last executing test programs:

1m1.775642625s ago: executing program 1 (id=502):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000001000/0x2000)=nil, 0x930, 0x2000003, 0x4120932, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000001000/0x2000)=nil, 0x930, 0x2000003, 0x4120932, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2000, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2000, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f0000000440)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000140)={0x6, 0x800003a, 0x2}})
ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f00000004c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000480)={0x0, 0x20}})
mmap$KVM_VCPU(&(0x7f00004f0000/0x2000)=nil, 0x930, 0x0, 0x11, r2, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
mmap$KVM_VCPU(&(0x7f0000dee000/0x3000)=nil, r6, 0x100000e, 0x8a031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000d10000/0xa000)=nil, 0x930, 0x3000006, 0x28031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, r6, 0x2000002, 0x4f832, 0xffffffffffffffff, 0x0)

53.805807613s ago: executing program 1 (id=505):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r2 = openat$kvm(0x0, &(0x7f0000000000), 0x2002, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
syz_kvm_setup_cpu$arm64(r3, 0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil, &(0x7f00000008c0)=[{0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="820000000000000028000000000000000200000000000000030000000000000046"], 0x248}], 0x1, 0x0, 0x0, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r3, 0x2, 0x120)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000240)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r7 = syz_kvm_vgic_v3_setup(r1, 0x3, 0x100)
ioctl$KVM_GET_DEVICE_ATTR(r7, 0x4018aee2, &(0x7f0000000240)=@attr_arm64={0x0, 0x1, 0x4, &(0x7f0000000200)=0x8000})

46.545704277s ago: executing program 0 (id=506):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="14000000000000002000000000000000f2c4130000003060008000000000000014000000000000002000000000000000e0dc1300000030d11b"], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="14000000000000002000000000000000f1c4130000003060008000000000000014000000000000002000000000000000f2c4130000003060008000000000000014000000000000002000000000000000e0dc130000003060c7"], 0x140}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="140000000000000020000000000000001280130000000000000000ecff00000099bfaa180a9c50cc4e526aa030d65a17a4b61e2187c0a285ed52b39fe4b735862e2bbb49c8e3e8b5d577dfdff9d277a04c372acf81e16ebb59863f6fa0bbfc3e"], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r12 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
r15 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r14, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r15, 0x20, &(0x7f0000000240)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521c180c7f93448c9114707cd24b7eebb20700", 0x0, 0x48)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0xf, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r14, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4)

40.715956012s ago: executing program 1 (id=507):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000080)={0x5})
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_extra={0x603000000013df19, &(0x7f0000000100)=0x1})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

33.363246969s ago: executing program 0 (id=508):
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$arm64(r1, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000580)=[{0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="1e0000000000000040000000000000001200008400000000faff000080"], 0x40}], 0x1, 0x0, 0x0, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000780)={0x0, &(0x7f0000000680)=ANY=[], 0x84}, &(0x7f00000007c0)=[@featur2={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x3000000, 0x4f831, r3, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ce0000/0x3000)=nil, 0x3000)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000340)={0x5})
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000180)=@other={0x0, 0x0})
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2, 0x1010, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20002, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
syz_kvm_setup_cpu$arm64(r1, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000580)=[{0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="1e0000000000000040000000000000001200008400000000faff000080"], 0x40}], 0x1, 0x0, 0x0, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000780)={0x0, &(0x7f0000000680)=ANY=[], 0x84}, &(0x7f00000007c0)=[@featur2={0x1, 0x4}], 0x1) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x3000000, 0x4f831, r3, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000ce0000/0x3000)=nil, 0x3000) (async)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async)
ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000340)={0x5}) (async)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000180)=@other={0x0, 0x0}) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2, 0x1010, 0xffffffffffffffff, 0x0) (async)

32.696602209s ago: executing program 1 (id=509):
mmap$KVM_VCPU(&(0x7f0000d10000/0xa000)=nil, 0x930, 0x3000006, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x2c00, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xb701, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xb704, 0x20000002)
ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x4018aee1, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="3200000000000000400000000000000051000084000000001de7e1280000000008000000000000004700000000000000000000000000000022000000000000006e00000000000000300000000000000000400000000000009b02000052f4"], 0xf0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$kvm(0x0, 0x0, 0x101000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000b60000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, 0x0)
r8 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
r11 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r10, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
ioctl$KVM_GET_MP_STATE(0xffffffffffffffff, 0x8004ae98, &(0x7f0000000100))
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0)
r12 = eventfd2(0x0, 0x0)
close(r12)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0)
write$eventfd(r12, &(0x7f0000000000), 0xfffffe1e)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x100b31, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0)

23.880008022s ago: executing program 0 (id=510):
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x29031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000647000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x53033, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000fde000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e0c000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0x3, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ad4000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000584000/0x800000)=nil, 0x800000)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x8, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000180)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000647000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)

13.084608913s ago: executing program 0 (id=511):
syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000600)={0x0, &(0x7f0000000680)=[@mrs={0xbe, 0x18, {0x603000000013e219}}, @uexit={0x0, 0x18, 0x3}, @svc={0x122, 0x40, {0x51, [0x9, 0x4, 0x4, 0x1, 0x9]}}, @smc={0x1e, 0x40, {0x32000000, [0x4, 0xfff, 0xffffffff80000001, 0xae, 0x7]}}, @smc={0x1e, 0x40, {0x31000000, [0x5, 0x3, 0x9, 0x80000000, 0x3]}}, @memwrite={0x6e, 0x30, @generic={0xdddd0000, 0x3d6, 0x1bf, 0x8}}, @svc={0x122, 0x40, {0x3f000000, [0x2, 0x5, 0x25f7, 0x8, 0x80000000]}}, @smc={0x1e, 0x40, {0x8400000a, [0x4, 0x200003fe, 0x80000000, 0x2, 0x787a]}}, @irq_setup={0x46, 0x18, {0x4, 0x19f}}, @memwrite={0x6e, 0x30, @generic={0xdddd1000, 0x47c, 0x3, 0xa}}, @mrs={0xbe, 0x18, {0x603000000013df6a}}, @irq_setup={0x46, 0x18, {0x0, 0x160}}, @uexit={0x0, 0x18, 0x8}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x20020, 0x4952, 0xc}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x0, 0x0, 0x4}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x8, 0x0, 0x9}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1c00, 0x10}}, @mrs={0xbe, 0x18, {0x603000000013c00c}}, @svc={0x122, 0x40, {0x0, [0x3, 0x6, 0x5, 0x7fffffffffffffff, 0x9]}}, @msr={0x14, 0x20, {0x603000000013dee8, 0x7}}, @irq_setup={0x46, 0x18, {0x0, 0x218}}, @memwrite={0x6e, 0x30, @generic={0x8000000, 0x719, 0xef, 0x8}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x2d5}}, @code={0xa, 0x6c, {"000820fc405190d200a0b0f2810180d2220180d2030080d2840180d2020000d400109cd20020b0f2810180d2620080d2230080d2040080d2020000d40008285e000008d5007008d5000028d5000028d5007008d5008008d5"}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x0, 0x3, 0x1}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0xa6}}, @mrs={0xbe, 0x18, {0x603000000013e101}}, @its_setup={0x82, 0x28, {0x3, 0x3, 0xcd}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x0, 0xf, 0x1, 0x1, 0x2}}, @svc={0x122, 0x40, {0x84000009, [0x4456, 0x7fffffff, 0xb8, 0x4c813c6f, 0xfc4e]}}, @irq_setup={0x46, 0x18, {0x3, 0x3a4}}], 0x55c}, &(0x7f0000000640)=[@featur1={0x1, 0xfc}], 0x1)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000080)={0x5, 0xb})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2041, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000140)={0x800, 0x10000, 0x4, 0xffffffffffffffff, 0x9})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f0000000180)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000140)=0x9})
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x130, r2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x408801, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x3000000, 0x4f831, 0xffffffffffffffff, 0x0)

9.973380085s ago: executing program 1 (id=512):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2041, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f00000000c0)={0x4, <r6=>0xffffffffffffffff, 0x932d82b1a9412f16})
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(r6, 0x4018aee3, 0x0)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x109000, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000100), 0x24000, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2)
ioctl$KVM_ARM_VCPU_INIT(r11, 0x4020aeae, &(0x7f0000000080)={0x5, 0x4})
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000180)=@arm64_fw={0x6030000000140000, &(0x7f00000001c0)=0x1})
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r12, 0xae04)
r14 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000000000/0x3000)=nil, r13, 0x100000a, 0x12, r14, 0x100000)
mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r13, 0x1, 0x11, r14, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x1000)=nil, r7, 0x0, 0x10010, r14, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x4000)=nil, r7, 0x0, 0x2012, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
r17 = ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r17, 0x4020aeae, &(0x7f0000000340)={0x5})

5.762308789s ago: executing program 0 (id=513):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000080)={0x5})
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_extra={0x603000000013df19, &(0x7f0000000100)=0x1})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3.473401783s ago: executing program 1 (id=514):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40c02, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0xc3) (async)
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r6, 0x8040ae9f, 0xffffffffffffffff) (async)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f0000000000)=@arm64={0x7, 0x5, 0x0, '\x00', 0x1}) (async, rerun: 32)
munmap(&(0x7f00000be000/0x1000)=nil, 0xffffffffdff41fff) (async, rerun: 32)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000080)={0x5}) (async)
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000140)=@arm64_sys={0x603000000013c2b0, &(0x7f0000000000)=0x8000000000000000}) (async)
r9 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, &(0x7f00000001c0)=ANY=[@ANYRESOCT=r1, @ANYRESHEX=r9, @ANYBLOB="f82cf9188e6de57527c965f7ff8f4a460f3bd22df7d852642d7078b99478b4566febae30c8dfb66690644ef3e477c6470cb2502547b9d7a45a269ebc72a7f928663a064fb9eaac6817f26c986a400bb3df605e329271b8297bbe0b1d3f7723bafd99accd92d24859c002731614b84ced72f6089b887530c8a3704928173ec2898708598f406287fedd0222c370b5a3eaaa1b6db2206dfad65ce09a64aa0908a73fadd81d124f0512171a88a687fa71354453118a31e8d89c09efbeb5"], 0x28}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r1, 0xfffffefffffffffb, 0x100) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x8, <r11=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_RUN(r10, 0xae80, 0x0) (async)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000) (async, rerun: 32)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0) (rerun: 32)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) (async)
r14 = eventfd2(0x0, 0x1)
ioctl$KVM_IOEVENTFD(r13, 0x4040ae79, &(0x7f0000000900)={0x0, 0x0, 0x1, r14, 0x1}) (async)
ioctl$KVM_IOEVENTFD(r13, 0x4040ae79, &(0x7f0000000000)={0x401, 0x5000, 0x8, r14})

0s ago: executing program 0 (id=515):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x40) (async, rerun: 64)
r2 = eventfd2(0x1, 0x800) (rerun: 64)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000180)={r2, 0x3, 0x0, r2}) (async)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x43033, 0xffffffffffffffff, 0x0) (async)
r3 = eventfd2(0x0, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r3, 0x40fff, 0x3, r3}) (async)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000000c0)={r3, 0x7, 0x3, r2})

kernel console output (not intermixed with test programs):

[  386.403312][ T3133] 8021q: adding VLAN 0 to HW filter on device bond0
[  446.416707][ T3133] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:64889' (ED25519) to the list of known hosts.
[  601.272695][   T25] audit: type=1400 audit(600.340:61): avc:  denied  { name_bind } for  pid=3289 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  602.731971][   T25] audit: type=1400 audit(601.810:62): avc:  denied  { execute } for  pid=3290 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  602.752422][   T25] audit: type=1400 audit(601.830:63): avc:  denied  { execute_no_trans } for  pid=3290 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  624.133337][   T25] audit: type=1400 audit(623.220:64): avc:  denied  { mounton } for  pid=3290 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  624.166512][   T25] audit: type=1400 audit(623.250:65): avc:  denied  { mount } for  pid=3290 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  624.252608][ T3290] cgroup: Unknown subsys name 'net'
[  624.305586][   T25] audit: type=1400 audit(623.390:66): avc:  denied  { unmount } for  pid=3290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  624.709603][ T3290] cgroup: Unknown subsys name 'cpuset'
[  624.814644][ T3290] cgroup: Unknown subsys name 'rlimit'
[  625.750676][   T25] audit: type=1400 audit(624.830:67): avc:  denied  { setattr } for  pid=3290 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  625.775477][   T25] audit: type=1400 audit(624.860:68): avc:  denied  { mounton } for  pid=3290 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  625.795721][   T25] audit: type=1400 audit(624.880:69): avc:  denied  { mount } for  pid=3290 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  626.996076][ T3293] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  627.016702][   T25] audit: type=1400 audit(626.100:70): avc:  denied  { relabelto } for  pid=3293 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  627.043565][   T25] audit: type=1400 audit(626.130:71): avc:  denied  { write } for  pid=3293 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  627.232673][   T25] audit: type=1400 audit(626.310:72): avc:  denied  { read } for  pid=3290 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  627.252658][   T25] audit: type=1400 audit(626.330:73): avc:  denied  { open } for  pid=3290 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  627.294277][ T3290] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  675.692430][   T25] audit: type=1400 audit(674.780:74): avc:  denied  { execmem } for  pid=3294 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  679.242128][   T25] audit: type=1400 audit(678.310:75): avc:  denied  { read } for  pid=3296 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  679.274496][   T25] audit: type=1400 audit(678.360:76): avc:  denied  { open } for  pid=3296 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  679.347773][   T25] audit: type=1400 audit(678.420:77): avc:  denied  { mounton } for  pid=3296 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  679.597423][   T25] audit: type=1400 audit(678.680:78): avc:  denied  { module_request } for  pid=3296 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  680.757646][   T25] audit: type=1400 audit(679.840:79): avc:  denied  { sys_module } for  pid=3297 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  709.326404][ T3296] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  709.439375][ T3296] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  710.606112][ T3297] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  710.820976][ T3297] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  722.833289][ T3296] hsr_slave_0: entered promiscuous mode
[  722.865459][ T3296] hsr_slave_1: entered promiscuous mode
[  724.137768][ T3297] hsr_slave_0: entered promiscuous mode
[  724.173640][ T3297] hsr_slave_1: entered promiscuous mode
[  724.203126][ T3297] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  724.207901][ T3297] Cannot create hsr debugfs directory
[  729.201125][   T25] audit: type=1400 audit(728.280:80): avc:  denied  { create } for  pid=3296 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  729.247623][   T25] audit: type=1400 audit(728.330:81): avc:  denied  { write } for  pid=3296 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  729.322289][   T25] audit: type=1400 audit(728.360:82): avc:  denied  { read } for  pid=3296 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  729.494678][ T3296] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  729.911781][ T3296] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  730.153429][ T3296] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  730.425186][ T3296] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  731.892627][ T3297] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  732.035756][ T3297] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  732.227853][ T3297] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  732.438020][ T3297] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  745.175438][ T3296] 8021q: adding VLAN 0 to HW filter on device bond0
[  747.372127][ T3297] 8021q: adding VLAN 0 to HW filter on device bond0
[  804.326595][ T3296] veth0_vlan: entered promiscuous mode
[  804.853387][ T3296] veth1_vlan: entered promiscuous mode
[  806.760535][ T3297] veth0_vlan: entered promiscuous mode
[  806.917300][ T3296] veth0_macvtap: entered promiscuous mode
[  807.269199][ T3296] veth1_macvtap: entered promiscuous mode
[  807.685068][ T3297] veth1_vlan: entered promiscuous mode
[  809.396763][ T3296] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  809.405089][ T3296] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  809.416726][ T3296] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  809.428032][ T3296] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  810.467512][ T3297] veth0_macvtap: entered promiscuous mode
[  810.949744][ T3297] veth1_macvtap: entered promiscuous mode
[  812.302927][   T25] audit: type=1400 audit(811.370:83): avc:  denied  { mount } for  pid=3296 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  812.475248][   T25] audit: type=1400 audit(811.530:84): avc:  denied  { mounton } for  pid=3296 comm="syz-executor" path="/syzkaller.zBDTDz/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  812.654922][   T25] audit: type=1400 audit(811.730:85): avc:  denied  { mount } for  pid=3296 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  813.091349][   T25] audit: type=1400 audit(812.130:86): avc:  denied  { mounton } for  pid=3296 comm="syz-executor" path="/syzkaller.zBDTDz/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  813.403739][   T25] audit: type=1400 audit(812.470:87): avc:  denied  { mounton } for  pid=3296 comm="syz-executor" path="/syzkaller.zBDTDz/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  813.731788][ T3297] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  813.744589][ T3297] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  813.755677][ T3297] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  813.770470][ T3297] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  814.053417][   T25] audit: type=1400 audit(813.120:88): avc:  denied  { unmount } for  pid=3296 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  814.231058][   T25] audit: type=1400 audit(813.280:89): avc:  denied  { mounton } for  pid=3296 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  814.337749][   T25] audit: type=1400 audit(813.420:90): avc:  denied  { mount } for  pid=3296 comm="syz-executor" name="/" dev="gadgetfs" ino=3264 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  814.631393][   T25] audit: type=1400 audit(813.670:91): avc:  denied  { mount } for  pid=3296 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  814.684699][   T25] audit: type=1400 audit(813.760:92): avc:  denied  { mounton } for  pid=3296 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  816.194798][ T3296] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  817.602957][   T25] kauditd_printk_skb: 1 callbacks suppressed
[  817.604708][   T25] audit: type=1400 audit(816.630:94): avc:  denied  { read write } for  pid=3296 comm="syz-executor" name="loop1" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  817.606019][   T25] audit: type=1400 audit(816.680:95): avc:  denied  { open } for  pid=3296 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  817.681965][   T25] audit: type=1400 audit(816.680:96): avc:  denied  { ioctl } for  pid=3296 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=638 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  821.668050][   T25] audit: type=1400 audit(820.710:97): avc:  denied  { read } for  pid=3449 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  821.687472][   T25] audit: type=1400 audit(820.760:98): avc:  denied  { open } for  pid=3449 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  822.404351][   T25] audit: type=1400 audit(821.490:99): avc:  denied  { ioctl } for  pid=3449 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  826.911376][   T25] audit: type=1400 audit(825.980:100): avc:  denied  { execute } for  pid=3449 comm="syz.1.2" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3376 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  834.877093][   T25] audit: type=1400 audit(833.950:101): avc:  denied  { write } for  pid=3457 comm="syz.1.4" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  836.883584][   T25] audit: type=1400 audit(835.970:102): avc:  denied  { append } for  pid=3457 comm="syz.1.4" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  866.865008][ T3481] kvm [3481]: Failed to find VMA for hva 0x20d8d000
[  866.973234][ T3484] kvm [3484]: Failed to find VMA for hva 0x20d8d000
[  997.133477][ T3574] kvm [3574]: Failed to find VMA for hva 0x20d8d000
[ 1243.409881][   T25] audit: type=1400 audit(1242.490:103): avc:  denied  { setattr } for  pid=3752 comm="syz.0.85" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1289.533680][ T3785] kvm [3785]: Failed to find VMA for hva 0x21016000
[ 1497.792005][ T3939] kvm [3939]: Failed to find VMA for hva 0x2101a000
[ 1519.500461][ T3950] kvm [3950]: Failed to find VMA for hva 0x20d8d000
[ 1663.175561][ T4050] kvm [4050]: Failed to find VMA for hva 0x21016000
[ 1663.438004][ T4047] kvm [4047]: Failed to find VMA for hva 0x21016000
[ 1693.196652][ T4068] kvm [4068]: Failed to find VMA for hva 0x21016000
[ 1706.970927][   T25] audit: type=1400 audit(1706.040:104): avc:  denied  { ioctl } for  pid=4074 comm="syz.1.178" path="net:[4026531840]" dev="nsfs" ino=4026531840 ioctlcmd=0xb705 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1832.092152][ T4160] kvm [4160]: Failed to find VMA for hva 0x20c01000
[ 1892.007151][ T4212] kvm [4212]: Failed to find VMA for hva 0x20c01000
[ 2136.477219][ T4376] kvm [4376]: Failed to find VMA for hva 0x20c01000
[ 2353.554003][   T25] audit: type=1400 audit(2352.620:105): avc:  denied  { execute } for  pid=4520 comm="syz.0.307" path="/sys/kernel/debug/kcov" dev="debugfs" ino=107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=file permissive=1
[ 2383.118074][ T4542] kvm [4541]: Unsupported guest CP15 access at: 00000100 [000001d3]
[ 2383.118074][ T4542]  { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read },
[ 2383.213438][ T4542] kvm [4541]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 2383.213438][ T4542]  { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read },
[ 2383.267231][ T4542] kvm [4541]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 2383.267231][ T4542]  { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read },
[ 2383.312187][ T4542] kvm [4541]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 2383.312187][ T4542]  { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read },
[ 2383.380225][ T4542] kvm [4541]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 2383.380225][ T4542]  { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read },
[ 2383.412177][ T4542] kvm [4541]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 2383.412177][ T4542]  { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read },
[ 2383.463061][ T4542] kvm [4541]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 2383.463061][ T4542]  { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read },
[ 2383.571739][ T4542] kvm [4541]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 2383.571739][ T4542]  { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read },
[ 2383.592749][ T4542] kvm [4541]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 2383.592749][ T4542]  { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read },
[ 2383.693464][ T4542] kvm [4541]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 2383.693464][ T4542]  { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read },
[ 2388.180819][ T4542] print_sys_reg_msg: 378 callbacks suppressed
[ 2388.310080][ T4542] kvm [4541]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 2388.310080][ T4542]  { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read },
[ 2388.341912][ T4542] kvm [4541]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 2388.341912][ T4542]  { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read },
[ 2388.411409][ T4542] kvm [4541]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 2388.411409][ T4542]  { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read },
[ 2388.454473][ T4542] kvm [4541]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 2388.454473][ T4542]  { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read },
[ 2388.561664][ T4542] kvm [4541]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 2388.561664][ T4542]  { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read },
[ 2388.663232][ T4542] kvm [4541]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 2388.663232][ T4542]  { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read },
[ 2388.664814][ T4542] kvm [4541]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 2388.664814][ T4542]  { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read },
[ 2388.666199][ T4542] kvm [4541]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 2388.666199][ T4542]  { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read },
[ 2388.667582][ T4542] kvm [4541]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 2388.667582][ T4542]  { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read },
[ 2388.824084][ T4542] kvm [4541]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 2388.824084][ T4542]  { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read },
[ 2481.660587][ T4612] kvm [4612]: Failed to find VMA for hva 0x20c01000
[ 2669.722064][ T4751] kvm [4749]: Unsupported guest access at: eeef0000
[ 2669.722064][ T4751]  { Op0( 2), Op1( 0), CRn( 0), CRm( 0), Op2( 2), func_write },
[ 2734.450949][   T25] audit: type=1400 audit(2733.490:106): avc:  denied  { map } for  pid=4796 comm="syz.0.385" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2734.453261][   T25] audit: type=1400 audit(2733.530:107): avc:  denied  { execute } for  pid=4796 comm="syz.0.385" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 3033.823062][ T4994] kvm [4994]: Failed to find VMA for hva 0x21016000
[ 3052.372115][ T5006] kvm [5006]: Failed to find VMA for hva 0x2101a000
[ 3078.526465][ T5019] kvm [5019]: Failed to find VMA for hva 0x21016000
[ 3206.974566][ T5110] kvm [5110]: Failed to find VMA for hva 0x20c01000
[ 3235.677991][ T5127] kvm [5127]: Failed to find VMA for hva 0x20d8d000
[ 3307.681298][   T25] audit: type=1400 audit(3306.760:108): avc:  denied  { map } for  pid=5172 comm="syz.0.497" path="pipe:[2413]" dev="pipefs" ino=2413 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 3357.754425][ T5215] kvm [5215]: Failed to find VMA for hva 0x21016000
[ 3385.437793][ T5235] ------------[ cut here ]------------
[ 3385.438733][ T5235] WARNING: CPU: 0 PID: 5235 at arch/arm64/kvm/inject_fault.c:71 pend_serror_exception+0x19c/0x5ac
[ 3385.442918][ T5235] Modules linked in:
[ 3385.445785][ T5235] CPU: 0 UID: 0 PID: 5235 Comm: syz.1.514 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT 
[ 3385.447797][ T5235] Hardware name: linux,dummy-virt (DT)
[ 3385.449257][ T5235] pstate: 81402009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
[ 3385.450842][ T5235] pc : pend_serror_exception+0x19c/0x5ac
[ 3385.452005][ T5235] lr : pend_serror_exception+0x19c/0x5ac
[ 3385.453245][ T5235] sp : ffff80008e347930
[ 3385.454256][ T5235] x29: ffff80008e347930 x28: 79f000001d740028 x27: 0000000000000001
[ 3385.456486][ T5235] x26: 0000000000000000 x25: 0000000000000001 x24: 0000000000000079
[ 3385.458367][ T5235] x23: 79f000001d7402a8 x22: 0000000000000079 x21: 79f000001d740e81
[ 3385.460254][ T5235] x20: 0000000000000007 x19: efff800000000000 x18: 0000000000000000
[ 3385.462087][ T5235] x17: 0000000000000080 x16: ffff800080011d9c x15: 0000000020000000
[ 3385.463800][ T5235] x14: ffffffffffffffff x13: 0000000000000028 x12: 0000000000000041
[ 3385.465695][ T5235] x11: 41f0000012629564 x10: 0000000000ff0100 x9 : 0000000000000000
[ 3385.467688][ T5235] x8 : 41f0000012628000 x7 : ffff800080b08704 x6 : ffff80008e347a88
[ 3385.469612][ T5235] x5 : ffff80008e347a88 x4 : 0000000000000001 x3 : ffff8000801a2e80
[ 3385.471439][ T5235] x2 : 0000000000000000 x1 : 0000000000000002 x0 : 0000000000000000
[ 3385.473543][ T5235] Call trace:
[ 3385.474669][ T5235]  pend_serror_exception+0x19c/0x5ac (P)
[ 3385.476135][ T5235]  kvm_inject_serror_esr+0x274/0xe40
[ 3385.477426][ T5235]  __kvm_arm_vcpu_set_events+0x1d4/0x238
[ 3385.478609][ T5235]  kvm_arch_vcpu_ioctl+0xed8/0x16b0
[ 3385.479653][ T5235]  kvm_vcpu_ioctl+0x5c4/0xc2c
[ 3385.480793][ T5235]  __arm64_sys_ioctl+0x18c/0x244
[ 3385.481907][ T5235]  invoke_syscall+0x90/0x2b4
[ 3385.483073][ T5235]  el0_svc_common+0x180/0x2f4
[ 3385.484276][ T5235]  do_el0_svc+0x58/0x74
[ 3385.485367][ T5235]  el0_svc+0x58/0x160
[ 3385.486417][ T5235]  el0t_64_sync_handler+0x78/0x108
[ 3385.487598][ T5235]  el0t_64_sync+0x198/0x19c
[ 3385.488861][ T5235] irq event stamp: 72
[ 3385.489772][ T5235] hardirqs last  enabled at (71): [<ffff80008653cb88>] _raw_read_unlock_irqrestore+0x44/0xbc
[ 3385.491415][ T5235] hardirqs last disabled at (72): [<ffff800086517e08>] el1_dbg+0x24/0x80
[ 3385.492893][ T5235] softirqs last  enabled at (38): [<ffff8000800c988c>] local_bh_enable+0x10/0x34
[ 3385.494441][ T5235] softirqs last disabled at (36): [<ffff8000800c9858>] local_bh_disable+0x10/0x34
[ 3385.496116][ T5235] ---[ end trace 0000000000000000 ]---
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 3401.172197][ T4729] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3402.221156][ T4729] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3402.702650][ T4729] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3403.083654][ T4729] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3414.884565][ T4729] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3415.383192][ T4729] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface

VM DIAGNOSIS:
23:26:16  Registers:
info registers vcpu 0

CPU#0
 PC=ffff8000804516b8 X00=0000000000000000 X01=ffff8000872b1fa2
X02=ffff8000804580e0 X03=0000000000000000 X04=ffff80008e347070
X05=0000000000000020 X06=0000000000000000 X07=ffff80008652e834
X08=00000000000003c0 X09=0000000000000000 X10=0000000000000041
X11=0000000000000144 X12=0000000000000044 X13=0000000000000002
X14=00000000000000c8 X15=ffff800087f39a30 X16=ffff800080011d9c
X17=0000000000000080 X18=0000000000000000 X19=0000000000000000
X20=0000000000000000 X21=ffff80008652e834 X22=ffff8000877e66a8
X23=0000000000000000 X24=0000000000000001 X25=0000000000000000
X26=ffff800087666580 X27=00000000000003c0 X28=0000000000000000
X29=ffff80008e347230 X30=ffff800080451698  SP=ffff80008e3471e0
PSTATE=604023c9 -ZC- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=0000000000000000:0000000000000000 Z01=0000ffffd27f1090:068a1cb29b4d1000
Z02=0000ffffd27f1070:ffffff80ffffffd8 Z03=0000ffffd27f1120:0000ffffd27f1120
Z04=0000ffffd27f1120:0000ffff8c136d08 Z05=0000ffffd27f10f0:0000ffffd27f1120
Z06=6edc4d3a2914b135:d8e9c869e2695c88 Z07=b20fae707afde253:388e9c6c4fa85ca0
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000ffffd27f1340:0000ffffd27f1340 Z17=ffffff80ffffffd0:0000ffffd27f1310
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000