last executing test programs:

2h16m56.832734895s ago: executing program 32 (id=91):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
close(r1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x98000, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
r4 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r3, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
close(r5)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x33)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x0, 0x1000014, 0x5c1fd1b6565d2f2, r9, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r11, 0x40087602, 0x1)
ioctl$KVM_SET_SIGNAL_MASK(r9, 0x4004ae8b, &(0x7f00000000c0)=ANY=[])
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)

2h16m48.002407492s ago: executing program 33 (id=93):
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2a040, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xd8)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, <r3=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x5, 0x0, &(0x7f00000000c0)=0x10001})
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x20) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r9 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f00000005c0)=@attr_pmu_irq={0x0, 0x0, 0x2000000, 0x0}) (async)
r13 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
r16 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r16, 0xae01, 0x12)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000100)={0x4, <r17=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r17, 0x4018aee3, 0x0) (async)
ioctl$KVM_HAS_DEVICE_ATTR(r17, 0x4018aee3, &(0x7f0000000040)=@attr_other={0x0, 0x1, 0x200, 0x0})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r15, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
close(r14)

2h10m35.691033956s ago: executing program 3 (id=107):
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r0 = syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x40)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f00000002c0)=@arm64_sys={0x603000000013df11, &(0x7f0000000280)=0x3})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, 0x0)
r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000040)=@arm64_sys={0x603000000013c006, &(0x7f0000000000)=0x3})
syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r8, 0x4018aee2, &(0x7f0000000180)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000140)={0x28b, 0x600, 0x1}})
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
ioctl$KVM_GET_DEVICE_ATTR(r0, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x1, 0x0})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)

2h10m19.428987345s ago: executing program 3 (id=109):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x4})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x3f)
r6 = eventfd2(0x8, 0x80800)
r7 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f00000000c0)={0x7ffffffffffffffe, 0xeeee0000, 0x8, r7})
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x1, r6, 0x3})
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, r6, 0x3})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000000)=@attr_other={0x0, 0x7fffffff, 0xbe3, &(0x7f0000000080)=0x64d})

2h9m31.39198296s ago: executing program 34 (id=109):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x8080000, 0x2000, &(0x7f0000c5d000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x2, 0x1, 0x2000, &(0x7f0000f31000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x4})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x3f)
r6 = eventfd2(0x8, 0x80800)
r7 = eventfd2(0x8, 0x80800)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f00000000c0)={0x7ffffffffffffffe, 0xeeee0000, 0x8, r7})
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x1, r6, 0x3})
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, r6, 0x3})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000000)=@attr_other={0x0, 0x7fffffff, 0xbe3, &(0x7f0000000080)=0x64d})

2h5m55.32502492s ago: executing program 35 (id=126):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000100)=@arm64={0x4e, 0x2, 0x0, '\x00', 0x4})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x8040ae9f, &(0x7f0000000000)=@arm64)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000bfd000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000b80)={0x0, &(0x7f00000009c0)=[@hvc={0x32, 0x40, {0xc4000004, [0x4, 0xfffffffffffffffa, 0x8000000000000000, 0x427f, 0x400003]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, <r12=>0xffffffffffffffff, 0x1})
r13 = ioctl$KVM_CREATE_VM(r12, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r13, 0xb703, 0x0)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r14 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r13, 0x4068aea3, &(0x7f0000000180)={0xa8, 0x0, 0x2})
ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r16 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r17 = ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r17, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r17, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
ioctl$KVM_REGISTER_COALESCED_MMIO(r17, 0x4010ae67, &(0x7f0000000180)={0x0, 0x0, 0x1})
syz_kvm_add_vcpu$arm64(r15, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0)

2h2m35.002076227s ago: executing program 4 (id=112):
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)

2h2m26.018975378s ago: executing program 4 (id=128):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x141000, 0x0) (async)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001}) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, <r3=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x40305828, &(0x7f0000000240)=@attr_other={0x0, 0x8, 0x80000000, &(0x7f00000001c0)=0x40})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f00000000c0)=@arm64_core={0x6030000000100038, &(0x7f0000000140)=0x7}) (async)
r10 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x39d}}], 0x28}, 0x0, 0x0) (async, rerun: 64)
syz_kvm_vgic_v3_setup(r4, 0xffffffffffbffffc, 0x120) (rerun: 64)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x0, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async, rerun: 64)
ioctl$KVM_RUN(r10, 0xae80, 0x0) (async, rerun: 64)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x4, 0x1, 0x0})

2h1m37.870912336s ago: executing program 36 (id=128):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x141000, 0x0) (async)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001}) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, <r3=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x40305828, &(0x7f0000000240)=@attr_other={0x0, 0x8, 0x80000000, &(0x7f00000001c0)=0x40})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f00000000c0)=@arm64_core={0x6030000000100038, &(0x7f0000000140)=0x7}) (async)
r10 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x39d}}], 0x28}, 0x0, 0x0) (async, rerun: 64)
syz_kvm_vgic_v3_setup(r4, 0xffffffffffbffffc, 0x120) (rerun: 64)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x0, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async, rerun: 64)
ioctl$KVM_RUN(r10, 0xae80, 0x0) (async, rerun: 64)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x4, 0x1, 0x0})

1h56m7.893499738s ago: executing program 5 (id=141):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
r3 = ioctl$KVM_CREATE_VM(r2, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0x8004b706, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x28)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0xc018ae85, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r5, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100006, &(0x7f0000000080)=0xc5c5})

1h55m51.797421202s ago: executing program 5 (id=142):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x8840, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000080)={0xd, 0xf, 0x1}})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x2, 0x100)
r5 = eventfd2(0x10000, 0x0)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000100)={r5, 0xb168, 0x0, r5})
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x5)
openat$kvm(0x0, &(0x7f0000000040), 0x8840, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000080)={0xd, 0xf, 0x1}}) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
syz_kvm_vgic_v3_setup(r4, 0x2, 0x100) (async)
eventfd2(0x10000, 0x0) (async)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000100)={r5, 0xb168, 0x0, r5}) (async)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x5) (async)

1h55m37.086714072s ago: executing program 5 (id=143):
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
eventfd2(0x9, 0xc0800)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, r1, 0x0, 0x11, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, r1, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)

1h55m24.72317773s ago: executing program 5 (id=144):
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x4, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000200)=@attr_arm64={0x0, 0x1, 0x1, &(0x7f0000000000)=0x3})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x210000, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x210000, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x400000001)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x1, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x1, <r7=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r7, 0x400454d1, 0x110c230000) (async)
ioctl$KVM_CREATE_VM(r7, 0x400454d1, 0x110c230000)
r8 = openat$kvm(0x0, 0x0, 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x2)
r11 = openat$kvm(0x0, 0x0, 0x0, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, r12, 0x2000003, 0x11, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0) (async)
r13 = openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r14 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x400]}}], 0x40}, 0x0, 0x0) (async)
r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x400]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r14, 0xae04) (async)
r17 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r14, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r17, 0x3, 0x40b2811, r16, 0x0)

1h54m36.497072605s ago: executing program 37 (id=144):
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x4, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000200)=@attr_arm64={0x0, 0x1, 0x1, &(0x7f0000000000)=0x3})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x210000, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x210000, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x400000001)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x1, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x1, <r7=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r7, 0x400454d1, 0x110c230000) (async)
ioctl$KVM_CREATE_VM(r7, 0x400454d1, 0x110c230000)
r8 = openat$kvm(0x0, 0x0, 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x2)
r11 = openat$kvm(0x0, 0x0, 0x0, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, r12, 0x2000003, 0x11, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0) (async)
r13 = openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r14 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x400]}}], 0x40}, 0x0, 0x0) (async)
r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x400]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r14, 0xae04) (async)
r17 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r14, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r17, 0x3, 0x40b2811, r16, 0x0)

1h42m4.051098569s ago: executing program 38 (id=187):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2d)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000000)=@arm64_sve={0x60800000001504cb, 0x0})
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r2, 0x300000a, 0x20010, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c61000/0x3000)=nil, 0x930, 0x100000f, 0x4019032, 0xffffffffffffffff, 0x0)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31)
syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r10 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r7, 0x4068aea3, &(0x7f0000000040)={0xe4, 0x0, 0x1000})
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)

1h41m54.981985584s ago: executing program 39 (id=188):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1000) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1000)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)}, 0x0, 0x0)
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x2, 0x100)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r5, 0x3, 0x10, r3, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r5, 0x3, 0x10, r3, 0x0)
r6 = mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r5, 0x3, 0x11, r4, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_kvm_assert_syzos_uexit$arm64(r6, 0xffffffffffffffff)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000280)={0x80000000, 0x101}) (async)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000280)={0x80000000, 0x101})
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
r7 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3c) (async)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3c)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@its_setup={0x7, 0x28, {0x2, 0x2, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r8, 0x2, 0x0) (async)
syz_kvm_vgic_v3_setup(r8, 0x2, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000100)={0x8}) (async)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000100)={0x8, <r10=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) (async)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil)
r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0xfffffffffffffffd, 0x5}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r12, 0x1, 0x100) (async)
syz_kvm_vgic_v3_setup(r12, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000180)={0x8}) (async)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000180)={0x8, <r15=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r14, 0xae80, 0x0)
ioctl$KVM_RUN(r14, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x28)

1h15m30.438504733s ago: executing program 8 (id=277):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur2={0x1, 0x12}], 0x1)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r7, 0x40086602, 0x40)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0xcb3993e4c7433bb8, 0xffffffffffffffff, 0x0)
ioctl$KVM_ARM_SET_DEVICE_ADDR(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000180)={0xf, 0xdddd1000})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r8, 0xae03, 0x57)
r9 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, &(0x7f0000000200)=[@smc={0x1e, 0x40, {0xef000000, [0x0, 0x1, 0x2, 0x3, 0x4]}}, @hvc={0x32, 0x40, {0x84000051, [0x0, 0x1, 0x2, 0x3, 0x6]}}], 0x80}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r12})
ioctl$KVM_REGISTER_COALESCED_MMIO(r11, 0x4010ae67, &(0x7f0000000000)={0x100000, 0x37d03030d7a92616})
ioctl$KVM_REGISTER_COALESCED_MMIO(r11, 0x4010ae67, &(0x7f0000000180)={0x5000})
ioctl$KVM_RUN(r9, 0xae80, 0x0)

1h14m42.561459088s ago: executing program 40 (id=277):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur2={0x1, 0x12}], 0x1)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r7, 0x40086602, 0x40)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0xcb3993e4c7433bb8, 0xffffffffffffffff, 0x0)
ioctl$KVM_ARM_SET_DEVICE_ADDR(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000180)={0xf, 0xdddd1000})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r8, 0xae03, 0x57)
r9 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, &(0x7f0000000200)=[@smc={0x1e, 0x40, {0xef000000, [0x0, 0x1, 0x2, 0x3, 0x4]}}, @hvc={0x32, 0x40, {0x84000051, [0x0, 0x1, 0x2, 0x3, 0x6]}}], 0x80}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r12})
ioctl$KVM_REGISTER_COALESCED_MMIO(r11, 0x4010ae67, &(0x7f0000000000)={0x100000, 0x37d03030d7a92616})
ioctl$KVM_REGISTER_COALESCED_MMIO(r11, 0x4010ae67, &(0x7f0000000180)={0x5000})
ioctl$KVM_RUN(r9, 0xae80, 0x0)

1h14m26.503960071s ago: executing program 41 (id=278):
mmap$KVM_VCPU(&(0x7f0000d86000/0x1000)=nil, 0x0, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x18}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1h0m6.807098783s ago: executing program 42 (id=299):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (rerun: 64)
openat$kvm(0x0, 0x0, 0x940, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r7, 0x2, 0x100)
close(r7)
r8 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
close(r8)
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000edf000/0x3000)=nil, r9, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)

59m55.668226394s ago: executing program 43 (id=300):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010002a, &(0x7f00000000c0)=0xc})

50m12.980301169s ago: executing program 3 (id=301):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) (async, rerun: 64)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x2, [0x9, 0x53, 0x2, 0x760, 0x8001]}}, @code={0xa, 0x9c, {"a0fe91d20020b8f2e10080d2020180d2c30180d2240080d2020000d40000589e007008d5000080da007008d500d781d20060b0f2210180d2c20180d2a30080d2040080d2020000d4007008d5a04983d200e0b8f2810080d2420080d2030080d2440180d2020000d4005b91d20080b8f2810080d2820180d2430080d2640080d2020000d4007008d5"}}, @code={0xa, 0x54, {"000040b3000008d5008008d5007008d5000008d500008072007008d5c0fc8cd20000b0f2610080d2420180d2c30180d2c40180d2020000d40038000e008008d5"}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe0, 0x5, 0xc}}, @code={0xa, 0x6c, {"0000202b0078284e000028d5007008d50000c0ad200699d20080b0f2c10080d2420080d2c30080d2c40080d2020000d40000a00d007008d5007008d5c00593d20040b0f2a10080d2220180d2830080d2c40180d2020000d4"}}, @msr={0x14, 0x20, {0x603000000013df11, 0x100000000}}, @code={0xa, 0xb4, {"0000309e60188cd200c0b0f2810180d2620080d2630080d2440180d2020000d4a01d86d20020b8f2810080d2620180d2830080d2e40080d2020000d40040000ec04d8ad200e0b0f2410180d2c20080d2c30080d2a40080d2020000d4008008d5000008d5c0b99dd200e0b0f2410180d2220080d2a30180d2a40080d2020000d4000028d5204486d200c0b8f2810080d2420180d2830180d2a40080d2020000d4"}}, @irq_setup={0x46, 0x18, {0x2, 0x28d}}, @code={0xa, 0x84, {"000000d2801b8cd20060b8f2210180d2420080d2830080d2e40180d2020000d4007008d5606498d20000b0f2010180d2820180d2230180d2a40080d2020000d480b881d20020b8f2010180d2420180d2830180d2640080d2020000d40034200e007008d5000008d50070000c0048214e"}}, @msr={0x14, 0x20, {0x603000000013d801, 0x7ff}}, @eret={0xe6, 0x18, 0xbff}, @hvc={0x32, 0x40, {0x6000000, [0x2, 0x7fffffffffffffff, 0xfffffffffffffff9, 0x5, 0x1]}}, @uexit={0x0, 0x18, 0xb2}, @msr={0x14, 0x20, {0x603000000013e6c6, 0x4}}, @code={0xa, 0xb4, {"80de89d200e0b8f2e10080d2a20180d2830180d2a40080d2020000d4805d85d20000b0f2410080d2620080d2c30180d2c40180d2020000d400c0c00d0048212e0000711e00b0004f00999ed20080b8f2c10080d2820180d2830180d2e40080d2020000d4c0c18ed20060b8f2410180d2220180d2630080d2640180d2020000d480b39bd20060b0f2610180d2c20180d2830180d2840080d2020000d4000028d5"}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x3, 0x4, 0x80000001, 0x7, 0x1}}, @hvc={0x32, 0x40, {0x84000052, [0x8000, 0x9, 0x10, 0xfe9d, 0x6]}}, @hvc={0x32, 0x40, {0x3000000, [0x100000001, 0x9, 0x3, 0x5, 0x8]}}, @irq_setup={0x46, 0x18, {0x3, 0x7d}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfffc, 0x4, 0xd}}, @eret={0xe6, 0x18, 0x1ff}, @smc={0x1e, 0x40, {0x1000000, [0x1ff, 0xf1e, 0x7, 0x9, 0x2]}}], 0x5e8}, &(0x7f00000000c0)=[@featur1={0x1, 0x1}], 0x1) (rerun: 64)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000040)={0x7, <r5=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f00000001c0)=@attr_other={0x0, 0x0, 0x5, &(0x7f0000000180)=0x4})

49m54.164916335s ago: executing program 3 (id=303):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000500)=[@eret={0xe6, 0x18, 0x7e64}, @hvc={0x32, 0x40, {0x84000013, [0x100000001, 0x81, 0xfffffffffffffffd, 0xff, 0x1]}}, @svc={0x122, 0x40, {0xc4000011, [0xc, 0x8, 0xffffffff, 0x80000001, 0x710]}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x17e}}, @mrs={0xbe, 0x18, {0x603000000013df6d}}, @mrs={0xbe, 0x18, {0x603000000013df10}}, @code={0xa, 0xb4, {"000008d5000028d5007008d5604b8fd200e0b0f2010180d2220080d2630180d2640180d2020000d4e02783d20020b8f2410180d2820180d2430180d2040080d2020000d480b19fd20080b0f2a10080d2420080d2a30180d2840180d2020000d4c0eb8fd20080b0f2410080d2820180d2230080d2240180d2020000d4000028d5008008d500649ed20020b8f2c10180d2420180d2430180d2040180d2020000d4"}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x400, 0x7, 0xe}}, @hvc={0x32, 0x40, {0xc5000020, [0x2, 0x1, 0x2, 0x646, 0x7fffffff]}}, @irq_setup={0x46, 0x18, {0x4, 0x2eb}}, @uexit={0x0, 0x18, 0x101}, @code={0xa, 0x6c, {"007008d500b8310e008008d5a0cd8cd200c0b8f2810180d2420180d2a30080d2240080d2020000d400a0a00d007008d5000080d2803b86d20060b8f2a10180d2c20080d2630180d2840080d2020000d4007008d5008008d5"}}, @its_setup={0x82, 0x28, {0x3, 0x0, 0xb3}}, @smc={0x1e, 0x40, {0xc4000053, [0x1, 0x0, 0x610, 0x9, 0x9]}}, @code={0xa, 0x6c, {"e0239dd200e0b8f2e10180d2620180d2430180d2840180d2020000d400c0631e000028d500809f0c0000029e000008d500fc200e000008d5e0a68cd200e0b0f2e10180d2a20180d2430080d2a40080d2020000d4007008d5"}}, @irq_setup={0x46, 0x18, {0x0, 0x10a}}, @msr={0x14, 0x20, {0x603000000013e289, 0x6}}, @uexit={0x0, 0x18, 0xe}, @svc={0x122, 0x40, {0x0, [0x0, 0x6, 0x10001, 0x1000000000000002, 0xb3]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x10040, 0x4, 0x4}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x2f3}}, @irq_setup={0x46, 0x18, {0x1, 0x17c}}, @hvc={0x32, 0x40, {0xc4000003, [0xd, 0x4, 0xa, 0x5, 0x1]}}, @memwrite={0x6e, 0x30, @generic={0x2, 0xc2d, 0x3, 0x6}}], 0x4f4}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0xffffffffffffffff}}], 0x20}, &(0x7f00000000c0)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x21)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2)
r13 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x100010, r12, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r13, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r12, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r14 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CREATE_DEVICE(r15, 0xc00caee0, &(0x7f0000000180)={0x8, <r16=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})

49m28.010341705s ago: executing program 3 (id=305):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x331100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000100)={0x8})
ioctl$KVM_SIGNAL_MSI(r4, 0x4020aea5, &(0x7f0000000200)={0xdddd1000, 0x0, 0xfffffffc, 0x1, 0x7})
r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffe}}, @msr={0x14, 0x20, {0x603000000013dce5, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

49m10.592383224s ago: executing program 3 (id=308):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x2, <r2=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r2, 0x4018aee3, &(0x7f00000000c0)=@attr_pmu_init) (async)
r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000200)}, &(0x7f00000006c0)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r3, 0x4018aee3, &(0x7f0000000740)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000700)=0x2})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x622401, 0x0)
ioctl$KVM_GET_API_VERSION(r4, 0xae03, 0x42)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xfffffffffffffffa)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000ffd000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000200)={0x1, 0x2, 0xeeee8000, 0x1000, &(0x7f0000f95000/0x1000)=nil}) (async, rerun: 64)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bf8000/0x400000)=nil) (rerun: 64)
syz_kvm_add_vcpu$arm64(r6, &(0x7f00000007c0)={0x0, &(0x7f0000000780)=[@mrs={0xbe, 0x18, {0x603000000013df62}}], 0x18}, &(0x7f0000000800)=[@featur1={0x1, 0x2}], 0x1)
mmap$KVM_VCPU(&(0x7f0000f51000/0x4000)=nil, 0x930, 0x1000001, 0x12, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000007, 0x4d832, 0xffffffffffffffff, 0x0) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
ioctl$KVM_INTERRUPT(r9, 0x4004ae86, &(0x7f0000000000)=0x1) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xd000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x9a502, 0x0) (async)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r11, 0x4018aee3, &(0x7f00000001c0)=@attr_other={0x0, 0x2, 0x40000000, 0x0}) (async)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x0, 0x800, &(0x7f00000002c0)=0x4})

48m22.712174438s ago: executing program 44 (id=307):
syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="7cfaa2bfd6dd76375aa1bde04fceeb33743b07d73b3e9aac", 0x0, 0xffffffffffffff94)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bde000/0x400000)=nil)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100050, &(0x7f0000000000)=0x12})
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000700)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f00000007c0)=@arm64_core={0x6030000000100046, &(0x7f0000000780)=0x6e})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x20e4586c})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r15, &(0x7f00000000c0)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0xa1}], 0x1)
r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000003, [0x99b, 0x100000003, 0x5, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r16, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0xf, 0x32, 0xffffffffffffffff, 0x0)

48m17.080802974s ago: executing program 45 (id=308):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x2, <r2=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r2, 0x4018aee3, &(0x7f00000000c0)=@attr_pmu_init) (async)
r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000200)}, &(0x7f00000006c0)=[@featur2={0x1, 0x2}], 0x1)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r3, 0x4018aee3, &(0x7f0000000740)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000700)=0x2})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x622401, 0x0)
ioctl$KVM_GET_API_VERSION(r4, 0xae03, 0x42)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xfffffffffffffffa)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000ffd000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000200)={0x1, 0x2, 0xeeee8000, 0x1000, &(0x7f0000f95000/0x1000)=nil}) (async, rerun: 64)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bf8000/0x400000)=nil) (rerun: 64)
syz_kvm_add_vcpu$arm64(r6, &(0x7f00000007c0)={0x0, &(0x7f0000000780)=[@mrs={0xbe, 0x18, {0x603000000013df62}}], 0x18}, &(0x7f0000000800)=[@featur1={0x1, 0x2}], 0x1)
mmap$KVM_VCPU(&(0x7f0000f51000/0x4000)=nil, 0x930, 0x1000001, 0x12, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000007, 0x4d832, 0xffffffffffffffff, 0x0) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
ioctl$KVM_INTERRUPT(r9, 0x4004ae86, &(0x7f0000000000)=0x1) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xd000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x9a502, 0x0) (async)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r11, 0x4018aee3, &(0x7f00000001c0)=@attr_other={0x0, 0x2, 0x40000000, 0x0}) (async)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x0, 0x800, &(0x7f00000002c0)=0x4})

40m4.451474214s ago: executing program 4 (id=309):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x4)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
write$eventfd(r5, &(0x7f00000001c0)=0x7ffffff, 0xfdef)

39m53.289132229s ago: executing program 5 (id=310):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f0000000080)={0xdf, 0x0, 0x14000})
ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f00000001c0)={0x1fe, 0x80, 0x280, 0x0})
r2 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x5)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x4, 0x160)
ioctl$KVM_S390_VCPU_FAULT(r4, 0x4008ae52, &(0x7f0000000040)=0x7)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x400a42, 0x0)

39m48.566640406s ago: executing program 4 (id=311):
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x460001, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x24)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r4, 0x4018aee3, &(0x7f0000000340)=@attr_arm64={0x0, 0x8, 0x3, 0x0})
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)

39m38.306103526s ago: executing program 5 (id=312):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r3})
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
r4 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
r7 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000240)="04198bd844c9e8a7b82d748f0f0244293d28bd9400bfc2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c3ad3c9952305abf0", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000180)={0x10000, 0x4000})
r8 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
eventfd2(0xfffffffa, 0x80001) (async)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r3}) (async)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616}) (async)
openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31) (async)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1) (async)
mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r6, 0x0) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000240)="04198bd844c9e8a7b82d748f0f0244293d28bd9400bfc2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c3ad3c9952305abf0", 0x0, 0x48) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) (async)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000180)={0x10000, 0x4000}) (async)
syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)

39m32.688290717s ago: executing program 4 (id=313):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x23)
eventfd2(0x8, 0x80000)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000003c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f00000001c0)=@arm64_sve={0x6080000000150008, 0x0})
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0x40087602, 0x1)
syz_kvm_setup_cpu$arm64(r1, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f00000001c0)=@arm64_bitmap={0x6030000000160001, &(0x7f0000000000)=0xffff})

38m50.712324728s ago: executing program 46 (id=312):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = eventfd2(0xfffffffa, 0x80001)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r3})
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616})
r4 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
r7 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r6, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000240)="04198bd844c9e8a7b82d748f0f0244293d28bd9400bfc2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c3ad3c9952305abf0", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000180)={0x10000, 0x4000})
r8 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
eventfd2(0xfffffffa, 0x80001) (async)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r3}) (async)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616}) (async)
openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x31) (async)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1) (async)
mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r6, 0x0) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000240)="04198bd844c9e8a7b82d748f0f0244293d28bd9400bfc2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c3ad3c9952305abf0", 0x0, 0x48) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) (async)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000180)={0x10000, 0x4000}) (async)
syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)

38m43.333181823s ago: executing program 47 (id=313):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x23)
eventfd2(0x8, 0x80000)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000003c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f00000001c0)=@arm64_sve={0x6080000000150008, 0x0})
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0x40087602, 0x1)
syz_kvm_setup_cpu$arm64(r1, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f00000001c0)=@arm64_bitmap={0x6030000000160001, &(0x7f0000000000)=0xffff})

29m43.462534853s ago: executing program 6 (id=321):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x4)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
write$eventfd(r5, &(0x7f00000001c0)=0x7ffffff, 0xfdef)

29m28.008926733s ago: executing program 6 (id=323):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, &(0x7f0000000100)=[@hvc={0x32, 0x40, {0x84000015, [0xf6, 0x100, 0xffffffffffffffff, 0xee24, 0xfffffffffffeffff]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil)
r4 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0)

29m13.880324397s ago: executing program 6 (id=325):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013d000, 0x8000}}], 0x20}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r8, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
r9 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013df6e, 0xfffffffffffffff8}}, @smc={0x1e, 0x40, {0x84000009, [0x3, 0x4, 0x4, 0x1, 0x3255]}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x356}}, @msr={0x14, 0x20, {0xa050000000347586, 0x8000000000000001}}, @msr={0x14, 0x20, {0x603000000013deb1, 0x10001}}, @msr={0x14, 0x20, {0x603000000013e21b, 0x7}}, @mrs={0xbe, 0x18, {0x603000000013e6d6}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x344}}, @code={0xa, 0x6c, {"000028d5000008d540cd9dd20040b8f2010180d2c20180d2e30180d2640180d2020000d4000008d560e99fd200c0b8f2410180d2220180d2630080d2c40180d2020000d4007008d5000028d50038202e000028d5007008d5"}}, @uexit={0x0, 0x18, 0xfa5}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x2f}}, @mrs={0xbe, 0x18, {0x603000000013dee3}}, @msr={0x14, 0x20, {0x2723, 0x6}}, @smc={0x1e, 0x40, {0x4000000, [0xd37, 0x6149, 0x1, 0x10000, 0x9]}}, @irq_setup={0x46, 0x18, {0x2, 0x112}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x3a6}}, @eret={0xe6, 0x18, 0x401}], 0x2a4}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

28m55.59147089s ago: executing program 6 (id=327):
syz_kvm_add_vcpu$arm64(0x0, 0x0, &(0x7f0000000300)=[@featur2={0x1, 0xb5656113b9f8541a}], 0x1)
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000180)=[@uexit={0x0, 0x18, 0xb}, @code={0xa, 0x9c, {"205f93d20020b8f2e10180d2e20080d2e30080d2a40180d2020000d4007008d5007008d5007008d560b584d200a0b0f2410180d2a20180d2e30080d2640180d2020000d40050200e0004601e007008d580d58bd200a0b0f2a10180d2c20180d2230080d2a40180d2020000d4402689d200e0b8f2c10080d2a20080d2030180d2a40180d2020000d4"}}, @msr={0x14, 0x20, {0x603000000013c647, 0x10000}}, @eret={0xe6, 0x18, 0x81}, @irq_setup={0x46, 0x18, {0x0, 0x2ef}}, @smc={0x1e, 0x40, {0x0, [0x2, 0x8, 0x8000000000000000, 0x5, 0x80000001]}}, @hvc={0x32, 0x40, {0x3, [0x0, 0xc, 0x9, 0x1be4, 0x1]}}], 0x184}, 0x0, 0x0)
r0 = eventfd2(0xfffffffa, 0x80001)
write$eventfd(r0, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f7c000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r3, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2e)

28m40.088921495s ago: executing program 7 (id=329):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000)
munmap(&(0x7f0000584000/0x800000)=nil, 0x800000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f00000002c0)={0x2, 0x0, [{0x0, 0x2, 0x1, 0x0, @adapter={0xffffffff87bdf123, 0x100, 0xfffffffffffffff9, 0x4, 0x80000001}}, {0x10000, 0x1, 0x1, 0x0, @adapter={0x7b, 0x9, 0x0, 0x443, 0x8}}]})
r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000280)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100042, &(0x7f00000000c0)})
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f00000001c0)=@arm64={0xdb, 0x8, 0x3, '\x00', 0x1})
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, <r9=>0xffffffffffffffff, 0x1})
write$eventfd(r9, &(0x7f00000001c0)=0x7ffffff, 0xfdef)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, r6, 0x1000000, 0x2010, r5, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r11, 0x4068aea3, &(0x7f00000002c0)={0xe1, 0x0, 0x10000})
r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r14 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r13, 0x4040ae79, &(0x7f0000000340)={0x1a64afb6, 0x8000000, 0x8, r14})

28m29.172288104s ago: executing program 6 (id=330):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2c)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000000)=@arm64_bitmap={0x6030000000160001, &(0x7f0000000100)=0xfffffffffffffffe}) (async)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r1, 0x4018aee3, 0x0)

28m16.55081125s ago: executing program 7 (id=331):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2000000000032)
r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000280)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000080)=@arm64_sys={0x603000000013c03a, &(0x7f00000000c0)=0x6})
ioctl$KVM_GET_STATS_FD_cpu(r5, 0xaece)
r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000040)=@arm64_bitmap={0x6030000000160000, 0x0})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200200, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
ioctl$KVM_KVMCLOCK_CTRL(r10, 0xaead)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000140)={0x4, <r11=>0xffffffffffffffff, 0x1})
write$eventfd(r11, &(0x7f0000000180), 0x8)

28m11.948258807s ago: executing program 6 (id=332):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x56}], 0x1)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_GET_STATS_FD_cpu(r4, 0xaece) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x280, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1d)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000040)={0x7, <r9=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f00000001c0)=@attr_other={0x0, 0x0, 0x5, &(0x7f0000000180)=0x4}) (async)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x8) (async)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, <r10=>0xffffffffffffffff, 0x1})
write$eventfd(r10, &(0x7f00000001c0)=0x7ffffff, 0x648)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0x80111500, 0x1fffffff) (async)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
close(r6)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x1000000) (async)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) (async)
write$eventfd(r12, &(0x7f0000000000), 0xfffffdef) (async)
munmap(&(0x7f0000008000/0x1000)=nil, 0x200000)

28m2.173053258s ago: executing program 7 (id=333):
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8521, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x20281, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_vgic_v3_setup(r1, 0x3, 0x200)
ioctl$KVM_CAP_PTP_KVM(r1, 0x4068aea3, &(0x7f0000000000))

27m52.48808446s ago: executing program 7 (id=334):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x44e500, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x31)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010002a, &(0x7f00000000c0)=0xc})
r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x110, r2, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000000000/0x400000)=nil)
ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f0000000000)=0xf4020000})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
eventfd2(0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x15)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r12, r13, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="4600000000000000180000000000000001000000a0"], 0x18}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x3f)
syz_kvm_vgic_v3_setup(r12, 0x1, 0x100)
r14 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x15)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r14, 0x4010ae68, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
ioctl$KVM_GET_STATS_FD_cpu(r13, 0xaece)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)

27m24.338549211s ago: executing program 48 (id=332):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x56}], 0x1)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_GET_STATS_FD_cpu(r4, 0xaece) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x280, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1d)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000040)={0x7, <r9=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f00000001c0)=@attr_other={0x0, 0x0, 0x5, &(0x7f0000000180)=0x4}) (async)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x8) (async)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, <r10=>0xffffffffffffffff, 0x1})
write$eventfd(r10, &(0x7f00000001c0)=0x7ffffff, 0x648)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0x80111500, 0x1fffffff) (async)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
close(r6)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x1000000) (async)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) (async)
write$eventfd(r12, &(0x7f0000000000), 0xfffffdef) (async)
munmap(&(0x7f0000008000/0x1000)=nil, 0x200000)

27m10.392521293s ago: executing program 7 (id=336):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0x80111500, 0x10000011)
close(r3)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, <r6=>0xffffffffffffffff, 0x1})
r7 = ioctl$KVM_CREATE_VM(r6, 0x894c, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xb703, 0x0)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r3, 0x4068aea3, &(0x7f00000000c0)={0xe4, 0x0, 0x9})
r8 = openat$kvm(0x0, &(0x7f0000000000), 0x800, 0x0)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x603000000010004a, &(0x7f0000000000)=0x7f1})
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0x5460, 0x0)
ioctl$KVM_CREATE_VM(r8, 0x401c5820, 0x20000000)
r10 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0x80111500, 0x20000000)
ioctl$KVM_CREATE_VM(r12, 0x541b, 0x10000000000000)

26m52.53146594s ago: executing program 7 (id=337):
r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0) (async)
r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000300)="fb4149dd033b8986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67525673312b01040000000000002627e7000000000000000200", 0x0, 0xfffffffffffffe73)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r2, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r2, 0x0)
r4 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x4, 0x11, r4, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x4, 0x11, r4, 0x0)
write$eventfd(0xffffffffffffffff, 0x0, 0x0) (async)
write$eventfd(0xffffffffffffffff, 0x0, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x38)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010002a, &(0x7f00000000c0)=0xc})
r13 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r14, 0x4020aeae, &(0x7f00000002c0)={0x5, 0x8}) (async)
ioctl$KVM_ARM_VCPU_INIT(r14, 0x4020aeae, &(0x7f00000002c0)={0x5, 0x8})
ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x3ff}) (async)
ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x3ff})
r15 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r7, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r15, 0x20, &(0x7f0000000080)="fb0149dd033be3ac4e37c4005a9614fbff67521ce16f8f09449a7a836b73312954000000000000000000000000000000000000000000000000000000dc6900", 0x0, 0x2e)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
r16 = eventfd2(0x0, 0x0)
close(r16)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40800, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40800, 0x0)

26m6.08200954s ago: executing program 49 (id=337):
r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0) (async)
r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000300)="fb4149dd033b8986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67525673312b01040000000000002627e7000000000000000200", 0x0, 0xfffffffffffffe73)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r2, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r2, 0x0)
r4 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x4, 0x11, r4, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x4, 0x11, r4, 0x0)
write$eventfd(0xffffffffffffffff, 0x0, 0x0) (async)
write$eventfd(0xffffffffffffffff, 0x0, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x38)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x603000000010002a, &(0x7f00000000c0)=0xc})
r13 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r14, 0x4020aeae, &(0x7f00000002c0)={0x5, 0x8}) (async)
ioctl$KVM_ARM_VCPU_INIT(r14, 0x4020aeae, &(0x7f00000002c0)={0x5, 0x8})
ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x3ff}) (async)
ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x3ff})
r15 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r7, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r15, 0x20, &(0x7f0000000080)="fb0149dd033be3ac4e37c4005a9614fbff67521ce16f8f09449a7a836b73312954000000000000000000000000000000000000000000000000000000dc6900", 0x0, 0x2e)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
r16 = eventfd2(0x0, 0x0)
close(r16)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40800, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40800, 0x0)

20m38.640000854s ago: executing program 8 (id=335):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x1b})
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18})
ioctl$KVM_ARM_VCPU_FINALIZE(r6, 0x4004aec2, &(0x7f0000000180)=0x4)
r7 = openat$kvm(0x0, 0x0, 0x0, 0x0)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, r8, 0x2000003, 0x11, 0xffffffffffffffff, 0x0)
r9 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000240)={0x0, &(0x7f0000000500)=[@smc={0x1e, 0x40, {0x80000000, [0x7fffffffffffffff, 0x5, 0x800, 0x7, 0x8]}}, @hvc={0x32, 0x40, {0x0, [0xffffffff00000000, 0x9, 0x3, 0xf1e, 0xd9]}}, @irq_setup={0x46, 0x18, {0x4, 0x93}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x2, 0xf, 0x2, 0x100, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe8, 0xffffffff, 0x2}}, @uexit={0x0, 0x18, 0x8000}, @code={0xa, 0x9c, {"0000229e000028d5e00498d200a0b8f2810080d2a20180d2c30180d2a40180d2020000d40000402c007008d5000008d5603785d200a0b8f2210180d2420080d2a30080d2840180d2020000d440be82d20020b0f2c10080d2620080d2e30180d2840080d2020000d4008008d5c02584d200a0b0f2410180d2820080d2e30180d2a40180d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x2, 0xf, 0x4dfe, 0x5, 0x4}}, @irq_setup={0x46, 0x18, {0x3, 0x153}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x0, 0x9, 0xe11b, 0x9, 0x3}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x371}}, @eret={0xe6, 0x18, 0x7}, @irq_setup={0x46, 0x18, {0x2, 0x3cf}}, @mrs={0xbe, 0x18, {0x603000000013c667}}, @mrs={0xbe, 0x18, {0x603000000013deb7}}, @irq_setup={0x46, 0x18, {0x3, 0x2e8}}], 0x2ac}, &(0x7f0000000280)=[@featur1={0x1, 0x4e}], 0x1)
mmap$KVM_VCPU(&(0x7f0000e55000/0x3000)=nil, r8, 0x2000000, 0x100010, r9, 0x0)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2)
r12 = syz_kvm_vgic_v3_setup(r11, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r12, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x1, 0x800000000008, &(0x7f00000004c0)=0x1})
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000100)=@arm64_sve_vls={0x606000000015ffff, &(0x7f00000000c0)=0x80000001})
r13 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_GSI_ROUTING(r13, 0x4008ae6a, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000008532e02e4de07b8008285ecab4b6b5a1000059ffffff040000000000000000000003040000006600000000000000258eab7100000000000000000000000000000000868090986e37b56857acc711561bf9b776faa6b766c521b0e319f6fbe2a6b8cbd3f3709743b33929"])
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@hvc={0x32, 0x40, {0xc4000053, [0xa, 0x2, 0xfffffffffffffa3a, 0x1000, 0x1]}}], 0x40}, 0x0, 0x0)
ioctl$KVM_RUN(r15, 0xae80, 0x0)

20m13.952022119s ago: executing program 8 (id=339):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18})
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve_vls={0x606000000015ffff, 0x0})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r5, 0x894c, 0x0)
r6 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x29)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
r10 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r9, 0x2, 0x11, r8, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)
ioctl$KVM_CHECK_EXTENSION(r12, 0xae03, 0x6)
r13 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000200)=@arm64_extra={0x603000000013c033, &(0x7f00000001c0)=0x6})
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r13, r14, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f0000000180)=@arm64_fp={0x604000000010005c, &(0x7f0000000040)=0xbd0})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r15 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)

19m56.833510244s ago: executing program 8 (id=341):
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x0, 0x3c2a1c3178cda732, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013c521, 0x8000}}], 0x20}, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x101000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae03, 0xbb)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

19m44.921102072s ago: executing program 8 (id=343):
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil)
r1 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000140)={0x0, &(0x7f0000000000)=[@code={0xa, 0x84, {"000028d5007008d500b297d20020b0f2c10080d2020080d2630180d2040080d2020000d4000080f900d0000fe003005a80dc96d200a0b8f2410080d2820180d2230180d2040180d2020000d4804996d20000b8f2210080d2620080d2030180d2240180d2020000d4007008d5000028d5"}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x73}}, @svc={0x122, 0x40, {0xc400000c, [0x200, 0x2, 0x1, 0x7, 0x8]}}, @eret={0xe6, 0x18, 0x2}], 0x104}, &(0x7f0000000180)=[@featur1={0x1, 0x4}], 0x1)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3b)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f00000001c0)={0x6, 0xffffffffffffffff, 0x1})
r3 = syz_kvm_vgic_v3_setup(r2, 0x4, 0x140)
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x2, 0x3, &(0x7f0000000200)=0x7})
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f00000002c0)=@attr_other={0x0, 0xfffffffd, 0x800, &(0x7f0000000280)=0x80000001})
munmap(&(0x7f0000f5c000/0x3000)=nil, 0x3000)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r2, 0x4068aea3, &(0x7f0000000300)={0xa8, 0x0, 0x2})
r4 = ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, &(0x7f0000000380))
ioctl$KVM_SET_USER_MEMORY_REGION2(r2, 0x40a0ae49, &(0x7f00000003c0)={0x0, 0x0, 0xdddd0000, 0x2000, &(0x7f0000ca9000/0x2000)=nil, 0x5, r4})
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r2, 0x4010ae74, &(0x7f0000000480)={0xdb, 0x1, 0x1})
ioctl$KVM_GET_ONE_REG(r1, 0x4010aeab, &(0x7f0000000500)=@arm64_sys={0x603000000013c010, &(0x7f00000004c0)=0x6})
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ea5000/0x1000)=nil, r5, 0x8, 0x10, r1, 0x0)
ioctl$KVM_CLEAR_DIRTY_LOG(r2, 0xc018aec0, &(0x7f0000000940)={0x1ff, 0x140, 0x100, &(0x7f0000000540)=[0xe, 0x5, 0x2, 0x0, 0x0, 0x3, 0x0, 0x4, 0x96, 0x7, 0x1000, 0x3, 0x1, 0x3, 0x4, 0x1, 0x3, 0x5, 0x1200000000, 0x9, 0x100000001, 0x6, 0x5, 0x81, 0x0, 0x8, 0x9, 0xa5, 0x80000000, 0xfffffffffffffff8, 0x0, 0x7, 0x4, 0x1, 0xbcc7, 0x5, 0x7, 0x9, 0x6, 0x5, 0x1731ba45, 0x9, 0xc76, 0x2, 0x4, 0x9, 0x3, 0x12000000000000, 0x5, 0x3ff, 0x9, 0xe0, 0x100000001, 0xffffffff, 0x81, 0x9, 0x7b7, 0x3, 0x400, 0x4, 0xffffffffffffff52, 0x7, 0x1ff, 0x6, 0x4, 0x10001, 0x3, 0x5, 0x8, 0x9, 0x8, 0x80000001, 0xffffffff, 0x1, 0x7fffffffffffffff, 0xfc8, 0x7, 0x5, 0x7fffffffffffffff, 0x0, 0x3, 0x4, 0x1, 0x6, 0x8, 0x0, 0x9, 0x3, 0x10001, 0x4, 0x4, 0x7, 0x82b1, 0x3, 0xfe30, 0x6, 0x7, 0x7f, 0x5, 0xc, 0x7, 0xfffffffffffeffff, 0x7, 0x628a, 0x0, 0x4, 0x0, 0x7, 0xba4, 0xc414, 0x8, 0x0, 0x200, 0x7cf, 0x1, 0xd, 0x5, 0x7, 0xfcc8, 0xe415, 0x3, 0x100, 0x9, 0x8000, 0x200, 0xf66, 0x1, 0x6]})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000980)={0x1, 0x2, 0x80a0000, 0x1000, &(0x7f0000dfc000/0x1000)=nil})
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f00000009c0)={0x5, 0x0, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_CAP_HALT_POLL(r2, 0x4068aea3, &(0x7f0000000a00)={0xb6, 0x0, 0xffffffffffff8000})
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3b)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r7 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xf)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r7, 0x4068aea3, &(0x7f0000000a80))
ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000000b00)={0x1, 0x4ba})
r8 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x35)
ioctl$KVM_IRQ_LINE_STATUS(r8, 0xc008ae67, &(0x7f0000000b40)={0x1, 0x26})
r9 = eventfd2(0xa, 0x80000)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000b80)={0x4, 0x5000, 0x1, r9, 0x8})

19m34.644219531s ago: executing program 8 (id=344):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xc, 0x6243, 0x4}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000100), 0x200080, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0xfffffffffffffffd)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_vgic_v3_setup(r6, 0x2, 0x220)
ioctl$KVM_IRQ_LINE(r6, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
r12 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r11, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r11, 0x0)
r13 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, 0xffffffffffffffff, 0x3})
ioctl$KVM_CREATE_VM(r13, 0x401c5820, 0x200)
ioctl$KVM_IRQ_LINE_STATUS(r8, 0xc008ae67, 0x0)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x462000, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x30)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r15, 0x4018aee3, 0xffffffffffffffff)

18m45.772268768s ago: executing program 50 (id=344):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xc, 0x6243, 0x4}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x1, 0x100)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000100), 0x200080, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0xfffffffffffffffd)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_vgic_v3_setup(r6, 0x2, 0x220)
ioctl$KVM_IRQ_LINE(r6, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
r12 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r11, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r11, 0x0)
r13 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x1, 0xffffffffffffffff, 0x3})
ioctl$KVM_CREATE_VM(r13, 0x401c5820, 0x200)
ioctl$KVM_IRQ_LINE_STATUS(r8, 0xc008ae67, 0x0)
r14 = openat$kvm(0x0, &(0x7f0000000040), 0x462000, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x30)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r15, 0x4018aee3, 0xffffffffffffffff)

10m7.862543924s ago: executing program 9 (id=397):
munmap(&(0x7f0000db4000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ca3000/0x1000)=nil, 0x1000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x81)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x1000000)
r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0x80111500, 0x20000000)
r6 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0xc4000003, [0x664b7dee, 0x939, 0xe, 0x7f, 0x4]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1)
r7 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
r10 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r9, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000002c0)="c4a29ea6ab8031e4dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb207000000000000000000000001000000000000000300", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0)
r11 = eventfd2(0xd, 0x1)
close(r11)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
write$eventfd(r11, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f00005fa000/0x3000)=nil, 0x0, 0x7000007, 0x100010, r6, 0x0)
close(0xffffffffffffffff)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000)

9m58.437934132s ago: executing program 0 (id=398):
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x300000c, 0x4f832, 0xffffffffffffffff, 0x1000000)
openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x300000c, 0x4f832, 0xffffffffffffffff, 0x1000000) (async)
openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) (async)

9m53.944068453s ago: executing program 9 (id=399):
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x3000)=nil, r1, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0xdc032, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0xdc032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x2a040, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xd8) (async)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xd8)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)

9m50.843216384s ago: executing program 0 (id=400):
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0xc3033, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, &(0x7f0000000300)=[@smc={0x1e, 0x40, {0xc4000003, [0x1, 0x100000001, 0x43, 0x8, 0x9]}}, @irq_setup={0x46, 0x18, {0x4, 0x2fa}}, @svc={0x122, 0x40, {0x84000002, [0x8, 0xa58d, 0x40, 0x9]}}, @mrs={0xbe, 0x18, {0x6030000000138032}}, @eret={0xe6, 0x18, 0x3}, @msr={0x14, 0x20, {0x603000000013f100, 0x6}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x3d}}, @smc={0x1e, 0x40, {0x8400000c, [0x7, 0x7fff, 0x7, 0x0, 0x4]}}, @eret={0xe6, 0x18, 0x2}, @uexit={0x0, 0x18, 0x3}, @smc={0x1e, 0x40, {0x1000000, [0x4, 0x8, 0xfff, 0xe]}}, @smc={0x1e, 0x40, {0x5000000, [0x1, 0x2, 0x1ff, 0x1, 0xbc]}}, @eret={0xe6, 0x18, 0x8000000000000001}, @msr={0x14, 0x20, {0x603000000013e846, 0x2}}, @svc={0x122, 0x40, {0x84000014, [0x1, 0xf60d, 0x6, 0xc, 0x9]}}, @msr={0x14, 0x20, {0x603000000013e65b}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x200, 0x0, 0x6}}, @smc={0x1e, 0x40, {0xc4000005, [0x5, 0x2, 0x4, 0x7]}}, @code={0xa, 0x84, {"000028d500a0bf0d000008d50060002f0090807f805c84d200a0b8f2010180d2620080d2a30180d2040180d2020000d4209d8cd20020b8f2410080d2c20180d2430180d2040080d2020000d40098210ee0ba8fd20060b0f2610080d2620180d2630180d2640080d2020000d40060204e"}}, @uexit={0x0, 0x18, 0x4}, @hvc={0x32, 0x40, {0xa9e17ae0557da9bb, [0x4, 0x8, 0xffffffffffffffff, 0x3, 0x5]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x40, 0x6, 0x1e}}, @svc={0x122, 0x40, {0x8400000b, [0x400, 0x9, 0x9, 0xcff, 0x3]}}, @svc={0x122, 0x40, {0x32000000, [0x9, 0x2, 0x7, 0x401, 0x4]}}, @svc={0x122, 0x40, {0x86000000, [0x8, 0x7, 0x4, 0xfffffffffffffffd, 0xe]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x280, 0x7}}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x26f}}, @mrs={0xbe, 0x18, {0x603000000013df56}}, @uexit={0x0, 0x18, 0x6}, @eret={0xe6, 0x18, 0x7}, @eret={0xe6, 0x18, 0x9}], 0x58c}, &(0x7f0000000100)=[@featur2={0x1, 0x10}], 0x1)
ioctl$KVM_SET_REGS(r1, 0x4360ae82, &(0x7f0000000140)={[0x1, 0x4, 0x13, 0x9, 0x156, 0x1000, 0x5, 0x183, 0x4, 0x1, 0x9, 0x100000001, 0x1, 0x3, 0xfffffffffffffffd, 0x8000000000000001], 0x10000, 0x40})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000000)={0x7})
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000})
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f00000000c0)={0x8})
ioctl$KVM_SIGNAL_MSI(r2, 0x4020aea5, &(0x7f0000000000)={0x1fff, 0x0, 0x0, 0x1, 0xda})

9m46.571646561s ago: executing program 9 (id=401):
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x6832, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) (async)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async)
r0 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@msr={0x14, 0x20, {0x603000000013c65d, 0xf}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000003000/0x2000)=nil, r0, 0xa, 0x10, r4, 0x0)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)

9m41.854339105s ago: executing program 0 (id=402):
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f000000f000/0x3000)=nil, 0x3000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0xfffffffffffffffe)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r4, 0x4018aee2, &(0x7f0000000140)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0})
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000f06000/0x3000)=nil, r5, 0x1, 0x13, r4, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ec2000/0x3000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000040)={0x1fd, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$arm64(r2, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f00000000c0)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_KVMCLOCK_CTRL(r4, 0xaead)
r7 = eventfd2(0x2, 0x80000)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000080)={0x1000, 0x10000, 0x2, r7, 0xf})
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0)

9m38.395389075s ago: executing program 9 (id=403):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x2, 0x100)
r7 = eventfd2(0x1, 0x80001)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000000)={r7, 0x3})
ioctl$KVM_IRQ_LINE(r4, 0x4008ae61, &(0x7f0000000180)={0x1010020, 0x1})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, &(0x7f00000009c0)=[@hvc={0x32, 0x40, {0xc4000004, [0x4, 0x6, 0x8000000000000000, 0x427f, 0x400003]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1)
r8 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, &(0x7f0000000040)=[@msr={0x14, 0x20, {0x6030000000138036, 0x6}}, @uexit={0x0, 0x18, 0x6}, @uexit={0x0, 0x18, 0x7}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x4, 0x5, 0x3, 0x4, 0x3}}, @hvc={0x32, 0x40, {0x84000005, [0x6, 0x3, 0x401, 0x8, 0x8]}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x3, 0xa, 0x0, 0x8}}, @msr={0x14, 0x20, {0x603000000013e718, 0x4}}], 0x100}, &(0x7f0000000180)=[@featur1={0x1, 0x2}], 0x1)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

9m29.855013147s ago: executing program 0 (id=404):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000300)=[@mrs={0xbe, 0x18, {0x603000000013c298}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x1, 0x140) (async)
ioctl$KVM_SIGNAL_MSI(r5, 0x4020aea5, &(0x7f0000000200)={0x8090040, 0x0, 0x0, 0x1})

9m24.495495839s ago: executing program 9 (id=405):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x8, <r2=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000000180)=@attr_arm64={0x0, 0x4, 0x2, &(0x7f0000000080)=0xd450})
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, <r6=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r6, 0x400454d1, 0x110c230000) (async)
r7 = openat$kvm(0x0, 0x0, 0x60c000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) (async)
r9 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) (async)
r10 = openat$kvm(0x0, 0x0, 0x0, 0x0)
r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, r11, 0x2000003, 0x11, 0xffffffffffffffff, 0x0) (async)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r15 = syz_kvm_vgic_v3_setup(r13, 0x3, 0xa0)
ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x1, 0x4, &(0x7f0000000000)=0x4}) (async)
r16 = openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0) (async)
r17 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r17, 0xae01, 0x0)

9m18.695014498s ago: executing program 0 (id=406):
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) (async)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) (async)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f00000001c0)=@arm64_core={0x603000000010001e, &(0x7f0000000180)=0x2})
ioctl$KVM_ASSIGN_SET_MSIX_NR(r3, 0x4008ae73, &(0x7f0000000040)={0x2, 0xf})
ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000000000)={0x10004, 0x0, &(0x7f0000d03000/0x1000)=nil})

9m7.880119732s ago: executing program 9 (id=407):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bff000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x8}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x5, 0xfffffffe, 0x0, 0x0, 0x79}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013c006, &(0x7f0000000040)=0xffffffffffffffff})
r12 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100024, &(0x7f0000000140)=0x8000007})
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r16 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r15, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, r16, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x0, 0x80031, r12, 0x0)
r17 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r17, 0xc00caee0, &(0x7f0000000140)={0x4, <r18=>0xffffffffffffffff, 0x1})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r18, 0x400454d0, 0x7ffffffe)

9m5.573736258s ago: executing program 0 (id=408):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e) (async, rerun: 32)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async, rerun: 32)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x17})

8m20.842875503s ago: executing program 51 (id=407):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bff000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x8}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x5, 0xfffffffe, 0x0, 0x0, 0x79}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013c006, &(0x7f0000000040)=0xffffffffffffffff})
r12 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100024, &(0x7f0000000140)=0x8000007})
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r16 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r15, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, r16, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x0, 0x80031, r12, 0x0)
r17 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r17, 0xc00caee0, &(0x7f0000000140)={0x4, <r18=>0xffffffffffffffff, 0x1})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r18, 0x400454d0, 0x7ffffffe)

8m15.771263083s ago: executing program 52 (id=408):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e) (async, rerun: 32)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async, rerun: 32)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x17})

1m51.430905353s ago: executing program 2 (id=416):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0xc0189436, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, <r2=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r2, 0x400454cb, 0x2f) (async)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) (async)
r5 = syz_kvm_vgic_v3_setup(r4, 0x1, 0x40)
ioctl$KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x1, 0x800000000008, &(0x7f00000004c0)=0x1})
r6 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100014, &(0x7f00000000c0)=0x7ff})

1m12.910022756s ago: executing program 1 (id=417):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x0, 0x200000000000001}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x2, 0x9}}], 0x50}, 0x0, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x4, 0xa, 0x3, 0x1ff}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, <r12=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000000380)={0x20000135})
r13 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil)
r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r16, 0x4010aeac, &(0x7f0000000040)=@arm64_fw={0x6030000000160003, &(0x7f0000000000)=0x8})
ioctl$KVM_GET_STATS_FD_cpu(r16, 0xaece)
syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000000)={0x0, &(0x7f0000000440)=[@irq_setup={0x46, 0x18, {0x1, 0x23b}}, @irq_setup={0x46, 0x18, {0x0, 0x186}}, @mrs={0xbe, 0x18, {0x603000000013dead}}, @svc={0x122, 0x40, {0xc4000001, [0x3ffc00000, 0xfffffffffffffff6, 0xd02, 0x2]}}, @msr={0x14, 0x20, {0x603000000013e682, 0x2}}, @msr={0x14, 0x20, {0x603000000013e6df, 0x6}}, @irq_setup={0x46, 0x18, {0x3, 0x219}}, @uexit={0x0, 0x18, 0x1}, @svc={0x122, 0x40, {0x84000014, [0x1, 0xfffffffffffffff7, 0xffff, 0x2, 0xad9d]}}, @uexit={0x0, 0x18, 0x9}], 0x150}, &(0x7f0000000400)=[@featur1={0x1, 0xc}], 0x1)

1m12.128702798s ago: executing program 2 (id=418):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x3, 0x1000, 0x40000000, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
r4 = eventfd2(0x1, 0x80801)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000240)={0x1, 0x1, 0x4, r4, 0x3})
r5 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f0000000280)=@attr_arm64={0x0, 0x8, 0x4, &(0x7f0000000040)=0x1})
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000040)={0x8})

58.166349663s ago: executing program 2 (id=419):
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, 0x0}, &(0x7f00000002c0)=[@featur2={0x1, 0xd32d117d2ef84631}], 0x1)
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300), 0x1)
r5 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000040)=0xe7})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000080)=0x30})
mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x1000000, 0x100010, 0xffffffffffffffff, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_vgic_v3_setup(r7, 0x1, 0x340)
ioctl$KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f0000000080)=@attr_arm64={0x0, 0x4, 0x1, &(0x7f00000001c0)=0x7})
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, r3, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x3, 0x0, &(0x7f0000000200)=0x7})
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, r3, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)

57.158094409s ago: executing program 1 (id=420):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x12002, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x2, 0x2, 0x7c}}], 0x28}, 0x0, 0x0)
r4 = syz_kvm_vgic_v3_setup(r1, 0xffffffffffbffffc, 0x120)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000240)={0x1fe, 0x3, 0xffff1000, 0x1000, &(0x7f00004bf000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f00000000c0)={0x2, 0x3, 0x100000, 0x2000, &(0x7f000000f000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xcccc0000, 0x1000, &(0x7f0000f15000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000200)={0x1fd, 0x0, 0xeeee0000, 0x1000, &(0x7f0000ffd000/0x1000)=nil})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000100)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f00000001c0)=@attr_arm64={0x0, 0x1, 0x0, 0x0})
r10 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000fff000/0x1000)=nil})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x5, 0x0, &(0x7f0000000000)=0x6})

43.671117023s ago: executing program 2 (id=421):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f00000003c0)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x0, 0xf, 0x2}}], 0x30}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
r4 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f00000003c0)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x0, 0xf, 0x2}}], 0x30}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)

42.402662116s ago: executing program 1 (id=422):
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000100)={0x1000020, 0x1})
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r2, &(0x7f0000a9b000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000280)=[@svc={0x122, 0x40, {0x84000009, [0xa25, 0x100000000, 0x7fffffffffffffff, 0x8, 0x8]}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x0, 0xa, 0x0, 0x2, 0x2}}], 0x68}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0)

29.938213343s ago: executing program 2 (id=423):
r0 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, r0, 0x0, 0x810, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2c)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2d)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f00000002c0)=@arm64_core={0x6030000000100002, &(0x7f0000000240)})
r8 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r9 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000000)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x190}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x88, 0x1, 0x7}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x40, 0x9, 0x3}}, @svc={0x122, 0x40, {0x30000000, [0x4, 0x4, 0x4, 0x0, 0x2]}}, @smc={0x1e, 0x40, {0x84000013, [0xfe, 0xffffffffffffffff, 0x7, 0x7]}}, @eret={0xe6, 0x18, 0xfffffffffffffff7}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x8, 0x9, 0x1}}], 0x140}, &(0x7f0000000200)=[@featur1={0x1, 0x28}], 0x1)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000040)=@arm64_sve={0x6080000000150100, &(0x7f0000000280)})
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)

28.768374345s ago: executing program 1 (id=424):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1e)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
ioctl$KVM_CREATE_VM(r5, 0x8927, 0x110c230020)
r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000300)={0x0, &(0x7f0000000480)=[@smc={0x1e, 0x40, {0xc4000012, [0x8, 0x939, 0xe, 0x7f, 0xd]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

14.480942923s ago: executing program 1 (id=425):
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x20100, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x20100, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = mmap$KVM_VCPU(&(0x7f0000ec3000/0x3000)=nil, 0x0, 0x0, 0x11, r2, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r2, 0xc040aed5, &(0x7f0000000140)={0xffff1000})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) (async)
r6 = syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r5, 0x4, 0x220) (async)
r7 = syz_kvm_vgic_v3_setup(r5, 0x4, 0x220)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(r7, 0x4018aee3, &(0x7f0000000240)=@attr_arm64={0x0, 0x5, 0x3, 0x0})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x5) (async)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x5)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) (async)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, r12, 0x2000003, 0x11, r10, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x2000)=nil, r12, 0x2000009, 0x11, r10, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000009000/0x2000)=nil, r12, 0x2000009, 0x11, r10, 0x0)
r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x1800002, 0x11, r15, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r15, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)

12.206296801s ago: executing program 2 (id=426):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2d)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_REGISTER_COALESCED_MMIO(r8, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a82616})
r9 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r10 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000080)={0x4, 0x80a, 0x1}})
r11 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r2, r11, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="4600000000000000180000000000000001000000a0"], 0x18}], 0x1, 0x0, 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x13)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x10000, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x44, 0x100)
r13 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x5)
ioctl$KVM_IRQ_LINE_STATUS(r12, 0xc008ae67, &(0x7f0000000000)={0x1, 0x2})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r13, 0x4010ae68, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_GET_STATS_FD_cpu(r11, 0xaece)

0s ago: executing program 1 (id=427):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0x5451, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000040)=@arm64_fw={0x6030000000140000, &(0x7f0000000000)=0x10003})
r7 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f00000002c0)=@arm64_sys={0x603000000013df19, &(0x7f0000000280)=0x1})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
close(r10)
ioctl$KVM_CREATE_VM(r11, 0x400454d4, 0x22)

kernel console output (not intermixed with test programs):

[  383.371666][ T3156] 8021q: adding VLAN 0 to HW filter on device bond0
[  416.596158][ T3156] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:4970' (ED25519) to the list of known hosts.
[  595.613625][   T25] audit: type=1400 audit(594.820:61): avc:  denied  { name_bind } for  pid=3313 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  596.595175][   T25] audit: type=1400 audit(595.810:62): avc:  denied  { execute } for  pid=3314 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  596.615055][   T25] audit: type=1400 audit(595.830:63): avc:  denied  { execute_no_trans } for  pid=3314 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  620.046205][   T25] audit: type=1400 audit(619.260:64): avc:  denied  { mounton } for  pid=3314 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  620.081113][   T25] audit: type=1400 audit(619.290:65): avc:  denied  { mount } for  pid=3314 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  620.161903][ T3314] cgroup: Unknown subsys name 'net'
[  620.211391][   T25] audit: type=1400 audit(619.430:66): avc:  denied  { unmount } for  pid=3314 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  620.607828][ T3314] cgroup: Unknown subsys name 'cpuset'
[  620.707288][ T3314] cgroup: Unknown subsys name 'rlimit'
[  621.607495][   T25] audit: type=1400 audit(620.820:67): avc:  denied  { setattr } for  pid=3314 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  621.626328][   T25] audit: type=1400 audit(620.840:68): avc:  denied  { mounton } for  pid=3314 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  621.654472][   T25] audit: type=1400 audit(620.860:69): avc:  denied  { mount } for  pid=3314 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  622.833814][ T3317] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  622.862615][   T25] audit: type=1400 audit(622.070:70): avc:  denied  { relabelto } for  pid=3317 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  622.914700][   T25] audit: type=1400 audit(622.130:71): avc:  denied  { write } for  pid=3317 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  623.091362][   T25] audit: type=1400 audit(622.300:72): avc:  denied  { read } for  pid=3314 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  623.105933][   T25] audit: type=1400 audit(622.320:73): avc:  denied  { open } for  pid=3314 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  623.157218][ T3314] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  673.992232][   T25] audit: type=1400 audit(673.210:74): avc:  denied  { execmem } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  678.363622][   T25] audit: type=1400 audit(677.580:75): avc:  denied  { read } for  pid=3320 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  678.401488][   T25] audit: type=1400 audit(677.600:76): avc:  denied  { open } for  pid=3320 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  678.473925][   T25] audit: type=1400 audit(677.690:77): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  678.746946][   T25] audit: type=1400 audit(677.960:78): avc:  denied  { module_request } for  pid=3320 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  679.867362][   T25] audit: type=1400 audit(679.080:79): avc:  denied  { sys_module } for  pid=3320 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  707.927265][ T3320] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  708.117142][ T3320] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  710.036012][ T3321] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  710.203178][ T3321] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  721.292214][ T3320] hsr_slave_0: entered promiscuous mode
[  721.343488][ T3320] hsr_slave_1: entered promiscuous mode
[  722.981941][ T3321] hsr_slave_0: entered promiscuous mode
[  723.006031][ T3321] hsr_slave_1: entered promiscuous mode
[  723.024838][ T3321] debugfs: 'hsr0' already exists in 'hsr'
[  723.034957][ T3321] Cannot create hsr debugfs directory
[  728.032762][   T25] audit: type=1400 audit(727.240:80): avc:  denied  { create } for  pid=3320 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  728.060101][   T25] audit: type=1400 audit(727.270:81): avc:  denied  { write } for  pid=3320 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  728.121394][   T25] audit: type=1400 audit(727.330:82): avc:  denied  { read } for  pid=3320 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  728.362162][ T3320] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  728.647092][ T3320] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  728.937655][ T3320] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  729.279228][ T3320] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  730.773799][ T3321] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  730.972217][ T3321] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  731.165509][ T3321] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  731.396567][ T3321] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  743.773236][ T3320] 8021q: adding VLAN 0 to HW filter on device bond0
[  746.281658][ T3321] 8021q: adding VLAN 0 to HW filter on device bond0
[  801.884601][ T3320] veth0_vlan: entered promiscuous mode
[  802.302134][ T3320] veth1_vlan: entered promiscuous mode
[  804.324391][ T3320] veth0_macvtap: entered promiscuous mode
[  804.552059][ T3321] veth0_vlan: entered promiscuous mode
[  804.696448][ T3320] veth1_macvtap: entered promiscuous mode
[  805.411742][ T3321] veth1_vlan: entered promiscuous mode
[  807.287618][ T3425] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  807.312416][ T3425] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  807.324183][ T3425] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  807.346342][ T3425] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  808.222926][ T3321] veth0_macvtap: entered promiscuous mode
[  808.881577][ T3321] veth1_macvtap: entered promiscuous mode
[  809.651613][   T25] audit: type=1400 audit(808.860:83): avc:  denied  { mount } for  pid=3320 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  809.832507][   T25] audit: type=1400 audit(809.010:84): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/syzkaller.P2o8TW/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  810.184017][   T25] audit: type=1400 audit(809.380:85): avc:  denied  { mount } for  pid=3320 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  810.595832][   T25] audit: type=1400 audit(809.800:86): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/syzkaller.P2o8TW/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  810.739708][   T25] audit: type=1400 audit(809.910:87): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/syzkaller.P2o8TW/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3760 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  811.356129][   T25] audit: type=1400 audit(810.570:88): avc:  denied  { unmount } for  pid=3320 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  811.366272][ T3285] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  811.392767][ T3285] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  811.404662][ T3285] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  811.414026][ T3285] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  811.599705][   T25] audit: type=1400 audit(810.810:89): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  811.764674][   T25] audit: type=1400 audit(810.920:90): avc:  denied  { mount } for  pid=3320 comm="syz-executor" name="/" dev="gadgetfs" ino=3769 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  812.257809][   T25] audit: type=1400 audit(811.470:91): avc:  denied  { mount } for  pid=3320 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  812.363738][   T25] audit: type=1400 audit(811.560:92): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  813.832606][ T3320] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  814.802415][   T25] kauditd_printk_skb: 1 callbacks suppressed
[  814.807436][   T25] audit: type=1400 audit(813.980:94): avc:  denied  { read write } for  pid=3320 comm="syz-executor" name="loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  814.854827][   T25] audit: type=1400 audit(814.070:95): avc:  denied  { open } for  pid=3320 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  814.900209][   T25] audit: type=1400 audit(814.110:96): avc:  denied  { ioctl } for  pid=3320 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  826.456083][   T25] audit: type=1400 audit(825.650:97): avc:  denied  { read } for  pid=3472 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  826.457276][   T25] audit: type=1400 audit(825.670:98): avc:  denied  { open } for  pid=3472 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  826.609761][   T25] audit: type=1400 audit(825.810:99): avc:  denied  { ioctl } for  pid=3472 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  843.434559][   T25] audit: type=1400 audit(842.550:100): avc:  denied  { execute } for  pid=3481 comm="syz.0.3" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4033 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  860.256795][   T25] audit: type=1400 audit(859.470:101): avc:  denied  { write } for  pid=3493 comm="syz.1.8" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  967.923051][   T25] audit: type=1400 audit(967.130:102): avc:  denied  { ioctl } for  pid=3563 comm="syz.1.26" path="net:[4026532625]" dev="nsfs" ino=4026532625 ioctlcmd=0xb702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  973.556953][   T25] audit: type=1400 audit(972.770:103): avc:  denied  { append } for  pid=3570 comm="syz.0.28" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  982.694507][   T25] audit: type=1400 audit(981.910:104): avc:  denied  { setattr } for  pid=3572 comm="syz.1.29" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1090.330467][ T3632] kvm [3632]: Failed to find VMA for hva 0x20de0000
[ 1197.251801][   T25] audit: type=1400 audit(1196.460:105): avc:  denied  { map } for  pid=3693 comm="syz.0.64" path="/" dev="tmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 1234.660041][ T3718] kvm [3718]: Failed to find VMA for hva 0x20dbc000
[ 1353.023597][ T3770] kvm [3770]: Failed to find VMA for hva 0x21016000
[ 1461.312923][ T2112] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1462.154590][ T2112] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1463.216189][ T2112] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1464.201980][ T2112] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1475.787777][ T2112] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1475.882987][ T2112] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1475.941287][ T2112] bond0 (unregistering): Released all slaves
[ 1477.282178][ T2112] hsr_slave_0: left promiscuous mode
[ 1477.324564][ T2112] hsr_slave_1: left promiscuous mode
[ 1477.604496][ T2112] veth1_macvtap: left promiscuous mode
[ 1477.615087][ T2112] veth0_macvtap: left promiscuous mode
[ 1477.631662][ T2112] veth1_vlan: left promiscuous mode
[ 1477.641344][ T2112] veth0_vlan: left promiscuous mode
[ 1496.966194][ T3790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1497.795369][ T3790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1501.125454][ T2112] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1502.257464][ T2112] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1503.352540][ T2112] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1504.469920][ T2112] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1517.291119][ T2112] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1517.366455][ T2112] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1517.440524][ T2112] bond0 (unregistering): Released all slaves
[ 1519.421812][ T2112] hsr_slave_0: left promiscuous mode
[ 1519.462529][ T2112] hsr_slave_1: left promiscuous mode
[ 1519.747012][ T2112] veth1_macvtap: left promiscuous mode
[ 1519.810530][ T2112] veth0_macvtap: left promiscuous mode
[ 1519.814809][ T2112] veth1_vlan: left promiscuous mode
[ 1519.840499][ T2112] veth0_vlan: left promiscuous mode
[ 1529.762168][ T3798] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1530.045182][ T3798] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1540.544777][ T3790] hsr_slave_0: entered promiscuous mode
[ 1540.586248][ T3790] hsr_slave_1: entered promiscuous mode
[ 1554.443602][ T3798] hsr_slave_0: entered promiscuous mode
[ 1554.475548][ T3798] hsr_slave_1: entered promiscuous mode
[ 1554.497872][ T3798] debugfs: 'hsr0' already exists in 'hsr'
[ 1554.517770][ T3798] Cannot create hsr debugfs directory
[ 1557.821725][ T3790] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1558.210582][ T3790] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1558.590868][ T3790] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1559.004950][ T3790] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1568.867341][ T3798] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1569.164720][ T3798] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1569.403402][ T3798] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1569.701207][ T3798] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1583.594704][ T3790] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1591.593263][ T3798] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1678.426988][ T3790] veth0_vlan: entered promiscuous mode
[ 1679.524661][ T3790] veth1_vlan: entered promiscuous mode
[ 1682.453245][ T3790] veth0_macvtap: entered promiscuous mode
[ 1683.007801][ T3790] veth1_macvtap: entered promiscuous mode
[ 1686.167606][ T3801] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1686.181231][ T3801] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1686.299928][ T3801] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1686.301110][ T3801] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1690.267159][ T3798] veth0_vlan: entered promiscuous mode
[ 1692.134153][ T3798] veth1_vlan: entered promiscuous mode
[ 1695.303395][ T3798] veth0_macvtap: entered promiscuous mode
[ 1695.755139][ T3798] veth1_macvtap: entered promiscuous mode
[ 1699.036301][ T2112] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1699.050958][ T2112] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1699.137980][ T3359] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1699.172850][ T3359] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1877.404418][ T3801] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1879.154198][ T3801] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1881.022246][ T3801] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1882.595898][ T3801] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1907.903085][ T3801] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1908.316831][ T3801] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1908.682168][ T3801] bond0 (unregistering): Released all slaves
[ 1911.565438][ T3801] hsr_slave_0: left promiscuous mode
[ 1911.760883][ T3801] hsr_slave_1: left promiscuous mode
[ 1912.539215][ T3801] veth1_macvtap: left promiscuous mode
[ 1912.540602][ T3801] veth0_macvtap: left promiscuous mode
[ 1912.551873][ T3801] veth1_vlan: left promiscuous mode
[ 1912.584710][ T3801] veth0_vlan: left promiscuous mode
[ 2005.555473][ T4116] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2005.943854][ T4116] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2042.285412][ T4116] hsr_slave_0: entered promiscuous mode
[ 2042.420504][ T4116] hsr_slave_1: entered promiscuous mode
[ 2042.484068][ T4116] debugfs: 'hsr0' already exists in 'hsr'
[ 2042.492298][ T4116] Cannot create hsr debugfs directory
[ 2058.847291][ T4116] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2059.310654][ T4116] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2059.536858][ T4116] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2059.875326][ T4116] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2091.786209][ T4116] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2098.444877][   T49] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2100.590002][   T49] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2102.373518][   T49] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2103.971848][   T49] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2125.331639][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2125.514603][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2125.773230][   T49] bond0 (unregistering): Released all slaves
[ 2128.989745][   T49] hsr_slave_0: left promiscuous mode
[ 2129.080792][   T49] hsr_slave_1: left promiscuous mode
[ 2129.931129][   T49] veth1_macvtap: left promiscuous mode
[ 2129.990491][   T49] veth0_macvtap: left promiscuous mode
[ 2129.997574][   T49] veth1_vlan: left promiscuous mode
[ 2130.031224][   T49] veth0_vlan: left promiscuous mode
[ 2193.964787][ T4249] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2194.186061][ T4249] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2227.194766][ T4249] hsr_slave_0: entered promiscuous mode
[ 2227.274442][ T4249] hsr_slave_1: entered promiscuous mode
[ 2244.005791][ T4249] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2244.422332][ T4249] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2244.685044][ T4249] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2245.056194][ T4249] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2250.951868][ T4116] veth0_vlan: entered promiscuous mode
[ 2251.833232][ T4116] veth1_vlan: entered promiscuous mode
[ 2254.961010][ T4116] veth0_macvtap: entered promiscuous mode
[ 2255.473023][ T4116] veth1_macvtap: entered promiscuous mode
[ 2258.544944][ T3801] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2258.546582][ T3801] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2258.547679][ T3801] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2258.549227][ T3801] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2280.104695][ T4249] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2364.744127][ T3935] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2366.764154][ T3935] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2368.594971][ T3935] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2370.522828][ T3935] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2391.994922][ T3935] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2392.201971][ T3935] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2392.422334][ T3935] bond0 (unregistering): Released all slaves
[ 2396.150491][ T3935] hsr_slave_0: left promiscuous mode
[ 2396.253044][ T3935] hsr_slave_1: left promiscuous mode
[ 2397.151966][ T3935] veth1_macvtap: left promiscuous mode
[ 2397.153317][ T3935] veth0_macvtap: left promiscuous mode
[ 2397.191523][ T3935] veth1_vlan: left promiscuous mode
[ 2397.211381][ T3935] veth0_vlan: left promiscuous mode
[ 2454.123273][ T4249] veth0_vlan: entered promiscuous mode
[ 2455.134884][ T4249] veth1_vlan: entered promiscuous mode
[ 2458.316164][ T4249] veth0_macvtap: entered promiscuous mode
[ 2458.833707][ T4249] veth1_macvtap: entered promiscuous mode
[ 2462.264954][ T4257] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2462.270784][ T4257] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2462.333405][ T3359] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2462.459577][ T3400] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2469.945498][ T4411] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2470.402852][ T4411] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2511.347203][ T4411] hsr_slave_0: entered promiscuous mode
[ 2511.486833][ T4411] hsr_slave_1: entered promiscuous mode
[ 2511.640451][ T4411] debugfs: 'hsr0' already exists in 'hsr'
[ 2511.649681][ T4411] Cannot create hsr debugfs directory
[ 2537.392309][ T4411] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 2538.360116][ T4411] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 2538.971213][ T4411] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 2539.657278][ T4411] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 2578.630881][ T4411] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2756.350542][ T4411] veth0_vlan: entered promiscuous mode
[ 2758.395411][ T4411] veth1_vlan: entered promiscuous mode
[ 2765.184919][ T4411] veth0_macvtap: entered promiscuous mode
[ 2766.796632][ T4411] veth1_macvtap: entered promiscuous mode
[ 2773.692933][ T3359] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2773.719756][ T3935] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2773.782365][ T3801] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2773.941705][ T4422] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2843.755933][ T3400] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2846.604847][ T3400] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2851.046490][ T3400] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2854.602367][ T3400] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2893.774882][ T3400] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2894.620576][ T3400] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2895.001909][ T3400] bond0 (unregistering): Released all slaves
[ 2898.626857][ T3400] hsr_slave_0: left promiscuous mode
[ 2898.819562][ T3400] hsr_slave_1: left promiscuous mode
[ 2899.910765][ T3400] veth1_macvtap: left promiscuous mode
[ 2899.941550][ T3400] veth0_macvtap: left promiscuous mode
[ 2899.953632][ T3400] veth1_vlan: left promiscuous mode
[ 2900.002107][ T3400] veth0_vlan: left promiscuous mode
[ 2974.044828][ T4662] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2974.530387][ T4662] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3021.437770][ T4662] hsr_slave_0: entered promiscuous mode
[ 3021.603839][ T4662] hsr_slave_1: entered promiscuous mode
[ 3045.402257][ T4662] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 3045.956816][ T4662] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 3046.516708][ T4662] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 3047.134513][ T4662] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 3090.095781][ T4662] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3285.280874][ T4662] veth0_vlan: entered promiscuous mode
[ 3287.161388][ T4662] veth1_vlan: entered promiscuous mode
[ 3292.184594][ T4662] veth0_macvtap: entered promiscuous mode
[ 3293.081088][ T4662] veth1_macvtap: entered promiscuous mode
[ 3298.041295][ T3412] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3298.090732][ T3412] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3298.184795][ T3412] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3298.212388][ T3412] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3549.806782][   T49] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3554.289199][   T49] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3556.546656][   T49] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3558.976546][   T49] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3590.235853][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3591.156090][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3591.904861][   T49] bond0 (unregistering): Released all slaves
[ 3595.072080][   T49] hsr_slave_0: left promiscuous mode
[ 3595.160020][   T49] hsr_slave_1: left promiscuous mode
[ 3595.826295][   T49] veth1_macvtap: left promiscuous mode
[ 3595.920389][   T49] veth0_macvtap: left promiscuous mode
[ 3595.925062][   T49] veth1_vlan: left promiscuous mode
[ 3595.936439][   T49] veth0_vlan: left promiscuous mode
[ 3632.895545][   T49] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3635.295003][   T49] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3637.183512][   T49] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3638.656257][   T49] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3668.827122][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3669.241929][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3669.525734][   T49] bond0 (unregistering): Released all slaves
[ 3672.829884][   T49] hsr_slave_0: left promiscuous mode
[ 3672.985910][   T49] hsr_slave_1: left promiscuous mode
[ 3673.895767][   T49] veth1_macvtap: left promiscuous mode
[ 3673.919587][   T49] veth0_macvtap: left promiscuous mode
[ 3673.962254][   T49] veth1_vlan: left promiscuous mode
[ 3674.010177][   T49] veth0_vlan: left promiscuous mode
[ 3729.644113][ T5051] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3730.084357][ T5046] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3730.377480][ T5051] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3730.731128][ T5046] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3766.175509][ T5046] hsr_slave_0: entered promiscuous mode
[ 3766.273155][ T5046] hsr_slave_1: entered promiscuous mode
[ 3770.266200][ T5051] hsr_slave_0: entered promiscuous mode
[ 3770.344407][ T5051] hsr_slave_1: entered promiscuous mode
[ 3770.417110][ T5051] debugfs: 'hsr0' already exists in 'hsr'
[ 3770.490186][ T5051] Cannot create hsr debugfs directory
[ 3794.585028][ T5046] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 3795.666058][ T5046] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 3796.196455][ T5046] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 3796.956559][ T5046] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 3803.836914][ T5051] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 3804.604145][ T5051] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 3805.232198][ T5051] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 3805.827551][ T5051] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 3839.131911][ T5046] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3847.343459][ T5051] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4024.126382][ T5046] veth0_vlan: entered promiscuous mode
[ 4025.675248][ T5046] veth1_vlan: entered promiscuous mode
[ 4030.331697][ T5046] veth0_macvtap: entered promiscuous mode
[ 4031.614674][ T5046] veth1_macvtap: entered promiscuous mode
[ 4034.033839][ T5051] veth0_vlan: entered promiscuous mode
[ 4037.216297][ T5051] veth1_vlan: entered promiscuous mode
[ 4039.583676][ T2112] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4039.641265][ T3801] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4040.065511][ T2112] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4040.070060][ T2112] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4046.546075][ T5051] veth0_macvtap: entered promiscuous mode
[ 4047.814010][ T5051] veth1_macvtap: entered promiscuous mode
[ 4054.157023][ T3359] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4054.232199][ T3359] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4054.281721][ T3359] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4054.287758][ T3359] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5196.096081][ T4257] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5198.100594][ T4257] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5200.141977][ T4257] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5202.316011][ T4257] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5231.262859][ T4257] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5232.285522][ T4257] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5232.677430][ T4257] bond0 (unregistering): Released all slaves
[ 5236.354936][ T4257] hsr_slave_0: left promiscuous mode
[ 5236.451258][ T4257] hsr_slave_1: left promiscuous mode
[ 5237.216427][ T4257] veth1_macvtap: left promiscuous mode
[ 5237.274319][ T4257] veth0_macvtap: left promiscuous mode
[ 5237.277786][ T4257] veth1_vlan: left promiscuous mode
[ 5237.316729][ T4257] veth0_vlan: left promiscuous mode
[ 5279.843070][ T5055] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5281.856399][ T5055] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5284.057144][ T5055] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5285.816830][ T5055] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 5325.472842][ T5055] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 5325.704231][ T5055] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 5325.869940][ T5055] bond0 (unregistering): Released all slaves
[ 5328.909155][ T5055] hsr_slave_0: left promiscuous mode
[ 5328.984509][ T5055] hsr_slave_1: left promiscuous mode
[ 5330.236824][ T5055] veth1_macvtap: left promiscuous mode
[ 5330.253450][ T5055] veth0_macvtap: left promiscuous mode
[ 5330.266415][ T5055] veth1_vlan: left promiscuous mode
[ 5330.314270][ T5055] veth0_vlan: left promiscuous mode
[ 5386.201607][ T5765] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5386.607219][ T5765] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5396.296580][ T5771] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 5396.692844][ T5771] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 5431.522608][ T5765] hsr_slave_0: entered promiscuous mode
[ 5431.694469][ T5765] hsr_slave_1: entered promiscuous mode
[ 5447.361377][ T5771] hsr_slave_0: entered promiscuous mode
[ 5447.423683][ T5771] hsr_slave_1: entered promiscuous mode
[ 5447.477497][ T5771] debugfs: 'hsr0' already exists in 'hsr'
[ 5447.579612][ T5771] Cannot create hsr debugfs directory
[ 5480.099935][ T5765] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 5483.202536][ T5765] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 5486.237899][ T5765] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 5489.220705][ T5765] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 5501.124508][ T5771] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 5501.705005][ T5771] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 5502.290451][ T5771] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 5502.943617][ T5771] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 5531.184516][ T5765] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5542.866672][ T5771] 8021q: adding VLAN 0 to HW filter on device bond0
[ 5695.733970][ T5765] veth0_vlan: entered promiscuous mode
[ 5697.490703][ T5765] veth1_vlan: entered promiscuous mode
[ 5701.884482][ T5765] veth0_macvtap: entered promiscuous mode
[ 5702.781949][ T5765] veth1_macvtap: entered promiscuous mode
[ 5708.156618][ T5780] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5708.184281][ T5780] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5708.686507][ T3400] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5708.710267][ T3400] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 5709.429043][ T5771] veth0_vlan: entered promiscuous mode
[ 5713.214303][ T5771] veth1_vlan: entered promiscuous mode
[ 5720.685986][ T5771] veth0_macvtap: entered promiscuous mode
[ 5721.595892][ T5771] veth1_macvtap: entered promiscuous mode
[ 5727.480024][ T5774] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 5727.639810][ T5055] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 5727.690387][ T5774] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 5727.763593][ T5053] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 6088.161492][ T6120] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6091.002443][ T6120] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6093.683656][ T6120] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6096.582411][ T6120] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6133.864447][ T6120] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 6135.067402][ T6120] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 6135.863983][ T6120] bond0 (unregistering): Released all slaves
[ 6139.664944][ T6120] hsr_slave_0: left promiscuous mode
[ 6139.860980][ T6120] hsr_slave_1: left promiscuous mode
[ 6141.012042][ T6120] veth1_macvtap: left promiscuous mode
[ 6141.014619][ T6120] veth0_macvtap: left promiscuous mode
[ 6141.022045][ T6120] veth1_vlan: left promiscuous mode
[ 6141.023577][ T6120] veth0_vlan: left promiscuous mode
[ 6196.916908][ T6120] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6198.616237][ T6120] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6200.367537][ T6120] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6202.363742][ T6120] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6235.990300][ T6120] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 6236.386079][ T6120] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 6236.615009][ T6120] bond0 (unregistering): Released all slaves
[ 6240.931161][ T6120] hsr_slave_0: left promiscuous mode
[ 6241.036027][ T6120] hsr_slave_1: left promiscuous mode
[ 6241.840869][ T6120] veth1_macvtap: left promiscuous mode
[ 6241.845022][ T6120] veth0_macvtap: left promiscuous mode
[ 6241.892520][ T6120] veth1_vlan: left promiscuous mode
[ 6241.940605][ T6120] veth0_vlan: left promiscuous mode
[ 6304.686267][ T6107] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6305.146459][ T6107] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6310.585552][ T6113] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6311.016783][ T6113] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6345.865352][ T6107] hsr_slave_0: entered promiscuous mode
[ 6346.074609][ T6107] hsr_slave_1: entered promiscuous mode
[ 6352.052625][ T6113] hsr_slave_0: entered promiscuous mode
[ 6352.133082][ T6113] hsr_slave_1: entered promiscuous mode
[ 6352.216406][ T6113] debugfs: 'hsr0' already exists in 'hsr'
[ 6352.249257][ T6113] Cannot create hsr debugfs directory
[ 6391.120976][ T6107] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 6391.891840][ T6107] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 6392.296945][ T6107] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 6393.460488][ T6107] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 6399.205656][ T6113] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 6399.820095][ T6113] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 6400.509714][ T6113] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 6401.143309][ T6113] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 6436.914443][ T6107] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6442.984320][ T6113] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6580.916564][ T6107] veth0_vlan: entered promiscuous mode
[ 6582.253393][ T6107] veth1_vlan: entered promiscuous mode
[ 6588.066261][ T6107] veth0_macvtap: entered promiscuous mode
[ 6588.622316][ T6113] veth0_vlan: entered promiscuous mode
[ 6589.373434][ T6107] veth1_macvtap: entered promiscuous mode
[ 6591.481437][ T6113] veth1_vlan: entered promiscuous mode
[ 6596.119902][ T6328] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 6596.126794][ T6328] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 6596.190391][ T6116] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 6596.227256][ T5053] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 6599.442807][ T6113] veth0_macvtap: entered promiscuous mode
[ 6601.060793][ T6113] veth1_macvtap: entered promiscuous mode
[ 6607.801060][ T3400] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 6607.855871][ T5053] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 6607.911814][ T5053] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 6607.955816][ T5053] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 6751.603844][ T6125] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6754.073166][ T6125] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6755.974758][ T6125] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6758.333899][ T6125] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6792.639627][ T6125] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 6792.882635][ T6125] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 6793.067177][ T6125] bond0 (unregistering): Released all slaves
[ 6797.491821][ T6125] hsr_slave_0: left promiscuous mode
[ 6797.719653][ T6125] hsr_slave_1: left promiscuous mode
[ 6798.754144][ T6125] veth1_macvtap: left promiscuous mode
[ 6798.801724][ T6125] veth0_macvtap: left promiscuous mode
[ 6798.807697][ T6125] veth1_vlan: left promiscuous mode
[ 6798.850948][ T6125] veth0_vlan: left promiscuous mode
[ 6833.557046][ T6125] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6836.053828][ T6125] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6837.834673][ T6125] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6839.810148][ T6125] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6865.706541][ T6125] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 6865.907140][ T6125] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 6866.084322][ T6125] bond0 (unregistering): Released all slaves
[ 6867.642836][ T6125] hsr_slave_0: left promiscuous mode
[ 6867.720035][ T6125] hsr_slave_1: left promiscuous mode
[ 6868.076361][ T6125] veth1_macvtap: left promiscuous mode
[ 6868.094658][ T6125] veth0_macvtap: left promiscuous mode
[ 6868.114548][ T6125] veth1_vlan: left promiscuous mode
[ 6868.133908][ T6125] veth0_vlan: left promiscuous mode
[ 6932.901524][ T6416] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6933.276601][ T6416] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6939.755783][ T6419] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 6940.236464][ T6419] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 6973.034991][ T6416] hsr_slave_0: entered promiscuous mode
[ 6973.122890][ T6416] hsr_slave_1: entered promiscuous mode
[ 6979.376476][ T6419] hsr_slave_0: entered promiscuous mode
[ 6979.450662][ T6419] hsr_slave_1: entered promiscuous mode
[ 6979.485517][ T6419] debugfs: 'hsr0' already exists in 'hsr'
[ 6979.500468][ T6419] Cannot create hsr debugfs directory
[ 7005.896278][ T6416] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 7008.360420][ T6416] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 7009.114067][ T6416] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 7011.421302][ T6416] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 7025.625359][ T6419] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 7026.122228][ T6419] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 7026.537585][ T6419] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 7027.201077][ T6419] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 7048.437639][ T6416] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7058.350328][ T6419] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7196.966413][ T6416] veth0_vlan: entered promiscuous mode
[ 7198.037831][ T6416] veth1_vlan: entered promiscuous mode
[ 7201.623808][ T6416] veth0_macvtap: entered promiscuous mode
[ 7202.303976][ T6416] veth1_macvtap: entered promiscuous mode
[ 7207.120981][ T6120] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 7207.123311][ T6120] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 7207.172492][ T6120] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 7207.384624][ T6120] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 7208.544546][ T6419] veth0_vlan: entered promiscuous mode
[ 7211.113936][ T6419] veth1_vlan: entered promiscuous mode
[ 7216.763688][ T6419] veth0_macvtap: entered promiscuous mode
[ 7217.324509][ T6419] veth1_macvtap: entered promiscuous mode
[ 7221.269600][ T6125] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 7221.283251][ T6125] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 7221.312078][ T6125] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 7221.402706][ T6125] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 7330.683610][ T6116] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7333.266800][ T6116] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7335.544502][ T6116] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7337.904191][ T6116] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7368.064960][ T6116] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 7368.480275][ T6116] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 7368.707836][ T6116] bond0 (unregistering): Released all slaves
[ 7371.403087][ T6116] hsr_slave_0: left promiscuous mode
[ 7371.660233][ T6116] hsr_slave_1: left promiscuous mode
[ 7372.612294][ T6116] veth1_macvtap: left promiscuous mode
[ 7372.613705][ T6116] veth0_macvtap: left promiscuous mode
[ 7372.622929][ T6116] veth1_vlan: left promiscuous mode
[ 7372.624509][ T6116] veth0_vlan: left promiscuous mode
[ 7413.955905][ T6116] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7415.607874][ T6116] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7417.116622][ T6116] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7418.857648][ T6116] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 7447.860949][ T6116] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 7448.180132][ T6116] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 7448.412382][ T6116] bond0 (unregistering): Released all slaves
[ 7451.539653][ T6116] hsr_slave_0: left promiscuous mode
[ 7451.655150][ T6116] hsr_slave_1: left promiscuous mode
[ 7452.332293][ T6116] veth1_macvtap: left promiscuous mode
[ 7452.335646][ T6116] veth0_macvtap: left promiscuous mode
[ 7452.353666][ T6116] veth1_vlan: left promiscuous mode
[ 7452.384232][ T6116] veth0_vlan: left promiscuous mode
[ 7519.320473][ T6700] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7519.651840][ T6700] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7528.563123][ T6708] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 7528.920776][ T6708] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 7552.930468][ T6700] hsr_slave_0: entered promiscuous mode
[ 7552.997447][ T6700] hsr_slave_1: entered promiscuous mode
[ 7566.843229][ T6708] hsr_slave_0: entered promiscuous mode
[ 7566.897465][ T6708] hsr_slave_1: entered promiscuous mode
[ 7566.937759][ T6708] debugfs: 'hsr0' already exists in 'hsr'
[ 7566.999640][ T6708] Cannot create hsr debugfs directory
[ 7586.781626][ T6700] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 7588.685420][ T6700] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 7589.106984][ T6700] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 7590.905672][ T6700] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 7599.104053][ T6708] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 7599.880684][ T6708] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 7600.491754][ T6708] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 7600.967007][ T6708] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 7624.474827][ T6700] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7634.042973][ T6708] 8021q: adding VLAN 0 to HW filter on device bond0
[ 7759.323293][ T6700] veth0_vlan: entered promiscuous mode
[ 7760.146017][ T6700] veth1_vlan: entered promiscuous mode
[ 7763.162992][ T6700] veth0_macvtap: entered promiscuous mode
[ 7763.625295][ T6700] veth1_macvtap: entered promiscuous mode
[ 7766.790289][ T5427] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 7766.810984][ T5427] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 7766.819397][ T5427] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 7766.823215][ T5427] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 7769.122818][ T6708] veth0_vlan: entered promiscuous mode
[ 7770.603769][ T6708] veth1_vlan: entered promiscuous mode
[ 7774.783075][ T6708] veth0_macvtap: entered promiscuous mode
[ 7775.265665][ T6708] veth1_macvtap: entered promiscuous mode
[ 7779.305681][ T6125] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 7779.343560][ T6125] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 7779.362041][ T6125] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 7779.362915][ T6125] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8012.421360][ T6706] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8014.707423][ T6706] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8017.354444][ T6706] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8019.624075][ T6706] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8048.689552][ T6706] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 8049.000658][ T6706] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 8049.191677][ T6706] bond0 (unregistering): Released all slaves
[ 8051.700463][ T6706] hsr_slave_0: left promiscuous mode
[ 8051.830478][ T6706] hsr_slave_1: left promiscuous mode
[ 8052.346169][ T6706] veth1_macvtap: left promiscuous mode
[ 8052.371180][ T6706] veth0_macvtap: left promiscuous mode
[ 8052.373757][ T6706] veth1_vlan: left promiscuous mode
[ 8052.395478][ T6706] veth0_vlan: left promiscuous mode
[ 8092.932378][ T5055] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8094.713568][ T5055] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8096.654607][ T5055] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8098.405067][ T5055] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8120.644965][ T5055] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 8120.847353][ T5055] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 8120.976698][ T5055] bond0 (unregistering): Released all slaves
[ 8124.158998][ T5055] hsr_slave_0: left promiscuous mode
[ 8124.227103][ T5055] hsr_slave_1: left promiscuous mode
[ 8124.795044][ T5055] veth1_macvtap: left promiscuous mode
[ 8124.809594][ T5055] veth0_macvtap: left promiscuous mode
[ 8124.835485][ T5055] veth1_vlan: left promiscuous mode
[ 8124.847098][ T5055] veth0_vlan: left promiscuous mode
[ 8171.363098][ T7094] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8171.713887][ T7094] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8191.814455][ T7121] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8192.036885][ T7121] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8197.765765][ T7094] hsr_slave_0: entered promiscuous mode
[ 8197.833059][ T7094] hsr_slave_1: entered promiscuous mode
[ 8226.782612][ T7121] hsr_slave_0: entered promiscuous mode
[ 8226.875453][ T7121] hsr_slave_1: entered promiscuous mode
[ 8226.944504][ T7121] debugfs: 'hsr0' already exists in 'hsr'
[ 8226.954878][ T7121] Cannot create hsr debugfs directory
[ 8229.067576][ T7094] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 8229.449766][ T7094] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 8229.811908][ T7094] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 8230.244453][ T7094] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 8250.434453][ T7121] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 8250.812400][ T7121] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 8251.082551][ T7121] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 8251.337869][ T7121] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 8257.893815][ T7094] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8278.982451][ T7121] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8371.261817][ T7094] veth0_vlan: entered promiscuous mode
[ 8372.112663][ T7094] veth1_vlan: entered promiscuous mode
[ 8374.924364][ T7094] veth0_macvtap: entered promiscuous mode
[ 8375.377514][ T7094] veth1_macvtap: entered promiscuous mode
[ 8378.209562][ T3400] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8378.222168][ T3400] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8378.234463][ T3400] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8378.341676][ T3400] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8395.123316][ T7121] veth0_vlan: entered promiscuous mode
[ 8396.456261][ T7121] veth1_vlan: entered promiscuous mode
[ 8400.001843][ T7121] veth0_macvtap: entered promiscuous mode
[ 8400.513681][ T7121] veth1_macvtap: entered promiscuous mode
[ 8404.371555][ T6706] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8404.394179][ T6706] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8404.400075][ T6706] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8404.400981][ T6706] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8519.386317][ T6106] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8521.636008][ T6106] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8523.582768][ T6106] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8525.362158][ T6106] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 8549.454559][ T6106] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 8549.717000][ T6106] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 8549.894041][ T6106] bond0 (unregistering): Released all slaves
[ 8552.581154][ T6106] hsr_slave_0: left promiscuous mode
[ 8552.831981][ T6106] hsr_slave_1: left promiscuous mode
[ 8553.574219][ T6106] veth1_macvtap: left promiscuous mode
[ 8553.600472][ T6106] veth0_macvtap: left promiscuous mode
[ 8553.621286][ T6106] veth1_vlan: left promiscuous mode
[ 8553.648813][ T6106] veth0_vlan: left promiscuous mode
[ 8648.582799][ T7422] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 8648.916831][ T7422] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 8660.227649][ T7513] kvm [7513]: Failed to find VMA for hva 0x20c01000
[ 8679.664001][ T7422] hsr_slave_0: entered promiscuous mode
[ 8679.733676][ T7422] hsr_slave_1: entered promiscuous mode
[ 8709.244113][ T7422] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 8709.812119][ T7422] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 8710.321164][ T7422] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 8710.725076][ T7422] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 8736.644770][ T7422] 8021q: adding VLAN 0 to HW filter on device bond0
[ 8846.621726][ T7422] veth0_vlan: entered promiscuous mode
[ 8847.612510][ T7422] veth1_vlan: entered promiscuous mode
[ 8850.313935][ T7422] veth0_macvtap: entered promiscuous mode
[ 8850.654847][ T7422] veth1_macvtap: entered promiscuous mode
[ 8853.572879][ T5780] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 8853.586649][ T3801] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 8853.793307][ T3801] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 8853.811472][ T3801] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 8862.569819][   T25] audit: type=1400 audit(8861.770:106): avc:  denied  { map } for  pid=7668 comm="syz.9.375" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 9144.534601][ T5055] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9145.771909][ T5055] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9147.041622][ T5055] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9148.371961][ T5055] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9167.485912][ T5055] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 9168.270072][ T5055] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 9168.712033][ T5055] bond0 (unregistering): Released all slaves
[ 9171.289409][ T5055] hsr_slave_0: left promiscuous mode
[ 9171.380810][ T5055] hsr_slave_1: left promiscuous mode
[ 9172.175731][ T5055] veth1_macvtap: left promiscuous mode
[ 9172.231493][ T5055] veth0_macvtap: left promiscuous mode
[ 9172.264254][ T5055] veth1_vlan: left promiscuous mode
[ 9172.277393][ T5055] veth0_vlan: left promiscuous mode
[ 9201.782546][ T5055] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9203.116697][ T5055] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9204.170939][ T5055] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9205.206470][ T5055] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 9219.303394][ T5055] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 9219.415798][ T5055] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 9219.523833][ T5055] bond0 (unregistering): Released all slaves
[ 9221.562744][ T5055] hsr_slave_0: left promiscuous mode
[ 9221.620815][ T5055] hsr_slave_1: left promiscuous mode
[ 9222.150623][ T5055] veth1_macvtap: left promiscuous mode
[ 9222.163316][ T5055] veth0_macvtap: left promiscuous mode
[ 9222.174723][ T5055] veth1_vlan: left promiscuous mode
[ 9222.202420][ T5055] veth0_vlan: left promiscuous mode
[ 9271.165168][ T7849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 9271.432672][ T7849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 9275.436686][ T7852] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 9275.646803][ T7852] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 9296.890861][ T7849] hsr_slave_0: entered promiscuous mode
[ 9296.966668][ T7849] hsr_slave_1: entered promiscuous mode
[ 9302.452500][ T7852] hsr_slave_0: entered promiscuous mode
[ 9302.513849][ T7852] hsr_slave_1: entered promiscuous mode
[ 9302.551202][ T7852] debugfs: 'hsr0' already exists in 'hsr'
[ 9302.559042][ T7852] Cannot create hsr debugfs directory
[ 9319.824452][ T7849] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 9320.267348][ T7849] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 9320.931918][ T7849] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 9322.100089][ T7849] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 9328.640880][ T7852] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 9329.144971][ T7852] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 9329.705855][ T7852] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 9330.223476][ T7852] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 9346.955879][ T7849] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9355.796272][ T7852] 8021q: adding VLAN 0 to HW filter on device bond0
[ 9441.142847][ T7849] veth0_vlan: entered promiscuous mode
[ 9441.794129][ T7849] veth1_vlan: entered promiscuous mode
[ 9444.447370][ T7849] veth0_macvtap: entered promiscuous mode
[ 9444.922237][ T7849] veth1_macvtap: entered promiscuous mode
[ 9447.716274][ T3801] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 9447.725824][ T3801] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 9447.896366][ T3801] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 9447.905085][ T3801] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 9449.864959][ T7852] veth0_vlan: entered promiscuous mode
[ 9451.422074][ T7852] veth1_vlan: entered promiscuous mode
[ 9454.341885][ T7852] veth0_macvtap: entered promiscuous mode
[ 9454.752500][ T7852] veth1_macvtap: entered promiscuous mode
[ 9458.100312][ T5055] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 9458.134839][ T5055] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 9458.311243][ T5055] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 9458.321367][ T5055] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 9627.291721][ T8198] ==================================================================
[ 9627.292318][ T8198] BUG: KASAN: invalid-access in __kvm_pgtable_walk+0x8e4/0xa68
[ 9627.294047][ T8198] Read of size 8 at addr 8df0000024af9000 by task syz.2.426/8198
[ 9627.294274][ T8198] Pointer tag: [8d], memory tag: [fe]
[ 9627.294423][ T8198] 
[ 9627.295414][ T8198] CPU: 0 UID: 0 PID: 8198 Comm: syz.2.426 Not tainted syzkaller #0 PREEMPT 
[ 9627.295924][ T8198] Hardware name: linux,dummy-virt (DT)
[ 9627.296415][ T8198] Call trace:
[ 9627.296795][ T8198]  show_stack+0x2c/0x3c (C)
[ 9627.297402][ T8198]  __dump_stack+0x30/0x40
[ 9627.297679][ T8198]  dump_stack_lvl+0xd8/0x12c
[ 9627.297890][ T8198]  print_address_description+0xac/0x288
[ 9627.298172][ T8198]  print_report+0x84/0xa0
[ 9627.298451][ T8198]  kasan_report+0xb0/0x110
[ 9627.298674][ T8198]  kasan_tag_mismatch+0x28/0x3c
[ 9627.298933][ T8198]  __hwasan_tag_mismatch+0x30/0x60
[ 9627.299243][ T8198]  __kvm_pgtable_walk+0x8e4/0xa68
[ 9627.299557][ T8198]  kvm_pgtable_walk+0x294/0x468
[ 9627.299828][ T8198]  kvm_pgtable_stage2_destroy_range+0x60/0xb4
[ 9627.300121][ T8198]  kvm_free_stage2_pgd+0x198/0x28c
[ 9627.300423][ T8198]  kvm_uninit_stage2_mmu+0x20/0x38
[ 9627.300701][ T8198]  kvm_arch_flush_shadow_all+0x1a8/0x1e0
[ 9627.300994][ T8198]  kvm_mmu_notifier_release+0x48/0xa8
[ 9627.301268][ T8198]  mmu_notifier_unregister+0x128/0x42c
[ 9627.301559][ T8198]  kvm_put_kvm+0x6a0/0xfa8
[ 9627.301763][ T8198]  kvm_vcpu_release+0x70/0x9c
[ 9627.302031][ T8198]  __fput+0x4ac/0x980
[ 9627.302228][ T8198]  ____fput+0x20/0x58
[ 9627.302447][ T8198]  task_work_run+0x1bc/0x254
[ 9627.302666][ T8198]  get_signal+0x13ec/0x1554
[ 9627.302959][ T8198]  do_signal+0x23c/0x4dd0
[ 9627.303261][ T8198]  do_notify_resume+0xb0/0x270
[ 9627.303531][ T8198]  el0_svc+0xb8/0x164
[ 9627.303776][ T8198]  el0t_64_sync_handler+0x84/0x12c
[ 9627.304022][ T8198]  el0t_64_sync+0x198/0x19c
[ 9627.304539][ T8198] 
[ 9627.304709][ T8198] The buggy address belongs to the physical page:
[ 9627.305792][ T8198] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x29f0000000000000 pfn:0x64af9
[ 9627.306164][ T8198] flags: 0x1ffdc8000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x72)
[ 9627.307313][ T8198] raw: 01ffdc8000000000 ffffc1ffc0801e08 ffffc1ffc077fc88 0000000000000000
[ 9627.307579][ T8198] raw: 29f0000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 9627.307781][ T8198] page dumped because: kasan: bad access detected
[ 9627.307910][ T8198] 
[ 9627.308000][ T8198] Memory state around the buggy address:
[ 9627.308351][ T8198]  fff0000024af8e00: 48 48 48 48 48 48 48 48 48 48 48 48 48 48 48 48
[ 9627.308555][ T8198]  fff0000024af8f00: 48 48 48 48 48 48 48 48 48 48 48 48 48 48 48 48
[ 9627.308740][ T8198] >fff0000024af9000: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 9627.308877][ T8198]                    ^
[ 9627.309117][ T8198]  fff0000024af9100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 9627.309294][ T8198]  fff0000024af9200: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[ 9627.309521][ T8198] ==================================================================
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 9627.652908][ T8198] Disabling lock debugging due to kernel taint
[ 9627.687254][ T8198] Unable to handle kernel paging request at virtual address fffe801fdc000000
[ 9627.766812][ T8198] KASAN: probably wild-memory-access in range [0xfff001fdc0000000-0xfff001fdc000000f]
[ 9627.772043][ T8198] Mem abort info:
[ 9627.808949][ T8198]   ESR = 0x0000000096000005
[ 9627.809612][ T8198]   EC = 0x25: DABT (current EL), IL = 32 bits
[ 9627.809958][ T8198]   SET = 0, FnV = 0
[ 9627.810208][ T8198]   EA = 0, S1PTW = 0
[ 9627.810496][ T8198]   FSC = 0x05: level 1 translation fault
[ 9627.810808][ T8198] Data abort info:
[ 9627.811081][ T8198]   ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000
[ 9627.811410][ T8198]   CM = 0, WnR = 0, TnD = 0, TagAccess = 0
[ 9627.811721][ T8198]   GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[ 9627.812188][ T8198] swapper pgtable: 4k pages, 52-bit VAs, pgdp=00000000476e2000
[ 9627.812589][ T8198] [fffe801fdc000000] pgd=0000000047f43003, p4d=00000000badc7003, pud=0000000000000000
[ 9627.882647][ T8198] Internal error: Oops: 0000000096000005 [#1]  SMP
[ 9627.887034][ T8198] Modules linked in:
[ 9627.888835][ T8198] CPU: 0 UID: 0 PID: 8198 Comm: syz.2.426 Tainted: G    B               syzkaller #0 PREEMPT 
[ 9627.890578][ T8198] Tainted: [B]=BAD_PAGE
[ 9627.891398][ T8198] Hardware name: linux,dummy-virt (DT)
[ 9627.892487][ T8198] pstate: 61402009 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
[ 9627.893863][ T8198] pc : __kvm_pgtable_walk+0x268/0xa68
[ 9627.894977][ T8198] lr : __kvm_pgtable_walk+0x214/0xa68
[ 9627.895981][ T8198] sp : ffff80008ee57510
[ 9627.896693][ T8198] x29: ffff80008ee575b0 x28: 0000000000000005 x27: fff001fdc0000000
[ 9627.898184][ T8198] x26: fff001fdc0000000 x25: 0000000000000000 x24: 0000000000000001
[ 9627.899609][ T8198] x23: 00000000000000ff x22: efff800000000000 x21: ffff80008ee57718
[ 9627.900993][ T8198] x20: 00000000000000ff x19: 00000000000000ff x18: 0000000000001b80
[ 9627.902442][ T8198] x17: 000000000000008d x16: 00000000000000ad x15: fff0000072d7e404
[ 9627.903839][ T8198] x14: 00000000000000ff x13: ffff80008ee57720 x12: ffff80008ee57728
[ 9627.905141][ T8198] x11: 0000000000080000 x10: 000000000007ffff x9 : ffff80008ee57568
[ 9627.906666][ T8198] x8 : 0fff001fdc000000 x7 : ffff800080bc7058 x6 : 0000000000000000
[ 9627.908038][ T8198] x5 : 0000000000000000 x4 : 00000000000000ff x3 : 0000000000000001
[ 9627.909427][ T8198] x2 : fff001fdc0000000 x1 : 0000000000000000 x0 : 0000000000000000
[ 9627.910841][ T8198] Call trace:
[ 9627.911547][ T8198]  __kvm_pgtable_walk+0x268/0xa68 (P)
[ 9627.912602][ T8198]  __kvm_pgtable_walk+0x600/0xa68
[ 9627.913445][ T8198]  kvm_pgtable_walk+0x294/0x468
[ 9627.914409][ T8198]  kvm_pgtable_stage2_destroy_range+0x60/0xb4
[ 9627.915525][ T8198]  kvm_free_stage2_pgd+0x198/0x28c
[ 9627.916490][ T8198]  kvm_uninit_stage2_mmu+0x20/0x38
[ 9627.917473][ T8198]  kvm_arch_flush_shadow_all+0x1a8/0x1e0
[ 9627.918506][ T8198]  kvm_mmu_notifier_release+0x48/0xa8
[ 9627.919537][ T8198]  mmu_notifier_unregister+0x128/0x42c
[ 9627.920524][ T8198]  kvm_put_kvm+0x6a0/0xfa8
[ 9627.921348][ T8198]  kvm_vcpu_release+0x70/0x9c
[ 9627.922148][ T8198]  __fput+0x4ac/0x980
[ 9627.922979][ T8198]  ____fput+0x20/0x58
[ 9627.923778][ T8198]  task_work_run+0x1bc/0x254
[ 9627.924659][ T8198]  get_signal+0x13ec/0x1554
[ 9627.925556][ T8198]  do_signal+0x23c/0x4dd0
[ 9627.926476][ T8198]  do_notify_resume+0xb0/0x270
[ 9627.927415][ T8198]  el0_svc+0xb8/0x164
[ 9627.928229][ T8198]  el0t_64_sync_handler+0x84/0x12c
[ 9627.929187][ T8198]  el0t_64_sync+0x198/0x19c
[ 9627.930619][ T8198] Code: f94023ec f9400fed a9017d3f f800813f (38686ac8) 
[ 9627.932425][ T8198] ---[ end trace 0000000000000000 ]---
[ 9627.933970][ T8198] Kernel panic - not syncing: Oops: Fatal exception
[ 9627.935894][ T8198] Kernel Offset: disabled
[ 9627.936651][ T8198] CPU features: 0x000000,0001a300,5f7c67c1,057ffe1f
[ 9627.937756][ T8198] Memory Limit: none
[ 9627.939396][ T8198] Rebooting in 86400 seconds..

VM DIAGNOSIS:
11:11:38  Registers:
info registers vcpu 0

CPU#0
 PC=ffff800082159154 X00=0000000000000003 X01=0000000000000002
X02=0000000000000001 X03=ffff800082159050 X04=0000000000000001
X05=0000000000000001 X06=0000000000000000 X07=ffff800081f1ef70
X08=f7f000000d9b9d80 X09=0000000000000000 X10=0000000000ff0100
X11=00000000000000fe X12=0000000000000002 X13=0000000000000002
X14=0000000000000000 X15=000000000000028b X16=00000000000000f7
X17=0000000000000000 X18=0000000000c44400 X19=efff800000000000
X20=40f000000dcb4880 X21=9bff80008c4bb018 X22=0000000000000002
X23=40f000000dcb497c X24=0000000000000040 X25=40f000000dcb4ac8
X26=40f000000dcb48c8 X27=0000000000000040 X28=0000000000000040
X29=ffff80008c4f7b40 X30=ffff800082159154  SP=ffff80008c4f7b30
PSTATE=814020c9 N--- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=0000000000000000:0000000000000000 Z01=0000ff0000ff0000:ffff00000000706d
Z02=c0fc00fcc000c0fc:0000c0fcc0fc0000 Z03=0000000000000000:0000000000000000
Z04=3303330333033303:3303330333033303 Z05=bcfcc0bc00bcbc00:bcfcc0bc00bcbc00
Z06=0000000000000073:0000aaab142b83c0 Z07=0000000000000074:0000aaab142b5600
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000ffffc4897f60:0000ffffc4897f60 Z17=ffffff80ffffffd0:0000ffffc4897f30
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000