last executing test programs:

12m58.541377735s ago: executing program 1 (id=570):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x28)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r3, 0x4018aee3, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0})
r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100018, &(0x7f0000000100)=0xffffffffffffffff})

12m54.176653871s ago: executing program 0 (id=571):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x9)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r6, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r6, 0x0)
syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000009000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000009000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000140001, &(0x7f0000000000)=0x7}) (async)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000100)=@arm64_bitmap={0x6030000000140001, &(0x7f0000000000)=0x7})
ioctl$KVM_SET_DEVICE_ATTR_vm(0xffffffffffffffff, 0x8040aeb6, &(0x7f0000000080)=@attr_other={0x0, 0x3, 0x4, &(0x7f0000000000)=0x7})

12m50.727408399s ago: executing program 1 (id=572):
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000010000/0x1000)=nil, 0x930, 0x100000f, 0x4019032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80400, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0xc)

12m45.818757267s ago: executing program 0 (id=573):
r0 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000300)={0x0, &(0x7f0000000000)=[@smc={0x1e, 0x40, {0x82000016, [0x1c, 0xffffffffffffffff, 0xffffffff, 0x4]}}, @eret={0xe6, 0x18, 0x9}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xffe8, 0x7, 0xd}}, @mrs={0xbe, 0x18, {0x603000000013df43}}, @uexit={0x0, 0x18, 0x7}, @hvc={0x32, 0x40, {0x84000004, [0x3, 0x9, 0x2, 0x3, 0x1e3]}}, @hvc={0x32, 0x40, {0x400cfbc, [0x7fffffff, 0x2, 0x34, 0x4d, 0x14d5]}}, @irq_setup={0x46, 0x18, {0x1, 0x26d}}, @uexit={0x0, 0x18, 0x4}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x4, 0x5, 0x6, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013c032}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x1, 0x2, 0xcf, 0x8, 0x1}}, @msr={0x14, 0x20, {0x0, 0x7ff}}, @smc={0x1e, 0x40, {0x80000001, [0x5, 0x7, 0x100000001, 0x7ff, 0x56c60923]}}, @its_setup={0x82, 0x28, {0x4, 0x3, 0x355}}, @smc={0x1e, 0x40, {0x84000005, [0x2, 0x9, 0x7fffffff, 0x400, 0x2]}}, @msr={0x14, 0x20, {0x603000000013c601, 0xbb}}, @eret={0xe6, 0x18, 0x7}], 0x2d0}, &(0x7f0000000340)=[@featur2={0x1, 0xe0}], 0x1)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, r0, 0x1000002, 0x8011, r1, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3d)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000380)={0x5, <r3=>0xffffffffffffffff})
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000400)=@attr_arm64={0x0, 0x4, 0x4, &(0x7f00000003c0)=0x3})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000480)=@attr_other={0x0, 0x8, 0x2, &(0x7f0000000440)=0x7})
ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000500)=@attr_arm64={0x0, 0x1b6bb9ed88913924, 0x1, &(0x7f00000004c0)=0x2})
r4 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000ac0)={0x0, &(0x7f0000000540)=[@its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x3, 0x8, 0x3, 0x8, 0x2}}, @msr={0x14, 0x20, {0x603000000013df73, 0x6}}, @irq_setup={0x46, 0x18, {0x4, 0x1b4}}, @code={0xa, 0x6c, {"202c9ed20080b0f2410080d2020080d2630080d2440080d2020000d4007008d5008008d5000028d5000000ca0000001100b8205ea07295d200e0b8f2810080d2620180d2030180d2440080d2020000d4008c202e0038601e"}}, @msr={0x14, 0x20, {0x603000000013df7f, 0x80000000}}, @code={0xa, 0x6c, {"20a38cd200e0b0f2410180d2420080d2030080d2a40180d2020000d400a4200d000008d5008008d5007008d5000028d5009793d200e0b8f2410080d2220080d2a30080d2c40080d2020000d4001c004e000c00fc007008d5"}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x0, 0x4, 0xf, 0x6e1, 0x4}}, @hvc={0x32, 0x40, {0x10, [0x81, 0x6, 0xff, 0x80, 0x6]}}, @code={0xa, 0xb4, {"0040ff0d007008d50000000e207f94d200e0b8f2a10180d2020080d2630080d2a40180d2020000d4e00284d200a0b8f2810180d2e20080d2830180d2640180d2020000d4003c004e801391d200e0b0f2a10080d2820180d2430080d2640180d2020000d440f784d20000b0f2210180d2c20180d2e30180d2040080d2020000d40000c06d60ad95d20060b0f2a10080d2c20180d2630180d2240180d2020000d4"}}, @eret={0xe6, 0x18, 0x3}, @eret={0xe6, 0x18, 0x4}, @mrs={0xbe, 0x18, {0x603000000013ff11}}, @svc={0x122, 0x40, {0x80000000, [0x4, 0x9, 0x8, 0x60ae, 0x80]}}, @hvc={0x32, 0x40, {0x84000003, [0x4b7, 0x1, 0x6, 0x9, 0xb]}}, @msr={0x14, 0x20, {0x603000000013def8, 0x4}}, @code={0xa, 0x6c, {"401c93d20040b0f2e10180d2e20080d2e30180d2a40080d2020000d4008080080008603800004048000008d5000028d500f8307e40e696d200c0b8f2a10180d2620080d2e30080d2040080d2020000d4007008d50050200e"}}, @smc={0x1e, 0x40, {0x3f000000, [0x0, 0x5, 0x9, 0xfffffffffffffff9, 0x9]}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x3f0}}, @irq_setup={0x46, 0x18, {0x0, 0x2ba}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x3, 0x4, 0x100, 0x7}}, @mrs={0xbe, 0x18, {0x603000000013c03a}}, @eret={0xe6, 0x18, 0x7ff}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x282}}, @smc={0x1e, 0x40, {0x4000, [0x3, 0x800, 0x6, 0xeab, 0x200]}}, @svc={0x122, 0x40, {0xc400000d, [0x3, 0x5, 0x1000, 0x7, 0x8]}}, @mrs={0xbe, 0x18, {0x603000000013dea5}}, @irq_setup={0x46, 0x18, {0x4, 0x292}}], 0x578}, &(0x7f0000000b00)=[@featur1={0x1, 0x12}], 0x1)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_GET_REGS(0xffffffffffffffff, 0x8360ae81, &(0x7f0000000b40))
r5 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000d40)={0x0, &(0x7f0000000c00)=[@mrs={0xbe, 0x18, {0x603000000013c080}}, @uexit={0x0, 0x18}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x365}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x2, 0xf, 0xffffffff, 0x2, 0x2}}, @irq_setup={0x46, 0x18, {0x0, 0xd1}}, @code={0xa, 0x6c, {"a0a698d20000b0f2210180d2620080d2430080d2240080d2020000d4000cc0da000080b9000860380000289e008008d5007008d580118cd20060b8f2a10080d2a20180d2230080d2240180d2020000d4000008d5007008d5"}}], 0x104}, &(0x7f0000000d80)=[@featur1={0x1, 0x40}], 0x1)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r5, 0x4010aeab, &(0x7f0000000dc0)={0xfffffffffffffff7, 0xd000})
r6 = ioctl$KVM_GET_STATS_FD_vm(r2, 0xaece)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
r7 = ioctl$KVM_GET_STATS_FD_vm(r2, 0xaece)
ioctl$KVM_GET_SREGS(r7, 0x8000ae83, &(0x7f0000000e00))
ioctl$KVM_GET_REGS(r5, 0x8360ae81, &(0x7f0000000f40))
ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, &(0x7f0000001000)={0x4, 0x9})
openat$kvm(0xffffffffffffff9c, &(0x7f0000001040), 0x482000, 0x0)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f00000010c0)=@arm64_sys={0x603000000013df4e, &(0x7f0000001080)=0xfffffffffffffe01})
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000001100)={0x6, 0x8000})
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
syz_kvm_vgic_v3_setup(r2, 0x3, 0x220)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0xe)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r1, 0x4018aee2, &(0x7f0000001180)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000001140)={0x2, 0xd}})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000011c0), 0x1e542, 0x0)
close(r8)
ioctl$KVM_SET_SREGS(r7, 0x4000ae84, &(0x7f0000001200)={{0x1000, 0x33331000, 0xd, 0x5, 0x2, 0xfb, 0x4, 0x43, 0x5, 0x9b, 0xc0, 0x10}, {0x0, 0x1000, 0xc, 0x9c, 0x3, 0xda, 0x3, 0x3, 0xc, 0x4, 0xe}, {0x5000, 0x4c96dcc8dad65ee9, 0x1b, 0xff, 0x6c, 0x7, 0xc, 0xc5, 0x6, 0x0, 0x0, 0xd}, {0x8080000, 0xeeee5000, 0x10, 0x47, 0x5, 0x4, 0x1, 0x1, 0x6, 0x2, 0xfa, 0x7}, {0x3000, 0x8080000, 0xf, 0xb8, 0x0, 0xe2, 0x6, 0xa2, 0x9, 0x7f, 0x0, 0x6}, {0xffff1000, 0xeeee8000, 0xe, 0x6, 0xa, 0xd, 0x0, 0x80, 0x8, 0x1, 0xfc, 0x1}, {0xffff1000, 0x1000, 0xf, 0x3, 0xc, 0x4, 0x0, 0x8, 0xf7, 0x0, 0x1, 0x3}, {0xeeee8000, 0xffff1000, 0x10, 0xfe, 0x3, 0x29, 0x7, 0x10, 0x6, 0x7, 0xc3, 0x40}, {0xf000}, {0xeeef0000}, 0x2, 0x0, 0xffff3000, 0x10000, 0x6, 0x6001, 0x0, [0x1, 0x4da, 0x2, 0x63]})

12m43.040943212s ago: executing program 1 (id=574):
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000f65000/0x2000)=nil, 0x0, 0x2000003, 0x12, 0xffffffffffffffff, 0x1000000)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ce6000/0x1000)=nil, 0x930, 0x0, 0x40010, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x30, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r1, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)

12m40.031042658s ago: executing program 0 (id=575):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000180)=[@its_setup={0x82, 0x0, {0x2, 0x0, 0x6d}}, @msr={0x14, 0x0, {0x603000000013dce4}}, @msr={0x14, 0x0, {0x603000000013e6d0, 0x4f73}}, @msr={0x14, 0x0, {0x603000000013dce4, 0x80000001}}, @eret={0xe6, 0x0, 0x5}, @msr={0x14, 0x0, {0x603000000013c210}}, @uexit={0x0, 0x0, 0x400}, @code={0xa, 0x0, {"00409f0d0000689e400097d200a0b8f2010080d2820180d2630180d2440180d2020000d4a06395d20020b0f2610180d2e20080d2230180d2840180d2020000d40068a038000000c820a996d20000b0f2010080d2220080d2630180d2040180d2020000d4007008d50000805a000020c8"}}, @hvc={0x32, 0x0, {0x84000012, [0x9, 0x9, 0xde, 0x0, 0x2]}}, @code={0xa, 0x0, {"a0329bd20040b8f2810180d2420180d2e30180d2440180d2020000d480e581d200a0b8f2610080d2020080d2430080d2c40180d2020000d4000008d5006f96d20080b0f2410180d2c20080d2630180d2240180d2020000d40014202e000000b1000028d540cc96d20060b8f2e10180d2020080d2c30180d2440180d2020000d4c09788d20060b0f2e10180d2420080d2830180d2240180d2020000d4000028d5"}}, @hvc={0x32, 0x0, {0x1000, [0x6, 0xfff, 0xcba7, 0x5, 0x6]}}, @irq_setup={0x46, 0x0, {0x4, 0x152}}, @irq_setup={0x46, 0x0, {0x2, 0x328}}, @its_send_cmd={0xaa, 0x0, {0x9, 0x0, 0x1, 0x1, 0x40, 0x5, 0x4}}, @uexit={0x0, 0x0, 0x1ff}, @msr={0x14, 0x0, {0x603000000013f665, 0x3}}, @its_setup={0x82, 0x0, {0x2, 0x4, 0x2b1}}, @svc={0x122, 0x0, {0x80000000, [0x9, 0x2, 0x384, 0x81, 0x1]}}, @memwrite={0x6e, 0x0, @vgic_gicd={0x8000000, 0x1a00, 0x8, 0x2}}, @mrs={0xbe, 0x0, {0x603000000013c523}}, @mrs={0xbe, 0x0, {0x603000000013df52}}, @uexit={0x0, 0x0, 0x1}]}, 0x0, 0xffffffffffffff66)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x5)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x7e)
r8 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x20000000)
r9 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32)
r10 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r10, 0xae03, 0x59)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r12, 0x4010ae42, &(0x7f0000000000)={0xa4a605311ad0de6b, 0x0, &(0x7f0000c67000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f000073e000/0x400000)=nil)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_CAP_HALT_POLL(r5, 0x4068aea3, &(0x7f0000000100)={0xb6, 0x0, 0x81})
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x18, {"7f2003d5"}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

12m37.150448653s ago: executing program 1 (id=576):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, &(0x7f00000009c0)=[@hvc={0x32, 0x40, {0xc4000004, [0x4, 0xfffffffffffffffa, 0x8000000000000000, 0x427f, 0x400003]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000040)=@arm64={0x2, 0x2, 0x7f, '\x00', 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x140, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_ARM_VCPU_FINALIZE(r7, 0x4004aec2, &(0x7f0000000000)=0x4)
r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r10, 0x4010aeab, &(0x7f0000000140)=@arm64_core={0x603000000010000c, &(0x7f00000000c0)=0x2})
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r12 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f00000002c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r13, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x603000000010004a, &(0x7f0000000100)=0xffffffffffffffff})
r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_KVMCLOCK_CTRL(r10, 0xaead)
r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x0)
r17 = syz_kvm_vgic_v3_setup(r16, 0x1, 0x100)
ioctl$KVM_GET_DEVICE_ATTR(r17, 0x4018aee2, &(0x7f0000000180)=@attr_other={0x0, 0x5, 0xc, &(0x7f0000000240)=0x80000001})
mmap$KVM_VCPU(&(0x7f0000c68000/0x3000)=nil, r14, 0x2, 0x4000010, r3, 0x0)

12m20.40748833s ago: executing program 0 (id=577):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21)
eventfd2(0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6)
r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48)
openat$kvm(0x0, &(0x7f0000000040), 0x444802, 0x0)

12m19.031081702s ago: executing program 1 (id=578):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x80402, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xe5)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xb1)
r2 = openat$kvm(0x0, &(0x7f00000000c0), 0x20080, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000140), 0x40480, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000000)={0x0, &(0x7f0000000400)=[@hvc={0x32, 0x40, {0x84000053, [0x8, 0x8, 0x1, 0x8, 0x100]}}], 0x40}, 0x0, 0x0)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f00000003c0)=[@hvc={0x32, 0x40, {0x86000001, [0xc, 0x5, 0x2, 0xfffffffffffffffc, 0x52]}}], 0xffffffb5}, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x29)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x5)
r9 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000010000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000000)={0x0, &(0x7f0000000340)=[@code={0xa, 0x9c, {"a0089dd200e0b8f2e10080d2420080d2230080d2e40180d2020000d4604082d20060b0f2c10180d2020180d2230180d2840080d2020000d4000028d5000028d5007008d50000791e001783d200e0b8f2210080d2220180d2830180d2640180d2020000d4000840fa0000219e405182d20000b8f2e10080d2020180d2230080d2240180d2020000d4"}}, @eret={0xe6, 0x18, 0x9}, @uexit={0x0, 0x18, 0x5}, @uexit={0x0, 0x18, 0xff}, @smc={0x1e, 0x40, {0x8000, [0x7, 0x9, 0x6, 0x1, 0xf5d2]}}, @svc={0x122, 0x40, {0x10, [0x80000000, 0x6, 0x7d1, 0x10, 0x9]}}, @svc={0x122, 0x40, {0xffff, [0x8, 0x1301, 0x200, 0x10000, 0x6]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe0, 0x5bf1, 0xe}}, @msr={0x14, 0x20, {0x603000000013dee0, 0xfffffffffffffff9}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfffc, 0x400, 0x10}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0xe, 0xffff54d6, 0xfffffffc, 0x3}}, @hvc={0x32, 0x40, {0x84000003, [0x4d, 0x2, 0x0, 0x7]}}, @svc={0x122, 0x40, {0x7b007ff6, [0x1, 0xe3fd, 0x1ff, 0x6, 0x2]}}, @msr={0x14, 0x20, {0x603000000013c807, 0xae6e}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffd0, 0x5d9e, 0x6}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x3000, 0xd, 0x1}}, @irq_setup={0x46, 0x18, {0x2, 0x187}}, @hvc={0x32, 0x40, {0x1000, [0x6, 0x14d, 0x0, 0x900000, 0x180000000000]}}, @smc={0x1e, 0x40, {0x4000000, [0x3, 0x0, 0x80, 0x7, 0x1]}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x19c}}, @smc={0x1e, 0x40, {0x1, [0xd748528000000000, 0x3ff, 0xf23, 0x533, 0xf]}}, @svc={0x122, 0x40, {0xc4000010, [0x8, 0xd, 0xb1, 0x1000, 0x9]}}, @uexit={0x0, 0x18, 0x6}, @irq_setup={0x46, 0x18, {0x0, 0x351}}, @code={0xa, 0x84, {"000008d5007008d5007c209b0000403d007008d5008008d5a0b19bd20060b8f2010180d2220180d2630080d2a40080d2020000d4801d84d20000b8f2c10180d2420080d2430180d2e40180d2020000d4008008d5a07d8cd200e0b0f2010080d2820080d2630180d2a40080d2020000d4"}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x1f4}}, @irq_setup={0x46, 0x18, {0x0, 0x251}}], 0x580}, &(0x7f0000000040)=[@featur2={0x1, 0x30}], 0x1)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
r11 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r10, 0x2, 0x11, r8, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x3)

12m12.356795219s ago: executing program 0 (id=579):
munmap(&(0x7f000049b000/0x400000)=nil, 0x400000)
munmap(&(0x7f0000503000/0x3000)=nil, 0x3000) (async)
munmap(&(0x7f0000503000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)

12m8.051250431s ago: executing program 1 (id=580):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x7)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, 0x0, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000200)={0x0, &(0x7f0000000500)=[@mrs={0xbe, 0x18, {0x6030000000138056}}], 0x18}, 0x0, 0x0) (async)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000200)={0x0, &(0x7f0000000500)=[@mrs={0xbe, 0x18, {0x6030000000138056}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000100)="4bead90a8a524c79f126541ba60686d7378e2f7235828bcf3fa4a80d5e3c6753e0fbf42973da38e59cd4b2dc174f7f7ed37dd8abc6a52715ea2d8a070028857f943eed4506eaf7a1", 0x0, 0x48)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31) (async)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_SREGS(r11, 0x8000ae83, &(0x7f0000000180))
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100024, &(0x7f0000000140)=0x7}) (async)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100024, &(0x7f0000000140)=0x7})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) (async)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x151400, 0x0)

12m6.348989353s ago: executing program 0 (id=581):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async)
r4 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async)
syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33)
ioctl$KVM_SET_DEVICE_ATTR_vm(r6, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9, 0x0, 0x1}})

11m21.15925052s ago: executing program 32 (id=580):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x7)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, 0x0, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000200)={0x0, &(0x7f0000000500)=[@mrs={0xbe, 0x18, {0x6030000000138056}}], 0x18}, 0x0, 0x0) (async)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000200)={0x0, &(0x7f0000000500)=[@mrs={0xbe, 0x18, {0x6030000000138056}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000100)="4bead90a8a524c79f126541ba60686d7378e2f7235828bcf3fa4a80d5e3c6753e0fbf42973da38e59cd4b2dc174f7f7ed37dd8abc6a52715ea2d8a070028857f943eed4506eaf7a1", 0x0, 0x48)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31) (async)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x31)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_SREGS(r11, 0x8000ae83, &(0x7f0000000180))
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100024, &(0x7f0000000140)=0x7}) (async)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100024, &(0x7f0000000140)=0x7})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) (async)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x151400, 0x0)

11m16.829347175s ago: executing program 33 (id=581):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async)
r4 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async)
syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33)
ioctl$KVM_SET_DEVICE_ATTR_vm(r6, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9, 0x0, 0x1}})

1m39.346415847s ago: executing program 3 (id=618):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000040)={0x7, <r3=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r3, 0x4018aee3, &(0x7f0000000100)=@attr_other={0x0, 0x10, 0x5, &(0x7f0000000240)=0xc415})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f00000000c0)=@arm64_fw={0x6030000000140003, &(0x7f0000000000)=0x4})
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1a)
syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000b0d000/0x400000)=nil)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
r12 = eventfd2(0xa, 0x80801)
r13 = mmap$KVM_VCPU(&(0x7f0000e19000/0x4000)=nil, 0x0, 0x2000009, 0x80010, r6, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(r13, 0x20, &(0x7f00000002c0)="2a0eb77b2ae192272c09900f72a9dbb744c4d534fa5da77e", 0x0, 0x18)
write$eventfd(r12, &(0x7f0000000300)=0xfffffffffffffffd, 0x8)
write$eventfd(r12, &(0x7f0000000480)=0x8c49, 0x8)
r14 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x18, {"7f2003d5"}}], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r14, 0xae80, 0x0)
r15 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r16, 0xc00caee0, &(0x7f0000000180)={0x8, <r17=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r17, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x42})
ioctl$KVM_GET_DEVICE_ATTR(r17, 0x4018aee2, &(0x7f0000000280)=@attr_arm64={0x0, 0x8, 0x4, &(0x7f0000000040)=0x1})
ioctl$KVM_IRQ_LINE_STATUS(r10, 0xc008ae67, &(0x7f0000000100)={0x0, 0x81})
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000080)={0x4, <r18=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r18, 0x4018aee1, 0xffffffffffffffff)

1m22.624718574s ago: executing program 3 (id=620):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f0000000080)={0xdf, 0x0, 0x1e000}) (async)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000100)={0x2}) (async)
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000280)=@arm64_core={0x603000000010002c, &(0x7f0000000140)=0x8})

1m14.154913623s ago: executing program 2 (id=621):
openat$kvm(0x0, &(0x7f0000000040), 0x400040, 0x0) (async)
r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, &(0x7f00000000c0)=[@msr={0x14, 0x20, {0x603000000013df64, 0x8002}}, @msr={0x14, 0x20, {0x603000000013df7f, 0x8000}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) (async)
r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000240)={0x4, 0x9, 0x1}}) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
munmap(&(0x7f0000c8f000/0x4000)=nil, 0x4000) (async)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000f7c000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) (async)
r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r9, 0x100000d, 0x32, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000f7e000/0x4000)=nil, 0x4000) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x20e4586c}) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x40000, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x2f)

1m13.538483893s ago: executing program 3 (id=622):
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4000010, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000fff000/0x1000)=nil, 0x930, 0x100000f, 0x8010, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00005c5000/0x2000)=nil, 0x0, 0x3000003, 0x4000010, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x4000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8})
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r1, 0x4010aeb5, &(0x7f0000000040)={0xe9d, 0x9})
munmap(&(0x7f0000c36000/0x4000)=nil, 0x4000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000fea000/0x4000)=nil, r2, 0x800000, 0x110, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x0, 0xe, 0x13, 0xffffffffffffffff, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r4, 0x100000d, 0x10010, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000667000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)

59.821470307s ago: executing program 3 (id=623):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c111, 0x0})
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x2a040, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0xd8)

58.599700564s ago: executing program 2 (id=624):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x7, <r3=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000280)=0x400000080a0000}) (async, rerun: 64)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (rerun: 64)
r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 64)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async, rerun: 64)
r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
syz_kvm_vgic_v3_setup(r6, 0x1, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000040)=0xe7})
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000080)=0xe7}) (async)
syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async)
syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)

47.391436468s ago: executing program 3 (id=625):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x7, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000280)=0x400000080a0000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x8080000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000)
r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_CAP_ARM_MTE(r8, 0x4068aea3, &(0x7f0000000040))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x71d042, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x22)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x80000000000000)
r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil)
r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0xffffffffffffffff}}], 0x20}, &(0x7f00000000c0)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)

46.818427529s ago: executing program 2 (id=626):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = eventfd2(0x0, 0x0)
write$eventfd(r1, 0xffffffffffffffff, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x17)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x200000002)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000100)={0x4})
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f00000000c0)={0x4})
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000040)={0x7, <r5=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r5, 0x4018aee3, &(0x7f0000000180)=@attr_other={0x0, 0x10000041, 0x5, 0x0})
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)

38.0978735s ago: executing program 2 (id=627):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) (async)
openat$kvm(0x3f, &(0x7f0000000040), 0x280880, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1)
r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000b97000/0x400000)=nil)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000280)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013c090, &(0x7f00000000c0)=0xfffffffffffffffe}) (async)
ioctl$KVM_CAP_ARM_MTE(r1, 0x4068aea3, &(0x7f0000000200))
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, &(0x7f00000004c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0xffffffffffffffff}}], 0x20}, &(0x7f00000000c0)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r15, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async)
ioctl$KVM_RUN(r15, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r16 = openat$kvm(0x0, &(0x7f0000000080), 0x40000, 0x0)
r17 = ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0)
r18 = syz_kvm_setup_syzos_vm$arm64(r17, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r18, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x3}}], 0x68}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r17, 0x1, 0x100)

8.337761015s ago: executing program 3 (id=628):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x200, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2c)
r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013df19, 0x8003}}], 0x20}, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r6, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000f2c000/0x3000)=nil, r6, 0xc, 0x5c1fd1b65647af1, r4, 0x20000000)
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil)
r10 = eventfd2(0xffff10c0, 0x801)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000100)={0xf09, 0x8080000, 0x0, r10})
r11 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r8, 0x1, 0x100)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x8, <r12=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r11, 0xae80, 0x0)
syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
mmap$KVM_VCPU(&(0x7f0000c6a000/0x3000)=nil, 0x930, 0x1000003, 0x28031, 0xffffffffffffffff, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x24)
r15 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$KVM_S390_VCPU_FAULT(r15, 0x4008ae52, &(0x7f0000000040)=0x1)
ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})

7.737283718s ago: executing program 2 (id=629):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r2, 0x2, 0x100) (async)
close(r0) (async)
r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000800)=[@code={0xa, 0x9c, {"000028d5007008d50018285e804382d20020b0f2610080d2620180d2430080d2040080d2020000d4c08c99d20060b0f2010180d2a20180d2230180d2640180d2020000d4804f87d200a0b0f2610080d2620180d2a30180d2a40080d2020000d4e0089dd200e0b0f2210180d2020080d2630080d2440180d2020000d4007008d50000669e007008d5"}}, @smc={0x1e, 0x40, {0x80007fff, [0x0, 0x4000000000001ff, 0xfffffffffffff9fe, 0x1000000000005f, 0x7fff]}}, @eret={0xe6, 0x18, 0x4}, @svc={0x122, 0x40, {0x2000, [0x100000001, 0x0, 0x38, 0x8, 0x341]}}, @eret={0xe6, 0x18, 0x8000000000000001}, @uexit={0x0, 0x18, 0x1003}, @eret={0xe6, 0x18, 0x1}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x93}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x0, 0x4, 0xc, 0x7, 0x1}}, @svc={0x122, 0x40, {0xc4000001, [0x4, 0x2, 0x1, 0x9, 0x1]}}, @irq_setup={0x46, 0x18, {0x4, 0x32a}}, @svc={0x122, 0x40, {0x30000000, [0x4, 0x0, 0xfffffffffffffff7, 0xaa5e, 0x4744]}}, @smc={0x1e, 0x40, {0xc400000d, [0x400, 0x9, 0x7, 0x1, 0xe3dd]}}, @smc={0x1e, 0x40, {0x3000000, [0x7ff, 0x200000, 0x1000, 0x6, 0x8]}}, @msr={0x14, 0x20, {0x603000000013801c, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x0, 0xe, 0x5, 0x4, 0x1}}, @code={0xa, 0x84, {"20dc97d200a0b8f2810080d2c20180d2830080d2840080d2020000d4000028d5005c200e000000b100e4007fa0049ad200a0b0f2610180d2e20080d2a30080d2a40180d2020000d40000391ea06890d20060b0f2810080d2820080d2030080d2240080d2020000d4001c004e000028d5"}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x4, 0xb, 0x1, 0x0, 0x3}}], 0x3d8}, &(0x7f0000000400)=[@featur1={0x1, 0x20}], 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000440)=@x86={0x5, 0x5, 0x8, 0x0, 0x4, 0xd, 0x7, 0x6, 0x3, 0x80, 0x6, 0x6, 0x0, 0xffffffff, 0x7, 0xbe, 0x7, 0x4, 0x1, '\x00', 0x5, 0xffffffffffffffff}) (async)
ioctl$KVM_ARM_VCPU_FINALIZE(r3, 0x4004aec2, &(0x7f00000000c0)=0x5) (async)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)

0s ago: executing program 2 (id=630):
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000)
munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b4000/0x3000)=nil, r1, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18})
ioctl$KVM_GET_REG_LIST(r4, 0xc008aeb0, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, r1, 0x0, 0x13, r4, 0x0)
munmap(&(0x7f0000e9d000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x0, 0x23ac5f9b426e84b2, 0xffffffffffffffff, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff, 0x1})
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
ioctl$KVM_CREATE_VM(r7, 0x400454cc, 0x1)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

[  393.746678][ T3144] 8021q: adding VLAN 0 to HW filter on device bond0
[  458.939761][ T3144] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:26709' (ED25519) to the list of known hosts.
[  617.894197][   T25] audit: type=1400 audit(617.070:60): avc:  denied  { name_bind } for  pid=3302 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  619.523598][   T25] audit: type=1400 audit(618.700:61): avc:  denied  { execute } for  pid=3303 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  619.554775][   T25] audit: type=1400 audit(618.730:62): avc:  denied  { execute_no_trans } for  pid=3303 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  645.091110][   T25] audit: type=1400 audit(644.270:63): avc:  denied  { mounton } for  pid=3303 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  645.127626][   T25] audit: type=1400 audit(644.300:64): avc:  denied  { mount } for  pid=3303 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  645.211507][ T3303] cgroup: Unknown subsys name 'net'
[  645.261324][   T25] audit: type=1400 audit(644.440:65): avc:  denied  { unmount } for  pid=3303 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  645.663841][ T3303] cgroup: Unknown subsys name 'cpuset'
[  645.769137][ T3303] cgroup: Unknown subsys name 'rlimit'
[  646.716555][   T25] audit: type=1400 audit(645.900:66): avc:  denied  { setattr } for  pid=3303 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  646.741020][   T25] audit: type=1400 audit(645.910:67): avc:  denied  { mounton } for  pid=3303 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  646.758920][   T25] audit: type=1400 audit(645.940:68): avc:  denied  { mount } for  pid=3303 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  647.961501][ T3306] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  647.981272][   T25] audit: type=1400 audit(647.160:69): avc:  denied  { relabelto } for  pid=3306 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  648.007940][   T25] audit: type=1400 audit(647.190:70): avc:  denied  { write } for  pid=3306 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  648.189268][   T25] audit: type=1400 audit(647.370:71): avc:  denied  { read } for  pid=3303 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  648.215980][   T25] audit: type=1400 audit(647.390:72): avc:  denied  { open } for  pid=3303 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  648.258558][ T3303] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  697.514329][   T25] audit: type=1400 audit(696.690:73): avc:  denied  { execmem } for  pid=3307 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  705.078163][   T25] audit: type=1400 audit(704.240:74): avc:  denied  { read } for  pid=3309 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  705.106374][   T25] audit: type=1400 audit(704.280:75): avc:  denied  { open } for  pid=3309 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  705.187020][   T25] audit: type=1400 audit(704.350:76): avc:  denied  { mounton } for  pid=3309 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  705.443598][   T25] audit: type=1400 audit(704.600:77): avc:  denied  { module_request } for  pid=3309 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  706.605592][   T25] audit: type=1400 audit(705.750:78): avc:  denied  { sys_module } for  pid=3309 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  735.391137][ T3310] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  735.629105][ T3310] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  735.695666][ T3309] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  735.948046][ T3309] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  748.153485][ T3310] hsr_slave_0: entered promiscuous mode
[  748.184247][ T3310] hsr_slave_1: entered promiscuous mode
[  749.274345][ T3309] hsr_slave_0: entered promiscuous mode
[  749.308199][ T3309] hsr_slave_1: entered promiscuous mode
[  749.340040][ T3309] debugfs: 'hsr0' already exists in 'hsr'
[  749.354791][ T3309] Cannot create hsr debugfs directory
[  754.641068][   T25] audit: type=1400 audit(753.820:79): avc:  denied  { create } for  pid=3310 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  754.723772][   T25] audit: type=1400 audit(753.890:80): avc:  denied  { write } for  pid=3310 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  754.784472][   T25] audit: type=1400 audit(753.960:81): avc:  denied  { read } for  pid=3310 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  754.989722][ T3310] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  755.328291][ T3310] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  755.567373][ T3310] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  755.880725][ T3310] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  758.190359][ T3309] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  758.447652][ T3309] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  758.697541][ T3309] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  758.927111][ T3309] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  776.878408][ T3310] 8021q: adding VLAN 0 to HW filter on device bond0
[  779.151617][ T3309] 8021q: adding VLAN 0 to HW filter on device bond0
[  837.460513][ T3310] veth0_vlan: entered promiscuous mode
[  838.037947][ T3310] veth1_vlan: entered promiscuous mode
[  839.952626][ T3309] veth0_vlan: entered promiscuous mode
[  840.167720][ T3310] veth0_macvtap: entered promiscuous mode
[  840.487297][ T3310] veth1_macvtap: entered promiscuous mode
[  840.829870][ T3309] veth1_vlan: entered promiscuous mode
[  842.924786][ T3334] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  842.941436][ T3334] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  842.958408][ T3334] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  842.975641][ T3334] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  843.481642][ T3309] veth0_macvtap: entered promiscuous mode
[  844.115538][ T3309] veth1_macvtap: entered promiscuous mode
[  845.498027][   T25] audit: type=1400 audit(844.680:82): avc:  denied  { mount } for  pid=3310 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  845.764099][   T25] audit: type=1400 audit(844.940:83): avc:  denied  { mounton } for  pid=3310 comm="syz-executor" path="/syzkaller.2GQVqw/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  846.025862][   T25] audit: type=1400 audit(845.190:84): avc:  denied  { mount } for  pid=3310 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  846.364247][   T25] audit: type=1400 audit(845.500:85): avc:  denied  { mounton } for  pid=3310 comm="syz-executor" path="/syzkaller.2GQVqw/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  846.475188][   T25] audit: type=1400 audit(845.650:86): avc:  denied  { mounton } for  pid=3310 comm="syz-executor" path="/syzkaller.2GQVqw/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3776 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  846.859322][ T3355] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  846.865223][ T3355] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  846.877499][ T3355] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  846.890824][ T3355] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  847.139253][   T25] audit: type=1400 audit(846.320:87): avc:  denied  { unmount } for  pid=3310 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  847.483622][   T25] audit: type=1400 audit(846.570:88): avc:  denied  { mounton } for  pid=3310 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  847.621105][   T25] audit: type=1400 audit(846.800:89): avc:  denied  { mount } for  pid=3310 comm="syz-executor" name="/" dev="gadgetfs" ino=3787 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  848.008612][   T25] audit: type=1400 audit(847.190:90): avc:  denied  { mount } for  pid=3310 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  848.158221][   T25] audit: type=1400 audit(847.310:91): avc:  denied  { mounton } for  pid=3310 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  849.596813][ T3310] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  850.557308][   T25] kauditd_printk_skb: 1 callbacks suppressed
[  850.604023][   T25] audit: type=1400 audit(849.740:93): avc:  denied  { read write } for  pid=3310 comm="syz-executor" name="loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  850.646909][   T25] audit: type=1400 audit(849.810:94): avc:  denied  { open } for  pid=3310 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  850.713614][   T25] audit: type=1400 audit(849.880:95): avc:  denied  { ioctl } for  pid=3310 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  860.004574][   T25] audit: type=1400 audit(859.180:96): avc:  denied  { read write } for  pid=3468 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  860.085527][   T25] audit: type=1400 audit(859.180:97): avc:  denied  { open } for  pid=3468 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  860.256394][   T25] audit: type=1400 audit(859.430:98): avc:  denied  { ioctl } for  pid=3468 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  861.837681][   T25] audit: type=1400 audit(861.020:99): avc:  denied  { append } for  pid=3470 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  874.696812][   T25] audit: type=1400 audit(873.770:100): avc:  denied  { execute } for  pid=3479 comm="syz.0.6" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3986 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  960.251553][ T3524] kvm [3524]: Failed to find VMA for hva 0x20c01000
[  960.386437][ T3524] kvm [3524]: Failed to find VMA for hva 0x20c01000
[  960.425299][ T3524] kvm [3524]: Failed to find VMA for hva 0x20c01000
[  960.508535][ T3524] kvm [3524]: Failed to find VMA for hva 0x20c01000
[  960.546478][ T3524] kvm [3524]: Failed to find VMA for hva 0x20c01000
[  960.631693][ T3524] kvm [3524]: Failed to find VMA for hva 0x20c01000
[  960.825298][ T3524] kvm [3524]: Failed to find VMA for hva 0x20c01000
[  960.881409][ T3524] kvm [3524]: Failed to find VMA for hva 0x20c01000
[  961.088642][ T3524] kvm [3524]: Failed to find VMA for hva 0x20c01000
[  961.148745][ T3524] kvm [3524]: Failed to find VMA for hva 0x20c01000
[  961.361644][ T3524] kvm [3524]: Failed to find VMA for hva 0x20c01000
[  961.568747][ T3524] kvm [3524]: Failed to find VMA for hva 0x20c01000
[  962.894689][   T25] audit: type=1400 audit(962.060:101): avc:  denied  { ioctl } for  pid=3523 comm="syz.1.21" path="net:[4026532629]" dev="nsfs" ino=4026532629 ioctlcmd=0xb708 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  989.198346][ T3540] kvm [3540]: Failed to find VMA for hva 0x20c01000
[ 1142.983947][ T3647] FAULT_INJECTION: forcing a failure.
[ 1142.983947][ T3647] name failslab, interval 1, probability 0, space 0, times 1
[ 1143.000350][ T3647] CPU: 0 UID: 0 PID: 3647 Comm: syz.1.55 Not tainted syzkaller #0 PREEMPT 
[ 1143.001049][ T3647] Hardware name: linux,dummy-virt (DT)
[ 1143.001535][ T3647] Call trace:
[ 1143.001976][ T3647]  show_stack+0x2c/0x3c (C)
[ 1143.003832][ T3647]  __dump_stack+0x30/0x40
[ 1143.004118][ T3647]  dump_stack_lvl+0xd8/0x12c
[ 1143.004334][ T3647]  dump_stack+0x1c/0x28
[ 1143.004537][ T3647]  should_fail_ex+0x570/0x6e0
[ 1143.004797][ T3647]  should_failslab+0xb8/0xec
[ 1143.005076][ T3647]  kmem_cache_alloc_noprof+0x80/0x3f0
[ 1143.005323][ T3647]  security_file_alloc+0x38/0x350
[ 1143.005609][ T3647]  init_file+0xb0/0x36c
[ 1143.005955][ T3647]  alloc_empty_file+0x74/0x17c
[ 1143.006272][ T3647]  path_openat+0xa4/0x35f8
[ 1143.006481][ T3647]  do_filp_open+0x190/0x3cc
[ 1143.006688][ T3647]  do_sys_openat2+0xd4/0x158
[ 1143.006986][ T3647]  __arm64_sys_openat+0x154/0x1b8
[ 1143.007266][ T3647]  invoke_syscall+0x90/0x2b4
[ 1143.007578][ T3647]  el0_svc_common+0x180/0x2f4
[ 1143.007913][ T3647]  do_el0_svc+0x58/0x74
[ 1143.008224][ T3647]  el0_svc+0x58/0x164
[ 1143.008486][ T3647]  el0t_64_sync_handler+0x84/0x12c
[ 1143.008752][ T3647]  el0t_64_sync+0x198/0x19c
[ 1165.359842][ T3661] FAULT_INJECTION: forcing a failure.
[ 1165.359842][ T3661] name failslab, interval 1, probability 0, space 0, times 0
[ 1165.414642][ T3661] CPU: 0 UID: 0 PID: 3661 Comm: syz.1.60 Not tainted syzkaller #0 PREEMPT 
[ 1165.415054][ T3661] Hardware name: linux,dummy-virt (DT)
[ 1165.415169][ T3661] Call trace:
[ 1165.415249][ T3661]  show_stack+0x2c/0x3c (C)
[ 1165.415624][ T3661]  __dump_stack+0x30/0x40
[ 1165.415847][ T3661]  dump_stack_lvl+0xd8/0x12c
[ 1165.416072][ T3661]  dump_stack+0x1c/0x28
[ 1165.416267][ T3661]  should_fail_ex+0x570/0x6e0
[ 1165.416508][ T3661]  should_failslab+0xb8/0xec
[ 1165.416756][ T3661]  __kmalloc_noprof+0xdc/0x4b8
[ 1165.417005][ T3661]  tomoyo_realpath_from_path+0xdc/0x628
[ 1165.417248][ T3661]  tomoyo_check_open_permission+0x148/0x4ac
[ 1165.417612][ T3661]  tomoyo_file_open+0x1d8/0x24c
[ 1165.417871][ T3661]  security_file_open+0xc8/0x298
[ 1165.418147][ T3661]  do_dentry_open+0x3a0/0x1614
[ 1165.418426][ T3661]  vfs_open+0x44/0x380
[ 1165.418691][ T3661]  path_openat+0x2e7c/0x35f8
[ 1165.418931][ T3661]  do_filp_open+0x190/0x3cc
[ 1165.419148][ T3661]  do_sys_openat2+0xd4/0x158
[ 1165.419424][ T3661]  __arm64_sys_openat+0x154/0x1b8
[ 1165.419708][ T3661]  invoke_syscall+0x90/0x2b4
[ 1165.420053][ T3661]  el0_svc_common+0x180/0x2f4
[ 1165.420367][ T3661]  do_el0_svc+0x58/0x74
[ 1165.420679][ T3661]  el0_svc+0x58/0x164
[ 1165.420969][ T3661]  el0t_64_sync_handler+0x84/0x12c
[ 1165.421239][ T3661]  el0t_64_sync+0x198/0x19c
[ 1165.518530][ T3661] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1330.326104][ T3756] kvm [3756]: Failed to find VMA for hva 0x21016000
[ 1376.624934][ T3777] kvm [3777]: Failed to find VMA for hva 0x20c01000
[ 1463.007686][   T25] audit: type=1400 audit(1462.190:102): avc:  denied  { map } for  pid=3815 comm="syz.1.111" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1463.051493][   T25] audit: type=1400 audit(1462.230:103): avc:  denied  { execute } for  pid=3815 comm="syz.1.111" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1599.874739][ T3893] kvm [3893]: Failed to find VMA for hva 0x20c01000
[ 1599.959380][ T3895] kvm [3895]: Failed to find VMA for hva 0x20c01000
[ 1648.804604][ T3917] KVM: debugfs: duplicate directory 3917-12
[ 1730.360733][ T3960] kvm [3960]: Failed to find VMA for hva 0x20c01000
[ 1755.406381][   T25] audit: type=1400 audit(1754.570:104): avc:  denied  { setattr } for  pid=3968 comm="syz.1.158" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2325.869505][ T4340] kvm [4340]: Failed to find VMA for hva 0x21016000
[ 2539.105733][   T25] audit: type=1400 audit(2538.270:105): avc:  denied  { map } for  pid=4450 comm="syz.0.306" path="pipe:[2795]" dev="pipefs" ino=2795 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 2716.758382][ T4558] kvm [4558]: Failed to find VMA for hva 0x21016000
[ 3143.230117][ T4817] kvm [4817]: Failed to find VMA for hva 0x21016000
[ 3227.875092][ T4867] kvm [4867]: Failed to find VMA for hva 0x20c01000
[ 3337.239502][ T4938] kvm [4938]: Failed to find VMA for hva 0x20c01000
[ 3568.690463][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3568.726443][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3568.787382][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3568.858113][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3568.919556][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3568.979582][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3569.016239][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3569.046935][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3569.079026][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3569.099442][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3569.139280][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3569.184964][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3569.236168][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3569.247924][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3569.341536][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3569.377664][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3569.525755][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3569.669761][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3569.710091][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3569.794733][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3569.889533][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3569.917993][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3570.007714][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3570.065719][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3570.099138][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3570.167818][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3570.228406][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3570.278054][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3570.354131][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3570.377879][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3570.408279][ T5062] kvm [5062]: Failed to find VMA for hva 0x20c01000
[ 3608.517592][ T5085] kvm [5085]: Failed to find VMA for hva 0x20c01000
[ 3977.910691][ T5288] KVM: debugfs: duplicate directory 5288-7
[ 4019.250208][ T5312] kvm [5312]: Failed to find VMA for hva 0x20c01000
[ 4095.821664][ T4233] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4097.057129][ T4233] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4098.635290][ T4233] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4099.966985][ T4233] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4113.958232][ T4233] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4114.037033][ T4233] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4114.104639][ T4233] bond0 (unregistering): Released all slaves
[ 4117.174690][ T4233] hsr_slave_0: left promiscuous mode
[ 4117.306775][ T4233] hsr_slave_1: left promiscuous mode
[ 4118.194924][ T4233] veth1_macvtap: left promiscuous mode
[ 4118.210358][ T4233] veth0_macvtap: left promiscuous mode
[ 4118.225094][ T4233] veth1_vlan: left promiscuous mode
[ 4118.264912][ T4233] veth0_vlan: left promiscuous mode
[ 4134.929615][ T4233] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4136.366787][ T4233] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4137.607750][ T4233] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4138.967007][ T4233] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 4155.004835][ T4233] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 4155.216593][ T4233] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 4155.356334][ T4233] bond0 (unregistering): Released all slaves
[ 4157.518631][ T4233] hsr_slave_0: left promiscuous mode
[ 4157.592916][ T4233] hsr_slave_1: left promiscuous mode
[ 4158.085099][ T4233] veth1_macvtap: left promiscuous mode
[ 4158.088519][ T4233] veth0_macvtap: left promiscuous mode
[ 4158.106098][ T4233] veth1_vlan: left promiscuous mode
[ 4158.120217][ T4233] veth0_vlan: left promiscuous mode
[ 4200.237223][ T5341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4201.085925][ T5341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4201.284439][ T5345] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 4202.069483][ T5345] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 4226.318211][ T5341] hsr_slave_0: entered promiscuous mode
[ 4226.398771][ T5341] hsr_slave_1: entered promiscuous mode
[ 4228.529551][ T5345] hsr_slave_0: entered promiscuous mode
[ 4228.609873][ T5345] hsr_slave_1: entered promiscuous mode
[ 4228.685929][ T5345] debugfs: 'hsr0' already exists in 'hsr'
[ 4228.689105][ T5345] Cannot create hsr debugfs directory
[ 4238.944379][ T5341] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 4239.421207][ T5341] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 4239.880553][ T5341] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 4240.298268][ T5341] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 4244.171593][ T5345] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 4244.514606][ T5345] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 4244.891211][ T5345] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 4245.374729][ T5345] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 4267.077604][ T5341] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4273.361441][ T5345] 8021q: adding VLAN 0 to HW filter on device bond0
[ 4369.771675][ T5341] veth0_vlan: entered promiscuous mode
[ 4370.635188][ T5341] veth1_vlan: entered promiscuous mode
[ 4373.559084][ T5341] veth0_macvtap: entered promiscuous mode
[ 4374.758503][ T5341] veth1_macvtap: entered promiscuous mode
[ 4375.246296][ T5345] veth0_vlan: entered promiscuous mode
[ 4376.738717][ T5345] veth1_vlan: entered promiscuous mode
[ 4379.313603][ T5278] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4379.317775][ T5278] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4379.355712][ T5278] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4379.389785][ T5478] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4383.098699][ T5345] veth0_macvtap: entered promiscuous mode
[ 4384.138427][ T5345] veth1_macvtap: entered promiscuous mode
[ 4388.909027][ T5278] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 4388.910282][ T5278] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 4388.935132][ T5278] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 4388.953510][ T5278] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 4772.954540][ T5809] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x15f0000000000000 pfn:0x5e496
[ 4772.975157][ T5809] flags: 0x1ffd60000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x58)
[ 4773.039073][ T5809] raw: 01ffd60000000000 ffffc1ffc0684d08 ffffc1ffc0657cc8 0000000000000000
[ 4773.065613][ T5809] raw: 15f0000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 4773.077230][ T5809] page dumped because: VM_BUG_ON_PAGE(page_ref_count(page) == 0)
[ 4773.078711][ T5809] ------------[ cut here ]------------
[ 4773.078918][ T5809] kernel BUG at ./include/linux/mm.h:1036!
[ 4773.080652][ T5809] Internal error: Oops - BUG: 00000000f2000800 [#1]  SMP
[ 4773.088158][ T5809] Modules linked in:
[ 4773.089617][ T5809] CPU: 0 UID: 0 PID: 5809 Comm: syz.3.628 Not tainted syzkaller #0 PREEMPT 
[ 4773.091127][ T5809] Hardware name: linux,dummy-virt (DT)
[ 4773.092239][ T5809] pstate: 61402009 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
[ 4773.093675][ T5809] pc : kvm_s2_put_page+0x374/0x3a0
[ 4773.094879][ T5809] lr : kvm_s2_put_page+0x374/0x3a0
[ 4773.095970][ T5809] sp : ffff80008ef27570
[ 4773.096791][ T5809] x29: ffff80008ef27570 x28: 34f00000195f3000 x27: 34f00000195f3000
[ 4773.098530][ T5809] x26: 00000000000000ff x25: ffff80008734e000 x24: ffffc1ffc0000000
[ 4773.100137][ T5809] x23: ffffc1ffc0792588 x22: 0000000000000000 x21: ffffc1ffc07925b4
[ 4773.101711][ T5809] x20: 0000000000000000 x19: ffffc1ffc0792580 x18: 000000007f868fcc
[ 4773.103312][ T5809] x17: 0000000005389ee5 x16: 000000007f865da4 x15: 00000000df8677d4
[ 4773.104897][ T5809] x14: 0000000000000002 x13: fff0000019455888 x12: 0000000000000001
[ 4773.106515][ T5809] x11: 0000000000080000 x10: 0000000000055827 x9 : 3be9772fd99b2800
[ 4773.108248][ T5809] x8 : 3be9772fd99b2800 x7 : ffff80008048b334 x6 : 0000000000000000
[ 4773.109816][ T5809] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff80008074b7f8
[ 4773.111383][ T5809] x2 : 0000000000000002 x1 : 0000000100000000 x0 : 000000000000003e
[ 4773.113047][ T5809] Call trace:
[ 4773.113852][ T5809]  kvm_s2_put_page+0x374/0x3a0 (P)
[ 4773.114991][ T5809]  stage2_free_walker+0x1b0/0x264
[ 4773.116094][ T5809]  __kvm_pgtable_walk+0x7d8/0xa68
[ 4773.117183][ T5809]  kvm_pgtable_walk+0x294/0x468
[ 4773.118329][ T5809]  kvm_pgtable_stage2_destroy_range+0x60/0xb4
[ 4773.119550][ T5809]  kvm_free_stage2_pgd+0x198/0x28c
[ 4773.120689][ T5809]  kvm_uninit_stage2_mmu+0x20/0x38
[ 4773.121687][ T5809]  kvm_arch_flush_shadow_all+0x1a8/0x1e0
[ 4773.122897][ T5809]  kvm_mmu_notifier_release+0x48/0xa8
[ 4773.124007][ T5809]  mmu_notifier_unregister+0x128/0x42c
[ 4773.125131][ T5809]  kvm_put_kvm+0x6a0/0xfa8
[ 4773.126118][ T5809]  kvm_vcpu_release+0x70/0x9c
[ 4773.127162][ T5809]  __fput+0x4ac/0x980
[ 4773.128061][ T5809]  ____fput+0x20/0x58
[ 4773.128930][ T5809]  task_work_run+0x1bc/0x254
[ 4773.129910][ T5809]  get_signal+0x13ec/0x1554
[ 4773.130931][ T5809]  do_signal+0x23c/0x4dd0
[ 4773.131997][ T5809]  do_notify_resume+0xb0/0x270
[ 4773.133025][ T5809]  el0_svc+0xb8/0x164
[ 4773.134017][ T5809]  el0t_64_sync_handler+0x84/0x12c
[ 4773.135070][ T5809]  el0t_64_sync+0x198/0x19c
[ 4773.136574][ T5809] Code: d0037581 9126fc21 aa1303e0 97f9c9f2 (d4210000) 
[ 4773.138624][ T5809] ---[ end trace 0000000000000000 ]---
[ 4773.140389][ T5809] Kernel panic - not syncing: Oops - BUG: Fatal exception
[ 4773.142546][ T5809] Kernel Offset: disabled
[ 4773.143408][ T5809] CPU features: 0x000000,0001a300,5f7c67c1,057ffe1f
[ 4773.144660][ T5809] Memory Limit: none
[ 4773.146405][ T5809] Rebooting in 86400 seconds..

VM DIAGNOSIS:
16:57:16  Registers:
info registers vcpu 0

CPU#0
 PC=ffff800080493c64 X00=0000000000000000 X01=0000000000000080
X02=0000000000000001 X03=ffff800080493bb4 X04=ffff80008717352c
X05=ffff80008ef26fb8 X06=ffff800080363b94 X07=ffff800080015834
X08=00000000000003c0 X09=13ff8000a300d000 X10=000000000005706d
X11=0000000000080000 X12=00000000000000fe X13=0000045752396407
X14=0000000000000002 X15=ffff800087f83a20 X16=0000000000000000
X17=0000000005389ee5 X18=000000007f868fcc X19=efff800000000000
X20=ffff80008ef27020 X21=00000000000000ff X22=00000000000003c0
X23=00000000ffffe475 X24=40000000ffffe475 X25=00000000000003c0
X26=0000000000000000 X27=0000000000000000 X28=0000000000000013
X29=ffff80008ef26ef0 X30=ffff800080493c40  SP=ffff80008ef26ee0
PSTATE=604023c9 -ZC- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=2525252525252525:2525252525252525 Z01=65642f000a732520:7325207334362e25
Z02=2038636337353630:6366663163666666 Z03=000000ff0000ff00:00ff0000000000ff
Z04=0000000000000000:000f00f00f00000f Z05=3630636666316366:6666662030303030
Z06=6666203030303030:3030303030366466 Z07=6620383064343836:3063666631636666
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000ffffc28988b0:0000ffffc28988b0 Z17=ffffff80ffffffd0:0000ffffc2898880
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000