180d2a20080d2a30080d2a40180d2020000d4007008d5"}}, @code={0xa, 0xcc, {"e04f83d200a0b8f2210180d2420180d2030180d2440180d2020000d4e0df9dd20020b0f2610080d2020180d2230080d2240180d2020000d40008285e20c282d200a0b8f2210080d2e20180d2230080d2240080d2020000d40058202e007008d5e0c895d20000b8f2e10080d2020080d2c30180d2c40180d2020000d4a02f8bd20000b8f2210180d2820080d2e30180d2e40180d2020000d4007008d5a09981d200a0b0f2610080d2e20080d2430180d2040180d2020000d4"}}, @svc={0x122, 0x40, {0x80003fff, [0x9, 0x9, 0x7, 0x9, 0xffffffffffffffff]}}, @hvc={0x32, 0x40, {0x400, [0x5, 0x8, 0x0, 0x2f7f, 0x100]}}, @msr={0x14, 0x20, {0x603000000013debf, 0x80000000}}, @svc={0x122, 0x40, {0x80008000, [0x6c78be6e, 0x8000000000000001, 0x9, 0x9, 0x3]}}, @uexit={0x0, 0x18, 0x7ff}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x2, 0x6, 0x71c, 0x8000000, 0x4}}, @hvc={0x32, 0x40, {0x2000000, [0x8, 0x9, 0x5, 0xfffffffffffff801, 0x4]}}, @memwrite={0x6e, 0x30, @generic={0xeeee0000, 0x2a2, 0x2, 0x1}}, @msr={0x14, 0x20, {0x603000000013807d, 0x47}}, @svc={0x122, 0x40, {0xc4000014, [0x81, 0x4f, 0x7420, 0x413, 0x400]}}], 0x75c}, &(0x7f0000000040)=[@featur1={0x1, 0x42}], 0x1)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013c021}}], 0x18}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

28m37.305492529s ago: executing program 3 (id=431):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000160003, &(0x7f0000000000)=0x7})
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x36)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r7, 0x400454d1, 0x110c230000)
r8 = openat$kvm(0x0, 0x0, 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0xf)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r9, 0x4068aea3, &(0x7f00000000c0)={0xa8, 0x0, 0x3})
r10 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000000)={0x1, 0x1, 0x2000, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r12 = openat$kvm(0x0, 0x0, 0x0, 0x0)
r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r12, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, r13, 0x2000003, 0x11, 0xffffffffffffffff, 0x0)
r14 = openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r15, 0xc0189436, 0x172)

28m29.570063976s ago: executing program 1 (id=432):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
r5 = eventfd2(0x8, 0x80800)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f00000000c0)={r5, 0x3})
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000000)={r5, 0x9, 0x3, r5})
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000240)=ANY=[@ANYBLOB="a400"])
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x800000000003d)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r7, 0x4010aeb5, &(0x7f00000002c0)={0x200})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xc0189436, 0x1ffffffc)
r10 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, &(0x7f00000001c0)}, &(0x7f0000000000)=[@featur2={0x1, 0x60}], 0x1)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CLEAR_DIRTY_LOG(r6, 0xc018aec0, &(0x7f0000000000)={0x1, 0x300, 0x380, 0x0})
ioctl$KVM_SET_REGS(r11, 0x4360ae82, &(0x7f0000000280)={[0x1, 0x8, 0x2, 0x0, 0x8, 0x8, 0x8, 0x0, 0x8, 0x6, 0x0, 0xc000004, 0xc, 0x4, 0x2, 0x3], 0x0, 0x4fe40})
r15 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil)

28m23.049109057s ago: executing program 3 (id=433):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0)
r2 = eventfd2(0xfff, 0x140800)
write$eventfd(r2, &(0x7f0000000000)=0x8000000000000000, 0x8)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) (async)
eventfd2(0xfff, 0x140800) (async)
write$eventfd(r2, &(0x7f0000000000)=0x8000000000000000, 0x8) (async)

28m10.138046805s ago: executing program 3 (id=434):
r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x10180, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$arm64(r2, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000380)=[{0x0, &(0x7f0000000280)=ANY=[], 0xfffffffffffffcfd}], 0x1, 0x0, 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f00000001c0), 0x2083, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000073000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000100)={0x0, &(0x7f0000000000)=[@mrs={0xbe, 0x18, {0x603000000013c009}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, 0x0, 0x300000a, 0x40010, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x10, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
close(r1)
close(r2)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f0000000200)={0xb6, 0x0, 0x7})
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000040)={0x2710, 0x2, 0xdddd0000, 0x1000, &(0x7f0000c95000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000080)={0x101ff, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000180)={0x0, &(0x7f00000001c0)}, &(0x7f00000000c0)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0x80086601, 0x20000000)
r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)

28m6.902791663s ago: executing program 1 (id=435):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8001, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x52)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000140)="38ce8347fc1e86008cfc72bb312c8659dcc9225b48cb5cb00c73b0b30800000073f7f1f493e89c859e17625ad1b19c73a7fd4ce992bfc316bd22ccc646cd69c72800", 0x0, 0x1f)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="7cfaa2bfd6dd76375aa1bde04fceeb33743b07d73b3e9aac", 0x0, 0xffffffffffffff94)
r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, 0x0}, &(0x7f0000000140)=[@featur2={0x1, 0x4}], 0x1)
r5 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000b80)={0x0, &(0x7f00000009c0)=[@hvc={0x32, 0x40, {0xc4000004, [0x48a, 0x1, 0x8000000000000000, 0x1, 0x8000400003]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_IRQ_LINE(r10, 0x5452, &(0x7f0000000100)={0x1000020, 0x1})
r11 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000140003, &(0x7f0000000000)=0x7})
r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_RUN(r15, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r15, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r15, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

27m23.321554733s ago: executing program 53 (id=434):
r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x10180, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$arm64(r2, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000380)=[{0x0, &(0x7f0000000280)=ANY=[], 0xfffffffffffffcfd}], 0x1, 0x0, 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f00000001c0), 0x2083, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000073000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000100)={0x0, &(0x7f0000000000)=[@mrs={0xbe, 0x18, {0x603000000013c009}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, 0x0, 0x300000a, 0x40010, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x10, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
close(r1)
close(r2)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f0000000200)={0xb6, 0x0, 0x7})
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000040)={0x2710, 0x2, 0xdddd0000, 0x1000, &(0x7f0000c95000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000080)={0x101ff, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000180)={0x0, &(0x7f00000001c0)}, &(0x7f00000000c0)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0x80086601, 0x20000000)
r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)

27m13.180180151s ago: executing program 54 (id=435):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8001, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x52)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000140)="38ce8347fc1e86008cfc72bb312c8659dcc9225b48cb5cb00c73b0b30800000073f7f1f493e89c859e17625ad1b19c73a7fd4ce992bfc316bd22ccc646cd69c72800", 0x0, 0x1f)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="7cfaa2bfd6dd76375aa1bde04fceeb33743b07d73b3e9aac", 0x0, 0xffffffffffffff94)
r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, 0x0}, &(0x7f0000000140)=[@featur2={0x1, 0x4}], 0x1)
r5 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000b80)={0x0, &(0x7f00000009c0)=[@hvc={0x32, 0x40, {0xc4000004, [0x48a, 0x1, 0x8000000000000000, 0x1, 0x8000400003]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_IRQ_LINE(r10, 0x5452, &(0x7f0000000100)={0x1000020, 0x1})
r11 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000140003, &(0x7f0000000000)=0x7})
r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_RUN(r15, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r15, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r15, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

19m46.1952468s ago: executing program 4 (id=444):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1e000000000083169fd121de199ba1cc2f000040000000000000000200008000000000000000000000000001000000000000000200000000000000030000000000000004000000000000007ef36fa59412bdbe7bb9806daf6c95df19a710b612aa1d5883ce02652d98cd01c4fcf7b1c9713055fe3d1accab718d338e8ce1340c124225739b1a7b76963b5f16071945d3fed1b376306bcbe41e03e683489ba6aa34cbff1c8c16f807860105bbbc6e804d6fc25bc6e1a35cec0c0bf78f13219bb28af6d144512fa452ae918ef4f0e5f1a4b7e585a846fbafa38a48868363247b969234698f8ee4db7ae175a6693e12b35a777c8e24d065263b4399300861430c3dd15d6712415af9693053b6c727ce14e9cd26f37e1e7d4b4e74e1c94a4eeb6264d33469cb74112aa69a8f841768a51337c07b2b89ff240a1460823e2b2d62f73f701ece71a69b47f8b9a0d63c2ab90940d4399e95ea270b9b89497e4a3260f9ea4b59bbe139143392229e5f4f0a31e779f453c37c96e91af869020facd6f3aa4ff3649eb4554a1a5b1a6dcd5ee3b19ef5f24f5276d9cae0468ad4667e68e0280fde9dfa87bf4bc819e50e35fe3789dc836561b24ed7d48d7c605567e44e47b5a076f6617cadd9f6a4028cc9b4ffc98713b5daf5599cdcd5"], 0x40}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x28)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
r8 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r7, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0)
r9 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x408)
ioctl$KVM_CHECK_EXTENSION(r9, 0x541b, 0xac)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000100)={0x4, <r10=>0xffffffffffffffff})
r11 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r12, 0x4008ae6a, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f00000000c0)={0x1})
ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x2})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0xa)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x119400, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x7, 0x0, &(0x7f0000000140)=0x80})

19m23.715436538s ago: executing program 4 (id=447):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000000)=@arm64_fp={0x6040000000100068, &(0x7f0000000100)=0x7f})

19m14.800668023s ago: executing program 2 (id=448):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f1, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce2, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce4, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}], 0x80}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r6, 0x4018aee2, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_assert_reg(r3, 0x603000000013dce8, 0x8000)

19m13.120335732s ago: executing program 4 (id=449):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000080)=[@memwrite={0x6e, 0x30, @generic={0xdddd1000, 0x245, 0x9, 0xe}}], 0x30}, 0x0, 0x0)
ioctl$KVM_RESET_DIRTY_RINGS(r1, 0xaec7)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

19m1.481260162s ago: executing program 4 (id=450):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x100)
ioctl$KVM_CAP_DIRTY_LOG_RING(r2, 0x4068aea3, &(0x7f0000000140)={0xc0, 0x0, 0x10000}) (async)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c807, &(0x7f0000000280)=0x1}) (async)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0x801c581f, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x4})
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) (async)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r10, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18})
ioctl$KVM_ARM_VCPU_FINALIZE(r10, 0x4004aec2, &(0x7f0000000180)=0x4)
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000100)=@arm64_sve_vls={0x606000000015ffff, &(0x7f00000000c0)=0x80000001}) (async)
syz_kvm_vgic_v3_setup(r7, 0x1, 0x100) (async)
syz_kvm_vgic_v3_setup(r7, 0x0, 0x60)

19m0.42567556s ago: executing program 2 (id=451):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="37d3480ae0458b668f37f9a8457a3bf000", 0x0, 0x18)
ioctl$KVM_CREATE_VM(r0, 0x40086602, 0x20000000)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105})
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r7, 0x4018aee2, &(0x7f0000000140)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x7})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x21)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x1)
ioctl$KVM_GET_REG_LIST(r12, 0xc008aeb0, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r14 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r13, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r14, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r13, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x4c4882, 0xfffe)
r15 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (rerun: 64)
openat$kvm(0x0, 0x0, 0x940, 0x0)

18m45.940043028s ago: executing program 4 (id=452):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f00000001c0), 0xa2503, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x3)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x29)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
r9 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r8, 0x0)
ioctl$KVM_GET_REG_LIST(r8, 0xc008aeb0, &(0x7f0000000200)={0x1, [0xdfa]})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r8, 0x0)
openat$kvm(0x3f, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_other={0x0, 0x2, 0x287, 0x0})
r10 = ioctl$KVM_CREATE_GUEST_MEMFD(r5, 0xc040aed4, &(0x7f0000000000)={0x4573, 0x100000000})
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000080)={0x4, 0x2, 0x100000, 0x2000, &(0x7f0000ffc000/0x2000)=nil, 0xccf7, r10})

18m42.848208055s ago: executing program 2 (id=453):
r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000009000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f00000000c0), 0x10800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r0, 0x4010ae74, &(0x7f00000002c0)={0x7, 0x800000, 0x4})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="4ff6d535915afa0ad2e775bd385a7e6bc0b1462ad0407959c7dc499882ce256db238635e806a8f73bdcec0ce8927265658e9f604fdc81321405c06561299cd68555def54b309423f", 0x0, 0x48)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0xc)
ioctl$KVM_CHECK_EXTENSION_VM(r4, 0xae03, 0x2)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x25)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_HALT_POLL(r6, 0x4068aea3, &(0x7f0000000240)={0xb6, 0x0, 0x4})
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2000000002, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x4000000, 0x0, 0x6, 0x2, 0x4}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f00000001c0)=@arm64_fp_extra={0x60200000001000d4, &(0x7f0000000100)=0x7})
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r15, 0x1, 0x100)
ioctl$KVM_IRQ_LINE(r15, 0x4008ae61, &(0x7f0000000100)={0x1001ffd, 0x1})
ioctl$KVM_ASSIGN_SET_MSIX_NR(r6, 0x4008ae73, &(0x7f0000000040)={0x1ff, 0x4})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2f)

18m28.291495686s ago: executing program 4 (id=454):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8})
syz_kvm_vgic_v3_setup(r5, 0x5, 0x1c0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000100)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000080)=0x11})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_init)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="04198bd844c9e8a7b82d748f0f0244293d28bd9400bfc2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c3ad3c9952305abf0", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)

18m22.788420343s ago: executing program 2 (id=455):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1e000000000000004000000000000000000000ef00000000fcffffffffffff1bf3a3b292e50d96000200000001000000030000000000000004000000000000003200000000000000400000000000000052000084", @ANYRESHEX=r1], 0x80}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17m40.64296553s ago: executing program 55 (id=454):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8})
syz_kvm_vgic_v3_setup(r5, 0x5, 0x1c0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000100)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000080)=0x11})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_init)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="04198bd844c9e8a7b82d748f0f0244293d28bd9400bfc2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c3ad3c9952305abf0", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)

17m39.46938798s ago: executing program 2 (id=457):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000000)={0x7})
r6 = eventfd2(0x0, 0x80800)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x0, r6})
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f00000000c0)={0x8})
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SIGNAL_MSI(r5, 0x4020aea5, &(0x7f0000000000)={0x6000})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0xc3033, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000000)={0x1, 0xe59b8351})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17m26.572639937s ago: executing program 2 (id=458):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x8080000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x7)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r9, 0x0, 0x10010, r8, 0x40000)
syz_memcpy_off$KVM_EXIT_MMIO(r10, 0x20, &(0x7f0000000080)="173ea04e539f083b583a50e00fc16c4b72bd83875fa60766", 0x0, 0x18)
r11 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce2, 0x7ffe}}, @smc={0x1e, 0x40, {0xc4000007, [0x8, 0x9, 0x5, 0x7fff, 0x5]}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000)
ioctl$KVM_RESET_DIRTY_RINGS(r1, 0xaec7)
ioctl$KVM_GET_STATS_FD_vm(r11, 0xaece)

16m38.329284572s ago: executing program 56 (id=458):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x8080000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x7)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r9, 0x0, 0x10010, r8, 0x40000)
syz_memcpy_off$KVM_EXIT_MMIO(r10, 0x20, &(0x7f0000000080)="173ea04e539f083b583a50e00fc16c4b72bd83875fa60766", 0x0, 0x18)
r11 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce2, 0x7ffe}}, @smc={0x1e, 0x40, {0xc4000007, [0x8, 0x9, 0x5, 0x7fff, 0x5]}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000)
ioctl$KVM_RESET_DIRTY_RINGS(r1, 0xaec7)
ioctl$KVM_GET_STATS_FD_vm(r11, 0xaece)

10m49.695503769s ago: executing program 6 (id=460):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x2, 0x100)
r4 = eventfd2(0x1, 0x80001)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r4, 0x3})
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000100)={0xffffffffffffffff, 0xc8, 0x0, r0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x90)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r8=>0xffffffffffffffff, 0x1})
write$eventfd(r8, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10m33.817305527s ago: executing program 6 (id=462):
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x1000002, 0x30d2a4fbfbfad6b8, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r2, 0x4010aeb5, &(0x7f00000002c0)={0xfffffffffffffffa, 0x618})
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r3=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000340)=0xfffffffffffffffc})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x39d}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0xffffffffffbffffc, 0x120)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r7=>0xffffffffffffffff})
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
ioctl$KVM_SET_GUEST_DEBUG_arm64(r10, 0x4208ae9b, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x2, &(0x7f0000000200)=0x9})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r4, 0x4068aea3, &(0x7f0000000100)={0xe4, 0x0, 0x7fffffffffffffff})
ioctl$KVM_RESET_DIRTY_RINGS(r4, 0xaec7)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x25)
ioctl$KVM_CAP_HALT_POLL(r12, 0x4068aea3, &(0x7f0000000240)={0xb6, 0x0, 0x800000000000001})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x4, 0x1, 0x0})

10m14.065370901s ago: executing program 6 (id=463):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000002000/0x400000)=nil)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
r3 = eventfd2(0x2, 0x80000)
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000000)={r3, 0xea9, 0x2})
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x18180, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0x541b, 0xac)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=[@msr={0x14, 0x20, {0x603000000013c600, 0xfefefee0}}], 0x20}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
syz_kvm_add_vcpu$arm64(r0, &(0x7f00000004c0)={0x0, &(0x7f0000000180)=[@code={0xa, 0x84, {"008008d5a00b88d200e0b0f2410080d2820180d2230080d2640180d2020000d4000008d5007008d50000204e0084e00d007008d560d680d20000b0f2e10180d2820180d2030180d2a40180d2020000d400fc000f406688d20000b8f2610180d2820080d2630080d2240080d2020000d4"}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x276}}, @uexit={0x0, 0x18, 0x6}, @mrs={0xbe, 0x18, {0x603000000013f081}}, @msr={0x14, 0x20, {0x603000000013c640, 0xfffffffffffeffff}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x0, 0x0, 0x9, 0x6, 0x4}}, @hvc={0x32, 0x40, {0xc4000053, [0x5, 0x9, 0x8, 0x1, 0x700000]}}, @irq_setup={0x46, 0x18, {0x1, 0x1f9}}, @svc={0x122, 0x40, {0x8400000e, [0xef41, 0x6, 0x2, 0x51d266ee, 0x6]}}, @hvc={0x32, 0x40, {0x40, [0x5, 0x8, 0x0, 0x4, 0x4]}}, @its_setup={0x82, 0x28, {0x4, 0x3, 0x255}}, @svc={0x122, 0x40, {0x1, [0x401, 0x81, 0xb, 0xb4, 0x7]}}, @svc={0x122, 0x40, {0x5000000, [0x100, 0x8, 0x6b77, 0x1, 0x3dd]}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x15e}}, @hvc={0x32, 0x40, {0x80000000, [0x1c1c, 0x10, 0x0, 0x0, 0xe6b]}}], 0x30c}, &(0x7f0000000500)=[@featur1={0x1, 0x83}], 0x1)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000100)=@arm64_sve_vls={0x606000000015ffff, &(0x7f0000000580)=0x38e})

9m58.875244781s ago: executing program 6 (id=466):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100006, &(0x7f00000000c0)=0x7ffffffc})
r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xc0189436, 0x20004000)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000140)={0x4, <r10=>0xffffffffffffffff, 0x1})
write$eventfd(r10, &(0x7f00000001c0)=0x7ffffff, 0x648)
r11 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0xc}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000100)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000080)={0x1fe, 0xa}})
r12 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013e65b, 0x850f}}, @uexit={0x0, 0x18, 0x5}, @svc={0x122, 0x40, {0xc5000021, [0x8, 0xa2c3, 0x6, 0x1, 0x8]}}, @code={0xa, 0x54, {"008008d5000040f800c0200e007008d5007008d5007008d5000028d5007008d520b38fd20040b8f2610180d2e20180d2c30180d2240080d2020000d4007008d5"}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x4, 0x3, 0xfffffff7, 0xb, 0x1}}, @code={0xa, 0x6c, {"007008d5007008d5007008d5000028d540319fd20080b8f2810180d2820080d2430080d2e40080d2020000d40000003100c8a12e000c00bcc05b8bd20080b8f2c10180d2c20080d2830080d2440080d2020000d4007008d5"}}, @svc={0x122, 0x40, {0x8, [0x320, 0x2, 0x8, 0xec, 0x8]}}, @smc={0x1e, 0x40, {0x10, [0xcacc, 0x1, 0x1, 0x4, 0x80000001]}}, @code={0xa, 0x9c, {"00d8a17e0020202e003a85d200e0b0f2010180d2620080d2a30080d2440080d2020000d420349ad20000b8f2010180d2020080d2c30080d2640080d2020000d400c4202ec0f587d20000b8f2210080d2020080d2a30080d2c40180d2020000d4008c000f601691d200a0b0f2e10180d2420180d2e30080d2e40180d2020000d4000008d5007008d5"}}, @msr={0x14, 0x20, {0x603000000013f288, 0x800}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xd00, 0x5, 0x2}}, @code={0xa, 0x9c, {"600293d20060b8f2410180d2620080d2c30180d2440080d2020000d40004403c007008d5007008d5e0a49ad200e0b0f2010180d2a20080d2830080d2840080d2020000d4008c006f60a79bd20080b0f2010180d2420180d2e30180d2e40180d2020000d4006c202e40cb89d20080b0f2210080d2a20080d2430180d2a40080d2020000d4007008d5"}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x1, 0x0, 0x3, 0x10000, 0x3}}, @svc={0x122, 0x40, {0xffff, [0x2, 0x100000000, 0x10001, 0x4, 0xb]}}, @code={0xa, 0x54, {"001ce02e00f8307e008008d5a0d399d200e0b8f2810180d2020080d2430080d2240180d2020000d4007008d5000028d50078205e008008d5000028d5007008d5"}}, @eret={0xe6, 0x18, 0xd}, @irq_setup={0x46, 0x18, {0x2, 0x18}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x4, 0xd, 0x3}}, @mrs={0xbe, 0x18, {0x6030000000138076}}, @irq_setup={0x46, 0x18, {0x2, 0x30a}}, @uexit={0x0, 0x18, 0x6}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x3, 0xf, 0x9, 0xfffff027}}, @irq_setup={0x46, 0x18, {0x4, 0x2e4}}, @uexit={0x0, 0x18, 0x3}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xd00, 0x4, 0x2}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x1fb}}, @hvc={0x32, 0x40, {0x2, [0x7f, 0xffff, 0xfffffffffffffffb, 0x7, 0x1]}}], 0x5b4}, &(0x7f00000000c0)=[@featur2={0x1, 0x12}], 0x1)
syz_kvm_vgic_v3_setup(r6, 0x2, 0x100)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r13 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r16, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100014, &(0x7f00000000c0)=0x7ff})

9m38.082145785s ago: executing program 6 (id=468):
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r2, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x0, 0x23ac5f9b426e84b2, 0xffffffffffffffff, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ff8000/0x8000)=nil, r6, 0x1000000, 0xe637a22295c143f8, 0xffffffffffffffff, 0x0)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, r7, 0x1, 0x2012, r4, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0)

9m25.082808146s ago: executing program 6 (id=470):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@msr={0x14, 0x20, {0x603000000013e7fc, 0x8000}}], 0x20}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x20)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x29)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1)
r12 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r11, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r11, 0x0)
openat$kvm(0x3f, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r8, 0x541b, 0xac)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

8m37.848882473s ago: executing program 57 (id=470):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@msr={0x14, 0x20, {0x603000000013e7fc, 0x8000}}], 0x20}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x20)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x29)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1)
r12 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r11, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r11, 0x0)
openat$kvm(0x3f, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r8, 0x541b, 0xac)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

4m49.645434417s ago: executing program 5 (id=490):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async, rerun: 32)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (rerun: 32)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r3, 0x4010ae68, &(0x7f00000000c0)={0xffff1000, 0x6000, 0x1})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500), 0x101800, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r5, 0x4068aea3, &(0x7f0000000000)={0xdf, 0x0, 0x1000000}) (async)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r1, 0x4018aee3, 0x0)

4m34.798235603s ago: executing program 5 (id=491):
r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
ioctl$KVM_RESET_DIRTY_RINGS(r0, 0xaec7)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x26)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0xc54) (async)
syz_kvm_setup_cpu$arm64(r1, r0, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000240)=[{0x0, &(0x7f0000000000)=[@eret={0xe6, 0x18}, @code={0xa, 0x6c, {"0000007240ce8fd20020b8f2610180d2820180d2630080d2c40180d2020000d4000008d500c8a00e007008d50040a00d000028d5007008d5c0278fd200a0b0f2010180d2820180d2630080d2840180d2020000d4008c207e"}}, @hvc={0x32, 0x40, {0x80003fff, [0x7ff, 0x8, 0xffffffffffffffb2, 0x100020000, 0x1]}}, @msr={0x14, 0x20, {0x603000000013c038, 0x6}}, @code={0xa, 0x6c, {"008008d580829fd20020b8f2610080d2c20080d2230180d2440180d2020000d400c4a02e00000013a0d786d20060b0f2810080d2c20180d2030180d2040080d2020000d4000c201e007008d50014000f0074007f0024202e"}}, @eret={0xe6, 0x18, 0x80000000}, @uexit={0x0, 0x18, 0x5}, @eret={0xe6, 0x18, 0x10}, @smc={0x1e, 0x40, {0x4000000, [0x8000, 0xffffffffffffffff, 0x80, 0x1]}}, @smc={0x1e, 0x40, {0xc400000d, [0x8001, 0x85, 0x7, 0x0, 0x7]}}], 0x218}], 0x1, 0x0, &(0x7f0000000280)=[@featur2={0x1, 0xe}], 0x1) (async)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xc)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r2, 0x4068aea3, &(0x7f00000002c0))
syz_kvm_vgic_v3_setup(r2, 0x4, 0x80) (async, rerun: 64)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000340)={0x10004, 0x4, 0x8084000, 0x1000, &(0x7f0000f0a000/0x1000)=nil}) (async, rerun: 64)
ioctl$KVM_GET_SREGS(r0, 0x8000ae83, &(0x7f0000000380)) (async)
r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000a40)={0x0, &(0x7f00000004c0)=[@irq_setup={0x46, 0x18, {0x3, 0x9f}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x4, 0x4, 0x7, 0x6, 0x4}}, @svc={0x122, 0x40, {0x8400000d, [0x7f, 0x400, 0x200, 0x58, 0x8]}}, @hvc={0x32, 0x40, {0xc4000003, [0x7fff, 0x1, 0x8, 0xacc, 0xb]}}, @irq_setup={0x46, 0x18, {0x4, 0x3db}}, @mrs={0xbe, 0x18, {0x603000000013dee3}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x1, 0x10, 0x90, 0x7, 0x1}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x5c}}, @svc={0x122, 0x40, {0x84000052, [0x4, 0x9, 0x8, 0x5, 0xbca]}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x1, 0x7, 0x7fff, 0x7, 0x1}}, @msr={0x14, 0x20, {0x603000000013e089, 0x86}}, @mrs={0xbe, 0x18, {0x603000000013c00b}}, @its_send_cmd={0xaa, 0x28, {0x0, 0x1, 0x1, 0xa, 0xc34, 0xe934, 0x2}}, @eret={0xe6, 0x18, 0x8}, @uexit={0x0, 0x18, 0x3}, @svc={0x122, 0x40, {0x3f000000, [0x5, 0x7fffffff, 0xffffffffffffffff, 0xa24]}}, @hvc={0x32, 0x40, {0xc400000c, [0x200, 0x8, 0xffffffffffffffff, 0x10001, 0x1]}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x3e}}, @eret={0xe6, 0x18}, @hvc={0x32, 0x40, {0x80, [0x6, 0x80, 0x9, 0x7, 0x100000001]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x200, 0x7, 0xde5778d862176c80}}, @irq_setup={0x46, 0x18, {0x0, 0x27d}}, @mrs={0xbe, 0x18, {0xa05000000034c8d9}}, @svc={0x122, 0x40, {0xc4000053, [0xffffffff, 0xb, 0x8001, 0x7000000000000000, 0xf]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x78, 0xfa3}}, @hvc={0x32, 0x40, {0x84000014, [0x5a34, 0xffff, 0x0, 0xc, 0x5]}}, @eret={0xe6, 0x18, 0x200}, @smc={0x1e, 0x40, {0x8400000c, [0x7, 0x4f, 0xfffffffffffffff8, 0xe, 0x1]}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x130}}, @code={0xa, 0x6c, {"207d95d200c0b8f2810080d2020180d2e30180d2a40080d2020000d4008008d500a0600d008008d5a0e199d20080b0f2e10080d2e20180d2e30080d2440080d2020000d4000008d5008008d5000028d5007008d5000028d5"}}, @eret={0xe6, 0x18, 0x1}, @eret={0xe6, 0x18, 0x9}], 0x564}, &(0x7f0000000a80)=[@featur1={0x1, 0x1c}], 0x1)
ioctl$KVM_DIRTY_TLB(r3, 0x4010aeaa, &(0x7f0000000ac0)={0xff})
ioctl$KVM_CAP_DIRTY_LOG_RING(r2, 0x4068aea3, &(0x7f0000000b00)={0xc0, 0x0, 0x4000})
r4 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000e40)={0x0, &(0x7f0000000b80)=[@code={0xa, 0x54, {"000028d500800048007008d5007008d560b289d200c0b0f2610180d2620080d2630080d2840080d2020000d4000008d5007008d50000407a007008d5007008d5"}}, @code={0xa, 0xb4, {"203696d20040b8f2c10080d2820080d2c30080d2040080d2020000d4600c82d200e0b8f2210180d2020180d2630080d2240080d2020000d4008008d5007008d5e0278fd200e0b0f2610180d2c20180d2030080d2440080d2020000d4c09186d20000b0f2a10180d2820080d2630080d2a40180d2020000d4a0f488d20060b0f2210180d2e20080d2030080d2240080d2020000d4007008d5008008d51f000031"}}, @uexit={0x0, 0x18, 0x722}, @code={0xa, 0x84, {"000028d50080c0c8000028d5000c803800768ed200c0b8f2210180d2a20080d2830080d2440180d2020000d4007008d5803f92d20060b0f2410180d2220080d2630080d2240080d2020000d4007008d500b986d20020b0f2610180d2620180d2030080d2240080d2020000d4008c205e"}}, @code={0xa, 0x6c, {"0004805a602c9fd20060b8f2410180d2420080d2030080d2e40180d2020000d40000200e0000699e0030202ea0349cd200e0b8f2810080d2e20180d2630180d2e40080d2020000d4008008d5000028d500000088000c00f8"}}, @msr={0x14, 0x20, {0x603000000013c4d0, 0x62028fa2}}, @uexit={0x0, 0x18, 0x7fff}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x1, 0xb, 0x100, 0x1}}, @msr={0x14, 0x20, {0x603000000013c081, 0x95d}}], 0x290}, &(0x7f0000000e80)=[@featur2={0x1, 0x10}], 0x1)
ioctl$KVM_DIRTY_TLB(r4, 0x4010aeaa, &(0x7f0000000ec0)={0x5, 0x4}) (async)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000fda000/0x1000)=nil, r5, 0x1000008, 0x20010, r4, 0x0)
ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000f00)) (async)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x5abc)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000000f40)={0x1, 0x7fffffff}) (async)
ioctl$KVM_SET_DEVICE_ATTR(r0, 0x4018aee1, &(0x7f0000000fc0)=@attr_arm64={0x0, 0x2, 0x3, &(0x7f0000000f80)}) (async)
ioctl$KVM_GET_API_VERSION(0xffffffffffffffff, 0xae00, 0x0) (async, rerun: 64)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async, rerun: 64)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000001000)={0xd000, 0xd000})
ioctl$KVM_RESET_DIRTY_RINGS(r2, 0xaec7) (async, rerun: 32)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r4, 0x4018aee3, &(0x7f0000001080)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000001040)=0xe}) (async, rerun: 32)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f00000010c0)={0x3ff, 0x2}) (async)
mmap$KVM_VCPU(&(0x7f0000d3d000/0x2000)=nil, r5, 0x1000000, 0x810, r0, 0x0) (async)
ioctl$KVM_S390_VCPU_FAULT(0xffffffffffffffff, 0x4008ae52, &(0x7f00000014c0)=0x2)

4m24.881022382s ago: executing program 5 (id=492):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
r4 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000004c0)={0x0, &(0x7f0000000080)=[@msr={0x14, 0x20, {0x603000000013df11, 0xffffffffffff5cde}}, @smc={0x1e, 0x40, {0xc4000001, [0xff, 0x4, 0x3, 0x9, 0x80]}}, @mrs={0xbe, 0x18, {0x603000000013e18d}}, @msr={0x14, 0x20, {0x603000000013e288, 0x8001}}, @mrs={0xbe, 0x18, {0x603000000013f100}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x3, 0xb, 0x5, 0x4}}, @code={0xa, 0x9c, {"000028d50090800f000028d5e0e087d20060b0f2610080d2820180d2230080d2240080d2020000d40000202b007008d580be8dd20000b8f2a10180d2820080d2a30180d2840080d2020000d4c02f8ad20040b0f2c10080d2a20080d2030180d2c40080d2020000d4008008d5c0de93d20060b0f2e10180d2420180d2430180d2440080d2020000d4"}}, @mrs={0xbe, 0x18, {0x60300000001398e3}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x3, 0x2, 0xb67c, 0x8, 0x3}}, @smc={0x1e, 0x40, {0x10, [0x8, 0x4, 0x9368, 0x3, 0xe6bc]}}, @msr={0x14, 0x20, {0x6030000000138034, 0x8}}, @mrs={0xbe, 0x18, {0x603000000013debd}}, @eret={0xe6, 0x18, 0x1}, @uexit={0x0, 0x18, 0x2}, @msr={0x14, 0x20, {0x603000000013806d, 0x8ac}}, @msr={0x14, 0x20, {0x603000000013dead, 0x100000001}}, @uexit={0x0, 0x18, 0x9}, @svc={0x122, 0x40, {0x84000005, [0x6, 0xffffffffffffffff, 0x5, 0x8000, 0xffffffffffff7fff]}}, @eret={0xe6, 0x18}, @mrs={0xbe, 0x18, {0x603000000013e300}}, @code={0xa, 0xfc, {"a09695d20000b8f2010180d2020080d2a30180d2440180d2020000d4e06f98d20060b8f2010180d2420080d2030180d2a40080d2020000d40040800cc04486d200c0b0f2210180d2220180d2a30080d2e40080d2020000d4a0c48ad20020b0f2e10180d2c20080d2230080d2640180d2020000d4000028d520eb8fd20040b8f2c10080d2420080d2430180d2240080d2020000d440c097d20020b0f2e10080d2620080d2a30180d2c40180d2020000d480e094d20040b0f2410180d2c20180d2030080d2c40080d2020000d400509fd200a0b8f2810180d2820180d2830180d2640080d2020000d4"}}], 0x420}, &(0x7f0000000500)=[@featur1={0x1, 0x60}], 0x1)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000da9000/0x4000)=nil, r3, 0x0, 0x2010, r4, 0x0)

4m16.785537487s ago: executing program 5 (id=493):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) (async)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r4, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
r5 = openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0x40086602, 0x110e22ffff) (async)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0) (async)
write$eventfd(0xffffffffffffffff, &(0x7f0000000200)=0x8, 0x8)
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="37d3116035d7513e9a000200018000", 0x0, 0x43) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x20000000) (async)
ioctl$KVM_CHECK_EXTENSION(r6, 0x40086602, 0x110e227ffe) (async)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x28)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) (async)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x1) (async)
syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f00000000c0)=@other={0x52a, &(0x7f0000000080)=0x800})

4m5.911935008s ago: executing program 5 (id=494):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@mrs={0xbe, 0x18, {0x6030000000138010}}], 0x18}, 0x0, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r5 = mmap$KVM_VCPU(&(0x7f0000fc5000/0x2000)=nil, r4, 0x3, 0x11, r3, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r5, 0xffffffffffffffff)

3m55.153091996s ago: executing program 5 (id=495):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000140)=[@featur1={0x1, 0x633563f6b2813d7}], 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x8080000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000)

3m7.371414614s ago: executing program 58 (id=495):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000140)=[@featur1={0x1, 0x633563f6b2813d7}], 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x8080000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000)

49.071018782s ago: executing program 8 (id=473):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x21) (async)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x21)
eventfd2(0x9, 0x0) (async)
r1 = eventfd2(0x9, 0x0)
ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f0000000040)={0x7, 0xffff1000, 0x0, r1, 0x2})
r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, &(0x7f0000000000)=[@smc={0x1e, 0x40, {0x84000008, [0x33, 0x9, 0xffffffff, 0x5, 0xffffffffffffffff]}}], 0x40}, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil) (async)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil)
r6 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r8, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

38.27595589s ago: executing program 8 (id=497):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000240), 0x400, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r6 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000040)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x6030000000138002}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async)
r10 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) (async)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000100)={0x8}) (async)
ioctl$KVM_SIGNAL_MSI(r5, 0x4020aea5, &(0x7f0000000200)={0x8090040, 0x0, 0x0, 0x1}) (async)
r11 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r12 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x1, r12, 0x2}) (async)
ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f0000000040)={0x4, 0xd000, 0x8, r12, 0xa}) (async)
ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x2, r12, 0x7ffffffe}) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x4, 0x1, 0x96}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x4, 0x4, 0xe, 0x0, 0x0, 0x8000000}}], 0x50}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x80)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000200)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r16, 0x4040aea0, &(0x7f0000000000)=@x86={0x0, 0x3, 0xb, 0x0, 0xe09, 0x6, 0x0, 0x3, 0x9, 0x2, 0xd5, 0x8, 0x0, 0x0, 0x6, 0x2, 0x4, 0xd0, 0xf8, '\x00', 0x51, 0xfffffffffffffffc}) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r17=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r17, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})

27.455412721s ago: executing program 8 (id=498):
openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x6)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x2a040, 0x0)
r2 = openat$kvm(0x0, 0x0, 0x300, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x20)
r10 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
r14 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x12)
ioctl$KVM_CREATE_DEVICE(r15, 0xc00caee0, &(0x7f0000000100)={0x4, <r16=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r16, 0x4018aee3, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(r16, 0x4018aee3, &(0x7f0000000040)=@attr_other={0x0, 0x1, 0x200, 0x0})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
close(r12)
openat$kvm(0xffffffffffffff9c, 0x0, 0x80, 0x0)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x3)

6.607871338s ago: executing program 8 (id=499):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x2710, 0x1, 0x3000, 0x1000, &(0x7f0000c06000/0x1000)=nil})

0s ago: executing program 8 (id=500):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000140)={0x1ff, 0xdddc1000, 0x0, r3, 0x4})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x10)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@mrs={0xbe, 0x18, {0x603000000013c807}}, @msr={0x14, 0x20, {0x603000000013e66c, 0xa}}, @memwrite={0x6e, 0x30, @generic={0x10000, 0x6d2, 0x2, 0x5}}], 0x68}, 0x0, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR_vm(r9, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
r14 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000140)={0x0, &(0x7f0000000200)=[@smc={0x1e, 0x40, {0xef000000, [0x0, 0x1, 0x2, 0x3, 0x4]}}, @hvc={0x32, 0x40, {0xc5000021, [0x0, 0x1, 0x2, 0x3, 0x6]}}], 0x80}, 0x0, 0x0)
r15 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0x2, 0x7fffffff, &(0x7f0000000000)=0x1ff})
r17 = syz_kvm_setup_syzos_vm$arm64(r16, &(0x7f0000c00000/0x400000)=nil)
r18 = syz_kvm_add_vcpu$arm64(r17, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r18, 0x4018aee2, &(0x7f0000000040)=@attr_set_pmu={0x0, 0x0, 0x3, 0x0})
ioctl$KVM_RUN(r14, 0xae80, 0x0)
ioctl$KVM_RUN(r14, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

[  373.926691][ T3157] 8021q: adding VLAN 0 to HW filter on device bond0
[  426.496655][ T3157] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:1277' (ED25519) to the list of known hosts.
[  589.347131][   T25] audit: type=1400 audit(588.570:61): avc:  denied  { name_bind } for  pid=3311 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  590.924795][   T25] audit: type=1400 audit(590.150:62): avc:  denied  { execute } for  pid=3312 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  590.944761][   T25] audit: type=1400 audit(590.170:63): avc:  denied  { execute_no_trans } for  pid=3312 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  610.558054][   T25] audit: type=1400 audit(609.780:64): avc:  denied  { mounton } for  pid=3312 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  610.592795][   T25] audit: type=1400 audit(609.810:65): avc:  denied  { mount } for  pid=3312 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  610.675871][ T3312] cgroup: Unknown subsys name 'net'
[  610.724828][   T25] audit: type=1400 audit(609.950:66): avc:  denied  { unmount } for  pid=3312 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  611.112515][ T3312] cgroup: Unknown subsys name 'cpuset'
[  611.213669][ T3312] cgroup: Unknown subsys name 'rlimit'
[  612.128511][   T25] audit: type=1400 audit(611.350:67): avc:  denied  { setattr } for  pid=3312 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  612.146906][   T25] audit: type=1400 audit(611.370:68): avc:  denied  { mounton } for  pid=3312 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  612.174466][   T25] audit: type=1400 audit(611.390:69): avc:  denied  { mount } for  pid=3312 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  613.662245][ T3315] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  613.703876][   T25] audit: type=1400 audit(612.910:70): avc:  denied  { relabelto } for  pid=3315 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  613.732341][   T25] audit: type=1400 audit(612.940:71): avc:  denied  { write } for  pid=3315 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  613.974229][   T25] audit: type=1400 audit(613.200:72): avc:  denied  { read } for  pid=3312 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  613.988744][   T25] audit: type=1400 audit(613.210:73): avc:  denied  { open } for  pid=3312 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  614.037551][ T3312] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  664.366746][   T25] audit: type=1400 audit(663.580:74): avc:  denied  { execmem } for  pid=3316 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  669.024324][   T25] audit: type=1400 audit(668.250:75): avc:  denied  { read } for  pid=3318 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  669.041684][   T25] audit: type=1400 audit(668.260:76): avc:  denied  { open } for  pid=3318 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  669.111002][   T25] audit: type=1400 audit(668.330:77): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  669.406457][   T25] audit: type=1400 audit(668.590:78): avc:  denied  { module_request } for  pid=3318 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  670.497717][   T25] audit: type=1400 audit(669.720:79): avc:  denied  { sys_module } for  pid=3318 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  694.155450][ T3318] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  694.365519][ T3318] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  694.873514][ T3319] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  695.265202][ T3319] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  712.016054][ T3318] hsr_slave_0: entered promiscuous mode
[  712.044568][ T3318] hsr_slave_1: entered promiscuous mode
[  713.102894][ T3319] hsr_slave_0: entered promiscuous mode
[  713.138472][ T3319] hsr_slave_1: entered promiscuous mode
[  713.168938][ T3319] debugfs: 'hsr0' already exists in 'hsr'
[  713.186245][ T3319] Cannot create hsr debugfs directory
[  718.421087][   T25] audit: type=1400 audit(717.630:80): avc:  denied  { create } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  718.461475][   T25] audit: type=1400 audit(717.670:81): avc:  denied  { write } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  718.532406][   T25] audit: type=1400 audit(717.750:82): avc:  denied  { read } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  718.715267][ T3318] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  719.033201][ T3318] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  719.274281][ T3318] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  719.525303][ T3318] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  720.982715][ T3319] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  721.123638][ T3319] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  721.391524][ T3319] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  721.635717][ T3319] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  733.861930][ T3318] 8021q: adding VLAN 0 to HW filter on device bond0
[  736.253776][ T3319] 8021q: adding VLAN 0 to HW filter on device bond0
[  791.035870][ T3318] veth0_vlan: entered promiscuous mode
[  791.440972][ T3318] veth1_vlan: entered promiscuous mode
[  793.215096][ T3318] veth0_macvtap: entered promiscuous mode
[  793.664598][ T3318] veth1_macvtap: entered promiscuous mode
[  793.783928][ T3319] veth0_vlan: entered promiscuous mode
[  794.493992][ T3319] veth1_vlan: entered promiscuous mode
[  795.985024][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  796.072381][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  796.076232][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  796.161406][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  797.315774][ T3319] veth0_macvtap: entered promiscuous mode
[  797.908826][ T3319] veth1_macvtap: entered promiscuous mode
[  798.477907][   T25] audit: type=1400 audit(797.700:83): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  798.654406][   T25] audit: type=1400 audit(797.880:84): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.o93JT0/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  798.953199][   T25] audit: type=1400 audit(798.170:85): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  799.453171][   T25] audit: type=1400 audit(798.650:86): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.o93JT0/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  799.556803][   T25] audit: type=1400 audit(798.780:87): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/syzkaller.o93JT0/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3745 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  800.018090][ T3328] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  800.032280][ T3328] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  800.066530][ T3411] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  800.093235][ T3411] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  800.182870][   T25] audit: type=1400 audit(799.410:88): avc:  denied  { unmount } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  800.325735][   T25] audit: type=1400 audit(799.550:89): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  800.441172][   T25] audit: type=1400 audit(799.640:90): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="gadgetfs" ino=3754 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  800.745953][   T25] audit: type=1400 audit(799.960:91): avc:  denied  { mount } for  pid=3318 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  800.902863][   T25] audit: type=1400 audit(800.120:92): avc:  denied  { mounton } for  pid=3318 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  802.483671][ T3318] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  803.491896][   T25] kauditd_printk_skb: 2 callbacks suppressed
[  803.492687][   T25] audit: type=1400 audit(802.700:95): avc:  denied  { open } for  pid=3318 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  803.533081][   T25] audit: type=1400 audit(802.740:96): avc:  denied  { ioctl } for  pid=3318 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  812.754899][   T25] audit: type=1400 audit(811.980:97): avc:  denied  { read } for  pid=3471 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  812.823644][   T25] audit: type=1400 audit(812.040:98): avc:  denied  { open } for  pid=3471 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  812.928272][   T25] audit: type=1400 audit(812.150:99): avc:  denied  { ioctl } for  pid=3471 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  815.013526][   T25] audit: type=1400 audit(814.230:100): avc:  denied  { execute } for  pid=3473 comm="syz.1.2" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3822 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  859.163754][   T25] audit: type=1400 audit(858.370:101): avc:  denied  { write } for  pid=3504 comm="syz.1.11" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  859.755526][   T25] audit: type=1400 audit(858.910:102): avc:  denied  { append } for  pid=3501 comm="syz.0.10" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  987.175261][   T25] audit: type=1400 audit(986.390:103): avc:  denied  { setattr } for  pid=3589 comm="syz.0.35" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1093.577209][   T25] audit: type=1400 audit(1092.760:104): avc:  denied  { ioctl } for  pid=3645 comm="syz.0.54" path="net:[4026532629]" dev="nsfs" ino=4026532629 ioctlcmd=0xae46 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1286.058447][ T3712] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1286.313906][ T3712] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1291.245315][ T3715] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1291.446939][ T3715] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1311.442722][ T3712] hsr_slave_0: entered promiscuous mode
[ 1311.507454][ T3712] hsr_slave_1: entered promiscuous mode
[ 1311.583388][ T3712] debugfs: 'hsr0' already exists in 'hsr'
[ 1311.590445][ T3712] Cannot create hsr debugfs directory
[ 1320.907896][ T3715] hsr_slave_0: entered promiscuous mode
[ 1321.015530][ T3715] hsr_slave_1: entered promiscuous mode
[ 1321.131036][ T3715] debugfs: 'hsr0' already exists in 'hsr'
[ 1321.132087][ T3715] Cannot create hsr debugfs directory
[ 1336.078526][ T3712] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1336.466374][ T3712] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1336.725701][ T3722] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1337.203480][ T3712] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1337.865112][ T3722] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1338.039069][ T3712] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1338.568578][ T3722] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1339.276727][ T3722] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1344.831602][ T3715] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1352.458754][ T3722] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1352.574478][ T3722] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1352.634431][ T3722] bond0 (unregistering): Released all slaves
[ 1353.193776][ T3715] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1353.558536][ T3715] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1353.923434][ T3715] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1354.422411][ T3722] hsr_slave_0: left promiscuous mode
[ 1354.512947][ T3722] hsr_slave_1: left promiscuous mode
[ 1355.145679][ T3722] veth1_macvtap: left promiscuous mode
[ 1355.171057][ T3722] veth0_macvtap: left promiscuous mode
[ 1355.182341][ T3722] veth1_vlan: left promiscuous mode
[ 1355.195953][ T3722] veth0_vlan: left promiscuous mode
[ 1381.063935][ T3722] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1382.523118][ T3722] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1383.867845][ T3722] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1385.382472][ T3722] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1402.403711][ T3722] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1402.553744][ T3722] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1402.658571][ T3722] bond0 (unregistering): Released all slaves
[ 1404.122746][ T3722] hsr_slave_0: left promiscuous mode
[ 1404.165076][ T3722] hsr_slave_1: left promiscuous mode
[ 1404.314979][ T3722] veth1_macvtap: left promiscuous mode
[ 1404.318418][ T3722] veth0_macvtap: left promiscuous mode
[ 1404.329094][ T3722] veth1_vlan: left promiscuous mode
[ 1404.338592][ T3722] veth0_vlan: left promiscuous mode
[ 1417.167750][ T3712] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1422.683077][ T3715] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1509.723266][ T3712] veth0_vlan: entered promiscuous mode
[ 1510.523592][ T3712] veth1_vlan: entered promiscuous mode
[ 1512.893306][ T3712] veth0_macvtap: entered promiscuous mode
[ 1513.572768][ T3712] veth1_macvtap: entered promiscuous mode
[ 1515.003678][ T3715] veth0_vlan: entered promiscuous mode
[ 1516.438644][ T3715] veth1_vlan: entered promiscuous mode
[ 1517.264135][ T3799] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1517.277924][ T3799] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1517.284579][ T3799] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1517.303973][ T3799] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1520.962873][ T3715] veth0_macvtap: entered promiscuous mode
[ 1521.432307][ T3715] veth1_macvtap: entered promiscuous mode
[ 1524.385744][   T21] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1524.402725][   T21] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1524.426736][   T21] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1524.445156][   T21] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1640.314066][ T3797] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1642.407034][ T3797] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1643.791658][ T3797] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1645.495129][ T3797] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1669.962661][ T3797] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1670.390666][ T3797] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1670.643450][ T3797] bond0 (unregistering): Released all slaves
[ 1673.835045][ T3797] hsr_slave_0: left promiscuous mode
[ 1673.955959][ T3797] hsr_slave_1: left promiscuous mode
[ 1674.632010][ T3797] veth1_macvtap: left promiscuous mode
[ 1674.652359][ T3797] veth0_macvtap: left promiscuous mode
[ 1674.661826][ T3797] veth1_vlan: left promiscuous mode
[ 1674.677198][ T3797] veth0_vlan: left promiscuous mode
[ 1758.621479][ T3972] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1758.999041][ T3972] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1792.888317][ T3972] hsr_slave_0: entered promiscuous mode
[ 1792.998257][ T3972] hsr_slave_1: entered promiscuous mode
[ 1815.175992][ T3972] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1815.737754][ T3972] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1816.108161][ T3972] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1816.524467][ T3972] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1843.647690][ T3972] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1888.512765][ T3360] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1890.201993][ T3360] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1891.537166][ T3360] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1892.837193][ T3360] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1914.306027][ T3360] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1914.588139][ T3360] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1914.812429][ T3360] bond0 (unregistering): Released all slaves
[ 1919.282532][ T3360] hsr_slave_0: left promiscuous mode
[ 1919.733392][ T3360] hsr_slave_1: left promiscuous mode
[ 1920.640635][ T3360] veth1_macvtap: left promiscuous mode
[ 1920.641948][ T3360] veth0_macvtap: left promiscuous mode
[ 1920.682690][ T3360] veth1_vlan: left promiscuous mode
[ 1920.712302][ T3360] veth0_vlan: left promiscuous mode
[ 1991.566879][ T4114] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1991.963462][ T4114] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2004.147209][ T3972] veth0_vlan: entered promiscuous mode
[ 2004.858449][ T3972] veth1_vlan: entered promiscuous mode
[ 2008.822390][ T3972] veth0_macvtap: entered promiscuous mode
[ 2009.274067][ T3972] veth1_macvtap: entered promiscuous mode
[ 2012.278835][   T42] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2012.332017][ T3670] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2012.336871][ T3670] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2012.415103][ T3797] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2024.764452][ T4114] hsr_slave_0: entered promiscuous mode
[ 2024.874977][ T4114] hsr_slave_1: entered promiscuous mode
[ 2024.997214][ T4114] debugfs: 'hsr0' already exists in 'hsr'
[ 2025.060740][ T4114] Cannot create hsr debugfs directory
[ 2049.068567][ T4114] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2049.844731][ T4114] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2050.366793][ T4114] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2050.912963][ T4114] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2086.694148][ T4114] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2194.204794][ T3797] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2196.325009][ T3797] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2197.907489][ T3797] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2199.327806][ T3797] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2223.893225][ T3797] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2225.053288][ T3797] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2225.584450][ T3797] bond0 (unregistering): Released all slaves
[ 2228.754459][ T3797] hsr_slave_0: left promiscuous mode
[ 2228.901925][ T3797] hsr_slave_1: left promiscuous mode
[ 2229.492942][ T3797] veth1_macvtap: left promiscuous mode
[ 2229.509108][ T3797] veth0_macvtap: left promiscuous mode
[ 2229.522754][ T3797] veth1_vlan: left promiscuous mode
[ 2229.551663][ T3797] veth0_vlan: left promiscuous mode
[ 2275.484476][ T4114] veth0_vlan: entered promiscuous mode
[ 2279.333600][ T4114] veth1_vlan: entered promiscuous mode
[ 2282.445043][ T4114] veth0_macvtap: entered promiscuous mode
[ 2282.996079][ T4114] veth1_macvtap: entered promiscuous mode
[ 2286.758005][   T21] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2286.763994][   T21] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2286.836674][   T21] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2286.881491][   T42] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2299.626802][ T4304] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2300.115243][ T4304] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2343.246889][ T4304] hsr_slave_0: entered promiscuous mode
[ 2343.367927][ T4304] hsr_slave_1: entered promiscuous mode
[ 2367.988112][ T4304] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 2368.511511][ T4304] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 2369.067812][ T4304] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 2369.646461][ T4304] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 2404.047012][ T4304] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2452.376067][ T3797] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2454.595983][ T3797] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2456.732906][ T3797] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2458.728902][ T3797] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2485.747464][ T3797] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2485.964685][ T3797] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2486.147215][ T3797] bond0 (unregistering): Released all slaves
[ 2488.342672][ T3797] hsr_slave_0: left promiscuous mode
[ 2488.451440][ T3797] hsr_slave_1: left promiscuous mode
[ 2489.022558][ T3797] veth1_macvtap: left promiscuous mode
[ 2489.028641][ T3797] veth0_macvtap: left promiscuous mode
[ 2489.045378][ T3797] veth1_vlan: left promiscuous mode
[ 2489.058107][ T3797] veth0_vlan: left promiscuous mode
[ 2559.501663][ T4451] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2559.868205][ T4451] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2588.925491][ T4304] veth0_vlan: entered promiscuous mode
[ 2590.107998][ T4304] veth1_vlan: entered promiscuous mode
[ 2593.545122][ T4304] veth0_macvtap: entered promiscuous mode
[ 2594.326370][ T4304] veth1_macvtap: entered promiscuous mode
[ 2601.414911][ T4451] hsr_slave_0: entered promiscuous mode
[ 2601.536846][ T4451] hsr_slave_1: entered promiscuous mode
[ 2601.672289][ T4451] debugfs: 'hsr0' already exists in 'hsr'
[ 2601.695692][ T4451] Cannot create hsr debugfs directory
[ 2602.056409][ T4000] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2602.077496][ T4000] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2602.286964][ T4000] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2602.326924][ T4000] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2625.335671][ T4451] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 2625.866906][ T4451] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 2626.601207][ T4451] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 2627.131152][ T4451] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 2672.206266][ T4451] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2806.973875][ T3799] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2809.406559][ T3799] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2811.757332][ T3799] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2814.243383][ T3799] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2843.982066][ T3799] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2845.406540][ T3799] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2846.096382][ T3799] bond0 (unregistering): Released all slaves
[ 2849.268161][ T3799] hsr_slave_0: left promiscuous mode
[ 2849.521423][ T3799] hsr_slave_1: left promiscuous mode
[ 2850.021707][ T3799] veth1_macvtap: left promiscuous mode
[ 2850.062457][ T3799] veth0_macvtap: left promiscuous mode
[ 2850.078646][ T3799] veth1_vlan: left promiscuous mode
[ 2850.105362][ T3799] veth0_vlan: left promiscuous mode
[ 2904.654425][ T4451] veth0_vlan: entered promiscuous mode
[ 2907.662176][ T4451] veth1_vlan: entered promiscuous mode
[ 2910.563411][ T4451] veth0_macvtap: entered promiscuous mode
[ 2911.006851][ T4451] veth1_macvtap: entered promiscuous mode
[ 2914.562091][ T3797] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2914.620468][ T4462] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2914.621651][ T4462] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2914.622464][ T4462] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2927.394396][ T4629] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2928.045101][ T4629] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2982.084351][ T4629] hsr_slave_0: entered promiscuous mode
[ 2982.224799][ T4629] hsr_slave_1: entered promiscuous mode
[ 3011.608470][ T4629] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 3012.462608][ T4629] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 3013.077723][ T4629] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 3013.705037][ T4629] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 3061.194559][ T4629] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3269.959147][ T4629] veth0_vlan: entered promiscuous mode
[ 3271.715413][ T4629] veth1_vlan: entered promiscuous mode
[ 3277.124173][ T4629] veth0_macvtap: entered promiscuous mode
[ 3278.194371][ T4629] veth1_macvtap: entered promiscuous mode
[ 3283.214321][ T4636] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3283.248708][ T4636] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3283.387777][ T3808] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3283.401839][ T3808] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3408.805525][ T4000] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3411.294307][ T4000] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3413.662409][ T4000] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3416.198711][ T4000] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3446.417508][ T4000] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3446.663891][ T4000] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3446.816651][ T4000] bond0 (unregistering): Released all slaves
[ 3449.200776][ T4000] hsr_slave_0: left promiscuous mode
[ 3449.373986][ T4000] hsr_slave_1: left promiscuous mode
[ 3449.974914][ T4000] veth1_macvtap: left promiscuous mode
[ 3450.050939][ T4000] veth0_macvtap: left promiscuous mode
[ 3450.077608][ T4000] veth1_vlan: left promiscuous mode
[ 3450.080029][ T4000] veth0_vlan: left promiscuous mode
[ 3498.912626][ T3722] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3500.998381][ T3722] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3502.947058][ T3722] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3505.305700][ T3722] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3533.331732][ T3722] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3534.003539][ T3722] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3534.403464][ T3722] bond0 (unregistering): Released all slaves
[ 3538.925048][ T3722] hsr_slave_0: left promiscuous mode
[ 3539.092965][ T3722] hsr_slave_1: left promiscuous mode
[ 3539.814832][ T3722] veth1_macvtap: left promiscuous mode
[ 3539.818212][ T3722] veth0_macvtap: left promiscuous mode
[ 3539.865733][ T3722] veth1_vlan: left promiscuous mode
[ 3539.942981][ T3722] veth0_vlan: left promiscuous mode
[ 3593.455485][ T4926] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3593.988259][ T4926] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3601.706718][ T4935] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3602.156140][ T4935] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3634.437263][ T4926] hsr_slave_0: entered promiscuous mode
[ 3634.544551][ T4926] hsr_slave_1: entered promiscuous mode
[ 3641.275666][ T4935] hsr_slave_0: entered promiscuous mode
[ 3641.318903][ T4935] hsr_slave_1: entered promiscuous mode
[ 3641.403748][ T4935] debugfs: 'hsr0' already exists in 'hsr'
[ 3641.441569][ T4935] Cannot create hsr debugfs directory
[ 3665.252420][ T4926] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 3665.948630][ T4926] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 3668.922483][ T4926] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 3669.922903][ T4926] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 3685.224132][ T4935] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 3685.804796][ T4935] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 3686.383810][ T4935] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 3687.004272][ T4935] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 3709.384234][ T4926] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3722.566191][ T4935] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3861.890007][ T4935] veth0_vlan: entered promiscuous mode
[ 3863.336402][ T4935] veth1_vlan: entered promiscuous mode
[ 3867.358398][ T4935] veth0_macvtap: entered promiscuous mode
[ 3868.162351][ T4935] veth1_macvtap: entered promiscuous mode
[ 3872.300345][ T3722] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3872.343183][ T3670] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3872.346003][ T3670] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3872.346806][ T3670] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3879.893687][ T4926] veth0_vlan: entered promiscuous mode
[ 3881.582692][ T4926] veth1_vlan: entered promiscuous mode
[ 3885.765052][ T4926] veth0_macvtap: entered promiscuous mode
[ 3886.896211][ T4926] veth1_macvtap: entered promiscuous mode
[ 3891.871518][ T3722] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3891.896240][   T21] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3891.938786][ T3808] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3892.065847][ T3808] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4309.104171][ T3360] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4311.924629][ T3360] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4314.425793][ T3360] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4316.756553][ T3360] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4345.045734][ T3360] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4345.437674][ T3360] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4345.622893][ T3360] bond0 (unregistering): Released all slaves
[ 4348.230677][ T3360] hsr_slave_0: left promiscuous mode
[ 4348.353696][ T3360] hsr_slave_1: left promiscuous mode
[ 4349.176963][ T3360] veth1_macvtap: left promiscuous mode
[ 4349.241382][ T3360] veth0_macvtap: left promiscuous mode
[ 4349.264486][ T3360] veth1_vlan: left promiscuous mode
[ 4349.266006][ T3360] veth0_vlan: left promiscuous mode
[ 4385.146441][ T3360] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4387.388322][ T3360] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4389.245084][ T3360] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4391.703712][ T3360] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4417.148530][ T3360] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4417.388013][ T3360] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4417.534362][ T3360] bond0 (unregistering): Released all slaves
[ 4420.611340][ T3360] hsr_slave_0: left promiscuous mode
[ 4421.052078][ T3360] hsr_slave_1: left promiscuous mode
[ 4421.942825][ T3360] veth1_macvtap: left promiscuous mode
[ 4421.946186][ T3360] veth0_macvtap: left promiscuous mode
[ 4421.972607][ T3360] veth1_vlan: left promiscuous mode
[ 4421.981436][ T3360] veth0_vlan: left promiscuous mode
[ 4471.583229][ T5386] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4471.913481][ T5386] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4483.044147][ T5389] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4483.377388][ T5389] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4507.437925][ T5386] hsr_slave_0: entered promiscuous mode
[ 4507.506045][ T5386] hsr_slave_1: entered promiscuous mode
[ 4523.497430][ T5389] hsr_slave_0: entered promiscuous mode
[ 4523.624608][ T5389] hsr_slave_1: entered promiscuous mode
[ 4523.676909][ T5389] debugfs: 'hsr0' already exists in 'hsr'
[ 4523.703745][ T5389] Cannot create hsr debugfs directory
[ 4545.124581][ T5386] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 4547.174287][ T5386] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 4547.874240][ T5386] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 4549.573653][ T5386] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 4561.036641][ T5389] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 4561.564316][ T5389] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 4562.142968][ T5389] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 4562.637612][ T5389] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 4587.756445][ T5386] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4596.794516][ T5389] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4710.382174][ T5386] veth0_vlan: entered promiscuous mode
[ 4711.468228][ T5386] veth1_vlan: entered promiscuous mode
[ 4714.613795][ T5386] veth0_macvtap: entered promiscuous mode
[ 4715.132828][ T5386] veth1_macvtap: entered promiscuous mode
[ 4718.733375][ T5393] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4718.757298][ T5393] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4718.828432][ T3799] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4718.917356][ T3799] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4721.453559][ T5389] veth0_vlan: entered promiscuous mode
[ 4723.703719][ T5389] veth1_vlan: entered promiscuous mode
[ 4727.855943][ T5389] veth0_macvtap: entered promiscuous mode
[ 4728.503099][ T5389] veth1_macvtap: entered promiscuous mode
[ 4732.761122][ T5393] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4732.834720][ T3360] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4732.872453][ T3360] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4732.881119][ T3360] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5198.441746][ T5790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5198.935774][ T5790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5219.565376][ T5800] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5220.242236][ T5800] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5259.617043][ T5790] hsr_slave_0: entered promiscuous mode
[ 5259.874900][ T5790] hsr_slave_1: entered promiscuous mode
[ 5260.042556][ T5790] debugfs: 'hsr0' already exists in 'hsr'
[ 5260.069064][ T5790] Cannot create hsr debugfs directory
[ 5275.793369][ T5413] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5277.914523][ T5413] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5280.563043][ T5413] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5282.708410][ T5413] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5289.056732][ T5800] hsr_slave_0: entered promiscuous mode
[ 5289.180652][ T5800] hsr_slave_1: entered promiscuous mode
[ 5289.301255][ T5800] debugfs: 'hsr0' already exists in 'hsr'
[ 5289.311572][ T5800] Cannot create hsr debugfs directory
[ 5321.667392][ T5413] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5321.845752][ T5413] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5321.984448][ T5413] bond0 (unregistering): Released all slaves
[ 5325.323210][ T5413] hsr_slave_0: left promiscuous mode
[ 5325.423435][ T5413] hsr_slave_1: left promiscuous mode
[ 5325.825337][ T5413] veth1_macvtap: left promiscuous mode
[ 5325.845917][ T5413] veth0_macvtap: left promiscuous mode
[ 5325.863137][ T5413] veth1_vlan: left promiscuous mode
[ 5325.882958][ T5413] veth0_vlan: left promiscuous mode
[ 5362.246237][ T5413] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5363.509097][ T5413] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5366.777498][ T5413] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5367.212900][ T5790] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 5369.357904][ T5413] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5369.775105][ T5790] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 5371.523194][ T5790] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 5373.395569][ T5790] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 5392.012962][ T5413] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5392.662928][ T5413] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5392.903448][ T5413] bond0 (unregistering): Released all slaves
[ 5395.311762][ T5413] hsr_slave_0: left promiscuous mode
[ 5395.412158][ T5413] hsr_slave_1: left promiscuous mode
[ 5396.144225][ T5413] veth1_macvtap: left promiscuous mode
[ 5396.164547][ T5413] veth0_macvtap: left promiscuous mode
[ 5396.181861][ T5413] veth1_vlan: left promiscuous mode
[ 5396.231898][ T5413] veth0_vlan: left promiscuous mode
[ 5423.917270][ T5800] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 5424.428679][ T5800] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 5424.827112][ T5800] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 5425.472390][ T5800] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 5436.327254][ T5790] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5455.453785][ T5800] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5557.454176][ T5790] veth0_vlan: entered promiscuous mode
[ 5558.376777][ T5790] veth1_vlan: entered promiscuous mode
[ 5561.752845][ T5790] veth0_macvtap: entered promiscuous mode
[ 5562.124201][ T5790] veth1_macvtap: entered promiscuous mode
[ 5565.566930][ T4000] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5565.584408][ T4000] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5565.785669][ T4000] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5565.793241][ T4000] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5610.588271][ T5800] veth0_vlan: entered promiscuous mode
[ 5612.512707][ T5800] veth1_vlan: entered promiscuous mode
[ 5617.066354][ T5800] veth0_macvtap: entered promiscuous mode
[ 5617.885169][ T5800] veth1_macvtap: entered promiscuous mode
[ 5622.293362][ T5804] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5622.305964][ T5804] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5622.493241][ T5804] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5622.585220][ T5804] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5769.302697][ T3799] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5773.122414][ T3799] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5775.208126][ T3799] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5777.303684][ T3799] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5803.807806][ T3799] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5804.085312][ T3799] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5804.262668][ T3799] bond0 (unregistering): Released all slaves
[ 5807.769032][ T3799] hsr_slave_0: left promiscuous mode
[ 5807.850933][ T3799] hsr_slave_1: left promiscuous mode
[ 5808.701593][ T3799] veth1_macvtap: left promiscuous mode
[ 5808.704675][ T3799] veth0_macvtap: left promiscuous mode
[ 5808.718282][ T3799] veth1_vlan: left promiscuous mode
[ 5808.762647][ T3799] veth0_vlan: left promiscuous mode
[ 5850.862266][ T3722] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5852.323481][ T3722] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5853.658797][ T3722] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5855.117938][ T3722] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5874.132242][ T3722] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5874.215645][ T3722] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5874.317873][ T3722] bond0 (unregistering): Released all slaves
[ 5876.881508][ T3722] hsr_slave_0: left promiscuous mode
[ 5877.271416][ T3722] hsr_slave_1: left promiscuous mode
[ 5878.031993][ T3722] veth1_macvtap: left promiscuous mode
[ 5878.037196][ T3722] veth0_macvtap: left promiscuous mode
[ 5878.067344][ T3722] veth1_vlan: left promiscuous mode
[ 5878.112283][ T3722] veth0_vlan: left promiscuous mode
[ 5921.603920][ T6117] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5922.279135][ T6117] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5937.353952][ T6128] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5937.667765][ T6128] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5954.756412][ T6117] hsr_slave_0: entered promiscuous mode
[ 5954.810453][ T6117] hsr_slave_1: entered promiscuous mode
[ 5976.713533][ T6128] hsr_slave_0: entered promiscuous mode
[ 5976.785777][ T6128] hsr_slave_1: entered promiscuous mode
[ 5976.855515][ T6128] debugfs: 'hsr0' already exists in 'hsr'
[ 5976.858447][ T6128] Cannot create hsr debugfs directory
[ 5985.064032][ T6117] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 5985.861429][ T6117] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 5986.717034][ T6117] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 5986.956503][ T6117] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 6002.807102][ T6128] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 6003.458928][ T6128] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 6004.017488][ T6128] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 6004.682594][ T6128] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 6021.897392][ T6117] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6034.965219][ T6128] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6144.368594][ T6117] veth0_vlan: entered promiscuous mode
[ 6145.416022][ T6117] veth1_vlan: entered promiscuous mode
[ 6148.675760][ T6117] veth0_macvtap: entered promiscuous mode
[ 6149.126129][ T6117] veth1_macvtap: entered promiscuous mode
[ 6152.367181][ T5398] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 6152.393973][ T5398] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 6152.452868][ T5398] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 6152.455583][ T5398] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 6160.287223][ T6128] veth0_vlan: entered promiscuous mode
[ 6161.178753][ T6128] veth1_vlan: entered promiscuous mode
[ 6164.658218][ T6128] veth0_macvtap: entered promiscuous mode
[ 6165.398687][ T6128] veth1_macvtap: entered promiscuous mode
[ 6169.140749][ T3411] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 6169.142196][ T3411] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 6169.162849][ T3411] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 6169.185680][ T3411] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 6689.301487][   T25] audit: type=1400 audit(6688.420:105): avc:  denied  { map } for  pid=6700 comm="syz.6.280" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 6689.411155][   T25] audit: type=1400 audit(6688.630:106): avc:  denied  { execute } for  pid=6700 comm="syz.6.280" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 6790.965061][ T6759] kvm [6759]: Failed to find VMA for hva 0x20d8a000
[ 6933.888337][ T5398] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6937.117702][ T5398] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6938.912260][ T5398] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6940.678023][ T5398] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6963.381507][ T5398] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 6963.701112][ T5398] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 6963.858022][ T5398] bond0 (unregistering): Released all slaves
[ 6968.091697][ T5398] hsr_slave_0: left promiscuous mode
[ 6968.240834][ T5398] hsr_slave_1: left promiscuous mode
[ 6969.392473][ T5398] veth1_macvtap: left promiscuous mode
[ 6969.404723][ T5398] veth0_macvtap: left promiscuous mode
[ 6969.406941][ T5398] veth1_vlan: left promiscuous mode
[ 6969.408436][ T5398] veth0_vlan: left promiscuous mode
[ 6996.843042][ T5398] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6998.415456][ T5398] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7000.113846][ T5398] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7001.318246][ T5398] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7019.064391][ T5398] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 7019.177274][ T5398] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 7019.264667][ T5398] bond0 (unregistering): Released all slaves
[ 7021.865603][ T5398] hsr_slave_0: left promiscuous mode
[ 7022.222263][ T5398] hsr_slave_1: left promiscuous mode
[ 7022.916464][ T5398] veth1_macvtap: left promiscuous mode
[ 7022.948605][ T5398] veth0_macvtap: left promiscuous mode
[ 7022.966686][ T5398] veth1_vlan: left promiscuous mode
[ 7022.992681][ T5398] veth0_vlan: left promiscuous mode
[ 7091.072514][ T6826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7091.386817][ T6826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7094.963571][ T6831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7095.284467][ T6831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7123.987321][ T6826] hsr_slave_0: entered promiscuous mode
[ 7124.034433][ T6826] hsr_slave_1: entered promiscuous mode
[ 7126.824226][ T6831] hsr_slave_0: entered promiscuous mode
[ 7126.897051][ T6831] hsr_slave_1: entered promiscuous mode
[ 7126.974330][ T6831] debugfs: 'hsr0' already exists in 'hsr'
[ 7126.983546][ T6831] Cannot create hsr debugfs directory
[ 7156.635982][ T6826] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 7157.267407][ T6826] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 7157.938721][ T6826] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 7158.518949][ T6826] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 7164.256011][ T6831] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 7164.705530][ T6831] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 7165.078187][ T6831] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 7165.477210][ T6831] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 7186.533424][ T6826] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7191.694042][ T6831] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7308.075002][ T6826] veth0_vlan: entered promiscuous mode
[ 7308.791470][ T6826] veth1_vlan: entered promiscuous mode
[ 7312.168096][ T6826] veth0_macvtap: entered promiscuous mode
[ 7313.106388][ T6826] veth1_macvtap: entered promiscuous mode
[ 7313.611753][ T6831] veth0_vlan: entered promiscuous mode
[ 7314.986394][ T6831] veth1_vlan: entered promiscuous mode
[ 7317.011963][ T5413] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 7317.023404][ T6823] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 7317.034584][ T6823] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 7317.044049][ T6823] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 7319.806737][ T6831] veth0_macvtap: entered promiscuous mode
[ 7320.716999][ T6831] veth1_macvtap: entered promiscuous mode
[ 7325.145277][ T6836] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 7325.157993][ T6836] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 7325.167564][ T6836] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 7325.382646][ T6836] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 7478.947965][ T5398] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7481.517684][ T5398] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7483.415750][ T5398] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7485.365995][ T5398] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7510.572878][ T5398] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 7511.151232][ T5398] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 7511.577141][ T5398] bond0 (unregistering): Released all slaves
[ 7514.451691][ T5398] hsr_slave_0: left promiscuous mode
[ 7514.673151][ T5398] hsr_slave_1: left promiscuous mode
[ 7515.707349][ T5398] veth1_macvtap: left promiscuous mode
[ 7515.752302][ T5398] veth0_macvtap: left promiscuous mode
[ 7515.792119][ T5398] veth1_vlan: left promiscuous mode
[ 7515.804205][ T5398] veth0_vlan: left promiscuous mode
[ 7598.978556][ T6846] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7600.502039][ T6846] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7601.726405][ T6846] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7603.043638][ T6846] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7617.322123][ T6846] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 7617.416448][ T6846] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 7617.478473][ T6846] bond0 (unregistering): Released all slaves
[ 7620.876044][ T6846] hsr_slave_0: left promiscuous mode
[ 7620.962794][ T6846] hsr_slave_1: left promiscuous mode
[ 7621.630516][ T6846] veth1_macvtap: left promiscuous mode
[ 7621.631872][ T6846] veth0_macvtap: left promiscuous mode
[ 7621.662049][ T6846] veth1_vlan: left promiscuous mode
[ 7621.673800][ T6846] veth0_vlan: left promiscuous mode
[ 7647.643941][ T7175] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7648.269099][ T7175] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7674.994483][ T7175] hsr_slave_0: entered promiscuous mode
[ 7675.065788][ T7175] hsr_slave_1: entered promiscuous mode
[ 7687.803769][ T7235] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7689.276290][ T7235] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7700.455031][ T7175] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 7700.937346][ T7175] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 7701.488574][ T7175] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 7702.033695][ T7175] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 7720.381376][ T7235] hsr_slave_0: entered promiscuous mode
[ 7720.417958][ T7235] hsr_slave_1: entered promiscuous mode
[ 7720.453462][ T7235] debugfs: 'hsr0' already exists in 'hsr'
[ 7720.471472][ T7235] Cannot create hsr debugfs directory
[ 7726.274688][ T7175] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7740.755502][ T7235] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 7741.123314][ T7235] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 7741.405692][ T7235] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 7741.625379][ T7235] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 7769.555056][ T7235] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7820.664241][ T7175] veth0_vlan: entered promiscuous mode
[ 7821.413696][ T7175] veth1_vlan: entered promiscuous mode
[ 7824.282416][ T7175] veth0_macvtap: entered promiscuous mode
[ 7824.777892][ T7175] veth1_macvtap: entered promiscuous mode
[ 7827.824545][ T5393] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 7827.892377][ T5393] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 7827.893500][ T5393] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 7827.921445][ T5393] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 7860.524523][ T7452] kvm [7452]: Failed to find VMA for hva 0x20d8d000
[ 7860.536917][ T7455] kvm [7455]: Failed to find VMA for hva 0x20d8d000
[ 7883.807656][ T7235] veth0_vlan: entered promiscuous mode
[ 7884.842697][ T7235] veth1_vlan: entered promiscuous mode
[ 7888.493343][ T7235] veth0_macvtap: entered promiscuous mode
[ 7889.027009][ T7235] veth1_macvtap: entered promiscuous mode
[ 7892.710983][ T5393] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 7892.830895][ T5393] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 7892.833260][ T5393] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 7892.857548][ T5393] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8355.036206][   T25] audit: type=1400 audit(8354.260:107): avc:  denied  { map } for  pid=7795 comm="syz.0.384" path="pipe:[32260]" dev="pipefs" ino=32260 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 8785.977944][ T6846] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8788.135510][ T6846] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8790.373206][ T6846] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8792.381553][ T6846] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8820.986139][ T6846] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 8821.464441][ T6846] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 8821.673050][ T6846] bond0 (unregistering): Released all slaves
[ 8826.571460][ T6846] hsr_slave_0: left promiscuous mode
[ 8826.732252][ T6846] hsr_slave_1: left promiscuous mode
[ 8827.870519][ T6846] veth1_macvtap: left promiscuous mode
[ 8827.871869][ T6846] veth0_macvtap: left promiscuous mode
[ 8827.916344][ T6846] veth1_vlan: left promiscuous mode
[ 8827.953331][ T6846] veth0_vlan: left promiscuous mode
[ 8868.444440][ T6846] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8869.703119][ T6846] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8870.884105][ T6846] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8872.352550][ T6846] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8896.761083][ T6846] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 8897.103661][ T6846] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 8897.307235][ T6846] bond0 (unregistering): Released all slaves
[ 8899.544377][ T6846] hsr_slave_0: left promiscuous mode
[ 8899.682901][ T6846] hsr_slave_1: left promiscuous mode
[ 8900.247871][ T6846] veth1_macvtap: left promiscuous mode
[ 8900.254511][ T6846] veth0_macvtap: left promiscuous mode
[ 8900.263638][ T6846] veth1_vlan: left promiscuous mode
[ 8900.293076][ T6846] veth0_vlan: left promiscuous mode
[ 8951.213310][ T8011] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8951.518950][ T8011] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8965.235721][ T8021] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8965.523360][ T8021] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8983.623307][ T8011] hsr_slave_0: entered promiscuous mode
[ 8983.724729][ T8011] hsr_slave_1: entered promiscuous mode
[ 8994.447512][ T8021] hsr_slave_0: entered promiscuous mode
[ 8994.501413][ T8021] hsr_slave_1: entered promiscuous mode
[ 8994.537315][ T8021] debugfs: 'hsr0' already exists in 'hsr'
[ 8994.557722][ T8021] Cannot create hsr debugfs directory
[ 9011.613206][ T8011] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 9013.131192][ T8011] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 9014.685888][ T8011] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 9016.108869][ T8011] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 9024.874372][ T8021] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 9025.402712][ T8021] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 9025.913902][ T8021] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 9026.574368][ T8021] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 9046.729149][ T8011] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9054.915697][ T8021] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9154.513603][ T8011] veth0_vlan: entered promiscuous mode
[ 9155.604808][ T8011] veth1_vlan: entered promiscuous mode
[ 9158.813323][ T8011] veth0_macvtap: entered promiscuous mode
[ 9159.373132][ T8011] veth1_macvtap: entered promiscuous mode
[ 9162.894128][ T8046] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 9163.012292][ T8046] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 9163.026683][ T8046] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 9163.053022][ T7728] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 9164.496938][ T8021] veth0_vlan: entered promiscuous mode
[ 9166.195883][ T8021] veth1_vlan: entered promiscuous mode
[ 9170.328114][ T8021] veth0_macvtap: entered promiscuous mode
[ 9170.787549][ T8021] veth1_macvtap: entered promiscuous mode
[ 9174.300720][ T8046] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 9174.325984][ T7849] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 9174.327008][ T7849] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 9174.327839][ T7849] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 9321.102391][ T3722] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9323.197986][ T3722] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9324.685558][ T3722] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9326.535923][ T3722] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9348.117631][ T3722] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 9348.225110][ T3722] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 9348.326340][ T3722] bond0 (unregistering): Released all slaves
[ 9350.484487][ T3722] hsr_slave_0: left promiscuous mode
[ 9350.841552][ T3722] hsr_slave_1: left promiscuous mode
[ 9352.027214][ T3722] veth1_macvtap: left promiscuous mode
[ 9352.091279][ T3722] veth0_macvtap: left promiscuous mode
[ 9352.108667][ T3722] veth1_vlan: left promiscuous mode
[ 9352.134653][ T3722] veth0_vlan: left promiscuous mode
[ 9377.616356][ T7728] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9379.451689][ T7728] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9381.032486][ T7728] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9383.595108][ T7728] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9402.175873][ T7728] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 9402.304317][ T7728] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 9402.365238][ T7728] bond0 (unregistering): Released all slaves
[ 9405.042090][ T7728] hsr_slave_0: left promiscuous mode
[ 9405.236393][ T7728] hsr_slave_1: left promiscuous mode
[ 9405.927882][ T7728] veth1_macvtap: left promiscuous mode
[ 9405.953092][ T7728] veth0_macvtap: left promiscuous mode
[ 9405.968689][ T7728] veth1_vlan: left promiscuous mode
[ 9405.994273][ T7728] veth0_vlan: left promiscuous mode
[ 9459.595090][ T8356] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 9459.883874][ T8356] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 9465.278943][ T8359] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 9465.598077][ T8359] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 9487.012940][ T8356] hsr_slave_0: entered promiscuous mode
[ 9487.077353][ T8356] hsr_slave_1: entered promiscuous mode
[ 9494.054730][ T8359] hsr_slave_0: entered promiscuous mode
[ 9494.143447][ T8359] hsr_slave_1: entered promiscuous mode
[ 9494.202555][ T8359] debugfs: 'hsr0' already exists in 'hsr'
[ 9494.241155][ T8359] Cannot create hsr debugfs directory
[ 9518.142903][ T8356] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 9518.471585][ T8356] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 9519.665261][ T8356] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 9520.165594][ T8356] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 9528.747455][ T8359] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 9529.107637][ T8359] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 9529.387694][ T8359] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 9529.798586][ T8359] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 9547.385483][ T8356] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9556.748145][ T8359] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9653.303264][ T8356] veth0_vlan: entered promiscuous mode
[ 9654.126535][ T8356] veth1_vlan: entered promiscuous mode
[ 9657.067648][ T8356] veth0_macvtap: entered promiscuous mode
[ 9657.404267][ T8356] veth1_macvtap: entered promiscuous mode
[ 9661.263033][ T8017] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 9661.297370][ T7728] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 9661.306939][ T7849] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 9661.358324][ T8046] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 9687.054368][ T8359] veth0_vlan: entered promiscuous mode
[ 9688.104556][ T8359] veth1_vlan: entered promiscuous mode
[ 9692.205108][ T8359] veth0_macvtap: entered promiscuous mode
[ 9692.978763][ T8359] veth1_macvtap: entered promiscuous mode
[ 9697.333011][ T6823] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 9697.345667][ T6823] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 9697.363834][ T6823] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 9697.594862][ T6823] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 9893.567225][ T3722] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9895.644489][ T3722] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9897.565148][ T3722] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9899.264773][ T3722] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9924.962833][ T3722] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 9925.348285][ T3722] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 9925.696348][ T3722] bond0 (unregistering): Released all slaves
[ 9928.241230][ T3722] hsr_slave_0: left promiscuous mode
[ 9928.352931][ T3722] hsr_slave_1: left promiscuous mode
[ 9929.100911][ T3722] veth1_macvtap: left promiscuous mode
[ 9929.102183][ T3722] veth0_macvtap: left promiscuous mode
[ 9929.124093][ T3722] veth1_vlan: left promiscuous mode
[ 9929.161450][ T3722] veth0_vlan: left promiscuous mode
[ 9971.766473][ T5393] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9973.626473][ T5393] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9975.064881][ T5393] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9976.283019][ T5393] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[10000.435259][ T5393] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[10000.690998][ T5393] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[10000.867157][ T5393] bond0 (unregistering): Released all slaves
[10002.518371][ T5393] hsr_slave_0: left promiscuous mode
[10002.602266][ T5393] hsr_slave_1: left promiscuous mode
[10003.205483][ T5393] veth1_macvtap: left promiscuous mode
[10003.211942][ T5393] veth0_macvtap: left promiscuous mode
[10003.216266][ T5393] veth1_vlan: left promiscuous mode
[10003.247734][ T5393] veth0_vlan: left promiscuous mode
[10049.692029][ T8706] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[10050.023968][ T8706] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[10059.266469][ T8732] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[10059.564820][ T8732] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[10074.705446][ T8706] hsr_slave_0: entered promiscuous mode
[10074.794435][ T8706] hsr_slave_1: entered promiscuous mode
[10084.465079][ T8732] hsr_slave_0: entered promiscuous mode
[10084.541189][ T8732] hsr_slave_1: entered promiscuous mode
[10084.593933][ T8732] debugfs: 'hsr0' already exists in 'hsr'
[10084.601196][ T8732] Cannot create hsr debugfs directory
[10101.753829][ T8706] netdevsim netdevsim6 netdevsim0: renamed from eth0
[10102.313293][ T8706] netdevsim netdevsim6 netdevsim1: renamed from eth1
[10103.523713][ T8706] netdevsim netdevsim6 netdevsim2: renamed from eth2
[10104.261064][ T8706] netdevsim netdevsim6 netdevsim3: renamed from eth3
[10114.943697][ T8732] netdevsim netdevsim5 netdevsim0: renamed from eth0
[10115.375928][ T8732] netdevsim netdevsim5 netdevsim1: renamed from eth1
[10115.828786][ T8732] netdevsim netdevsim5 netdevsim2: renamed from eth2
[10116.267120][ T8732] netdevsim netdevsim5 netdevsim3: renamed from eth3
[10133.484112][ T8706] 8021q: adding VLAN 0 to HW filter on device bond0
[10141.724698][ T8732] 8021q: adding VLAN 0 to HW filter on device bond0
[10255.386992][ T8706] veth0_vlan: entered promiscuous mode
[10256.192992][ T8706] veth1_vlan: entered promiscuous mode
[10258.793534][ T8706] veth0_macvtap: entered promiscuous mode
[10259.384278][ T8706] veth1_macvtap: entered promiscuous mode
[10262.155350][ T6823] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[10262.190655][ T5393] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[10262.192618][ T5393] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[10262.193444][ T5393] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[10265.117467][ T8732] veth0_vlan: entered promiscuous mode
[10266.558099][ T8732] veth1_vlan: entered promiscuous mode
[10270.143344][ T8732] veth0_macvtap: entered promiscuous mode
[10270.855887][ T8732] veth1_macvtap: entered promiscuous mode
[10274.780833][ T8046] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[10274.896313][ T3722] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[10274.901502][ T3722] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[10274.943069][ T8046] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[10446.437113][ T5398] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[10448.506625][ T5398] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[10450.598534][ T5398] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[10452.896136][ T5398] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[10486.642942][ T5398] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[10487.157277][ T5398] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[10487.533845][ T5398] bond0 (unregistering): Released all slaves
[10490.915517][ T5398] hsr_slave_0: left promiscuous mode
[10491.091803][ T5398] hsr_slave_1: left promiscuous mode
[10491.951050][ T5398] veth1_macvtap: left promiscuous mode
[10491.952383][ T5398] veth0_macvtap: left promiscuous mode
[10491.985776][ T5398] veth1_vlan: left promiscuous mode
[10492.011827][ T5398] veth0_vlan: left promiscuous mode
[10601.874499][ T9077] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[10602.332333][ T9077] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[10639.577113][ T9077] hsr_slave_0: entered promiscuous mode
[10639.762268][ T9077] hsr_slave_1: entered promiscuous mode
[10672.845362][ T9077] netdevsim netdevsim8 netdevsim0: renamed from eth0
[10673.258700][ T9077] netdevsim netdevsim8 netdevsim1: renamed from eth1
[10673.628430][ T9077] netdevsim netdevsim8 netdevsim2: renamed from eth2
[10674.032405][ T9077] netdevsim netdevsim8 netdevsim3: renamed from eth3
[10706.845090][ T9077] 8021q: adding VLAN 0 to HW filter on device bond0
[10772.225250][ T3722] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[10774.058331][ T3722] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[10775.723543][ T3722] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[10777.523106][ T3722] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[10798.974469][ T3722] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[10799.163206][ T3722] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[10799.304526][ T3722] bond0 (unregistering): Released all slaves
[10801.980936][ T3722] hsr_slave_0: left promiscuous mode
[10802.382065][ T3722] hsr_slave_1: left promiscuous mode
[10803.364592][ T3722] veth1_macvtap: left promiscuous mode
[10803.392928][ T3722] veth0_macvtap: left promiscuous mode
[10803.403213][ T3722] veth1_vlan: left promiscuous mode
[10803.444844][ T3722] veth0_vlan: left promiscuous mode
[10868.251018][ T9077] veth0_vlan: entered promiscuous mode
[10868.892002][ T9077] veth1_vlan: entered promiscuous mode
[10871.364054][ T9077] veth0_macvtap: entered promiscuous mode
[10873.477134][ T9077] veth1_macvtap: entered promiscuous mode
[10874.015449][ T9289] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[10874.397061][ T9289] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[10878.390838][ T6823] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[10878.460869][ T7849] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[10878.466285][ T7849] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[10878.491372][ T7849] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[10910.982018][ T9289] hsr_slave_0: entered promiscuous mode
[10911.046474][ T9289] hsr_slave_1: entered promiscuous mode
[10911.172198][ T9289] debugfs: 'hsr0' already exists in 'hsr'
[10911.180826][ T9289] Cannot create hsr debugfs directory
[10938.431735][ T9289] netdevsim netdevsim7 netdevsim0: renamed from eth0
[10938.808346][ T9289] netdevsim netdevsim7 netdevsim1: renamed from eth1
[10939.377715][ T9289] netdevsim netdevsim7 netdevsim2: renamed from eth2
[10939.778827][ T9289] netdevsim netdevsim7 netdevsim3: renamed from eth3
[10952.998440][ T9413] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x64882
[10953.055714][ T9413] flags: 0x1ffc40000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x10)
[10953.179032][ T9413] raw: 01ffc40000000000 ffffc1ffc09220c8 ffffc1ffc08b5208 0000000000000000
[10953.204633][ T9413] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[10953.246963][ T9413] page dumped because: VM_BUG_ON_PAGE(page_ref_count(page) == 0)
[10953.277838][ T9413] ------------[ cut here ]------------
[10953.278089][ T9413] kernel BUG at ./include/linux/mm.h:1036!
[10953.279856][ T9413] Internal error: Oops - BUG: 00000000f2000800 [#1]  SMP
[10953.284435][ T9413] Modules linked in:
[10953.286552][ T9413] CPU: 0 UID: 0 PID: 9413 Comm: syz.8.500 Not tainted syzkaller #0 PREEMPT 
[10953.288085][ T9413] Hardware name: linux,dummy-virt (DT)
[10953.289286][ T9413] pstate: 61402009 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
[10953.290518][ T9413] pc : kvm_s2_put_page+0x374/0x3a0
[10953.292788][ T9413] lr : kvm_s2_put_page+0x374/0x3a0
[10953.293716][ T9413] sp : ffff80008e7e7570
[10953.294429][ T9413] x29: ffff80008e7e7570 x28: 76f0000022d48000 x27: 76f0000022d48000
[10953.296023][ T9413] x26: 00000000000000ff x25: ffff800087396000 x24: ffffc1ffc0000000
[10953.297302][ T9413] x23: ffffc1ffc0922088 x22: 0000000000000000 x21: ffffc1ffc09220b4
[10953.298638][ T9413] x20: 0000000000000000 x19: ffffc1ffc0922080 x18: 0000000054eefe41
[10953.299974][ T9413] x17: 00000000059b1bd1 x16: 0000000054eecd31 x15: 00000000ef808607
[10953.301264][ T9413] x14: ffffffffffffffff x13: fff000001dbe0008 x12: 0000000000000001
[10953.302550][ T9413] x11: 0000000000080000 x10: 00000000000423cd x9 : 9bdb2d9950b29400
[10953.303987][ T9413] x8 : 9bdb2d9950b29400 x7 : ffff80008039fbc8 x6 : 0000000000000000
[10953.305252][ T9413] x5 : 0000000000000001 x4 : 0000000000000001 x3 : ffff800080390dd0
[10953.306536][ T9413] x2 : 0000000000000002 x1 : 0000000100000000 x0 : 000000000000003e
[10953.308091][ T9413] Call trace:
[10953.308980][ T9413]  kvm_s2_put_page+0x374/0x3a0 (P)
[10953.310247][ T9413]  stage2_free_walker+0x1b0/0x264
[10953.311189][ T9413]  __kvm_pgtable_walk+0x7d8/0xa68
[10953.312133][ T9413]  kvm_pgtable_walk+0x294/0x468
[10953.313043][ T9413]  kvm_pgtable_stage2_destroy_range+0x60/0xb4
[10953.314083][ T9413]  kvm_free_stage2_pgd+0x198/0x28c
[10953.314967][ T9413]  kvm_uninit_stage2_mmu+0x20/0x38
[10953.315903][ T9413]  kvm_arch_flush_shadow_all+0x1a8/0x1e0
[10953.316873][ T9413]  kvm_mmu_notifier_release+0x48/0xa8
[10953.317812][ T9413]  mmu_notifier_unregister+0x128/0x42c
[10953.318656][ T9413]  kvm_put_kvm+0x6a0/0xfa8
[10953.319428][ T9413]  kvm_vcpu_release+0x70/0x9c
[10953.320331][ T9413]  __fput+0x4ac/0x980
[10953.321102][ T9413]  ____fput+0x20/0x58
[10953.321849][ T9413]  task_work_run+0x1bc/0x254
[10953.322702][ T9413]  get_signal+0x13ec/0x1554
[10953.323654][ T9413]  do_signal+0x23c/0x4dd0
[10953.324578][ T9413]  do_notify_resume+0xb0/0x270
[10953.325376][ T9413]  el0_svc+0xb8/0x164
[10953.326188][ T9413]  el0t_64_sync_handler+0x84/0x12c
[10953.327131][ T9413]  el0t_64_sync+0x198/0x19c
[10953.328630][ T9413] Code: 900377c1 910e9421 aa1303e0 97f9c9f2 (d4210000) 
[10953.330428][ T9413] ---[ end trace 0000000000000000 ]---
[10953.332014][ T9413] Kernel panic - not syncing: Oops - BUG: Fatal exception
[10953.333947][ T9413] Kernel Offset: disabled
[10953.334660][ T9413] CPU features: 0x000000,0001a300,5f7c67c1,057ffe1f
[10953.335720][ T9413] Memory Limit: none
[10953.337348][ T9413] Rebooting in 86400 seconds..

VM DIAGNOSIS:
05:08:33  Registers:
info registers vcpu 0

CPU#0
 PC=ffff800082159154 X00=0000000000000003 X01=0000000000000002
X02=000000000000002a X03=ffff800082159050 X04=0000000000000001
X05=0000000000000000 X06=ffff800081f1ef70 X07=ffff800080015834
X08=000000000004382e X09=8dff80008f53c000 X10=000000000004382d
X11=0000000000080000 X12=00000000000000ee X13=0000000000000007
X14=0000000000000002 X15=ffff800087fe5a20 X16=0000000000000000
X17=00000000059b1bd1 X18=0000000054eefe41 X19=efff800000000000
X20=eef000000dcb4880 X21=91ff80008c4bb018 X22=0000000000000002
X23=eef000000dcb497c X24=00000000000000ee X25=eef000000dcb4ac8
X26=eef000000dcb48c8 X27=00000000000000ee X28=00000000000000ee
X29=ffff80008e7e6d80 X30=ffff800082159154  SP=ffff80008e7e6d70
PSTATE=804023c9 N--- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=0c00000000000000:0c00000000000000 Z01=0000000c00000000:0000000000000000
Z02=000000000000000c:0000000000000000 Z03=00d000a800000000:0000000000000000
Z04=0000000000000000:0000000000000002 Z05=000000000000000c:0000000000000002
Z06=6edc4d3a2914b135:d8e9c869e2695c88 Z07=b20fae707afde253:388e9c6c4fa85ca0
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000ffffc5d4a380:0000ffffc5d4a380 Z17=ffffff80ffffffd0:0000ffffc5d4a350
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000