last executing test programs: 1h12m22.347683155s ago: executing program 1 (id=38): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x800, 0x0) munmap$KVM_VCPU(0x0, 0x1000000000) (async) r1 = mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000e, 0x24132, 0xffffffffffffffff, 0x0) (async) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x3) (async, rerun: 32) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000840)=[{0x0, 0x0, 0x248}], 0x1, 0x0, 0x0, 0x0) (async, rerun: 32) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) (async, rerun: 64) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) (async, rerun: 64) ioctl$KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, 0x0) (async, rerun: 32) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x19, 0x9b, 0xf, 0x0, 0x5, 0x8, 0x82, 0x42, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x100001, 0x12b, 0x0, 0x3, 0xa, 0x8, '\x00', 0x5, 0x80000008}) (rerun: 32) write$eventfd(r7, &(0x7f00000001c0)=0x3, 0x8e80) (async, rerun: 32) ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) (async, rerun: 32) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve_vls={0x606000000015ffff, &(0x7f0000000000)=0x1}) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000000)="caf9d6ac7953c5a4571996b36c0135c684c5c0d4fad93b80dd7cb2b66d542f6173f233a6e1606154cf719c2550e01ad56fce42d3686e6f9b00a64f3728849edd28e62dda6398ff0f", 0x0, 0x48) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 1h12m13.242394847s ago: executing program 1 (id=40): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) close(0x4) munmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000) (async) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000040)=@arm64={0x4, 0x2, 0xb, '\x00', 0x4}) 1h12m7.720882577s ago: executing program 1 (id=41): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, &(0x7f0000000000)={0x5}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_ARM_VCPU_FINALIZE(r4, 0x4004aec2, &(0x7f0000000100)=0x4) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0xb, 0x23ac5f9b426ec4b2, 0xffffffffffffffff, 0x0) ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000040)={0x2517, 0x0, &(0x7f0000ffc000/0x4000)=nil}) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x3, 0x10000000004}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000005}}], 0x50}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r6, 0xae80, 0x0) 1h12m7.525103551s ago: executing program 0 (id=42): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x83, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x16) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f00000000c0)=@arm64_ccsidr={0x6020000000110005, &(0x7f0000000140)=0x91}) openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2e) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) r6 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r5, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x25) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0xfffffffffffffffe) syz_kvm_setup_cpu$arm64(r9, r10, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000380)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r10, 0x4010aeab, &(0x7f0000000140)=@arm64_ccsidr={0x6020000000110808, 0x0}) r11 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f00000000c0)={0x7, 0xffffffffffffffff, 0x2c22f29037ae3d80}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x8, 0x3, &(0x7f0000000000)=0x400000000}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000100)=0x8010000000000001}) close(0x4) close(0x5) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f00000000c0)={0x7, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000100)=0x8010000000000001}) 1h11m58.105193702s ago: executing program 0 (id=43): mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x5, 0x4f832, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) (async, rerun: 32) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (rerun: 32) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@msr={0x14, 0x20, {0x603000000013c65e, 0x5}}], 0x20}, 0x0, 0x0) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r1, 0x2, 0x100) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x9000000) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) r4 = eventfd2(0x5, 0x800) write$eventfd(r4, &(0x7f0000000000)=0xffffffffffffffff, 0x8) (async) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) (async, rerun: 32) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) (rerun: 32) munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4360ae82, &(0x7f0000000040)={[0x0, 0x766f, 0xfcaf, 0x5, 0x5, 0x4, 0x8601, 0xba33, 0x6, 0x5, 0x3, 0x62, 0x55, 0x8, 0x1ff, 0x3], 0x80a0000, 0x80000}) (async) mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000011000/0xc00000)=nil, 0xc00000) 1h11m56.574852445s ago: executing program 1 (id=44): openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f0000000780)=[@smc={0x1e, 0x40, {0x86000001, [0x0, 0x7fffffff, 0x9, 0x7fffffff, 0x5]}}, @code={0xa, 0x9c, {"007008d5802e93d20080b0f2810080d2420080d2630080d2640180d2020000d40058202e0000005e000860f8e02b91d20080b8f2210080d2e20180d2430080d2040180d2020000d40000600d000028d5c0ac89d20020b0f2a10180d2820180d2a30180d2e40180d2020000d4400d8bd20040b0f2210080d2c20080d2230180d2640180d2020000d4"}}, @smc={0x1e, 0x40, {0xc4000010, [0x36, 0x2, 0x6, 0x5, 0x7]}}, @svc={0x122, 0x40, {0x8600ff01, [0x81, 0x1, 0x2, 0x400, 0x7f]}}], 0x15c}, 0x0, 0x0) r7 = eventfd2(0x0, 0x0) write$eventfd(r7, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) (async) r11 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r12, 0x3, 0x11, r10, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r13, 0xae03, 0x15) mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r12, 0x3, 0x11, r11, 0x0) (async) mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r12, 0x3, 0x11, r11, 0x0) 1h11m52.17186094s ago: executing program 0 (id=45): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x16, 0x4, 0x1}}) r5 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000e76000/0x2000)=nil, 0x930, 0x280000a, 0x10, r7, 0x0) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r7, 0x4018aee3, &(0x7f0000000140)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000100)=0x10}) r8 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r4, r8, &(0x7f0000b74000/0x400000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000240)}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000200)=@riscv64_v={0x803000000900001e, &(0x7f0000000080)=0x3}) ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4040aea0, &(0x7f0000000180)=@arm64={0x11, 0x2, 0xd0, '\x00', 0x10}) 1h11m45.036406098s ago: executing program 1 (id=46): openat$kvm(0x0, 0x0, 0x0, 0x0) r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29) r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r2, 0x4b47, 0xfffffffffffffffe) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x6, 0x6, 0x6, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x9, 0x0, 0x0, 0x3, 0x5, 0x8, '\x00', 0x1, 0x400000000002}) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000140)={0x4, 0x0, [{0x1, 0x1, 0x0, 0x0, @adapter={0x8000000000000001, 0x8, 0x2, 0xa, 0x10}}, {0x9, 0x3, 0x0, 0x0, @adapter={0xd4ff, 0xfffffffffffffffc}}, {0x0, 0x0, 0x0, 0x0, @msi}, {0x80000000, 0x0, 0x1, 0x0, @adapter={0x0, 0x5, 0x5, 0x7f, 0xae2e}}]}) write$eventfd(r6, &(0x7f00000001c0)=0x3, 0x50) r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r8 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r7, 0x300000e, 0x12, r3, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f00000002c0)="fb016bddfb405ee52cc6a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb2070000000000000000000000c20cecfa0a97ab7800", 0x0, 0x48) r9 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000a9c000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000b80)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f0000000300)=@arm64_extra={0x603000000013c513, &(0x7f00000002c0)=0x9}) syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) 1h11m43.363942409s ago: executing program 0 (id=47): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_ARM_SET_DEVICE_ADDR(r3, 0x4010aeab, &(0x7f0000000000)={0x7fffffff, 0x8000001}) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee3, &(0x7f00000000c0)=@attr_irq_timer={0x0, 0x1, 0x0, 0x0}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_CREATE_DEVICE(r1, 0xc018aec0, &(0x7f00000000c0)={0x1}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) ioctl$KVM_ARM_PREFERRED_TARGET(r4, 0x8020aeaf, &(0x7f0000000100)) 1h11m35.631894167s ago: executing program 0 (id=48): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0x80111500, 0x20000000) close(r3) r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0x80111500, 0x20000000) ioctl$KVM_CREATE_VM(r6, 0x541b, 0x10000000000000) 1h11m34.196575823s ago: executing program 1 (id=49): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bc0000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dcea, 0x8000}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) syz_kvm_setup_cpu$arm64(r4, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f00000006c0)=[{0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x82}}, @code={0xa, 0x9c, {"007008d560e188d20060b0f2a10080d2a20080d2030180d2040180d2020000d400a0400c000008d520bd8cd20080b8f2c10180d2c20180d2630080d2640080d2020000d460d78ed200a0b8f2010080d2e20180d2e30080d2c40180d2020000d4007008d500008012007008d500e581d20020b0f2e10080d2620080d2a30180d2840180d2020000d4"}}, @mrs={0xbe, 0x18, {0x603000000013e6d6}}, @mrs={0xbe, 0x18, {0x603000000013e600}}, @eret={0xe6, 0x18, 0x7fff}, @msr={0x14, 0x20, {0x0, 0x359}}, @svc={0x122, 0x40, {0x0, [0x3845ef3f, 0x4, 0x6, 0x3, 0x12bb]}}, @svc={0x122, 0x40, {0xffff, [0xd, 0x1, 0x1, 0xfffffffffffffffc, 0x2]}}, @mrs={0xbe, 0x18, {0x603000000013c520}}, @hvc={0x32, 0x40, {0x3000000, [0x3, 0x8000, 0x401, 0x7, 0x7fffffff]}}, @uexit={0x0, 0x18, 0x7fffffff}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x3f5}}, @smc={0x1e, 0x40, {0x12c3b0b0d2818dc7, [0x7fff, 0x5, 0xfffffffffffffff8, 0x80000000, 0x800]}}, @msr={0x14, 0x20, {0x603000000013df68, 0x6}}, @hvc={0x32, 0x40, {0x84000013, [0x7fff, 0x8, 0x4, 0x7, 0x4]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0xe00, 0x4, 0x1}}], 0x314}], 0x1, 0x0, &(0x7f0000000700)=[@featur2={0x1, 0xce}], 0x1) ioctl$KVM_RESET_DIRTY_RINGS(r1, 0xaec7) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = eventfd2(0xeffffffd, 0x801) ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000000)={0x200, 0x4000, 0x4, r7, 0x1}) ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r7, 0x3}) ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f00000000c0)={0x3, 0x0, 0x1, r7, 0xb}) write$eventfd(r7, &(0x7f0000000000)=0x5, 0x8) 1h11m27.180067451s ago: executing program 0 (id=50): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0x80111500, 0x20000000) write$eventfd(r2, &(0x7f0000000000), 0xfffffdef) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0x80111500, 0x20000000) ioctl$KVM_CREATE_VM(r4, 0x541b, 0x2004001f) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r10, r11, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013df1a, 0x0}) ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000300)={0x8001, 0x55e}}) r12 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000100)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffd}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r13, 0xae80, 0x0) 1h10m48.164588012s ago: executing program 32 (id=49): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bc0000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dcea, 0x8000}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) syz_kvm_setup_cpu$arm64(r4, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f00000006c0)=[{0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x82}}, @code={0xa, 0x9c, {"007008d560e188d20060b0f2a10080d2a20080d2030180d2040180d2020000d400a0400c000008d520bd8cd20080b8f2c10180d2c20180d2630080d2640080d2020000d460d78ed200a0b8f2010080d2e20180d2e30080d2c40180d2020000d4007008d500008012007008d500e581d20020b0f2e10080d2620080d2a30180d2840180d2020000d4"}}, @mrs={0xbe, 0x18, {0x603000000013e6d6}}, @mrs={0xbe, 0x18, {0x603000000013e600}}, @eret={0xe6, 0x18, 0x7fff}, @msr={0x14, 0x20, {0x0, 0x359}}, @svc={0x122, 0x40, {0x0, [0x3845ef3f, 0x4, 0x6, 0x3, 0x12bb]}}, @svc={0x122, 0x40, {0xffff, [0xd, 0x1, 0x1, 0xfffffffffffffffc, 0x2]}}, @mrs={0xbe, 0x18, {0x603000000013c520}}, @hvc={0x32, 0x40, {0x3000000, [0x3, 0x8000, 0x401, 0x7, 0x7fffffff]}}, @uexit={0x0, 0x18, 0x7fffffff}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x3f5}}, @smc={0x1e, 0x40, {0x12c3b0b0d2818dc7, [0x7fff, 0x5, 0xfffffffffffffff8, 0x80000000, 0x800]}}, @msr={0x14, 0x20, {0x603000000013df68, 0x6}}, @hvc={0x32, 0x40, {0x84000013, [0x7fff, 0x8, 0x4, 0x7, 0x4]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0xe00, 0x4, 0x1}}], 0x314}], 0x1, 0x0, &(0x7f0000000700)=[@featur2={0x1, 0xce}], 0x1) ioctl$KVM_RESET_DIRTY_RINGS(r1, 0xaec7) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = eventfd2(0xeffffffd, 0x801) ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000000)={0x200, 0x4000, 0x4, r7, 0x1}) ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000001340)={0x3, 0x0, 0x2, r7, 0x3}) ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f00000000c0)={0x3, 0x0, 0x1, r7, 0xb}) write$eventfd(r7, &(0x7f0000000000)=0x5, 0x8) 1h10m40.484033842s ago: executing program 33 (id=50): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0x80111500, 0x20000000) write$eventfd(r2, &(0x7f0000000000), 0xfffffdef) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0x80111500, 0x20000000) ioctl$KVM_CREATE_VM(r4, 0x541b, 0x2004001f) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r10, r11, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000100)=@arm64_sys={0x603000000013df1a, 0x0}) ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000300)={0x8001, 0x55e}}) r12 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000100)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffd}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r13, 0xae80, 0x0) 46m8.587560757s ago: executing program 3 (id=234): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x111000, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r3, 0xae03, 0x42) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x600040, 0x0) close(r4) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000002c0)={0x2, 0x0, [{0x3, 0x1, 0x0, 0x0, @adapter={0x0, 0x6a, 0x8, 0x5, 0x3}}, {0x3, 0x2, 0x0, 0x0, @msi={0x1, 0x5, 0x0, 0x7}}]}) 45m57.93718307s ago: executing program 3 (id=235): syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x100) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f00000001c0)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0xb0, 0x6, 0x5}}], 0x30}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x2, 0x100) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000b80)={0x0, &(0x7f0000000080)=[@hvc={0x32, 0x0, {0x84000001, [0x9, 0x8, 0x5, 0x603c8354, 0x200]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_IRQ_LINE(r5, 0x4008ae61, &(0x7f0000000000)={0x0, 0x100}) ioctl$KVM_RUN(r6, 0xae80, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000140), 0x44000, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = mmap$KVM_VCPU(&(0x7f0000dd4000/0x3000)=nil, 0x930, 0xa, 0x810, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) r10 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) r11 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r10, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) r12 = mmap$KVM_VCPU(&(0x7f0000fb6000/0x4000)=nil, 0x930, 0x1000000, 0xaf832, r10, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r10, 0x0) r13 = eventfd2(0x0, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) write$eventfd(r13, &(0x7f0000000180)=0x5, 0xfffffde3) mmap$KVM_VCPU(&(0x7f0000f95000/0x2000)=nil, 0x0, 0x1000004, 0x110, r3, 0x0) ioctl$KVM_PRE_FAULT_MEMORY(r6, 0xc040aed5, &(0x7f00000000c0)={0x40000, 0x1000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) munmap$KVM_VCPU(0x0, 0x1000000000) 45m57.674424206s ago: executing program 2 (id=236): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000000)={0x48, 0xdddd1000}) ioctl$KVM_CREATE_VM(r2, 0x401c5820, 0x20000000) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000040)={0xe000, 0x2000}) 45m50.002349811s ago: executing program 2 (id=237): r0 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x4, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x1, 0x2, 0x0}) r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f00000002c0)=@arm64_fw={0x6030000000140002, &(0x7f0000000000)=0x7}) r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) ioctl$KVM_SET_REGS(r8, 0x4360ae82, 0xfffffffffffffffe) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r11, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) syz_kvm_vgic_v3_setup(r10, 0x5, 0x1e0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000100)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000080)=0x31}) ioctl$KVM_GET_VCPU_EVENTS(r11, 0x4018aee2, &(0x7f0000000180)) 45m47.222767547s ago: executing program 3 (id=238): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x17) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000280)={0x8, 0x0, [{0x9, 0x1, 0x2, 0x0, @sint={0x80000000, 0x6}}, {0x1, 0x4, 0xabf692312eeb6911, 0x0, @msi={0x7, 0x100, 0x3, 0x2}}, {0xa, 0x5, 0x0, 0x0, @irqchip={0x1, 0x5}}, {0x3, 0x3, 0x0, 0x0, @adapter={0x7, 0x4, 0x3, 0x97, 0x8}}, {0x3, 0x2, 0x1, 0x0, @adapter={0x8, 0x3, 0x40, 0x1, 0x6}}, {0x7, 0x2, 0x0, 0x0, @irqchip={0x0, 0x1ff}}, {0x400, 0x2, 0x0, 0x0, @irqchip={0xf, 0x400}}, {0x7, 0x4, 0x1, 0x0, @sint={0x3, 0x6}}]}) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000000)=@attr_other={0x0, 0x80000000, 0xffffffffffffffff, &(0x7f0000000100)=0x1f3}) r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f0000000000)=0x1100000000000000}) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$KVM_GET_API_VERSION(r9, 0xae03, 0x42) r10 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000440)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @smc={0x1e, 0x40, {0xc4000053, [0xf9ec, 0x1, 0xffffffffffffffff, 0x7fff, 0x7]}}], 0x68}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r11, 0xae80, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) 45m36.053461892s ago: executing program 2 (id=239): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r1, 0x10005, 0x120) syz_kvm_vgic_v3_setup(r1, 0x3, 0xc0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x800, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2e) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f00000000c0)=@arm64_ccsidr={0x60a0000000110007, &(0x7f0000000240)=0x9}) r7 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_GET_API_VERSION(r2, 0xae00, 0x0) syz_kvm_setup_cpu$arm64(r3, r7, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000180)=@arm64_ccsidr={0x6020000000110004, &(0x7f00000000c0)=0x4}) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x600040, 0x0) close(r9) r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04) mmap$KVM_VCPU(&(0x7f0000f8e000/0x1000)=nil, r10, 0x3000002, 0x16831, 0xffffffffffffffff, 0x0) 45m34.475328312s ago: executing program 3 (id=240): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_GET_API_VERSION(r1, 0xae00, 0x0) (async) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async, rerun: 32) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0xc2881, 0x0) (async, rerun: 32) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x8c00, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) close(0x4) (async) close(0x5) (async) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000180)=@attr_arm64={0x0, 0x1, 0x1, &(0x7f0000000080)=0x5}) (async) r8 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0) (async) r10 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, &(0x7f0000000200)=[@svc={0x122, 0x40, {0x800, [0xffffffeffffffff8, 0x8, 0x8000000005, 0x5, 0x400]}}], 0x40}, 0x0, 0x0) (async) r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04) mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r12, 0x3, 0x40b2811, r11, 0x0) ioctl$KVM_RUN(r11, 0xae80, 0x0) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 32) r13 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=[@mrs={0xbe, 0x18, {0x603000000013c100}}, @msr={0x14, 0x20, {0x603000000013f090, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x2, 0x5, 0x1, 0x9, 0x3}}, @eret={0xe6, 0x18, 0x9}, @uexit={0x0, 0x18, 0x1}, @eret={0xe6, 0x18, 0x6}, @irq_setup={0x46, 0x18, {0x4, 0x39d}}, @irq_setup={0x46, 0x18, {0x1, 0x22d}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x0, 0x10, 0x433, 0x2, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x0, 0xf, 0x8000, 0x4, 0x4}}, @mrs={0xbe, 0x18, {0x113e}}, @code={0xa, 0x54, {"000c0038007008d50004407800809f0de003005a007008d50050206e0008403820a595d20000b8f2810180d2820080d2630080d2a40080d2020000d40058202e"}}, @code={0xa, 0x84, {"000008d5008008d5005c9bd200a0b0f2c10080d2a20080d2230080d2840180d2020000d480248bd200c0b8f2610080d2220080d2e30080d2840080d2020000d4806f91d200e0b8f2c10080d2c20180d2e30180d2840180d2020000d400000036008008d5007008d50000319e00a4bf0d"}}, @irq_setup={0x46, 0x18, {0x3, 0x3ca}}], 0x230}, 0x0, 0x0) (rerun: 32) ioctl$KVM_RUN(r13, 0xae80, 0x0) 45m20.962746366s ago: executing program 3 (id=241): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29) r3 = ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, &(0x7f0000000040)={0x1000200001fe0000, 0x3}) ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x6000, 0x2000, &(0x7f0000ffc000/0x2000)=nil, 0x100000000000000, r3}) 45m18.080377508s ago: executing program 2 (id=242): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x3) (async) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000000)=@arm64_sve={0x60800000001501ff, &(0x7f0000000080)=0xb0af}) (async) ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000000)=@arm64_sve={0x60800000001501ff, &(0x7f0000000080)=0xb0af}) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, 0xfffffffffffffffe) 45m8.772258616s ago: executing program 3 (id=243): r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_FINALIZE(r0, 0x4004aec2, &(0x7f0000000000)=0x4) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x12) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000040)={0xe5, 0x8}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x101100, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x33) ioctl$KVM_CAP_ARM_MTE(r3, 0x4068aea3, &(0x7f00000000c0)) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000180)=@riscv64_timer={0x8030000004000003, &(0x7f0000000140)=0xff}) r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x19) ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r4, 0x4068aea3, &(0x7f00000001c0)) r5 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) write$eventfd(r5, &(0x7f0000000240)=0x2, 0x8) ioctl$KVM_IRQ_LINE_STATUS(r5, 0xc008ae67, &(0x7f0000000280)={0x7b, 0xc792}) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00000002c0)={0x9, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_SREGS(r0, 0x4000ae84, &(0x7f0000000300)={{0x5000, 0x40000, 0x0, 0x5, 0x0, 0x5d, 0xde, 0x8, 0x7, 0x9, 0xfd, 0x7d}, {0xfec4a000, 0xa000, 0x9, 0x7, 0x0, 0x76, 0x3, 0x80, 0x3, 0x5, 0x81, 0x1}, {0xa000, 0xeeee0000, 0xc, 0x2, 0x94, 0x7, 0x6, 0x4, 0x6e, 0x8, 0x94, 0x5}, {0x41000, 0x7001, 0xe, 0x4, 0xe7, 0x3, 0x1, 0x10, 0x10, 0x2, 0x7, 0x96}, {0xeeee0000, 0x2, 0x10, 0x7, 0x8, 0x0, 0x0, 0xb, 0x0, 0x6, 0x0, 0x14}, {0x50000, 0xf000, 0x0, 0x8b, 0x8, 0x8, 0x0, 0xc4, 0xf9, 0x2, 0x3, 0xf8}, {0x9000, 0x8080000, 0x4, 0x1, 0x1, 0x8, 0x4, 0x6, 0xba, 0x7f, 0x7, 0x7}, {0x30000, 0x6000, 0xa, 0x9b, 0x6, 0x9, 0x4, 0x2, 0x7, 0x7, 0xff, 0x7}, {0x6000, 0x3}, {0xb000, 0x2}, 0x40, 0x0, 0x100000, 0x30209, 0xe, 0x0, 0x56000, [0x100, 0x1, 0x3, 0x800]}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000480)=@attr_riscv64=@attr_imsic={0x0, 0x1, 0x5, &(0x7f0000000440)=0x4}) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x8) ioctl$KVM_CAP_ARM_MTE(r3, 0x4068aea3, &(0x7f00000004c0)) r7 = ioctl$KVM_GET_STATS_FD_vm(r4, 0xaece) syz_kvm_setup_cpu$arm64(r1, r7, &(0x7f0000bfd000/0x400000)=nil, &(0x7f00000005c0)=[{0x0, &(0x7f0000000540)=[@irq_setup={0x46, 0x18, {0x4, 0x28}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x4, 0xc, 0x5, 0x10000, 0x3}}, @irq_setup={0x46, 0x18, {0x0, 0x263}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x0, 0x6, 0x7, 0x7, 0x2}}], 0x80}], 0x1, 0x0, &(0x7f0000000600)=[@featur2={0x1, 0x2}], 0x1) ioctl$KVM_GET_DEVICE_ATTR_vm(r1, 0x4018aee2, &(0x7f0000000680)=@attr_other={0x0, 0x7fffffff, 0x401, &(0x7f0000000640)=0x7}) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f00000006c0)={0x2710, 0x5, 0xffff1000, 0x2000, &(0x7f0000c12000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000700)={0x10001, 0x6, 0x67aa885d62f15237, 0x1000, &(0x7f0000f5c000/0x1000)=nil}) write$eventfd(r7, &(0x7f0000000740)=0x7fffffffffffffff, 0x8) ioctl$KVM_SET_REGS(r0, 0x4360ae82, &(0x7f0000000780)={[0xfffffffffffffffe, 0x8, 0x5, 0x2, 0x1ff, 0x4, 0x91, 0x6, 0x3, 0x4, 0x3, 0x1, 0x8, 0x1, 0x4, 0x4], 0xf000}) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x3c) r8 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r8, 0x4010aeb5, &(0x7f0000000840)={0x5, 0xb2c}) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f00000008c0)=@riscv64_sbi_fwft={0x803000000a010001, &(0x7f0000000880)=0x4}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) 45m6.952375771s ago: executing program 2 (id=244): munmap$KVM_VCPU(0x0, 0x1000000000) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}], 0x28}, 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2e) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f00000000c0)=@arm64_bitmap={0x6030000000160001, &(0x7f0000000080)=0xffffffff}) r7 = ioctl$KVM_GET_STATS_FD_cpu(r3, 0xaece) syz_kvm_setup_cpu$arm64(r7, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f00000006c0)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x11, r8, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x2e) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x7, 0x6e, &(0x7f0000000180)=0xfffffffffffffffb}) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_GUEST_MEMFD(r10, 0xc040aed4, &(0x7f0000000000)={0x10001, 0x6}) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) 44m59.225714099s ago: executing program 2 (id=245): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x88201, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x163800, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000140)=@arm64_ccsidr={0x602000000011000a, &(0x7f0000000100)=0x40}) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@mrs={0xbe, 0x18, {0x603000000013c520}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x0, 0xf, 0x5, 0x0, 0x4}}, @irq_setup={0x46, 0x18, {0x103, 0x28}}, @uexit={0x0, 0x18, 0x5}], 0x70}, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 44m22.16371668s ago: executing program 34 (id=243): r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_FINALIZE(r0, 0x4004aec2, &(0x7f0000000000)=0x4) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x12) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000040)={0xe5, 0x8}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x101100, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x33) ioctl$KVM_CAP_ARM_MTE(r3, 0x4068aea3, &(0x7f00000000c0)) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000180)=@riscv64_timer={0x8030000004000003, &(0x7f0000000140)=0xff}) r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x19) ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r4, 0x4068aea3, &(0x7f00000001c0)) r5 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) write$eventfd(r5, &(0x7f0000000240)=0x2, 0x8) ioctl$KVM_IRQ_LINE_STATUS(r5, 0xc008ae67, &(0x7f0000000280)={0x7b, 0xc792}) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00000002c0)={0x9, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_SREGS(r0, 0x4000ae84, &(0x7f0000000300)={{0x5000, 0x40000, 0x0, 0x5, 0x0, 0x5d, 0xde, 0x8, 0x7, 0x9, 0xfd, 0x7d}, {0xfec4a000, 0xa000, 0x9, 0x7, 0x0, 0x76, 0x3, 0x80, 0x3, 0x5, 0x81, 0x1}, {0xa000, 0xeeee0000, 0xc, 0x2, 0x94, 0x7, 0x6, 0x4, 0x6e, 0x8, 0x94, 0x5}, {0x41000, 0x7001, 0xe, 0x4, 0xe7, 0x3, 0x1, 0x10, 0x10, 0x2, 0x7, 0x96}, {0xeeee0000, 0x2, 0x10, 0x7, 0x8, 0x0, 0x0, 0xb, 0x0, 0x6, 0x0, 0x14}, {0x50000, 0xf000, 0x0, 0x8b, 0x8, 0x8, 0x0, 0xc4, 0xf9, 0x2, 0x3, 0xf8}, {0x9000, 0x8080000, 0x4, 0x1, 0x1, 0x8, 0x4, 0x6, 0xba, 0x7f, 0x7, 0x7}, {0x30000, 0x6000, 0xa, 0x9b, 0x6, 0x9, 0x4, 0x2, 0x7, 0x7, 0xff, 0x7}, {0x6000, 0x3}, {0xb000, 0x2}, 0x40, 0x0, 0x100000, 0x30209, 0xe, 0x0, 0x56000, [0x100, 0x1, 0x3, 0x800]}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000480)=@attr_riscv64=@attr_imsic={0x0, 0x1, 0x5, &(0x7f0000000440)=0x4}) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x8) ioctl$KVM_CAP_ARM_MTE(r3, 0x4068aea3, &(0x7f00000004c0)) r7 = ioctl$KVM_GET_STATS_FD_vm(r4, 0xaece) syz_kvm_setup_cpu$arm64(r1, r7, &(0x7f0000bfd000/0x400000)=nil, &(0x7f00000005c0)=[{0x0, &(0x7f0000000540)=[@irq_setup={0x46, 0x18, {0x4, 0x28}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x4, 0xc, 0x5, 0x10000, 0x3}}, @irq_setup={0x46, 0x18, {0x0, 0x263}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x0, 0x6, 0x7, 0x7, 0x2}}], 0x80}], 0x1, 0x0, &(0x7f0000000600)=[@featur2={0x1, 0x2}], 0x1) ioctl$KVM_GET_DEVICE_ATTR_vm(r1, 0x4018aee2, &(0x7f0000000680)=@attr_other={0x0, 0x7fffffff, 0x401, &(0x7f0000000640)=0x7}) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f00000006c0)={0x2710, 0x5, 0xffff1000, 0x2000, &(0x7f0000c12000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000700)={0x10001, 0x6, 0x67aa885d62f15237, 0x1000, &(0x7f0000f5c000/0x1000)=nil}) write$eventfd(r7, &(0x7f0000000740)=0x7fffffffffffffff, 0x8) ioctl$KVM_SET_REGS(r0, 0x4360ae82, &(0x7f0000000780)={[0xfffffffffffffffe, 0x8, 0x5, 0x2, 0x1ff, 0x4, 0x91, 0x6, 0x3, 0x4, 0x3, 0x1, 0x8, 0x1, 0x4, 0x4], 0xf000}) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x3c) r8 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r8, 0x4010aeb5, &(0x7f0000000840)={0x5, 0xb2c}) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f00000008c0)=@riscv64_sbi_fwft={0x803000000a010001, &(0x7f0000000880)=0x4}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) 44m12.044791679s ago: executing program 35 (id=245): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x88201, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x163800, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000140)=@arm64_ccsidr={0x602000000011000a, &(0x7f0000000100)=0x40}) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@mrs={0xbe, 0x18, {0x603000000013c520}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x0, 0xf, 0x5, 0x0, 0x4}}, @irq_setup={0x46, 0x18, {0x103, 0x28}}, @uexit={0x0, 0x18, 0x5}], 0x70}, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 38m23.612206173s ago: executing program 5 (id=247): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0xbe, 0xb, 0x2}}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) r4 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x5, 0x4, &(0x7f00000004c0)=0x6f7}) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_REG_LIST(r8, 0xc008aeb0, &(0x7f0000000000)) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f00000000c0)={0x0, 0x1ff}) 38m18.500369048s ago: executing program 4 (id=248): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, 0x0) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x39d}}], 0x28}, 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1) r7 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r6, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x88201, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0x40305839, 0x2000000000000059) syz_kvm_vgic_v3_setup(r1, 0xffffffffffbffffc, 0x120) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) 38m7.672631053s ago: executing program 5 (id=249): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x228080, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x80000, 0x10000, 0x0, 0x8, 0x2}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8}) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000bc2000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) ioctl$KVM_SET_GUEST_DEBUG_arm64(r9, 0x4208ae9b, &(0x7f00000001c0)={0x3, 0x0, {[0x2, 0x8, 0x504, 0xf2f, 0x2, 0x8, 0x100000001, 0xa4, 0xfb, 0x4b3, 0xc, 0x8, 0x0, 0xf, 0xc, 0x8], [0x6, 0x3, 0xee, 0x3ff, 0x4, 0x3, 0x4, 0x4, 0x5b, 0x8000002, 0x6, 0x6f2, 0x3, 0x8000000000008, 0xa38], [0x0, 0x1, 0x100, 0xc2ec, 0x1, 0x5, 0x9, 0x7fff, 0x8000000000000000, 0x80000000, 0x6, 0xfffffffffffffffb, 0x6, 0x4, 0x4, 0x1], [0x2, 0x89c8, 0xed, 0x0, 0x7, 0x7, 0x7, 0x7, 0x3, 0x2, 0x1, 0x400, 0x3ff, 0x49e4, 0x0, 0x9]}}) ioctl$KVM_RUN(r9, 0xae80, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}], 0x28}, 0x0, 0x0) r12 = syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r11, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x88, &(0x7f0000000000)=0x10}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x9, 0x5, &(0x7f0000000280)=0x100000000}) ioctl$KVM_GET_STATS_FD_cpu(r3, 0xaece) r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r14, 0x40086602, 0x110e22ffff) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x80111500, 0x20000000) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) 37m58.673486311s ago: executing program 4 (id=250): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x2002, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000180)=@arm64_sys={0x603000000013c024, 0x0}) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000080)={0x70000, 0x110000}) (async) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28) ioctl$KVM_CAP_HALT_POLL(r5, 0x4068aea3, &(0x7f00000001c0)={0xb6, 0x2000000, 0x3}) (async) openat$kvm(0x0, &(0x7f0000000000), 0x5290c7, 0x0) (async, rerun: 64) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x34) (rerun: 64) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async, rerun: 32) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3d) (async, rerun: 32) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="f21bc75509bf71c9d70236fc0448424234d6baffffffffff4c24501958da2e2c18b875c2357c6ed600", 0x0, 0x48) (async, rerun: 64) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (rerun: 64) write$eventfd(r9, &(0x7f00000001c0)=0xffffff7f, 0xff25) r10 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) (async) r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r14, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x0, 0x3c2a1c3178cda732, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f0000000040)=@arm64_ccsidr={0x602000000011000c, &(0x7f00000000c0)=0x3}) (async, rerun: 32) ioctl$KVM_SET_GUEST_DEBUG_arm64(r11, 0x4208ae9b, &(0x7f0000000240)={0x0, 0x0, {[0x94f, 0x6, 0x1ff, 0x7, 0x0, 0x9, 0x5, 0x3, 0x400, 0x1, 0x1, 0x7fff, 0x7, 0x1, 0x0, 0x91df], [0x101, 0x10001, 0x100000001, 0x3, 0xf, 0x80000000, 0x1000, 0x9, 0x9, 0x5, 0x7, 0x400, 0x8, 0x7, 0x1, 0x1], [0x6, 0x10001, 0x1, 0x5, 0x0, 0x6, 0x0, 0x2, 0xffffffffffffffff, 0x0, 0x534e, 0x5, 0x4, 0x8, 0x100000001, 0x2], [0x9, 0x0, 0x4, 0x5, 0x12fa, 0x800, 0x8, 0xf50, 0x3, 0x8000000000000001, 0xfffffffffffffff9, 0x4, 0x9, 0x7, 0x8, 0x8]}}) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) 37m44.423424803s ago: executing program 5 (id=251): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0xc) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000140), 0x400, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f00000000c0)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x3}) r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000000)={0x5, 0x4}) ioctl$KVM_RUN(r6, 0xae80, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000b98000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f00000002c0)=@arm64_core={0x6030000000100014, &(0x7f0000000300)=0x55b8}) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x603000000010004e, &(0x7f00000000c0)=0x80003fb}) 37m42.602359622s ago: executing program 4 (id=252): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfe000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@mrs={0xbe, 0x18, {0x603000000013df7e}}, @memwrite={0x6e, 0x30, @generic={0x100000, 0x333, 0x401, 0x5}}], 0x48}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) 37m28.660647992s ago: executing program 4 (id=253): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000240)={0x1fe, 0x3, 0xffff1000, 0x1000, &(0x7f0000b24000/0x1000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xcccc0000, 0x1000, &(0x7f0000f15000/0x1000)=nil}) (async) eventfd2(0x2, 0x1) r2 = eventfd2(0x31e, 0x80801) (async) r3 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece) ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f00000000c0)={r2, 0x4c8, 0x2, r3}) r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000bfd000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000700)={0x0, &(0x7f0000000280)=[@svc={0x122, 0x40, {0x400, [0x1, 0x0, 0x3656c060, 0x40, 0xfffffffffffffffc]}}, @code={0xa, 0x6c, {"008008d5000c007880be8ed200c0b8f2010080d2820180d2230180d2c40180d2020000d40000c0ad007008d50000802d000008d5a0d083d200e0b8f2410080d2c20080d2c30080d2040180d2020000d4007008d5007c4093"}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x18c}}, @code={0xa, 0x84, {"007008d5000028d500059dd200a0b8f2a10080d2a20180d2a30080d2c40180d2020000d40000381e604d98d20080b0f2c10180d2c20080d2c30080d2640180d2020000d4000008d540ef99d20060b8f2010080d2220080d2a30180d2a40080d2020000d400d0204e007008d5007008d5"}}, @uexit={0x0, 0x18, 0x7}, @code={0xa, 0x9c, {"007008d5007008d5000c40fc007008d5a07c85d200a0b8f2410080d2220180d2e30180d2840080d2020000d400e185d20080b0f2c10180d2c20080d2a30080d2a40180d2020000d400c582d20020b0f2810180d2220080d2830180d2240180d2020000d400e4005f80da88d200c0b0f2c10080d2820180d2830180d2e40180d2020000d4007008d5"}}, @hvc={0x32, 0x40, {0x84000004, [0x1, 0x7, 0x400, 0x10000, 0x6]}}, @irq_setup={0x46, 0x18, {0x2, 0x2a6}}, @eret={0xe6, 0x18, 0xbd6}, @svc={0x122, 0x40, {0xc4000014, [0xffff, 0x5, 0x3b35, 0x8, 0xf]}}, @smc={0x1e, 0x40, {0xc400000c, [0xfffffffffffffff7, 0x2, 0xffffffff, 0x7, 0x4a29]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x8, 0x2746}}, @hvc={0x32, 0x40, {0x84000050, [0x9, 0xffffffffffff1f92, 0xffffffffffffffff, 0x8, 0x1]}}, @mrs={0xbe, 0x18, {0x603000000013e080}}, @irq_setup={0x46, 0x18, {0x3, 0x25d}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe4, 0x3ff, 0xa}}, @mrs={0xbe, 0x18, {0x603000000013e66a}}, @svc={0x122, 0x40, {0xc4000003, [0x2, 0xb, 0xf, 0x6, 0x8a6]}}, @msr={0x14, 0x20, {0x603000000013df48, 0xe}}, @eret={0xe6, 0x18, 0x20}], 0x45c}, &(0x7f0000000740)=[@featur2={0x1, 0x3}], 0x1) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, 0x0) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) (async) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async) openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0) (async) r8 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1}) (async) ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100024, &(0x7f0000000000)=0xffffffffffffffff}) (async) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async) close(r6) (async) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r9, 0x5451, 0x0) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x6, 0x6, 0x6, 0x74, 0x86, 0xdd, 0x68, 0x0, 0x209, 0x0, 0x0, 0x3, 0x5, 0x5, '\x00', 0x1, 0x400000000002}) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000140)={0x4, 0x0, [{0x1, 0x1, 0x0, 0x0, @adapter={0x8000000000000001, 0x6, 0x2, 0xa, 0x10}}, {0x9, 0x3, 0x1, 0x0, @irqchip={0x7ff}}, {0x0, 0x2, 0x0, 0x0, @sint={0x200003, 0x4008d}}, {0x0, 0x0, 0x0, 0x0, @adapter={0x5, 0xb75d, 0x80000001, 0x7f, 0xb2d}}]}) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) 37m25.877146465s ago: executing program 5 (id=254): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f00000000c0)=[{0x0, 0x0, 0xfffffffffffffd58}], 0x1, 0x0, 0x0, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000280)={0x8}) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_SIGNAL_MSI(r5, 0x4020aea5, &(0x7f0000000200)={0x8000000, 0x0, 0x0, 0x1}) r8 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) syz_kvm_vgic_v3_setup(r11, 0x2, 0x100) r12 = eventfd2(0x0, 0x0) ioctl$KVM_IRQFD(r11, 0x4020ae76, &(0x7f0000000000)={r12, 0x3}) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000100)={r12, 0x0, 0x1}) ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f00000000c0)={0x10201, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000080)=0x8000800000000001}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000bff000/0x400000)=nil) close(0x4) close(0x5) 37m12.603458638s ago: executing program 4 (id=255): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x4) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) r1 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil) r2 = syz_kvm_add_vcpu$arm64(r1, &(0x7f00000001c0)={0x0, &(0x7f0000000000)=[@its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x4, 0xa, 0xa, 0x3, 0x1}}, @its_setup={0x82, 0x28, {0x3, 0x3, 0x27d}}, @svc={0x122, 0x40, {0xc5000021, [0x3, 0x7f, 0x79e, 0x5, 0x1]}}, @uexit={0x0, 0x18, 0x9}, @code={0xa, 0x6c, {"0000000ba0eb97d200c0b8f2810080d2220080d2a30180d2240080d2020000d4007008d500808008007008d5000030d520c48cd20060b8f2610180d2c20080d2e30080d2840180d2020000d4007008d5000008d5000820fc"}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x1, 0x7, 0x3, 0x1ff, 0x3}}, @hvc={0x32, 0x40, {0x32000000, [0x100000001, 0x6, 0x6, 0x5, 0x59]}}, @mrs={0xbe, 0x18, {0x603000000013e537}}], 0x194}, &(0x7f0000000200)=[@featur2], 0x1) (async, rerun: 64) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x40000, 0x0) (rerun: 64) ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x8) r4 = syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000880)={0x0, &(0x7f0000000280)=[@code={0xa, 0x54, {"e003005a007008d500000037008008d50044007f0020df0d000008d50028601e0080ff0de0bc8ad20080b8f2610180d2820180d2630080d2a40080d2020000d4"}}, @svc={0x122, 0x40, {0x200, [0xadf6, 0x793, 0x4, 0xa4df, 0xef]}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x4, 0x4, 0x4, 0x8}}, @svc={0x122, 0x40, {0xc4000003, [0x0, 0x5, 0xa4, 0xd, 0x8]}}, @smc={0x1e, 0x40, {0xfb00000c, [0xfffffffffffffffb, 0x8, 0xed, 0x4, 0x7fffffffffffffff]}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0x3cc}}, @code={0xa, 0xb4, {"000008d5c0c48bd20080b8f2610180d2020180d2630180d2c40080d2020000d40000003c008008d5600683d20020b8f2410080d2220080d2030180d2240180d2020000d400c896d200e0b8f2c10080d2020180d2a30080d2240180d2020000d40080c008602f84d200e0b0f2610080d2e20180d2030180d2240180d2020000d480408cd200a0b8f2210080d2220080d2a30080d2440180d2020000d40000202a"}}, @hvc={0x32, 0x40, {0x84000007, [0xa15, 0x8000000000000000, 0x0, 0x45, 0xffffffffffffffff]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xd00, 0x401, 0x5}}, @svc={0x122, 0x40, {0x80008000, [0xb26, 0x3, 0x5, 0x3, 0xfffffffffffffeff]}}, @memwrite={0x6e, 0x30, @generic={0xffffffff, 0xac, 0x5d, 0xa}}, @eret={0xe6, 0x18, 0x8}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x13d}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x381}}, @msr={0x14, 0x20, {0xc06000000027bd61, 0x2}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x233}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x92}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x18c}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x300, 0x5, 0x3}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x200, 0xa7, 0x6}}, @its_setup={0x82, 0x28, {0x0, 0xa6, 0x2c2}}, @svc={0x122, 0x40, {0x40000000, [0xffff, 0x1, 0x9, 0xa, 0x3]}}, @svc={0x122, 0x40, {0x84000012, [0x5, 0x7965, 0x67, 0xffffffffffff8000, 0x2]}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x1f9}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x4, 0x6, 0x120000, 0x8, 0x4}}, @irq_setup={0x46, 0x18, {0x4, 0x17f}}, @svc={0x122, 0x40, {0x84000012, [0x0, 0x2, 0x1c37ba5c, 0x5, 0x8]}}, @eret={0xe6, 0x18, 0xb}, @irq_setup={0x46, 0x18, {0x1, 0x307}}], 0x5d8}, &(0x7f00000008c0)=[@featur1={0x1, 0x43}], 0x1) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000940)=@riscv64_timer={0x8030000004000000, &(0x7f0000000900)=0x8}) (async) ioctl$KVM_SET_DEVICE_ATTR_vm(r0, 0x4018aee1, &(0x7f00000009c0)=@attr_other={0x0, 0x0, 0x101, &(0x7f0000000980)}) (async, rerun: 64) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000a00)=@x86={0xf8, 0xe2, 0xd, 0x0, 0xfa4, 0xff, 0x40, 0xdd, 0x1, 0x4, 0x0, 0x0, 0x0, 0x401, 0x0, 0xa, 0x7, 0x7, 0x9, '\x00', 0x0, 0x1}) (rerun: 64) r5 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000e40)={0x0, &(0x7f0000000a40)=[@its_setup={0x82, 0x28, {0x0, 0x0, 0x146}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x290}}, @mrs={0xbe, 0x18, {0x603000000013c112}}, @hvc={0x32, 0x40, {0x84000007, [0x6, 0xffff, 0x4cb1, 0x1, 0x9]}}, @uexit={0x0, 0x18, 0x5}, @smc={0x1e, 0x40, {0x100, [0x7, 0x1c5, 0x1, 0x1, 0xeb3]}}, @smc={0x1e, 0x40, {0x100, [0x8f, 0xffffffffffffffff, 0x6, 0x2, 0x10000]}}, @mrs={0xbe, 0x18, {0x603000000013c2a9}}, @eret={0xe6, 0x18, 0x2}, @smc={0x1e, 0x40, {0x3000000, [0x2, 0x4, 0xfffffffffffffffc, 0x7, 0xffffffff]}}, @uexit={0x0, 0x18, 0x5}, @smc={0x1e, 0x40, {0x80003fff, [0x9, 0x5, 0xfffffffffffffff7, 0x7ff, 0x4]}}, @irq_setup={0x46, 0x18, {0x1, 0x1ef}}, @msr={0x14, 0x20, {0x60300000001380a4, 0x1d4}}, @smc={0x1e, 0x40, {0x80000000, [0x8, 0x9520, 0x3, 0xb5, 0x5]}}, @eret={0xe6, 0x18, 0x8001}, @irq_setup={0x46, 0x18, {0x1, 0x33b}}, @hvc={0x32, 0x40, {0x1d, [0xfffffffffffffffe, 0x401, 0x1, 0x1, 0x9c2]}}, @uexit={0x0, 0x18, 0x7}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x6000, 0x4, 0x5}}, @mrs={0xbe, 0x18, {0x603000000013e669}}, @irq_setup={0x46, 0x18, {0x0, 0x3a1}}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x2c7}}, @hvc={0x32, 0x40, {0x16, [0x4, 0xc, 0x9, 0x2, 0x7]}}], 0x3d0}, &(0x7f0000000e80)=[@featur2={0x1, 0xf}], 0x1) ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x1) (async) ioctl$KVM_CAP_HALT_POLL(r0, 0x4068aea3, &(0x7f0000000ec0)) (async) munmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000) (async) ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000f40)=@x86={0x5, 0x8, 0x2, 0x0, 0x5, 0x9, 0x4, 0x3, 0x7, 0x8, 0x81, 0x0, 0x0, 0x0, 0x1522, 0x40, 0x3, 0x0, 0x5, '\x00', 0xf}) (async) syz_kvm_vgic_v3_setup(r0, 0x4, 0x0) (async) ioctl$KVM_PRE_FAULT_MEMORY(r6, 0xc040aed5, &(0x7f0000000f80)={0x4000, 0x8000}) r7 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000001600)={0x0, &(0x7f0000000fc0)=[@hvc={0x32, 0x40, {0x4000, [0x7c, 0x1, 0x6, 0x9, 0x6]}}, @memwrite={0x6e, 0x30, @generic={0x0, 0xc9e, 0x8, 0x8}}, @smc={0x1e, 0x40, {0xc4000014, [0x9, 0x2, 0x4, 0xf, 0x5]}}, @uexit={0x0, 0x18, 0x8}, @irq_setup={0x46, 0x18, {0x3, 0x3db}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xffd0, 0x9, 0xfc343c059da5e003}}, @hvc={0x32, 0x40, {0x400, [0x1, 0x9, 0x480000, 0x8, 0x8001]}}, @eret={0xe6, 0x18, 0x800}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x3e3}}, @code={0xa, 0x84, {"a0889fd20060b0f2810180d2c20180d2e30180d2240180d2020000d4e0c981d20000b8f2610180d2220180d2630080d2c40080d2020000d4007008d50028000e007008d5007008d5000008d5000008d560c195d20000b0f2810080d2e20180d2230180d2640080d2020000d4000028d5"}}, @irq_setup={0x46, 0x18, {0x4, 0x119}}, @code={0xa, 0xcc, {"406f88d20040b8f2810180d2e20080d2630180d2a40180d2020000d4007c0053e00f8ad20080b0f2810180d2620080d2630080d2240080d2020000d440e997d20080b8f2e10180d2020180d2630180d2a40180d2020000d4609b99d20000b0f2a10180d2020080d2e30180d2440080d2020000d4402485d20060b0f2210180d2220080d2830080d2640080d2020000d4007008d560939cd20020b0f2e10180d2420180d2630080d2e40080d2020000d4007008d500682038"}}, @svc={0x122, 0x40, {0x84000059, [0x7, 0xfffffffffffffff9, 0x8, 0x5b32, 0x3]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x200, 0x2}}, @msr={0x14, 0x20, {0x603000000013e6c6, 0x3}}, @eret={0xe6, 0x18, 0x5}, @uexit={0x0, 0x18, 0x7fe}, @irq_setup={0x46, 0x18, {0x4, 0x1b9}}, @code={0xa, 0x84, {"40f99cd200e0b0f2c10080d2820080d2430080d2440080d2020000d40004000f80c891d20080b8f2e10180d2e20080d2030180d2a40080d2020000d400fb9dd20060b8f2e10080d2620180d2c30180d2040180d2020000d4000008d500c0ff0d000028d5000008d50020c01a00a4202e"}}, @hvc={0x32, 0x40, {0x30800000, [0x100000000, 0x8000000000000000, 0x2, 0x8001, 0x100000000]}}, @uexit={0x0, 0x18, 0x1800000000000000}, @svc={0x122, 0x40, {0x84000008, [0x223f, 0x1, 0x3, 0x8, 0xf]}}, @smc={0x1e, 0x40, {0x6000000, [0x7, 0x8, 0x0, 0xffffffffffffffff, 0x3]}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x1, 0x3, 0x400, 0x5, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013da16}}, @eret={0xe6, 0x18, 0x8}, @irq_setup={0x46, 0x18, {0x1, 0x1c8}}, @code={0xa, 0x84, {"802693d200e0b0f2e10080d2a20180d2a30180d2e40180d2020000d4000008d5000860f8a02d99d200a0b8f2e10080d2a20180d2e30080d2840180d2020000d4a00593d200e0b8f2a10180d2820180d2830180d2640080d2020000d40040641e000840b8008008d500a0204e003c207e"}}, @eret={0xe6, 0x18, 0x9}], 0x638}, &(0x7f0000001640)=[@featur1={0x1, 0x13d}], 0x1) (async) r9 = eventfd2(0x1ff, 0x80002) write$eventfd(r9, &(0x7f0000001680)=0xf5b4, 0x8) (async) ioctl$KVM_RUN(r4, 0xae80, 0x0) (async, rerun: 64) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f00000016c0)={0x8}) (rerun: 64) ioctl$KVM_RUN(r8, 0xae80, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil) r10 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) ioctl$KVM_SET_VCPU_EVENTS(r10, 0x4040aea0, &(0x7f0000001700)=@arm64={0xff, 0x68, 0x3b, '\x00', 0x1}) (async) r11 = eventfd2(0xd39, 0x1) ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f0000001740)={0x6, 0x8080000, 0x1, r11, 0x2}) 37m1.970408508s ago: executing program 5 (id=256): mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000280), 0x103080, 0x0) write$eventfd(0xffffffffffffffff, &(0x7f0000000080)=0x9a, 0x8) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x181b03, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x16) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r4, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0) r6 = eventfd2(0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) ioctl$KVM_RESET_DIRTY_RINGS(r7, 0xaec7) ioctl$KVM_SET_GUEST_DEBUG_arm64(r4, 0x4208ae9b, &(0x7f00000002c0)={0x1, 0x0, {[0x8, 0x7, 0x8, 0x8000000000000001, 0xffffffffffffffff, 0x8001, 0x2, 0x100, 0x9, 0x3, 0xfffffffffffffffa, 0x8, 0x6, 0x7, 0xf, 0xffaa], [0xdbc, 0x73f2bc9c, 0xff, 0x8, 0x7ff, 0x100000000, 0x6, 0xeecca32, 0xf, 0x8, 0x3, 0x3, 0x2, 0x6, 0x8, 0x6], [0xf, 0x5, 0x0, 0x4, 0x6, 0x7ff, 0xe, 0x7, 0x8c2, 0x6, 0xffffffffffffffff, 0x2, 0xc, 0x3, 0xd14e, 0x1], [0x8000000000000000, 0x1, 0xd, 0x248e, 0x6d, 0x7fffffffffffffff, 0x8, 0x8, 0x6, 0x1, 0x9, 0x1000, 0x0, 0x6, 0xfffffffffffffffb, 0xa0000000000000]}}) close(r6) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, r8, 0x3000009, 0x11, r4, 0x0) munmap(&(0x7f0000006000/0x3000)=nil, 0x3000) write$eventfd(r6, &(0x7f0000000180)=0xffffffffffff4a2d, 0xfffffffffffffe8e) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r9 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f0000000000)=@attr_arm64={0x0, 0x5, 0x0, &(0x7f0000000240)=0x7}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, r11, 0x1000006, 0x8032, 0xffffffffffffffff, 0x0) 36m58.757003818s ago: executing program 4 (id=257): mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x9000000) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac4e37c4005a9614fbff67521ce16f8f09449a7a836b73312954000000000000000000000000000000000000000000000000000000dc6900", 0x0, 0x2e) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) (async) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) r4 = eventfd2(0x0, 0x0) close(r4) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x88c80, 0x0) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, r5, 0x2000004, 0x2011, r4, 0x0) r6 = eventfd2(0x0, 0x0) (async) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x3, 0x27, 0x6, 0x0, 0x4, 0x9, 0xff, 0x7, 0xc7, 0x43, 0x5, 0x7, 0x0, 0x5, 0x2e, 0xd7, 0x10, 0xaa, 0x7, '\x00', 0x2, 0x100000000000000}) (async) r10 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x12, r10, 0x0) (async) write$eventfd(r9, &(0x7f00000001c0)=0x9, 0x1d) (async) close(r6) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000c4c000/0x4000)=nil, 0x930, 0x2000004, 0x2011, r6, 0x0) (async) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) 36m14.465138165s ago: executing program 36 (id=256): mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000280), 0x103080, 0x0) write$eventfd(0xffffffffffffffff, &(0x7f0000000080)=0x9a, 0x8) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x181b03, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x16) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r4, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0) r6 = eventfd2(0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) ioctl$KVM_RESET_DIRTY_RINGS(r7, 0xaec7) ioctl$KVM_SET_GUEST_DEBUG_arm64(r4, 0x4208ae9b, &(0x7f00000002c0)={0x1, 0x0, {[0x8, 0x7, 0x8, 0x8000000000000001, 0xffffffffffffffff, 0x8001, 0x2, 0x100, 0x9, 0x3, 0xfffffffffffffffa, 0x8, 0x6, 0x7, 0xf, 0xffaa], [0xdbc, 0x73f2bc9c, 0xff, 0x8, 0x7ff, 0x100000000, 0x6, 0xeecca32, 0xf, 0x8, 0x3, 0x3, 0x2, 0x6, 0x8, 0x6], [0xf, 0x5, 0x0, 0x4, 0x6, 0x7ff, 0xe, 0x7, 0x8c2, 0x6, 0xffffffffffffffff, 0x2, 0xc, 0x3, 0xd14e, 0x1], [0x8000000000000000, 0x1, 0xd, 0x248e, 0x6d, 0x7fffffffffffffff, 0x8, 0x8, 0x6, 0x1, 0x9, 0x1000, 0x0, 0x6, 0xfffffffffffffffb, 0xa0000000000000]}}) close(r6) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) mmap$KVM_VCPU(&(0x7f0000000000/0x4000)=nil, r8, 0x3000009, 0x11, r4, 0x0) munmap(&(0x7f0000006000/0x3000)=nil, 0x3000) write$eventfd(r6, &(0x7f0000000180)=0xffffffffffff4a2d, 0xfffffffffffffe8e) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r9 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, &(0x7f0000000000)=@attr_arm64={0x0, 0x5, 0x0, &(0x7f0000000240)=0x7}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, r11, 0x1000006, 0x8032, 0xffffffffffffffff, 0x0) 36m7.933053981s ago: executing program 37 (id=257): mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x9000000) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac4e37c4005a9614fbff67521ce16f8f09449a7a836b73312954000000000000000000000000000000000000000000000000000000dc6900", 0x0, 0x2e) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) (async) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) r4 = eventfd2(0x0, 0x0) close(r4) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x88c80, 0x0) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, r5, 0x2000004, 0x2011, r4, 0x0) r6 = eventfd2(0x0, 0x0) (async) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x3, 0x27, 0x6, 0x0, 0x4, 0x9, 0xff, 0x7, 0xc7, 0x43, 0x5, 0x7, 0x0, 0x5, 0x2e, 0xd7, 0x10, 0xaa, 0x7, '\x00', 0x2, 0x100000000000000}) (async) r10 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x12, r10, 0x0) (async) write$eventfd(r9, &(0x7f00000001c0)=0x9, 0x1d) (async) close(r6) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000c4c000/0x4000)=nil, 0x930, 0x2000004, 0x2011, r6, 0x0) (async) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) 22m36.643463632s ago: executing program 6 (id=284): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x10004, 0x3, 0x0, 0x2000, &(0x7f0000cb3000/0x2000)=nil}) ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000140)={0x5, 0x3d6fe80, 0x140, 0x0}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x9e) (async) r3 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0x80111500, 0x20000000) ioctl$KVM_CREATE_VM(r5, 0x5760, 0x2000001c) (async) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x1, 0x0, &(0x7f0000000200)=0x80000000}) (async) ioctl$KVM_ASSIGN_SET_MSIX_NR(r5, 0x4008ae73, &(0x7f0000000000)={0x9c6, 0xf}) (async) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x0, 0xffffffffffffffff, 0x1}}, @msr={0x14, 0x20, {0x6030000000138045, 0x7}}], 0x48}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r7, 0x1, 0x100) (async) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000280)=@attr_other={0x0, 0x10, 0xf2e, &(0x7f00000001c0)=0x2a}) (async) ioctl$KVM_RUN(r9, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) (async) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, 0x0) (async) r11 = openat$kvm(0x0, &(0x7f0000000040), 0xc8000, 0x0) ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) (async) r12 = ioctl$KVM_GET_STATS_FD_vm(r5, 0xaece) (async) r13 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000180)={r12, 0xfffff801, 0x1, r13}) 22m14.905567738s ago: executing program 6 (id=286): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000140), 0x410c00, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f00000000c0)=@arm64_core={0x6030000000100032, &(0x7f00000001c0)=0x1}) r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2e) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x0, 0xe, 0x16831, 0xffffffffffffffff, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x100, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x2800009, 0x100010, r9, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0) r11 = eventfd2(0x0, 0x718ea0b50aff9a1) close(r11) openat$kvm(0xffffff9c, &(0x7f00000002c0), 0x2866b1, 0x1f01) write$eventfd(r11, &(0x7f0000000180)=0x5, 0xfffffde3) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x0, 0x2000001, 0x13, r9, 0x0) syz_kvm_setup_cpu$arm64(r6, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f00000003c0)=[@featur2={0x1, 0x17}], 0x1) r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) r13 = ioctl$KVM_CREATE_GUEST_MEMFD(r6, 0xc040aed4, &(0x7f0000000080)={0xff, 0xfffffffffffeffff}) ioctl$KVM_SET_USER_MEMORY_REGION2(r4, 0x40a0ae49, &(0x7f0000000180)={0x10001, 0x4, 0x7000, 0x2000, &(0x7f0000ffc000/0x2000)=nil, 0x0, r13}) ioctl$KVM_CAP_HALT_POLL(r4, 0x4068aea3, &(0x7f0000000240)={0xb6, 0x0, 0x20000000007ff}) 21m51.116637237s ago: executing program 7 (id=287): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000280), 0x103080, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x181b03, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) r4 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000000)=@attr_arm64={0x0, 0x5, 0x0, &(0x7f0000000240)=0x7}) r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2a) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000b80)={0x0, &(0x7f0000000100)=[@its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x2, 0xf, 0x1, 0x9}}], 0xfffffffffffffe3c}, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r8, 0x4010ae67, &(0x7f0000000380)={0x2, 0xa000, 0x1}) ioctl$KVM_REGISTER_COALESCED_MMIO(r8, 0x4010ae67, &(0x7f0000000480)={0x2, 0x18000, 0x1}) close(r8) 21m41.715908154s ago: executing program 6 (id=288): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8a000, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x3}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x9b, 0xf, 0x0, 0x5, 0x8, 0x82, 0x46, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x100001, 0xffc0000, 0x0, 0x3, 0xa, 0x8, '\x00', 0x1, 0x93}) (async) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4000ae84, &(0x7f0000000200)={{0x0, 0x1000, 0x1, 0x3a, 0x0, 0x9, 0xba, 0xc, 0x2, 0x6, 0x0, 0xa0}, {0xeeef0000, 0x0, 0xd, 0x1, 0xfc, 0x1, 0x5, 0xc, 0x7, 0x4, 0x6, 0x6}, {0x0, 0xeeee8000, 0x8, 0x9, 0x6, 0x7, 0x3, 0xdb, 0x8, 0x1, 0x1}, {0x2, 0xe000, 0x0, 0x55, 0x7f, 0x80, 0x4, 0x4, 0xa, 0x1, 0x5, 0x9}, {0x6000, 0x0, 0x0, 0x38, 0x0, 0x6, 0x8, 0x1, 0x81, 0x93, 0x7f, 0x8}, {0xdddd1000, 0x41000, 0xd, 0x5, 0x9, 0x5, 0x2, 0x8, 0x81, 0xf, 0x5, 0xfe}, {0xffff1000, 0xb000, 0x14, 0x1, 0x1, 0x7b, 0xfd, 0x9, 0x6a, 0xe, 0x8, 0xd1}, {0xeeef0000, 0x7000, 0x4, 0x3, 0x0, 0x0, 0x7, 0xfa, 0x10, 0x8, 0x2, 0x1}, {0xeeee0000, 0x2}, {0x8000000, 0xc71}, 0x20000002, 0x0, 0x1000, 0x8, 0x8, 0x8000, 0x7000, [0x3, 0x8000000000000000, 0x89, 0x1]}) (async) r4 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x29) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1) r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r7, 0x2, 0x12, r6, 0x0) (async) r8 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1) (async) ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000040)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000280)=@attr_other={0x0, 0x9, 0x5, &(0x7f0000000000)=0x16}) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) (async) syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000001000/0x400000)=nil, &(0x7f0000000840)=[{0x0, &(0x7f0000000340)=[@eret={0xe6, 0x18}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x239}}, @uexit={0x0, 0x18, 0x2}, @uexit={0x0, 0x18, 0x8}, @code={0xa, 0x6c, {"00d8215e0004601e00008028c0d19bd20040b8f2810080d2a20080d2030180d2640080d2020000d4008008d5007008d5007008d5009c202ec01796d20000b8f2810080d2220180d2230180d2a40080d2020000d4e00300da"}}, @msr={0x14, 0x20, {0x603000000013e6c8, 0x2036aeb0}}, @uexit={0x0, 0x18, 0x6}, @svc={0x122, 0x40, {0xc400000e, [0x7, 0xfffffffffffffffc, 0x1, 0x100, 0x1]}}, @code={0xa, 0x9c, {"008008d500d192d200c0b0f2410180d2e20080d2c30080d2240180d2020000d4a09a99d20060b0f2010180d2e20180d2830080d2640080d2020000d400c4200ee0349fd200a0b0f2010080d2420180d2e30080d2240080d2020000d40040c00d007008d5001c004e002cc09ae0959bd20020b0f2a10180d2420180d2830080d2840180d2020000d4"}}, @msr={0x14, 0x20, {0x603000000013e281, 0x6}}, @smc={0x1e, 0x40, {0x10, [0x27, 0x5, 0x52c3, 0x4, 0x5]}}, @msr={0x14, 0x20, {0x6030000000138014, 0x3}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x3, 0x8, 0x6, 0x7fff, 0x3}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x3, 0x10, 0xffffffff, 0x9, 0x3}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x0, 0x8, 0x9, 0xf0e1, 0x3}}, @code={0xa, 0x6c, {"000028d500e0200ee0238fd20020b0f2610080d2020080d2830080d2040180d2020000d40040bf0d000028d50064002f0020800d0098207e60c983d200a0b0f2210180d2c20180d2430180d2840180d2020000d40058601e"}}, @smc={0x1e, 0x40, {0xc4000011, [0x3, 0x3, 0x1, 0xb, 0x4]}}, @hvc={0x32, 0x40, {0x86000001, [0x3, 0x1, 0x7, 0x8, 0x29702461]}}, @code={0xa, 0x9c, {"0080800c008008d5005cc09a007008d5008008d5402583d200c0b8f2810180d2620080d2430180d2a40180d2020000d4c0b380d200e0b8f2c10180d2420180d2230080d2e40180d2020000d4208a9ad20000b0f2410180d2420180d2230180d2e40180d2020000d4204999d20020b0f2e10180d2620080d2230180d2440180d2020000d4009c004f"}}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x24d}}, @svc={0x122, 0x40, {0xc4000014, [0x6, 0x0, 0x6d, 0x3, 0x4]}}], 0x4d8}], 0x1, 0x0, &(0x7f0000000880)=[@featur1={0x1, 0x30}], 0x1) write$eventfd(r3, &(0x7f00000001c0)=0x3, 0xfdef) (async) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x28) 21m29.0473628s ago: executing program 7 (id=289): r0 = eventfd2(0x1, 0x1) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x40000, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) (async) syz_kvm_vgic_v3_setup(r2, 0x1, 0x100) (async) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000100)={r0, 0x3, 0x2, r0}) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000040)={r0, 0x45, 0x0, r0}) (async) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f00000000c0)={0x1, 0x0, [{0x3, 0x2, 0x0, 0x0, @sint={0x7fff, 0x5}}]}) (async) write$eventfd(r0, &(0x7f0000000000)=0x1000007, 0x8) 21m21.865936867s ago: executing program 6 (id=290): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) ioctl$KVM_ARM_PREFERRED_TARGET(0xffffffffffffffff, 0x8020aeaf, &(0x7f0000000080)) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000b8c000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) openat$kvm(0x0, 0x0, 0x161681, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0xcb3993e4c7433bb8, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) r6 = eventfd2(0xeffffffd, 0x801) ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000000)={0x200, 0x200000, 0x4, r6, 0x7}) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x2, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000080)=0x8000000000000000}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000280)=@attr_riscv64=@attr_addr={0x0, 0x1, @aplic, &(0x7f0000000180)=0xe}) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x603000000010002a}) openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) (async) ioctl$KVM_ARM_PREFERRED_TARGET(0xffffffffffffffff, 0x8020aeaf, &(0x7f0000000080)) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e) (async) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000b8c000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async) openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async) openat$kvm(0x0, 0x0, 0x161681, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0xcb3993e4c7433bb8, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f00000001c0)={0x8}) (async) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) (async) eventfd2(0xeffffffd, 0x801) (async) ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000000)={0x200, 0x200000, 0x4, r6, 0x7}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x2, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) (async) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000080)=0x8000000000000000}) (async) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000280)=@attr_riscv64=@attr_addr={0x0, 0x1, @aplic, &(0x7f0000000180)=0xe}) (async) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x603000000010002a}) (async) 21m12.282555116s ago: executing program 7 (id=291): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000a9c000/0x400000)=nil) ioctl$KVM_KVMCLOCK_CTRL(0xffffffffffffffff, 0xaead) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000b80)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000300)=@arm64_extra={0x603000000013df02, &(0x7f00000002c0)=0x9}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x0, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000000)=@attr_riscv64=@attr_aplic={0x0, 0x1, @any=0x7, &(0x7f0000000080)=0x81}) 20m46.185538738s ago: executing program 7 (id=292): ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000140)={0x4, 0x0, [{0x1, 0x2, 0x1, 0x0, @adapter={0x7, 0x100000000, 0x8, 0x0, 0x7}}, {0x9, 0x2, 0x1, 0x0, @adapter={0xd4ff, 0x6d39, 0x2, 0x0, 0x7f}}, {0x3, 0x0, 0x1, 0x0, @sint={0x6, 0x8000}}, {0x0, 0x0, 0x0, 0x0, @adapter={0x8f9, 0xe808e8f, 0x3f, 0x7, 0x332ccd89}}]}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x3}) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4000ae84, &(0x7f0000000300)={{0x40000, 0x5112230311195ad3, 0x3, 0x81, 0x5b, 0xb, 0x81, 0x8, 0xe, 0x78, 0x3, 0x6}, {0x7f625000, 0xdddd1000, 0x10, 0x81, 0xb, 0x0, 0x0, 0xf2, 0x10, 0xcb, 0x9, 0x98}, {0x40000, 0x100000, 0x10, 0x0, 0xa6, 0x7, 0x2d, 0xf2, 0xa, 0x0, 0x2, 0x4}, {0x26000, 0x54000, 0xa, 0x7e, 0x6, 0x7, 0x5c, 0x9, 0x4, 0x2, 0xe, 0xef}, {0x6000, 0x81c0003, 0x4, 0x1b, 0xf1, 0xa4, 0x0, 0xa, 0x5, 0x2, 0xff}, {0x0, 0x6000, 0x8, 0x7, 0x4, 0x40, 0x8, 0x9, 0x4, 0x9a, 0xd, 0x7}, {0x26000, 0x26000, 0xbd6e87c0ceccddee, 0x9, 0x5, 0x8, 0xf6, 0xa, 0x0, 0x5, 0x8, 0x2}, {0x3000, 0x5000, 0x10, 0x6, 0x2, 0x7f, 0x5, 0x5, 0x4, 0x1, 0x6, 0x81}, {0x80a0000, 0x2}, {0x58000, 0xfffd}, 0x40000000, 0x0, 0x58000, 0x200b8, 0xf, 0x1, 0xdddd0000, [0x4, 0x1, 0x81, 0x2]}) ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) (async) r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000000)={0x6}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x9b, 0xf, 0x0, 0x5, 0x8, 0x82, 0x46, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x900001, 0x0, 0x0, 0x3, 0xa, 0x8, '\x00', 0x1, 0x93}) (async) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x9b, 0xf, 0x0, 0x5, 0x8, 0x82, 0x46, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x900001, 0x0, 0x0, 0x3, 0xa, 0x8, '\x00', 0x1, 0x93}) write$eventfd(r3, &(0x7f00000001c0)=0x3, 0xfdef) 20m45.444542794s ago: executing program 6 (id=293): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r4 = ioctl$KVM_GET_STATS_FD_vm(r3, 0xaece) ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000040)={0x8, 0x70000, 0x2, 0xffffffffffffffff, 0x8a4fa382f1515d0d}) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x40001, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f00000000c0)={0x4, 0x2000, 0x8, 0xffffffffffffffff, 0x20}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04) r12 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r11, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0) r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1) mmap$KVM_VCPU(&(0x7f0000ebf000/0x1000)=nil, r11, 0xa, 0x1c013, r13, 0x0) ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000180)=@arm64_sys={0x603000000013df65, 0x0}) r14 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) r17 = ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r17, 0x4020aeae, &(0x7f0000000080)={0x5}) ioctl$KVM_SET_ONE_REG(r17, 0x4010aeac, &(0x7f0000000280)=@arm64_sys={0x603000000013c006, &(0x7f0000000240)=0x2}) r18 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r18, &(0x7f00000000c0)={0x0, &(0x7f00000008c0)=[@hvc={0x32, 0x40, {0xc4000053, [0x9f, 0x7a000, 0x1000, 0x0, 0x6]}}, @eret={0xe6, 0x18, 0x2a}, @smc={0x1e, 0x40, {0xc4000005, [0x8000000000000000, 0xc, 0x40, 0x8, 0x3]}}, @msr={0x14, 0x20, {0x6030000000138054, 0x4}}, @msr={0x14, 0x20, {0x603000000013e663, 0x8001}}, @eret={0xe6, 0x18, 0x80000001}, @code={0xa, 0x9c, {"000028d5e0a89bd200c0b0f2010080d2220180d2c30180d2840180d2020000d4000028d560468fd200c0b8f2410080d2620180d2430180d2640180d2020000d4007008d5a0b983d20000b8f2610180d2220180d2030180d2440080d2020000d4008008d50000591e000008d5201e9dd20040b0f2a10180d2c20180d2430080d2a40080d2020000d4"}}], 0x18c}, 0x0, 0x0) 20m31.106972201s ago: executing program 7 (id=294): munmap(&(0x7f0000481000/0x1000)=nil, 0x1000) (async) munmap(&(0x7f0000136000/0x2000)=nil, 0x2000) (async) mmap$KVM_VCPU(&(0x7f0000e28000/0x2000)=nil, 0x930, 0x2, 0x12, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f0000000100)=[@uexit={0x0, 0x18, 0x3}, @its_send_cmd={0xaa, 0x28, {0x3}}], 0x40}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x3, 0x10000000004}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000005}}], 0x50}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r6, 0x1, 0x100) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c44000/0xd000)=nil, 0x930, 0x0, 0xce36b03e1c480b38, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) (async) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r11, 0x4020aeae, 0x0) 20m17.493739872s ago: executing program 6 (id=295): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x181b03, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="f21bc75509bf71ba470236fc044800fff7ffffffd249f297e87fd600000000000000002000e4ff000000f500", 0x0, 0x48) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r4, &(0x7f00000001c0)=0xffffff7f, 0xff25) r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000240)={0x4, 0xffffffffffffffff, 0x1}) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bfe000/0x400000)=nil) r6 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = eventfd2(0xfffffffa, 0x80001) ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f0000000180)={0x80, 0xd5d77004, 0x4, r10}) syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616}) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r6, 0x4068aea3, 0xfffffffffffffffe) r11 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0) ioctl$KVM_RUN(r11, 0xae80, 0x0) 20m12.332393822s ago: executing program 7 (id=296): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, 0x0) (async) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) r4 = openat$kvm(0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0}) (async, rerun: 32) r6 = eventfd2(0x3ff, 0x0) (rerun: 32) ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000000)={r6, 0x5, 0x2, r6}) (async, rerun: 64) write$eventfd(r6, &(0x7f0000000080)=0x7, 0x8) (async, rerun: 64) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async) r7 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bc2000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000440)={0x0, &(0x7f00000000c0)=[@svc={0x122, 0x40, {0xc5000020, [0x6, 0x3, 0x1, 0x711ec83f, 0x8000]}}], 0x40}, &(0x7f0000000480)=[@featur1={0x1, 0x43}], 0x1) (async, rerun: 32) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) (rerun: 32) ioctl$KVM_RUN(r8, 0xae80, 0x0) (async) ioctl$KVM_RUN(r8, 0xae80, 0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 19m30.50549198s ago: executing program 38 (id=295): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x181b03, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x32) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="f21bc75509bf71ba470236fc044800fff7ffffffd249f297e87fd600000000000000002000e4ff000000f500", 0x0, 0x48) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r4, &(0x7f00000001c0)=0xffffff7f, 0xff25) r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000240)={0x4, 0xffffffffffffffff, 0x1}) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bfe000/0x400000)=nil) r6 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = eventfd2(0xfffffffa, 0x80001) ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f0000000180)={0x80, 0xd5d77004, 0x4, r10}) syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616}) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r6, 0x4068aea3, 0xfffffffffffffffe) r11 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0) ioctl$KVM_RUN(r11, 0xae80, 0x0) 19m21.413283145s ago: executing program 39 (id=296): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, 0x0) (async) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) r4 = openat$kvm(0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0}) (async, rerun: 32) r6 = eventfd2(0x3ff, 0x0) (rerun: 32) ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000000)={r6, 0x5, 0x2, r6}) (async, rerun: 64) write$eventfd(r6, &(0x7f0000000080)=0x7, 0x8) (async, rerun: 64) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x5, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async) r7 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bc2000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000440)={0x0, &(0x7f00000000c0)=[@svc={0x122, 0x40, {0xc5000020, [0x6, 0x3, 0x1, 0x711ec83f, 0x8000]}}], 0x40}, &(0x7f0000000480)=[@featur1={0x1, 0x43}], 0x1) (async, rerun: 32) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) (rerun: 32) ioctl$KVM_RUN(r8, 0xae80, 0x0) (async) ioctl$KVM_RUN(r8, 0xae80, 0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 3m12.073704577s ago: executing program 9 (id=332): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff}) close(r5) r6 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_SREGS(r7, 0x4000ae84, 0xffffffffffffffff) r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$arm64(r8, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r8, 0x4068aea3, &(0x7f0000000000)={0xe4, 0x0, 0x7}) 3m8.525448273s ago: executing program 8 (id=333): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_GUEST_MEMFD(r3, 0xc040aed4, &(0x7f0000000040)={0x1000200001fe0000, 0x1}) ioctl$KVM_SET_USER_MEMORY_REGION2(r3, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x6000, 0x2000, &(0x7f0000ffc000/0x2000)=nil, 0x100000000000000, r4}) close(r3) close(r4) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x20200, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1c) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_GET_DEVICE_ATTR(r7, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f0000000080)=0x10001}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x8800, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000a5a000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000b80)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x84000012, [0x79c4, 0x100080001, 0x5, 0x101, 0x13]}}], 0x40}, &(0x7f00000000c0)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r11, 0xae80, 0x0) r12 = openat$kvm(0x0, &(0x7f0000000200), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r14, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1}) ioctl$KVM_GET_ONE_REG(r14, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100024, &(0x7f0000000000)=0xffffffffffffffff}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f0000000540)=@attr_other={0x0, 0x4, 0x8, &(0x7f0000000500)=0x5}) 2m44.090728905s ago: executing program 9 (id=334): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4360ae82, &(0x7f00000001c0)={[0x1, 0x9, 0x2f, 0xfffffffffffffffb, 0xd40000000000, 0x5a40, 0x80000001, 0x28f9, 0x4dbd, 0x8001, 0xb9, 0x2, 0x1f, 0x7, 0x8, 0x4], 0x7000, 0x8010}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000080)={0xee, "a707384d24b9bb9dd4fbee0d30eade983cf211da749efd8ff792025e839c980f7b8fb7d1603dd8a0e4e752b8fd56c0136e1ffe2f4cf3769a266292b9115dce6676e638e7ce44fab680c4a364631fd6883bd6f53f1bdbd4b086ee336740556818dbd3da8c1b404fb19e473ce626b1cd2fe903219adcfc6498ec22d26f55b66fc8c0d9a07c9450b075f93b7741cc2f67714bfe0a78d9c13721edac23f6d69a5ff3dc53cc6080ac4662da399907d5e05e5b81ead7e2636a47476c84fa2977eec79616c579d97146e7cac633c82cd59fbb0b33fe08af50ab3c4debac3ec002e40cee4318472ff56d0935f803edc3f693"}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r2 = syz_kvm_vgic_v3_setup(r1, 0x3, 0x180) ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000000280)=@attr_arm64={0x0, 0x3, 0x4, &(0x7f0000000000)=0x30c3}) syz_kvm_vgic_v3_setup(r1, 0x2, 0x100) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x1010020}) 2m36.7722892s ago: executing program 8 (id=335): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x2, 0x6}}], 0x50}, 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000000)={0x7}) r6 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000080)={0x0, 0x6000, 0x0, r6}) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f00000000c0)={0x8}) ioctl$KVM_SIGNAL_MSI(r5, 0x4020aea5, &(0x7f0000000000)={0x6000, 0x0, 0x0, 0x1, 0x20000000}) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2m23.632837212s ago: executing program 9 (id=336): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r2, 0x1, 0x180) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0xc0001, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x25) syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@irq_setup={0x46, 0x18, {0x4, 0xf5}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xf00, 0x6, 0x7}}], 0x48}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r6, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000040), 0xbc27dde24fcd4b16, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000140)={0x8, 0xffffffffffffffff, 0x1}) write$eventfd(r13, &(0x7f00000001c0)=0x3, 0x3f) r14 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) close(0x4) 2m9.923377843s ago: executing program 8 (id=337): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000240)={0x8, 0xffffffffffffffff}) ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, 0xfffffffffffffffe) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000180)=@arm64_core={0x603000000010001c, &(0x7f0000000200)=0x100}) 1m50.733507066s ago: executing program 9 (id=338): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c000}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x300, 0x0) r4 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000c00)=[{0x0, &(0x7f0000000640)=[@its_setup={0x82, 0x28, {0x3, 0x3, 0x185}}, @eret={0xe6, 0x18, 0x42d5}, @hvc={0x32, 0x40, {0x4000000, [0x2, 0x543ba709, 0x4, 0x7, 0x3]}}, @eret={0xe6, 0x18, 0xc22}, @eret={0xe6, 0x18, 0x251b3336}, @hvc={0x32, 0x40, {0xc4000007, [0x401, 0x2, 0x1, 0x8, 0x5]}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x311}}, @smc={0x1e, 0x40, {0x200, [0x0, 0x8, 0x2, 0x8, 0xfffffffffffffff9]}}, @hvc={0x32, 0x40, {0x84000004, [0xffffffffffff0000, 0x0, 0x7, 0x9, 0x6]}}, @msr={0x14, 0x20, {0x6030000000138012, 0x5}}, @msr={0x14, 0x20, {0x603000000013df70, 0x4}}, @uexit={0x0, 0x18, 0x2}, @uexit={0x0, 0x18, 0x1}], 0x208}], 0x1, 0x0, &(0x7f0000000c40)=[@featur2={0x1, 0x8}], 0x1) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000040)=@arm64_sys={0x603000000013c028, &(0x7f0000000600)=0x6}) r7 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x28) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) r9 = mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x11, r8, 0x40000) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000000)={0x7, 0xffffffffffffffff}) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="f21bc75509bf71c9d70236fc044842da63ff2f677e80ab404d37b2e3f137a13bc2b875c2357c6e1100000000000000000000000000000000000000000000000000ff00", 0x0, 0x48) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000001c0)={0x5000, 0x12000, 0x81}) ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r15, &(0x7f00000001c0)=0x8100000001, 0x51a8) ioctl$KVM_GET_DEVICE_ATTR(r12, 0x4018aee2, &(0x7f0000000640)=@attr_other={0x0, 0x1, 0xc, &(0x7f0000000600)=0x2}) syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f00000000c0)="f610f5b33c962b62c00d0914345792dd23a78cdac1300e5e167ce3c540e94f06530dc539e8c1d98289a14446bb8d486f0060cb76b4abc705083f72adeea32830e92b6c89e7b929ff", 0x0, 0x48) 1m44.200499563s ago: executing program 8 (id=339): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1a9602, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x4c4882, 0xfffe) ioctl$KVM_SET_SREGS(r2, 0x4000ae84, &(0x7f0000000080)={{0xeeee8000, 0xe000, 0xd, 0x40, 0x1, 0x8, 0x8c, 0xb, 0x7f, 0x3, 0x4, 0xff}, {0x50000, 0x26000, 0x8, 0x9, 0x3, 0x2, 0x9, 0x9, 0xa, 0x81, 0x20, 0x7}, {0xddd59000, 0x1, 0xe, 0xc, 0x1, 0x8, 0xf8, 0x6d, 0x5, 0x8, 0xe6, 0xf7}, {0x30000, 0x1000, 0xd, 0x11, 0x81, 0xfc, 0x7, 0x9, 0xda, 0x2, 0x4a, 0x7f}, {0x6000, 0xeeee8000, 0x4, 0x7f, 0x7, 0x9, 0x80, 0x18, 0x6, 0x7, 0xa, 0xf8}, {0x41000, 0xeeee8000, 0x8, 0x7, 0x8, 0x8, 0x10, 0xb4, 0x9, 0xe, 0x0, 0x7}, {0x4, 0x54000, 0x0, 0x7f, 0x1, 0x4, 0x9, 0x5, 0x7, 0x6a, 0x0, 0x2}, {0x5000, 0x9000, 0x3, 0xb, 0xf, 0xb8, 0x0, 0x1, 0x4, 0x9, 0x6, 0x3}, {0xd000, 0x3}, {0x4000, 0x400}, 0x40004, 0x0, 0x40000, 0x10000, 0xc, 0x9900, 0xdddd1000, [0x7fffffff, 0x8, 0x8000000000000000, 0xffffffffffff67e1]}) 1m24.092132243s ago: executing program 8 (id=340): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2b) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r4, 0x2, 0x12, r3, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f000000f000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000010000/0x4000)=nil, r4, 0x100000a, 0x12, r3, 0x0) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}], 0x28}, 0x0, 0x0) r9 = syz_kvm_vgic_v3_setup(r6, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x88, &(0x7f0000000000)=0x10}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x9, 0x5, 0x0}) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x4000010, 0xffffffffffffffff, 0x0) r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, r11, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000140)={0x0, &(0x7f0000000300)=[@hvc={0x32, 0x40, {0x4000, [0x4, 0x7, 0x2, 0x1, 0xffffffffffff0001]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0xe00, 0x66, 0x8}}, @mrs={0xbe, 0x18, {0x603000000013c3a0}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1200, 0x7f}}, @smc={0x1e, 0x40, {0x800, [0x7, 0x2052, 0x6, 0x0, 0x7fffffffffffffff]}}, @msr={0x14, 0x20, {0x0, 0x8000}}, @hvc={0x32, 0x40, {0x400, [0x9, 0x122, 0x0, 0x65, 0x4]}}, @code={0xa, 0x84, {"0020200d0000c0a80000206ee05298d20020b8f2e10080d2620080d2430180d2240180d2020000d4000028d5000c40780000003700002088601b9bd20040b0f2210180d2020080d2030080d2840180d2020000d460e59cd20080b0f2010080d2e20080d2c30080d2c40180d2020000d4"}}, @svc={0x122, 0x40, {0x80008000, [0x9, 0xfffffffffffff800, 0x9, 0x4, 0x800]}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x4, 0x0, 0x1, 0x6, 0x3}}, @smc={0x1e, 0x40, {0x4200008d, [0x2, 0x0, 0x3, 0xa, 0x1000]}}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x110}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x315}}, @code={0xa, 0x9c, {"0040000e007008d540e794d200e0b8f2210180d2220080d2e30080d2040080d2020000d4c0f999d200a0b0f2210180d2e20180d2430180d2040080d2020000d40004805a007008d5000480da60609fd20020b0f2c10180d2020080d2e30180d2c40080d2020000d420278bd20060b0f2a10080d2820080d2030080d2640080d2020000d4007008d5"}}, @uexit={0x0, 0x18, 0x9}, @smc={0x1e, 0x40, {0x40000000, [0x1, 0x4, 0xffffffff, 0x4d76, 0xbc3]}}, @hvc={0x32, 0x40, {0x8400000e, [0x6, 0x200000, 0x5, 0x4, 0x3]}}, @hvc={0x32, 0x40, {0x84003ff7, [0x7fffffffffffffff, 0x7, 0x9, 0x2, 0x21]}}, @hvc={0x32, 0x40, {0x80000001, [0x7, 0x0, 0x0, 0x2, 0x8]}}, @mrs={0xbe, 0x18, {0x603000000013df70}}, @uexit={0x0, 0x18, 0x4}, @hvc={0x32, 0x40, {0x80, [0x8000, 0x0, 0x2, 0x8, 0x6]}}, @irq_setup={0x46, 0x18, {0x3, 0x100}}], 0x510}, 0x0, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000fff000/0x1000)=nil, r11, 0x7, 0x10010, r12, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) munmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000) munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) 1m20.174420703s ago: executing program 9 (id=341): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x20000000) write$eventfd(r1, &(0x7f0000000000), 0xfffffdef) (async) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0x80111500, 0x20000000) ioctl$KVM_CREATE_VM(r3, 0x541b, 0x2004001f) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x80000, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0xa8202, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x27) syz_kvm_vgic_v3_setup(r7, 0x4, 0x1a0) (async) r8 = eventfd2(0x2, 0x80000) (async) r9 = eventfd2(0xf, 0x80001) ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f0000000100)={r9, 0x0, 0x2, r8}) (async) ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f0000000000)={r8, 0x8, 0x2, r8}) (async) ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f0000000040)={r9, 0xffffffff, 0x1}) r10 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async) r12 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000340)={0x0, 0x8000000, 0x4, r12, 0x8}) (async) syz_kvm_vgic_v3_setup(r7, 0x4, 0x60) ioctl$KVM_RUN(r11, 0xae80, 0x0) 56.19282214s ago: executing program 8 (id=342): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, 0xfffffffffffffffe) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) (async) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x24) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000b80)={0x0, 0x0}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) (async) syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) (async) r8 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000b80)={0x0, &(0x7f0000000080)=[@hvc={0x32, 0x40, {0x84000003, [0x5, 0x4, 0x4, 0x9, 0x4d]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r8, 0xae80, 0x0) 55.743826024s ago: executing program 9 (id=343): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3a) ioctl$KVM_CAP_ARM_MTE(r2, 0x4068aea3, &(0x7f0000000040)) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x200502, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x37) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f00000000c0)={0x9, 0xffffffffffffffff}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x9, 0xb, 0x0, 0x5, 0x6, 0x6, 0x26, 0x48, 0x86, 0xdd, 0x9, 0x0, 0x6, 0x973, 0xe, 0x3, 0x5, 0x0, '\x00', 0x10, 0x6}) write$eventfd(r4, &(0x7f00000001c0)=0x3, 0x50) mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r1, 0x200000c, 0x40010, 0xffffffffffffffff, 0x0) 7.924290141s ago: executing program 40 (id=343): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3a) ioctl$KVM_CAP_ARM_MTE(r2, 0x4068aea3, &(0x7f0000000040)) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x200502, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x37) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f00000000c0)={0x9, 0xffffffffffffffff}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x9, 0xb, 0x0, 0x5, 0x6, 0x6, 0x26, 0x48, 0x86, 0xdd, 0x9, 0x0, 0x6, 0x973, 0xe, 0x3, 0x5, 0x0, '\x00', 0x10, 0x6}) write$eventfd(r4, &(0x7f00000001c0)=0x3, 0x50) mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r1, 0x200000c, 0x40010, 0xffffffffffffffff, 0x0) 0s ago: executing program 41 (id=342): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, 0xfffffffffffffffe) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) (async) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) (async) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x24) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000b80)={0x0, 0x0}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) (async) syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) (async) r8 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000b80)={0x0, &(0x7f0000000080)=[@hvc={0x32, 0x40, {0x84000003, [0x5, 0x4, 0x4, 0x9, 0x4d]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r8, 0xae80, 0x0) kernel console output (not intermixed with test programs): [ 360.802204][ T24] audit: type=1400 audit(359.950:75): avc: denied { write } for pid=3257 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 364.434876][ T24] audit: type=1400 audit(363.610:76): avc: denied { write } for pid=3261 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 366.923715][ T3206] 8021q: adding VLAN 0 to HW filter on device bond0 [ 374.382417][ T24] audit: type=1400 audit(373.560:77): avc: denied { write } for pid=3267 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 378.195332][ T24] audit: type=1400 audit(377.370:78): avc: denied { write } for pid=3270 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 395.792189][ T24] audit: type=1400 audit(394.970:79): avc: denied { write } for pid=3277 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 400.150524][ T24] audit: type=1400 audit(399.290:80): avc: denied { write } for pid=3280 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 402.596687][ T3206] eql: remember to turn off Van-Jacobson compression on your slave devices [ 406.510327][ T24] audit: type=1400 audit(405.680:81): avc: denied { write } for pid=3283 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 410.220700][ T24] audit: type=1400 audit(409.360:82): avc: denied { write } for pid=3286 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 419.166748][ T24] audit: type=1400 audit(418.340:83): avc: denied { write } for pid=3290 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 422.769231][ T24] audit: type=1400 audit(421.940:84): avc: denied { write } for pid=3293 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 431.894473][ T24] audit: type=1400 audit(431.060:85): avc: denied { write } for pid=3297 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 435.492511][ T24] audit: type=1400 audit(434.670:86): avc: denied { write } for pid=3300 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 447.233509][ T24] audit: type=1400 audit(446.410:87): avc: denied { write } for pid=3305 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 452.082612][ T24] audit: type=1400 audit(451.200:88): avc: denied { write } for pid=3308 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 458.991554][ T24] audit: type=1400 audit(458.160:89): avc: denied { write } for pid=3310 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 462.800564][ T24] audit: type=1400 audit(461.940:90): avc: denied { write } for pid=3313 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 472.712025][ T24] audit: type=1400 audit(471.890:91): avc: denied { write } for pid=3318 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 476.559749][ T24] audit: type=1400 audit(475.700:92): avc: denied { write } for pid=3321 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 481.659678][ T24] audit: type=1400 audit(480.830:93): avc: denied { write } for pid=3323 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 485.467338][ T24] audit: type=1400 audit(484.640:94): avc: denied { write } for pid=3326 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 507.119824][ T24] audit: type=1400 audit(506.250:95): avc: denied { write } for pid=3337 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 511.941379][ T24] audit: type=1400 audit(511.110:96): avc: denied { write } for pid=3340 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 526.321133][ T24] audit: type=1400 audit(525.480:97): avc: denied { write } for pid=3346 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 529.945372][ T24] audit: type=1400 audit(529.120:98): avc: denied { write } for pid=3349 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 540.259345][ T24] audit: type=1400 audit(539.410:99): avc: denied { write } for pid=3353 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 543.944771][ T24] audit: type=1400 audit(543.120:100): avc: denied { write } for pid=3356 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 Warning: Permanently added '[localhost]:15107' (ED25519) to the list of known hosts. [ 579.877021][ T24] audit: type=1400 audit(579.050:101): avc: denied { name_bind } for pid=3361 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 580.687258][ T24] audit: type=1400 audit(579.860:102): avc: denied { execute } for pid=3362 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 580.720092][ T24] audit: type=1400 audit(579.890:103): avc: denied { execute_no_trans } for pid=3362 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 604.435961][ T24] audit: type=1400 audit(603.610:104): avc: denied { mounton } for pid=3362 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 604.477142][ T24] audit: type=1400 audit(603.650:105): avc: denied { mount } for pid=3362 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 604.560192][ T3362] cgroup: Unknown subsys name 'net' [ 604.615863][ T24] audit: type=1400 audit(603.790:106): avc: denied { unmount } for pid=3362 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 605.001237][ T3362] cgroup: Unknown subsys name 'cpuset' [ 605.107237][ T3362] cgroup: Unknown subsys name 'rlimit' [ 605.976019][ T24] audit: type=1400 audit(605.150:107): avc: denied { setattr } for pid=3362 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=704 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 605.994533][ T24] audit: type=1400 audit(605.170:108): avc: denied { mounton } for pid=3362 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 606.017532][ T24] audit: type=1400 audit(605.190:109): avc: denied { mount } for pid=3362 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 607.012351][ T3365] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 607.030875][ T24] audit: type=1400 audit(606.200:110): avc: denied { relabelto } for pid=3365 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 607.054858][ T24] audit: type=1400 audit(606.230:111): avc: denied { write } for pid=3365 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 607.244047][ T24] audit: type=1400 audit(606.410:112): avc: denied { read } for pid=3362 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 607.261506][ T24] audit: type=1400 audit(606.430:113): avc: denied { open } for pid=3362 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 607.312321][ T3362] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 665.303284][ T24] audit: type=1400 audit(664.480:114): avc: denied { execmem } for pid=3366 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 669.039853][ T24] audit: type=1400 audit(668.210:116): avc: denied { open } for pid=3369 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 669.056398][ T24] audit: type=1400 audit(668.200:115): avc: denied { read } for pid=3368 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 669.117926][ T24] audit: type=1400 audit(668.290:117): avc: denied { mounton } for pid=3369 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 669.344024][ T24] audit: type=1400 audit(668.510:118): avc: denied { module_request } for pid=3368 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 669.360679][ T24] audit: type=1400 audit(668.530:119): avc: denied { module_request } for pid=3369 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 670.321009][ T24] audit: type=1400 audit(669.490:120): avc: denied { sys_module } for pid=3369 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 692.565935][ T3368] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 692.711234][ T3369] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 692.832538][ T3368] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 692.913555][ T3369] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 706.730489][ T3368] hsr_slave_0: entered promiscuous mode [ 706.760228][ T3368] hsr_slave_1: entered promiscuous mode [ 707.622070][ T3369] hsr_slave_0: entered promiscuous mode [ 707.654971][ T3369] hsr_slave_1: entered promiscuous mode [ 707.685095][ T3369] debugfs: 'hsr0' already exists in 'hsr' [ 707.699997][ T3369] Cannot create hsr debugfs directory [ 713.326973][ T24] audit: type=1400 audit(712.500:121): avc: denied { create } for pid=3368 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 713.366965][ T24] audit: type=1400 audit(712.540:122): avc: denied { write } for pid=3368 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 713.471701][ T24] audit: type=1400 audit(712.590:123): avc: denied { read } for pid=3368 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 713.556575][ T3368] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 713.820893][ T3368] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 713.935435][ T3368] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 714.203776][ T3368] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 714.320154][ T3368] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 714.467424][ T3368] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 714.630617][ T3368] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 714.746013][ T3368] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 716.134766][ T3369] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 716.277448][ T3369] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 716.355474][ T3369] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 716.474977][ T3369] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 716.544896][ T3369] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 716.686267][ T3369] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 716.773835][ T3369] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 716.931332][ T3369] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 727.745322][ T3368] 8021q: adding VLAN 0 to HW filter on device bond0 [ 730.544845][ T3369] 8021q: adding VLAN 0 to HW filter on device bond0 [ 779.851469][ T3368] veth0_vlan: entered promiscuous mode [ 780.352461][ T3368] veth1_vlan: entered promiscuous mode [ 782.376352][ T3368] veth0_macvtap: entered promiscuous mode [ 782.636912][ T3368] veth1_macvtap: entered promiscuous mode [ 783.086180][ T3369] veth0_vlan: entered promiscuous mode [ 783.910076][ T3369] veth1_vlan: entered promiscuous mode [ 785.289979][ T48] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 785.310213][ T48] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 785.386889][ T48] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 785.400697][ T48] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 787.132921][ T3369] veth0_macvtap: entered promiscuous mode [ 787.831777][ T24] audit: type=1400 audit(786.980:124): avc: denied { mount } for pid=3368 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 787.892074][ T3369] veth1_macvtap: entered promiscuous mode [ 787.972859][ T24] audit: type=1400 audit(787.140:125): avc: denied { mounton } for pid=3368 comm="syz-executor" path="/syzkaller.D0SAAA/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 788.139564][ T24] audit: type=1400 audit(787.310:126): avc: denied { mount } for pid=3368 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 788.384042][ T24] audit: type=1400 audit(787.560:127): avc: denied { mounton } for pid=3368 comm="syz-executor" path="/syzkaller.D0SAAA/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 788.620021][ T24] audit: type=1400 audit(787.700:128): avc: denied { mounton } for pid=3368 comm="syz-executor" path="/syzkaller.D0SAAA/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3715 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 789.210757][ T24] audit: type=1400 audit(788.380:129): avc: denied { unmount } for pid=3368 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 789.452414][ T24] audit: type=1400 audit(788.630:130): avc: denied { mounton } for pid=3368 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1548 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 789.594306][ T24] audit: type=1400 audit(788.750:131): avc: denied { mount } for pid=3368 comm="syz-executor" name="/" dev="gadgetfs" ino=3724 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 789.757723][ T3505] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 789.764361][ T3505] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 789.805529][ T3505] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 789.814340][ T3505] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 789.899922][ T24] audit: type=1400 audit(789.050:132): avc: denied { mount } for pid=3368 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 790.086672][ T24] audit: type=1400 audit(789.170:133): avc: denied { mounton } for pid=3368 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 791.815840][ T3368] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 792.913984][ T24] kauditd_printk_skb: 1 callbacks suppressed [ 792.923129][ T24] audit: type=1400 audit(792.090:135): avc: denied { read write } for pid=3368 comm="syz-executor" name="loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 792.952525][ T24] audit: type=1400 audit(792.110:136): avc: denied { open } for pid=3368 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 793.014929][ T24] audit: type=1400 audit(792.190:137): avc: denied { ioctl } for pid=3368 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 802.030451][ T24] audit: type=1400 audit(801.200:138): avc: denied { read } for pid=3520 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 802.110524][ T24] audit: type=1400 audit(801.280:139): avc: denied { open } for pid=3520 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 802.343906][ T24] audit: type=1400 audit(801.520:140): avc: denied { write } for pid=3520 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 802.414493][ T24] audit: type=1400 audit(801.590:141): avc: denied { ioctl } for pid=3520 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 816.879705][ T24] audit: type=1400 audit(815.980:142): avc: denied { append } for pid=3532 comm="syz.1.4" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 819.615068][ T24] audit: type=1400 audit(818.770:143): avc: denied { setattr } for pid=3532 comm="syz.1.4" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 898.625140][ T24] audit: type=1400 audit(897.790:144): avc: denied { create } for pid=3569 comm="syz.0.14" anonclass=[kvm-gmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 898.776889][ T24] audit: type=1400 audit(897.950:145): avc: denied { ioctl } for pid=3569 comm="syz.0.14" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=4837 ioctlcmd=0xae49 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 958.760347][ T24] audit: type=1400 audit(957.920:146): avc: denied { write } for pid=3605 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 966.397052][ T24] audit: type=1400 audit(965.570:147): avc: denied { write } for pid=3615 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1036.314831][ T24] audit: type=1400 audit(1035.340:148): avc: denied { execute } for pid=3665 comm="syz.0.43" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=6284 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 1133.666742][ T30] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1134.961384][ T30] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1136.551752][ T30] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1137.550883][ T30] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1149.986206][ T30] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1150.094165][ T30] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1150.143017][ T30] bond0 (unregistering): Released all slaves [ 1151.213591][ T30] hsr_slave_0: left promiscuous mode [ 1151.272560][ T30] hsr_slave_1: left promiscuous mode [ 1151.621249][ T30] veth1_macvtap: left promiscuous mode [ 1151.624984][ T30] veth0_macvtap: left promiscuous mode [ 1151.636198][ T30] veth1_vlan: left promiscuous mode [ 1151.645601][ T30] veth0_vlan: left promiscuous mode [ 1164.534114][ T24] audit: type=1400 audit(1163.710:149): avc: denied { read } for pid=3206 comm="dhcpcd" name="n18" dev="tmpfs" ino=1381 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 1164.570926][ T24] audit: type=1400 audit(1163.740:150): avc: denied { open } for pid=3206 comm="dhcpcd" path="/run/udev/data/n18" dev="tmpfs" ino=1381 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 1164.640024][ T24] audit: type=1400 audit(1163.740:151): avc: denied { getattr } for pid=3206 comm="dhcpcd" path="/run/udev/data/n18" dev="tmpfs" ino=1381 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 1168.692036][ T30] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1169.796768][ T30] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1170.800860][ T30] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1172.173931][ T30] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1174.162990][ T24] audit: type=1400 audit(1173.330:152): avc: denied { write } for pid=3727 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1174.195675][ T24] audit: type=1400 audit(1173.370:153): avc: denied { create } for pid=3727 comm="dhcpcd-run-hook" name="resolv.conf.eth1.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 1174.231853][ T24] audit: type=1400 audit(1173.400:154): avc: denied { write } for pid=3727 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.eth1.link" dev="tmpfs" ino=1385 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 1174.300971][ T24] audit: type=1400 audit(1173.460:155): avc: denied { append } for pid=3727 comm="dhcpcd-run-hook" name="resolv.conf.eth1.link" dev="tmpfs" ino=1385 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 1180.863851][ T24] audit: type=1400 audit(1180.040:156): avc: denied { write } for pid=3736 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1180.901804][ T24] audit: type=1400 audit(1180.070:157): avc: denied { unlink } for pid=3736 comm="rm" name="resolv.conf.eth1.link" dev="tmpfs" ino=1385 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 1189.733024][ T30] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1189.854118][ T30] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1189.926468][ T30] bond0 (unregistering): Released all slaves [ 1190.474447][ T3206] 8021q: adding VLAN 0 to HW filter on device eth1 [ 1191.696808][ T30] hsr_slave_0: left promiscuous mode [ 1191.784912][ T30] hsr_slave_1: left promiscuous mode [ 1192.329492][ T30] veth1_macvtap: left promiscuous mode [ 1192.332617][ T30] veth0_macvtap: left promiscuous mode [ 1192.352946][ T30] veth1_vlan: left promiscuous mode [ 1192.369825][ T30] veth0_vlan: left promiscuous mode [ 1204.763020][ T3692] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1205.067694][ T3692] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1212.119354][ T24] audit: type=1400 audit(1211.280:158): avc: denied { write } for pid=3757 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1216.314487][ T24] audit: type=1400 audit(1215.470:159): avc: denied { write } for pid=3767 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1217.555902][ T3701] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1217.747919][ T3701] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1219.346535][ T3206] 8021q: adding VLAN 0 to HW filter on device eth2 [ 1223.071728][ T3692] hsr_slave_0: entered promiscuous mode [ 1223.131926][ T3692] hsr_slave_1: entered promiscuous mode [ 1227.253695][ T24] audit: type=1400 audit(1226.430:160): avc: denied { write } for pid=3779 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1231.601711][ T24] audit: type=1400 audit(1230.740:161): avc: denied { write } for pid=3784 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1235.142153][ T3692] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1235.463845][ T3692] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1235.551685][ T3692] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1235.673650][ T3692] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1235.741882][ T3206] 8021q: adding VLAN 0 to HW filter on device eth3 [ 1235.779774][ T3692] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1235.975248][ T3692] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1236.184165][ T3692] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1236.281965][ T3692] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1238.086980][ T3701] hsr_slave_0: entered promiscuous mode [ 1238.183690][ T3701] hsr_slave_1: entered promiscuous mode [ 1238.270175][ T3701] debugfs: 'hsr0' already exists in 'hsr' [ 1238.281242][ T3701] Cannot create hsr debugfs directory [ 1248.726880][ T24] audit: type=1400 audit(1247.900:162): avc: denied { write } for pid=3800 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1254.715470][ T3701] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1255.024640][ T3701] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1255.172262][ T3701] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1255.404329][ T3701] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1255.560039][ T3701] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1255.812344][ T3701] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1255.982020][ T3701] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1256.300535][ T24] audit: type=1400 audit(1255.460:163): avc: denied { write } for pid=3807 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1256.325575][ T3701] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1261.185681][ T3206] 8021q: adding VLAN 0 to HW filter on device eth4 [ 1262.531415][ T3692] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1266.930498][ T24] audit: type=1400 audit(1266.100:164): avc: denied { write } for pid=3818 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1272.690897][ T24] audit: type=1400 audit(1271.850:165): avc: denied { write } for pid=3828 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1277.275979][ T3701] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1290.016783][ T24] audit: type=1400 audit(1289.190:166): avc: denied { write } for pid=3840 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1297.010317][ T24] audit: type=1400 audit(1296.180:167): avc: denied { write } for pid=3849 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1302.375649][ T3206] 8021q: adding VLAN 0 to HW filter on device eth5 [ 1321.845453][ T24] audit: type=1400 audit(1321.000:168): avc: denied { write } for pid=3868 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1327.955676][ T24] audit: type=1400 audit(1327.130:169): avc: denied { write } for pid=3879 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1332.644738][ T3206] 8021q: adding VLAN 0 to HW filter on device eth6 [ 1345.294213][ T3692] veth0_vlan: entered promiscuous mode [ 1346.261836][ T3692] veth1_vlan: entered promiscuous mode [ 1346.940317][ T24] audit: type=1400 audit(1346.100:170): avc: denied { write } for pid=3896 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1349.022365][ T3692] veth0_macvtap: entered promiscuous mode [ 1349.356751][ T3692] veth1_macvtap: entered promiscuous mode [ 1352.384674][ T50] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1352.390735][ T50] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1352.430008][ T50] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1352.460050][ T50] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1355.457238][ T24] audit: type=1400 audit(1354.630:171): avc: denied { write } for pid=3902 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1356.070543][ T24] audit: type=1400 audit(1355.240:172): avc: denied { unmount } for pid=3692 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 1361.014015][ T3206] 8021q: adding VLAN 0 to HW filter on device eth7 [ 1366.134491][ T3701] veth0_vlan: entered promiscuous mode [ 1367.416038][ T3701] veth1_vlan: entered promiscuous mode [ 1371.466270][ T3701] veth0_macvtap: entered promiscuous mode [ 1372.612730][ T3701] veth1_macvtap: entered promiscuous mode [ 1376.664449][ T50] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1376.689643][ T50] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1376.714703][ T50] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1376.715617][ T50] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1392.726585][ T24] audit: type=1400 audit(1391.900:173): avc: denied { write } for pid=3922 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1402.082098][ T24] audit: type=1400 audit(1401.180:174): avc: denied { write } for pid=3935 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1408.686421][ T3206] 8021q: adding VLAN 0 to HW filter on device eth8 [ 1439.476822][ T24] audit: type=1400 audit(1438.650:175): avc: denied { write } for pid=3960 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1450.766515][ T24] audit: type=1400 audit(1449.900:176): avc: denied { write } for pid=3972 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1476.873712][ T24] audit: type=1400 audit(1476.030:177): avc: denied { write } for pid=3992 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1487.900217][ T24] audit: type=1400 audit(1487.060:178): avc: denied { write } for pid=4003 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1511.165091][ T24] audit: type=1400 audit(1510.240:179): avc: denied { map } for pid=4016 comm="syz.3.70" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1511.192606][ T24] audit: type=1400 audit(1510.350:180): avc: denied { execute } for pid=4016 comm="syz.3.70" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1519.140223][ T24] audit: type=1400 audit(1518.250:181): avc: denied { write } for pid=4023 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1528.559723][ T24] audit: type=1400 audit(1527.710:182): avc: denied { write } for pid=4035 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1549.685468][ T24] audit: type=1400 audit(1548.850:183): avc: denied { write } for pid=4049 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1560.919755][ T24] audit: type=1400 audit(1560.080:184): avc: denied { write } for pid=4059 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1593.253360][ T24] audit: type=1400 audit(1592.350:185): avc: denied { write } for pid=4078 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1602.870497][ T24] audit: type=1400 audit(1602.020:186): avc: denied { write } for pid=4087 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1626.110082][ T24] audit: type=1400 audit(1625.260:187): avc: denied { write } for pid=4100 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1634.370483][ T24] audit: type=1400 audit(1633.540:188): avc: denied { write } for pid=4108 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1649.674549][ T24] audit: type=1400 audit(1648.810:189): avc: denied { write } for pid=4112 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1658.910609][ T24] audit: type=1400 audit(1658.080:190): avc: denied { write } for pid=4127 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1676.652792][ T24] audit: type=1400 audit(1675.820:191): avc: denied { write } for pid=4136 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1687.574612][ T24] audit: type=1400 audit(1686.740:192): avc: denied { write } for pid=4150 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1705.089587][ T24] audit: type=1400 audit(1704.260:193): avc: denied { write } for pid=4159 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1713.530689][ T24] audit: type=1400 audit(1712.660:194): avc: denied { write } for pid=4166 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1764.580613][ T24] audit: type=1400 audit(1763.750:195): avc: denied { map } for pid=4197 comm="syz.3.104" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=11230 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 1764.619788][ T24] audit: type=1400 audit(1763.770:196): avc: denied { read } for pid=4197 comm="syz.3.104" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=11230 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 2046.490883][ T24] audit: type=1400 audit(2045.550:197): avc: denied { write } for pid=4344 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2056.162094][ T24] audit: type=1400 audit(2055.280:198): avc: denied { write } for pid=4354 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2266.105151][ T24] audit: type=1400 audit(2265.280:199): avc: denied { write } for pid=4468 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2277.212908][ T24] audit: type=1400 audit(2276.370:200): avc: denied { write } for pid=4480 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2367.081238][ T24] audit: type=1400 audit(2366.250:201): avc: denied { ioctl } for pid=4513 comm="syz.3.197" path="net:[4026532790]" dev="nsfs" ino=4026532790 ioctlcmd=0xb70d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 2669.622228][ T24] audit: type=1400 audit(2668.780:202): avc: denied { write } for pid=4686 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2673.859770][ T24] audit: type=1400 audit(2673.020:203): avc: denied { write } for pid=4689 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2757.806235][ T3918] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2759.316061][ T3918] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2762.746628][ T3918] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2764.484434][ T3918] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2767.904301][ T4692] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2768.172277][ T4692] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2782.230997][ T3918] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2782.367392][ T3918] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2782.416050][ T3918] bond0 (unregistering): Released all slaves [ 2783.778942][ T3918] hsr_slave_0: left promiscuous mode [ 2783.822967][ T3918] hsr_slave_1: left promiscuous mode [ 2784.130047][ T3918] veth1_macvtap: left promiscuous mode [ 2784.133220][ T3918] veth0_macvtap: left promiscuous mode [ 2784.145613][ T3918] veth1_vlan: left promiscuous mode [ 2784.154339][ T3918] veth0_vlan: left promiscuous mode [ 2801.414854][ T4699] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2801.785140][ T4699] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2805.806562][ T3918] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2807.804264][ T3918] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2809.302619][ T3918] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2811.022240][ T3918] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2820.090349][ T24] audit: type=1400 audit(2819.260:204): avc: denied { write } for pid=4762 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2827.109765][ T24] audit: type=1400 audit(2826.260:205): avc: denied { write } for pid=4770 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2831.030023][ T3918] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2831.242618][ T3918] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2831.391251][ T3918] bond0 (unregistering): Released all slaves [ 2832.423973][ T4692] hsr_slave_0: entered promiscuous mode [ 2832.447265][ T4692] hsr_slave_1: entered promiscuous mode [ 2832.482079][ T4692] debugfs: 'hsr0' already exists in 'hsr' [ 2832.489607][ T4692] Cannot create hsr debugfs directory [ 2832.735170][ T3206] 8021q: adding VLAN 0 to HW filter on device eth9 [ 2833.257138][ T3918] hsr_slave_0: left promiscuous mode [ 2833.341020][ T3918] hsr_slave_1: left promiscuous mode [ 2833.697773][ T3918] veth1_macvtap: left promiscuous mode [ 2833.742703][ T3918] veth0_macvtap: left promiscuous mode [ 2833.746546][ T3918] veth1_vlan: left promiscuous mode [ 2833.760358][ T3918] veth0_vlan: left promiscuous mode [ 2855.175199][ T4699] hsr_slave_0: entered promiscuous mode [ 2855.223028][ T4699] hsr_slave_1: entered promiscuous mode [ 2857.229723][ T24] audit: type=1400 audit(2856.400:206): avc: denied { write } for pid=4780 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2861.914901][ T24] audit: type=1400 audit(2861.090:207): avc: denied { write } for pid=4785 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2864.982558][ T4692] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 2865.371608][ T4692] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 2865.913441][ T4692] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 2866.074237][ T4692] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 2866.156370][ T3206] 8021q: adding VLAN 0 to HW filter on device eth10 [ 2866.701040][ T4692] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 2866.902630][ T4692] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 2866.977082][ T4692] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 2867.172223][ T4692] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 2874.781968][ T4699] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 2875.257845][ T4699] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 2875.436157][ T4699] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 2875.923552][ T4699] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 2876.082618][ T4699] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 2876.377830][ T4699] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 2876.567154][ T4699] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 2877.004156][ T4699] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 2886.922889][ T24] audit: type=1400 audit(2886.080:208): avc: denied { write } for pid=4807 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2894.160507][ T24] audit: type=1400 audit(2893.260:209): avc: denied { write } for pid=4816 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2897.572388][ T4692] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2899.847507][ T3206] 8021q: adding VLAN 0 to HW filter on device eth11 [ 2904.323506][ T4699] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2907.910726][ T24] audit: type=1400 audit(2907.060:210): avc: denied { write } for pid=4821 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2914.689337][ T24] audit: type=1400 audit(2913.850:211): avc: denied { write } for pid=4831 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2940.083089][ T24] audit: type=1400 audit(2939.250:212): avc: denied { write } for pid=4843 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2949.220612][ T24] audit: type=1400 audit(2948.390:213): avc: denied { write } for pid=4854 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2954.623096][ T3206] 8021q: adding VLAN 0 to HW filter on device eth12 [ 2969.224178][ T24] audit: type=1400 audit(2968.390:214): avc: denied { write } for pid=4869 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2975.985131][ T24] audit: type=1400 audit(2975.160:215): avc: denied { write } for pid=4879 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2980.574728][ T3206] 8021q: adding VLAN 0 to HW filter on device eth13 [ 2999.080246][ T24] audit: type=1400 audit(2998.230:216): avc: denied { write } for pid=4895 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3008.800783][ T24] audit: type=1400 audit(3007.960:217): avc: denied { write } for pid=4904 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3014.619922][ T3206] 8021q: adding VLAN 0 to HW filter on device eth14 [ 3018.276847][ T4692] veth0_vlan: entered promiscuous mode [ 3019.289006][ T4692] veth1_vlan: entered promiscuous mode [ 3022.397965][ T4692] veth0_macvtap: entered promiscuous mode [ 3023.322738][ T4692] veth1_macvtap: entered promiscuous mode [ 3025.552691][ T4699] veth0_vlan: entered promiscuous mode [ 3027.681568][ T4699] veth1_vlan: entered promiscuous mode [ 3029.012810][ T4727] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3029.154373][ T4727] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3029.200740][ T3918] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3029.244501][ T4731] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3031.911755][ T24] audit: type=1400 audit(3031.080:218): avc: denied { write } for pid=4916 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3033.580633][ T4699] veth0_macvtap: entered promiscuous mode [ 3034.362145][ T4699] veth1_macvtap: entered promiscuous mode [ 3038.466038][ T4731] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3038.474732][ T4731] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3038.526260][ T4733] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3038.614941][ T3918] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3040.443551][ T24] audit: type=1400 audit(3039.590:219): avc: denied { write } for pid=4919 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3049.134622][ T3206] 8021q: adding VLAN 0 to HW filter on device eth15 [ 3078.063526][ T24] audit: type=1400 audit(3077.210:220): avc: denied { write } for pid=4935 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3090.589672][ T24] audit: type=1400 audit(3089.730:221): avc: denied { write } for pid=4946 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3098.746192][ T3206] 8021q: adding VLAN 0 to HW filter on device eth16 [ 3162.011119][ T24] audit: type=1400 audit(3161.070:222): avc: denied { write } for pid=4990 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3168.943009][ T24] audit: type=1400 audit(3168.120:223): avc: denied { write } for pid=4993 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3184.860305][ T24] audit: type=1400 audit(3184.020:224): avc: denied { write } for pid=4996 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3194.209404][ T24] audit: type=1400 audit(3193.350:225): avc: denied { write } for pid=5001 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3221.566046][ T24] audit: type=1400 audit(3220.740:226): avc: denied { write } for pid=5014 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3232.581919][ T24] audit: type=1400 audit(3231.750:227): avc: denied { write } for pid=5025 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3263.632822][ T24] audit: type=1400 audit(3262.810:228): avc: denied { write } for pid=5035 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3273.409664][ T24] audit: type=1400 audit(3272.580:229): avc: denied { write } for pid=5046 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3299.710784][ T24] audit: type=1400 audit(3298.840:230): avc: denied { write } for pid=5061 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3311.069979][ T24] audit: type=1400 audit(3310.140:231): avc: denied { write } for pid=5071 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3311.783663][ T5004] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3313.753696][ T5004] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3316.982356][ T5008] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3317.487598][ T5008] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3331.099429][ T24] audit: type=1400 audit(3330.160:232): avc: denied { write } for pid=5078 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3340.782488][ T24] audit: type=1400 audit(3339.920:233): avc: denied { write } for pid=5087 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3357.154383][ T5004] hsr_slave_0: entered promiscuous mode [ 3357.283086][ T5004] hsr_slave_1: entered promiscuous mode [ 3357.467802][ T5004] debugfs: 'hsr0' already exists in 'hsr' [ 3357.491990][ T5004] Cannot create hsr debugfs directory [ 3358.229829][ T24] audit: type=1400 audit(3357.400:234): avc: denied { write } for pid=5095 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3365.150451][ T5008] hsr_slave_0: entered promiscuous mode [ 3365.234585][ T5008] hsr_slave_1: entered promiscuous mode [ 3365.364177][ T5008] debugfs: 'hsr0' already exists in 'hsr' [ 3365.390334][ T5008] Cannot create hsr debugfs directory [ 3368.989922][ T24] audit: type=1400 audit(3368.130:235): avc: denied { write } for pid=5101 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3395.276447][ T5004] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 3396.112820][ T5004] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 3396.239950][ T24] audit: type=1400 audit(3395.380:236): avc: denied { write } for pid=5107 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3396.386845][ T5004] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 3396.983869][ T5004] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 3397.364899][ T5004] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 3398.007169][ T5004] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 3398.324447][ T5004] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 3399.085028][ T5004] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 3408.203018][ T5008] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 3408.647388][ T5008] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 3408.891962][ T5008] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 3409.111101][ T24] audit: type=1400 audit(3408.250:237): avc: denied { write } for pid=5118 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3409.563873][ T5008] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 3409.687916][ T5008] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 3410.455117][ T5008] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 3410.809586][ T5008] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 3411.406030][ T5008] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 3447.821514][ T24] audit: type=1400 audit(3446.970:238): avc: denied { write } for pid=5140 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3452.266468][ T5004] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3460.953691][ T5008] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3461.314736][ T24] audit: type=1400 audit(3460.480:239): avc: denied { write } for pid=5146 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3517.870988][ T5121] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3520.143887][ T5121] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3521.595039][ T5121] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3523.805648][ T5121] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3549.741972][ T5121] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3550.037753][ T5121] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3550.250375][ T5121] bond0 (unregistering): Released all slaves [ 3554.551172][ T5121] hsr_slave_0: left promiscuous mode [ 3555.050517][ T5121] hsr_slave_1: left promiscuous mode [ 3556.350422][ T5121] veth1_macvtap: left promiscuous mode [ 3556.398772][ T5121] veth0_macvtap: left promiscuous mode [ 3556.415057][ T5121] veth1_vlan: left promiscuous mode [ 3556.429992][ T5121] veth0_vlan: left promiscuous mode [ 3588.652857][ T5121] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3591.096446][ T5121] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3593.359210][ T5121] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3595.357387][ T5121] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3611.649270][ T24] audit: type=1400 audit(3610.760:240): avc: denied { write } for pid=5196 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3622.790771][ T24] audit: type=1400 audit(3621.960:241): avc: denied { write } for pid=5208 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3625.831537][ T5121] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3626.877027][ T5121] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3627.334729][ T5121] bond0 (unregistering): Released all slaves [ 3628.440948][ T3206] 8021q: adding VLAN 0 to HW filter on device eth17 [ 3629.605857][ T5121] hsr_slave_0: left promiscuous mode [ 3629.746437][ T5121] hsr_slave_1: left promiscuous mode [ 3630.521471][ T5121] veth1_macvtap: left promiscuous mode [ 3630.562622][ T5121] veth0_macvtap: left promiscuous mode [ 3630.592755][ T5121] veth1_vlan: left promiscuous mode [ 3630.625367][ T5121] veth0_vlan: left promiscuous mode [ 3678.497711][ T24] audit: type=1400 audit(3677.670:242): avc: denied { write } for pid=5222 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3687.109744][ T24] audit: type=1400 audit(3686.240:243): avc: denied { write } for pid=5233 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3693.056689][ T3206] 8021q: adding VLAN 0 to HW filter on device eth18 [ 3705.403710][ T5004] veth0_vlan: entered promiscuous mode [ 3706.345274][ T5004] veth1_vlan: entered promiscuous mode [ 3710.377439][ T5004] veth0_macvtap: entered promiscuous mode [ 3711.164821][ T5004] veth1_macvtap: entered promiscuous mode [ 3715.113294][ T24] audit: type=1400 audit(3714.290:244): avc: denied { write } for pid=5248 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3716.873113][ T5008] veth0_vlan: entered promiscuous mode [ 3718.004138][ T4731] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3718.009669][ T4731] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3718.031967][ T4731] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3718.112110][ T4731] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3720.074133][ T5008] veth1_vlan: entered promiscuous mode [ 3725.781286][ T24] audit: type=1400 audit(3724.870:245): avc: denied { write } for pid=5252 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3726.933413][ T5008] veth0_macvtap: entered promiscuous mode [ 3728.294106][ T5008] veth1_macvtap: entered promiscuous mode [ 3732.771233][ T2147] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3732.783860][ T3918] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3732.991520][ T3505] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3733.005816][ T3505] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3734.236489][ T3206] 8021q: adding VLAN 0 to HW filter on device eth19 [ 3762.810463][ T24] audit: type=1400 audit(3761.980:246): avc: denied { write } for pid=5263 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3777.100076][ T24] audit: type=1400 audit(3776.270:247): avc: denied { write } for pid=5273 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3786.895570][ T3206] 8021q: adding VLAN 0 to HW filter on device eth20 [ 3803.343146][ T24] audit: type=1400 audit(3802.470:248): avc: denied { write } for pid=5285 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3816.990513][ T24] audit: type=1400 audit(3816.070:249): avc: denied { write } for pid=5296 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3852.983427][ T24] audit: type=1400 audit(3852.160:250): avc: denied { write } for pid=5309 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3866.853701][ T24] audit: type=1400 audit(3866.020:251): avc: denied { write } for pid=5315 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3871.647751][ T5317] kvm [5317]: Failed to find VMA for hva 0x20d8a000 [ 3875.587655][ T3206] 8021q: adding VLAN 0 to HW filter on device eth21 [ 3908.081086][ T24] audit: type=1400 audit(3907.240:252): avc: denied { write } for pid=5334 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3922.641785][ T24] audit: type=1400 audit(3921.760:253): avc: denied { write } for pid=5348 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3932.423926][ T3206] 8021q: adding VLAN 0 to HW filter on device eth22 [ 3962.942766][ T24] audit: type=1400 audit(3962.100:254): avc: denied { write } for pid=5363 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3977.893795][ T24] audit: type=1400 audit(3977.070:255): avc: denied { write } for pid=5374 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3988.075483][ T3206] 8021q: adding VLAN 0 to HW filter on device eth23 [ 4015.734649][ T24] audit: type=1400 audit(4014.840:256): avc: denied { write } for pid=5389 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4030.559288][ T24] audit: type=1400 audit(4029.710:257): avc: denied { write } for pid=5400 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4070.236750][ T24] audit: type=1400 audit(4069.380:258): avc: denied { write } for pid=5413 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4084.732618][ T24] audit: type=1400 audit(4083.890:259): avc: denied { write } for pid=5426 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4094.797361][ T3206] 8021q: adding VLAN 0 to HW filter on device eth24 [ 4147.170044][ T24] audit: type=1400 audit(4146.280:260): avc: denied { write } for pid=5457 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4162.403010][ T24] audit: type=1400 audit(4161.540:261): avc: denied { write } for pid=5469 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4194.062661][ T24] audit: type=1400 audit(4193.190:262): avc: denied { write } for pid=5475 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4208.037099][ T24] audit: type=1400 audit(4207.170:263): avc: denied { write } for pid=5479 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4219.655323][ T3918] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4223.263990][ T3918] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4225.956603][ T3918] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4228.922134][ T3918] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4238.882631][ T24] audit: type=1400 audit(4238.030:264): avc: denied { write } for pid=5488 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4253.291096][ T24] audit: type=1400 audit(4252.430:265): avc: denied { write } for pid=5502 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4263.675173][ T3918] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 4264.811766][ T3918] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 4265.572113][ T3918] bond0 (unregistering): Released all slaves [ 4268.763564][ T3918] hsr_slave_0: left promiscuous mode [ 4269.062312][ T3918] hsr_slave_1: left promiscuous mode [ 4270.494108][ T3918] veth1_macvtap: left promiscuous mode [ 4270.554902][ T3918] veth0_macvtap: left promiscuous mode [ 4270.593351][ T3918] veth1_vlan: left promiscuous mode [ 4270.650368][ T3918] veth0_vlan: left promiscuous mode [ 4309.312564][ T3918] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4311.864071][ T3918] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4314.197368][ T3918] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4316.746629][ T3918] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4326.370527][ T24] audit: type=1400 audit(4325.530:266): avc: denied { write } for pid=5517 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4336.923554][ T24] audit: type=1400 audit(4336.020:267): avc: denied { write } for pid=5523 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4345.483731][ T3918] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 4345.861409][ T3918] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 4346.481437][ T3918] bond0 (unregistering): Released all slaves [ 4347.394724][ T3206] 8021q: adding VLAN 0 to HW filter on device eth25 [ 4349.720837][ T3918] hsr_slave_0: left promiscuous mode [ 4349.980030][ T3918] hsr_slave_1: left promiscuous mode [ 4350.819885][ T3918] veth1_macvtap: left promiscuous mode [ 4350.822978][ T3918] veth0_macvtap: left promiscuous mode [ 4350.836634][ T3918] veth1_vlan: left promiscuous mode [ 4350.870373][ T3918] veth0_vlan: left promiscuous mode [ 4383.619816][ T24] audit: type=1400 audit(4382.780:268): avc: denied { write } for pid=5530 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4392.683102][ T24] audit: type=1400 audit(4391.840:269): avc: denied { write } for pid=5541 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4411.853571][ T5487] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4412.261978][ T5487] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4418.183117][ T5481] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4418.542380][ T5481] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4419.221218][ T24] audit: type=1400 audit(4418.390:270): avc: denied { write } for pid=5561 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4427.207824][ T24] audit: type=1400 audit(4426.370:271): avc: denied { write } for pid=5571 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4433.592253][ T3206] 8021q: adding VLAN 0 to HW filter on device eth26 [ 4450.247949][ T5487] hsr_slave_0: entered promiscuous mode [ 4450.493864][ T5487] hsr_slave_1: entered promiscuous mode [ 4457.851331][ T24] audit: type=1400 audit(4457.020:272): avc: denied { write } for pid=5584 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4459.887309][ T5481] hsr_slave_0: entered promiscuous mode [ 4459.967012][ T5481] hsr_slave_1: entered promiscuous mode [ 4460.052976][ T5481] debugfs: 'hsr0' already exists in 'hsr' [ 4460.056028][ T5481] Cannot create hsr debugfs directory [ 4464.247221][ T24] audit: type=1400 audit(4463.380:273): avc: denied { write } for pid=5589 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4469.074606][ T3206] 8021q: adding VLAN 0 to HW filter on device eth28 [ 4477.136625][ T5487] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 4477.785448][ T5487] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 4478.027785][ T5487] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 4478.502622][ T5487] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 4478.756961][ T5487] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 4479.297722][ T5487] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 4479.660906][ T5487] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 4480.187529][ T5487] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 4486.522366][ T5481] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 4486.952210][ T5481] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 4487.137455][ T5481] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 4487.555336][ T5481] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 4487.627566][ T5481] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 4488.251570][ T5481] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 4488.396013][ T5481] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 4489.082682][ T5481] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 4502.039753][ T24] audit: type=1400 audit(4501.190:274): avc: denied { write } for pid=5609 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4514.543612][ T24] audit: type=1400 audit(4513.700:275): avc: denied { write } for pid=5625 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4524.007631][ T3206] 8021q: adding VLAN 0 to HW filter on device eth27 [ 4524.946990][ T5487] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4532.971939][ T5481] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4557.031896][ T24] audit: type=1400 audit(4556.180:276): avc: denied { write } for pid=5640 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4572.290555][ T24] audit: type=1400 audit(4571.330:277): avc: denied { write } for pid=5649 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4580.873983][ T3206] 8021q: adding VLAN 0 to HW filter on device eth29 [ 4605.451884][ T24] audit: type=1400 audit(4604.590:278): avc: denied { write } for pid=5662 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4617.919597][ T24] audit: type=1400 audit(4617.080:279): avc: denied { write } for pid=5673 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4653.140914][ T24] audit: type=1400 audit(4652.210:280): avc: denied { write } for pid=5689 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4664.030450][ T24] audit: type=1400 audit(4663.180:281): avc: denied { write } for pid=5699 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4671.844750][ T3206] 8021q: adding VLAN 0 to HW filter on device eth31 [ 4708.543414][ T5487] veth0_vlan: entered promiscuous mode [ 4708.585091][ T24] audit: type=1400 audit(4707.710:282): avc: denied { write } for pid=5718 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4710.261748][ T5487] veth1_vlan: entered promiscuous mode [ 4717.034623][ T5487] veth0_macvtap: entered promiscuous mode [ 4718.071944][ T5481] veth0_vlan: entered promiscuous mode [ 4718.436709][ T5487] veth1_macvtap: entered promiscuous mode [ 4721.003498][ T5481] veth1_vlan: entered promiscuous mode [ 4722.031363][ T24] audit: type=1400 audit(4721.170:283): avc: denied { write } for pid=5726 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4726.121659][ T3918] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 4726.197958][ T3918] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 4726.277004][ T3918] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 4726.331392][ T3853] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 4729.556663][ T5481] veth0_macvtap: entered promiscuous mode [ 4730.624270][ T3206] 8021q: adding VLAN 0 to HW filter on device eth30 [ 4731.592556][ T5481] veth1_macvtap: entered promiscuous mode [ 4740.121321][ T5121] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 4740.143113][ T5121] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 4740.185879][ T5121] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 4740.200250][ T5121] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 4746.531667][ T24] audit: type=1400 audit(4745.650:284): avc: denied { write } for pid=5729 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4763.919734][ T24] audit: type=1400 audit(4763.060:285): avc: denied { write } for pid=5735 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4825.853615][ T24] audit: type=1400 audit(4824.990:286): avc: denied { write } for pid=5762 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4842.910498][ T24] audit: type=1400 audit(4842.080:287): avc: denied { write } for pid=5772 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4854.062086][ T3206] 8021q: adding VLAN 0 to HW filter on device eth32 [ 4878.107598][ T24] audit: type=1400 audit(4877.150:288): avc: denied { write } for pid=5779 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4895.470202][ T24] audit: type=1400 audit(4894.640:289): avc: denied { write } for pid=5792 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4970.882521][ T24] audit: type=1400 audit(4970.040:290): avc: denied { write } for pid=5820 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4989.021435][ T24] audit: type=1400 audit(4988.170:291): avc: denied { write } for pid=5833 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5033.444978][ T24] audit: type=1400 audit(5032.420:292): avc: denied { write } for pid=5846 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5050.369666][ T24] audit: type=1400 audit(5049.540:293): avc: denied { write } for pid=5860 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5107.342661][ T24] audit: type=1400 audit(5106.470:294): avc: denied { write } for pid=5879 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5125.101487][ T24] audit: type=1400 audit(5124.190:295): avc: denied { write } for pid=5893 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5190.939949][ T24] audit: type=1400 audit(5189.960:296): avc: denied { write } for pid=5922 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5208.465130][ T24] audit: type=1400 audit(5207.600:297): avc: denied { write } for pid=5934 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5272.009256][ T24] audit: type=1400 audit(5271.150:298): avc: denied { write } for pid=5956 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5289.903795][ T24] audit: type=1400 audit(5289.030:299): avc: denied { write } for pid=5970 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5326.296206][ T24] audit: type=1400 audit(5325.460:300): avc: denied { write } for pid=5982 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5338.409253][ T24] audit: type=1400 audit(5337.560:301): avc: denied { write } for pid=5986 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5372.682181][ T24] audit: type=1400 audit(5371.820:302): avc: denied { write } for pid=5992 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5384.474735][ T24] audit: type=1400 audit(5383.650:303): avc: denied { write } for pid=5995 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5422.712322][ T24] audit: type=1400 audit(5421.860:304): avc: denied { write } for pid=6008 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5438.299492][ T24] audit: type=1400 audit(5437.440:305): avc: denied { write } for pid=6019 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5504.633913][ T24] audit: type=1400 audit(5503.790:306): avc: denied { write } for pid=6040 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5518.600786][ T24] audit: type=1400 audit(5517.750:307): avc: denied { write } for pid=6051 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5550.082173][ T5996] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 5550.841539][ T5999] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 5551.602887][ T5996] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 5554.205645][ T5999] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 5581.850529][ T24] audit: type=1400 audit(5580.990:308): avc: denied { write } for pid=6069 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5596.990485][ T24] audit: type=1400 audit(5596.140:309): avc: denied { write } for pid=6078 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5621.896460][ T5999] hsr_slave_0: entered promiscuous mode [ 5622.097571][ T5999] hsr_slave_1: entered promiscuous mode [ 5622.315734][ T5999] debugfs: 'hsr0' already exists in 'hsr' [ 5622.350104][ T5999] Cannot create hsr debugfs directory [ 5625.049882][ T24] audit: type=1400 audit(5624.220:310): avc: denied { write } for pid=6088 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5629.770678][ T5996] hsr_slave_0: entered promiscuous mode [ 5629.872805][ T5996] hsr_slave_1: entered promiscuous mode [ 5630.017090][ T5996] debugfs: 'hsr0' already exists in 'hsr' [ 5630.101725][ T5996] Cannot create hsr debugfs directory [ 5639.455575][ T24] audit: type=1400 audit(5638.550:311): avc: denied { write } for pid=6092 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5683.762505][ T24] audit: type=1400 audit(5682.910:312): avc: denied { write } for pid=6098 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5699.631597][ T24] audit: type=1400 audit(5698.710:313): avc: denied { write } for pid=6105 comm="rm" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5711.007690][ T5999] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 5712.324177][ T5999] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 5712.777028][ T5999] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 5713.780066][ T5999] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 5714.143265][ T5999] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 5715.243329][ T5999] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 5716.972850][ T5999] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 5717.945470][ T5999] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 5725.769688][ T5996] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 5726.781755][ T5996] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 5727.331619][ T5996] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 5727.944140][ T5996] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 5728.872139][ T5996] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 5729.643149][ T5996] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 5729.955974][ T5996] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 5730.690981][ T5996] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 5736.252897][ T24] audit: type=1400 audit(5735.410:314): avc: denied { write } for pid=6112 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=130 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5744.664739][ T26] INFO: task syz.8.342:5976 blocked for more than 430 seconds. [ 5744.665955][ T26] Not tainted syzkaller #0 [ 5744.721934][ T26] Blocked by coredump. [ 5744.722140][ T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 5744.722474][ T26] task:syz.8.342 state:D stack:0 pid:5976 tgid:5974 ppid:5481 task_flags:0x40044c flags:0x00000010 [ 5744.723629][ T26] Call trace: [ 5744.723950][ T26] __switch_to+0x5e0/0xb70 (T) [ 5744.725953][ T26] __schedule+0x2554/0x3828 [ 5744.726280][ T26] schedule+0xac/0x278 [ 5744.726589][ T26] schedule_timeout+0x68/0x1ec [ 5744.726897][ T26] do_wait_for_common+0x270/0x428 [ 5744.727162][ T26] wait_for_completion+0x44/0x5c [ 5744.727435][ T26] __synchronize_srcu+0x1b4/0x1f4 [ 5744.727779][ T26] synchronize_srcu+0x668/0x8dc [ 5744.842822][ T26] __mmu_notifier_release+0x668/0x858 [ 5744.843585][ T26] exit_mmap+0xcc/0xb64 [ 5744.844080][ T26] __mmput+0x10c/0x51c [ 5744.844608][ T26] mmput+0x70/0xa8 [ 5744.845078][ T26] exit_mm+0x1e4/0x2f8 [ 5744.845558][ T26] do_exit+0x828/0x23d8 [ 5744.846004][ T26] do_group_exit+0x1d4/0x2ac [ 5744.846483][ T26] get_signal+0x13f8/0x1504 [ 5744.847010][ T26] arch_do_signal_or_restart+0x23c/0x4b50 [ 5744.847540][ T26] exit_to_user_mode_loop+0x88/0x188 [ 5744.982760][ T26] el0_svc+0x184/0x238 [ 5744.991629][ T26] el0t_64_sync_handler+0x84/0x12c [ 5744.992259][ T26] el0t_64_sync+0x198/0x19c SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 5745.035316][ T26] [ 5745.035316][ T26] Showing all locks held in the system: [ 5745.083570][ T26] 1 lock held by khungtaskd/26: [ 5745.092610][ T26] #0: ffff800087db4518 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x0/0x44 [ 5745.095378][ T26] 1 lock held by syslogd/3165: [ 5745.095754][ T26] 1 lock held by klogd/3169: [ 5745.096066][ T26] 2 locks held by getty/3236: [ 5745.096396][ T26] #0: 72f000001276a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c [ 5745.219660][ T26] #1: faff80008cb4b2e8 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x314/0x1214 [ 5745.231385][ T26] 2 locks held by syz-executor/3362: [ 5745.231744][ T26] 3 locks held by kworker/u4:3/3421: [ 5745.232037][ T26] 3 locks held by kworker/u4:9/3853: [ 5745.232339][ T26] 3 locks held by kworker/u4:10/3918: [ 5745.232678][ T26] 2 locks held by kworker/u4:4/4727: [ 5745.232962][ T26] #0: 98f000000d036540 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x804/0x1d5c [ 5745.360928][ T26] #1: ffff80008e2a7cb8 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x890/0x1d5c [ 5745.362611][ T26] 2 locks held by kworker/u4:11/4733: [ 5745.362947][ T26] #0: 98f000000d036540 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x804/0x1d5c [ 5745.364713][ T26] #1: ffff80008e5e7cb8 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x890/0x1d5c [ 5745.366259][ T26] 3 locks held by kworker/u4:12/5121: [ 5745.366641][ T26] 3 locks held by kworker/u4:1/5484: [ 5745.367000][ T26] 2 locks held by kworker/u4:15/5616: [ 5745.367868][ T26] 2 locks held by syz.9.343/5975: [ 5745.520507][ T26] 3 locks held by kworker/u4:14/6042: [ 5745.520953][ T26] 2 locks held by dhcpcd-run-hook/6112: [ 5745.521300][ T26] 4 locks held by modprobe/6131: [ 5745.521623][ T26] 1 lock held by modprobe/6132: [ 5745.582915][ T26] [ 5745.583409][ T26] ============================================= [ 5745.583409][ T26] [ 5745.584929][ T26] Kernel panic - not syncing: hung_task: blocked tasks [ 5745.593271][ T26] CPU: 0 UID: 0 PID: 26 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT [ 5745.594926][ T26] Hardware name: linux,dummy-virt (DT) [ 5745.595963][ T26] Call trace: [ 5745.596810][ T26] show_stack+0x2c/0x3c (C) [ 5745.597896][ T26] __dump_stack+0x30/0x40 [ 5745.598974][ T26] dump_stack_lvl+0x30/0x12c [ 5745.600057][ T26] dump_stack+0x1c/0x28 [ 5745.600918][ T26] vpanic+0x4cc/0x844 [ 5745.601853][ T26] vpanic+0x0/0x844 [ 5745.602757][ T26] hung_task_panic+0x0/0x2c [ 5745.603835][ T26] kthread+0x4d4/0x51c [ 5745.604819][ T26] ret_from_fork+0x10/0x20 [ 5745.606764][ T26] Kernel Offset: disabled [ 5745.607635][ T26] CPU features: 0x00000000,0034600b,f7c647a1,057ffe1f [ 5745.608835][ T26] Memory Limit: none [ 5745.611172][ T26] Rebooting in 86400 seconds..