last executing test programs: 51m7.008003871s ago: executing program 0 (id=87): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000000)={0x35, 0xb000, 0x4, 0xffffffffffffffff, 0x5}) r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f0000000040)=[@code={0xa, 0x84, {"000028d5007008d5601999d20000b8f2410180d2a20180d2230080d2440180d2020000d4000028d500f4006f007008d500a0202e80cf99d200c0b8f2210080d2020180d2430080d2440180d2020000d4c0df8fd200c0b0f2a10180d2620080d2c30080d2c40180d2020000d4007008d5"}}, @msr={0x14, 0x20, {0x603000000013dce4, 0x8000}}], 0xa4}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2b) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dcf0, 0x7fff}}], 0x20}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x1}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r10, 0xfffffffffffffffd, 0x60) ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r12, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 51m6.152620524s ago: executing program 1 (id=88): r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0xa000, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x30) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000a9c000/0x400000)=nil) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0x801c581f, 0x0) r5 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000b80)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000300)=@arm64_extra={0x603000000013c034, &(0x7f00000002c0)=0x9}) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2d) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000100)={0x4, 0xffffffffffffffff}) ioctl$KVM_HAS_DEVICE_ATTR(r9, 0x4018aee3, &(0x7f0000000140)=@attr_arm64={0x0, 0x1, 0x1, 0x0}) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000000)=0x9}) 50m45.405800044s ago: executing program 1 (id=89): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000000)=@riscv64_sbi_sta={0x803000000a000001, &(0x7f0000000180)=0xf}) r7 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bfe000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000000)={0x0, 0x0}, &(0x7f00000000c0)=[@featur1={0x1, 0x5}], 0x1) r9 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000b80)={0x0, &(0x7f0000000100)=[@smc={0x1e, 0x40, {0x84000003, [0x80000000000000, 0x20053960c3d, 0xac6, 0x6, 0x7fffffffffffffff]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r9, 0xae80, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x40000000000) r11 = openat$kvm(0x0, &(0x7f00000002c0), 0x4a080, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x2) r13 = syz_kvm_vgic_v3_setup(r12, 0x1, 0x40) r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r14, 0xc0189436, 0x172) ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x2, 0x1, 0xffffffffffffffff}) ioctl$KVM_ARM_PREFERRED_TARGET(r10, 0x8020aeaf, &(0x7f0000000080)) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r15 = mmap$KVM_VCPU(&(0x7f0000d40000/0x1000)=nil, 0x0, 0x1000006, 0x4000010, r9, 0x0) r16 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x4) ioctl$KVM_CREATE_DEVICE(r16, 0xc00caee0, &(0x7f0000000200)={0x3}) munmap$KVM_VCPU(r15, 0x6) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000140)=@arm64_sys={0x603000000013dea7, 0x0}) 50m44.073087827s ago: executing program 0 (id=90): openat$kvm(0x0, &(0x7f0000000080), 0x40000, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x40000, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000140), 0x206a02, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) eventfd2(0xeffffffd, 0x801) ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x58) ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, 0x0) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0xa8200, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x27) syz_kvm_vgic_v3_setup(r6, 0x4, 0x1a0) (async) syz_kvm_vgic_v3_setup(r6, 0x4, 0x1a0) eventfd2(0x2, 0x80000) (async) r7 = eventfd2(0x2, 0x80000) eventfd2(0xf, 0x80001) (async) r8 = eventfd2(0xf, 0x80001) ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000000100)={r8, 0x0, 0x2, r7}) ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000000000)={r7, 0x8, 0x2, r7}) (async) ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000000000)={r7, 0x8, 0x2, r7}) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) close(0x4) (async) close(0x4) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CLEAR_DIRTY_LOG(r9, 0xc018aec0, &(0x7f0000000780)={0x1, 0x100, 0x200, 0x0}) r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x8, 0x4, &(0x7f0000000000)=0xf}) 50m35.597991052s ago: executing program 1 (id=91): mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f0000000040)={0x10003, 0x0, &(0x7f0000f7c000/0x4000)=nil}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000280)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000000)={0x1ff, 0x4}}) 50m35.270392127s ago: executing program 0 (id=92): r0 = openat$kvm(0x0, &(0x7f0000000240), 0x3030c0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = eventfd2(0xffff10c0, 0x801) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000100)={0xf0b, 0x8080000, 0x8, r4}) (async) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000100)={0xf0b, 0x8080000, 0x8, r4}) syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0) (async) r5 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r2, 0x1, 0x100) (async) syz_kvm_vgic_v3_setup(r2, 0x1, 0x100) syz_kvm_setup_cpu$arm64(r2, r5, &(0x7f0000a6e000/0x400000)=nil, &(0x7f00000004c0)=[{0x0, &(0x7f0000000540)=[@its_setup={0x82, 0x28, {0x0, 0x2, 0x16c}}, @svc={0x122, 0x40, {0x8400000c, [0xff, 0x401, 0x0, 0x8, 0xffffffffffffdde5]}}, @uexit={0x0, 0x18, 0x8}, @uexit={0x0, 0x18, 0xdad}, @uexit={0x0, 0x18, 0x6}, @msr={0x14, 0x20, {0x603000000013e18c, 0x100000000003}}, @hvc={0x32, 0x40, {0xc4000010, [0x8, 0x5, 0x9, 0x1, 0x390ec104]}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x145}}], 0x138}], 0x1, 0x0, &(0x7f0000000500)=[@featur2={0x1, 0x68}], 0x1) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r5, 0xae80, 0x0) r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x8, 0x6, 0x2}}], 0x30}, &(0x7f0000000300)=[@featur2], 0x1) r10 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) (async) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r11, 0x4068aea3, &(0x7f0000000040)={0xdf, 0x0, 0x800}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r9, 0xae80, 0x0) (async) ioctl$KVM_RUN(r9, 0xae80, 0x0) 50m29.570384053s ago: executing program 1 (id=93): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001640), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xea) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x80003b) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000000)={0x6, 0x9da}) 50m25.620928672s ago: executing program 0 (id=94): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@msr={0x14, 0x20, {0x603000000013e7fc, 0x8000}}], 0x20}, 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0xae) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 50m24.043815838s ago: executing program 1 (id=95): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1}) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f00000000c0)=@arm64_fw={0x6030000000140000, &(0x7f0000000180)=0x7}) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) mmap$KVM_VCPU(&(0x7f00003e6000/0x4000)=nil, r5, 0x3000000, 0x100010, r3, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f000036d000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x0, 0x10000000004}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000005}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000000)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r7, 0xae80, 0x0) 50m16.775427045s ago: executing program 0 (id=96): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x1, 0x6000, 0x9fff, 0xffffffffffffffff, 0x8}) r2 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x313f7941e11513fa, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) (async, rerun: 64) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x62200, 0x0) (async, rerun: 64) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000140)={0x0, &(0x7f0000000200)=[@smc={0x1e, 0x40, {0x86000000, [0x0, 0x1, 0x2, 0x3, 0x4]}}], 0x40}, 0x0, 0x0) (async) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2) close(r11) (async) ioctl$KVM_RUN(r8, 0xae80, 0x0) (async, rerun: 64) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, r4, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (rerun: 64) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) r12 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x5) ioctl$KVM_SET_DEVICE_ATTR_vm(r12, 0x4018aee1, &(0x7f0000000080)=@attr_other={0x0, 0x2ea3, 0xfffffffffffffff7, &(0x7f0000000000)=0x4}) 50m15.057894866s ago: executing program 1 (id=97): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x25) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x12) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000b80)={0x0, 0x0}, &(0x7f0000000340)=[@featur2={0x1, 0x4}], 0x1) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000140)=@arm64_fw={0x6030000000140000, &(0x7f0000000180)=0x2}) r9 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000b80), &(0x7f0000000100)=[@featur1={0x1, 0x52}], 0x1) ioctl$KVM_RUN(r9, 0xae80, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x14) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000280)={0x14, 0xff, 0x1}}) syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x4, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x10002, 0x9, 0x0, 0x104, 0x3}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x140) r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x21) r16 = ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x2) r17 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x1000002, 0x11, r16, 0x0) ioctl$KVM_CAP_HALT_POLL(r11, 0x4068aea3, &(0x7f0000000380)={0xb6, 0x0, 0x400001ff}) syz_memcpy_off$KVM_EXIT_HYPERCALL(r17, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r16, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x803, 0x0) 50m6.514185402s ago: executing program 0 (id=98): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f00000001c0)) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x18, {"7f2003d5"}}], 0x18}, 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@msr={0x14, 0x20, {0x603000000013e7fc, 0x8000}}], 0x20}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000140), 0x101000, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r10, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_GET_ONE_REG(r10, 0x4010aeab, &(0x7f00000000c0)=@arm64_core={0x6030000000100032, &(0x7f00000001c0)=0x1}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000100)={0x0, 0x81}) 49m29.300769771s ago: executing program 32 (id=97): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x25) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x12) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000b80)={0x0, 0x0}, &(0x7f0000000340)=[@featur2={0x1, 0x4}], 0x1) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000140)=@arm64_fw={0x6030000000140000, &(0x7f0000000180)=0x2}) r9 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000b80), &(0x7f0000000100)=[@featur1={0x1, 0x52}], 0x1) ioctl$KVM_RUN(r9, 0xae80, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x14) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000280)={0x14, 0xff, 0x1}}) syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x4, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x10002, 0x9, 0x0, 0x104, 0x3}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x140) r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x21) r16 = ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x2) r17 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x1000002, 0x11, r16, 0x0) ioctl$KVM_CAP_HALT_POLL(r11, 0x4068aea3, &(0x7f0000000380)={0xb6, 0x0, 0x400001ff}) syz_memcpy_off$KVM_EXIT_HYPERCALL(r17, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r16, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x803, 0x0) 49m19.572468243s ago: executing program 33 (id=98): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f00000001c0)) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0xa, 0x18, {"7f2003d5"}}], 0x18}, 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@msr={0x14, 0x20, {0x603000000013e7fc, 0x8000}}], 0x20}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000140), 0x101000, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r10, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_GET_ONE_REG(r10, 0x4010aeab, &(0x7f00000000c0)=@arm64_core={0x6030000000100032, &(0x7f00000001c0)=0x1}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000100)={0x0, 0x81}) 41m10.070505578s ago: executing program 2 (id=124): munmap$KVM_VCPU(0x0, 0x1000000000) (async, rerun: 32) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 32) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2d) syz_kvm_vgic_v3_setup(r2, 0x2, 0x3c0) (async) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010024, 0x1}) eventfd2(0x1, 0x801) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x300, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x28) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async) eventfd2(0x8100000, 0x1) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) ioctl$KVM_GET_REG_LIST(r8, 0xc008aeb0, 0x0) r9 = mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x11, r5, 0x40000) syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f00000000c0)="f610f5b33c962b62c00d0914345792dd23a78cdac1300e5e167ce3c540e94f06530dc539e8c1d98289a14446bb8d486f0060cb76b4abc705083f72adeea32830e92b6c89e7b929ff", 0x0, 0x48) (async) r10 = eventfd2(0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000004000/0x4000)=nil, 0x930, 0x0, 0x11, r10, 0x0) (async) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r11, 0xae03, 0xb6) r12 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x3}) (async) ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r14, 0x400454d4, 0x10000000000000) (async) ioctl$KVM_ARM_VCPU_FINALIZE(r5, 0x4004aec2, &(0x7f0000000000)) 40m58.460583022s ago: executing program 2 (id=126): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@irq_setup={0x46, 0x18, {0x3, 0x15c}}], 0x18}, 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xc0189436, 0x20000001) r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r5 = eventfd2(0x0, 0x0) write$eventfd(r5, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = eventfd2(0xfffffffa, 0x80001) ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r9}) syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xe, 0x4c, 0xe, 0x0, 0x0, 0x7f, 0x0, 0x74, 0x23, 0x80, 0x35, 0xfa, 0x0, 0x0, 0x8, 0x3, 0x8, 0x8, 0x6, '\x00', 0xe9, 0x4}) write$eventfd(r12, &(0x7f00000001c0)=0x4, 0x4d) ioctl$KVM_REGISTER_COALESCED_MMIO(r8, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616}) ioctl$KVM_REGISTER_COALESCED_MMIO(r8, 0x4010ae67, &(0x7f0000000180)={0x5000}) r13 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r8, 0x4010ae74, &(0x7f0000000100)={0x847, 0x3, 0x3}) ioctl$KVM_RUN(r13, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0xa}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x24) 40m35.684973305s ago: executing program 2 (id=128): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000480)={0x0, &(0x7f0000000180)=[@eret={0xe6, 0x18, 0x690}, @code={0xa, 0x9c, {"0004805ae0d982d20060b8f2c10180d2c20180d2a30180d2040080d2020000d4608191d20080b8f2610180d2620180d2830080d2040180d2020000d420a39fd200e0b0f2410080d2a20180d2030080d2040180d2020000d4000028d5000008d5007008d5c0ad90d20000b0f2410180d2420180d2230180d2c40180d2020000d4007008d5007008d5"}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x1, 0xa, 0x101, 0x80000001, 0x1}}, @irq_setup={0x46, 0x18, {0x0, 0x315}}, @code={0xa, 0x6c, {"0084600d007008d540e699d20040b8f2810080d2620080d2e30180d2e40080d2020000d4000028d5000008d5000028d500609f0d0000429e00dc202e20ff85d200a0b8f2610080d2220180d2630180d2e40180d2020000d4"}}, @msr={0x14, 0x20, {0x0, 0x8001}}, @memwrite={0x6e, 0x30, @generic={0xe000, 0xd40, 0x6, 0x2}}, @code={0xa, 0xb4, {"007008d5000028d5007008d5c08c96d20040b0f2e10180d2620180d2030180d2240180d2020000d40004002f20f98ad20000b0f2c10080d2a20080d2e30080d2e40180d2020000d480379bd20060b0f2c10180d2220080d2830180d2e40180d2020000d4e0e893d20040b0f2810180d2c20080d2a30080d2e40080d2020000d440868bd20080b8f2410180d2a20180d2030080d2840180d2020000d400a8a17e"}}, @msr={0x14, 0x20, {0x603000000013deec, 0x2}}, @smc={0x1e, 0x40, {0x6000000, [0x4, 0x44, 0x3, 0x2, 0x3]}}], 0x2c4}, &(0x7f00000004c0)=[@featur1={0x1, 0x4}], 0x1) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r8 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r9, 0x3, 0x11, r7, 0x0) mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r9, 0x3, 0x11, r8, 0x0) r10 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, r9, 0xe, 0x10010, r1, 0x0) r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, r11, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5) 40m22.815443444s ago: executing program 2 (id=130): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f0000000100)=[@uexit={0x0, 0x18, 0x8}], 0x18}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2e) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x6) syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f00000002c0)=@arm64_core={0x603000000010003c, &(0x7f0000000240)=0x8000000003b93}) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x27) syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CLEAR_DIRTY_LOG(r10, 0xc018aec0, &(0x7f00000007c0)={0x2, 0x2c0, 0xc0, &(0x7f00000003c0)=[0x9, 0x8, 0xffffffff80000001, 0x6, 0x21e2, 0x1000, 0x800, 0x5, 0x0, 0xa160, 0x8, 0x8, 0xb, 0x80000000, 0x7, 0x8, 0x9e, 0x3, 0x9, 0x0, 0x3, 0x7, 0x1, 0x0, 0x6, 0x0, 0xde0f, 0xc3, 0x80000000, 0x4, 0x4ba0, 0x10000, 0xffffffff, 0x0, 0x7, 0x9, 0x800, 0x5, 0x0, 0x2, 0x7f5, 0x800005, 0x5, 0x2, 0xfffffffffffffff4, 0x3a7d, 0x3, 0x6, 0x8001, 0x1, 0x200, 0xffffffffffffa323, 0x5, 0x6, 0x100, 0x7f, 0x2, 0x2, 0x3, 0x9, 0x7, 0x100000001, 0x6, 0x2, 0x6, 0x196, 0x10001, 0x1, 0x9, 0x10000, 0x8, 0x81, 0x5, 0x7, 0x5, 0x8000, 0x2, 0x304d8a97, 0xff, 0x6, 0x5128, 0x34680000080, 0x7, 0x7d, 0x7, 0x6a7, 0x8001, 0x3, 0xb, 0x200, 0x0, 0x4, 0xcd8, 0x40, 0x5, 0x4, 0x3, 0x100000000, 0xfffffffffffff006, 0x5, 0x6, 0x101, 0x4, 0xcf, 0x10000, 0xcb7, 0x3, 0x7, 0x8, 0x3, 0xffffffffffffffff, 0x8, 0xa, 0x8, 0x4, 0x7fff, 0x4, 0xfffffffffffffff8, 0x2, 0xfffffffffffffff7, 0x100, 0x9, 0x6, 0x26, 0x80000001, 0xc, 0x3, 0x5]}) r11 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x29) r12 = ioctl$KVM_CREATE_GUEST_MEMFD(r11, 0xc040aed4, &(0x7f0000000040)={0x1000200001fe0000, 0x3}) ioctl$KVM_SET_USER_MEMORY_REGION2(r5, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x6000, 0x2000, &(0x7f0000ffc000/0x2000)=nil, 0x100000000000000, r12}) syz_kvm_vgic_v3_setup(r1, 0x0, 0xc0) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x30) ioctl$KVM_SET_GSI_ROUTING(r14, 0x4008ae6a, &(0x7f00000000c0)={0x1, 0x0, [{0xc, 0x2, 0x1, 0x0, @msi={0xebb, 0x394c794c, 0x7f, 0x800}}]}) close(r14) ioctl$KVM_RUN(r3, 0xae80, 0x0) 39m36.481288708s ago: executing program 2 (id=133): r0 = openat$kvm(0x0, &(0x7f0000000000), 0x8100, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$kvm(0xffffffffffffff9c, 0x0, 0x20080, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000100)={0x5, 0x38}) (async) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f00000000c0)=@arm64_sve_vls={0x606000000015ffff, &(0x7f0000000080)=0x10001}) r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000c0c000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_DIRTY_TLB(r4, 0x4010aeaa, &(0x7f00000000c0)={0x3765, 0x3}) (async) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) (async) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000140)={0x4, 0x0, [{0x1, 0x2, 0x1, 0x0, @adapter={0x7, 0x100000000, 0x8, 0x0, 0x7}}, {0x9, 0x2, 0x1, 0x0, @adapter={0xd4ff, 0x6d39, 0x2, 0x0, 0x7f}}, {0x3, 0x0, 0x1, 0x0, @sint={0x6, 0x8000}}, {0x0, 0x0, 0x0, 0x0, @adapter={0x8f9, 0xe808e8f, 0x3f, 0x7, 0x332ccd89}}]}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0x5, 0x3}) (async) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4000ae84, &(0x7f0000000300)={{0x40000, 0x5112230311195ad3, 0x3, 0x81, 0x5b, 0x3, 0x3, 0x8, 0xe, 0x78, 0x43, 0x6}, {0x7f625000, 0xdddd1000, 0x10, 0x81, 0xb, 0x0, 0x0, 0xf2, 0x11, 0xcb, 0x9, 0x18}, {0x40000, 0x100000, 0xc, 0x0, 0xa6, 0x7, 0x2d, 0xf2, 0xa, 0x0, 0x2, 0x4}, {0x26000, 0x54000, 0xa, 0x7e, 0x6, 0x7, 0x5c, 0x9, 0x4, 0x2, 0xe, 0xef}, {0x6000, 0x81c0003, 0x4, 0x1b, 0xf3, 0xa4, 0x0, 0xa, 0x5, 0x2, 0xff}, {0x0, 0x6000, 0x8, 0x7, 0x4, 0x40, 0x8, 0x9, 0x4, 0x9a, 0xd, 0x7}, {0xffff1000, 0x26000, 0xbd6e87c0ceccddee, 0x9, 0x5, 0x8, 0xf6, 0x2, 0x0, 0x5, 0x8, 0x2}, {0x3000, 0xeeee8000, 0xb, 0x6, 0x2, 0xff, 0x5, 0x2, 0x4, 0x1, 0x3, 0x81}, {0x40000, 0x2}, {0x58000, 0xfffd}, 0x40010008, 0x0, 0x58000, 0x200b8, 0xc, 0x1, 0xdddd0000, [0x4, 0x1, 0x81, 0x2]}) (async) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x9b, 0xf, 0x0, 0x3, 0x6, 0x82, 0x46, 0x48, 0x86, 0xdd, 0xd3, 0x0, 0x900001, 0xfffffffc, 0x0, 0x3, 0xa, 0x9, '\x00', 0x1, 0x95}) (async) write$eventfd(r9, &(0x7f00000001c0)=0x3, 0xfdef) r10 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) (async) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) (async) openat$kvm(0x0, 0x0, 0x0, 0x0) (async) r11 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) 39m25.574518273s ago: executing program 2 (id=135): syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2a) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x42002, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f00003af000/0x400000)=nil) eventfd2(0x0, 0x0) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000180)=[@its_setup={0x82, 0x28, {0x5, 0x1, 0x17f}}], 0x28}, 0x0, 0xffffffffffffffd3) syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000240)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r7, 0xae80, 0x0) munmap(&(0x7f0000011000/0xc00000)=nil, 0xc00000) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000000)=@attr_riscv64=@attr_config={0x0, 0x1, 0x0, &(0x7f0000000140)=0x7}) r9 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x20000000001) r10 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x110, r9, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000300)="04198bd844c9e8a7b82d748f0f0244293d28bd940000c2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c8ad3e5952305abf0", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0) r11 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) mmap$KVM_VCPU(&(0x7f0000c41000/0x3000)=nil, 0x930, 0x280000b, 0x2010, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(r11, 0xae01, 0x6) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, 0xffffffffffffffff, 0x0) 38m38.769518526s ago: executing program 34 (id=135): syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2a) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x42002, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x31) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f00003af000/0x400000)=nil) eventfd2(0x0, 0x0) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000180)=[@its_setup={0x82, 0x28, {0x5, 0x1, 0x17f}}], 0x28}, 0x0, 0xffffffffffffffd3) syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000240)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r7, 0xae80, 0x0) munmap(&(0x7f0000011000/0xc00000)=nil, 0xc00000) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000000)=@attr_riscv64=@attr_config={0x0, 0x1, 0x0, &(0x7f0000000140)=0x7}) r9 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x20000000001) r10 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x110, r9, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000300)="04198bd844c9e8a7b82d748f0f0244293d28bd940000c2ed44db9969759357abeb8d85c8e856a4606c2e979f98d67e4ff39fb6df9547f6a9506c610dc37b175c8ad3e5952305abf0", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0) r11 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) mmap$KVM_VCPU(&(0x7f0000c41000/0x3000)=nil, 0x930, 0x280000b, 0x2010, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(r11, 0xae01, 0x6) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, 0xffffffffffffffff, 0x0) 38m29.97633071s ago: executing program 3 (id=138): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x1, 0x8, 0xb, 0x0, 0x2, 0x6, 0x6, 0x9, 0x8, 0x8, 0x6, 0x2, 0x0, 0x6, 0x6, 0xe2, 0x1, 0x29, 0x0, '\x00', 0x10, 0x6}) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c807, &(0x7f0000000280)=0x1}) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r6, &(0x7f00000001c0), 0xf001) 38m18.262808047s ago: executing program 3 (id=139): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x20200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[@its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x3, 0x2, 0xe, 0x6, 0x4}}, @smc={0x1e, 0x40, {0xc400000d, [0x400, 0x1ff, 0x644f, 0x1, 0x2]}}], 0x68}, &(0x7f0000000400)=[@featur1={0x1, 0x18}], 0x1) ioctl$KVM_GET_STATS_FD_cpu(r3, 0xaece) r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x25) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)}) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000180)={0x5000, 0x108000, 0x1}) r6 = openat$kvm(0x0, &(0x7f0000000140), 0x400, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f00000000c0)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x3}) r9 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2) ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000000000)={0x5, 0x4}) ioctl$KVM_RUN(r9, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000000)=0xc000000000000000}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) r10 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000007, 0x4f833, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000800000/0x800000)=nil, 0x800000) r11 = syz_kvm_vgic_v3_setup(r1, 0x3, 0x40) r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r12, 0x4018aee1, &(0x7f0000000080)=@attr_other={0x0, 0xa1f9, 0x100000000, &(0x7f0000000000)=0x7}) ioctl$KVM_ARM_VCPU_INIT(r10, 0x4020aeae, &(0x7f00000000c0)={0x2, 0x20}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000100)=@attr_other={0x0, 0x6, 0x382bc667, &(0x7f0000000140)=0x8004}) r13 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x23) ioctl$KVM_RESET_DIRTY_RINGS(r13, 0xaec7) 37m55.964833464s ago: executing program 3 (id=140): mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x0, 0x100000f, 0x8010, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000100)=@arm64_extra={0x603000000013c036}) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) openat$kvm(0x0, 0x0, 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x400000, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x6, 0xa6, 0x9, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x0, 0x189, 0x0, 0x3, 0x5, 0x8, '\x00', 0x1, 0x96}) write$eventfd(r5, &(0x7f00000001c0)=0x3, 0xfdef) 37m39.550780167s ago: executing program 3 (id=141): ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000140)={0x4, 0x0, [{0x1, 0x2, 0x1, 0x0, @adapter={0x7, 0x100000000, 0x8, 0x0, 0x7}}, {0x9, 0x2, 0x1, 0x0, @adapter={0xd4ff, 0x6d39, 0x2, 0x0, 0x7f}}, {0x3, 0x0, 0x1, 0x0, @sint={0x6, 0x8000}}, {0x0, 0x0, 0x0, 0x0, @adapter={0x8f9, 0xe808e8f, 0x3f, 0x7, 0x332ccd89}}]}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x3}) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4000ae84, &(0x7f0000000300)={{0x40000, 0x5112230311195ad3, 0x3, 0x81, 0x5b, 0xb, 0x81, 0x8, 0xe, 0x78, 0x3, 0x6}, {0x7f625000, 0xdddd1000, 0x10, 0x81, 0xb, 0x0, 0x0, 0xf2, 0x10, 0xcb, 0x9, 0x98}, {0x40000, 0x100000, 0x10, 0x0, 0xa6, 0x7, 0x2d, 0xf2, 0xa, 0x0, 0x2, 0x4}, {0x26000, 0x54000, 0xa, 0x7e, 0x6, 0x7, 0x5c, 0x9, 0x4, 0x2, 0xe, 0xef}, {0x6000, 0x81c0003, 0x4, 0x81, 0xf1, 0xa4, 0x0, 0xa, 0x5, 0x2, 0xff}, {0x0, 0x6000, 0x8, 0x7, 0x4, 0x40, 0x8, 0x9, 0x4, 0x9a, 0x1, 0x7}, {0x26000, 0x26000, 0xbd6e87c0ceccddee, 0x9, 0x5, 0x8, 0xf6, 0xa, 0x0, 0x5, 0x8, 0x2}, {0x8000000, 0x5000, 0x10, 0x6, 0x2, 0x7f, 0x5, 0x5, 0x4, 0x1, 0x6, 0x81}, {0x80a0000, 0x2}, {0x58000, 0xfffd}, 0x40000000, 0x0, 0x58000, 0x200b8, 0xf, 0x1, 0xdddd0000, [0xffffffff, 0x1, 0x81, 0x2]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x9b, 0xf, 0x0, 0x5, 0x8, 0x82, 0x46, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x900001, 0x0, 0x0, 0x3, 0xa, 0x8, '\x00', 0x1, 0x93}) write$eventfd(r2, &(0x7f00000001c0)=0x3, 0xfdef) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000ec2000/0x3000)=nil, 0x930, 0xf, 0x13, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) 37m30.986778045s ago: executing program 3 (id=142): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r1, 0x4068aea3, 0xffffffffffffffff) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)=@arm64={0x3, 0xe0, 0xb4, '\x00', 0x1}) ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100022, 0x0}) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) r4 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = openat$kvm(0x0, 0x0, 0x101282, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04) r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@smc={0x1e, 0x0, {0x84000053, [0x1000009, 0x8000000000000001, 0xffffffffffffffff, 0x400, 0xfffffffffffff801]}}], 0xc7}, 0x0, 0x0) ioctl$KVM_RUN(r14, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r10, 0x2000003, 0x11, r9, 0x0) r15 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000100)={0x0, &(0x7f0000000880)=[@msr={0x14, 0x20, {0x603000000013defc, 0x5a8}}], 0x20}, 0x0, 0x0) ioctl$KVM_RUN(r15, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) 37m21.414077402s ago: executing program 3 (id=143): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x121200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xa) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = mmap$KVM_VCPU(&(0x7f0000dd4000/0x3000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r6 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r5, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) r7 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0) r8 = eventfd2(0x0, 0x0) close(r8) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) r9 = syz_kvm_vgic_v3_setup(r3, 0x3, 0x300) ioctl$KVM_HAS_DEVICE_ATTR(r9, 0x4018aee3, &(0x7f0000000140)=@attr_arm64={0x0, 0x5, 0x4, &(0x7f0000000000)=0x3}) write$eventfd(r8, &(0x7f0000000180)=0x5, 0xfffffde3) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) syz_kvm_vgic_v3_setup(r1, 0x4, 0x200) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000040)={0x10004, 0x10001}) 36m32.580967883s ago: executing program 35 (id=143): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x121200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xa) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = mmap$KVM_VCPU(&(0x7f0000dd4000/0x3000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r6 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r5, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) r7 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0) r8 = eventfd2(0x0, 0x0) close(r8) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) r9 = syz_kvm_vgic_v3_setup(r3, 0x3, 0x300) ioctl$KVM_HAS_DEVICE_ATTR(r9, 0x4018aee3, &(0x7f0000000140)=@attr_arm64={0x0, 0x5, 0x4, &(0x7f0000000000)=0x3}) write$eventfd(r8, &(0x7f0000000180)=0x5, 0xfffffde3) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) syz_kvm_vgic_v3_setup(r1, 0x4, 0x200) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000040)={0x10004, 0x10001}) 26m52.080368218s ago: executing program 5 (id=169): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000f2b000/0x3000)=nil, 0x0, 0x3000002, 0x112, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2a) (async) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2a) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, 0x0) (async) ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, 0x0) r3 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000b80)={0x0, &(0x7f00000000c0)=[@hvc={0x32, 0x40, {0x84000015, [0x7, 0x8000000000000000, 0xffffffffffffffff, 0xee24, 0xfffffffffffeffff]}}], 0x40}, &(0x7f0000000040)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) close(r3) (async) close(r3) openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x66) syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000280)=[{0x0, &(0x7f00000001c0)=[@its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x2, 0xd, 0x40, 0xfffffbff, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013dce4}}, @msr={0x14, 0x20, {0x603000000013df59, 0x5}}, @svc={0x122, 0x40, {0xe0e82fc026873c9f, [0x10001, 0x8, 0x6, 0x5, 0x1ff]}}], 0xa0}], 0x1, 0x0, &(0x7f0000000300)=[@featur1={0x1, 0x40}], 0x1) 26m50.312796869s ago: executing program 4 (id=170): openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40040, 0x0) r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000300)="fb4149dd033b8986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67525673312b01040000000000002627e7000000000000000200", 0x0, 0xfffffffffffffe73) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r2, 0x0) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r2, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x5, 0x5, &(0x7f0000000080)=0xa62}) r4 = eventfd2(0x70, 0x0) close(r4) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) write$eventfd(r4, &(0x7f0000000100)=0xfffffffffffffffe, 0x8) close(0xffffffffffffffff) r5 = eventfd2(0x0, 0x0) close(r5) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xc0c82, 0x0) mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, 0x930, 0x2000004, 0x2011, r5, 0x0) mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, 0x930, 0x2000004, 0x2011, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_GUEST_MEMFD(0xffffffffffffffff, 0xc040aed4, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) 26m35.260001178s ago: executing program 5 (id=171): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x20000000) write$eventfd(r1, 0x0, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000280), 0x103080, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x29) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r4, 0x5451, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) eventfd2(0x0, 0x0) r5 = eventfd2(0x0, 0x0) close(r5) r6 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, &(0x7f0000000040)=@attr_arm64={0x0, 0x7, 0x0, &(0x7f0000000240)=0x7}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0) openat$kvm(0x0, 0x0, 0x2a8b02, 0x0) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x36) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_GUEST_MEMFD(r8, 0xc040aed4, &(0x7f00000001c0)={0x200001fe4000, 0x1}) r10 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = eventfd2(0xfffffffa, 0x80001) ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r13}) syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_REGISTER_COALESCED_MMIO(r12, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616}) ioctl$KVM_REGISTER_COALESCED_MMIO(r12, 0x4010ae67, &(0x7f0000000180)={0x5000}) r14 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0) ioctl$KVM_RUN(r14, 0xae80, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x640000, 0x0) mmap$KVM_VCPU(&(0x7f0000ffc000/0x1000)=nil, 0x930, 0x2000002, 0x2013, r9, 0x0) 26m33.559912504s ago: executing program 4 (id=172): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x88601, 0x0) r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000003c0)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x3f000000, [0xee, 0x2d, 0x49, 0x8, 0xffffffff]}}, @msr={0x14, 0x20, {0x603000000013df78, 0x5}}, @mrs={0xbe, 0x18, {0x603000000013df61}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x180, 0x3}}, @uexit={0x0, 0x18, 0xb}, @eret={0xe6, 0x18, 0xffffffffffffffff}, @code={0xa, 0xb4, {"e0fa99d200c0b0f2210180d2020080d2830080d2840080d2020000d4202698d200c0b0f2e10080d2e20180d2430080d2840180d2020000d40098a12e007008d50010204e000008d540b888d20040b0f2c10080d2220180d2030180d2240080d2020000d480b383d20060b8f2410180d2220180d2430180d2440180d2020000d400000013402e95d20020b0f2c10180d2e20080d2030080d2040080d2020000d4"}}], 0x18c}, &(0x7f0000000400)=[@featur2={0x1, 0x40}], 0x1) ioctl$KVM_ARM_SET_DEVICE_ADDR(r1, 0x4010aeab, &(0x7f0000000040)={0x2, 0x30000}) ioctl$KVM_RUN(r1, 0xae80, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000140), 0x101000, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, &(0x7f00000000c0)=@attr_irq_timer={0x0, 0x1, 0x1, 0x0}) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) ioctl$KVM_CREATE_DEVICE(r5, 0xc018aec0, &(0x7f00000000c0)={0x1}) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) r6 = ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3}) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2000003, 0x2013, r6, 0x0) close(r6) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000007, 0x23ac5f9b426eccb2, 0xffffffffffffffff, 0x0) 26m13.810089918s ago: executing program 4 (id=173): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc9}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x88, &(0x7f0000000000)=0x2f7a}) r4 = eventfd2(0x1, 0x1) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x40000, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r6, 0x1, 0x100) ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000000100)={r4, 0x3, 0x2, r4}) ioctl$KVM_SET_GSI_ROUTING(r6, 0x4008ae6a, &(0x7f00000000c0)) write$eventfd(r4, &(0x7f0000000000)=0x1000007, 0x8) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x311182, 0x0) r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x12, r8, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x5) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x40305839, &(0x7f0000000040)=@attr_other={0x0, 0x0, 0x3, &(0x7f0000000000)=0x2f7}) 26m7.042813336s ago: executing program 5 (id=174): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$arm64(r1, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000540)=[{0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dea5, 0x4b}}, @svc={0x122, 0x40, {0x1, [0xffffffff, 0x4, 0x1, 0x80, 0x101]}}, @code={0xa, 0x84, {"60aa8ed20020b8f2e10080d2c20180d2c30180d2440180d2020000d4000008d500d8307e000028d5e05892d200c0b8f2c10180d2020180d2e30080d2e40180d2020000d4007008d5007008d5e05f8cd20000b0f2610080d2820080d2430080d2a40080d2020000d4008008d50020800d"}}, @eret={0xe6, 0x18, 0x91}, @code={0xa, 0xb4, {"e0629ad20080b8f2c10080d2a20180d2a30080d2a40180d2020000d400a895d20000b8f2810180d2420180d2830080d2040180d2020000d400c0000f007008d5007008d520aa83d20080b8f2010080d2420080d2c30180d2440180d2020000d40008c05ac02b8cd20080b0f2410080d2220080d2030080d2440180d2020000d40080800c209092d20020b0f2c10180d2c20180d2c30180d2240180d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x0, 0xc, 0x100, 0x2, 0x2}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x19b}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x3d3}}, @irq_setup={0x46, 0x18, {0x0, 0x3a8}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x1e8}}, @irq_setup={0x46, 0x18, {0x2, 0x215}}, @msr={0x14, 0x20, {0x603000000013e64b}}, @smc={0x1e, 0x40, {0xb262f0bc31b43b56, [0xaf9e, 0x9, 0x697, 0xd, 0x2]}}, @msr={0x14, 0x20, {0x603000000013c081, 0x9}}, @uexit={0x0, 0x18, 0x7}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x0, 0x3, 0x1, 0x3, 0x2}}], 0x340}], 0x1, 0x0, &(0x7f0000000580)=[@featur1={0x1, 0x2}], 0x1) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000600)=[@msr={0x14, 0x20, {0x6030000000138084, 0x3ff}}], 0x20}, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 25m53.970175618s ago: executing program 5 (id=175): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x101e40, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x161942, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000200)={0x1, 0x0, [{0x8, 0x2, 0x0, 0x0, @msi={0xfff, 0x4, 0x200, 0x5}}]}) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) r5 = syz_kvm_vgic_v3_setup(r4, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x5, 0x4, &(0x7f00000004c0)=0x6f7}) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000bfd000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4106931, 0xffffffffffffffff, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r6, 0x4010ae68, &(0x7f0000000040)={0x8000000, 0x10000}) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@hvc={0x32, 0x40, {0x84000007, [0x84000850, 0x7, 0x9, 0x7, 0x7fff]}}], 0x40}, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f00000000c0)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x8, 0x3, &(0x7f0000000140)=0x5}) ioctl$KVM_RUN(r8, 0xae80, 0x0) 25m48.242781159s ago: executing program 4 (id=176): openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r0 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9, 0x7, 0x3}}) r8 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0xfffffffffffffffe}}, @msr={0x14, 0x20, {0x603000000013dce1, 0x7}}], 0x40}, &(0x7f0000000300)=[@featur2={0x1, 0x89}], 0x1) munmap$KVM_VCPU(r0, 0x2) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) r9 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r9, 0x4018aee1, &(0x7f00000011c0)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f00000000c0)=0x8}) 25m32.047910709s ago: executing program 5 (id=177): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x101e40, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000b75000/0x400000)=nil) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000780), 0x1, 0x0) ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x10) r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, &(0x7f0000000000)=[@hvc={0x32, 0x40, {0x84000051, [0x84000052, 0xa, 0x4009, 0x4b, 0x7fff]}}], 0x40}, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 25m30.67115917s ago: executing program 4 (id=178): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r4 = eventfd2(0x8, 0x80800) ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000140)={0x8000000000000000, 0x0, 0x2, r4, 0x3}) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8902, 0x0) ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x69) ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000040)={0x4, 0xd000, 0x8, r4, 0xa}) ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000000)={0x8000, 0x0, 0x2, r4, 0x3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000b46000/0x400000)=nil) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000240)={0x1fe, 0x3, 0xffff6000, 0x1000, &(0x7f0000e49000/0x1000)=nil}) r6 = openat$kvm(0x0, &(0x7f0000000000), 0x2, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x7f) r8 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, r10, 0x1, 0x2012, r9, 0x0) mmap$KVM_VCPU(&(0x7f0000de2000/0x3000)=nil, r10, 0x6000006, 0x2010, 0xffffffffffffffff, 0x0) 25m17.838130072s ago: executing program 5 (id=179): r0 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x80000001d) ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f0000000080)={0xb6, 0x2000000}) (async) r2 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80180, 0x0) ioctl$KVM_CHECK_EXTENSION(r3, 0x5450, 0x0) (async) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2e) (async, rerun: 32) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async, rerun: 32) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r8, 0x800454d7, 0x110e22ffff) r9 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r5, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000180)=@arm64_bitmap={0x6030000000160002, &(0x7f0000000080)=0x1}) (async) syz_kvm_setup_cpu$arm64(r2, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000740)=[{0x0, &(0x7f0000000e40)=ANY=[], 0x61c}], 0x1, 0x0, &(0x7f00000007c0)=[@featur1={0x1, 0x67}], 0x1) (async, rerun: 32) ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece) (rerun: 32) 25m11.444372661s ago: executing program 4 (id=180): openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000280), 0x103080, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(0xffffffffffffffff, 0x4068aea3, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x5, 0x0, &(0x7f0000000000)=0x8}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x9, 0xb, 0x0, 0x2, 0x6, 0x6, 0x6, 0x48, 0x88, 0xfb, 0x9, 0x0, 0xb, 0x6, 0xa, 0x3, 0x8, 0x1, '\x00', 0x10, 0x6}) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r4, &(0x7f00000001c0)=0x8100000001, 0x2d73) r5 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x40) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000bc2000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) ioctl$KVM_SET_GUEST_DEBUG_arm64(r9, 0x4208ae9b, &(0x7f00000001c0)={0x30001, 0x0, {[0x2, 0xd6, 0x504, 0xf2f, 0x2, 0x6, 0x100000001, 0xa4, 0xfb, 0x4b3, 0x0, 0x8, 0x0, 0x8, 0xc], [0x6, 0x3, 0xea, 0x3ff, 0x4, 0x3, 0x4, 0x4, 0x5b, 0x2, 0x6, 0x6f2, 0x3, 0x8, 0xfffffffffffffff7], [0x0, 0x1, 0x100, 0xc2ef, 0x1, 0x5, 0x9, 0x7fff, 0x7, 0x80000000, 0x6, 0xfffffffffffffffb, 0x6, 0x4, 0x4, 0x1], [0x2, 0x89c8, 0xed, 0x0, 0x7, 0xb, 0x7, 0x7, 0x3, 0x2, 0x1, 0x400, 0x5ac, 0x49e4, 0x0, 0x9]}}) ioctl$KVM_RUN(r9, 0xae80, 0x0) ioctl$KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f0000000040)=@attr_other={0x0, 0x9, 0x10080000000084, 0x0}) 24m30.592115576s ago: executing program 36 (id=179): r0 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x80000001d) ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f0000000080)={0xb6, 0x2000000}) (async) r2 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80180, 0x0) ioctl$KVM_CHECK_EXTENSION(r3, 0x5450, 0x0) (async) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2e) (async, rerun: 32) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async, rerun: 32) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x31) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r8, 0x800454d7, 0x110e22ffff) r9 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r5, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000180)=@arm64_bitmap={0x6030000000160002, &(0x7f0000000080)=0x1}) (async) syz_kvm_setup_cpu$arm64(r2, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000740)=[{0x0, &(0x7f0000000e40)=ANY=[], 0x61c}], 0x1, 0x0, &(0x7f00000007c0)=[@featur1={0x1, 0x67}], 0x1) (async, rerun: 32) ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece) (rerun: 32) 24m22.002543805s ago: executing program 37 (id=180): openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000280), 0x103080, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(0xffffffffffffffff, 0x4068aea3, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x5, 0x0, &(0x7f0000000000)=0x8}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x9, 0xb, 0x0, 0x2, 0x6, 0x6, 0x6, 0x48, 0x88, 0xfb, 0x9, 0x0, 0xb, 0x6, 0xa, 0x3, 0x8, 0x1, '\x00', 0x10, 0x6}) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r4, &(0x7f00000001c0)=0x8100000001, 0x2d73) r5 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x40) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000bc2000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) ioctl$KVM_SET_GUEST_DEBUG_arm64(r9, 0x4208ae9b, &(0x7f00000001c0)={0x30001, 0x0, {[0x2, 0xd6, 0x504, 0xf2f, 0x2, 0x6, 0x100000001, 0xa4, 0xfb, 0x4b3, 0x0, 0x8, 0x0, 0x8, 0xc], [0x6, 0x3, 0xea, 0x3ff, 0x4, 0x3, 0x4, 0x4, 0x5b, 0x2, 0x6, 0x6f2, 0x3, 0x8, 0xfffffffffffffff7], [0x0, 0x1, 0x100, 0xc2ef, 0x1, 0x5, 0x9, 0x7fff, 0x7, 0x80000000, 0x6, 0xfffffffffffffffb, 0x6, 0x4, 0x4, 0x1], [0x2, 0x89c8, 0xed, 0x0, 0x7, 0xb, 0x7, 0x7, 0x3, 0x2, 0x1, 0x400, 0x5ac, 0x49e4, 0x0, 0x9]}}) ioctl$KVM_RUN(r9, 0xae80, 0x0) ioctl$KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f0000000040)=@attr_other={0x0, 0x9, 0x10080000000084, 0x0}) 16m41.955085741s ago: executing program 6 (id=181): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x28) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) r6 = syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000007c0)=@attr_other={0x0, 0x7, 0x40, &(0x7f0000000100)=0x7fffffff}) r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000240)={0x8, 0xffffffffffffffff}) r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000aba000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000cc0)={0x0, 0x0}, 0x0, 0x0) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000300)={0x0, &(0x7f0000000140)=[@its_setup={0x82, 0x28, {0x1, 0x3, 0x121}}], 0x28}, 0x0, 0x0) r13 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000280)={0x0, &(0x7f00000002c0), 0x6c}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r10, 0xff7ffffffffffffd, 0x360) ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r13, 0xae80, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) r15 = eventfd2(0x4, 0x80001) r16 = eventfd2(0x0, 0x803) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000040)={r15, 0x3, 0x0, r16}) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x4, 0x1, 0x0}) 16m36.311117846s ago: executing program 7 (id=182): r0 = openat$kvm(0x0, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r1, 0x4068aea3, &(0x7f0000000040)) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x4, 0xffffffffffffffff}) r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000180)=@arm64_sys={0x603000000013d801, &(0x7f0000000000)=0x1}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000200)=@attr_riscv64=@attr_ctrl={0x0, 0x1, 0x1, 0xfffffffffffffffe}) 16m15.867333289s ago: executing program 7 (id=183): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x101800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000700)={0x7, 0xffffffffffffffff}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x0, 0x0}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000080)=@attr_arm64={0x0, 0x5, 0x1, &(0x7f00000000c0)=0x9}) 16m15.103129235s ago: executing program 6 (id=184): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f0000000080)={0x200001fe0000, 0x3}) ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x6000, 0xa7000, &(0x7f0000ffc000/0x2000)=nil, 0x4000, r2}) close(0x5) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x21) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1022) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x35) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r6, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000000000/0x400000)=nil) close(0xffffffffffffffff) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) write$eventfd(0xffffffffffffffff, &(0x7f0000000180)=0x5, 0xfffffde3) r8 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x6) r9 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r8, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r8, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x444802, 0x0) close(r10) 15m57.911072149s ago: executing program 7 (id=185): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r6, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000001c0)="fb0149dd833be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8faa767969d22627e700", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) r8 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a97f2, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000140)={0x0, &(0x7f0000000000)=[@irq_setup={0x46, 0x18, {0x2, 0x2c0}}], 0x18}, 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0x401c5820, 0x20000007) r9 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000280)=@arm64_sys={0x603000000013c801, &(0x7f00000000c0)=0x1000001}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r11 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r12, 0x3, 0xa0) 15m52.820960048s ago: executing program 6 (id=186): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f00000003c0)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x0, 0xfffffffffffffe00}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x1, 0xb, 0xf9, 0x7fffffff}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x40, 0xffffffff, 0xe}}], 0x88}, 0x0, 0x0) (async) r4 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async, rerun: 64) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) (rerun: 64) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, 0x0) (async) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async, rerun: 64) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async, rerun: 64) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, 0x0) (async) openat$kvm(0x0, 0x0, 0x0, 0x0) (async) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, 0x0) (async, rerun: 64) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x3) (rerun: 64) ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, 0x0) 15m34.949607248s ago: executing program 6 (id=187): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18}) ioctl$KVM_ARM_VCPU_FINALIZE(r2, 0x4004aec2, &(0x7f0000000080)=0x4) openat$kvm(0x0, 0x0, 0x0, 0x0) close(0x4) close(0x5) 15m28.992614185s ago: executing program 7 (id=188): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r3 = ioctl$KVM_CREATE_VM(r2, 0x400454de, 0x110f22fffb) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000aba000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000cc0)={0x0, 0x0}, 0x0, 0x0) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000300)={0x0, &(0x7f0000000140)=[@its_setup={0x82, 0x28, {0x1, 0x3, 0x121}}], 0x28}, 0x0, 0x0) r8 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000000)={0x0, &(0x7f0000000780)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0xf6}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r5, 0xff7ffffffffffffd, 0x360) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) r10 = ioctl$KVM_CREATE_GUEST_MEMFD(r3, 0xc040aed4, &(0x7f0000000040)={0x5, 0x6}) ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000240)={0x1fe, 0x3, 0x5000, 0x1000, &(0x7f0000ffd000/0x1000)=nil, 0x0, r10}) 14m47.020136247s ago: executing program 38 (id=187): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18}) ioctl$KVM_ARM_VCPU_FINALIZE(r2, 0x4004aec2, &(0x7f0000000080)=0x4) openat$kvm(0x0, 0x0, 0x0, 0x0) close(0x4) close(0x5) 14m38.276277587s ago: executing program 39 (id=188): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r3 = ioctl$KVM_CREATE_VM(r2, 0x400454de, 0x110f22fffb) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000aba000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000cc0)={0x0, 0x0}, 0x0, 0x0) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000300)={0x0, &(0x7f0000000140)=[@its_setup={0x82, 0x28, {0x1, 0x3, 0x121}}], 0x28}, 0x0, 0x0) r8 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000000)={0x0, &(0x7f0000000780)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0xf6}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r5, 0xff7ffffffffffffd, 0x360) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) r10 = ioctl$KVM_CREATE_GUEST_MEMFD(r3, 0xc040aed4, &(0x7f0000000040)={0x5, 0x6}) ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000240)={0x1fe, 0x3, 0x5000, 0x1000, &(0x7f0000ffd000/0x1000)=nil, 0x0, r10}) 3m5.872891639s ago: executing program 9 (id=200): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000be5000/0x400000)=nil) (async) r2 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) (async, rerun: 32) r5 = syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000b80)={0x0, &(0x7f0000000080)=[@hvc={0x32, 0x40, {0x84000012, [0x7ab, 0x0, 0x4, 0x9, 0x4d]}}], 0x40}, &(0x7f00000002c0)=[@featur1={0x1, 0x20}], 0x1) (rerun: 32) ioctl$KVM_RUN(r5, 0xae80, 0x0) (async, rerun: 32) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (rerun: 32) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) (async) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f00000000c0)=@riscv64_timer={0x8030000004000000, &(0x7f00000001c0)=0x8}) r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r9, 0x0, 0x260) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x2e) r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r13, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f00000003c0)=[@featur2={0x1, 0x3}], 0x1) ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f0000000180)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x80003ff}) (async) r14 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x3a9a80, 0x0) ioctl$KVM_CREATE_VM(r15, 0xae01, 0x28) (async) r16 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r16, 0xae03, 0x2) (async) ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0) 3m0.640452099s ago: executing program 8 (id=201): r0 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1b) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r2, 0x4068aea3, &(0x7f0000000000)={0xe4, 0x0, 0x7ff}) ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000080)={0x8, 0x5}) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r0, 0x4068aea3, &(0x7f00000000c0)={0xe4, 0x0, 0x7}) syz_kvm_setup_cpu$arm64(r0, r0, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000000400)=[{0x0, &(0x7f0000000140)=[@uexit={0x0, 0x18}, @hvc={0x32, 0x40, {0x8600ff01, [0x9, 0x80, 0x6, 0x7fff, 0x8001]}}, @svc={0x122, 0x40, {0x80, [0xe54, 0x7f, 0x0, 0xa9f, 0x101]}}, @smc={0x1e, 0x40, {0xc4000005, [0x81, 0x7ff, 0x7ff, 0x2, 0x10000]}}, @svc={0x122, 0x40, {0x40, [0x12, 0x6, 0x9, 0x7fffffff, 0x2]}}, @hvc={0x32, 0x40, {0x84000013, [0x800, 0x8, 0x2, 0x6, 0x1]}}, @hvc={0x32, 0x40, {0x2000000, [0x3, 0x1, 0x5, 0x7, 0xa962]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1800, 0x7fffffff, 0x1}}, @irq_setup={0x46, 0x18, {0x0, 0x3d4}}, @code={0xa, 0xcc, {"409699d20040b8f2410180d2420080d2030180d2e40080d2020000d4007008d5a0459bd20020b0f2610180d2020080d2a30080d2a40080d2020000d480f78ed20020b8f2410080d2620180d2630180d2440080d2020000d4a0d586d20020b0f2410180d2220080d2830180d2e40080d2020000d4007008d50098212e0000689ec0ef83d200e0b0f2c10180d2820180d2a30080d2240180d2020000d4006098d20080b8f2610180d2420080d2230080d2c40080d2020000d4"}}], 0x2ac}], 0x1, 0x0, &(0x7f0000000440)=[@featur2={0x1, 0x5a}], 0x1) r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000840)={0x0, &(0x7f0000000480)=[@eret={0xe6, 0x18, 0x9}, @code={0xa, 0x6c, {"007008d5000008d50000439e007008d50040206e0094202e007008d5000028d560178bd200c0b8f2a10080d2a20080d2a30180d2440180d2020000d460999ed200e0b0f2810180d2a20180d2e30180d2240080d2020000d4"}}, @irq_setup={0x46, 0x18, {0x4, 0x209}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x4, 0x4, 0xbc, 0x69, 0x3}}, @hvc={0x32, 0x40, {0x4, [0x80000001, 0x9, 0x10, 0x8, 0x5]}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x3, 0x1, 0x5, 0x5c5, 0x3}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x8f}}, @msr={0x14, 0x20, {0x603000000013df40, 0x3}}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x369}}, @code={0xa, 0x84, {"000028d5007008d5007008d5a06494d20000b0f2610080d2020080d2830180d2a40180d2020000d4007008d5000008d5c01491d20000b0f2210080d2820180d2030180d2040180d2020000d4001c600e000008d5807681d20040b0f2e10180d2c20080d2830080d2640180d2020000d4"}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0xde}}, @mrs={0xbe, 0x18, {0x603000000013c660}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x3cf}}, @code={0xa, 0x9c, {"00d8210e00f8307e00949dd20040b8f2e10080d2e20080d2630180d2a40080d2020000d4000008d520eb8fd20020b0f2210180d2620180d2c30180d2e40180d2020000d400fc89d20040b0f2e10180d2a20180d2430080d2840080d2020000d40010c0dac03a89d20080b0f2410080d2c20180d2a30180d2240180d2020000d40058202e0000009a"}}, @smc={0x1e, 0x40, {0x84000052, [0x1000, 0xffffffff, 0x0, 0x5, 0x9]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x180, 0x696d, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013d920}}], 0x3ac}, &(0x7f0000000880)=[@featur2={0x1, 0x2}], 0x1) syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f00008ca000/0x400000)=nil, &(0x7f0000000c40)=[{0x0, &(0x7f00000008c0)=[@smc={0x1e, 0x40, {0xc4000005, [0xe, 0x7, 0x7, 0x1, 0x101]}}, @uexit={0x0, 0x18, 0x8000000000000000}, @svc={0x122, 0x40, {0x84000002, [0x4, 0x8000, 0x3, 0x5, 0xfff]}}, @eret={0xe6, 0x18, 0x4}, @its_setup={0x82, 0x28, {0x1, 0x4, 0xd1}}, @code={0xa, 0x9c, {"c01d99d20020b8f2810180d2620180d2630080d2040180d2020000d4000040fc0020206e007008d5000028d5000000ad000480da405d83d200a0b0f2010080d2420180d2a30080d2040080d2020000d420028ed200c0b8f2410080d2e20180d2830080d2240180d2020000d4409199d20080b0f2c10180d2e20080d2e30080d2840180d2020000d4"}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe4, 0x10000}}, @svc={0x122, 0x40, {0xc4000007, [0xc63d, 0x25f6, 0x2, 0x229a, 0x1b61]}}, @code={0xa, 0x54, {"007008d500b8200e000c80b860148ad200e0b8f2810080d2020180d2c30180d2440180d2020000d4000c007c000840fa0014000f00082038007008d5007008d5"}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x2, 0xa, 0x9, 0x5, 0x3}}, @eret={0xe6, 0x18, 0x8000000000000000}, @mrs={0xbe, 0x18, {0x603000000013c4c9}}, @msr={0x14, 0x20, {0x603000000013c2a4, 0x5}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x35}}, @hvc={0x32, 0x40, {0x8000, [0x3, 0x8, 0x0, 0x2, 0x9]}}, @memwrite={0x6e, 0x30, @generic={0x6000, 0x5f2, 0x3, 0x6}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x1, 0x5, 0x401, 0x86a, 0x3}}], 0x370}], 0x1, 0x0, &(0x7f0000000c80)=[@featur1={0x1, 0xc0}], 0x1) ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f0000000cc0)=@arm64={0x4, 0x7f, 0x7, '\x00', 0x400}) write$eventfd(r0, &(0x7f0000000d00)=0x2cc, 0x8) r4 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000af9000/0x400000)=nil) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r1, 0x4018aee3, &(0x7f0000000d80)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000d40)=0xd}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x11) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000e00)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000dc0)=0x4}) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000001300)={0x0, &(0x7f0000000e40)=[@code={0xa, 0xb4, {"00ac9bd200a0b0f2c10080d2e20180d2230080d2840180d2020000d4008008d5000000280008601e40a591d20040b8f2610180d2220180d2630180d2040080d2020000d420bf97d200c0b0f2610180d2e20180d2a30080d2e40180d2020000d400080078200e8ad200a0b0f2210180d2820180d2830080d2240180d2020000d4008008d540599dd20080b0f2210180d2220080d2a30180d2240080d2020000d4"}}, @hvc={0x32, 0x40, {0xc400000e, [0x5a9, 0x4, 0xffff, 0x20000000000000, 0x9b4d]}}, @hvc={0x32, 0x40, {0x86000000, [0x7ff, 0x3, 0x101, 0x6a5a, 0x34df]}}, @eret={0xe6, 0x18, 0x462}, @irq_setup={0x46, 0x18, {0x4, 0x14d}}, @code={0xa, 0x6c, {"000028d50020204e00008052000008d50080204e009887d20060b8f2e10180d2c20180d2230180d2e40180d2020000d4e00300b2007008d5a06d8ad20020b8f2210180d2820180d2030180d2240180d2020000d40098207e"}}, @svc={0x122, 0x40, {0x8000, [0xfff, 0x9, 0x0, 0x10001, 0x2]}}, @eret={0xe6, 0x18}, @mrs={0xbe, 0x18, {0x603000000013df58}}, @irq_setup={0x46, 0x18, {0x2, 0x146}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x90, 0x100, 0x5}}, @mrs={0xbe, 0x18, {0x603000000013dce5}}, @mrs={0xbe, 0x18, {0x6030000000131a02}}, @smc={0x1e, 0x40, {0xc4000003, [0x9, 0x9, 0x6, 0x8, 0x2]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x0, 0x5, 0x1}}, @hvc={0x32, 0x40, {0x8600ff01, [0x622e, 0xd, 0x0, 0x5, 0x8e1]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0xffd0, 0x10001, 0xa}}, @svc={0x122, 0x40, {0x800, [0x5, 0xff, 0x9, 0x9, 0xc]}}, @memwrite={0x6e, 0x30, @generic={0xeeee8000, 0x279, 0x4, 0x8}}, @memwrite={0x6e, 0x30, @generic={0xb000, 0x68e, 0x9, 0x7}}, @irq_setup={0x46, 0x18, {0x4, 0x21f}}, @msr={0x14, 0x20, {0x603000000013df7b, 0x3}}, @irq_setup={0x46, 0x18, {0x2, 0x70}}, @msr={0x14, 0x20, {0x603000000013c521, 0x6}}], 0x4a8}, &(0x7f0000001340)=[@featur1={0x1, 0xa}], 0x1) ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f00000013c0)=@arm64_sve={0x608000000015061e, &(0x7f0000001380)=0x4}) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000001440)=@riscv64_aia_csr={0x8030000003010005, &(0x7f0000001400)=0xa0e}) r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x12) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000bfe000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000016c0)={0x0, &(0x7f0000001480)=[@mrs={0xbe, 0x18, {0x603000000013e66d}}, @hvc={0x32, 0x40, {0x84000001, [0x6, 0x6, 0x8, 0x4, 0x4]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x4, 0xe, 0x1, 0x7}}, @smc={0x1e, 0x40, {0xc4000001, [0x9, 0x4, 0x8, 0x7, 0x2]}}, @svc={0x122, 0x40, {0x8600ff01, [0x2a, 0x4, 0x1ff, 0x6, 0x4]}}, @svc={0x122, 0x40, {0x84000002, [0x3ff, 0xb3, 0x7f, 0x8, 0x6]}}, @code={0xa, 0x54, {"0000689e008008d5007008d5e09f83d200e0b8f2c10080d2420080d2e30180d2640180d2020000d4007008d50078202e007008d5007008d5007008d5008008d5"}}, @svc={0x122, 0x40, {0x86000000, [0x4, 0x1, 0x8, 0x5, 0x100000000]}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x2b4}}, @svc={0x122, 0x40, {0x4000000, [0xfffffffffffffc01, 0xf3, 0x6, 0x1, 0x3]}}], 0x23c}, &(0x7f0000001700)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000001780)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000001740)={0x3ff}}) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r5, 0x4018aee3, &(0x7f0000001800)=@attr_irq_timer={0x0, 0x1, 0x0, &(0x7f00000017c0)=0x18}) r9 = ioctl$KVM_GET_STATS_FD_cpu(r5, 0xaece) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r9, 0x4010aeb5, &(0x7f0000001840)={0x9, 0x7fffffff}) write$eventfd(r0, &(0x7f0000001880)=0xa, 0x8) syz_kvm_setup_cpu$arm64(r0, r8, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000001b00)=[{0x0, &(0x7f00000018c0)=[@eret={0xe6, 0x18, 0x1}, @svc={0x122, 0x40, {0x84000051, [0x2, 0x120, 0x8001, 0x3, 0x6]}}, @mrs={0xbe, 0x18, {0x603000000013e6dc}}, @uexit={0x0, 0x18, 0x1}, @code={0xa, 0x84, {"00fc007f0008202e000028d5c0b689d20000b8f2010080d2a20080d2a30180d2840080d2020000d4007008d50010601ea08393d200c0b0f2a10080d2020180d2a30080d2a40180d2020000d4007008d5a0f18bd200a0b8f2e10180d2020180d2c30180d2240080d2020000d40008407a"}}, @msr={0x14, 0x20, {0x603000000013c016}}, @uexit={0x0, 0x18, 0x9}, @eret={0xe6, 0x18, 0x5}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x4, 0xf, 0x3, 0x7, 0x2}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x310}}, @eret={0xe6, 0x18, 0x7a}, @eret={0xe6, 0x18, 0x6}, @eret={0xe6, 0x18, 0x80000000}, @mrs={0xbe, 0x18, {0x603000000013c802}}, @mrs={0xbe, 0x18, {0x603000000013deb6}}], 0x224}], 0x1, 0x0, &(0x7f0000001b40)=[@featur1={0x1, 0x6c}], 0x1) syz_kvm_vgic_v3_setup(r9, 0x3, 0x0) r10 = mmap$KVM_VCPU(&(0x7f0000d62000/0x3000)=nil, 0x0, 0x2000000, 0x10, r0, 0x0) syz_memcpy_off$KVM_EXIT_MMIO(r10, 0x20, &(0x7f0000001b80)="9735a24d4e6ee66bedf57a421bd558787b5a8097254e1f6a", 0x0, 0x18) 2m41.699658067s ago: executing program 8 (id=202): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000}) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r5, 0x4018aee1, &(0x7f0000000340)=@attr_arm64={0x0, 0x0, 0x0, 0xffffffffffffffff}) r6 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x5, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000100)={0x0, &(0x7f00000001c0)=[@irq_setup={0x5, 0x18}], 0x18}, 0x0, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) (async, rerun: 64) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (rerun: 64) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x6, 0x86, 0x6, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, 0x8, '\x00', 0x1, 0x7}) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) (async, rerun: 64) write$eventfd(r10, &(0x7f00000001c0)=0x9, 0x1d) (rerun: 64) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_RUN(r7, 0xae80, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffc000/0x1000)=nil, 0x930, 0x3, 0x11, r7, 0x0) 2m31.505474135s ago: executing program 9 (id=203): mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x9000000) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) r0 = eventfd2(0x5, 0x800) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000240)=@arm64_fp={0x60400000001004a3, 0x0}) write$eventfd(r0, &(0x7f0000000000)=0xffffffffffffffff, 0x8) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000) mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4360ae82, 0x0) mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000011000/0xc00000)=nil, 0xc00000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) 2m16.744558428s ago: executing program 8 (id=204): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2b) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013df7f, 0x8000}}, @msr={0x14, 0x20, {0x603000000013df7f, 0x8000}}, @msr={0x14, 0x20, {0x6030000000138084, 0x8000}}], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2m4.562638774s ago: executing program 9 (id=205): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x80000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffe}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = eventfd2(0x3, 0x0) write$eventfd(r4, &(0x7f0000000400)=0xfffffffffffffffc, 0x8) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) close(0x4) close(0x5) 1m54.534421077s ago: executing program 8 (id=206): munmap$KVM_VCPU(0x0, 0x1000000000) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000000)={0xffffffffffffffff, 0x1, 0xea12157bff932e6}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0x40086602, 0x20000000) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x27) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8}) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000280)={0x4}) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_HAS_DEVICE_ATTR(r5, 0x4018aee3, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x10, 0x0}) ioctl$KVM_CLEAR_DIRTY_LOG(r4, 0xc018aec0, &(0x7f00000006c0)={0x1, 0x340, 0x180, &(0x7f00000002c0)=[0x0, 0x0, 0x4, 0x1, 0x7fffffff, 0x1, 0x8fa3, 0xfffffffffffffffa, 0x1, 0x8, 0x81, 0x8, 0x7fff, 0x2, 0x23, 0xfffffffffffffffa, 0x7, 0x2, 0xe, 0xfffffffffffffffb, 0x0, 0x468, 0xafd4, 0x8, 0x6, 0x8000000000000, 0xe, 0x4, 0x3ff, 0x2, 0x1, 0x101, 0x400, 0x3, 0x6, 0x1, 0xfffffffffffff001, 0xfffffffffffeffff, 0x8, 0xffff, 0x9, 0x800, 0x31095b65, 0xd, 0x0, 0x8001, 0xf, 0x1, 0x3, 0x6, 0xc1, 0x0, 0x2, 0x3, 0xdbd, 0x480000000000, 0x8, 0x3, 0xffff, 0x6, 0x1, 0x8000000000000001, 0x3, 0x7fffffffffffffff, 0x9, 0x4, 0x83, 0xa59d, 0x1, 0xe, 0x2, 0x87d, 0x7fffffffffffffff, 0xd2, 0xfffffffffffffffe, 0x81f, 0x7, 0x0, 0x8, 0x1, 0x7, 0x7, 0x4, 0x6, 0x9, 0x100000000, 0x6, 0x3, 0x80, 0x1000, 0x6, 0x947e, 0xd2, 0x102800, 0xffff, 0x3, 0x8, 0x81, 0x7fffffff, 0x3f30, 0x1, 0x3, 0xe, 0x8, 0xffffffffffff30f2, 0xfffffffffffffffa, 0x2, 0x2, 0xc, 0x0, 0x2, 0x7, 0x3f, 0x401, 0x8, 0x6, 0x1, 0x8, 0x1, 0x99, 0x3, 0x0, 0x5, 0x2, 0x81, 0x2, 0x786, 0x1]}) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x110, 0xffffffffffffffff, 0x20000000) 1m38.225320346s ago: executing program 9 (id=207): r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) r1 = mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x468000, 0x0) mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r3, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r5 = mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, r4, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000745000/0x5000)=nil, 0x5000) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x0, 0x3000002, 0x8a031, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_MMIO(r1, 0x20, &(0x7f0000000080)="75a7131049a825cd8ca590e0d3252523dbbfb579f1697bfb", 0x0, 0x18) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) 1m29.829649636s ago: executing program 8 (id=208): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x88201, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@mrs={0xbe, 0x18, {0x603000000013c520}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0x7, 0x5, 0x0, 0x4}}, @irq_setup={0x46, 0x18, {0x3, 0x28}}, @uexit={0x0, 0x18, 0x5}], 0x70}, 0x0, 0x0) ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r1, 0x4068aea3, &(0x7f0000000000)) (async) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) (async, rerun: 64) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (rerun: 64) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x6, 0x6, 0x6, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x9, 0x0, 0x0, 0x3, 0x5, 0x8, '\x00', 0x1, 0x400000000002}) (async) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000140)={0x4, 0x0, [{0x1, 0x1, 0x0, 0x0, @adapter={0x8000000000000001, 0x8, 0x2, 0xb, 0x10}}, {0x9, 0x3, 0x0, 0x0, @adapter={0x4d4ff, 0xffffffffffffffff}}, {0x0, 0x4, 0x1, 0x0, @sint={0x7fffffff, 0x6}}, {0x0, 0x6, 0x0, 0x0, @adapter={0x8000, 0x7fffffff, 0x20000000401, 0x7f, 0xb2d}}]}) (async, rerun: 32) write$eventfd(r7, &(0x7f00000001c0)=0x3, 0x50) (rerun: 32) r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2e) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_GET_API_VERSION(r4, 0xae00, 0x0) (async) ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000280)) (async) syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000180)=@arm64_ccsidr={0x6020000000110004, &(0x7f00000000c0)=0x4}) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1m18.310937989s ago: executing program 9 (id=209): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0xffff, 0x9, &(0x7f0000000080)=0x1}) r3 = eventfd2(0x8801, 0x800) (async) r4 = eventfd2(0x3ff, 0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r4, 0x1, 0x2, r4}) (async) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000140)={r4, 0x5, 0x2, r3}) 56.194754685s ago: executing program 8 (id=210): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x7) r2 = openat$kvm(0x0, &(0x7f0000000200), 0x101000, 0x0) r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000740)={0x0, &(0x7f0000000240)=[@its_setup={0x82, 0x28, {0x1, 0x2, 0xfc}}, @eret={0xe6, 0x18, 0x9}, @mrs={0xbe, 0x18, {0x603000000013da10}}, @eret={0xe6, 0x18, 0x600000000}, @msr={0x14, 0x20, {0x603000000013def8, 0x1}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x1b9}}, @eret={0xe6, 0x18, 0xb5}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x301}}, @uexit={0x0, 0x18}, @svc={0x122, 0x40, {0x0, [0x4, 0x2, 0x4, 0x8000000000000001, 0x3]}}, @mrs={0xbe, 0x18, {0x603000000013c289}}, @smc={0x1e, 0x40, {0x3000000, [0x9, 0x0, 0x0, 0xdd39, 0x39a]}}, @code={0xa, 0x84, {"00259cd200e0b0f2e10080d2220080d2830080d2440080d2020000d420af90d20020b8f2c10180d2420080d2430080d2840180d2020000d40030005e0008a038a08689d20040b8f2010080d2a20080d2230080d2640180d2020000d40000400c0020800d007008d50000c0ad008008d5"}}, @eret={0xe6, 0x18, 0x6}, @irq_setup={0x46, 0x18, {0x0, 0x59}}, @mrs={0xbe, 0x18, {0x603000000013c2a8}}, @irq_setup={0x46, 0x18, {0x2, 0x24e}}, @mrs={0xbe, 0x18, {0x603000000013defb}}, @mrs={0xbe, 0x18, {0x603000000013df5c}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x1, 0xd, 0x2, 0xc, 0x4}}, @irq_setup={0x46, 0x18, {0x4, 0x2af}}, @svc={0x122, 0x40, {0x84000008, [0x63bd, 0x1, 0x100000000, 0x2, 0xd]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x4, 0xa, 0x1, 0x9, 0x2}}, @hvc={0x32, 0x40, {0x0, [0x1, 0x4, 0x7, 0x1e, 0x4]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x0, 0x5, 0x80000000, 0x281e4, 0x1}}, @eret={0xe6, 0x18, 0x8}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x4, 0x5, 0x4, 0x0, 0x3}}, @irq_setup={0x46, 0x18, {0x0, 0x384}}, @memwrite={0x6e, 0x30, @generic={0x1000, 0x4e6, 0x8a, 0x2}}, @uexit={0x0, 0x18, 0xe}, @uexit={0x0, 0x18}, @hvc={0x32, 0x40, {0xc4000005, [0x7fffffff, 0x0, 0xffff, 0xc, 0x8001]}}], 0x4c4}, &(0x7f0000000780)=[@featur2={0x1, 0x10}], 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, 0x0) ioctl$KVM_GET_SREGS(r4, 0x8000ae83, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000480)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x4, 0x86, 0x3, 0x48, 0x86, 0xdd, 0xb, 0x0, 0x0, 0x0, 0x10, 0x7, 0x5, 0x8, '\x00', 0xfd, 0x93}) r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1000000000000017) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x34) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000080)=@attr_set_pmu={0x0, 0x0, 0x3, 0x0}) 55.515367685s ago: executing program 9 (id=211): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x3, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x40000000, 0x10000, 0x10000, 0x0, 0x1}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000300)={0x8001, 0x55e}}) r9 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000100)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7fff}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r10, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) r12 = eventfd2(0x80000001, 0x800) write$eventfd(r12, &(0x7f0000000080)=0x2, 0x8) ioctl$KVM_RUN(r5, 0xae80, 0x0) 7.707850143s ago: executing program 40 (id=210): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x7) r2 = openat$kvm(0x0, &(0x7f0000000200), 0x101000, 0x0) r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000740)={0x0, &(0x7f0000000240)=[@its_setup={0x82, 0x28, {0x1, 0x2, 0xfc}}, @eret={0xe6, 0x18, 0x9}, @mrs={0xbe, 0x18, {0x603000000013da10}}, @eret={0xe6, 0x18, 0x600000000}, @msr={0x14, 0x20, {0x603000000013def8, 0x1}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x1b9}}, @eret={0xe6, 0x18, 0xb5}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x301}}, @uexit={0x0, 0x18}, @svc={0x122, 0x40, {0x0, [0x4, 0x2, 0x4, 0x8000000000000001, 0x3]}}, @mrs={0xbe, 0x18, {0x603000000013c289}}, @smc={0x1e, 0x40, {0x3000000, [0x9, 0x0, 0x0, 0xdd39, 0x39a]}}, @code={0xa, 0x84, {"00259cd200e0b0f2e10080d2220080d2830080d2440080d2020000d420af90d20020b8f2c10180d2420080d2430080d2840180d2020000d40030005e0008a038a08689d20040b8f2010080d2a20080d2230080d2640180d2020000d40000400c0020800d007008d50000c0ad008008d5"}}, @eret={0xe6, 0x18, 0x6}, @irq_setup={0x46, 0x18, {0x0, 0x59}}, @mrs={0xbe, 0x18, {0x603000000013c2a8}}, @irq_setup={0x46, 0x18, {0x2, 0x24e}}, @mrs={0xbe, 0x18, {0x603000000013defb}}, @mrs={0xbe, 0x18, {0x603000000013df5c}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x1, 0xd, 0x2, 0xc, 0x4}}, @irq_setup={0x46, 0x18, {0x4, 0x2af}}, @svc={0x122, 0x40, {0x84000008, [0x63bd, 0x1, 0x100000000, 0x2, 0xd]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x4, 0xa, 0x1, 0x9, 0x2}}, @hvc={0x32, 0x40, {0x0, [0x1, 0x4, 0x7, 0x1e, 0x4]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x0, 0x5, 0x80000000, 0x281e4, 0x1}}, @eret={0xe6, 0x18, 0x8}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x4, 0x5, 0x4, 0x0, 0x3}}, @irq_setup={0x46, 0x18, {0x0, 0x384}}, @memwrite={0x6e, 0x30, @generic={0x1000, 0x4e6, 0x8a, 0x2}}, @uexit={0x0, 0x18, 0xe}, @uexit={0x0, 0x18}, @hvc={0x32, 0x40, {0xc4000005, [0x7fffffff, 0x0, 0xffff, 0xc, 0x8001]}}], 0x4c4}, &(0x7f0000000780)=[@featur2={0x1, 0x10}], 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, 0x0) ioctl$KVM_GET_SREGS(r4, 0x8000ae83, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000480)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x4, 0x86, 0x3, 0x48, 0x86, 0xdd, 0xb, 0x0, 0x0, 0x0, 0x10, 0x7, 0x5, 0x8, '\x00', 0xfd, 0x93}) r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1000000000000017) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x34) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000080)=@attr_set_pmu={0x0, 0x0, 0x3, 0x0}) 0s ago: executing program 41 (id=211): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x3, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x40000000, 0x10000, 0x10000, 0x0, 0x1}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000300)={0x8001, 0x55e}}) r9 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000100)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7fff}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r10, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) r12 = eventfd2(0x80000001, 0x800) write$eventfd(r12, &(0x7f0000000080)=0x2, 0x8) ioctl$KVM_RUN(r5, 0xae80, 0x0) kernel console output (not intermixed with test programs): [ 368.660533][ T24] audit: type=1400 audit(367.830:74): avc: denied { write } for pid=3258 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 372.705727][ T24] audit: type=1400 audit(371.840:75): avc: denied { write } for pid=3263 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 385.865634][ T24] audit: type=1400 audit(385.030:76): avc: denied { write } for pid=3271 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 391.173884][ T24] audit: type=1400 audit(390.290:77): avc: denied { write } for pid=3274 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 394.866205][ T3206] 8021q: adding VLAN 0 to HW filter on device bond0 [ 403.574762][ T24] audit: type=1400 audit(402.730:78): avc: denied { write } for pid=3280 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 407.444204][ T24] audit: type=1400 audit(406.570:79): avc: denied { write } for pid=3283 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 417.724704][ T24] audit: type=1400 audit(416.890:80): avc: denied { write } for pid=3288 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 421.924884][ T24] audit: type=1400 audit(421.090:81): avc: denied { write } for pid=3291 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 424.540203][ T3206] eql: remember to turn off Van-Jacobson compression on your slave devices [ 431.795240][ T24] audit: type=1400 audit(430.960:82): avc: denied { write } for pid=3295 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 436.030733][ T24] audit: type=1400 audit(435.170:83): avc: denied { write } for pid=3298 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 443.541370][ T24] audit: type=1400 audit(442.700:84): avc: denied { write } for pid=3301 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 448.771314][ T24] audit: type=1400 audit(447.940:85): avc: denied { write } for pid=3304 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 463.875156][ T24] audit: type=1400 audit(463.040:86): avc: denied { write } for pid=3310 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 467.897706][ T24] audit: type=1400 audit(467.070:87): avc: denied { write } for pid=3313 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 475.083888][ T24] audit: type=1400 audit(474.250:88): avc: denied { write } for pid=3316 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 478.829179][ T24] audit: type=1400 audit(478.000:89): avc: denied { write } for pid=3319 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 491.978972][ T24] audit: type=1400 audit(491.150:90): avc: denied { write } for pid=3325 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 495.716037][ T24] audit: type=1400 audit(494.860:91): avc: denied { write } for pid=3328 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 507.796631][ T24] audit: type=1400 audit(506.930:92): avc: denied { write } for pid=3333 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 513.006846][ T24] audit: type=1400 audit(512.130:93): avc: denied { write } for pid=3336 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 536.906561][ T24] audit: type=1400 audit(536.070:94): avc: denied { write } for pid=3345 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 540.803802][ T24] audit: type=1400 audit(539.970:95): avc: denied { write } for pid=3348 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 546.679150][ T24] audit: type=1400 audit(545.850:96): avc: denied { write } for pid=3351 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 550.593836][ T24] audit: type=1400 audit(549.750:97): avc: denied { write } for pid=3354 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 556.791601][ T24] audit: type=1400 audit(555.960:98): avc: denied { write } for pid=3357 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 560.564186][ T24] audit: type=1400 audit(559.730:99): avc: denied { write } for pid=3360 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 Warning: Permanently added '[localhost]:19340' (ED25519) to the list of known hosts. [ 593.999148][ T24] audit: type=1400 audit(593.170:100): avc: denied { name_bind } for pid=3364 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 594.826425][ T24] audit: type=1400 audit(594.000:101): avc: denied { execute } for pid=3365 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 594.851115][ T24] audit: type=1400 audit(594.010:102): avc: denied { execute_no_trans } for pid=3365 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 619.379382][ T24] audit: type=1400 audit(618.550:103): avc: denied { mounton } for pid=3365 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 619.421654][ T24] audit: type=1400 audit(618.590:104): avc: denied { mount } for pid=3365 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 619.506726][ T3365] cgroup: Unknown subsys name 'net' [ 619.560828][ T24] audit: type=1400 audit(618.730:105): avc: denied { unmount } for pid=3365 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 619.958885][ T3365] cgroup: Unknown subsys name 'cpuset' [ 620.079324][ T3365] cgroup: Unknown subsys name 'rlimit' [ 620.958092][ T24] audit: type=1400 audit(620.130:106): avc: denied { setattr } for pid=3365 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=704 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 620.977708][ T24] audit: type=1400 audit(620.140:107): avc: denied { mounton } for pid=3365 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 621.004955][ T24] audit: type=1400 audit(620.170:108): avc: denied { mount } for pid=3365 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 622.006951][ T3368] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 622.025734][ T24] audit: type=1400 audit(621.190:109): avc: denied { relabelto } for pid=3368 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 622.055340][ T24] audit: type=1400 audit(621.210:110): avc: denied { write } for pid=3368 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 622.246784][ T24] audit: type=1400 audit(621.410:111): avc: denied { read } for pid=3365 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 622.268447][ T24] audit: type=1400 audit(621.440:112): avc: denied { open } for pid=3365 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 622.315797][ T3365] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 682.469813][ T24] audit: type=1400 audit(681.640:113): avc: denied { execmem } for pid=3369 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 686.260806][ T24] audit: type=1400 audit(685.430:114): avc: denied { read } for pid=3372 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 686.289250][ T24] audit: type=1400 audit(685.440:115): avc: denied { read } for pid=3371 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 686.306875][ T24] audit: type=1400 audit(685.450:116): avc: denied { open } for pid=3372 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 686.383910][ T24] audit: type=1400 audit(685.530:117): avc: denied { mounton } for pid=3371 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 686.598852][ T24] audit: type=1400 audit(685.770:119): avc: denied { module_request } for pid=3371 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 686.624233][ T24] audit: type=1400 audit(685.760:118): avc: denied { module_request } for pid=3372 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 687.589715][ T24] audit: type=1400 audit(686.750:120): avc: denied { sys_module } for pid=3372 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 712.900497][ T3371] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 712.979806][ T3372] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 713.054671][ T3371] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 713.108343][ T3372] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 724.814474][ T3371] hsr_slave_0: entered promiscuous mode [ 724.846609][ T3371] hsr_slave_1: entered promiscuous mode [ 725.801835][ T3372] hsr_slave_0: entered promiscuous mode [ 725.857173][ T3372] hsr_slave_1: entered promiscuous mode [ 725.884929][ T3372] debugfs: 'hsr0' already exists in 'hsr' [ 725.894402][ T3372] Cannot create hsr debugfs directory [ 731.625219][ T24] audit: type=1400 audit(730.790:121): avc: denied { create } for pid=3371 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 731.650966][ T24] audit: type=1400 audit(730.820:122): avc: denied { write } for pid=3371 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 731.696652][ T24] audit: type=1400 audit(730.860:123): avc: denied { read } for pid=3371 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 731.858192][ T3371] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 732.180063][ T3371] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 732.311328][ T3371] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 732.548929][ T3371] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 732.646418][ T3371] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 732.789822][ T3371] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 732.956836][ T3371] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 733.037962][ T3371] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 734.527989][ T3372] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 734.677030][ T3372] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 734.774931][ T3372] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 734.887920][ T3372] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 734.977002][ T3372] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 735.148215][ T3372] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 735.245694][ T3372] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 735.438692][ T3372] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 746.795165][ T3371] 8021q: adding VLAN 0 to HW filter on device bond0 [ 748.891376][ T3372] 8021q: adding VLAN 0 to HW filter on device bond0 [ 786.994553][ T24] audit: type=1400 audit(786.130:124): avc: denied { write } for pid=3498 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 792.160040][ T24] audit: type=1400 audit(791.330:125): avc: denied { write } for pid=3507 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 804.519641][ T3371] veth0_vlan: entered promiscuous mode [ 805.118429][ T3371] veth1_vlan: entered promiscuous mode [ 806.207123][ T3372] veth0_vlan: entered promiscuous mode [ 807.167581][ T3372] veth1_vlan: entered promiscuous mode [ 807.477630][ T3371] veth0_macvtap: entered promiscuous mode [ 807.848393][ T3371] veth1_macvtap: entered promiscuous mode [ 809.791914][ T3372] veth0_macvtap: entered promiscuous mode [ 810.291863][ T3372] veth1_macvtap: entered promiscuous mode [ 810.416901][ T3278] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 810.555101][ T3278] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 810.564731][ T3278] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 810.700860][ T3278] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 813.050479][ T24] audit: type=1400 audit(812.220:126): avc: denied { mount } for pid=3371 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 813.447165][ T24] audit: type=1400 audit(812.610:127): avc: denied { mounton } for pid=3371 comm="syz-executor" path="/syzkaller.bxFPGh/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 813.708415][ T3464] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 813.709577][ T3464] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 813.726310][ T3464] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 813.750355][ T3464] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 813.806559][ T24] audit: type=1400 audit(812.950:128): avc: denied { mount } for pid=3371 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 814.279804][ T24] audit: type=1400 audit(813.450:129): avc: denied { mounton } for pid=3371 comm="syz-executor" path="/syzkaller.bxFPGh/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 814.506211][ T24] audit: type=1400 audit(813.670:130): avc: denied { mounton } for pid=3371 comm="syz-executor" path="/syzkaller.bxFPGh/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3745 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 815.611594][ T24] audit: type=1400 audit(814.680:131): avc: denied { unmount } for pid=3371 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 816.020769][ T24] audit: type=1400 audit(815.190:132): avc: denied { mounton } for pid=3371 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1548 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 816.179783][ T24] audit: type=1400 audit(815.350:133): avc: denied { mount } for pid=3371 comm="syz-executor" name="/" dev="gadgetfs" ino=3758 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 816.724032][ T24] audit: type=1400 audit(815.880:134): avc: denied { mount } for pid=3371 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 816.854951][ T24] audit: type=1400 audit(816.020:135): avc: denied { mounton } for pid=3371 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 818.409734][ T3371] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 820.353671][ T24] kauditd_printk_skb: 1 callbacks suppressed [ 820.366575][ T24] audit: type=1400 audit(819.470:137): avc: denied { read write } for pid=3372 comm="syz-executor" name="loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 820.367604][ T24] audit: type=1400 audit(819.530:138): avc: denied { open } for pid=3372 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 820.524106][ T24] audit: type=1400 audit(819.530:139): avc: denied { ioctl } for pid=3372 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 831.460752][ T24] audit: type=1400 audit(830.630:140): avc: denied { read append } for pid=3529 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 831.608198][ T24] audit: type=1400 audit(830.700:141): avc: denied { open } for pid=3529 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 831.759301][ T24] audit: type=1400 audit(830.930:142): avc: denied { ioctl } for pid=3529 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 833.706690][ T24] audit: type=1400 audit(832.840:143): avc: denied { write } for pid=3529 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 847.451069][ T24] audit: type=1400 audit(846.520:144): avc: denied { execute } for pid=3537 comm="syz.1.3" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4088 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 880.166302][ T24] audit: type=1400 audit(879.320:145): avc: denied { setattr } for pid=3562 comm="syz.1.11" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 943.746808][ T24] audit: type=1400 audit(942.910:146): avc: denied { create } for pid=3598 comm="syz.1.23" anonclass=[kvm-gmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 1030.539583][ T3657] kvm [3657]: Failed to find VMA for hva 0x20c79000 [ 1073.733789][ T24] audit: type=1400 audit(1072.810:147): avc: denied { write } for pid=3673 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1083.223964][ T24] audit: type=1400 audit(1082.370:148): avc: denied { write } for pid=3684 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1160.466566][ T3711] kvm [3711]: Failed to find VMA for hva 0x21016000 [ 1164.997045][ T24] audit: type=1400 audit(1164.090:149): avc: denied { ioctl } for pid=3713 comm="syz.0.59" path="net:[4026532632]" dev="nsfs" ino=4026532632 ioctlcmd=0xb709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 1457.427546][ T3844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1457.640350][ T3844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1475.518670][ T3853] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1475.798735][ T3853] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1481.181847][ T3844] hsr_slave_0: entered promiscuous mode [ 1481.329945][ T3844] hsr_slave_1: entered promiscuous mode [ 1481.444541][ T3844] debugfs: 'hsr0' already exists in 'hsr' [ 1481.456887][ T3844] Cannot create hsr debugfs directory [ 1503.730349][ T3844] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1504.218114][ T3844] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1504.368062][ T3844] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1504.875926][ T3844] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1505.034084][ T3844] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1505.487218][ T3844] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1505.686167][ T3844] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1505.975161][ T3844] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1513.469777][ T3474] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1514.218790][ T3853] hsr_slave_0: entered promiscuous mode [ 1514.278793][ T3853] hsr_slave_1: entered promiscuous mode [ 1514.308605][ T3853] debugfs: 'hsr0' already exists in 'hsr' [ 1514.311603][ T3853] Cannot create hsr debugfs directory [ 1514.678201][ T3474] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1516.348538][ T3474] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1517.436935][ T3474] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1530.338708][ T3474] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1530.442271][ T3474] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1530.532283][ T3474] bond0 (unregistering): Released all slaves [ 1532.110575][ T3474] hsr_slave_0: left promiscuous mode [ 1532.165726][ T3474] hsr_slave_1: left promiscuous mode [ 1532.507233][ T3474] veth1_macvtap: left promiscuous mode [ 1532.524414][ T3474] veth0_macvtap: left promiscuous mode [ 1532.534904][ T3474] veth1_vlan: left promiscuous mode [ 1532.541533][ T3474] veth0_vlan: left promiscuous mode [ 1555.375629][ T3474] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1556.411509][ T3474] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1557.720523][ T3474] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1558.871871][ T3474] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1561.074567][ T3853] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1561.331629][ T3853] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1561.686074][ T3853] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1561.998446][ T3853] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1562.052244][ T3853] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1562.290058][ T24] audit: type=1400 audit(1561.460:150): avc: denied { write } for pid=3931 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1562.319808][ T3853] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1562.381962][ T3853] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1562.665134][ T3853] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1564.748471][ T3844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1568.765404][ T24] audit: type=1400 audit(1567.920:151): avc: denied { write } for pid=3943 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1573.882388][ T3474] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1573.981298][ T3474] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1574.071908][ T3474] bond0 (unregistering): Released all slaves [ 1574.801781][ T3206] 8021q: adding VLAN 0 to HW filter on device eth1 [ 1575.549917][ T3474] hsr_slave_0: left promiscuous mode [ 1575.666137][ T3474] hsr_slave_1: left promiscuous mode [ 1576.076610][ T3474] veth1_macvtap: left promiscuous mode [ 1576.093881][ T3474] veth0_macvtap: left promiscuous mode [ 1576.100814][ T3474] veth1_vlan: left promiscuous mode [ 1576.109269][ T3474] veth0_vlan: left promiscuous mode [ 1601.485498][ T24] audit: type=1400 audit(1600.650:152): avc: denied { write } for pid=3957 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1608.965213][ T24] audit: type=1400 audit(1608.080:153): avc: denied { write } for pid=3964 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1613.970457][ T3853] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1614.389527][ T3206] 8021q: adding VLAN 0 to HW filter on device eth2 [ 1621.518693][ T24] audit: type=1400 audit(1620.670:154): avc: denied { write } for pid=3968 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1628.170273][ T24] audit: type=1400 audit(1627.340:155): avc: denied { write } for pid=3977 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1644.841088][ T24] audit: type=1400 audit(1644.010:156): avc: denied { write } for pid=3991 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1650.670517][ T24] audit: type=1400 audit(1649.830:157): avc: denied { write } for pid=4000 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1654.760587][ T3206] 8021q: adding VLAN 0 to HW filter on device eth3 [ 1668.406158][ T24] audit: type=1400 audit(1667.570:158): avc: denied { write } for pid=4017 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1676.406434][ T24] audit: type=1400 audit(1675.520:159): avc: denied { write } for pid=4026 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1676.572371][ T3844] veth0_vlan: entered promiscuous mode [ 1677.656561][ T3844] veth1_vlan: entered promiscuous mode [ 1680.785434][ T3844] veth0_macvtap: entered promiscuous mode [ 1681.816006][ T3844] veth1_macvtap: entered promiscuous mode [ 1682.599351][ T3206] 8021q: adding VLAN 0 to HW filter on device eth4 [ 1685.827438][ T3464] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1685.856713][ T3464] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1685.969632][ T3464] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1685.982063][ T3464] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1698.238366][ T24] audit: type=1400 audit(1697.400:160): avc: denied { write } for pid=4037 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1704.360426][ T3853] veth0_vlan: entered promiscuous mode [ 1705.527000][ T3853] veth1_vlan: entered promiscuous mode [ 1706.511920][ T24] audit: type=1400 audit(1705.660:161): avc: denied { write } for pid=4047 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1708.596245][ T3853] veth0_macvtap: entered promiscuous mode [ 1709.289619][ T3853] veth1_macvtap: entered promiscuous mode [ 1712.759690][ T3278] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1712.776394][ T3278] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1712.784162][ T3278] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1712.800758][ T3278] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1713.710847][ T3206] 8021q: adding VLAN 0 to HW filter on device eth5 [ 1735.263510][ T24] audit: type=1400 audit(1734.390:162): avc: denied { write } for pid=4062 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1746.495106][ T24] audit: type=1400 audit(1745.540:163): avc: denied { write } for pid=4073 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1753.991160][ T3206] 8021q: adding VLAN 0 to HW filter on device eth6 [ 1773.096381][ T24] audit: type=1400 audit(1772.240:164): avc: denied { write } for pid=4091 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1782.788317][ T24] audit: type=1400 audit(1781.880:165): avc: denied { write } for pid=4097 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1790.375172][ T3206] 8021q: adding VLAN 0 to HW filter on device eth7 [ 1818.208440][ T24] audit: type=1400 audit(1817.370:166): avc: denied { write } for pid=4114 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1827.828466][ T24] audit: type=1400 audit(1827.000:167): avc: denied { write } for pid=4124 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1834.446270][ T3206] 8021q: adding VLAN 0 to HW filter on device eth8 [ 1886.754756][ T24] audit: type=1400 audit(1885.860:168): avc: denied { write } for pid=4162 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1895.264513][ T24] audit: type=1400 audit(1894.430:169): avc: denied { write } for pid=4173 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1928.254400][ T24] audit: type=1400 audit(1927.290:170): avc: denied { write } for pid=4194 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1939.774298][ T24] audit: type=1400 audit(1938.900:171): avc: denied { write } for pid=4199 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1960.676531][ T24] audit: type=1400 audit(1959.790:172): avc: denied { write } for pid=4212 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1970.734184][ T24] audit: type=1400 audit(1969.900:173): avc: denied { write } for pid=4221 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1984.645506][ T24] audit: type=1400 audit(1983.700:174): avc: denied { write } for pid=4224 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1995.904355][ T24] audit: type=1400 audit(1995.060:175): avc: denied { write } for pid=4233 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2016.206529][ T24] audit: type=1400 audit(2015.280:176): avc: denied { write } for pid=4246 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2026.508835][ T24] audit: type=1400 audit(2025.680:177): avc: denied { write } for pid=4254 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2041.295266][ T24] audit: type=1400 audit(2040.410:178): avc: denied { write } for pid=4257 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2047.509639][ T24] audit: type=1400 audit(2046.680:179): avc: denied { write } for pid=4260 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2065.116151][ T24] audit: type=1400 audit(2064.260:180): avc: denied { write } for pid=4265 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2075.655718][ T24] audit: type=1400 audit(2074.770:181): avc: denied { write } for pid=4276 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2077.329426][ T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2079.640484][ T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2081.554694][ T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2083.837986][ T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2111.392402][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2111.749784][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2111.936389][ T12] bond0 (unregistering): Released all slaves [ 2113.812257][ T12] hsr_slave_0: left promiscuous mode [ 2113.974591][ T12] hsr_slave_1: left promiscuous mode [ 2114.546221][ T12] veth1_macvtap: left promiscuous mode [ 2114.555618][ T12] veth0_macvtap: left promiscuous mode [ 2114.585479][ T12] veth1_vlan: left promiscuous mode [ 2114.589086][ T12] veth0_vlan: left promiscuous mode [ 2163.025433][ T24] audit: type=1400 audit(2162.190:182): avc: denied { write } for pid=4316 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2169.893801][ T24] audit: type=1400 audit(2169.040:183): avc: denied { write } for pid=4323 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2174.325695][ T3206] 8021q: adding VLAN 0 to HW filter on device eth10 [ 2193.975354][ T24] audit: type=1400 audit(2193.130:184): avc: denied { write } for pid=4337 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2195.080805][ T3474] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2195.755620][ T4269] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2196.199174][ T3474] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2196.851494][ T4269] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2198.218122][ T3474] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2200.128102][ T3474] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2201.155646][ T24] audit: type=1400 audit(2200.300:185): avc: denied { write } for pid=4345 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2217.295922][ T3474] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2217.460030][ T3474] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2217.579687][ T3474] bond0 (unregistering): Released all slaves [ 2218.119341][ T3206] 8021q: adding VLAN 0 to HW filter on device eth9 [ 2220.256991][ T3474] hsr_slave_0: left promiscuous mode [ 2220.586007][ T3474] hsr_slave_1: left promiscuous mode [ 2221.278540][ T3474] veth1_macvtap: left promiscuous mode [ 2221.296029][ T3474] veth0_macvtap: left promiscuous mode [ 2221.334478][ T3474] veth1_vlan: left promiscuous mode [ 2221.335922][ T3474] veth0_vlan: left promiscuous mode [ 2241.821704][ T24] audit: type=1400 audit(2240.990:186): avc: denied { write } for pid=4361 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2247.492374][ T24] audit: type=1400 audit(2246.660:187): avc: denied { write } for pid=4368 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2251.521806][ T4269] hsr_slave_0: entered promiscuous mode [ 2251.609078][ T4269] hsr_slave_1: entered promiscuous mode [ 2262.328093][ T24] audit: type=1400 audit(2261.490:188): avc: denied { write } for pid=4380 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2269.306449][ T4269] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 2269.638025][ T4269] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 2269.701657][ T4269] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 2269.761702][ T24] audit: type=1400 audit(2268.920:189): avc: denied { write } for pid=4388 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2270.101250][ T4269] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 2270.326346][ T4269] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 2270.728785][ T4269] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 2270.801874][ T4269] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 2271.210576][ T4269] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 2276.351318][ T3206] 8021q: adding VLAN 0 to HW filter on device eth11 [ 2281.836847][ T4338] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2282.195271][ T4338] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2291.489892][ T24] audit: type=1400 audit(2290.660:190): avc: denied { write } for pid=4407 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2297.669481][ T24] audit: type=1400 audit(2296.840:191): avc: denied { write } for pid=4415 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2298.678819][ T4269] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2302.840646][ T3206] 8021q: adding VLAN 0 to HW filter on device eth12 [ 2308.844828][ T24] audit: type=1400 audit(2308.010:192): avc: denied { write } for pid=4422 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2311.300447][ T4338] hsr_slave_0: entered promiscuous mode [ 2311.371287][ T4338] hsr_slave_1: entered promiscuous mode [ 2311.475746][ T4338] debugfs: 'hsr0' already exists in 'hsr' [ 2311.479800][ T4338] Cannot create hsr debugfs directory [ 2314.948318][ T24] audit: type=1400 audit(2314.100:193): avc: denied { write } for pid=4429 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2329.669353][ T4338] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 2330.097735][ T4338] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 2330.200713][ T4338] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 2330.644553][ T4338] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 2330.757306][ T4338] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 2331.159649][ T4338] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 2331.300991][ T4338] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 2331.722228][ T4338] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 2340.300477][ T24] audit: type=1400 audit(2339.470:194): avc: denied { write } for pid=4439 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2349.985633][ T24] audit: type=1400 audit(2349.040:195): avc: denied { write } for pid=4455 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2355.281486][ T3206] 8021q: adding VLAN 0 to HW filter on device eth13 [ 2361.336196][ T4338] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2372.211315][ T24] audit: type=1400 audit(2371.360:196): avc: denied { write } for pid=4469 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2379.693890][ T24] audit: type=1400 audit(2378.860:197): avc: denied { write } for pid=4479 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2386.869792][ T3206] 8021q: adding VLAN 0 to HW filter on device eth14 [ 2408.745986][ T24] audit: type=1400 audit(2407.880:198): avc: denied { write } for pid=4495 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2418.415071][ T24] audit: type=1400 audit(2417.550:199): avc: denied { write } for pid=4504 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2423.580534][ T3206] 8021q: adding VLAN 0 to HW filter on device eth15 [ 2432.871780][ T4269] veth0_vlan: entered promiscuous mode [ 2434.087585][ T4269] veth1_vlan: entered promiscuous mode [ 2437.422379][ T4269] veth0_macvtap: entered promiscuous mode [ 2438.027655][ T4269] veth1_macvtap: entered promiscuous mode [ 2441.351854][ T24] audit: type=1400 audit(2440.520:200): avc: denied { write } for pid=4519 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2441.719009][ T3855] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2441.739459][ T3855] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2441.929134][ T3855] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2441.934774][ T3855] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2452.614110][ T24] audit: type=1400 audit(2451.750:201): avc: denied { write } for pid=4527 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2461.316464][ T3206] 8021q: adding VLAN 0 to HW filter on device eth16 [ 2507.419330][ T4338] veth0_vlan: entered promiscuous mode [ 2509.268668][ T4338] veth1_vlan: entered promiscuous mode [ 2513.860695][ T4338] veth0_macvtap: entered promiscuous mode [ 2514.755371][ T4338] veth1_macvtap: entered promiscuous mode [ 2519.674299][ T4486] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2519.679203][ T4486] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2519.711586][ T4486] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2519.847625][ T4486] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2525.540032][ T24] audit: type=1400 audit(2524.700:202): avc: denied { write } for pid=4564 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2538.965222][ T24] audit: type=1400 audit(2538.000:203): avc: denied { write } for pid=4573 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2565.317556][ T24] audit: type=1400 audit(2564.490:204): avc: denied { write } for pid=4582 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2579.423683][ T24] audit: type=1400 audit(2578.570:205): avc: denied { write } for pid=4592 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2603.245630][ T24] audit: type=1400 audit(2602.400:206): avc: denied { write } for pid=4601 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2615.347844][ T24] audit: type=1400 audit(2614.500:207): avc: denied { write } for pid=4612 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2653.107201][ T24] audit: type=1400 audit(2652.260:208): avc: denied { write } for pid=4629 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2666.597971][ T24] audit: type=1400 audit(2665.740:209): avc: denied { write } for pid=4636 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2687.789126][ T24] audit: type=1400 audit(2686.820:210): avc: denied { map } for pid=4647 comm="syz.4.162" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 2687.809099][ T24] audit: type=1400 audit(2686.960:211): avc: denied { execute } for pid=4647 comm="syz.4.162" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 2700.310562][ T24] audit: type=1400 audit(2699.470:212): avc: denied { write } for pid=4650 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2714.237738][ T24] audit: type=1400 audit(2713.390:213): avc: denied { write } for pid=4662 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2767.325045][ T24] audit: type=1400 audit(2766.420:214): avc: denied { write } for pid=4689 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2780.965403][ T24] audit: type=1400 audit(2780.130:215): avc: denied { write } for pid=4701 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2786.974671][ T24] audit: type=1400 audit(2786.080:216): avc: denied { map } for pid=4703 comm="syz.4.172" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=17179 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 2787.043622][ T24] audit: type=1400 audit(2786.180:217): avc: denied { read } for pid=4703 comm="syz.4.172" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=17179 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 2812.538565][ T24] audit: type=1400 audit(2811.680:218): avc: denied { write } for pid=4714 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2826.284201][ T24] audit: type=1400 audit(2825.450:219): avc: denied { write } for pid=4723 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2852.877917][ T24] audit: type=1400 audit(2852.040:220): avc: denied { write } for pid=4734 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2864.564376][ T24] audit: type=1400 audit(2863.730:221): avc: denied { write } for pid=4747 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2883.377545][ T24] audit: type=1400 audit(2882.510:222): avc: denied { write } for pid=4752 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2890.653881][ T24] audit: type=1400 audit(2889.820:223): avc: denied { write } for pid=4755 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2902.404114][ T24] audit: type=1400 audit(2901.550:224): avc: denied { write } for pid=4758 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2912.399793][ T24] audit: type=1400 audit(2911.540:225): avc: denied { write } for pid=4763 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2931.018036][ T3278] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2935.204401][ T3278] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2936.810879][ T3278] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2939.290450][ T3278] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2961.574920][ T3278] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2961.775395][ T3278] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2961.860937][ T3278] bond0 (unregistering): Released all slaves [ 2963.378801][ T3278] hsr_slave_0: left promiscuous mode [ 2963.825189][ T3278] hsr_slave_1: left promiscuous mode [ 2964.745730][ T3278] veth1_macvtap: left promiscuous mode [ 2964.746896][ T3278] veth0_macvtap: left promiscuous mode [ 2964.761718][ T3278] veth1_vlan: left promiscuous mode [ 2964.804803][ T3278] veth0_vlan: left promiscuous mode [ 2995.426563][ T3918] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2997.199725][ T3918] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2998.740912][ T3918] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3000.689921][ T3918] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3004.286987][ T24] audit: type=1400 audit(3003.410:226): avc: denied { write } for pid=4796 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3013.859250][ T24] audit: type=1400 audit(3012.970:227): avc: denied { write } for pid=4803 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3023.114775][ T3918] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3023.410373][ T3918] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3023.587548][ T3918] bond0 (unregistering): Released all slaves [ 3024.826805][ T3206] 8021q: adding VLAN 0 to HW filter on device eth17 [ 3025.593550][ T3918] hsr_slave_0: left promiscuous mode [ 3025.713422][ T3918] hsr_slave_1: left promiscuous mode [ 3026.308424][ T3918] veth1_macvtap: left promiscuous mode [ 3026.315799][ T3918] veth0_macvtap: left promiscuous mode [ 3026.319777][ T3918] veth1_vlan: left promiscuous mode [ 3026.379789][ T3918] veth0_vlan: left promiscuous mode [ 3060.408852][ T24] audit: type=1400 audit(3059.570:228): avc: denied { write } for pid=4818 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3068.596718][ T24] audit: type=1400 audit(3067.750:229): avc: denied { write } for pid=4830 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3073.009392][ T3206] 8021q: adding VLAN 0 to HW filter on device eth18 [ 3073.360098][ T4767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3073.726635][ T4767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3079.341648][ T4772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3079.629867][ T4772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3088.569767][ T24] audit: type=1400 audit(3087.730:230): avc: denied { write } for pid=4844 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3095.474530][ T24] audit: type=1400 audit(3094.600:231): avc: denied { write } for pid=4853 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3100.250517][ T3206] 8021q: adding VLAN 0 to HW filter on device eth19 [ 3102.800379][ T4767] hsr_slave_0: entered promiscuous mode [ 3102.873676][ T4767] hsr_slave_1: entered promiscuous mode [ 3108.061802][ T4772] hsr_slave_0: entered promiscuous mode [ 3108.157141][ T4772] hsr_slave_1: entered promiscuous mode [ 3108.194785][ T4772] debugfs: 'hsr0' already exists in 'hsr' [ 3108.197834][ T4772] Cannot create hsr debugfs directory [ 3118.587358][ T24] audit: type=1400 audit(3117.720:232): avc: denied { write } for pid=4865 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3126.754034][ T24] audit: type=1400 audit(3125.900:233): avc: denied { write } for pid=4868 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3130.979028][ T3206] 8021q: adding VLAN 0 to HW filter on device eth20 [ 3131.558483][ T4767] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 3131.918702][ T4767] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 3132.030710][ T4767] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 3132.316938][ T4767] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 3132.601468][ T4767] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 3133.055979][ T4767] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 3133.388343][ T4767] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 3133.865161][ T4767] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 3139.217523][ T4772] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 3139.779582][ T4772] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 3140.025461][ T4772] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 3140.468054][ T4772] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 3140.570617][ T4772] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 3140.937471][ T4772] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 3141.067451][ T4772] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 3141.538367][ T4772] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 3151.673871][ T24] audit: type=1400 audit(3150.840:234): avc: denied { write } for pid=4889 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3160.353891][ T24] audit: type=1400 audit(3159.500:235): avc: denied { write } for pid=4900 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3167.090383][ T3206] 8021q: adding VLAN 0 to HW filter on device eth21 [ 3171.232310][ T4767] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3177.608926][ T4772] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3202.400771][ T24] audit: type=1400 audit(3201.570:236): avc: denied { write } for pid=4916 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3213.753918][ T24] audit: type=1400 audit(3212.890:237): avc: denied { write } for pid=4924 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3220.736096][ T3206] 8021q: adding VLAN 0 to HW filter on device eth22 [ 3247.005847][ T24] audit: type=1400 audit(3246.170:238): avc: denied { write } for pid=4941 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3258.164316][ T24] audit: type=1400 audit(3257.320:239): avc: denied { write } for pid=4951 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3265.562136][ T3206] 8021q: adding VLAN 0 to HW filter on device eth23 [ 3292.034782][ T24] audit: type=1400 audit(3291.180:240): avc: denied { write } for pid=4970 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3303.443691][ T24] audit: type=1400 audit(3302.590:241): avc: denied { write } for pid=4981 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3311.608820][ T3206] 8021q: adding VLAN 0 to HW filter on device eth24 [ 3330.006057][ T24] audit: type=1400 audit(3329.160:242): avc: denied { write } for pid=4994 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3333.299174][ T4767] veth0_vlan: entered promiscuous mode [ 3334.845598][ T4767] veth1_vlan: entered promiscuous mode [ 3340.457076][ T4767] veth0_macvtap: entered promiscuous mode [ 3340.786505][ T4772] veth0_vlan: entered promiscuous mode [ 3340.879854][ T24] audit: type=1400 audit(3340.020:243): avc: denied { write } for pid=5002 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3341.997151][ T4767] veth1_macvtap: entered promiscuous mode [ 3343.001826][ T4772] veth1_vlan: entered promiscuous mode [ 3349.755402][ T3929] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3349.795699][ T4770] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3349.821826][ T4486] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3349.850148][ T4486] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3350.260901][ T4772] veth0_macvtap: entered promiscuous mode [ 3352.108396][ T4772] veth1_macvtap: entered promiscuous mode [ 3360.285165][ T3929] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3360.306664][ T3929] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3360.328262][ T24] audit: type=1400 audit(3359.500:244): avc: denied { unmount } for pid=4767 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 3360.516924][ T3929] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3360.540343][ T3929] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3370.534642][ T24] audit: type=1400 audit(3369.680:245): avc: denied { write } for pid=5008 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3386.749233][ T24] audit: type=1400 audit(3385.870:246): avc: denied { write } for pid=5018 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3445.837029][ T24] audit: type=1400 audit(3444.990:247): avc: denied { write } for pid=5042 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3460.747071][ T24] audit: type=1400 audit(3459.880:248): avc: denied { write } for pid=5051 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3505.115849][ T24] audit: type=1400 audit(3504.250:249): avc: denied { write } for pid=5062 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3516.816505][ T24] audit: type=1400 audit(3515.960:250): avc: denied { write } for pid=5066 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3527.177296][ T3855] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3530.071162][ T3855] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3532.846538][ T3855] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3535.170664][ T3855] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3542.515282][ T24] audit: type=1400 audit(3541.640:251): avc: denied { write } for pid=5074 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3556.221638][ T24] audit: type=1400 audit(3555.390:252): avc: denied { write } for pid=5088 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3566.730069][ T3855] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3568.041685][ T3855] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3568.646479][ T3855] bond0 (unregistering): Released all slaves [ 3571.969346][ T3855] hsr_slave_0: left promiscuous mode [ 3572.125633][ T3855] hsr_slave_1: left promiscuous mode [ 3572.914551][ T3855] veth1_macvtap: left promiscuous mode [ 3572.915662][ T3855] veth0_macvtap: left promiscuous mode [ 3572.928700][ T3855] veth1_vlan: left promiscuous mode [ 3572.951889][ T3855] veth0_vlan: left promiscuous mode [ 3614.441676][ T4011] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3616.035600][ T4011] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3617.487369][ T4011] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3619.322388][ T4011] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3625.344559][ T24] audit: type=1400 audit(3624.510:253): avc: denied { write } for pid=5103 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3635.030613][ T24] audit: type=1400 audit(3634.190:254): avc: denied { write } for pid=5111 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3645.087979][ T4011] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3645.377586][ T4011] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3645.620193][ T4011] bond0 (unregistering): Released all slaves [ 3646.929400][ T3206] 8021q: adding VLAN 0 to HW filter on device eth25 [ 3648.116987][ T4011] hsr_slave_0: left promiscuous mode [ 3648.252469][ T4011] hsr_slave_1: left promiscuous mode [ 3648.959868][ T4011] veth1_macvtap: left promiscuous mode [ 3648.968537][ T4011] veth0_macvtap: left promiscuous mode [ 3648.994600][ T4011] veth1_vlan: left promiscuous mode [ 3649.011062][ T4011] veth0_vlan: left promiscuous mode [ 3686.959221][ T24] audit: type=1400 audit(3686.050:255): avc: denied { write } for pid=5121 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3694.748850][ T24] audit: type=1400 audit(3693.820:256): avc: denied { write } for pid=5131 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3708.909548][ T5067] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3709.408474][ T5067] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3716.736568][ T5070] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3717.205948][ T5070] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3722.337887][ T24] audit: type=1400 audit(3721.500:257): avc: denied { write } for pid=5148 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3731.806712][ T24] audit: type=1400 audit(3730.940:258): avc: denied { write } for pid=5156 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3738.221451][ T3206] 8021q: adding VLAN 0 to HW filter on device eth26 [ 3749.145884][ T5067] hsr_slave_0: entered promiscuous mode [ 3749.284596][ T5067] hsr_slave_1: entered promiscuous mode [ 3749.309701][ T24] audit: type=1400 audit(3748.470:259): avc: denied { write } for pid=5165 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3755.858552][ T5070] hsr_slave_0: entered promiscuous mode [ 3755.979222][ T5070] hsr_slave_1: entered promiscuous mode [ 3756.020898][ T5070] debugfs: 'hsr0' already exists in 'hsr' [ 3756.044564][ T5070] Cannot create hsr debugfs directory [ 3756.874355][ T24] audit: type=1400 audit(3756.040:260): avc: denied { write } for pid=5172 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3777.350858][ T5067] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 3778.270522][ T5067] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 3778.482226][ T5067] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 3779.098820][ T5067] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 3779.359872][ T5067] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 3780.080075][ T5067] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 3780.565648][ T5067] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 3781.302306][ T5067] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 3789.957878][ T5070] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 3790.536780][ T5070] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 3790.594998][ T24] audit: type=1400 audit(3789.730:261): avc: denied { write } for pid=5180 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3790.789210][ T5070] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 3791.407512][ T5070] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 3791.609777][ T5070] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 3792.089317][ T5070] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 3792.336960][ T5070] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 3792.902127][ T5070] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 3804.397752][ T24] audit: type=1400 audit(3803.540:262): avc: denied { write } for pid=5200 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3811.630760][ T3206] 8021q: adding VLAN 0 to HW filter on device eth27 [ 3824.555450][ T5067] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3833.649921][ T5070] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3850.324316][ T24] audit: type=1400 audit(3849.410:263): avc: denied { write } for pid=5217 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3863.948217][ T24] audit: type=1400 audit(3863.080:264): avc: denied { write } for pid=5228 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3873.859840][ T3206] 8021q: adding VLAN 0 to HW filter on device eth28 [ 3904.547055][ T24] audit: type=1400 audit(3903.600:265): avc: denied { write } for pid=5244 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3917.193875][ T24] audit: type=1400 audit(3916.330:266): avc: denied { write } for pid=5255 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3926.037314][ T3206] 8021q: adding VLAN 0 to HW filter on device eth29 [ 3944.939685][ T24] audit: type=1400 audit(3944.090:267): avc: denied { write } for pid=5266 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3957.443863][ T24] audit: type=1400 audit(3956.590:268): avc: denied { write } for pid=5278 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3994.856465][ T24] audit: type=1400 audit(3993.930:269): avc: denied { write } for pid=5293 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4006.445319][ T24] audit: type=1400 audit(4005.570:270): avc: denied { write } for pid=5303 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4012.173434][ T5067] veth0_vlan: entered promiscuous mode [ 4013.608722][ T5067] veth1_vlan: entered promiscuous mode [ 4015.767639][ T3206] 8021q: adding VLAN 0 to HW filter on device eth30 [ 4020.370437][ T5067] veth0_macvtap: entered promiscuous mode [ 4022.209341][ T5067] veth1_macvtap: entered promiscuous mode [ 4023.915671][ T5070] veth0_vlan: entered promiscuous mode [ 4027.081954][ T5070] veth1_vlan: entered promiscuous mode [ 4031.535043][ T4989] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 4031.537720][ T4989] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 4031.841826][ T4989] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 4031.936430][ T5230] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 4037.049720][ T5070] veth0_macvtap: entered promiscuous mode [ 4038.870103][ T5070] veth1_macvtap: entered promiscuous mode [ 4047.234573][ T3474] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 4047.239516][ T3474] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 4047.314571][ T4011] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 4047.331570][ T4011] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 4065.279617][ T24] audit: type=1400 audit(4064.430:271): avc: denied { write } for pid=5313 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4082.984894][ T24] audit: type=1400 audit(4082.120:272): avc: denied { write } for pid=5325 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4095.470507][ T3206] 8021q: adding VLAN 0 to HW filter on device eth31 [ 4114.835364][ T24] audit: type=1400 audit(4113.980:273): avc: denied { write } for pid=5332 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4133.326184][ T24] audit: type=1400 audit(4132.370:274): avc: denied { write } for pid=5343 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4199.360567][ T24] audit: type=1400 audit(4198.520:275): avc: denied { write } for pid=5369 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4216.954358][ T24] audit: type=1400 audit(4216.080:276): avc: denied { write } for pid=5381 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4229.037817][ T3206] 8021q: adding VLAN 0 to HW filter on device eth32 [ 4254.880593][ T24] audit: type=1400 audit(4254.020:277): avc: denied { write } for pid=5391 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4273.466526][ T24] audit: type=1400 audit(4272.600:278): avc: denied { write } for pid=5403 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4304.177891][ T24] audit: type=1400 audit(4303.210:279): avc: denied { write } for pid=5410 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4321.546052][ T24] audit: type=1400 audit(4320.690:280): avc: denied { write } for pid=5423 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4418.830872][ T24] audit: type=1400 audit(4417.960:281): avc: denied { write } for pid=5447 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4433.682168][ T24] audit: type=1400 audit(4432.820:282): avc: denied { write } for pid=5461 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4471.729571][ T24] audit: type=1400 audit(4470.900:283): avc: denied { write } for pid=5473 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4486.124944][ T24] audit: type=1400 audit(4485.270:284): avc: denied { write } for pid=5477 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4546.635073][ T24] audit: type=1400 audit(4545.770:285): avc: denied { write } for pid=5500 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4562.926854][ T24] audit: type=1400 audit(4562.060:286): avc: denied { write } for pid=5510 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4570.770004][ T5449] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4571.507753][ T5446] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4572.288108][ T5449] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4576.846567][ T5446] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4597.309232][ T24] audit: type=1400 audit(4596.350:287): avc: denied { write } for pid=5518 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4612.124438][ T24] audit: type=1400 audit(4611.280:288): avc: denied { write } for pid=5527 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4640.802199][ T5449] hsr_slave_0: entered promiscuous mode [ 4641.012250][ T5449] hsr_slave_1: entered promiscuous mode [ 4641.188930][ T5449] debugfs: 'hsr0' already exists in 'hsr' [ 4641.244592][ T5449] Cannot create hsr debugfs directory [ 4649.439214][ T5446] hsr_slave_0: entered promiscuous mode [ 4649.641459][ T5446] hsr_slave_1: entered promiscuous mode [ 4649.848616][ T5446] debugfs: 'hsr0' already exists in 'hsr' [ 4649.896304][ T5446] Cannot create hsr debugfs directory [ 4681.026643][ T24] audit: type=1400 audit(4680.190:289): avc: denied { write } for pid=5544 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4697.696361][ T24] audit: type=1400 audit(4696.770:290): avc: denied { write } for pid=5549 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4729.445377][ T5449] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 4730.590497][ T5449] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 4731.156394][ T5449] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 4732.075028][ T5449] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 4732.452151][ T5449] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 4733.437214][ T5449] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 4735.357110][ T5449] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 4736.022058][ T5449] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 4745.554701][ T24] audit: type=1400 audit(4744.690:291): avc: denied { write } for pid=5555 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4746.120494][ T5446] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 4746.816247][ T5446] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 4747.076761][ T5446] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 4747.825195][ T5446] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 4748.068145][ T5446] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 4748.768112][ T5446] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 4749.085592][ T5446] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 4749.541292][ T5446] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 4763.354736][ T24] audit: type=1400 audit(4762.500:292): avc: denied { write } for pid=5576 comm="rm" name="hook-state" dev="tmpfs" ino=94 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4776.385802][ T26] INFO: task syz.9.211:5425 blocked for more than 430 seconds. [ 4776.497040][ T26] Not tainted syzkaller #0 [ 4776.517664][ T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 4776.518362][ T26] task:syz.9.211 state:D stack:0 pid:5425 tgid:5425 ppid:5070 task_flags:0x400040 flags:0x00000011 [ 4776.519840][ T26] Call trace: [ 4776.520361][ T26] __switch_to+0x5e0/0xb70 (T) SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 4776.714625][ T26] __schedule+0x2554/0x3828 [ 4776.734298][ T26] schedule+0xac/0x278 [ 4776.763798][ T26] schedule_timeout+0x68/0x1ec [ 4776.764524][ T26] do_wait_for_common+0x270/0x428 [ 4776.764964][ T26] wait_for_completion+0x44/0x5c [ 4776.765412][ T26] __synchronize_srcu+0x1b4/0x1f4 [ 4776.765933][ T26] synchronize_srcu+0x668/0x8dc [ 4776.766506][ T26] mmu_notifier_unregister+0x320/0x428 [ 4776.767016][ T26] kvm_put_kvm+0x69c/0xbbc [ 4776.767461][ T26] kvm_vm_release+0x58/0x78 [ 4776.767910][ T26] __fput+0x4ac/0x978 [ 4776.768368][ T26] ____fput+0x20/0x30 [ 4776.768780][ T26] task_work_run+0x1b8/0x250 [ 4776.769248][ T26] exit_to_user_mode_loop+0x110/0x188 [ 4776.769708][ T26] el0_svc+0x184/0x238 [ 4776.770163][ T26] el0t_64_sync_handler+0x84/0x12c [ 4776.770652][ T26] el0t_64_sync+0x198/0x19c [ 4776.964455][ T26] [ 4776.964455][ T26] Showing all locks held in the system: [ 4776.974213][ T26] 1 lock held by khungtaskd/26: [ 4776.974788][ T26] #0: ffff800087db4518 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x0/0x44 [ 4776.977402][ T26] 2 locks held by getty/3234: [ 4776.977771][ T26] #0: fcf00000128b20a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c [ 4776.980080][ T26] #1: 7eff80008cb4b2e8 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x314/0x1214 [ 4776.981705][ T26] 2 locks held by syz-executor/3365: [ 4776.982027][ T26] 3 locks held by kworker/u4:5/3464: [ 4776.982376][ T26] 3 locks held by kworker/u4:3/3855: [ 4777.144794][ T26] #0: fff0000074d280e0 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x364/0x3828 [ 4777.147241][ T26] #1: fff0000074d13208 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x6c/0x6e8 [ 4777.148842][ T26] #2: fff0000074d14b58 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x5cc/0xe90 [ 4777.150516][ T26] 3 locks held by kworker/u4:4/3918: [ 4777.150832][ T26] 3 locks held by kworker/u4:10/4011: [ 4777.151181][ T26] 2 locks held by kworker/u4:6/4285: [ 4777.151477][ T26] #0: 23f000000d036540 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x804/0x1d5c [ 4777.296356][ T26] #1: ffff8000a96a7cb8 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x890/0x1d5c [ 4777.298042][ T26] 2 locks held by kworker/u4:11/4486: [ 4777.298410][ T26] #0: 23f000000d036540 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x804/0x1d5c [ 4777.300242][ T26] #1: ffff80008ea17cb8 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x890/0x1d5c [ 4777.301825][ T26] 3 locks held by kworker/u4:13/4989: [ 4777.302181][ T26] 3 locks held by kworker/u4:14/5077: [ 4777.427852][ T26] 3 locks held by kworker/u4:0/5230: [ 4777.434281][ T26] 2 locks held by syz.8.210/5424: [ 4777.434744][ T26] 2 locks held by kworker/u4:12/5453: [ 4777.435116][ T26] 3 locks held by kworker/u4:15/5515: [ 4777.435463][ T26] 1 lock held by modprobe/5582: [ 4777.435776][ T26] 1 lock held by dhcpcd-run-hook/5584: [ 4777.436235][ T26] [ 4777.436511][ T26] ============================================= [ 4777.436511][ T26] [ 4777.437512][ T26] Kernel panic - not syncing: hung_task: blocked tasks [ 4777.446913][ T26] CPU: 0 UID: 0 PID: 26 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT [ 4777.448507][ T26] Hardware name: linux,dummy-virt (DT) [ 4777.449477][ T26] Call trace: [ 4777.450321][ T26] show_stack+0x2c/0x3c (C) [ 4777.451408][ T26] __dump_stack+0x30/0x40 [ 4777.452425][ T26] dump_stack_lvl+0x30/0x12c [ 4777.453434][ T26] dump_stack+0x1c/0x28 [ 4777.454426][ T26] vpanic+0x4cc/0x844 [ 4777.455300][ T26] vpanic+0x0/0x844 [ 4777.456177][ T26] hung_task_panic+0x0/0x2c [ 4777.457210][ T26] kthread+0x4d4/0x51c [ 4777.458170][ T26] ret_from_fork+0x10/0x20 [ 4777.460153][ T26] Kernel Offset: disabled [ 4777.460987][ T26] CPU features: 0x00000000,0034600b,f7c647a1,057ffe1f [ 4777.462244][ T26] Memory Limit: none [ 4777.464575][ T26] Rebooting in 86400 seconds..