last executing test programs:

46.236069247s ago: executing program 0 (id=376):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r0, 0x4010aeb5, &(0x7f0000000000)={0x0, 0x9})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0xdc032, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e700", 0x0, 0x48)

44.780605224s ago: executing program 1 (id=377):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
r0 = mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r1 = mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) (async)
r2 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1})
ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000200)=@arm64_sys={0x603000000013804c, 0x0}) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00000001c0)={0x8, <r7=>0xffffffffffffffff})
syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) (async)
mmap$KVM_VCPU(&(0x7f0000d10000/0xa000)=nil, 0x930, 0x3000006, 0x28031, 0xffffffffffffffff, 0x0) (async)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000040)={0x0, &(0x7f0000000440)=[@uexit={0x0, 0x18, 0x7}, @mrs={0xbe, 0x18, {0x603000000013e643}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x0, 0xa, 0x4281, 0x80, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013e6d7}}, @code={0xa, 0x9c, {"000028d50020000c20e997d200e0b0f2610080d2c20080d2c30080d2e40180d2020000d400fb86d20040b8f2010080d2220080d2230180d2040080d2020000d4000008d5a0f292d20020b8f2e10080d2820080d2a30080d2c40080d2020000d4007008d580d186d20080b8f2810080d2020080d2430180d2040180d2020000d4008008d5000008d5"}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x204}}, @eret={0xe6, 0x18, 0x9}, @svc={0x122, 0x40, {0x200, [0x0, 0xbae, 0xc, 0x8d, 0x1]}}, @mrs={0xbe, 0x18, {0x603000000013e681}}, @smc={0x1e, 0x40, {0x84000011, [0xb, 0x52386e89, 0x4, 0x6, 0x7]}}, @irq_setup={0x46, 0x18, {0x4, 0x26}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x392}}, @eret={0xe6, 0x18, 0x4}, @uexit={0x0, 0x18, 0x1}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x3, 0x0, 0x2, 0x3, 0x3}}, @uexit={0x0, 0x18, 0x8000}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x280, 0x9, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x2, 0x8, 0x0, 0x1, 0x3}}, @eret={0xe6, 0x18, 0x9}, @smc={0x1e, 0x40, {0x4000000, [0x2, 0x6, 0x9, 0x80, 0x2]}}], 0x344}, &(0x7f00000000c0)=[@featur1={0x1, 0x1}], 0x1) (async)
r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="82000000000000000000000000000000010000000000000001000000000000000173"], 0x28}, 0x0, 0x0) (async)
syz_kvm_vgic_v3_setup(r9, 0x1, 0x100) (async)
ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000100)={0x8, <r12=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000}) (async)
ioctl$KVM_RUN(r11, 0xae80, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x2, 0x4102932, 0xffffffffffffffff, 0x0) (async)
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x1, 0x0})

41.446157852s ago: executing program 0 (id=378):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x40) (async)
r2 = eventfd2(0x0, 0x801)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async, rerun: 32)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="fb52456008000010000000008100cd30f00715f86636545744c404000000006abf47d90000000000000000000000000000000000000000fff900", 0x0, 0x48) (async, rerun: 32)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4020ae46, 0x0) (async)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, <r6=>0xffffffffffffffff, 0x1})
write$eventfd(r6, &(0x7f00000001c0), 0xff3c) (async, rerun: 32)
r7 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async, rerun: 32)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2)
ioctl$KVM_ARM_VCPU_INIT(r10, 0x4020aeae, &(0x7f0000000080)={0x5, 0x4})
ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000180)=@arm64_fw={0x6030000000140000, &(0x7f00000001c0)=0x1}) (async, rerun: 64)
syz_kvm_vgic_v3_setup(r7, 0x1, 0x40) (rerun: 64)
r11 = eventfd2(0x0, 0x0) (async)
r12 = eventfd2(0x8001, 0x0)
ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f00000000c0)={r12, 0x1, 0x2, r11})
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r14, 0x4020ae46, &(0x7f0000000100)={0x0, 0x1, 0x10000000000, 0xa00, &(0x7f0000fff000/0x1000)=nil})
r15 = eventfd2(0x80000000, 0x1)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000002c0)={r2, 0x1, 0x2, r15}) (async)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000140)={r12, 0x1, 0x0, r15})

38.618179389s ago: executing program 1 (id=379):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000080)={0x5, 0x99})
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x3000000, 0x4f831, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00006b5000/0x2000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000647000/0x1000)=nil, 0x1000)
munmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000001c0)=@attr_pmu_irq={0x0, 0x0, 0x0, 0x0})
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x101041, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)

31.328410989s ago: executing program 0 (id=380):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async)
r3 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000080)={0x5}) (async)
ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000140)=@arm64_sys={0x603000000013df11, &(0x7f0000000180)=0x8001})
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000280)=@arm64_sve_vls={0x606000000015ffff, &(0x7f0000000240)=0x9})
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r5, 0x4018aee2, &(0x7f0000000100)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f00000000c0)=0xea}) (async)
r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="6e0000000000000030000000000000000010080800000000d0ff00000000000003000000000000000100000000000000"], 0x30}, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, <r7=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

30.289060451s ago: executing program 1 (id=381):
r0 = openat$kvm(0x0, &(0x7f0000000200), 0x9e9483, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00000001c0)={0x8, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)=@arm64={0x6, 0x8, 0x77, '\x00', 0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="820000000000000000000000000000000100000000000000010000000000000001"], 0x28}, 0x0, 0x0)
syz_kvm_vgic_v3_setup(r6, 0x1, 0x100)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000100)={0x8, <r9=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x2, 0x4102932, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000000)=0xc000000000000000})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, &(0x7f0000000000)={0x5, 0xa})
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)={0x5, 0x0, [{0x9, 0x5, 0x0, 0x0, @msi={0x8, 0x800, 0x7ff, 0x200}}, {0xf, 0x1, 0x1, 0x0, @adapter={0x8, 0x437e5c20, 0x81, 0x9, 0x1}}, {0x80000001, 0x5, 0x0, 0x0, @adapter={0x100000000, 0x1000000, 0x8, 0x5, 0x7}}, {0x5, 0x3, 0x1, 0x0, @sint={0x200000, 0xc}}, {0xf, 0x2, 0x0, 0x0, @irqchip={0xfffffff7, 0x7fff}}]})
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000180)=@arm64_bitmap={0x6030000000160003, &(0x7f0000000140)=0x7})

23.088514711s ago: executing program 0 (id=382):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000040)={0x1, 0x1, 0x5000, 0x2000, &(0x7f0000fa2000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x1000, &(0x7f0000d63000/0x1000)=nil})
ioctl$KVM_CREATE_DEVICE(r6, 0xc018aec0, &(0x7f0000000040)={0x6})
r7 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000bfd000/0x400000)=nil)
r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000b80)={0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1e000000000000004000000000000000040000c4000000009a"], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1)
syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x0, 0x280000f, 0x10, r9, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000380)="f30149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a3ff7fbc51869be2e2e0000000000000f000000000000000001000000000000000000000000000e00", 0x0, 0x34)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0)
close(r2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0x6, &(0x7f0000000180), 0x525e02, 0x0)
mmap$KVM_VCPU(&(0x7f0000fc0000/0x3000)=nil, 0x930, 0x2000000, 0x11, r8, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r14 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0xa)
ioctl$KVM_ARM_VCPU_INIT(r14, 0x4020aeae, &(0x7f00000000c0)={0x5, 0x1f})
ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f0000000140)=@arm64_sys={0x603000000013c00a, &(0x7f0000000040)=0x9})

18.088178343s ago: executing program 1 (id=383):
r0 = syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r1, 0x4068aea3, &(0x7f0000000000))
r2 = eventfd2(0x7, 0x800)
r3 = eventfd2(0x6570, 0x80801)
ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000080)={r2, 0xd, 0x2, r3})
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f00000000c0)={0x2000, 0x101000})
ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f0000000140)=@attr_other={0x0, 0x6000, 0x5, &(0x7f0000000100)=0x1})
eventfd2(0x3, 0x80800)
r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_PRE_FAULT_MEMORY(r5, 0xc040aed5, &(0x7f0000000180))
r6 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000700)={0x0, &(0x7f00000001c0)=[@its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x2, 0xc, 0x6, 0x635, 0x1}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x23e}}, @memwrite={0x6e, 0x30, @generic={0xdddd0000, 0xc70, 0x1000}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x0, 0xa, 0x2, 0x2}}, @eret={0xe6, 0x18, 0x10001}, @svc={0x122, 0x40, {0xc4000010, [0x1, 0x8, 0xd3, 0x3, 0x81]}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x1e4}}, @irq_setup={0x46, 0x18, {0x1, 0x140}}, @uexit={0x0, 0x18, 0x8}, @code={0xa, 0x84, {"000008d5000008d5000000350000709e008020c8e09489d200e0b8f2e10080d2c20180d2430180d2040080d2020000d460039cd200a0b0f2a10180d2620080d2a30180d2840080d2020000d4008008d5a00e99d200a0b8f2c10080d2020080d2630180d2240180d2020000d4007008d5"}}, @memwrite={0x6e, 0x30, @generic={0x4000, 0xe80, 0x2}}, @eret={0xe6, 0x18, 0x8}, @code={0xa, 0x84, {"0004007f00000048000028d5004b91d20000b8f2c10080d2e20080d2830080d2c40180d2020000d400b8a17ec0499fd200c0b8f2410080d2a20180d2e30080d2c40080d2020000d4a05284d200c0b8f2410080d2e20080d2c30180d2040180d2020000d4007008d5000028d5007008d5"}}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x2f6}}, @eret={0xe6, 0x18, 0x1}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x3, 0x0, 0x1, 0x6, 0x4}}, @code={0xa, 0xb4, {"007008d580bc80d20020b0f2210180d2820180d2a30080d2c40080d2020000d4007008d500a294d20060b8f2610080d2a20180d2c30180d2c40180d2020000d4403587d20060b0f2c10180d2420180d2830080d2640180d2020000d4007008d500b888d20060b8f2a10180d2220180d2630180d2240080d2020000d4000008d5a02482d20040b0f2810180d2420180d2430180d2840180d2020000d4000008d5"}}, @uexit={0x0, 0x18, 0x1}, @irq_setup={0x46, 0x18, {0x3, 0x3b3}}, @code={0xa, 0x54, {"00a098d200e0b0f2e10180d2a20180d2630080d2040180d2020000d40000001b00a8302e007008d5008008d50060ff0d000028d5008008d5008008d5000020c8"}}, @mrs={0xbe, 0x18, {0x6030000000138076}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x80, 0x5, 0x1}}, @smc={0x1e, 0x40, {0x3000000, [0x10, 0x6, 0x2, 0x2, 0x5]}}, @svc={0x122, 0x40, {0x0, [0x5981b223, 0x1, 0x2, 0x1, 0x20]}}], 0x510}, &(0x7f0000000740)=[@featur1={0x1, 0x2}], 0x1)
ioctl$KVM_DIRTY_TLB(r6, 0x4010aeaa, &(0x7f0000000780)={0x7, 0x3})
close(r1)
syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
close(r5)
r7 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f00000007c0)={0x3, 0xc624})
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000800)={0x10002, 0x1, 0xdddd0000, 0x2000, &(0x7f0000d9f000/0x2000)=nil, 0x40000000000000, r7})
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000f73000/0x2000)=nil, r8, 0x2, 0x20010, r5, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r4, 0x4010ae68, &(0x7f00000008c0)={0x8080000, 0x10000})
ioctl$KVM_SET_SIGNAL_MASK(r7, 0x4004ae8b, &(0x7f0000000900)={0x31, "bd337f5fab412c5bee5906626346d0870e8e8e12abe7d05b4bffd03afc35ec9eecd794c792fe159f04b0ef307d0eef99a5"})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000940), 0x232600, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f00000009c0)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000980)=0x3})
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000000a40)=@attr_other={0x0, 0x3, 0x0, &(0x7f0000000a00)=0x1})
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000a80)={0x8, 0xffffffffffffffff, 0x1})

11.009630573s ago: executing program 1 (id=384):
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x8080000})
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000d5a000/0x2000)=nil, r4, 0x4, 0x110, r3, 0x0)
syz_kvm_vgic_v3_setup(r1, 0x1, 0x100)
r5 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, r8, 0x3000011, 0x2012, r7, 0x0)
close(0x5)
close(0x4)
munmap(&(0x7f0000c00000/0x400000)=nil, 0x400000)
mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r10 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r1, 0x4010aeb5, &(0x7f0000000000)={0x7, 0x8})
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r11 = openat$kvm(0x0, &(0x7f0000000040), 0x41c0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_ARM_VCPU_FINALIZE(r9, 0x4004aec2, &(0x7f0000000040)=0x4)
ioctl$KVM_CHECK_EXTENSION_VM(r12, 0xae03, 0xaa)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10.069390377s ago: executing program 0 (id=385):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) (async)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1e000000000000004000000000000000000000efc54510000000000000000000000000010000000000000002000000000000005503000000000000040000000000000032000000000000004000000000000000000000ef0000000000000000000000000100000000000000020000000000000003000000000000000400000000000000b5ecd3024a0badb086f90d4c3a1a61331453700b568a3e251f809d7cabbddaae65a0885c50ee90e65711f272078dc6fe3fdfbda4d1471c88f280f72ae5cf8c2d8307a05c1565d4c7405eda77f8916d977eabf5d55cf1d61587b95b2614096c7a8a45a5d0988cedbdc0bc6bee8b40bcc604b1d4a075d0c6b1b27e1f7b626d38da62d5a6b450f93933d468622ea8cc2a2ce7163ea13ce23245cd78239d22b76a46545aa32b4200a0e6159ae779153ca4179e9619c88b52795143f34857578a87ac020fb6f4f9a34952b77ee6f832"], 0x80}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x909483, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_cpu$arm64(r4, 0xffffffffffffffff, &(0x7f0000001000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
r5 = mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) (async)
r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x9, 0x2}})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000c00000/0x400000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
ioctl$KVM_CAP_ARM_USER_IRQ(r7, 0x4068aea3, &(0x7f00000001c0)) (async)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) (async)
close(0x4) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

766.186667ms ago: executing program 0 (id=386):
r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0xac)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ARM_SET_COUNTER_OFFSET(r3, 0x4010aeb5, &(0x7f0000000100)={0x40, 0x8})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000040)=@arm64={0x72, 0x0, 0xc, '\x00', 0x8}) (async, rerun: 64)
ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) (rerun: 64)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_GET_ONE_REG(r7, 0x8000ae8c, 0x0) (async, rerun: 64)
ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, 0x0) (async, rerun: 64)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_init) (async)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$arm64(r8, r4, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000240)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xffe8, 0x7, 0x4}}, @eret={0xe6, 0x18, 0x8}, @smc={0x1e, 0x40, {0x0, [0x2cace444, 0x7fff, 0x1, 0x5, 0x7]}}, @mrs={0xbe, 0x18, {0x6030000000138057}}, @irq_setup={0x46, 0x18, {0x3, 0x153}}], 0xb8}], 0x1, 0x0, &(0x7f0000000080)=[@featur2={0x1, 0x30}], 0x1)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

0s ago: executing program 1 (id=387):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="be00180000000000000040df131000003060"], 0x18}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000140)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000000)=0x2}) (async)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r4, 0x3, 0x11, r3, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
syz_kvm_assert_syzos_uexit$arm64(r5, 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

[  382.829089][ T3132] 8021q: adding VLAN 0 to HW filter on device bond0
[  435.313953][ T3132] eql: remember to turn off Van-Jacobson compression on your slave devices
Warning: Permanently added '[localhost]:18424' (ED25519) to the list of known hosts.
[  593.028487][   T25] audit: type=1400 audit(592.180:60): avc:  denied  { name_bind } for  pid=3281 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  594.500621][   T25] audit: type=1400 audit(593.660:61): avc:  denied  { execute } for  pid=3282 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  594.530129][   T25] audit: type=1400 audit(593.680:62): avc:  denied  { execute_no_trans } for  pid=3282 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  615.599998][   T25] audit: type=1400 audit(614.760:63): avc:  denied  { mounton } for  pid=3282 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  615.634086][   T25] audit: type=1400 audit(614.790:64): avc:  denied  { mount } for  pid=3282 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  615.716235][ T3282] cgroup: Unknown subsys name 'net'
[  615.768948][   T25] audit: type=1400 audit(614.920:65): avc:  denied  { unmount } for  pid=3282 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  616.158983][ T3282] cgroup: Unknown subsys name 'cpuset'
[  616.260879][ T3282] cgroup: Unknown subsys name 'rlimit'
[  617.248481][   T25] audit: type=1400 audit(616.410:66): avc:  denied  { setattr } for  pid=3282 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  617.267446][   T25] audit: type=1400 audit(616.420:67): avc:  denied  { mounton } for  pid=3282 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  617.294049][   T25] audit: type=1400 audit(616.450:68): avc:  denied  { mount } for  pid=3282 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  618.471128][ T3285] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[  618.491863][   T25] audit: type=1400 audit(617.650:69): avc:  denied  { relabelto } for  pid=3285 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  618.520278][   T25] audit: type=1400 audit(617.680:70): avc:  denied  { write } for  pid=3285 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[  618.688925][   T25] audit: type=1400 audit(617.840:71): avc:  denied  { read } for  pid=3282 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  618.704914][   T25] audit: type=1400 audit(617.860:72): avc:  denied  { open } for  pid=3282 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  618.754206][ T3282] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  666.870835][   T25] audit: type=1400 audit(666.030:73): avc:  denied  { execmem } for  pid=3286 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  670.621491][   T25] audit: type=1400 audit(669.780:74): avc:  denied  { read } for  pid=3288 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  670.651676][   T25] audit: type=1400 audit(669.800:75): avc:  denied  { open } for  pid=3288 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  670.787941][   T25] audit: type=1400 audit(669.940:76): avc:  denied  { mounton } for  pid=3290 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  671.322999][   T25] audit: type=1400 audit(670.450:77): avc:  denied  { module_request } for  pid=3290 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  672.929907][   T25] audit: type=1400 audit(672.090:78): avc:  denied  { sys_module } for  pid=3290 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  701.289898][ T3288] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  702.078740][ T3288] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  702.227263][ T3290] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  703.039560][ T3290] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  717.676834][ T3288] hsr_slave_0: entered promiscuous mode
[  717.702597][ T3288] hsr_slave_1: entered promiscuous mode
[  718.639762][ T3290] hsr_slave_0: entered promiscuous mode
[  718.673651][ T3290] hsr_slave_1: entered promiscuous mode
[  718.728053][ T3290] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  718.733405][ T3290] Cannot create hsr debugfs directory
[  724.034298][   T25] audit: type=1400 audit(723.190:79): avc:  denied  { create } for  pid=3288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  724.107609][   T25] audit: type=1400 audit(723.260:80): avc:  denied  { write } for  pid=3288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  724.119294][   T25] audit: type=1400 audit(723.260:81): avc:  denied  { read } for  pid=3288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  724.263451][ T3288] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  724.711907][ T3288] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  724.992149][ T3288] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  725.273333][ T3288] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  726.710665][ T3290] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  726.897821][ T3290] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  727.054787][ T3290] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  727.259804][ T3290] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  739.992226][ T3288] 8021q: adding VLAN 0 to HW filter on device bond0
[  742.089804][ T3290] 8021q: adding VLAN 0 to HW filter on device bond0
[  798.683717][ T3288] veth0_vlan: entered promiscuous mode
[  799.101409][ T3288] veth1_vlan: entered promiscuous mode
[  801.140350][ T3288] veth0_macvtap: entered promiscuous mode
[  801.254931][ T3290] veth0_vlan: entered promiscuous mode
[  801.614279][ T3288] veth1_macvtap: entered promiscuous mode
[  802.060265][ T3290] veth1_vlan: entered promiscuous mode
[  803.760137][ T3288] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  803.764927][ T3288] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  803.780047][ T3288] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  803.787204][ T3288] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  804.603921][ T3290] veth0_macvtap: entered promiscuous mode
[  805.242932][ T3290] veth1_macvtap: entered promiscuous mode
[  806.558463][   T25] audit: type=1400 audit(805.660:82): avc:  denied  { mount } for  pid=3288 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  806.783444][   T25] audit: type=1400 audit(805.940:83): avc:  denied  { mounton } for  pid=3288 comm="syz-executor" path="/syzkaller.zA88eF/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  807.022071][   T25] audit: type=1400 audit(806.170:84): avc:  denied  { mount } for  pid=3288 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  807.347330][   T25] audit: type=1400 audit(806.500:85): avc:  denied  { mounton } for  pid=3288 comm="syz-executor" path="/syzkaller.zA88eF/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  807.470604][   T25] audit: type=1400 audit(806.630:86): avc:  denied  { mounton } for  pid=3288 comm="syz-executor" path="/syzkaller.zA88eF/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3241 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  807.688318][ T3290] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  807.692827][ T3290] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  807.704029][ T3290] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  807.714362][ T3290] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  808.139198][   T25] audit: type=1400 audit(807.300:87): avc:  denied  { unmount } for  pid=3288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  808.347262][   T25] audit: type=1400 audit(807.500:88): avc:  denied  { mounton } for  pid=3288 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  808.504790][   T25] audit: type=1400 audit(807.660:89): avc:  denied  { mount } for  pid=3288 comm="syz-executor" name="/" dev="gadgetfs" ino=3249 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  808.849818][   T25] audit: type=1400 audit(807.950:90): avc:  denied  { mount } for  pid=3288 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  808.902051][   T25] audit: type=1400 audit(808.060:91): avc:  denied  { mounton } for  pid=3288 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  810.410700][ T3288] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  815.196818][   T25] kauditd_printk_skb: 4 callbacks suppressed
[  815.206603][   T25] audit: type=1400 audit(814.350:96): avc:  denied  { read } for  pid=3446 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  815.317065][   T25] audit: type=1400 audit(814.420:97): avc:  denied  { open } for  pid=3446 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  815.627752][   T25] audit: type=1400 audit(814.780:98): avc:  denied  { ioctl } for  pid=3446 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  817.186635][   T25] audit: type=1400 audit(816.320:99): avc:  denied  { append } for  pid=3446 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  819.590438][   T25] audit: type=1400 audit(818.740:100): avc:  denied  { write } for  pid=3446 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  862.019611][   T25] audit: type=1400 audit(861.170:101): avc:  denied  { execute } for  pid=3474 comm="syz.1.8" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4043 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  912.560137][ T3518] kvm [3518]: Failed to find VMA for hva 0x20c01000
[  936.304177][ T3537] kvm [3537]: Failed to find VMA for hva 0x20c01000
[  936.344861][ T3536] kvm [3536]: Failed to find VMA for hva 0x20c01000
[ 1086.759987][ T3642] KVM: debugfs: duplicate directory 3642-5
[ 1166.569177][   T25] audit: type=1400 audit(1165.720:102): avc:  denied  { setattr } for  pid=3682 comm="syz.0.69" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1273.538788][ T3761] kvm [3761]: Failed to find VMA for hva 0x21016000
[ 1319.554713][ T3787] kvm [3787]: Failed to find VMA for hva 0x208a1000
[ 1328.859226][   T25] audit: type=1400 audit(1328.010:103): avc:  denied  { ioctl } for  pid=3791 comm="syz.1.100" path="net:[4026531840]" dev="nsfs" ino=4026531840 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1404.810392][ T3830] kvm [3830]: Failed to find VMA for hva 0x20c01000
[ 1462.240961][ T3867] kvm [3867]: Failed to find VMA for hva 0x2101a000
[ 1534.537415][ T3909] debugfs: File 'vgic-its-state@8080000' in directory '3909-4' already present!
[ 1694.122047][ T4010] kvm [4009]: Unsupported guest CP15 access at: 00000100 [000001d3]
[ 1694.122047][ T4010]  { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read },
[ 1694.140240][ T4010] kvm [4009]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 1694.140240][ T4010]  { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read },
[ 1694.181855][ T4010] kvm [4009]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 1694.181855][ T4010]  { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read },
[ 1694.240722][ T4010] kvm [4009]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 1694.240722][ T4010]  { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read },
[ 1694.281397][ T4010] kvm [4009]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 1694.281397][ T4010]  { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read },
[ 1694.319231][ T4010] kvm [4009]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 1694.319231][ T4010]  { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read },
[ 1694.351223][ T4010] kvm [4009]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 1694.351223][ T4010]  { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read },
[ 1694.390279][ T4010] kvm [4009]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 1694.390279][ T4010]  { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read },
[ 1694.439665][ T4010] kvm [4009]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 1694.439665][ T4010]  { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read },
[ 1694.458123][ T4010] kvm [4009]: Unsupported guest CP15 access at: 00000100 [000001db]
[ 1694.458123][ T4010]  { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read },
[ 1694.961663][ T4010] kvm [4010]: Failed to find VMA for hva 0x20000000
[ 1817.056987][ T4099] kvm [4099]: Failed to find VMA for hva 0x20d8d000
[ 2009.860519][ T4229] kvm [4229]: Failed to find VMA for hva 0x20c01000
[ 2247.307268][ T4391] kvm [4391]: Failed to find VMA for hva 0x20c01000
[ 2268.296417][   T25] audit: type=1400 audit(2267.450:104): avc:  denied  { execute } for  pid=4406 comm="syz.1.280" path=2F3134322F10FBFF67525673312B0104 dev="tmpfs" ino=729 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 2291.034933][ T4418] KVM: debugfs: duplicate directory 4418-8
[ 2291.299175][ T4418] KVM: debugfs: duplicate directory 4418-8
[ 2356.738508][ T4459] kvm [4457]: Unsupported guest access at: eeef0000
[ 2356.738508][ T4459]  { Op0( 2), Op1( 7), CRn(15), CRm(13), Op2( 1), func_write },
[ 2773.934127][ T4740] ------------[ cut here ]------------
[ 2773.935024][ T4740] WARNING: CPU: 0 PID: 4740 at arch/arm64/kvm/inject_fault.c:63 pend_sync_exception+0x198/0x5ac
[ 2773.938980][ T4740] Modules linked in:
[ 2773.941911][ T4740] CPU: 0 UID: 0 PID: 4740 Comm: syz.0.386 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT 
[ 2773.945611][ T4740] Hardware name: linux,dummy-virt (DT)
[ 2773.947072][ T4740] pstate: 81402009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
[ 2773.948458][ T4740] pc : pend_sync_exception+0x198/0x5ac
[ 2773.949618][ T4740] lr : pend_sync_exception+0x198/0x5ac
[ 2773.950728][ T4740] sp : ffff80008ed378c0
[ 2773.951676][ T4740] x29: ffff80008ed378c0 x28: 00000000000000cb x27: cbf00000176ddb28
[ 2773.953682][ T4740] x26: 00000000000000cb x25: 0000000000000001 x24: 0000000000000000
[ 2773.955447][ T4740] x23: 0000000000000000 x22: 00000000000000cb x21: cbf00000176de701
[ 2773.957075][ T4740] x20: 0000000000000007 x19: efff800000000000 x18: 0000000000000000
[ 2773.958815][ T4740] x17: 0000000000000004 x16: ffff800080011d9c x15: 0000000020000040
[ 2773.960607][ T4740] x14: ffffffffffffffff x13: 0000000000000028 x12: 0000000000000010
[ 2773.962297][ T4740] x11: 10f000001d835064 x10: 0000000000ff0100 x9 : 0000000000000000
[ 2773.964169][ T4740] x8 : 10f000001d833b00 x7 : ffff800080b08704 x6 : ffff80008ed37a88
[ 2773.965878][ T4740] x5 : ffff80008ed37a88 x4 : 0000000000000001 x3 : ffff8000801a2e80
[ 2773.967503][ T4740] x2 : 0000000000000000 x1 : 0000000000000002 x0 : 0000000000000000
[ 2773.969453][ T4740] Call trace:
[ 2773.970573][ T4740]  pend_sync_exception+0x198/0x5ac (P)
[ 2773.972050][ T4740]  __kvm_inject_sea+0x268/0x96c
[ 2773.973173][ T4740]  kvm_inject_sea+0x98/0x72c
[ 2773.974277][ T4740]  __kvm_arm_vcpu_set_events+0x134/0x238
[ 2773.975435][ T4740]  kvm_arch_vcpu_ioctl+0xed8/0x16b0
[ 2773.976583][ T4740]  kvm_vcpu_ioctl+0x5c4/0xc2c
[ 2773.977744][ T4740]  __arm64_sys_ioctl+0x18c/0x244
[ 2773.978698][ T4740]  invoke_syscall+0x90/0x2b4
[ 2773.979780][ T4740]  el0_svc_common+0x180/0x2f4
[ 2773.980918][ T4740]  do_el0_svc+0x58/0x74
[ 2773.981866][ T4740]  el0_svc+0x58/0x160
[ 2773.982846][ T4740]  el0t_64_sync_handler+0x78/0x108
[ 2773.983891][ T4740]  el0t_64_sync+0x198/0x19c
[ 2773.985098][ T4740] irq event stamp: 1894
[ 2773.985958][ T4740] hardirqs last  enabled at (1893): [<ffff80008653cb88>] _raw_read_unlock_irqrestore+0x44/0xbc
[ 2773.987394][ T4740] hardirqs last disabled at (1894): [<ffff800086517e08>] el1_dbg+0x24/0x80
[ 2773.988752][ T4740] softirqs last  enabled at (1860): [<ffff8000800c988c>] local_bh_enable+0x10/0x34
[ 2773.990127][ T4740] softirqs last disabled at (1858): [<ffff8000800c9858>] local_bh_disable+0x10/0x34
[ 2773.991615][ T4740] ---[ end trace 0000000000000000 ]---
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 2791.132705][ T4030] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2791.920114][ T4030] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2792.723156][ T4030] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2793.359660][ T4030] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2800.872943][ T4030] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2801.091469][ T4030] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2801.251325][ T4030] bond0 (unregistering): Released all slaves
[ 2802.920880][ T4030] hsr_slave_0: left promiscuous mode
[ 2803.046334][ T4030] hsr_slave_1: left promiscuous mode
[ 2803.680568][ T4030] veth1_macvtap: left promiscuous mode
[ 2803.686108][ T4030] veth0_macvtap: left promiscuous mode
[ 2803.722327][ T4030] veth1_vlan: left promiscuous mode
[ 2803.730945][ T4030] veth0_vlan: left promiscuous mode

VM DIAGNOSIS:
23:40:21  Registers:
info registers vcpu 0

CPU#0
 PC=ffff8000804516b8 X00=0000000000000000 X01=ffff8000872b1fa2
X02=0000000000000008 X03=0000000000000002 X04=0000000000000000
X05=0000000000000001 X06=0000000000000000 X07=ffff800080488668
X08=00000000000003c0 X09=0000000000000000 X10=0000000000000010
X11=ffff800087f39a30 X12=fff000001d833b08 X13=0000000000000003
X14=0000000000000000 X15=ffff800087f39a30 X16=ffff800080011d9c
X17=0000000000000004 X18=0000000000000000 X19=0000000000000000
X20=0000000000000000 X21=ffff800080488668 X22=ffff800087706128
X23=0000000000000002 X24=0000000000000000 X25=0000000000000001
X26=ffff800087666580 X27=00000000000003c0 X28=0000000000000000
X29=ffff80008ed37110 X30=ffff800080451698  SP=ffff80008ed370c0
PSTATE=604023c9 -ZC- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=0000000000000000:0000000000000000 Z01=0000ffffe370f7c0:5b274a10f37a3f00
Z02=0000ffffe370f7a0:ffffff80ffffffd8 Z03=0000ffffe370f850:0000ffffe370f850
Z04=0000ffffe370f850:0000ffffaaf36d08 Z05=0000ffffe370f820:0000ffffe370f850
Z06=6edc4d3a2914b135:d8e9c869e2695c88 Z07=b20fae707afde253:388e9c6c4fa85ca0
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000ffffe370fa70:0000ffffe370fa70 Z17=ffffff80ffffffd0:0000ffffe370fa40
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000