last executing test programs:

1m52.244530096s ago: executing program 1 (id=1098):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f00004f8000/0x3000)=nil, 0x930, 0x0, 0x4f832, r3, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1})
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000040)=0xa25})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm(r5)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
munmap(&(0x7f0000e1f000/0x4000)=nil, 0x4000)
r9 = eventfd2(0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r10 = openat$kvm(0x0, &(0x7f0000000040), 0x100000, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x10b040, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
syz_kvm_setup_syzos_vm(r13)
r14 = syz_kvm_vgic_v3_setup(r13, 0x3, 0x40)
ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x2, 0x4, &(0x7f0000000180)=0x1000})
ioctl$KVM_SET_DEVICE_ATTR_vm(r11, 0x4018aee1, &(0x7f0000000200)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0x80000003, 0x6}})
close(0x4)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000080)={0x1000, 0x0, 0x1, r9, 0x1})
syz_kvm_setup_syzos_vm(r5)
syz_kvm_setup_syzos_vm(r5)
syz_kvm_add_vcpu(r6, &(0x7f00000000c0)={0x0, 0x0, 0x218}, &(0x7f0000000340)=[@featur2={0x1, 0x27}], 0x1)

1m31.033820303s ago: executing program 0 (id=1099):
munmap(&(0x7f0000647000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000fde000/0x4000)=nil, 0x4000)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1})
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_sys={0x603000000013c801, &(0x7f00000000c0)=0x274})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, 0x930, 0x8, 0x8032, 0xffffffffffffffff, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r5, 0x4018aee2, &(0x7f0000000140)=@attr_other={0x0, 0x1, 0xb8b, 0x0})
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f000000f000/0x2000)=nil, 0x2000)
munmap(&(0x7f000075a000/0xb000)=nil, 0xb000)
munmap(&(0x7f0000c90000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000faf000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000)
munmap(&(0x7f0000f40000/0x5000)=nil, 0x5000)
munmap(&(0x7f0000ff5000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x0, 0x80031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000fff000/0x1000)=nil, 0x1000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000)

1m21.446633278s ago: executing program 1 (id=1100):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000780)=[{0x0, &(0x7f0000000040)=[@hvc={0x4, 0x40, {0x1000, [0x9cf, 0xb9, 0x6, 0x5, 0x3]}}, @code={0x1, 0xb4, {"e0279fd200a0b0f2610180d2e20080d2c30080d2c40080d2020000d480688fd20060b8f2e10080d2e20180d2e30080d2e40080d2020000d4406c90d200c0b8f2610180d2020180d2e30080d2440180d2020000d4007008d50008203c605681d200a0b8f2a10180d2020080d2830080d2a40080d2020000d4007008d5e05580d200e0b0f2e10080d2c20080d2830180d2840180d2020000d4007008d50034202e"}}, @smc={0x3, 0x40, {0x30000000, [0x1, 0x1, 0x9, 0x2, 0xa]}}, @hvc={0x4, 0x40, {0x10, [0xa, 0x9, 0x7, 0xffff, 0x34]}}, @hvc={0x4, 0x40, {0x8000, [0x1, 0xffffffffffffffcf, 0x0, 0x7, 0x7c32]}}, @uexit={0x0, 0x18, 0x3}, @smc={0x3, 0x40, {0x1, [0x9, 0x7bef, 0x1000, 0x101, 0x8000000000000000]}}, @smc={0x3, 0x40, {0x1, [0xff, 0x3, 0x6e, 0x5, 0x80]}}, @hvc={0x4, 0x40, {0x241, [0x8, 0x3, 0x5, 0x100000001, 0xb4c]}}, @smc={0x3, 0x40, {0x200, [0x4a3, 0x8, 0x4, 0x0, 0x6]}}, @code={0x1, 0xb4, {"60019cd200a0b0f2e10080d2820080d2030180d2240180d2020000d4c0e185d20040b0f2a10080d2620080d2a30080d2040080d2020000d40008c01a405e96d20020b8f2e10180d2820080d2c30080d2240080d2020000d4000028d5000040f8000028d500938bd20000b8f2c10180d2220080d2630180d2840180d2020000d4c03880d20040b8f2c10180d2e20080d2430080d2c40180d2020000d400044038"}}, @code={0x1, 0x6c, {"008008d500a4202e402f95d200c0b0f2810180d2a20080d2830080d2e40080d2020000d4007008d5406595d200e0b8f2a10080d2e20080d2e30180d2840080d2020000d40058201e0020006f000008d5000028d5000008d5"}}, @uexit={0x0, 0x18, 0x1000}, @smc={0x3, 0x40, {0x0, [0x9, 0xffffffffffffffff, 0x6, 0x0, 0x401]}}, @code={0x1, 0x9c, {"00f098d20020b0f2e10180d2a20180d2630080d2640180d2020000d4e0030032e03893d200e0b8f2010180d2e20080d2230180d2a40080d2020000d4000028d5000008d5007008d520829fd20080b0f2210080d2c20080d2c30080d2c40180d2020000d4007008d500a0df0d809496d20040b8f2a10180d2420180d2230080d2440080d2020000d4"}}, @hvc={0x4, 0x40, {0x32000000, [0x3, 0x0, 0xfff, 0x6, 0x6]}}, @smc={0x3, 0x40, {0x3702e30e0aa25254, [0x8000000000000000, 0xffffffffffffffff, 0x2c01, 0x70a, 0xffffffff]}}, @hvc={0x4, 0x40, {0x400, [0x8, 0x4, 0x3, 0x22b, 0x2]}}, @msr={0x2, 0x20, {0x603000000013c086, 0x3}}, @msr={0x2, 0x20, {0x603000000013c645, 0x5}}, @msr={0x2, 0x20, {0x2515, 0xffffffffffffffff}}, @code={0x1, 0x9c, {"008008d5007008d5007008d5a02a8cd20000b8f2810080d2a20180d2c30180d2a40180d2020000d480218ad20000b0f2410080d2020180d2030180d2840080d2020000d480e084d20020b0f2e10080d2220180d2630180d2e40080d2020000d4008008d5a09d92d200e0b8f2610180d2c20080d2630180d2840180d2020000d4000028d50000001c"}}, @hvc={0x4, 0x40, {0x3f000000, [0x40, 0x8000, 0x9, 0x3ff, 0xd]}}], 0x6dc}], 0x1, 0x0, &(0x7f00000007c0)=[@featur2={0x1, 0x2}], 0x1)
munmap(&(0x7f0000ff7000/0x4000)=nil, 0x4000)
ioctl$KVM_GET_FPU(0xffffffffffffffff, 0x8000ae8c, &(0x7f0000000800))
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000009c0), 0x1a1400, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0xda1)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4360ae82, 0x0)
munmap(&(0x7f0000fe7000/0x3000)=nil, 0x3000)
ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, &(0x7f0000000ac0)={0x3, 0x1})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_SREGS(r4, 0x4000ae84, &(0x7f0000000b00)={{0x1, 0x10000, 0x9, 0xc9, 0x2, 0x93, 0x8, 0x3, 0x7, 0x37, 0xfb, 0xfa}, {0x106001, 0x6000, 0x8, 0x2c, 0xff, 0x10, 0x1, 0x1, 0x9, 0x72, 0xc, 0x81}, {0x2, 0x1, 0x3, 0x3, 0x77, 0xbc, 0x4c, 0xd, 0x0, 0x4, 0x7, 0x7}, {0x4000, 0x4, 0x8, 0x80, 0x0, 0x10, 0x81, 0x8, 0xa, 0x3, 0x9, 0xb}, {0x1000, 0x5000, 0xc, 0x5f, 0x80, 0x1, 0x40, 0x0, 0x9, 0x7, 0xff, 0x8}, {0x4000, 0x4000, 0x3, 0xb, 0x46, 0xe, 0x8, 0x5, 0xc9, 0xfe, 0x2, 0x9}, {0x10000, 0x108000, 0xc, 0x3, 0x4, 0xd, 0x9, 0x4, 0x3, 0xd4, 0x9d, 0x3}, {0x2000, 0x5000, 0x4, 0x8, 0x1, 0xd, 0x4, 0x81, 0x9b, 0x0, 0x42, 0xe}, {0x10000, 0xacd1}, {0x0, 0x8}, 0x20, 0x0, 0x2, 0x101200, 0xd, 0x2000, 0x4000, [0x7, 0x15, 0x7fffffff]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000c40), 0x800, 0x0)
r5 = eventfd2(0x8af0, 0x800)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000cc0)={0x2000, 0x0, 0x8, r5, 0x2})
eventfd2(0x0, 0x800)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000d00), 0x200000, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x0, 0x1000003, 0x20010, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$arm64(r1, r4, &(0x7f0000fe0000/0x18000)=nil, &(0x7f0000001340)=[{0x0, &(0x7f0000000d40)=[@smc={0x3, 0x40, {0x5000000, [0x100, 0x4, 0xcd3, 0x7fffffffffffffff, 0x4]}}, @smc={0x3, 0x40, {0x10, [0x7, 0x8, 0x7]}}, @uexit={0x0, 0x18, 0x3}, @msr={0x2, 0x20, {0x60300000001383c6, 0x8000000000000000}}, @code={0x1, 0x84, {"000040fd000008d5e0039fd6e0b29bd20060b8f2410080d2220180d2a30080d2240180d2020000d4000008d5606a9ad200a0b8f2c10180d2820180d2630180d2e40080d2020000d4401384d200c0b0f2a10180d2620080d2830180d2640180d2020000d40084600d007008d5000008d5"}}, @uexit={0x0, 0x18, 0x2}, @smc={0x3, 0x40, {0x8000, [0x5, 0x2, 0x7fffffff, 0x100000001, 0x4]}}, @smc={0x3, 0x40, {0xffff, [0x7, 0x0, 0xffffffffffffff74, 0x4, 0x765]}}, @msr={0x2, 0x20, {0x603000000013d000, 0x7ff}}, @code={0x1, 0x84, {"007008d50000202b0000631ee08082d20080b0f2a10080d2620080d2430080d2a40080d2020000d460e98ed20000b8f2810080d2620180d2e30180d2840080d2020000d4009c005f0070200ea09688d20000b0f2a10080d2420180d2c30180d2c40080d2020000d40000204b007008d5"}}, @code={0x1, 0xb4, {"60039dd20020b8f2610180d2620080d2430080d2040080d2020000d4000000ac000008d5600696d20040b8f2210180d2620180d2430080d2240080d2020000d40040211e007008d50008201e00238ad200a0b8f2210080d2620080d2430180d2640080d2020000d4802e8ed20060b0f2c10180d2a20080d2e30180d2440080d2020000d4209c92d200c0b8f2610180d2820180d2e30080d2e40180d2020000d4"}}, @smc={0x3, 0x40, {0x6000000, [0x200, 0x1, 0x4, 0xff, 0x3]}}, @hvc={0x4, 0x40, {0x0, [0x5, 0x7fff, 0x2f, 0x5, 0x8000]}}, @smc={0x3, 0x40, {0x8, [0x3, 0x8, 0x0, 0x4, 0x9]}}, @code={0x1, 0x84, {"0000251e000008d5000028d560bc87d20040b0f2210180d2620180d2e30180d2040080d2020000d4e03686d20060b0f2610180d2e20080d2230180d2640180d2020000d4000c403840cf8ad20060b8f2a10180d2c20180d2c30180d2840080d2020000d40084c00d0068000e007008d5"}}, @uexit={0x0, 0x18, 0x1}, @msr={0x2, 0x20, {0x603000000013dee3, 0x9}}, @msr={0x2, 0x20, {0x603000000013def4, 0x9}}, @msr={0x2, 0x20, {0x603000000013ff10, 0x7}}, @uexit={0x0, 0x18, 0x1}, @code={0x1, 0xb4, {"007008d5203189d20000b8f2e10080d2220080d2e30080d2c40180d2020000d40000005aa05688d20000b8f2610180d2020180d2230180d2640080d2020000d420c89dd200c0b0f2810080d2420180d2230180d2e40180d2020000d40004002fa0a492d200c0b0f2a10080d2620180d2e30080d2040080d2020000d4007008d5e06198d20020b8f2410080d2a20180d2030080d2e40180d2020000d4000028d5"}}, @uexit={0x0, 0x18, 0x4}, @msr={0x2, 0x20, {0x603000000013dee2, 0x10}}], 0x5ec}], 0x1, 0x0, &(0x7f0000001380)=[@featur2={0x1, 0x2}], 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f00000013c0), 0x900, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000001400)={0x1000, 0x5000})
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000001480)=@arm64_ccsidr={0x6020000000110009, &(0x7f0000001440)=0x6})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f00000014c0)={0x10001, 0x0, &(0x7f0000fe6000/0x3000)=nil})
r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_EXCEPTION_PAYLOAD(r6, 0x4068aea3, &(0x7f0000001500)={0xa4, 0x0, 0x1})

1m9.962294984s ago: executing program 0 (id=1101):
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x300000c, 0x4f832, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f831, 0xffffffffffffffff, 0x200000000000000)
ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x4000)=nil, 0x930, 0x300000c, 0x4f832, 0xffffffffffffffff, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1})
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f00000000c0)=@x86={0x4, 0xa, 0x7, 0x0, 0x1, 0x9, 0x5, 0x7, 0xf, 0x16, 0xa0, 0x0, 0x0, 0x3, 0x76d, 0xf5, 0x9, 0xe, 0x4, '\x00', 0x96, 0x9})
ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013804c, &(0x7f0000000000)=0x3})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000000100)={0xffffffffffffffff, 0x0, 0x1})
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
r8 = mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
munmap(&(0x7f0000e1f000/0x4000)=nil, 0x4000)
r10 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f0000000040)={0x2, 0x0, 0x1, r10})

1m3.12651001s ago: executing program 1 (id=1102):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1})
ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000000)=@arm64_extra={0x6030000000160002, &(0x7f0000000180)=0xdc15})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x400840, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(0xffffffffffffffff, 0x4008ae48, 0x0)
munmap(&(0x7f0000fde000/0x4000)=nil, 0x4000)
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x2, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x8010, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, 0x930, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
ioctl$KVM_CHECK_EXTENSION_VM(r4, 0xae03, 0xd8)
openat$kvm(0xffffffffffffff9c, 0x0, 0x648140, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)

47.451789365s ago: executing program 0 (id=1103):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000006c0), 0x140, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_USER_SPACE_MSR(r1, 0x4068aea3, &(0x7f0000000fc0)={0xb1})
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0x4008ae48, &(0x7f0000000040)=0x2)
r3 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x0, 0x4003831, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000080)=@arm64_ccsidr={0x6020000000110002, 0x0})

46.124262946s ago: executing program 1 (id=1104):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000340)={0x5})
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000200)={0x1fe, 0x1, 0x0, 0x1000, &(0x7f0000fcc000/0x1000)=nil}) (async, rerun: 64)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x400840, 0x0) (async, rerun: 64)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(0xffffffffffffffff, 0x4008ae48, 0x0) (async)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x2, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x8010, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, 0x930, 0x0, 0x10, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x648140, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async)
syz_kvm_vgic_v3_setup(r2, 0x0, 0x20)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, 0x930, 0x8, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00007d3000/0x1000)=nil, 0x1000) (async, rerun: 32)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000007c0)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (rerun: 32)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async, rerun: 32)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) (rerun: 32)

36.776016023s ago: executing program 0 (id=1105):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x141242, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000080)={0x5, 0xffffffffffffffff, 0x1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, 0x0)
r3 = eventfd2(0x5, 0x1)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000240)={r3, 0x1, 0xfffffffc, r3})
mmap$KVM_VCPU(&(0x7f0000fee000/0x2000)=nil, r2, 0xa, 0x1f, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000fec000/0x4000)=nil, r2, 0x4, 0x12, 0xffffffffffffffff, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, r2, 0x0, 0x4f832, r4, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x3)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r10, &(0x7f0000e8a000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f00000000c0)={0x200000000000100c, 0xf000, 0x3, 0xffffffffffffffff, 0x2})
syz_kvm_vgic_v3_setup(r13, 0x2, 0x160)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r14 = eventfd2(0xdace, 0x80001)
ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f0000000080)={r14, 0x6, 0x0, r14})
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r6, 0x4010ae42, &(0x7f0000000000)={0x8001, 0x0, &(0x7f0000fe7000/0x12000)=nil})

35.742155711s ago: executing program 1 (id=1106):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x80111500, 0x20000000)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x10, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000080)={0x8})
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000200)={0x7})
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000100)={0x2, 0x100000})
ioctl$KVM_SIGNAL_MSI(r4, 0x4020aea5, &(0x7f00000000c0)={0x0, 0xf000, 0x0, 0x1})
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x69)
r5 = openat$kvm(0xffffffffffffff9c, 0x0, 0x400000, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000c09000/0x2000)=nil, 0x930, 0x4000007, 0x4f833, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x401c5820, 0x20000000)
r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = syz_kvm_vgic_v3_setup(r2, 0x4, 0x80)
ioctl$KVM_GET_DEVICE_ATTR(r7, 0x4018aee2, &(0x7f0000000c80)=@attr_arm64={0x0, 0x6, 0x1, 0x0})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2)
syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r6, &(0x7f0000da6000/0x18000)=nil, &(0x7f00000004c0)=[{0x0, 0x0}], 0xaaaaaaaaaaaac9d, 0x0, &(0x7f00000000c0)=[@featur2={0x1, 0x8}], 0x1)

13.375296943s ago: executing program 0 (id=1107):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000)
munmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000647000/0x1000)=nil, 0x1000)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0xf000, 0x9000})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xc000})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000040)={0x3000, 0xf000})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x801, 0x0)

12.422466509s ago: executing program 1 (id=1108):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x300000c, 0x4f832, 0xffffffffffffffff, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1})
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000140)=@arm64_sys={0x603000000013c664, 0x0})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
munmap(&(0x7f0000e1f000/0x4000)=nil, 0x4000)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x8, 0x4f832, 0xffffffffffffffff, 0x0)
ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r4, 0x4008ae6a, &(0x7f0000000240)={0x2, 0x0, [{0x80, 0x1, 0x0, 0x0, @sint={0x6, 0x100}}, {0x401, 0x1, 0x0, 0x0, @msi={0xfffffff9, 0x2, 0x67ec720a, 0x9}}]})
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000200)={0xa, <r7=>0xffffffffffffffff, 0x1})
ioctl$KVM_GET_DEVICE_ATTR(r7, 0x4018aee2, &(0x7f0000000180)=@attr_arm64={0x0, 0x0, 0x3, 0x0})
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000900)={0x0, 0x0, 0x1, 0xffffffffffffffff, 0x1})
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000080)={0x1000, 0x0, 0x1, 0xffffffffffffffff, 0x1})
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0x0, 0x0, 0x480000, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0)
close(0x5)

0s ago: executing program 0 (id=1109):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000340)={0x5, 0x8}) (async)
ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000340)={0x5, 0x8})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async)
r3 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, r7, 0x100000e, 0x8a031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, r7, 0x0, 0x4f831, 0xffffffffffffffff, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, r7, 0x0, 0x4f831, 0xffffffffffffffff, 0x0)
ioctl$KVM_CAP_PMU_CAPABILITY(r5, 0x4068aea3, &(0x7f00000000c0)={0xd4, 0x0, 0x2})
r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r5, r8, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000380)=ANY=[], 0x18}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

[  533.091773][ T3116] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:65262' (ED25519) to the list of known hosts.
[  745.660079][   T24] audit: type=1400 audit(744.630:69): avc:  denied  { name_bind } for  pid=3276 comm="sshd" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  746.977554][   T24] audit: type=1400 audit(745.950:70): avc:  denied  { execute } for  pid=3278 comm="sh" name="syz-executor" dev="vda" ino=1735 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  747.018621][   T24] audit: type=1400 audit(745.990:71): avc:  denied  { execute_no_trans } for  pid=3278 comm="sh" path="/syz-executor" dev="vda" ino=1735 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  784.718420][   T24] audit: type=1400 audit(783.690:72): avc:  denied  { mounton } for  pid=3278 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1737 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  784.795028][   T24] audit: type=1400 audit(783.740:73): avc:  denied  { mount } for  pid=3278 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  784.889513][ T3278] cgroup: Unknown subsys name 'net'
[  784.959171][   T24] audit: type=1400 audit(783.920:74): avc:  denied  { unmount } for  pid=3278 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  785.545500][ T3278] cgroup: Unknown subsys name 'cpuset'
[  785.687799][ T3278] cgroup: Unknown subsys name 'rlimit'
[  786.624272][   T24] audit: type=1400 audit(785.590:75): avc:  denied  { setattr } for  pid=3278 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  786.666434][   T24] audit: type=1400 audit(785.640:76): avc:  denied  { create } for  pid=3278 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  786.690778][   T24] audit: type=1400 audit(785.660:77): avc:  denied  { write } for  pid=3278 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  786.707431][   T24] audit: type=1400 audit(785.670:78): avc:  denied  { module_request } for  pid=3278 comm="syz-executor" kmod="net-pf-16-proto-16-family-nl802154" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  787.428588][   T24] audit: type=1400 audit(786.380:79): avc:  denied  { read } for  pid=3278 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  787.488824][   T24] audit: type=1400 audit(786.460:80): avc:  denied  { mounton } for  pid=3278 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  787.544796][   T24] audit: type=1400 audit(786.480:81): avc:  denied  { mount } for  pid=3278 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  788.987114][ T3283] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[  789.340553][ T3278] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  846.388401][   T24] kauditd_printk_skb: 4 callbacks suppressed
[  846.388699][   T24] audit: type=1400 audit(845.360:86): avc:  denied  { execmem } for  pid=3284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  939.361593][   T24] audit: type=1400 audit(938.330:87): avc:  denied  { read } for  pid=3286 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  939.419495][   T24] audit: type=1400 audit(938.390:88): avc:  denied  { open } for  pid=3286 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  939.506674][   T24] audit: type=1400 audit(938.460:89): avc:  denied  { mounton } for  pid=3287 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  941.186823][   T24] audit: type=1400 audit(940.150:90): avc:  denied  { sys_module } for  pid=3287 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  976.825630][ T3287] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  976.956366][ T3286] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  977.069049][ T3287] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  977.285291][ T3286] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  992.716918][ T3287] hsr_slave_0: entered promiscuous mode
[  992.790682][ T3287] hsr_slave_1: entered promiscuous mode
[  993.519254][ T3286] hsr_slave_0: entered promiscuous mode
[  993.578429][ T3286] hsr_slave_1: entered promiscuous mode
[  993.625099][ T3286] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  993.630051][ T3286] Cannot create hsr debugfs directory
[ 1000.671284][ T3287] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1001.474257][ T3287] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1001.736288][ T3287] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1002.035483][ T3287] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1004.768945][ T3286] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1005.121551][ T3286] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1005.410855][ T3286] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1005.726625][ T3286] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1029.448304][ T3287] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1035.029183][ T3286] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1114.670449][ T3287] veth0_vlan: entered promiscuous mode
[ 1115.510608][ T3287] veth1_vlan: entered promiscuous mode
[ 1118.227969][ T3287] veth0_macvtap: entered promiscuous mode
[ 1118.698252][ T3287] veth1_macvtap: entered promiscuous mode
[ 1120.475558][ T3286] veth0_vlan: entered promiscuous mode
[ 1121.720075][ T3286] veth1_vlan: entered promiscuous mode
[ 1122.009041][ T3287] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1122.025282][ T3287] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1122.027516][ T3287] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1122.029589][ T3287] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1125.990313][   T24] audit: type=1400 audit(1124.950:91): avc:  denied  { mount } for  pid=3287 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1126.333861][   T24] audit: type=1400 audit(1125.300:92): avc:  denied  { mounton } for  pid=3287 comm="syz-executor" path="/syzkaller.Dt48dS/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 1126.590182][ T3286] veth0_macvtap: entered promiscuous mode
[ 1126.783722][   T24] audit: type=1400 audit(1125.690:93): avc:  denied  { mount } for  pid=3287 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[ 1127.170163][ T3286] veth1_macvtap: entered promiscuous mode
[ 1127.235081][   T24] audit: type=1400 audit(1126.190:94): avc:  denied  { mounton } for  pid=3287 comm="syz-executor" path="/syzkaller.Dt48dS/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[ 1127.420123][   T24] audit: type=1400 audit(1126.340:95): avc:  denied  { mounton } for  pid=3287 comm="syz-executor" path="/syzkaller.Dt48dS/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3607 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[ 1128.185774][   T24] audit: type=1400 audit(1127.140:96): avc:  denied  { unmount } for  pid=3287 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 1128.643554][   T24] audit: type=1400 audit(1127.510:97): avc:  denied  { mounton } for  pid=3287 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=1512 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[ 1129.278912][   T24] audit: type=1400 audit(1128.240:98): avc:  denied  { mount } for  pid=3287 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1129.498984][   T24] audit: type=1400 audit(1128.470:99): avc:  denied  { mounton } for  pid=3287 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[ 1129.626924][   T24] audit: type=1400 audit(1128.590:100): avc:  denied  { mount } for  pid=3287 comm="syz-executor" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[ 1130.816543][ T3286] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1130.818852][ T3286] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1130.820833][ T3286] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1130.968620][ T3286] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1133.491324][ T3287] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 1136.174106][   T24] audit: type=1400 audit(1135.050:101): avc:  denied  { read write } for  pid=3287 comm="syz-executor" name="loop0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1136.288127][   T24] audit: type=1400 audit(1135.150:102): avc:  denied  { open } for  pid=3287 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1136.353867][   T24] audit: type=1400 audit(1135.250:103): avc:  denied  { ioctl } for  pid=3287 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=637 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1164.575791][   T24] audit: type=1400 audit(1163.520:104): avc:  denied  { read } for  pid=3436 comm="syz.0.5" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1164.641745][   T24] audit: type=1400 audit(1163.610:105): avc:  denied  { open } for  pid=3436 comm="syz.0.5" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1165.524534][   T24] audit: type=1400 audit(1164.460:106): avc:  denied  { ioctl } for  pid=3436 comm="syz.0.5" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae03 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1232.158404][   T24] audit: type=1400 audit(1231.090:107): avc:  denied  { append } for  pid=3469 comm="syz.0.19" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1249.118108][   T24] audit: type=1400 audit(1248.080:108): avc:  denied  { write } for  pid=3478 comm="syz.1.24" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1316.268922][   T24] audit: type=1400 audit(1315.210:109): avc:  denied  { execute } for  pid=3511 comm="syz.1.36" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3913 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[ 1336.004955][   T24] audit: type=1400 audit(1334.910:110): avc:  denied  { setattr } for  pid=3520 comm="syz.0.39" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1656.197926][   T24] audit: type=1400 audit(1655.140:111): avc:  denied  { map } for  pid=3671 comm="syz.1.99" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 3085.878601][ T4354] kvm [4354]: Failed to find VMA for hva 0x20fcc000
[ 3274.959539][ T4443] kvm [4443]: Failed to find VMA for hva 0x20fcc000
[ 4638.591129][ T5036] KVM: debugfs: duplicate directory 5036-4
[ 4959.790521][ T5159] FAULT_INJECTION: forcing a failure.
[ 4959.790521][ T5159] name fail_usercopy, interval 1, probability 0, space 0, times 1
[ 4959.827806][ T5159] CPU: 0 UID: 0 PID: 5159 Comm: syz.0.559 Not tainted 6.12.0-rc5-syzkaller-gcc19e3405e85 #0
[ 4959.830159][ T5159] Hardware name: linux,dummy-virt (DT)
[ 4959.831775][ T5159] Call trace:
[ 4959.832951][ T5159]  dump_backtrace+0x1b8/0x1e4
[ 4959.835601][ T5159]  show_stack+0x2c/0x3c
[ 4959.837063][ T5159]  dump_stack_lvl+0xe4/0x150
[ 4959.838502][ T5159]  dump_stack+0x1c/0x28
[ 4959.839793][ T5159]  should_fail_ex+0x318/0x338
[ 4959.841310][ T5159]  should_fail+0x14/0x24
[ 4959.842679][ T5159]  should_fail_usercopy+0x20/0x30
[ 4959.844178][ T5159]  simple_read_from_buffer+0xc4/0x1f8
[ 4959.845675][ T5159]  proc_fail_nth_read+0xc8/0x108
[ 4959.847104][ T5159]  vfs_read+0x19c/0x568
[ 4959.848477][ T5159]  ksys_read+0xd4/0x18c
[ 4959.849852][ T5159]  __arm64_sys_read+0x48/0x58
[ 4959.851291][ T5159]  invoke_syscall+0x78/0x1b8
[ 4959.852696][ T5159]  el0_svc_common+0xe8/0x1b0
[ 4959.854233][ T5159]  do_el0_svc+0x40/0x50
[ 4959.855622][ T5159]  el0_svc+0x54/0x14c
[ 4959.856923][ T5159]  el0t_64_sync_handler+0x84/0xfc
[ 4959.858376][ T5159]  el0t_64_sync+0x190/0x194
[ 5149.247702][ T5238] FAULT_INJECTION: forcing a failure.
[ 5149.247702][ T5238] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 5149.250171][ T5238] CPU: 0 UID: 0 PID: 5238 Comm: syz.1.584 Not tainted 6.12.0-rc5-syzkaller-gcc19e3405e85 #0
[ 5149.252061][ T5238] Hardware name: linux,dummy-virt (DT)
[ 5149.253389][ T5238] Call trace:
[ 5149.254485][ T5238]  dump_backtrace+0x1b8/0x1e4
[ 5149.255996][ T5238]  show_stack+0x2c/0x3c
[ 5149.257447][ T5238]  dump_stack_lvl+0xe4/0x150
[ 5149.258809][ T5238]  dump_stack+0x1c/0x28
[ 5149.260188][ T5238]  should_fail_ex+0x318/0x338
[ 5149.261543][ T5238]  should_fail+0x14/0x24
[ 5149.262959][ T5238]  should_fail_usercopy+0x20/0x30
[ 5149.264397][ T5238]  strncpy_from_user+0x44/0x2b0
[ 5149.265850][ T5238]  getname_flags+0xb0/0x34c
[ 5149.267294][ T5238]  getname+0x24/0x34
[ 5149.268575][ T5238]  do_sys_openat2+0x70/0x134
[ 5149.270078][ T5238]  __arm64_sys_openat+0xe8/0x118
[ 5149.271333][ T5238]  invoke_syscall+0x78/0x1b8
[ 5149.272782][ T5238]  el0_svc_common+0xe8/0x1b0
[ 5149.274298][ T5238]  do_el0_svc+0x40/0x50
[ 5149.275567][ T5238]  el0_svc+0x54/0x14c
[ 5149.276892][ T5238]  el0t_64_sync_handler+0x84/0xfc
[ 5149.278363][ T5238]  el0t_64_sync+0x190/0x194
[ 5309.081452][ T5304] FAULT_INJECTION: forcing a failure.
[ 5309.081452][ T5304] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 5309.111785][ T5304] CPU: 0 UID: 0 PID: 5304 Comm: syz.0.604 Not tainted 6.12.0-rc5-syzkaller-gcc19e3405e85 #0
[ 5309.113853][ T5304] Hardware name: linux,dummy-virt (DT)
[ 5309.115144][ T5304] Call trace:
[ 5309.116260][ T5304]  dump_backtrace+0x1b8/0x1e4
[ 5309.117861][ T5304]  show_stack+0x2c/0x3c
[ 5309.119328][ T5304]  dump_stack_lvl+0xe4/0x150
[ 5309.120579][ T5304]  dump_stack+0x1c/0x28
[ 5309.121952][ T5304]  should_fail_ex+0x318/0x338
[ 5309.123465][ T5304]  should_fail+0x14/0x24
[ 5309.124925][ T5304]  should_fail_usercopy+0x20/0x30
[ 5309.126402][ T5304]  simple_read_from_buffer+0xc4/0x1f8
[ 5309.127789][ T5304]  proc_fail_nth_read+0xc8/0x108
[ 5309.129312][ T5304]  vfs_read+0x19c/0x568
[ 5309.130679][ T5304]  ksys_read+0xd4/0x18c
[ 5309.132076][ T5304]  __arm64_sys_read+0x48/0x58
[ 5309.133568][ T5304]  invoke_syscall+0x78/0x1b8
[ 5309.135049][ T5304]  el0_svc_common+0xe8/0x1b0
[ 5309.136547][ T5304]  do_el0_svc+0x40/0x50
[ 5309.137972][ T5304]  el0_svc+0x54/0x14c
[ 5309.139352][ T5304]  el0t_64_sync_handler+0x84/0xfc
[ 5309.140828][ T5304]  el0t_64_sync+0x190/0x194
[ 5577.077026][ T5410] FAULT_INJECTION: forcing a failure.
[ 5577.077026][ T5410] name failslab, interval 1, probability 0, space 0, times 1
[ 5577.095992][ T5410] CPU: 0 UID: 0 PID: 5410 Comm: syz.1.637 Not tainted 6.12.0-rc5-syzkaller-gcc19e3405e85 #0
[ 5577.098360][ T5410] Hardware name: linux,dummy-virt (DT)
[ 5577.099776][ T5410] Call trace:
[ 5577.100927][ T5410]  dump_backtrace+0x1b8/0x1e4
[ 5577.102498][ T5410]  show_stack+0x2c/0x3c
[ 5577.103761][ T5410]  dump_stack_lvl+0xe4/0x150
[ 5577.105189][ T5410]  dump_stack+0x1c/0x28
[ 5577.106526][ T5410]  should_fail_ex+0x318/0x338
[ 5577.107873][ T5410]  should_failslab+0x94/0xb0
[ 5577.109355][ T5410]  __kmalloc_noprof+0xdc/0x438
[ 5577.110632][ T5410]  tomoyo_encode+0x1f8/0x32c
[ 5577.112096][ T5410]  tomoyo_realpath_from_path+0x2dc/0x330
[ 5577.113686][ T5410]  tomoyo_check_open_permission+0x118/0x3ec
[ 5577.115208][ T5410]  tomoyo_file_open+0x110/0x150
[ 5577.116669][ T5410]  security_file_open+0x4c8/0x6d0
[ 5577.118240][ T5410]  do_dentry_open+0x1f0/0xac4
[ 5577.119639][ T5410]  vfs_open+0x48/0x208
[ 5577.121027][ T5410]  path_openat+0x17b8/0x1ca4
[ 5577.122520][ T5410]  do_filp_open+0x100/0x210
[ 5577.123995][ T5410]  do_sys_openat2+0xbc/0x134
[ 5577.125437][ T5410]  __arm64_sys_openat+0xe8/0x118
[ 5577.126750][ T5410]  invoke_syscall+0x78/0x1b8
[ 5577.128277][ T5410]  el0_svc_common+0xe8/0x1b0
[ 5577.129759][ T5410]  do_el0_svc+0x40/0x50
[ 5577.131134][ T5410]  el0_svc+0x54/0x14c
[ 5577.132482][ T5410]  el0t_64_sync_handler+0x84/0xfc
[ 5577.133768][ T5410]  el0t_64_sync+0x190/0x194
[ 5577.315626][ T5410] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 5608.260560][ T5422] FAULT_INJECTION: forcing a failure.
[ 5608.260560][ T5422] name failslab, interval 1, probability 0, space 0, times 0
[ 5608.313443][ T5422] CPU: 0 UID: 0 PID: 5422 Comm: syz.0.641 Not tainted 6.12.0-rc5-syzkaller-gcc19e3405e85 #0
[ 5608.315529][ T5422] Hardware name: linux,dummy-virt (DT)
[ 5608.316785][ T5422] Call trace:
[ 5608.317827][ T5422]  dump_backtrace+0x1b8/0x1e4
[ 5608.319311][ T5422]  show_stack+0x2c/0x3c
[ 5608.320717][ T5422]  dump_stack_lvl+0xe4/0x150
[ 5608.322170][ T5422]  dump_stack+0x1c/0x28
[ 5608.323322][ T5422]  should_fail_ex+0x318/0x338
[ 5608.324592][ T5422]  should_failslab+0x94/0xb0
[ 5608.326022][ T5422]  __kmalloc_noprof+0xdc/0x438
[ 5608.327282][ T5422]  tomoyo_encode+0x1f8/0x32c
[ 5608.328659][ T5422]  tomoyo_realpath_from_path+0x2dc/0x330
[ 5608.330245][ T5422]  tomoyo_check_open_permission+0x118/0x3ec
[ 5608.331800][ T5422]  tomoyo_file_open+0x110/0x150
[ 5608.333297][ T5422]  security_file_open+0x4c8/0x6d0
[ 5608.334606][ T5422]  do_dentry_open+0x1f0/0xac4
[ 5608.336071][ T5422]  vfs_open+0x48/0x208
[ 5608.337409][ T5422]  path_openat+0x17b8/0x1ca4
[ 5608.338871][ T5422]  do_filp_open+0x100/0x210
[ 5608.340325][ T5422]  do_sys_openat2+0xbc/0x134
[ 5608.341727][ T5422]  __arm64_sys_openat+0xe8/0x118
[ 5608.343152][ T5422]  invoke_syscall+0x78/0x1b8
[ 5608.344569][ T5422]  el0_svc_common+0xe8/0x1b0
[ 5608.346023][ T5422]  do_el0_svc+0x40/0x50
[ 5608.347329][ T5422]  el0_svc+0x54/0x14c
[ 5608.348650][ T5422]  el0t_64_sync_handler+0x84/0xfc
[ 5608.350149][ T5422]  el0t_64_sync+0x190/0x194
[ 5608.574383][ T5422] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 5760.036343][ T5483] FAULT_INJECTION: forcing a failure.
[ 5760.036343][ T5483] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 5760.041179][ T5483] CPU: 0 UID: 0 PID: 5483 Comm: syz.0.658 Not tainted 6.12.0-rc5-syzkaller-gcc19e3405e85 #0
[ 5760.043317][ T5483] Hardware name: linux,dummy-virt (DT)
[ 5760.044686][ T5483] Call trace:
[ 5760.045824][ T5483]  dump_backtrace+0x1b8/0x1e4
[ 5760.047227][ T5483]  show_stack+0x2c/0x3c
[ 5760.048679][ T5483]  dump_stack_lvl+0xe4/0x150
[ 5760.050166][ T5483]  dump_stack+0x1c/0x28
[ 5760.051545][ T5483]  should_fail_ex+0x318/0x338
[ 5760.053074][ T5483]  should_fail_alloc_page+0x10c/0x124
[ 5760.054574][ T5483]  prepare_alloc_pages+0x164/0x2e8
[ 5760.056120][ T5483]  __alloc_pages_noprof+0xcc/0x388
[ 5760.057452][ T5483]  alloc_pages_mpol_noprof+0x268/0x3f0
[ 5760.058922][ T5483]  folio_alloc_mpol_noprof+0x48/0x180
[ 5760.060441][ T5483]  vma_alloc_folio_noprof+0x218/0x30c
[ 5760.062003][ T5483]  vma_alloc_zeroed_movable_folio+0x6c/0x80
[ 5760.063629][ T5483]  folio_prealloc+0x3c/0x1a4
[ 5760.065151][ T5483]  __handle_mm_fault+0x23cc/0x41f0
[ 5760.066683][ T5483]  handle_mm_fault+0x278/0x6ac
[ 5760.068176][ T5483]  do_page_fault+0x314/0xbf4
[ 5760.069485][ T5483]  do_translation_fault+0xa4/0xd8
[ 5760.070960][ T5483]  do_mem_abort+0x64/0x16c
[ 5760.072425][ T5483]  el0_da+0x60/0x15c
[ 5760.073735][ T5483]  el0t_64_sync_handler+0xcc/0xfc
[ 5760.075246][ T5483]  el0t_64_sync+0x190/0x194
[ 5761.270829][ T5483] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 5912.271430][ T5547] kvm [5547]: Failed to find VMA for hva 0x20eb3000
[ 6206.656713][ T5664] kvm [5664]: Failed to find VMA for hva 0x20ff4000
[ 6896.431324][ T5976] FAULT_INJECTION: forcing a failure.
[ 6896.431324][ T5976] name failslab, interval 1, probability 0, space 0, times 0
[ 6896.510646][ T5976] CPU: 0 UID: 0 PID: 5976 Comm: syz.1.803 Not tainted 6.12.0-rc5-syzkaller-gcc19e3405e85 #0
[ 6896.512815][ T5976] Hardware name: linux,dummy-virt (DT)
[ 6896.514319][ T5976] Call trace:
[ 6896.515437][ T5976]  dump_backtrace+0x1b8/0x1e4
[ 6896.516996][ T5976]  show_stack+0x2c/0x3c
[ 6896.518356][ T5976]  dump_stack_lvl+0xe4/0x150
[ 6896.519748][ T5976]  dump_stack+0x1c/0x28
[ 6896.521121][ T5976]  should_fail_ex+0x318/0x338
[ 6896.522627][ T5976]  should_failslab+0x94/0xb0
[ 6896.524068][ T5976]  __kmalloc_noprof+0xdc/0x438
[ 6896.525491][ T5976]  kvm_dev_ioctl+0x948/0x10e8
[ 6896.526902][ T5976]  __arm64_sys_ioctl+0x108/0x184
[ 6896.528161][ T5976]  invoke_syscall+0x78/0x1b8
[ 6896.529636][ T5976]  el0_svc_common+0xe8/0x1b0
[ 6896.531097][ T5976]  do_el0_svc+0x40/0x50
[ 6896.532535][ T5976]  el0_svc+0x54/0x14c
[ 6896.533896][ T5976]  el0t_64_sync_handler+0x84/0xfc
[ 6896.535399][ T5976]  el0t_64_sync+0x190/0x194
[ 7234.470765][ T6124] kvm [6124]: Failed to find VMA for hva 0x20fcc000
[ 7249.266298][ T6130] KVM: debugfs: duplicate directory 6130-5
[ 7270.511726][ T6140] kvm [6140]: Failed to find VMA for hva 0x20ff4000
[ 9293.247491][ T7050] ------------[ cut here ]------------
[ 9293.251117][ T7050] WARNING: CPU: 0 PID: 7050 at arch/arm64/kvm/arch_timer.c:459 kvm_timer_update_irq+0x21c/0x394
[ 9293.253606][ T7050] Modules linked in:
[ 9293.255665][ T7050] CPU: 0 UID: 0 PID: 7050 Comm: syz.0.1109 Not tainted 6.12.0-rc5-syzkaller-gcc19e3405e85 #0
[ 9293.257664][ T7050] Hardware name: linux,dummy-virt (DT)
[ 9293.259175][ T7050] pstate: 81400009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
[ 9293.261085][ T7050] pc : kvm_timer_update_irq+0x21c/0x394
[ 9293.262744][ T7050] lr : kvm_timer_update_irq+0x21c/0x394
[ 9293.264388][ T7050] sp : ffff80008fed78f0
[ 9293.265637][ T7050] x29: ffff80008fed7900 x28: 00000000000003c5 x27: baf00000118e3c08
[ 9293.268215][ T7050] x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000
[ 9293.270564][ T7050] x23: 0000000000000000 x22: 83ff8000897a9000 x21: 000000000000001e
[ 9293.272791][ T7050] x20: baf00000118e39a0 x19: 00000000fffffff0 x18: 0000000000000000
[ 9293.275018][ T7050] x17: 0000000000000000 x16: 0000000000000083 x15: e2f000000f840a80
[ 9293.277253][ T7050] x14: 0000000000000000 x13: 0000000000000003 x12: e2f000000f840000
[ 9293.279584][ T7050] x11: 83ff8000897a9000 x10: 0000000000ff0100 x9 : 0000000000000000
[ 9293.281956][ T7050] x8 : e2f000000f840000 x7 : 0000000000000000 x6 : 000000000000003f
[ 9293.284112][ T7050] x5 : 0000000000000040 x4 : baf00000118e4dc0 x3 : 0000000000000000
[ 9293.286419][ T7050] x2 : 000000000000001e x1 : 00000000fffffff0 x0 : 0000000000000000
[ 9293.288780][ T7050] Call trace:
[ 9293.289869][ T7050]  kvm_timer_update_irq+0x21c/0x394
[ 9293.291507][ T7050]  kvm_timer_vcpu_reset+0x158/0x690
[ 9293.293109][ T7050]  kvm_reset_vcpu+0x3b4/0x560
[ 9293.294543][ T7050]  kvm_arch_vcpu_ioctl+0x112c/0x1b3c
[ 9293.295946][ T7050]  kvm_vcpu_ioctl+0x4ec/0xf74
[ 9293.297461][ T7050]  __arm64_sys_ioctl+0x108/0x184
[ 9293.298845][ T7050]  invoke_syscall+0x78/0x1b8
[ 9293.300349][ T7050]  el0_svc_common+0xe8/0x1b0
[ 9293.301798][ T7050]  do_el0_svc+0x40/0x50
[ 9293.303240][ T7050]  el0_svc+0x54/0x14c
[ 9293.304615][ T7050]  el0t_64_sync_handler+0x84/0xfc
[ 9293.306085][ T7050]  el0t_64_sync+0x190/0x194
[ 9293.307511][ T7050] irq event stamp: 1832
[ 9293.308780][ T7050] hardirqs last  enabled at (1831): [<ffff8000839ed928>] _raw_read_unlock_irqrestore+0x44/0x94
[ 9293.310890][ T7050] hardirqs last disabled at (1832): [<ffff8000839d56b0>] el1_dbg+0x24/0x80
[ 9293.312774][ T7050] softirqs last  enabled at (1806): [<ffff80008001fc84>] local_bh_enable+0x10/0x34
[ 9293.314767][ T7050] softirqs last disabled at (1804): [<ffff80008001fc50>] local_bh_disable+0x10/0x34
[ 9293.316913][ T7050] ---[ end trace 0000000000000000 ]---
[ 9293.325054][ T7050] ------------[ cut here ]------------
[ 9293.326378][ T7050] WARNING: CPU: 0 PID: 7050 at arch/arm64/kvm/arch_timer.c:459 kvm_timer_update_irq+0x21c/0x394
[ 9293.328473][ T7050] Modules linked in:
[ 9293.330215][ T7050] CPU: 0 UID: 0 PID: 7050 Comm: syz.0.1109 Tainted: G        W          6.12.0-rc5-syzkaller-gcc19e3405e85 #0
[ 9293.332270][ T7050] Tainted: [W]=WARN
[ 9293.333449][ T7050] Hardware name: linux,dummy-virt (DT)
[ 9293.334711][ T7050] pstate: 81400009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
[ 9293.336363][ T7050] pc : kvm_timer_update_irq+0x21c/0x394
[ 9293.337948][ T7050] lr : kvm_timer_update_irq+0x21c/0x394
[ 9293.339533][ T7050] sp : ffff80008fed78f0
[ 9293.340733][ T7050] x29: ffff80008fed7900 x28: 00000000000003c5 x27: baf00000118e3c08
[ 9293.343087][ T7050] x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000
[ 9293.345312][ T7050] x23: 0000000000000000 x22: 83ff8000897a9000 x21: 000000000000001b
[ 9293.347593][ T7050] x20: baf00000118e39a0 x19: 00000000fffffff0 x18: 0000000000000000
[ 9293.349854][ T7050] x17: 0000000000000000 x16: 0000000000000083 x15: e2f000000f840a80
[ 9293.352079][ T7050] x14: 0000000000000000 x13: 0000000000000003 x12: e2f000000f840000
[ 9293.354386][ T7050] x11: 83ff8000897a9000 x10: 0000000000ff0100 x9 : 0000000000000000
[ 9293.356631][ T7050] x8 : e2f000000f840000 x7 : 0000000000000000 x6 : 000000000000003f
[ 9293.358934][ T7050] x5 : 0000000000000040 x4 : baf00000118e4e28 x3 : 0000000000000000
[ 9293.361254][ T7050] x2 : 000000000000001b x1 : 00000000fffffff0 x0 : 0000000000000000
[ 9293.363510][ T7050] Call trace:
[ 9293.364511][ T7050]  kvm_timer_update_irq+0x21c/0x394
[ 9293.366187][ T7050]  kvm_timer_vcpu_reset+0x178/0x690
[ 9293.367514][ T7050]  kvm_reset_vcpu+0x3b4/0x560
[ 9293.368940][ T7050]  kvm_arch_vcpu_ioctl+0x112c/0x1b3c
[ 9293.370421][ T7050]  kvm_vcpu_ioctl+0x4ec/0xf74
[ 9293.371644][ T7050]  __arm64_sys_ioctl+0x108/0x184
[ 9293.373097][ T7050]  invoke_syscall+0x78/0x1b8
[ 9293.374528][ T7050]  el0_svc_common+0xe8/0x1b0
[ 9293.375936][ T7050]  do_el0_svc+0x40/0x50
[ 9293.377352][ T7050]  el0_svc+0x54/0x14c
[ 9293.378656][ T7050]  el0t_64_sync_handler+0x84/0xfc
[ 9293.380105][ T7050]  el0t_64_sync+0x190/0x194
[ 9293.381467][ T7050] irq event stamp: 1866
[ 9293.382603][ T7050] hardirqs last  enabled at (1865): [<ffff8000839d7884>] exit_to_kernel_mode+0xdc/0x10c
[ 9293.384501][ T7050] hardirqs last disabled at (1866): [<ffff8000839d56b0>] el1_dbg+0x24/0x80
[ 9293.386276][ T7050] softirqs last  enabled at (1864): [<ffff800080165de4>] handle_softirqs+0x698/0x6fc
[ 9293.388169][ T7050] softirqs last disabled at (1835): [<ffff800080010a68>] __do_softirq+0x14/0x20
[ 9293.390126][ T7050] ---[ end trace 0000000000000000 ]---

VM DIAGNOSIS:
06:16:38  Registers:
info registers vcpu 0

CPU#0
 PC=ffff800081310274 X00=0000000000000003 X01=0000000000000002
X02=000000000000002a X03=ffff800081311130 X04=e2f000000f840b58
X05=0000000000000001 X06=0000000000000000 X07=ffff80008130ff44
X08=e2f000000f840000 X09=0000000000000000 X10=0000000000ff0100
X11=0000000000000101 X12=00000000e8852775 X13=0000000000000028
X14=e2f000000f840a80 X15=e2f000000f840a80 X16=000000000000001d
X17=0000000000000000 X18=0000000000000000 X19=efff800000000000
X20=1df000000b809080 X21=1df000000b8090c8 X22=0000000000000002
X23=1df000000b80917a X24=1df000000b8092c8 X25=0000000000000000
X26=1df000000b8092d8 X27=f7ff800089749018 X28=0000000000000f01
X29=ffff80008fed7150 X30=ffff800081310274  SP=ffff80008fed7130
PSTATE=804003c9 N--- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=0000ffffd7b9f5d0:0000ffffd7b9f5d0 Z01=ffffff80ffffffd0:0000ffffd7b9f5a0
Z02=00000000c00cc00c:0000000cf0000000 Z03=0000000000000000:00000000ff000000
Z04=3003300330033003:3003300330033003 Z05=f00ff00ff00ff00f:f00ff00ff00ff00f
Z06=0000cccc000cf000:0000cccc000cf000 Z07=0000aaaaef215790:000002da00000000
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000000000002000:0000000000000000 Z17=000000000000000b:0000000000000000
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000