last executing test programs:

1m0.554591597s ago: executing program 0 (id=1042):
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
r2 = openat$kvm(0x0, 0x0, 0x60100, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, 0x0)
ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, 0x0)
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000000)={0x1fe, 0x3, 0x8080000, 0x1000, &(0x7f0000ffc000/0x1000)=nil}) (async)
r6 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000080)={0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="aa00000000000000280000000000000003"], 0x28}, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="140000000000000020000000000000005dc613000020306005fd"], 0x20}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r8, 0x4, 0x40) (async)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

52.245627279s ago: executing program 0 (id=1044):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x104, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40480, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x2800003, 0x11, r4, 0x0) (async)
r5 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x2800003, 0x11, r4, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000100)="fb0149dd033be3982ce16f8f1f449a7a835600000000000000000000000000ffffffffffffffde00", 0x0, 0x48)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r4, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f0000000040)=@x86={0x30, 0x9, 0x8, 0x0, 0x4, 0x9e, 0x5, 0x0, 0x4, 0xe, 0x1, 0xf8, 0x0, 0x652e, 0x0, 0x1, 0x0, 0x1, 0x0, '\x00', 0xf, 0x6})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) (async)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r9, r10, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="46000000000000001800000000000000010000002000000019b6b408939fffa698854535d7e24a2b48acdbc488b1331caa730c61594215384b9f9c587c72b67f6f2ecd46306e0cf2edcd628e4d9d552ec1d58b3bc80a01de5714e89eb2790c85aef0042cab4d98ea7bc36059c0e339ef825fbfff8177698ba60515d99517152807ff540227568d1caca3d7a534c491f5d37cdaa035c2c250a91c58e4e581348fc0feaa704edfb988f9386130f77af2f3def66408edd401b44dab6d675cfe54af028f0a92ecca06f4861d41f6c053de13c5f63081580f"], 0x18}], 0x1, 0x0, 0x0, 0x0) (async)
syz_kvm_setup_cpu$arm64(r9, r10, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="46000000000000001800000000000000010000002000000019b6b408939fffa698854535d7e24a2b48acdbc488b1331caa730c61594215384b9f9c587c72b67f6f2ecd46306e0cf2edcd628e4d9d552ec1d58b3bc80a01de5714e89eb2790c85aef0042cab4d98ea7bc36059c0e339ef825fbfff8177698ba60515d99517152807ff540227568d1caca3d7a534c491f5d37cdaa035c2c250a91c58e4e581348fc0feaa704edfb988f9386130f77af2f3def66408edd401b44dab6d675cfe54af028f0a92ecca06f4861d41f6c053de13c5f63081580f"], 0x18}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r9, 0x1, 0x100) (async)
syz_kvm_vgic_v3_setup(r9, 0x1, 0x100)
ioctl$KVM_RUN(r10, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) (async)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff, 0x1}) (async)
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000100)={0x8, <r13=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000180)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
ioctl$KVM_IRQ_LINE(r9, 0x4008ae61, &(0x7f0000000100)={0x1000020, 0x1}) (async)
ioctl$KVM_IRQ_LINE(r9, 0x4008ae61, &(0x7f0000000100)={0x1000020, 0x1})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
r14 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r15, 0x4020aeae, &(0x7f0000000080)={0x5})
ioctl$KVM_SET_ONE_REG(r15, 0x4010aeac, &(0x7f0000000000)=@arm64_sys={0x603000000013c024, &(0x7f00000000c0)=0x4000000000000000}) (async)
ioctl$KVM_SET_ONE_REG(r15, 0x4010aeac, &(0x7f0000000000)=@arm64_sys={0x603000000013c024, &(0x7f00000000c0)=0x4000000000000000})
r16 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0)

47.369231074s ago: executing program 1 (id=1045):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="1e0000000000000040000000000000000a000084000000009a"], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) (async)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000000)={0x1fe, 0x0, 0x8080000, 0x1000, &(0x7f0000ffc000/0x1000)=nil}) (async)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0) (async)
r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1) (async)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(r10, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) (async)
syz_kvm_vgic_v3_setup(r9, 0x5, 0x60)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000100)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000080)=0x31})
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r13, 0x0)

44.645128348s ago: executing program 0 (id=1046):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xb6)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x135040, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x4, 0x8000000, 0x2000, &(0x7f0000000000/0x2000)=nil})
mmap$KVM_VCPU(&(0x7f0000327000/0x1000)=nil, 0x930, 0x1000009, 0x40010, 0xffffffffffffffff, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000000000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000380)={0x10200, 0x0, 0xdddd1000, 0x1000, &(0x7f0000ffe000/0x1000)=nil})
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000180), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x4)
ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1})
ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013c029, &(0x7f00000000c0)=0x8})
r9 = mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r10 = mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000140)={0x4, <r13=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r13, 0x800454df, 0x0)
r14 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0xef000000, [0x0, 0x1, 0x2, 0x3, 0x4]}}], 0x40}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, &(0x7f0000000000)=ANY=[], 0x30}, 0x0, 0x0)

39.843974654s ago: executing program 1 (id=1047):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) (async)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) (async)
r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f0000000240)=[@hvc={0x32, 0x40, {0x80003fff, [0x2, 0x4, 0x7, 0x2, 0x81]}}, @hvc={0x32, 0x40, {0x80000002, [0x3, 0x2a, 0x1, 0x8, 0x9]}}, @irq_setup={0x46, 0x18, {0x1, 0x298}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x800, 0x80000001, 0x6}}, @msr={0x14, 0x20, {0xa050000000344b86, 0x9}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x80, 0x100, 0x8}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfffc, 0xffff, 0xa}}, @uexit={0x0, 0x18}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x7e}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, @msr={0x14, 0x20, {0x603000000013deb0, 0x3}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x88, 0xa3, 0x9b0ed37cdba8e0ef}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0xc00, 0xd7b, 0x8}}, @uexit={0x0, 0x18, 0x2}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x0, 0x3, 0x4, 0x2, 0x2}}, @code={0xa, 0x6c, {"203898d20060b8f2810080d2e20180d2c30080d2040080d2020000d4000028d5007008d50008e03c0000000d000008d5007008d50010c0da0000299e40779ad20020b8f2810180d2220080d2230180d2840080d2020000d4"}}], 0x2dc}, &(0x7f0000000080)=[@featur2={0x1, 0x11}], 0x1)
mmap$KVM_VCPU(&(0x7f0000f88000/0x1000)=nil, r4, 0x2000000, 0x8010, r5, 0x0)
r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_SET_GSI_ROUTING(r6, 0x4020ae46, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000100000000000001000000000010000002"]) (async)
ioctl$KVM_CLEAR_DIRTY_LOG(r6, 0xc018aec0, &(0x7f0000000100)={0x1, 0x1ffc01, 0x400, 0x0}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x1fe, 0x0, 0xdddd0000, 0x2000, &(0x7f0000e41000/0x2000)=nil})

33.933747943s ago: executing program 1 (id=1048):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000647000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000fde000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000f23000/0x3000)=nil, 0x3000)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000e87000/0x2000)=nil, 0x2000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000240), 0xca680, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil)
r5 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="820000000000000028000000000000000100000000562ef3bc80fab06e174029249b06bd26000000040000001600000002000000000001000004010040000001000000000000000228937a9a477edd83e3a8a7d45869d2be10c5939cc071bf0d3b24dbd1e62181537c1d83acf4b9ed94784c9f5ccc194bdfdf1c01e5f9adf82b2f013791b3fcb9f339afe45f38afca16123df55e69eef2e6958d8e19595176f152304fe7d09cffed4d54c6452f9af6f108bcff74268ba618e8a7a506a81992cd2599f7662d625db2d77df08f61430c0f3eb28828f547c1a6cf88220c81eb4951627a37ce15ca09eb99a88e709ff2f877a648929fc37d06da5580469ea0c60b7cd1b12e9a654eebf60d17a7c15e27ef6614b944b7d0824f3c50530ffa6317a0005bbbf06edb97fa5407d6778ce94cf3bed930ea689b8300"/325, @ANYRES64=r1, @ANYRES32], 0x61}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r4, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, <r6=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000bfd000/0x400000)=nil)
r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000b80)={0x0, &(0x7f0000000040)=ANY=[], 0x40}, 0x0, 0x0)
ioctl$KVM_GET_ONE_REG(r10, 0x4010aeab, &(0x7f0000000100)=@arm64_extra={0x603000000013df01, &(0x7f0000000080)=0x6})
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)

23.667819279s ago: executing program 1 (id=1049):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000080)={0x5, 0x19})
ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000000)=@arm64_fw={0x6030000000140000, &(0x7f0000000100)=0x5})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x12, 0xffffffffffffffff, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x3)
ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x0, 0x12eeff265b2ad0b8, 0xffffffffffffffff, 0x1000000)
ioctl$KVM_SET_GUEST_DEBUG(0xffffffffffffffff, 0x4208ae9b, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f831, 0xffffffffffffffff, 0x0)
ioctl$KVM_IOEVENTFD(r6, 0x5452, &(0x7f0000000080)={0x0, 0x8016000, 0x1, 0xffffffffffffffff, 0x5})
r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_GET_ONE_REG(r7, 0x8000ae8c, 0x0)

22.493015272s ago: executing program 0 (id=1050):
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x2c00, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x7, <r2=>0xffffffffffffffff, 0x1})
r3 = ioctl$KVM_CREATE_VM(r2, 0x894c, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xb701, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000200)={0x7, <r9=>0xffffffffffffffff})
ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f0000000080)=@attr_other={0x0, 0x9, 0x7, &(0x7f0000000000)=0x8})
r10 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xb704, 0x20000002)

12.21803229s ago: executing program 0 (id=1051):
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_ARM_VCPU_FINALIZE(r0, 0x4004aec2, &(0x7f0000000040)=0x4)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r5, 0x4008ae6a, &(0x7f0000000100)={0x1, 0x0, [{0x0, 0x4, 0x1, 0x0, @sint={0xffff, 0x1}}]})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f831, 0xffffffffffffffff, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r3, 0xae03, 0xaa)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil)
r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="05000000000000001800000000000000010000005002"], 0x18}, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) (async)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
ioctl$KVM_ARM_VCPU_FINALIZE(r0, 0x4004aec2, &(0x7f0000000040)=0x4) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
ioctl$KVM_SET_GSI_ROUTING(r5, 0x4008ae6a, &(0x7f0000000100)={0x1, 0x0, [{0x0, 0x4, 0x1, 0x0, @sint={0xffff, 0x1}}]}) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f831, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_CHECK_EXTENSION_VM(r3, 0xae03, 0xaa) (async)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async)
syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="05000000000000001800000000000000010000005002"], 0x18}, 0x0, 0x0) (async)
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async)
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105}) (async)
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async)

11.797785304s ago: executing program 1 (id=1052):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xe6)

6.013333137s ago: executing program 1 (id=1053):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="fb52456012ab8ba1286bf6cd81002000d300447c7a837fc869cba6cd30f0050003000000d0020000ffffff000000f86636544e44c404000000006abf47d900", 0x0, 0x48)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x1000)=nil, 0x0, 0x8, 0x23ac5f9b426ec4b1, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x62221, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc9})
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x2, <r4=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0xb701, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2a60, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0xb701, 0x0)
r8 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
write$eventfd(0xffffffffffffffff, &(0x7f00000001c0)=0xeffffffffffffffe, 0x8)
syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000bfd000/0x400000)=nil)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r6, 0x4018aee1, &(0x7f0000000100)=@attr_other={0x0, 0x80000000, 0x8, &(0x7f0000000040)=0x10})
mmap$KVM_VCPU(&(0x7f0000d10000/0xa000)=nil, 0x930, 0x3000006, 0x28031, 0xffffffffffffffff, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="82000000000000000000000000000000010000000000000001000000000000000173"], 0x28}, 0x0, 0x0)

0s ago: executing program 0 (id=1054):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SIGNAL_MSI(r0, 0x4020aea5, &(0x7f0000000100)={0x0, 0xffff1000, 0xf0, 0x0, 0xbfd})
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
eventfd2(0x6, 0x1)
r4 = mmap$KVM_VCPU(&(0x7f0000dd3000/0x4000)=nil, 0x930, 0x280000b, 0x11, r3, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) (async)
r5 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)=@arm64={0xa9, 0x0, 0x85, '\x00', 0xfffffffffffffffd}) (async)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)=@arm64={0xa9, 0x0, 0x85, '\x00', 0xfffffffffffffffd})
ioctl$KVM_CREATE_VM(r5, 0x401c5820, 0x20000000) (async)
ioctl$KVM_CREATE_VM(r5, 0x401c5820, 0x20000000)

kernel console output (not intermixed with test programs):

[  383.549633][ T3133] 8021q: adding VLAN 0 to HW filter on device bond0
[  436.062093][ T3133] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:1374' (ED25519) to the list of known hosts.
[  597.949644][   T25] audit: type=1400 audit(597.100:60): avc:  denied  { name_bind } for  pid=3289 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  599.415796][   T25] audit: type=1400 audit(598.560:61): avc:  denied  { execute } for  pid=3290 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  599.442373][   T25] audit: type=1400 audit(598.580:62): avc:  denied  { execute_no_trans } for  pid=3290 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  620.357863][   T25] audit: type=1400 audit(619.510:63): avc:  denied  { mounton } for  pid=3290 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  620.392852][   T25] audit: type=1400 audit(619.530:64): avc:  denied  { mount } for  pid=3290 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  620.481316][ T3290] cgroup: Unknown subsys name 'net'
[  620.529466][   T25] audit: type=1400 audit(619.680:65): avc:  denied  { unmount } for  pid=3290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  620.918829][ T3290] cgroup: Unknown subsys name 'cpuset'
[  621.029482][ T3290] cgroup: Unknown subsys name 'rlimit'
[  622.311556][   T25] audit: type=1400 audit(621.460:66): avc:  denied  { setattr } for  pid=3290 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  622.331199][   T25] audit: type=1400 audit(621.480:67): avc:  denied  { mounton } for  pid=3290 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  622.358617][   T25] audit: type=1400 audit(621.500:68): avc:  denied  { mount } for  pid=3290 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  623.558829][ T3293] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  623.582675][   T25] audit: type=1400 audit(622.720:69): avc:  denied  { relabelto } for  pid=3293 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  623.602623][   T25] audit: type=1400 audit(622.750:70): avc:  denied  { write } for  pid=3293 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  623.789097][   T25] audit: type=1400 audit(622.940:71): avc:  denied  { read } for  pid=3290 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  623.805427][   T25] audit: type=1400 audit(622.950:72): avc:  denied  { open } for  pid=3290 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  623.850331][ T3290] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  672.098852][   T25] audit: type=1400 audit(671.220:73): avc:  denied  { execmem } for  pid=3294 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  675.602185][   T25] audit: type=1400 audit(674.750:74): avc:  denied  { read } for  pid=3296 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  675.638222][   T25] audit: type=1400 audit(674.790:75): avc:  denied  { open } for  pid=3296 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  675.725782][   T25] audit: type=1400 audit(674.860:76): avc:  denied  { mounton } for  pid=3296 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  675.988625][   T25] audit: type=1400 audit(675.140:78): avc:  denied  { module_request } for  pid=3297 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  676.000018][   T25] audit: type=1400 audit(675.130:77): avc:  denied  { module_request } for  pid=3296 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  677.182144][   T25] audit: type=1400 audit(676.320:79): avc:  denied  { sys_module } for  pid=3297 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  704.644930][ T3296] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  705.109227][ T3296] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  705.658762][ T3297] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  706.149572][ T3297] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  719.544442][ T3296] hsr_slave_0: entered promiscuous mode
[  719.576070][ T3296] hsr_slave_1: entered promiscuous mode
[  720.302814][ T3297] hsr_slave_0: entered promiscuous mode
[  720.347131][ T3297] hsr_slave_1: entered promiscuous mode
[  720.378127][ T3297] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  720.382956][ T3297] Cannot create hsr debugfs directory
[  725.895571][   T25] audit: type=1400 audit(725.040:80): avc:  denied  { create } for  pid=3296 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  725.955466][   T25] audit: type=1400 audit(725.100:81): avc:  denied  { write } for  pid=3296 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  726.011836][   T25] audit: type=1400 audit(725.160:82): avc:  denied  { read } for  pid=3296 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  726.147609][ T3296] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  726.546545][ T3296] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  726.851243][ T3296] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  727.132687][ T3296] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  728.411243][ T3297] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  728.517658][ T3297] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  728.657013][ T3297] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  728.887274][ T3297] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  742.315988][ T3296] 8021q: adding VLAN 0 to HW filter on device bond0
[  743.989871][ T3297] 8021q: adding VLAN 0 to HW filter on device bond0
[  801.177162][ T3296] veth0_vlan: entered promiscuous mode
[  801.561123][ T3296] veth1_vlan: entered promiscuous mode
[  803.402553][ T3297] veth0_vlan: entered promiscuous mode
[  803.816842][ T3296] veth0_macvtap: entered promiscuous mode
[  804.289111][ T3296] veth1_macvtap: entered promiscuous mode
[  804.391583][ T3297] veth1_vlan: entered promiscuous mode
[  806.532696][ T3296] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  806.539316][ T3296] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  806.554507][ T3296] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  806.563104][ T3296] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  807.268018][ T3297] veth0_macvtap: entered promiscuous mode
[  807.840994][ T3297] veth1_macvtap: entered promiscuous mode
[  809.460389][   T25] audit: type=1400 audit(808.610:83): avc:  denied  { mount } for  pid=3296 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  809.671189][   T25] audit: type=1400 audit(808.790:84): avc:  denied  { mounton } for  pid=3296 comm="syz-executor" path="/syzkaller.KEGrTp/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  809.815435][   T25] audit: type=1400 audit(808.960:85): avc:  denied  { mount } for  pid=3296 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  810.155908][   T25] audit: type=1400 audit(809.300:86): avc:  denied  { mounton } for  pid=3296 comm="syz-executor" path="/syzkaller.KEGrTp/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  810.182296][ T3297] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  810.222378][ T3297] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  810.232076][ T3297] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  810.244417][ T3297] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  810.312421][   T25] audit: type=1400 audit(809.460:87): avc:  denied  { mounton } for  pid=3296 comm="syz-executor" path="/syzkaller.KEGrTp/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  811.108835][   T25] audit: type=1400 audit(810.260:88): avc:  denied  { unmount } for  pid=3296 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  811.365008][   T25] audit: type=1400 audit(810.440:89): avc:  denied  { mounton } for  pid=3296 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  811.447642][   T25] audit: type=1400 audit(810.590:90): avc:  denied  { mount } for  pid=3296 comm="syz-executor" name="/" dev="gadgetfs" ino=3270 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  811.857555][   T25] audit: type=1400 audit(810.960:91): avc:  denied  { mount } for  pid=3296 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  811.899568][   T25] audit: type=1400 audit(811.050:92): avc:  denied  { mounton } for  pid=3296 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  813.180362][ T3296] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  814.479715][   T25] kauditd_printk_skb: 3 callbacks suppressed
[  814.485899][   T25] audit: type=1400 audit(813.610:96): avc:  denied  { ioctl } for  pid=3296 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=637 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  817.792827][   T25] audit: type=1400 audit(816.890:97): avc:  denied  { read } for  pid=3448 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  817.835122][   T25] audit: type=1400 audit(816.940:99): avc:  denied  { open } for  pid=3448 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  817.877185][   T25] audit: type=1400 audit(816.930:98): avc:  denied  { read } for  pid=3450 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  818.656900][   T25] audit: type=1400 audit(817.740:100): avc:  denied  { ioctl } for  pid=3448 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  831.098000][   T25] audit: type=1400 audit(830.200:101): avc:  denied  { execute } for  pid=3456 comm="syz.1.3" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3472 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  858.742602][   T25] audit: type=1400 audit(857.860:102): avc:  denied  { write } for  pid=3469 comm="syz.0.8" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  858.854717][   T25] audit: type=1400 audit(857.960:103): avc:  denied  { map } for  pid=3469 comm="syz.0.8" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  858.862381][   T25] audit: type=1400 audit(858.000:104): avc:  denied  { execute } for  pid=3469 comm="syz.0.8" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  861.865314][   T25] audit: type=1400 audit(861.000:105): avc:  denied  { append } for  pid=3470 comm="syz.1.9" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  972.199734][ T3540] kvm [3540]: Failed to find VMA for hva 0x20d8d000
[ 1054.726773][ T3596] kvm [3596]: Failed to find VMA for hva 0x21016000
[ 1110.860351][   T25] audit: type=1400 audit(1110.010:106): avc:  denied  { ioctl } for  pid=3642 comm="syz.0.63" path="net:[4026532631]" dev="nsfs" ino=4026532631 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1240.710172][   T25] audit: type=1400 audit(1239.860:107): avc:  denied  { map } for  pid=3720 comm="syz.0.87" path="pipe:[2413]" dev="pipefs" ino=2413 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 1305.420041][ T3765] kvm [3765]: Failed to find VMA for hva 0x20c01000
[ 1658.587063][ T4017] kvm [4017]: Failed to find VMA for hva 0x20c01000
[ 1701.898297][ T4050] kvm [4049]: Unsupported guest access at: eeef0000
[ 1701.898297][ T4050]  { Op0( 2), Op1( 7), CRn(15), CRm(13), Op2( 1), func_write },
[ 1857.784515][   T25] audit: type=1400 audit(1856.860:108): avc:  denied  { setattr } for  pid=4156 comm="syz.0.212" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1928.907547][ T4213] kvm [4213]: Failed to find VMA for hva 0x20c01000
[ 2018.861058][ T4274] kvm [4274]: Failed to find VMA for hva 0x21016000
[ 2018.978035][ T4274] kvm [4274]: Failed to find VMA for hva 0x21016000
[ 2255.972144][ T4425] kvm [4425]: Failed to find VMA for hva 0x20d8d000
[ 2341.819086][ T4478] kvm [4478]: Failed to find VMA for hva 0x20bfe000
[ 2341.948680][ T4477] kvm [4477]: Failed to find VMA for hva 0x20bfe000
[ 2885.167565][ T4870] kvm [4870]: Failed to find VMA for hva 0x20d8d000
[ 2961.995851][ T4918] kvm [4918]: Failed to find VMA for hva 0x20d8d000
[ 3088.346606][ T5001] kvm [5001]: Failed to find VMA for hva 0x20d8c000
[ 3227.589775][ T5096] kvm [5090]: Unsupported guest access at: eeef0000
[ 3227.589775][ T5096]  { Op0( 2), Op1( 7), CRn(15), CRm(13), Op2( 1), func_write },
[ 3932.030214][ T5573] debugfs: File 'vgic-its-state@0' in directory '5573-4' already present!
[ 3998.537371][ T5611] kvm [5611]: Failed to find VMA for hva 0x20d8d000
[ 4047.030175][ T5642] kvm [5642]: Failed to find VMA for hva 0x20c01000
[ 4234.386869][ T5770] kvm [5770]: Failed to find VMA for hva 0x20c01000
[ 4402.886708][ T5900] kvm [5900]: Failed to find VMA for hva 0x21016000
[ 4581.716452][ T6003] debugfs: File 'vgic-its-state@8080000' in directory '6004-6' already present!
[ 4605.217974][ T6015] kvm [6015]: Failed to find VMA for hva 0x20c01000
[ 4722.937733][ T6094] kvm [6094]: Failed to find VMA for hva 0x20c01000
[ 5006.062164][ T6286] kvm [6286]: Failed to find VMA for hva 0x20c01000
[ 5043.037622][ T6314] kvm [6314]: Failed to find VMA for hva 0x21016000
[ 5070.368277][ T6331] kvm [6331]: Failed to find VMA for hva 0x20d8d000
[ 5272.467835][ T6475] kvm [6475]: Failed to find VMA for hva 0x21016000
[ 5364.171913][ T6531] kvm [6531]: Failed to find VMA for hva 0x20c01000
[ 5722.603049][ T6815] kvm [6815]: Failed to find VMA for hva 0x21016000
[ 6020.688367][ T7026] ------------[ cut here ]------------
[ 6020.689273][ T7026] WARNING: CPU: 0 PID: 7026 at arch/arm64/kvm/inject_fault.c:63 pend_sync_exception+0x198/0x5ac
[ 6020.693251][ T7026] Modules linked in:
[ 6020.696125][ T7026] CPU: 0 UID: 0 PID: 7026 Comm: syz.0.1054 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT 
[ 6020.698137][ T7026] Hardware name: linux,dummy-virt (DT)
[ 6020.699582][ T7026] pstate: 81402009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
[ 6020.701079][ T7026] pc : pend_sync_exception+0x198/0x5ac
[ 6020.702203][ T7026] lr : pend_sync_exception+0x198/0x5ac
[ 6020.703135][ T7026] sp : ffff8000a92478c0
[ 6020.704089][ T7026] x29: ffff8000a92478c0 x28: 0000000000000037 x27: 37f000001d68db28
[ 6020.706303][ T7026] x26: 0000000000000037 x25: 0000000000000001 x24: 0000000000000000
[ 6020.708204][ T7026] x23: 0000000000000000 x22: 0000000000000037 x21: 37f000001d68e701
[ 6020.710129][ T7026] x20: 0000000000000007 x19: efff800000000000 x18: 0000000000000000
[ 6020.712097][ T7026] x17: 0000000000000043 x16: ffff800080011d9c x15: 0000000020000000
[ 6020.713984][ T7026] x14: ffffffffffffffff x13: 0000000000000028 x12: 0000000000000063
[ 6020.715861][ T7026] x11: 63f000000d839564 x10: 0000000000ff0100 x9 : 0000000000000000
[ 6020.717863][ T7026] x8 : 63f000000d838000 x7 : ffff800080b08704 x6 : ffff8000a9247a88
[ 6020.719696][ T7026] x5 : ffff8000a9247a88 x4 : 0000000000000001 x3 : ffff8000801a2e80
[ 6020.721476][ T7026] x2 : 0000000000000000 x1 : 0000000000000002 x0 : 0000000000000000
[ 6020.723426][ T7026] Call trace:
[ 6020.724561][ T7026]  pend_sync_exception+0x198/0x5ac (P)
[ 6020.725984][ T7026]  __kvm_inject_sea+0x268/0x96c
[ 6020.727172][ T7026]  kvm_inject_sea+0x98/0x72c
[ 6020.728324][ T7026]  __kvm_arm_vcpu_set_events+0x134/0x238
[ 6020.729452][ T7026]  kvm_arch_vcpu_ioctl+0xed8/0x16b0
[ 6020.730566][ T7026]  kvm_vcpu_ioctl+0x5c4/0xc2c
[ 6020.731653][ T7026]  __arm64_sys_ioctl+0x18c/0x244
[ 6020.732804][ T7026]  invoke_syscall+0x90/0x2b4
[ 6020.733948][ T7026]  el0_svc_common+0x180/0x2f4
[ 6020.735029][ T7026]  do_el0_svc+0x58/0x74
[ 6020.736082][ T7026]  el0_svc+0x58/0x160
[ 6020.737088][ T7026]  el0t_64_sync_handler+0x78/0x108
[ 6020.738156][ T7026]  el0t_64_sync+0x198/0x19c
[ 6020.739468][ T7026] irq event stamp: 1514
[ 6020.740279][ T7026] hardirqs last  enabled at (1513): [<ffff80008653cb88>] _raw_read_unlock_irqrestore+0x44/0xbc
[ 6020.741762][ T7026] hardirqs last disabled at (1514): [<ffff800086517e08>] el1_dbg+0x24/0x80
[ 6020.743112][ T7026] softirqs last  enabled at (1496): [<ffff8000800c988c>] local_bh_enable+0x10/0x34
[ 6020.744593][ T7026] softirqs last disabled at (1494): [<ffff8000800c9858>] local_bh_disable+0x10/0x34
[ 6020.746173][ T7026] ---[ end trace 0000000000000000 ]---
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 6029.705928][ T3389] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6030.686949][ T3389] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6031.688796][ T3389] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6032.511862][ T3389] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 6044.539811][ T3389] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 6044.642321][ T3389] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 6044.761194][ T3389] bond0 (unregistering): Released all slaves
[ 6045.709035][ T3389] hsr_slave_0: left promiscuous mode
[ 6045.761943][ T3389] hsr_slave_1: left promiscuous mode
[ 6045.926809][ T3389] veth1_macvtap: left promiscuous mode
[ 6045.931461][ T3389] veth0_macvtap: left promiscuous mode
[ 6045.944598][ T3389] veth1_vlan: left promiscuous mode
[ 6045.949608][ T3389] veth0_vlan: left promiscuous mode

VM DIAGNOSIS:
07:28:17  Registers:
info registers vcpu 0

CPU#0
 PC=ffff8000804544a8 X00=0000000000000000 X01=ffff8000872b1fa2
X02=0000000000000001 X03=ffff80008045abd8 X04=ffff8000a9246f20
X05=0000000000000020 X06=0000000000000000 X07=ffff80008047db18
X08=00000000000003c0 X09=0000000000000000 X10=0000000000000063
X11=0000000000000144 X12=0000000000000044 X13=0000000000000002
X14=00000000000000c8 X15=ffff800087f39a30 X16=ffff800080011d9c
X17=0000000000000043 X18=0000000000000000 X19=ffff80008047db2c
X20=63f000000d838000 X21=ffff8000877e6618 X22=0000000000000005
X23=63f000000d838b30 X24=ffff800087666580 X25=00000000000003c0
X26=0000000000000004 X27=0000000000000004 X28=0000000000000080
X29=ffff8000a92470e0 X30=ffff800080454488  SP=ffff8000a92470d0
PSTATE=604023c9 -ZC- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=0000000000000000:0000000000000000 Z01=0000fffff80d8800:f73fe4855b014e00
Z02=0000fffff80d87e0:ffffff80ffffffd8 Z03=0000fffff80d8890:0000fffff80d8890
Z04=0000fffff80d8890:0000ffffba536d08 Z05=0000fffff80d8860:0000fffff80d8890
Z06=6edc4d3a2914b135:d8e9c869e2695c88 Z07=b20fae707afde253:388e9c6c4fa85ca0
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000fffff80d8ab0:0000fffff80d8ab0 Z17=ffffff80ffffffd0:0000fffff80d8a80
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000