last executing test programs: 1h2m33.80101194s ago: executing program 1 (id=59): r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_vgic_v3_setup(r1, 0x1, 0x3a0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000200)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000280)=@arm64_sys={0x603000000013c801, &(0x7f00000000c0)=0x1000001000001}) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x30) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000100)=@arm64_ccsidr={0x6020000000110002, &(0x7f0000000240)=0x2}) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2) r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r11 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece) ioctl$KVM_CREATE_GUEST_MEMFD(r11, 0xc040aed4, &(0x7f00000001c0)={0x0, 0x6}) close(r11) ioctl$KVM_CAP_HALT_POLL(r9, 0x4068aea3, &(0x7f0000000140)={0xb6, 0x0, 0xfffffffffffffffb}) ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f0000000040)={0x6, 0x3000, 0x4, r11, 0x8}) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000000)=@attr_other={0x0, 0x5, 0x78, &(0x7f00000003c0)=0x5}) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee3, &(0x7f0000000880)=@attr_other={0x0, 0x5, 0x5, &(0x7f0000000840)=0x5}) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ff5000/0x1000)=nil, 0x1000) 1h2m28.31524106s ago: executing program 0 (id=60): r0 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x9000000) r1 = openat$kvm(0x0, &(0x7f00000000c0), 0x10140, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000000240)={0x10004, 0x0, &(0x7f0000b18000/0x3000)=nil}) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000000)="2998a4d56becb6fffa6b8dcf232d9e0f347066fad70dbcdc6dec29baa12656daeba22f68a40aded5928f5ffb3c90f0f8c564a75b07476a99c3e543cce727d394ffa3d3475505d15a", 0x0, 0x48) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_GET_STATS_FD_vm(r2, 0xaece) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x3a) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x10000000021) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x6) r8 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r3, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f00000001c0)="fb4149dd033be3aca22332a77b23b08986814d7bb14c94a6ab8031aedfd92f00000001000700000000000000521ce16f8f1f810000000000000054ebb2aa7fc869d22627e700", 0x0, 0x48) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r10, 0x1, 0x100) r11 = eventfd2(0x4, 0x80801) ioctl$KVM_IRQFD(r10, 0x4020ae76, &(0x7f0000000000)={r11, 0x2, 0x2}) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r7, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x444802, 0x0) r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r12, 0xae04) r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, 0x0, 0x2000003, 0x20010, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x1) 1h2m11.771935147s ago: executing program 0 (id=61): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x410081, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@smc={0x1e, 0x40, {0x80000001, [0x3f, 0x4009, 0x5, 0x6, 0x7]}}], 0x40}, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000040)={0x1, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x8933, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000b7b000/0x400000)=nil) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x101900, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x26) syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000b7b000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_CLEAR_DIRTY_LOG(r11, 0xc018aec0, 0x0) r12 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2b) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000aec000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, 0x0, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x517e80, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$arm64(r8, 0xffffffffffffffff, &(0x7f00008a3000/0x400000)=nil, &(0x7f0000000180)=[{0x0, &(0x7f0000000880)=ANY=[@ANYRES64=r6], 0x198}], 0x1, 0x0, &(0x7f0000000a80)=[@featur2={0x1, 0xa7}], 0x1) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, 0x0) ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000080)=0x1ff}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r15 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000100)={0x6, 0x4, 0x1}}) ioctl$KVM_CREATE_VM(r15, 0xae01, 0x29) 1h2m11.291158612s ago: executing program 1 (id=62): munmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000011000/0x3000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000aba000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r3, 0x0, 0x0, 0x0) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000300)={0x0, 0x0}, 0x0, 0x0) syz_kvm_add_vcpu$arm64(r3, 0x0, 0x0, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000180)={0x7, 0x0, [{0x5, 0x2, 0x1, 0x0, @msi={0x7, 0x200, 0x6521}}, {0xc, 0x2, 0x1, 0x0, @irqchip={0x5}}, {0x95, 0x5, 0x0, 0x0, @adapter={0x4, 0x2, 0x8, 0x1, 0x5}}, {0xfff, 0x1, 0x1, 0x0, @irqchip={0x83, 0x7}}, {0xfffffffc, 0x5, 0x1, 0x0, @msi={0x800, 0x6, 0x8, 0x7}}, {0x5, 0x4, 0x0, 0x0, @adapter={0x6, 0x8, 0x8, 0xdba1}}, {0x5, 0x3, 0x1, 0x0, @sint={0x1, 0x3ff}}]}) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100012, &(0x7f0000000000)=0xffffffffffffffff}) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f00000000c0)=@arm64_fw={0x6030000000140003, &(0x7f0000000140)=0x80}) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) 1h2m0.04402059s ago: executing program 1 (id=63): r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000300)="fb4149dd033b8986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67525673312b01040000000000002627e700000000000000020000000000000000f400", 0x0, 0xfffffffffffffe73) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r2, 0x0) r4 = eventfd2(0x70, 0x0) close(r4) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) write$eventfd(r4, &(0x7f0000000100)=0xfffffffffffffffe, 0x8) r5 = eventfd2(0x0, 0x0) close(r5) r6 = eventfd2(0x0, 0x0) close(r6) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xc0c82, 0x0) mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, 0x930, 0x2000004, 0x2011, r6, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, 0x930, 0x200000e, 0x2011, r5, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) 1h1m59.978747353s ago: executing program 0 (id=64): munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000ec2000/0x3000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x40) openat$kvm(0x0, &(0x7f0000000140), 0x40, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2e) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7fff}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r3, 0x4004ae8b, &(0x7f0000000000)={0x8, "a78a3e6b9a32f5b7"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_CREATE_GUEST_MEMFD(0xffffffffffffffff, 0xc040aed4, &(0x7f0000000000)={0x2, 0x3}) ioctl$KVM_SET_USER_MEMORY_REGION2(0xffffffffffffffff, 0x40a0ae49, &(0x7f0000000380)={0x2710, 0x5, 0x0, 0x1000, &(0x7f0000e4f000/0x1000)=nil, 0x1}) openat$kvm(0x0, &(0x7f0000000080), 0x2a040, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x23) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, 0x0, 0x8, 0x13, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x0, 0xf, 0x0, 0x5, 0x6, 0x6, 0x6, 0x74, 0x86, 0x7, 0x68, 0x0, 0x4209, 0x0, 0x0, 0x3, 0x5, 0x5, '\x00', 0x1, 0x400000000002}) write$eventfd(r8, &(0x7f00000001c0)=0x3, 0x50) ioctl$KVM_ARM_VCPU_FINALIZE(r6, 0x4004aec2, 0x0) r9 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000004000/0x1000)=nil, 0x0, 0xb, 0x80010, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) 1h1m51.799997934s ago: executing program 0 (id=65): r0 = openat$kvm(0x0, &(0x7f0000000100), 0xc01, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x25) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000000)=0xc000000000000000}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x1, 0x0}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000140)=@attr_pmu_init) syz_kvm_vgic_v3_setup(r9, 0x4, 0x60) ioctl$KVM_RUN(r11, 0xae80, 0x0) ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x59) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x603000000010001e, &(0x7f00000000c0)=0x9}) r12 = mmap$KVM_VCPU(&(0x7f0000f28000/0x4000)=nil, 0x0, 0x1000000, 0x11, r3, 0x0) r13 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000380)={0x0, &(0x7f00000001c0)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x0, 0xe7cc, 0xc}}, @irq_setup={0x46, 0x18, {0x3, 0xfb}}, @svc={0x122, 0x40, {0x84000010, [0x80000000, 0x8, 0x7, 0x2fb, 0xda]}}, @code={0xa, 0x84, {"007008d5005781d200c0b0f2e10180d2e20180d2230180d2e40080d2020000d4c01598d20080b0f2e10180d2820080d2430180d2c40180d2020000d40010202e0080001b602e9ed200e0b0f2810080d2c20080d2a30180d2a40180d2020000d40090200e000860fc008008d5000008d5"}}, @code={0xa, 0x9c, {"80a099d20080b0f2410180d2020080d2a30080d2240080d2020000d4000cc0780028601e80318cd200a0b0f2e10180d2420180d2830080d2040180d2020000d420378ed200c0b8f2010180d2820080d2630080d2240080d2020000d4e06994d200c0b0f2010080d2620180d2830180d2c40080d2020000d4007008d5000008d5008008d50080000c"}}], 0x1a8}, &(0x7f00000003c0)=[@featur2={0x1, 0x41}], 0x1) ioctl$KVM_ARM_SET_DEVICE_ADDR(r13, 0x4010aeab, &(0x7f0000000400)={0xffffffff, 0xffffffff}) syz_memcpy_off$KVM_EXIT_HYPERCALL(r12, 0x20, &(0x7f0000000140)="3111c2a8bfc708489e01910059c60042b649eb5c18ab3db94722c48401a67041bf160c5319694636c2205d17adfb932d8b54b87a745888afed30746c253dd5e7eb06d2a03fb510f9", 0x0, 0x48) 1h1m50.242265015s ago: executing program 1 (id=66): munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, r1, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ff5000/0x1000)=nil, 0x1000) 1h1m41.878515806s ago: executing program 1 (id=67): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x8a902, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3c) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x2401, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2e) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18}) ioctl$KVM_ARM_VCPU_FINALIZE(r6, 0x4004aec2, &(0x7f0000000180)=0x4) ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, &(0x7f0000000300)={0x200000000000026a, [0x20000000000000, 0x1]}) ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x16, 0x4, 0x1}}) r7 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r3, r7, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000240)=[@hvc={0x32, 0x40, {0x8600ff01, [0x7, 0x9, 0x8, 0xfffffffffffffff8, 0x100]}}], 0x40}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000b80)={0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0xc4000004, [0x100000040000099a, 0x3, 0x9, 0x89, 0xfffffffffffffbff]}}], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r9, 0xae80, 0x0) ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000100)={0xeeee0000, 0x25000, 0x4, 0x1, 0xfffffffd}) ioctl$KVM_SET_GUEST_DEBUG_arm64(r7, 0x4208ae9b, &(0x7f0000000280)={0x20003, 0x0, {[0x6, 0x4, 0x7, 0xfbc8, 0x4, 0x2, 0xfffffffffffffffd, 0x2, 0x2, 0x4, 0x3a00, 0x1, 0x8001, 0x6, 0x0, 0x1], [0x1800000000, 0x8000, 0xffffffff80000001, 0x7ff, 0x5, 0xe1e3, 0x0, 0x1f0, 0x1, 0x7fff, 0x2, 0x81, 0x0, 0xffffffffffffffba, 0xb, 0x24], [0x7fffffff, 0xc372, 0x8000000000000001, 0x1ff, 0x8, 0x1, 0x4, 0x0, 0x400, 0x5324, 0x5, 0x8000000000000000, 0x10001, 0x5, 0x9, 0x1], [0x3, 0xf, 0x10, 0x3, 0x834, 0x90, 0x9, 0x7, 0x0, 0x80, 0x226, 0x9, 0x7, 0x28, 0x6, 0x2933]}}) 1h1m39.962871785s ago: executing program 0 (id=68): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00000001c0)={0x8}) (async) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x2, 0x4, 0x200000, 0x2000, &(0x7f0000ecc000/0x2000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x2, 0x4, 0x200000, 0x2000, &(0x7f0000ecc000/0x2000)=nil}) syz_kvm_setup_cpu$arm64(r3, 0xffffffffffffffff, &(0x7f0000001000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0xfffffffffffffe50) (async) syz_kvm_setup_cpu$arm64(r3, 0xffffffffffffffff, &(0x7f0000001000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0xfffffffffffffe50) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000200)=0x8000000000000000}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffb}}], 0x20}, &(0x7f0000000300)=[@featur2={0x1, 0x15}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r6, 0xae80, 0x0) 1h1m24.675539337s ago: executing program 0 (id=69): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) (async) ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) mmap$KVM_VCPU(&(0x7f0000c01000/0x4000)=nil, r3, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c01000/0x4000)=nil, r3, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) munmap(&(0x7f00007fd000/0x800000)=nil, 0x800000) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x9, 0x86, 0x6, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, 0x8, '\x00', 0x1, 0x807}) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r6, &(0x7f00000001c0)=0x3, 0xfdef) r7 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x80000, 0x10000, 0x0, 0x0, 0x2}}], 0x50}, 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x32) (async) r9 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x32) syz_kvm_setup_cpu$arm64(r9, r8, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000380)=[{0x0, &(0x7f0000000240)=[@smc={0x1e, 0x40, {0x80, [0x623e, 0x9, 0x9, 0xff, 0x80000000]}}, @smc={0x1e, 0x40, {0x2000, [0x8000, 0x7, 0x2, 0x401, 0xfff]}}, @uexit={0x0, 0x18, 0x5}, @irq_setup={0x46, 0x18, {0x4, 0x2f3}}, @msr={0x14, 0x20, {0x603000000013c110, 0xf}}, @smc={0x1e, 0x40, {0xc4000003, [0x8, 0x4aa, 0x7, 0x1, 0x8]}}], 0x110}], 0x1, 0x0, &(0x7f00000003c0)=[@featur1={0x1, 0x89}], 0x1) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async) r11 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) (async) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) syz_kvm_vgic_v3_setup(r12, 0x1, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000040)=0xe7}) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000040)=0xe7}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000280)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000240)=0xe7}) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000280)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000240)=0xe7}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r8, 0xae80, 0x0) 1h1m23.181111134s ago: executing program 1 (id=70): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000000c0)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000000)=0x400000000}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000100)=0x8010000000000002}) r3 = openat$kvm(0x0, &(0x7f00000002c0), 0xa000, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40001, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000240)={0x3, 0xffffffffffffffff, 0x1}) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1) ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000180)=@arm64_sys={0x603000000013dce2, 0x0}) mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r5, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000080), 0x8600, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x90, &(0x7f0000000000)=0x10001}) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r5, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000002000/0x400000)=nil) openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x40, 0x0) 1h0m38.621789295s ago: executing program 32 (id=69): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) (async) ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) mmap$KVM_VCPU(&(0x7f0000c01000/0x4000)=nil, r3, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c01000/0x4000)=nil, r3, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) munmap(&(0x7f00007fd000/0x800000)=nil, 0x800000) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x9, 0x86, 0x6, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, 0x8, '\x00', 0x1, 0x807}) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r6, &(0x7f00000001c0)=0x3, 0xfdef) r7 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x80000, 0x10000, 0x0, 0x0, 0x2}}], 0x50}, 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x32) (async) r9 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x32) syz_kvm_setup_cpu$arm64(r9, r8, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000380)=[{0x0, &(0x7f0000000240)=[@smc={0x1e, 0x40, {0x80, [0x623e, 0x9, 0x9, 0xff, 0x80000000]}}, @smc={0x1e, 0x40, {0x2000, [0x8000, 0x7, 0x2, 0x401, 0xfff]}}, @uexit={0x0, 0x18, 0x5}, @irq_setup={0x46, 0x18, {0x4, 0x2f3}}, @msr={0x14, 0x20, {0x603000000013c110, 0xf}}, @smc={0x1e, 0x40, {0xc4000003, [0x8, 0x4aa, 0x7, 0x1, 0x8]}}], 0x110}], 0x1, 0x0, &(0x7f00000003c0)=[@featur1={0x1, 0x89}], 0x1) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async) r11 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) (async) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) syz_kvm_vgic_v3_setup(r12, 0x1, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000040)=0xe7}) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000040)=0xe7}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000280)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000240)=0xe7}) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000280)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000240)=0xe7}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r8, 0xae80, 0x0) 1h0m35.651998651s ago: executing program 33 (id=70): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000000c0)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000000)=0x400000000}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000100)=0x8010000000000002}) r3 = openat$kvm(0x0, &(0x7f00000002c0), 0xa000, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40001, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000240)={0x3, 0xffffffffffffffff, 0x1}) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1) ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000180)=@arm64_sys={0x603000000013dce2, 0x0}) mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r5, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000080), 0x8600, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x90, &(0x7f0000000000)=0x10001}) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r5, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000002000/0x400000)=nil) openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x40, 0x0) 38m13.705508283s ago: executing program 2 (id=228): mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x9000000) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1b) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000180)={0x1ff, 0x0, 0xeeef0000, 0x1000, &(0x7f0000ffe000/0x1000)=nil}) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x80111500, 0x33) write$eventfd(r2, 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000240)={0x8, 0xffffffffffffffff}) ioctl$KVM_GET_DEVICE_ATTR(r7, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x1, 0x4, &(0x7f00000000c0)=0x5}) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x1, 0x4, &(0x7f0000000000)=0x7}) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000040)=@x86={0x3, 0x7, 0xb, 0x0, 0xdc, 0x4, 0xf7, 0x6, 0x5, 0x1, 0x3, 0x81, 0x0, 0x7f, 0xa3, 0x1, 0xac, 0x0, 0x2, '\x00', 0xb, 0x5}) write$eventfd(r8, &(0x7f00000001c0)=0x100cd, 0x8) r9 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, r1, 0xa, 0x810, r9, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000) mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x0, 0x1000003, 0x20010, 0xffffffffffffffff, 0x0) 38m3.378951157s ago: executing program 2 (id=230): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfe000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x80000, 0x10000, 0x20, 0x0, 0x2}}], 0x50}, 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000b80)={0x0, &(0x7f0000000100)=[@smc={0x1e, 0x40, {0x8400000a, [0x84000002, 0x7, 0xaca, 0x2, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r7, 0xae80, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 37m52.080991196s ago: executing program 3 (id=231): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x585001, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 37m51.840001738s ago: executing program 2 (id=232): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x27) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616}) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000180)={0x10000, 0x4000}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r4, 0x4010ae68, &(0x7f0000000080)={0x75000, 0x4000}) syz_kvm_vgic_v3_setup(r2, 0x1, 0x100) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xfffffff8}) ioctl$KVM_CAP_HALT_POLL(0xffffffffffffffff, 0x4068aea3, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x4000010, 0xffffffffffffffff, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xeeee0000, 0x1000, &(0x7f0000fd1000/0x1000)=nil}) syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2b) r8 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000001c0)={0x0, &(0x7f0000000100)=[@svc={0x122, 0x40, {0x0, [0x7ff, 0xffffffffffffffff, 0x5, 0x5dfe80ce, 0x10001]}}, @code={0xa, 0x6c, {"000008d5205e82d200a0b0f2210180d2220180d2430080d2e40080d2020000d4000008d50048202e000008d5204f84d20040b0f2e10080d2e20180d2830080d2640080d2020000d40000c078007008d5008008d5007008d5"}}], 0xac}, &(0x7f0000000200)=[@featur2={0x1, 0x4}], 0x1) ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000280)=@arm64_fw={0x6030000000140000, &(0x7f0000000240)=0x7}) r9 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000040)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r10, 0x4010aeab, &(0x7f00000000c0)=@arm64_core={0x6030000000100028, &(0x7f0000000080)=0x8e5}) 37m45.461052241s ago: executing program 3 (id=233): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f00000008c0)=[@hvc={0x32, 0x40, {0xc4000053, [0x9f, 0x7a000, 0x1000, 0x3, 0x6]}}, @eret={0xe6, 0x18, 0x2d}, @smc={0x1e, 0x40, {0xc4000005, [0x8000000000000000, 0xc, 0x40, 0x8, 0x3]}}, @msr={0x14, 0x20, {0x6030000000138054, 0x4}}, @msr={0x14, 0x20, {0x603000000013e663, 0x8001}}, @eret={0xe6, 0x18, 0x80000001}, @code={0xa, 0x9c, {"000028d5e0a89bd200c0b0f2010080d2220180d2c30180d2840180d2020000d4000028d560468fd200c0b8f2410080d2620180d2430180d2640180d2020000d4007008d5a0b983d20000b8f2610180d2220180d2030180d2440080d2020000d4008008d50000591e000008d5201e9dd20040b0f2a10180d2c20180d2430080d2a40080d2020000d4"}}], 0x18c}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r6, 0x0) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r9 = eventfd2(0x0, 0x0) close(r9) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x3000002, 0x13, r9, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r13, 0x4c01, 0x0) ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f0000000100)={0x2, 0x0, &(0x7f0000f24000/0x3000)=nil}) r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$KVM_CREATE_VM(r14, 0xae03, 0x29) 37m36.753183554s ago: executing program 2 (id=234): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x16) r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2a) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000b80)={0x0, 0x0}, &(0x7f0000000340)=[@featur2={0x1, 0x4}], 0x1) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000140)=@arm64_fw={0x6030000000140000, &(0x7f0000000180)=0x2}) r6 = syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000b80)={0x0, &(0x7f0000000100)=[@hvc={0x32, 0x40, {0x84000000, [0x100000001, 0x8000000000000000, 0xffffffffffffffff, 0xee24, 0xfffffffffffefffc]}}], 0x40}, &(0x7f0000000040)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000080)={0x9}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x109082, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0xfffffffffffffffd) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0xc1, 0xf, 0x0, 0x5, 0x6, 0x86, 0xfe, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x0, 0x93a, 0x20, 0x3, 0x4, 0x8, '\x00', 0x3, 0x8093}) write$eventfd(0xffffffffffffffff, &(0x7f00000001c0)=0x6, 0x8) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x3d) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil) r11 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x2) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000100)={0x0, &(0x7f0000000240)=[@uexit={0x0, 0x18}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x2, 0x8, 0x8, 0x104}}], 0x40}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r12, 0x2, 0x40) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r14, 0xae80, 0x0) r16 = eventfd2(0x8, 0x1) ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f0000000000)={0x2, 0x200000, 0x1, r16, 0x2}) 37m29.800927065s ago: executing program 3 (id=235): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0x40087602, 0x20000000) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000040)={0x8, 0x8, 0x2}}) r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000140)={0x0, &(0x7f0000000200)=[@hvc={0x32, 0x40, {0xc4000053, [0xfffffffffffffffc, 0x1, 0x1, 0x9d, 0x6]}}], 0x40}, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 37m24.022041147s ago: executing program 2 (id=236): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_GUEST_MEMFD(r3, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3}) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x80000, 0x10000, 0x0, 0x8, 0x2}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r9, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000240)=0x8080000}) ioctl$KVM_RUN(r11, 0xae80, 0x0) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x7f, 0x4, 0x3, 0x0, 0x800, 0x9, 0xd, 0x8b, 0x4, 0x0, 0xf, 0xfe, 0x0, 0x2, 0x6, 0x0, 0xd, 0xfe, 0xa, '\x00', 0x0, 0xb}) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r13, &(0x7f00000001c0)=0x9, 0x1d) r14 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000680)={0x0, &(0x7f0000000280)=[@irq_setup={0x46, 0x18, {0x4, 0x2c1}}, @mrs={0xbe, 0x18, {0x603000000013e659}}, @eret={0xe6, 0x18, 0xff}, @hvc={0x32, 0x40, {0x40000010, [0xb489, 0x6, 0x7fffffffffffffff, 0x8000, 0x3]}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x2dd}}, @irq_setup={0x46, 0x18, {0x3, 0x34}}, @code={0xa, 0x9c, {"e0788bd200e0b0f2210080d2a20080d2e30180d2640080d2020000d4000080d2c0c599d20060b8f2a10080d2620180d2c30180d2040080d2020000d4007008d5000028d5000008d50090802f004f80d20020b8f2610180d2420080d2e30080d2840080d2020000d4008008d500e684d200a0b0f2a10080d2c20080d2e30180d2640080d2020000d4"}}, @svc={0x122, 0x40, {0x8400000a, [0x5, 0xa, 0x68, 0x9, 0x1]}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x4, 0xc, 0xfffffffe, 0x8001, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x4, 0x5, 0x2e5aeb3f, 0x80000000, 0x2}}, @svc={0x122, 0x40, {0x8400000b, [0x8, 0x80, 0xb71, 0x9, 0x171bc794]}}, @hvc={0x32, 0x40, {0x80000000, [0x9, 0x0, 0x0, 0x1, 0x37a000d0]}}, @mrs={0xbe, 0x18, {0x603000000013e600}}, @irq_setup={0x46, 0x18, {0x2, 0x98}}, @smc={0x1e, 0x40, {0x31000000, [0xf, 0x8, 0x3, 0xa5c6, 0x100000000]}}, @mrs={0xbe, 0x18, {0x603000000013802f}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffd0, 0x5, 0x8}}], 0x32c}, &(0x7f00000006c0)=[@featur2={0x1, 0x15}], 0x1) ioctl$KVM_GET_STATS_FD_cpu(r14, 0xaece) mmap$KVM_VCPU(&(0x7f0000f3e000/0x1000)=nil, r5, 0xa, 0x10010, r4, 0x0) r15 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) mmap$KVM_VCPU(&(0x7f0000007000/0x2000)=nil, r15, 0x3000003, 0x2011, r4, 0x0) r16 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r17 = ioctl$KVM_CREATE_VM(r16, 0xae01, 0x0) r18 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) ioctl$KVM_GET_MP_STATE(r18, 0x8004ae98, &(0x7f0000000040)) ioctl$KVM_CREATE_VCPU(r17, 0xae41, 0x2) 37m18.604403875s ago: executing program 3 (id=237): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xffff) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0xffffffff, 0x8000}) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x400000000000) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, r7, 0x3, 0x100010, r4, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f1, 0x8000}}, @msr={0x14, 0x20, {0x603000000013c4f2, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce0, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce2, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce3, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce4, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce5, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}], 0x100}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r11, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000eb5000/0x2000)=nil, r6, 0x1000001, 0x11, r4, 0x0) ioctl$KVM_SET_GUEST_DEBUG_arm64(r4, 0x4208ae9b, 0x0) ioctl$KVM_ARM_PREFERRED_TARGET(r11, 0x8020aeaf, &(0x7f0000000000)) 37m9.338616787s ago: executing program 2 (id=238): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x8001, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r6, 0x280000f, 0x11, r4, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000100)="5af600f6b34e08c180f948c13e2727ba279cacc033d6bd28118e0e1e50390ff2f8a1aa8366bb4c33115d61c97d9387dac1b147ed1b515c14bcb89051301caef704371680ab057973", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0) r8 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000280)={0x9}) r11 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f0000000080)={0x0, 0x6000, 0x0, r11}) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0xf9, 0xeeee8000, 0x2, r11, 0x4}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x7f, 0x4, 0x3, 0x0, 0x8, 0x9, 0xd, 0x8b, 0x4, 0x0, 0xf, 0x0, 0x0, 0x2, 0x6, 0x0, 0xd, 0xfe, 0xa, '\x00', 0x0, 0x6a89ad02}) ioctl$KVM_SET_GUEST_DEBUG_arm64(0xffffffffffffffff, 0x4208ae9b, &(0x7f0000000040)={0x20003, 0x0, {[0x7, 0x5, 0xb598000000000000, 0x200, 0xfb, 0xfffffffffffffff6, 0x1, 0x1, 0x8, 0x9, 0x7, 0x6, 0x3, 0x5, 0x7f8000, 0x5], [0x9, 0x6, 0x4, 0x44, 0x100000001, 0x40, 0x1000007fc, 0x2, 0x0, 0x6, 0xffffffff, 0x9, 0x2, 0xc, 0x8, 0xffffffffffffff00], [0xb, 0x8a9, 0x1, 0x2, 0x7, 0x5, 0x3, 0xf9, 0x201, 0x1, 0x9, 0x6, 0x101, 0x2000000000000001, 0x10c, 0x3], [0x35aa36e5, 0x8, 0x7, 0xf, 0x9, 0x0, 0xc4, 0x7f, 0x7fffffffffffffff, 0x9, 0xfffffffffffffff8, 0x2, 0x4000000000007, 0xfffffffffffffff9, 0x7, 0x99]}}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x6, 0x86, 0x6, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, 0x8, '\x00', 0x1, 0x7}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x18) ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r13, &(0x7f00000001c0), 0xe80) 37m7.657977018s ago: executing program 3 (id=239): mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x3000000, 0x4f831, 0xffffffffffffffff, 0x0) r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0xa) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="f21bc75509bf71c9d70236fc044842dabffb0b8dbb02aa8b7d52f1a16a704c24501958da2e2c18b847c2357c6ed600", 0x0, 0x48) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r3, &(0x7f00000001c0)=0x3, 0x8e80) r4 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@mrs={0xbe, 0x18, {0x603000000013c021}}], 0x18}, 0x0, 0x0) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) mmap$KVM_VCPU(&(0x7f0000fd1000/0x4000)=nil, r5, 0x1000008, 0x30, r4, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 37m0.931885778s ago: executing program 3 (id=240): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x6, 0x6, 0x6, 0x74, 0x86, 0xdd, 0x68, 0x0, 0x209, 0x0, 0x0, 0x3, 0x5, 0x5, '\x00', 0x1, 0x400000000002}) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000140)={0x4, 0x0, [{0x1, 0x1, 0x0, 0x0, @irqchip={0x8, 0x9}}, {0x9, 0x3, 0x1, 0x0, @sint={0xc30, 0x2}}, {0x0, 0x2, 0x0, 0x0, @msi={0x83, 0x4, 0x804, 0x6}}, {0x0, 0x0, 0xffffffffffffffff, 0x0, @adapter={0x5, 0x5, 0x80000001, 0x7f, 0xc}}]}) write$eventfd(r2, &(0x7f00000001c0)=0x3, 0x50) (async) write$eventfd(r2, &(0x7f00000001c0)=0x3, 0x50) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x5}) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x161642, 0x0) ioctl$KVM_RESET_DIRTY_RINGS(r4, 0xaec7) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x8, 0xffffffffffffffff, 0x1}) (async) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x8, 0xffffffffffffffff, 0x1}) r5 = ioctl$KVM_GET_STATS_FD_vm(r4, 0xaece) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2000004, 0x10010, r5, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000280)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000280)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_vgic_v3_setup(r9, 0x4, 0x100) ioctl$KVM_GET_DEVICE_ATTR(r10, 0x4018aee2, &(0x7f00000000c0)=@attr_arm64={0x0, 0x3, 0x5}) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000100)={0x0, 0x1, 0xeeee0000, 0x1000, &(0x7f0000fff000/0x1000)=nil}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) 36m22.341937027s ago: executing program 34 (id=238): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x8001, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r6, 0x280000f, 0x11, r4, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000100)="5af600f6b34e08c180f948c13e2727ba279cacc033d6bd28118e0e1e50390ff2f8a1aa8366bb4c33115d61c97d9387dac1b147ed1b515c14bcb89051301caef704371680ab057973", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0) r8 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000280)={0x9}) r11 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r10, 0x4040ae79, &(0x7f0000000080)={0x0, 0x6000, 0x0, r11}) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0xf9, 0xeeee8000, 0x2, r11, 0x4}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x7f, 0x4, 0x3, 0x0, 0x8, 0x9, 0xd, 0x8b, 0x4, 0x0, 0xf, 0x0, 0x0, 0x2, 0x6, 0x0, 0xd, 0xfe, 0xa, '\x00', 0x0, 0x6a89ad02}) ioctl$KVM_SET_GUEST_DEBUG_arm64(0xffffffffffffffff, 0x4208ae9b, &(0x7f0000000040)={0x20003, 0x0, {[0x7, 0x5, 0xb598000000000000, 0x200, 0xfb, 0xfffffffffffffff6, 0x1, 0x1, 0x8, 0x9, 0x7, 0x6, 0x3, 0x5, 0x7f8000, 0x5], [0x9, 0x6, 0x4, 0x44, 0x100000001, 0x40, 0x1000007fc, 0x2, 0x0, 0x6, 0xffffffff, 0x9, 0x2, 0xc, 0x8, 0xffffffffffffff00], [0xb, 0x8a9, 0x1, 0x2, 0x7, 0x5, 0x3, 0xf9, 0x201, 0x1, 0x9, 0x6, 0x101, 0x2000000000000001, 0x10c, 0x3], [0x35aa36e5, 0x8, 0x7, 0xf, 0x9, 0x0, 0xc4, 0x7f, 0x7fffffffffffffff, 0x9, 0xfffffffffffffff8, 0x2, 0x4000000000007, 0xfffffffffffffff9, 0x7, 0x99]}}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x6, 0x86, 0x6, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, 0x8, '\x00', 0x1, 0x7}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x18) ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r13, &(0x7f00000001c0), 0xe80) 36m14.164426301s ago: executing program 35 (id=240): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x6, 0x6, 0x6, 0x74, 0x86, 0xdd, 0x68, 0x0, 0x209, 0x0, 0x0, 0x3, 0x5, 0x5, '\x00', 0x1, 0x400000000002}) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000140)={0x4, 0x0, [{0x1, 0x1, 0x0, 0x0, @irqchip={0x8, 0x9}}, {0x9, 0x3, 0x1, 0x0, @sint={0xc30, 0x2}}, {0x0, 0x2, 0x0, 0x0, @msi={0x83, 0x4, 0x804, 0x6}}, {0x0, 0x0, 0xffffffffffffffff, 0x0, @adapter={0x5, 0x5, 0x80000001, 0x7f, 0xc}}]}) write$eventfd(r2, &(0x7f00000001c0)=0x3, 0x50) (async) write$eventfd(r2, &(0x7f00000001c0)=0x3, 0x50) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x5}) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x161642, 0x0) ioctl$KVM_RESET_DIRTY_RINGS(r4, 0xaec7) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x8, 0xffffffffffffffff, 0x1}) (async) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x8, 0xffffffffffffffff, 0x1}) r5 = ioctl$KVM_GET_STATS_FD_vm(r4, 0xaece) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2000004, 0x10010, r5, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000280)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000280)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_vgic_v3_setup(r9, 0x4, 0x100) ioctl$KVM_GET_DEVICE_ATTR(r10, 0x4018aee2, &(0x7f00000000c0)=@attr_arm64={0x0, 0x3, 0x5}) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000100)={0x0, 0x1, 0xeeee0000, 0x1000, &(0x7f0000fff000/0x1000)=nil}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) 29m16.980759258s ago: executing program 5 (id=245): munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000) munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c65d, 0xfffdffffc1af0ec0}}], 0x20}, 0x0, 0xffffffffffffff92) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ce5000/0x1000)=nil, 0x930, 0x6, 0x4102932, 0xffffffffffffffff, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) munmap(&(0x7f0000cc9000/0x2000)=nil, 0x2000) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil) ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r1, 0x4068aea3, &(0x7f00000003c0)) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r6, 0x2, 0x100) r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) syz_kvm_setup_cpu$arm64(r6, r8, &(0x7f0000a83000/0x400000)=nil, &(0x7f0000000340)=[{0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013df77, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x0, 0x0, 0xffffff7f, 0x7, 0x4}}, @mrs={0xbe, 0x18, {0x6030000000138010}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x2a2}}, @smc={0x1e, 0x40, {0x40, [0x1ff, 0x5, 0x3, 0x1, 0x6]}}, @hvc={0x32, 0x40, {0x20, [0x0, 0xe, 0x7fff, 0x2, 0x8]}}, @eret={0xe6, 0x18, 0xfff}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1a00, 0x100000001}}, @memwrite={0x6e, 0x30, @generic={0xe000, 0xed8, 0x7, 0x2}}], 0x180}], 0x1, 0x0, &(0x7f0000000380)=[@featur2={0x1, 0x1}], 0x1) mmap$KVM_VCPU(&(0x7f000000a000/0x1000)=nil, r9, 0x3, 0x10, r8, 0x0) mmap$KVM_VCPU(&(0x7f0000f14000/0x4000)=nil, r9, 0x2000006, 0x8032, r4, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) 29m10.470653228s ago: executing program 4 (id=246): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x3, 0x1}}, @mrs={0xbe, 0x18, {0x6030000000138067}}], 0x40}, 0x0, 0x0) r4 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5) (async) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) (async) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0}) (async, rerun: 64) r10 = eventfd2(0x8801, 0x800) (rerun: 64) r11 = eventfd2(0x3ff, 0x0) ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f0000000080)={r10, 0x5, 0x2, r11}) (async) close(r10) (async) r12 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f00000000c0)={0x0, &(0x7f00000018c0)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe8, 0x3, 0x2}}, @mrs={0xbe, 0x18, {0x603000000013c801}}], 0x48}, 0x0, 0x0) (async) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async, rerun: 32) ioctl$KVM_RUN(r14, 0xae80, 0x0) (async, rerun: 32) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async, rerun: 64) ioctl$KVM_RUN(r3, 0xae80, 0x0) (rerun: 64) 28m56.978958641s ago: executing program 4 (id=247): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x900, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@memwrite={0x6e, 0x30, @generic={0xa000, 0xc19, 0x18, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x80000, 0x10000, 0x0, 0x101, 0x2}}], 0x58}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000000)=0x8080000}) ioctl$KVM_RUN(r6, 0xae80, 0x0) r8 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x28) r9 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r3, 0x80111500, 0x30000005) close(r11) r12 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x204142, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0x80111500, 0x20000000) ioctl$KVM_CREATE_VM(r14, 0x541b, 0x10000000000000) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) r15 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x2012, r15, 0x40000) r16 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000080), 0x0, 0x0) r17 = syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000100)={0x0, &(0x7f0000000140)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x2, 0x100) ioctl$KVM_RUN(r17, 0xae80, 0x0) 28m53.242746921s ago: executing program 5 (id=248): r0 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0) (async) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CAP_HALT_POLL(r2, 0x4068aea3, &(0x7f0000000000)={0xdf, 0x0, 0x10000}) (async) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x8002, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2c) ioctl$KVM_SET_USER_MEMORY_REGION2(r4, 0x40a0ae49, &(0x7f0000000240)={0x1fd, 0x4, 0x10000, 0x2000, &(0x7f0000ffe000/0x2000)=nil, 0xfffffffffffff000}) (async) ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000000180)={0x1ff, 0x0, &(0x7f0000fd3000/0x2000)=nil}) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x8) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x5, 0x4000000a, 0x0, 0x8, 0x4}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r8, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r13, 0x4068aea3, &(0x7f0000000000)={0xef, 0x0, 0x7}) (async) ioctl$KVM_RUN(r10, 0xae80, 0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) (async) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, 0x0) (async) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve={0x6080000000150120, 0x0}) (async) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x12, r0, 0x0) 28m35.940699494s ago: executing program 5 (id=249): munmap(&(0x7f0000778000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f0000011000/0x3000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x3, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x40000000, 0x10000, 0x10000, 0x0, 0x1}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r2, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x26) ioctl$KVM_CAP_ARM_MTE(r6, 0x4068aea3, &(0x7f0000000240)) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000540)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4040aea0, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x10, r8, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) 28m33.415525322s ago: executing program 4 (id=250): syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000200)="f30138ddf77f2b380b7bb71c04010003e600020000000003f4ff00061000bb000010090000000000000015051d000000000000000000003f00", 0x0, 0x48) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x3}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3}) ioctl$KVM_SET_USER_MEMORY_REGION2(r2, 0x40a0ae49, &(0x7f0000000180)={0x1fe, 0x4, 0x80a0000, 0x2000, &(0x7f0000c08000/0x2000)=nil, 0x1000, r3}) r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x36) ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f0000000300)=@attr_other={0x0, 0x7ff, 0x0, &(0x7f0000000040)=0xd81}) ioctl$KVM_SET_USER_MEMORY_REGION2(r2, 0x40a0ae49, &(0x7f0000000080)={0x0, 0x4, 0x5000, 0x2000, &(0x7f0000ffd000/0x2000)=nil, 0x4000000000, r3}) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_GUEST_MEMFD(r6, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3}) r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, r8, 0x3000001, 0x11, r7, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION2(r2, 0x40a0ae49, &(0x7f0000000240)={0x1ff, 0x5, 0x2, 0x1000, &(0x7f0000ffd000/0x1000)=nil, 0x9, r7}) r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x9b, 0xf, 0x0, 0x5, 0x8, 0x82, 0x46, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x100001, 0xffc0000, 0x0, 0x3, 0xa, 0x8, '\x00', 0x1, 0x93}) write$eventfd(r10, &(0x7f00000001c0)=0x3, 0xfdef) 28m18.483619234s ago: executing program 5 (id=251): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x40000000000001, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x80000, 0xf, 0x0, 0xb, 0x2}}], 0x50}, 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0) ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x80) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000240)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 28m14.373964699s ago: executing program 4 (id=252): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2a) r1 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000bfd000/0x400000)=nil) ioctl$KVM_RESET_DIRTY_RINGS(r0, 0xaec7) ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r0, 0x4068aea3, &(0x7f0000000000)) ioctl$KVM_GET_DEVICE_ATTR_vm(r0, 0x4018aee2, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000080)={0x6, 0x1ff, 0x1}}) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1c) ioctl$KVM_CAP_ARM_MTE(r2, 0x4068aea3, &(0x7f0000000100)) r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xd) ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000000180)={0x5, 0x0, &(0x7f0000ffe000/0x2000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000200)=@arm64_sve={0x6080000000150147, &(0x7f00000001c0)=0x1}) ioctl$KVM_CAP_PTP_KVM(r2, 0x4068aea3, &(0x7f0000000240)) r5 = syz_kvm_vgic_v3_setup(r3, 0x3, 0x0) r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x34) ioctl$KVM_SET_DEVICE_ATTR_vm(r6, 0x4018aee1, &(0x7f0000000300)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000002c0)={0xffffffff, 0x800080, 0x2}}) ioctl$KVM_GET_DEVICE_ATTR_vm(r2, 0x4018aee2, &(0x7f0000000380)=@attr_other={0x0, 0x6, 0x0, &(0x7f0000000340)=0x4}) r7 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_HAS_DEVICE_ATTR(r5, 0x4018aee3, &(0x7f0000000400)=@attr_riscv64=@attr_aplic={0x0, 0x1, @any=0x1, &(0x7f00000003c0)=0x100}) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000440)={0x13, 0xd000, 0x0, 0xffffffffffffffff, 0xa}) r8 = syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000500)={0x0, &(0x7f0000000480)=[@msr={0x14, 0x20, {0x603000000013e658, 0x1}}, @svc={0x122, 0x40, {0x30000000, [0x7, 0x1, 0x2, 0x5, 0x2]}}, @irq_setup={0x46, 0x18, {0x3, 0xa5}}], 0x78}, &(0x7f0000000540)=[@featur2={0x1, 0x18}], 0x1) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000005c0)=@attr_riscv64=@attr_addr={0x0, 0x1, @imsic, &(0x7f0000000580)=0x7}) syz_kvm_vgic_v3_setup(r0, 0x4, 0x300) syz_kvm_vgic_v3_setup(r0, 0x2, 0xe0) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r2, 0x4068aea3, &(0x7f0000000600)={0xe4, 0x0, 0x75ae}) syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000b00)={0x0, &(0x7f0000000680)=[@its_setup={0x82, 0x28, {0x4, 0x4, 0x149}}, @eret={0xe6, 0x18, 0xb}, @mrs={0xbe, 0x18, {0x603000000013c528}}, @msr={0x14, 0x20, {0x603000000013c00d, 0x101}}, @msr={0x14, 0x20, {0x603000000013e6c0, 0x40}}, @eret={0xe6, 0x18, 0x9}, @code={0xa, 0x54, {"000040b3007008d5000008d5000028d50040000e60f582d20020b8f2a10180d2c20080d2c30180d2840080d2020000d4000008d5007008d5007008d5007008d5"}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0xff}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x37}}, @msr={0x14, 0x20, {0x603000000013e6c6, 0x6}}, @irq_setup={0x46, 0x18, {0x1, 0x58}}, @mrs={0xbe, 0x18, {0x603000000013c65d}}, @uexit={0x0, 0x18, 0x3b0}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x0, 0x8, 0x1, 0x8, 0x2}}, @hvc={0x32, 0x40, {0x84000012, [0x2, 0x100000001, 0x3ff, 0x5, 0x3]}}, @mrs={0xbe, 0x18, {0x603000000013c00e}}, @mrs={0xbe, 0x18, {0x603000000013e110}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x28f}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0xf3}}, @msr={0x14, 0x20, {0x603000000013800c, 0xc}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x3, 0x2, 0x6, 0x5, 0x4}}, @hvc={0x32, 0x40, {0x6000000, [0x6, 0x8, 0x80000001, 0x2, 0x2]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x40, 0x271}}, @svc={0x122, 0x40, {0x2000000, [0x5, 0x3, 0x5, 0x9, 0x2]}}, @svc={0x122, 0x40, {0x100, [0x3, 0x7, 0x1, 0x1, 0xff]}}, @svc={0x122, 0x40, {0x86000001, [0x2, 0x4a, 0xfffffffffffffffb, 0xffffffff, 0x10]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x280, 0x3}}, @uexit={0x0, 0x18, 0x800}], 0x464}, &(0x7f0000000b40)=[@featur2={0x1, 0xa}], 0x1) ioctl$KVM_GET_DEVICE_ATTR_vm(0xffffffffffffffff, 0x4018aee2, &(0x7f0000000bc0)=@attr_other={0x0, 0x3, 0xfffffffffffffff9, &(0x7f0000000b80)=0x1}) ioctl$KVM_SIGNAL_MSI(r0, 0x4020aea5, &(0x7f0000000c00)={0x7000, 0x4, 0x6, 0x1, 0xf}) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000c40)={0x5, 0x0, [{0x200, 0x5, 0x1, 0x0, @adapter={0x1, 0xd, 0x8, 0x6, 0x1000}}, {0x6, 0x3, 0x1, 0x0, @adapter={0x8, 0x7fffffff, 0x6, 0xe, 0xfffffffa}}, {0xfffffff9, 0x1, 0x0, 0x0, @msi={0x0, 0x3, 0x51f0, 0x2}}, {0x10001, 0x5, 0x0, 0x0, @adapter={0x5, 0x7, 0x7, 0x6, 0x1}}, {0x4, 0x2, 0x0, 0x0, @msi={0x4, 0x5e82, 0xd96, 0x3}}]}) syz_kvm_setup_cpu$arm64(r6, r8, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000ec0)=[{0x0, &(0x7f0000000d40)=[@msr={0x14, 0x20, {0x603000000013df4e, 0x8}}, @mrs={0xbe, 0x18, {0x603000000013c681}}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x3e7}}, @mrs={0xbe, 0x18, {0x603000000013deb6}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x0, 0xf, 0xa3d, 0x3, 0x1}}, @eret={0xe6, 0x18, 0x6}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xc00, 0x9, 0xa}}, @hvc={0x32, 0x40, {0x80000002, [0x2, 0x10, 0xa8, 0x6, 0x6]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x1, 0x1, 0x100, 0xde80, 0x1}}], 0x150}], 0x1, 0x0, &(0x7f0000000f00)=[@featur1={0x1, 0xc8}], 0x1) ioctl$KVM_ARM_VCPU_INIT(r4, 0x4020aeae, &(0x7f0000000f40)={0x3, 0x50}) 28m3.670229493s ago: executing program 5 (id=253): munmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x0, 0x1000010, 0x10, r0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x410001, 0x0) r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000003c0)={0x0, &(0x7f0000000040)=[@uexit={0x0, 0x18, 0xffffffffffffffff}, @mrs={0xbe, 0x18, {0x603000000013f518}}, @eret={0xe6, 0x18, 0x1}, @eret={0xe6, 0x18, 0xffff}, @smc={0x1e, 0x40, {0x80000000, [0x6, 0x807, 0x0, 0xa0d, 0x7fffffff]}}, @smc={0x1e, 0x40, {0x86000000, [0x1, 0xd, 0x7, 0x72aa, 0x1]}}, @eret={0xe6, 0x18, 0xda}, @smc={0x1e, 0x40, {0xc400000e, [0xffffffffffffffff, 0xffffffff80000000, 0x7, 0x6, 0x31]}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x1, 0x2, 0x5, 0x9be, 0x1}}, @smc={0x1e, 0x40, {0x40000000, [0x502, 0x9, 0xfffffffffffffff8, 0x2, 0x3]}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x33f}}, @msr={0x14, 0x20, {0x603000000013c685, 0x1}}, @eret={0xe6, 0x18, 0x10}, @smc={0x1e, 0x40, {0x6000000, [0x99, 0xffffffffffff8000, 0x7, 0x7, 0x65]}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x52}}, @uexit={0x0, 0x18, 0x7}, @eret={0xe6, 0x18, 0xa9}, @code={0xa, 0x6c, {"000028d51020601e0074202e000c007c60a59fd20000b0f2810080d2420080d2630180d2840180d2020000d4008008d500b8315ec09980d20000b8f2810180d2c20180d2230080d2440080d2020000d4000000fa0004002f"}}, @svc={0x122, 0x40, {0x8400000e, [0x3, 0x7fffffffffffffff, 0x0, 0xd, 0xa5a]}}, @irq_setup={0x46, 0x18, {0x0, 0x7b}}], 0x35c}, &(0x7f0000000400)=[@featur1={0x1, 0x16}], 0x1) mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r2, 0x1000000, 0x8010, r3, 0x0) ioctl$KVM_SET_GUEST_DEBUG_arm64(r3, 0x4208ae9b, &(0x7f0000000440)={0x0, 0x0, {[0x4, 0x297325ca, 0x50, 0x20000000, 0x7, 0x5, 0x5, 0x7, 0x59c, 0x1, 0x6, 0x1, 0x3, 0x101, 0x0, 0x8], [0x100000000, 0x0, 0xffffffff, 0x7, 0x2, 0x9, 0x33, 0x9, 0x8000, 0x7fff, 0x281, 0x6, 0x7f, 0x4, 0xffffffffffffffff, 0x7fff], [0x5, 0xffffffff, 0x6, 0xa, 0x6, 0x669, 0xc, 0x4, 0x9, 0x4, 0xacd0, 0xc, 0x3, 0x80000001, 0x503, 0xdd5], [0x4, 0x7, 0x5, 0x8001, 0x8, 0x1cad, 0x6, 0xe, 0x80000000, 0xcf57, 0x2, 0xfffffffffffffffa, 0x6, 0x0, 0x1, 0x6]}}) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, r2, 0x11, 0x40010, r0, 0x0) syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000bfd000/0x400000)=nil) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000680)={0xe4, 0x0, 0x2}) r4 = eventfd2(0x3, 0x1) close(r4) ioctl$KVM_SET_SIGNAL_MASK(r0, 0x4004ae8b, &(0x7f0000000700)={0x1000, "a2ade234d0621957be838996ec817504ca6dab6e494b319f3ec7c50110af8dd1a58e28407ce564e33ed80f6309c6c7d3f39d0577455e55680e2acf0c3ea3019466a8cb3393fda5496488ff5e86af91b015ddd06489e8940c09cfb3e795c6fef711a61c36bcc560d8008783db1ee04fe8a3260d9bfcf83d3e33a4c0510d1dcaf33161f24bb04140cb241983b6129f6ba1a382c8c5231372ca53799b58bd760dc7e7414c74a3085fbd5e4765c08f1c6f0d54309c67d3cebe0f2269beaf3e89c1fbea1f5141804f65be8d1d6202a1c252d166aabdc7a8ad1653072f86185986ad6bbd2fdee032e156d610eea7f6d2cb756493e7286bbcabd44917788f5e55c2a21d72c5ce437981298e35ab6a99118713c4ad52365ba86e5c2d9dfe173039187e05912d2c4c246598b5688569b129ee1193bd819600b3aea4cf90669bde70a6f5f355e96a7e54fed1e1665a69e67a4b1e58470aeb643f230af0ae8829407063b0e6f33eb77ab3dd47f5307c1211d1685754f4cc40151ec3af62cd6b1c7c3a23f88e3df8969b8f0e3798ec03610b8f2aa228a69dd9c0bc9203e3f1ca585f8d528d5c03d36f02eb121ef077deae6afc20606b299922465ac0d9d73e41cd11137bbbdff65e5e4a495a0d9b6feda6e1944a1cbe9ec2bb5d6f4a14b8552351e5fe9bb883865cbd5118c76dcaed4f64363b85502640092735f279df9bc6b1017ae3075f74feff40514199e1ca3c0233dcd5612d9b5b980d7df70e4aff031cfecfe80115f5641b3a6633e1eefadf529eabc245cc7f01aa6ca90bed5bd23d893e3603ed665b95ff6b4ea04385f69bee2db884bd2d0d5d2e118eb5af6900967311f9cd2f2fc1052a3ebbc7597ac873381f16c1e6677a549fad01c5e47c85bcf67d22c05f39fce31d0cbdfb83a6ed3bdccf254202f6ec2b4370dbf9e47645c2bb0fa0ae90bf09d171d06cbd62db676cf028de0e1f02a23ad337f9ea7f1f28c02bc64331fb18711245cfde0cbb98da5fc11decf163645f0503f95b438798403f2f3eb4fe5e3e4d20900d6b9fb01638d2d9da63856a3c5c054f22e1648b91c04489a822ac484c37678d7dcb3e52373de22b7190975215b3a59b66132000a90333fab17265965c17baadda8dcc5cccd71d661fa0913bd27ca021e2e2134935f62a666af7316fb189afdf8b9e8a62c36bc1e48010017951fa43bd6a27fa748c9d6e2b4c837a26db9fd22b728b0fdf3d9eac010d2381e0f3dd133c85e62a248718c68a69582f3fecf8a780ecd2675d99e50b25a8a611d2f2f77e7a1dc06c9f523653d7bb3fcc37f54bd596c1c5dacac5dca02ca28aeccde90614bcd6108fc85389f096319941bf06f6e1f24dead6317450a5d33c98ac88500d3d535beea1bb1d65457b3d580feaf2a1589c9e89697a1f8543a13acedea186e4eaf951c9fda39408032a3868b512c73f2f74510df4837b089ff2f3a5420db476d189d3d88b1729757fb03c850c53310b1204e6b06e2d9b18f1dadc46bc8255fbd9750b49d8e11521fb6e4c1d3b4abe59d95e73fba9801422458e9ca67c8196f292d7157e186afd891dc25f631860ee50f9830eacc1db3ec89fa20722e4a8c13638e0a869995adf41bbabd0f52496d657f84da2b9c8181e666a64352b9dfbbfeda3142af7bfc230d76e4a5bab94782d87f6e9c9bd04f195ee24818f3ffdfa45537ae724777443cb5c50b1266fb91b8eef3152789d690a91c6c20fadf27fa93a5b958ef412cf53b7314622f5fdf7e585332a4a11567147a9594215a17f5a06d61de4c878976ee0bfe2405341e95f9eab5755bb650e2cd90b00f82b094788b8b50112666e3b8d13ac3c34653625a05b7ec7bca068df9324f188379d9d2ee870b2370e0c602937066edb47308edba4fbd0758ce7e1aaf9ef1ae7fad5d2d28778a7c3a9fb40d7863b4158acedb049efc9b9fd7f10a253d04fa8e0b58f52f7b62d1493ec60972eac6adf72c351146db841bf7be3126d75c66632fca8da4b6231f7137779db30b503fd0e48ccd55c679b4f856ecc2fb2b559822df1bcee5b5d25e67270446011c331908e031a71040a65d89a177eec723457b1e2775e5ed4a750acf9a22cb739a2c1f02258512b67dc326ba1e2db82605b706938c256eec907d0e9dc03ae470b7df6c47efd30fd556db75051acb4a68d526233bc5f0fe3dd2eb648a5bf142bcbf5d77f63fb9729c54a068eae97f46051446d0263510f71fde2aef068bc1a188f099bb18a370374f5ad18da120ad3ac95c9a4578bb17c82fe6d7c2adfba6eddb1de4e8df71e12333e88e44fb8d638fa09345b0244e04b9f92f356a4408a8753e82e6bf9c52790f2145e4ae7392797d310055c4882d14ca097d1ef0e3c99f1ee5c4657dc882d6bf4f887adef51ecd5ecd6da36172054d6697cd9e931411846e2adca1f560c4bb31b5173be13376cf4530dd29f70592ea62293e9b2260fd3f727560c8f36f29d222e53f93e2604f1efce7001bae0578dbd875705d8f15945f6067a1f1da040a70db29a5e80fe70d2ed77050f6f8bb3a37ebf3d5268fca3cb93d81e01962e900d113552974a4538d6118cc935006846250b451c44f341e94425e87221982433aa74056ef5c8332493072c6f0050440acd4ca4f44fb3eff8f7d34c4403aa633acc05be6c5d0b27823576d4ebddb8598eef491b7bc6409a50ca3da7369647073e784681c5334ed56bfd2bef337b535d82fcc52e21fdcffc1f4733f7fc480bca23ca02da7b3bccc083c880d299563572c383033dc680ff54b3fae715c45d157770cc4287b36ba2a32fc128e9367d1ac736c2da061208a1d3a623cc8b82ba3c7fe21d7fba8f4c2a72a2f2e5659c1c72c1329a786e9185f0519e7dcd1f8474ffc928246319eff2545d602674a8bbd3a24b92fc956810bf45f36fb533fe3b379ffd8fcd1483caa22b021422b8050d75b378a6ee6be5dda24443e7658d4b2f8a2623c0985072224eb09523c5c68643e28ad1e78a983e0c3fdea437d2db12a965c5ce413acaa112aba0049bac9d609fa73767c349afe3ec22a6b0e7966142cac25c1b5526190f658154ef31452b8feca399ab594de944647324b7918615baf8ce2dde958671badb3ad8e107f3f4c9c1a19f977c9f4d0147f866ab7af2a531b1e8e32c90d5b641c5abcfb72becf4f04a20605958bb6cd47a0910e32eb7141017a177e0efc7b5ef655cefdbfa3ef6dc90de02bf512ebd168b7f5a660c94e142abf4f9faef9d8f71f63e74413d736aa4faba8c1f1dff8edff2d8249675a7082173da2aae964618e7dcced27c5f630841d1dba7f92c35f0a76d7cc93ad50c490e119caba616c81dbfdf1bc94834d633fe4ce96b7eb07d20a878fa400adb19cb40a66083cb78f53d339c8d3d4f77244ae02119f17971c0fa07f47aa844d02e85bc6235d6c874d47f027a3667df87f8232a77ca2ba341606b355359c33e33572d9db084c8cd55cd5358392ca7494a98b285bb491338abe12b650a8e29d0d8da3f39cd6b04da64815db95e5320e9e1f1c7910f6941721cdaf031070646208269932b8791289fd19f3d3108c9df7be059a6478c6bfff9dcb4f5d6ec34590f232d36f3249ca9268953093951573fde2f8c667b98e166bc7df2da56f2f593283b25892e010f31fcec5f87414b957b54589e903e9f8da26171704c2aef7ea179a02bee8bfb0e5a8916abf07ff497ee6c2dbb71e62b835dde418f37ae44d06d67c602f6b7724cb393a214960f9acd58a1304fc2871448ac15c70d5d4df3e180ac04aa238617c11781478644c4aa1f7dbc668834933116ae7cb7e0ba5ca4be794e44144452b59eedeb3b91d38e8404efe604fade70803a55b058ee0b5f9718d1de1c25aa5cea8118557276833d11aa93c47d763bdee105d2c82413644adc05040780423392546c85979935e956b35cf67865aef87fcf203d81edbae3a2a52c807002f6149f16b94994804e6ed111c516600217f7f794c43425c6d7545131b803bad1d4be18637c0df7923434a002c1adbf143015d34e626889b85834014b5b78a90b6caea7e0166d91292660b287df599cb797077f6afecdabb8d4c17bff4ffefb000ffd1dda247e4c7bd0002dedb911aadb30a6f072ff6cd19330f389e7bf64ce48397135613ff7425be0f53a1cc65edf0f0decf461bfba43b6372eb141745a52c8af96452fddbcc545d4a099786e07ae257812903c201c9e695b394b89c40ecaffd03b84d10305cda59521a8ecd56749036606cc75dcfa8a166d7d78b8b9ef63f303329d14b7cd479ca415df8044e58b00a36dab5c7f0fc6f8056b3db0769b2ad0934ba80397ee924f40131dcf4c76ca09b47bd0e929f1f476abb3795f3b96ee3a4251c463999f98a72490b3a451a1e5ac9966ce81a5ee29d183653ca748e23028a75b9d6576013a29f58a3dca2ad75903b2b43b13df104a461ffd4ce6e0ee7ccaee8b2c1b132557fec20d13d33e2d2d88678a95fe41e1fb3f5626f22380e14dd0655fa800a3fb58301a723f1e6313bc6cd87810c203a168b3a80be5b8bd3ffe0afe99e702bb49d1eea6b6224930e0880e3a96c2c98dbbfd547c82e469e5d5cdb01c3085ddf0b4beb2ff6ad419e1663f19c15750cc7d19cddb03e3148a6d826cf427ec1d8d8c5d41105a322898357655ec279664b4c33385285701ba9dfa922a9f44f623494a6b4a57cc93ef419f5da024ae04cce3594846805ba0aa35a02b92f0b4106651017e646af9e9c524f2001364752033ca3661c3ac0c6e6cb9a9582128df2bba3a073d885fbad919999dc148de20272bbea2f8eef50c972f6a4b9bd94f1751caf55c739198b5f00e12fc40f194c1e61ff15039eb2e53143eccd7f9ff024680ee120c38733074f728b4d13ff57ee638ad0a692db4b1651cbd9a960d1e281b8058273095cb8e135a92c41159f795127d03e6d06702a6b022b571472be1970b5771e648da36ce54a9709d7b90b1fe560da28449c148efa68952937db0ae798bf7b98fc3c074add13dffdae84c917ae01b4ddd47cf13783e0c739cf2883f05836dc64170887859c8f17928a4a8b8a2b2d5334366e8d4a591181cb450695d706032d5d0e827eddba2038d809de92ff8f68086424b8b94d2e872a17f1356f317971335ea987efe67c2ebefb09e3458c5958b883a49cd358dcaf88a9035c891db2ac92bc2ac35472f082a667ce015a48ecbe73af3e651ea3c4c2e504aa8eb7b33e68649b990e8e10fbe06b8906dbca5986915029300360af695b09e719702689dda839e240ca356a93ba2e7e771ef10d0dc569338387bdbea8b604173b38e23e5203f99160b2765c4b3c4f6f49f75b34922a156b2c7441a8df547cdf07ec960165dfe0d4680a1f16362e5a7b5a7391c87f19cb9bd312c731db8b6f6bd1ae6579013c81e092619bdba2e6155a47c7a967a9b453753fd6eddf5dcac5b5ffe7258d5d337b223f8249ad4106631fe1a90831ec8b0ff53e9b603f0beb78dfa020add56e5140d129f8c9bef04110ad7f568431aadfbc7f91e1da656687c89e943c9d39cbbb8d5d2a593250120ba3a29edd5ed3fdff6ac840bf2b6a2cfb35f07a77206599e31393c724bbce3251152434abb4ff0541950801b5495ed7d2bbf62e88ee485c4244f09d08895c5d0af4a3c32dfe189c40541411cfb9863416b0c33824b3f2822a64bf0acc91390db9a723eb4a422e5cb4030e950f755b9d8f290cdee9e78fac910b362eb3a748e841dfc9e307448474f0a097674345357801f7f3ec3c662370749c3ea52fcba86774b7a0817117c6a0d"}) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) mmap$KVM_VCPU(&(0x7f0000f23000/0x1000)=nil, r5, 0x1000000, 0x80010, r3, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001740), 0x200000, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0xc) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_IRQ_LINE_STATUS(r7, 0xc008ae67, &(0x7f0000001780)={0x1, 0x9}) ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0xf) openat$kvm(0xffffffffffffff9c, &(0x7f00000017c0), 0xa00, 0x0) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r7, 0x4068aea3, &(0x7f0000001800)={0xe4, 0x0, 0x91}) ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r8, 0x4018aee2, &(0x7f0000001880)=@attr_pvtime_ipa) openat$kvm(0xffffffffffffff9c, &(0x7f00000018c0), 0x400, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000001900), 0x20001, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000001940), 0x10080, 0x0) 28m1.991538897s ago: executing program 4 (id=254): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x20200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) munmap(&(0x7f0000481000/0x1000)=nil, 0x1000) (async) munmap(&(0x7f0000136000/0x2000)=nil, 0x2000) (async) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) mmap$KVM_VCPU(&(0x7f0000543000/0x4000)=nil, 0x0, 0x200000f, 0x12, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000d7e000/0x3000)=nil, 0x3000) (async) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) (async) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) (async) munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) munmap(&(0x7f00007fd000/0x800000)=nil, 0x800000) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f0000000e80)=[@code={0xa, 0xb4, {"0000181e007008d500019dd20000b8f2210080d2620180d2230080d2a40180d2020000d4604293d20020b8f2a10080d2a20080d2630080d2440180d2020000d4008008d5c0c797d200c0b8f2a10180d2020180d2a30180d2440180d2020000d4000c207e007008d5c06f9fd20040b8f2810180d2a20080d2230180d2840080d2020000d480268ed20020b8f2c10080d2020180d2830180d2a40080d2020000d4"}}, @eret={0xe6, 0x18, 0x2}, @irq_setup={0x46, 0x18, {0x3, 0x36d}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x108}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1a00, 0x7e25, 0xf}}, @eret={0xe6, 0x18}, @memwrite={0x6e, 0x30, @generic={0xa000, 0x260, 0xfffffffffffffff8, 0x3}}, @uexit={0x0, 0x18, 0x7e18}, @svc={0x122, 0x40, {0x84000007, [0x200, 0x7, 0x6, 0x59d2ddca]}}, @svc={0x122, 0x40, {0x8000, [0x6, 0x40, 0x125dfbec, 0xd2, 0x100]}}, @irq_setup={0x46, 0x18, {0x2, 0xd9}}, @smc={0x1e, 0x40, {0x0, [0x5, 0x3, 0x7, 0x7, 0x1]}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x3fe}}, @svc={0x122, 0x40, {0x84000005, [0x9, 0x401, 0x7, 0x200000000000000, 0x4]}}, @svc={0x122, 0x40, {0x400, [0x7ef, 0x3, 0x8, 0x1, 0xfffffffffffffffd]}}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x14c}}, @memwrite={0x6e, 0x30, @generic={0x80a0000, 0xb75, 0x800}}, @msr={0x14, 0x20, {0x603000000013f665, 0x8}}, @smc={0x1e, 0x40, {0x8400000d, [0x8, 0x7, 0x187a, 0x10, 0x3]}}, @uexit={0x0, 0x18, 0x100000001}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x2, 0x4, 0x9, 0x1ff, 0x3}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x15}}, @code={0xa, 0x84, {"0028c09a007008d560d697d200e0b0f2e10080d2420180d2830080d2e40180d2020000d400d896d20040b8f2410180d2820180d2630180d2240080d2020000d4008008d5c0ba88d200a0b8f2010180d2e20080d2e30180d2040080d2020000d4008008d5000008d500b0004f000000ac"}}, @code={0xa, 0xb4, {"204f84d20020b0f2610180d2220180d2030080d2240180d2020000d40068202ec06b83d20060b8f2c10180d2a20080d2430080d2240180d2020000d4000028d50084e00de04094d20080b8f2810080d2420180d2e30180d2040080d2020000d40068210e000008d540a182d20020b8f2e10080d2820180d2c30080d2e40180d2020000d480178ad200a0b0f2e10180d2620180d2030080d2640180d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x3, 0x4, 0x400, 0x200}}, @eret={0xe6, 0x18, 0x8}], 0x5b4}, &(0x7f0000000300)=[@featur2={0x1, 0xc0}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async) ioctl$KVM_RUN(r5, 0xae80, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) (async) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x5}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x10000000000033) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) 27m52.284790535s ago: executing program 5 (id=255): openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200000, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x0, 0x2800002, 0x8010, r2, 0x0) r4 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x100005) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) r7 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x0, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000300)="fb4149dd033b8986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67525673312b01040000000000002627e7000000000000000200", 0x0, 0xfffffffffffffe73) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r6, 0x0) r8 = eventfd2(0x10001, 0x80801) close(r8) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) write$eventfd(r8, &(0x7f0000000100)=0xfffffffffffffffe, 0x8) r9 = eventfd2(0x0, 0x0) close(r9) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20100, 0x0) r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r10, 0x0, 0x4010, r9, 0x0) write$eventfd(r8, &(0x7f0000000000)=0x8, 0x8) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb0149dd833be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8faa767969d22627e700", 0x0, 0x48) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) ioctl$KVM_CHECK_EXTENSION(r11, 0x5421, 0x6) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, 0xfffffffffffffffe, 0x0, 0xfffffffffffffee9) r12 = openat$kvm(0x0, &(0x7f0000000080), 0x22000, 0x0) ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) 27m49.325446114s ago: executing program 4 (id=256): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30) (async, rerun: 64) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1a) (rerun: 64) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000bff000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x210}}], 0x18}, 0x0, 0x0) (async) r5 = eventfd2(0x8, 0x80801) (async) syz_kvm_vgic_v3_setup(r1, 0x1, 0x3a0) (async) r6 = eventfd2(0x1, 0x1) (async) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x40000, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r8, 0x1, 0x100) (async) ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f0000000100)={r6, 0x3, 0x2, r6}) (async) ioctl$KVM_SET_GSI_ROUTING(r8, 0x4008ae6a, &(0x7f00000000c0)={0x1, 0x0, [{0x3, 0x2, 0x1, 0x0, @msi={0x7, 0x9ca0, 0x0, 0xffffff5e}}]}) (async) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000040)={0x8}) (async, rerun: 32) write$eventfd(r6, &(0x7f0000000000)=0x1000007, 0x8) (async, rerun: 32) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000140)={0x8000000}) (async, rerun: 32) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x6, 0x8000000, 0x0, r5}) (async, rerun: 32) ioctl$KVM_RUN(r4, 0xae80, 0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x3, 0x3, 0xeeee8000, 0x1000, &(0x7f0000f6a000/0x1000)=nil}) 27m4.392098457s ago: executing program 36 (id=255): openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200000, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x0, 0x2800002, 0x8010, r2, 0x0) r4 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x100005) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) r7 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x0, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000300)="fb4149dd033b8986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67525673312b01040000000000002627e7000000000000000200", 0x0, 0xfffffffffffffe73) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r6, 0x0) r8 = eventfd2(0x10001, 0x80801) close(r8) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) write$eventfd(r8, &(0x7f0000000100)=0xfffffffffffffffe, 0x8) r9 = eventfd2(0x0, 0x0) close(r9) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20100, 0x0) r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r10, 0x0, 0x4010, r9, 0x0) write$eventfd(r8, &(0x7f0000000000)=0x8, 0x8) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb0149dd833be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8faa767969d22627e700", 0x0, 0x48) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) ioctl$KVM_CHECK_EXTENSION(r11, 0x5421, 0x6) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, 0xfffffffffffffffe, 0x0, 0xfffffffffffffee9) r12 = openat$kvm(0x0, &(0x7f0000000080), 0x22000, 0x0) ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) 26m58.972461133s ago: executing program 37 (id=256): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30) (async, rerun: 64) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1a) (rerun: 64) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000bff000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x210}}], 0x18}, 0x0, 0x0) (async) r5 = eventfd2(0x8, 0x80801) (async) syz_kvm_vgic_v3_setup(r1, 0x1, 0x3a0) (async) r6 = eventfd2(0x1, 0x1) (async) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x40000, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r8, 0x1, 0x100) (async) ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f0000000100)={r6, 0x3, 0x2, r6}) (async) ioctl$KVM_SET_GSI_ROUTING(r8, 0x4008ae6a, &(0x7f00000000c0)={0x1, 0x0, [{0x3, 0x2, 0x1, 0x0, @msi={0x7, 0x9ca0, 0x0, 0xffffff5e}}]}) (async) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000040)={0x8}) (async, rerun: 32) write$eventfd(r6, &(0x7f0000000000)=0x1000007, 0x8) (async, rerun: 32) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000140)={0x8000000}) (async, rerun: 32) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x6, 0x8000000, 0x0, r5}) (async, rerun: 32) ioctl$KVM_RUN(r4, 0xae80, 0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x3, 0x3, 0xeeee8000, 0x1000, &(0x7f0000f6a000/0x1000)=nil}) 15m8.416692699s ago: executing program 7 (id=280): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000000)={0x0, &(0x7f0000000040)}, &(0x7f0000000280)=[@featur2={0x1, 0xa}], 0x1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) syz_kvm_add_vcpu$arm64(r1, &(0x7f0000000b80)={0x0, &(0x7f00000002c0)}, &(0x7f0000000280), 0x1) r6 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000b80)={0x0, &(0x7f00000002c0)=[@hvc={0x32, 0x40, {0x84000003, [0xa00000000, 0x4, 0x4, 0x9, 0x4d]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r6, 0xae80, 0x0) 15m0.622359666s ago: executing program 6 (id=281): r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000000)=0x1) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, &(0x7f0000000040)={0x3, [0x10, 0x0, 0x0]}) r1 = ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece) ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xea8) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, 0x0, 0x8, 0x10, r0, 0x0) r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, r2, 0x2000006, 0x12, r1, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$arm64(r1, r3, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000000440)=[{0x0, &(0x7f0000000080)=[@irq_setup={0x46, 0x18, {0x3, 0x36c}}, @irq_setup={0x46, 0x18, {0x0, 0x3e}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x300, 0x800, 0xc}}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x31e}}, @smc={0x1e, 0x40, {0x400, [0x2, 0x4, 0x0, 0x0, 0x4]}}, @uexit={0x0, 0x18, 0x44b}, @hvc={0x32, 0x40, {0x84000010, [0x2, 0x5, 0x7ff, 0x8f7]}}, @hvc={0x32, 0x40, {0x8400000c, [0x3, 0xa6, 0x4, 0xdb26, 0x8001]}}, @uexit={0x0, 0x18, 0x5}, @smc={0x1e, 0x40, {0xc4000005, [0x100000001, 0x3, 0x6f5, 0xd27d]}}, @msr={0x14, 0x20, {0x0, 0x6}}, @msr={0x14, 0x20, {0x603000000013c4f2, 0x1}}, @hvc={0x32, 0x40, {0x80000000, [0x6, 0x0, 0x4, 0x6, 0x5]}}, @irq_setup={0x46, 0x18, {0x1, 0x2de}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x4, 0x3, 0x9, 0x2}}, @hvc={0x32, 0x40, {0x40000000, [0x800, 0x4, 0x7fff, 0x7, 0x84d]}}, @code={0xa, 0xcc, {"007008d5000000f90048216ec0b894d20040b8f2010080d2420180d2c30180d2640180d2020000d4003e97d20040b0f2610080d2e20180d2630080d2e40180d2020000d420df94d20040b8f2e10180d2e20180d2e30180d2640180d2020000d4602187d20000b8f2210180d2e20080d2a30080d2840080d2020000d440eb9fd20040b8f2a10080d2c20180d2e30080d2040080d2020000d480b392d200a0b8f2c10180d2620080d2c30180d2c40180d2020000d4007008d5"}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x0, 0x8, 0x5, 0x3, 0x3}}], 0x3ac}], 0x1, 0x0, &(0x7f0000000480)=[@featur1={0x1, 0x15}], 0x1) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r1, 0x4018aee2, &(0x7f00000004c0)=@attr_pmu_init) syz_kvm_setup_cpu$arm64(r1, r1, &(0x7f0000bd7000/0x400000)=nil, &(0x7f0000000640)=[{0x0, &(0x7f0000000500)=[@mrs={0xbe, 0x18, {0x6030000000138075}}, @code={0xa, 0xb4, {"20e391d200c0b8f2210180d2020080d2830180d2a40080d2020000d480f58ed20080b8f2410180d2c20080d2230180d2640080d2020000d4008008d50000803c20b184d200e0b8f2e10080d2820180d2030180d2840180d2020000d4009c006f80ae82d20040b8f2810180d2620080d2e30080d2240180d2020000d400d8215e0000601fe0f692d20000b8f2410180d2220080d2630080d2640080d2020000d4"}}, @eret={0xe6, 0x18, 0x684a}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x29c}}], 0x10c}], 0x1, 0x0, &(0x7f0000000680)=[@featur1={0x1, 0x20}], 0x1) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x23) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f00000006c0)={0x2}) ioctl$KVM_SET_REGS(r3, 0x4360ae82, &(0x7f0000000700)={[0x3, 0x10, 0x7, 0x26, 0xda9, 0xb, 0x3, 0xfffffffffffffffe, 0xfffffffffffffffe, 0x0, 0x1, 0x6, 0x2, 0x8000000000000001, 0x4, 0x1], 0x80a0000, 0x99201}) ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x3) ioctl$KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f0000000800)=@attr_other={0x0, 0x9, 0x5, &(0x7f00000007c0)=0x5f6}) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f0000000840)=0x6) r6 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece) ioctl$KVM_SET_SREGS(r6, 0x4000ae84, &(0x7f0000000880)={{0xf000, 0x30000, 0x8, 0x32, 0x8, 0x9, 0x3, 0x11, 0x4, 0x6, 0x3, 0xe}, {0x100000, 0x10000, 0xa, 0x81, 0x6, 0x3, 0xe1, 0x5, 0x7, 0x9, 0x3, 0x5}, {0x4, 0x30000, 0x0, 0x9, 0x2, 0x2, 0x1, 0xd, 0x5, 0x3, 0x1, 0x9}, {0xc002, 0x2, 0xd, 0x4, 0xa8, 0x9, 0x1, 0x7, 0xc5, 0xbc, 0x7, 0x5}, {0xdddd0000, 0xdddd0000, 0xabc400c7426be6eb, 0x40, 0x1, 0x1, 0x3, 0x32, 0x1, 0x7, 0xe, 0x7}, {0xdddd0000, 0x10000, 0x3, 0x26, 0x6, 0x8, 0x5, 0x18, 0x2a, 0x7, 0x80}, {0x1000, 0x9000, 0x8, 0x6, 0xf5, 0x7, 0x6, 0xf8, 0x6, 0x7, 0x10, 0xd0}, {0x40000, 0x4000, 0x0, 0x40, 0x1, 0xa1, 0x2, 0x2, 0xc6, 0x1, 0x7, 0xf7}, {0x26000, 0x3}, {0x10000, 0xe}, 0x40000000, 0x0, 0xeeef0000, 0x200003, 0xe, 0x7000, 0xdddd8000, [0x4, 0xfffffffffffff67b, 0x9, 0x1]}) mmap$KVM_VCPU(&(0x7f0000f98000/0x4000)=nil, r2, 0x1, 0x100010, r1, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_RUN(r7, 0xae80, 0x0) syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f00000009c0)="ca7239e6197ae3fe0dc4f39c835f50d7164002e3fdd53d05", 0x0, 0x18) ioctl$KVM_RUN(r4, 0xae80, 0x0) 14m50.23003609s ago: executing program 7 (id=282): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0x0, &(0x7f0000000100), 0x100800, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) r3 = eventfd2(0xfffffff7, 0x80001) r4 = openat$kvm(0x0, &(0x7f0000000340), 0x4a080, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_vgic_v3_setup(r5, 0x1, 0x40) r7 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000840)={0x0, &(0x7f0000000380)=[@eret={0xe6, 0x18, 0xf8}, @smc={0x1e, 0x40, {0x19, [0x2, 0x2, 0x0, 0x2, 0x5]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0xb0, 0x4, 0x3}}, @smc={0x1e, 0x40, {0x8000, [0x9, 0xffffffffc6e8e31a, 0x9, 0x7, 0x100]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0xa00, 0x7, 0x5}}, @svc={0x122, 0x40, {0x84000012, [0x0, 0x6, 0xba, 0x4d49]}}, @svc={0x122, 0x40, {0xb70000cd, [0x4, 0x9, 0x8000000000000000, 0x4, 0x8001]}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x3, 0x4, 0x2, 0x1000, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x6, 0x3, 0xe, 0x4, 0x3ff, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x1, 0xb, 0x575c, 0x2, 0x4}}, @irq_setup={0x46, 0x18, {0x1, 0x11f}}, @smc={0x1e, 0x40, {0xc4000012, [0x7, 0x0, 0x1, 0x8, 0x8]}}, @svc={0x122, 0x40, {0x84000008, [0x10, 0x80, 0xc4, 0x7ff, 0x72f]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x100, 0x200, 0x5}}, @eret={0xe6, 0x18, 0x5}, @hvc={0x32, 0x40, {0x2000, [0x6, 0xd947, 0x0, 0x8, 0x6]}}, @svc={0x122, 0x40, {0x84000008, [0x8, 0x5, 0x800, 0x80000000, 0x3]}}, @svc={0x122, 0x40, {0x84000012, [0x0, 0x0, 0x7fffffffffffffff, 0x8000, 0x9]}}, @eret={0xe6, 0x18, 0xffff}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x280, 0x4, 0xc}}, @uexit={0x0, 0x18, 0x5}, @smc={0x1e, 0x40, {0x8400000f, [0x7, 0x10001, 0x6, 0x7955, 0x1]}}, @eret={0xe6, 0x18, 0x7}, @mrs={0xbe, 0x18, {0x603000000013e08f}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x10040, 0x10}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x0, 0xe, 0x7, 0xff}}], 0x4b8}, &(0x7f0000000880)=[@featur2={0x1, 0x80}], 0x1) syz_kvm_setup_cpu$arm64(r2, r7, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000d40)=[{0x0, &(0x7f00000008c0)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x88, 0x4, 0x1}}, @code={0xa, 0x9c, {"80da87d200a0b0f2e10080d2a20180d2630180d2440080d2020000d4007008d5003c200ec0c982d200e0b8f2010080d2820080d2430080d2840180d2020000d4c0ba8bd200e0b0f2e10180d2220080d2430180d2a40180d2020000d4007008d5000000d2000030d5007193d20080b8f2e10180d2820080d2e30080d2a40180d2020000d4000028d5"}}, @msr={0x14, 0x20, {0x6030000000138034, 0x2}}, @its_setup={0x82, 0x28, {0x4, 0x3, 0x26a}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x8000, 0x2, 0xe}}, @msr={0x14, 0x20, {0x603000000013c01e, 0xd63}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x4, 0xd, 0x7ff, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x1, 0x4, 0x4, 0x6}}, @msr={0x14, 0x20, {0x603000000013f300, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013801c}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xe00, 0x9, 0x8}}, @uexit={0x0, 0x18, 0x7}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff8, 0x7, 0x3}}, @smc={0x1e, 0x40, {0x20, [0x8, 0x101, 0x6994, 0x3725, 0x9]}}, @eret={0xe6, 0x18, 0x4}, @mrs={0xbe, 0x18, {0x603000000013dce6}}, @mrs={0xbe, 0x18, {0x603000000013c008}}, @smc={0x1e, 0x40, {0x32000000, [0x9, 0x1, 0x7, 0x1, 0x8]}}, @eret={0xe6, 0x18, 0x5}, @mrs={0xbe, 0x18, {0x603000000013def8}}, @msr={0x14, 0x20, {0x603000000013dce3, 0x6}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x1, 0x5, 0x4c}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x26c}}, @uexit={0x0, 0x18, 0xfffffffffffffffb}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x1f4}}, @smc={0x1e, 0x40, {0x1000, [0x25a58, 0x400, 0x3, 0x1, 0x3]}}], 0x44c}], 0x1, 0x0, &(0x7f0000000d80)=[@featur1={0x1, 0x39}], 0x1) (async) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x1, 0xffffffffffffffff}) (async, rerun: 64) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000140)={0x80, 0x50000, 0x0, r3}) (rerun: 64) r8 = mmap$KVM_VCPU(&(0x7f0000eb0000/0x1000)=nil, 0x0, 0x0, 0x4010, 0xffffffffffffffff, 0x0) munmap$KVM_VCPU(r8, 0x81) (async, rerun: 64) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 64) r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffd000/0x1000)=nil, r9, 0x2000000, 0x11, r7, 0x0) (async, rerun: 32) ioctl$KVM_HAS_DEVICE_ATTR_vm(r2, 0x4018aee3, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x9, 0x2}}) (rerun: 32) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000000)={0xffffffff, 0x37d03030d7a9a616}) (async) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000001c0)={0x10000, 0x9000}) r10 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) 14m46.059676052s ago: executing program 6 (id=283): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x0, 0x9, 0x0, 0x0, 0x40000005}}], 0x50}, 0x0, 0x0) r4 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x4, 0x3, 0x0}) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x0, 0x9, 0x0, 0x0, 0x40000005}}], 0x50}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8}) (async) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, 0x0) (async) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x4, 0x3, 0x0}) (async) 14m33.894238555s ago: executing program 7 (id=284): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r3, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6ab0000000037c4b85400005a9610fbff67521ce16f8f1f44927a835673312b54ebb2aa76c869d22627a4702d8a00", 0x0, 0xffffffffffffff3e) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0) r5 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000000)=@arm64_sys={0x603000000013c102, &(0x7f0000000140)=0x1}) ioctl$KVM_CREATE_VM(r5, 0x401c5820, 0x20000007) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f00000000c0)=@arm64_fw={0x6030000000140000, &(0x7f0000000000)=0x4}) 14m28.208029299s ago: executing program 6 (id=285): mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x5, 0x0, 0x1000, 0x2000, &(0x7f0000e21000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x5, 0x0, 0x1000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil}) 14m13.776581594s ago: executing program 7 (id=286): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x3}) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x9b, 0xf, 0x0, 0x5, 0x8, 0x82, 0x46, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x100001, 0xffc0000, 0x0, 0x3, 0xa, 0x8, '\x00', 0x1, 0x93}) (async) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4000ae84, &(0x7f0000000200)={{0x0, 0x1000, 0x1, 0x3a, 0x0, 0x9, 0xba, 0xc, 0x2, 0x6, 0x0, 0xa0}, {0xeeef0000, 0x0, 0xd, 0x1, 0xfc, 0x1, 0x5, 0xc, 0x7, 0x4, 0x6, 0x6}, {0x0, 0xeeee8000, 0x8, 0x9, 0x6, 0x7, 0x3, 0xdb, 0x8, 0x1, 0x1}, {0x2, 0xe000, 0x0, 0x55, 0x7f, 0x80, 0x4, 0x4, 0xa, 0x1, 0x5, 0x9}, {0x6000, 0x0, 0x0, 0x38, 0x0, 0x6, 0x8, 0x1, 0x81, 0x93, 0x7f, 0x8}, {0xdddd1000, 0x41000, 0xd, 0x5, 0x9, 0x5, 0x2, 0x8, 0x81, 0xf, 0x5, 0xfe}, {0xffff1000, 0xb000, 0x14, 0x1, 0x1, 0x7b, 0xfd, 0x9, 0x6a, 0xe, 0x8, 0xd1}, {0xeeef0000, 0x7000, 0x4, 0x3, 0x0, 0x0, 0x7, 0xfa, 0x10, 0x8, 0x2, 0x1}, {0xeeee0000, 0x2}, {0x8000000, 0xc71}, 0x20000002, 0x0, 0x1000, 0x8, 0x8, 0x8000, 0x7000, [0x3, 0x8000000000000000, 0x89, 0x1]}) (async) write$eventfd(r5, &(0x7f00000001c0)=0x3, 0xfdef) (async) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r2, 0x4018aee2, &(0x7f0000000180)=@attr_other={0x0, 0x2, 0x7f, 0x0}) (async) munmap$KVM_VCPU(0x0, 0x1000000000) (async) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r6, 0x401c5820, 0xffff98600fff) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) 14m10.833896833s ago: executing program 6 (id=287): munmap$KVM_VCPU(0x0, 0x1000000000) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = mmap$KVM_VCPU(&(0x7f0000002000/0xc000)=nil, 0x0, 0x2800002, 0x4010, r6, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r6, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000140)={0x0, &(0x7f0000000000)=[@irq_setup={0x46, 0x18, {0x2, 0x2c0}}], 0x18}, 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0x401c5820, 0x20000007) r11 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40049409, 0x9) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000080)=0x8000000000000000}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000280)=@attr_other={0x0, 0x7ff, 0x7, &(0x7f00000000c0)}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r13 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x1) ioctl$KVM_ARM_VCPU_INIT(r13, 0x4020aeae, &(0x7f0000000040)={0x5}) ioctl$KVM_RUN(r13, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) 13m46.720714101s ago: executing program 7 (id=288): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async) r3 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000100)=@attr_arm64={0x0, 0x6, 0x0, &(0x7f0000000040)=0x3}) ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000080)=@attr_other={0x0, 0x8, 0x6aa25d1, &(0x7f0000000000)=0xc}) 13m44.616142963s ago: executing program 6 (id=289): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000001c0)={0x0, &(0x7f00000002c0)=[@mrs={0xbe, 0x18, {0x603000000013c024}}], 0x18}, 0x0, 0x0) munmap$KVM_VCPU(0x0, 0x1000000000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000000)={0x0, 0x100000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 13m32.480828221s ago: executing program 7 (id=290): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x391d42, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2a) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000000)="ea7921a51316d775f3efca87ebd6bb730cbe057a58411431fcd986a8b76cc4f92c91806208be643e8da3c7cf3b9ef9c8bd40f82c72cab92a346e35c400062e2224a0edc7177c6f06", 0x0, 0x48) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0x40086602, 0x20000000) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, &(0x7f0000000100)=[@hvc={0x32, 0x40, {0x84000015, [0x100000001, 0x8000000040000000, 0xffffffffffffffff, 0xee24, 0xfffffffffffeffff]}}], 0x40}, &(0x7f0000000040)=[@featur1={0x1, 0x4}], 0x1) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x80, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000bfe000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000040)={0x0, &(0x7f00000003c0)=[@its_setup={0x82, 0x28, {0x4, 0x0, 0x179}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xa0, 0x8000000000000000, 0x5}}], 0x58}, 0x0, 0x0) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r1, 0x4068aea3, &(0x7f0000000240)={0xe4, 0x0, 0x5}) syz_kvm_vgic_v3_setup(r8, 0x2, 0x100) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000000)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r10, 0xae80, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) r12 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x5, 0x4000000a, 0x0, 0x8, 0x4}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r13, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, 0x0) 13m28.280154744s ago: executing program 6 (id=291): openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r0 = openat$kvm(0x0, 0x0, 0x103080, 0x0) r1 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x391040, 0x0) ioctl$KVM_CHECK_EXTENSION(r3, 0xc0189436, 0x100000000000000) (async) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) r5 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r4, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000140)="fb4149dd033b8986814d7bb14c94a6ab8031d1dfd92f00000000010000005a7e90fbff67525673312b0000000200000000000000000000002c00", 0x0, 0x48) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r4, 0x0) (async) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) r8 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x32) (async) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4040aea0, &(0x7f0000000000)=@x86={0x1, 0x9, 0x8, 0x0, 0x40, 0x1, 0x0, 0x1, 0x2, 0x6, 0x8, 0x4f, 0x0, 0x9, 0xdb, 0x6, 0xa, 0x72, 0x29, '\x00', 0x7a, 0x5}) (async) r10 = eventfd2(0x2, 0x80001) close(r10) (async) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) (async) write$eventfd(r10, &(0x7f0000000100)=0xfffffffffffffffe, 0x8) (async) r11 = eventfd2(0x0, 0x0) close(r11) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r12, 0x2000004, 0x2011, r11, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_GET_API_VERSION(r13, 0x2, 0x1000000000000) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x3) 12m44.828689831s ago: executing program 38 (id=290): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x391d42, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2a) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000000)="ea7921a51316d775f3efca87ebd6bb730cbe057a58411431fcd986a8b76cc4f92c91806208be643e8da3c7cf3b9ef9c8bd40f82c72cab92a346e35c400062e2224a0edc7177c6f06", 0x0, 0x48) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0x40086602, 0x20000000) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, &(0x7f0000000100)=[@hvc={0x32, 0x40, {0x84000015, [0x100000001, 0x8000000040000000, 0xffffffffffffffff, 0xee24, 0xfffffffffffeffff]}}], 0x40}, &(0x7f0000000040)=[@featur1={0x1, 0x4}], 0x1) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x80, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000bfe000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000040)={0x0, &(0x7f00000003c0)=[@its_setup={0x82, 0x28, {0x4, 0x0, 0x179}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xa0, 0x8000000000000000, 0x5}}], 0x58}, 0x0, 0x0) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r1, 0x4068aea3, &(0x7f0000000240)={0xe4, 0x0, 0x5}) syz_kvm_vgic_v3_setup(r8, 0x2, 0x100) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000000)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r10, 0xae80, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) r12 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x0, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x5, 0x4000000a, 0x0, 0x8, 0x4}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r13, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, 0x0) 12m38.30324543s ago: executing program 39 (id=291): openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r0 = openat$kvm(0x0, 0x0, 0x103080, 0x0) r1 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x391040, 0x0) ioctl$KVM_CHECK_EXTENSION(r3, 0xc0189436, 0x100000000000000) (async) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) r5 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r4, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000140)="fb4149dd033b8986814d7bb14c94a6ab8031d1dfd92f00000000010000005a7e90fbff67525673312b0000000200000000000000000000002c00", 0x0, 0x48) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r4, 0x0) (async) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) r8 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x32) (async) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4040aea0, &(0x7f0000000000)=@x86={0x1, 0x9, 0x8, 0x0, 0x40, 0x1, 0x0, 0x1, 0x2, 0x6, 0x8, 0x4f, 0x0, 0x9, 0xdb, 0x6, 0xa, 0x72, 0x29, '\x00', 0x7a, 0x5}) (async) r10 = eventfd2(0x2, 0x80001) close(r10) (async) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) (async) write$eventfd(r10, &(0x7f0000000100)=0xfffffffffffffffe, 0x8) (async) r11 = eventfd2(0x0, 0x0) close(r11) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r12, 0x2000004, 0x2011, r11, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_GET_API_VERSION(r13, 0x2, 0x1000000000000) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x3) 3m7.142844191s ago: executing program 8 (id=292): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xfffffffffffffffc) syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) (async, rerun: 32) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (rerun: 32) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async) r5 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f0000000280)=0x7}) (async) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r1, 0x4018aee2, &(0x7f00000000c0)=@attr_other={0x0, 0x1, 0x7fffffff, 0x0}) (async, rerun: 32) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) (rerun: 32) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r7 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r10, &(0x7f00000008c0)={0x0, 0x0}, 0x0, 0x0) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x3}}], 0x50}, 0x0, 0x0) (async) r12 = syz_kvm_vgic_v3_setup(r9, 0xff7ffffffffffffd, 0x360) (async) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_RUN(r11, 0xae80, 0x0) (async, rerun: 64) r13 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x29) (rerun: 64) syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, &(0x7f0000000340)=[@uexit={0x0, 0x18, 0x1fd}, @smc={0x1e, 0x40, {0x84000050, [0x3, 0xc4, 0x80000000, 0x80000000]}}, @irq_setup={0x46, 0x18, {0x1, 0x28e}}], 0x70}, 0x0, 0x0) (async) r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x1) r15 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x810, r14, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r15, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r14, 0x0) (rerun: 32) ioctl$KVM_SET_USER_MEMORY_REGION(r13, 0x4020ae46, &(0x7f0000000100)={0x202, 0x2, 0x50000, 0x1000, &(0x7f0000ffc000/0x1000)=nil}) (async) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) 3m1.930341257s ago: executing program 9 (id=293): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000000c0)={0x7, 0xffffffffffffffff}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r5, &(0x7f00000001c0)=0x3, 0x10) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000180)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000000)=0xfffffffffffffffd}) 2m49.478458764s ago: executing program 8 (id=294): openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r0 = eventfd2(0x3, 0x1) (async) r1 = eventfd2(0x0, 0x0) r2 = mmap$KVM_VCPU(&(0x7f0000fc6000/0x2000)=nil, 0x0, 0x2000002, 0x2010, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000200)="f30138ddf77f2b380b7bb71c04010003e600020000000003f4ff00061000bb000010090000000000000015051d000000000000000000003f00", 0x0, 0x48) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x3}) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@arm64={0x6, 0x8, 0x7, '\x00', 0x3}) (async) r6 = mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, 0x0, 0x100000b, 0x1010, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_MMIO(r6, 0x20, &(0x7f0000000100)="065290fcd72443e2070c010000000000400000000100ff04", 0x0, 0x18) (async) write$eventfd(r5, &(0x7f00000001c0)=0x3, 0xfdef) (async) close(r1) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000240)={0x8}) r9 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x214a00, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x2a) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000b80)={0x0, 0x0}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f0000000000)=@arm64_fw={0x6030000000140000, &(0x7f0000000200)=0x10002}) (async) r14 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000b80)={0x0, &(0x7f00000000c0)=[@memwrite={0x6e, 0x0, @generic={0x26000, 0xae8, 0x6}}], 0xffffffffffffff2b}, &(0x7f0000000340)=[@featur2={0x1, 0x7}], 0x1) ioctl$KVM_RUN(r14, 0xae80, 0x0) ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0x400, 0x0, r0}) (async) r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r16, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r17, 0x894c, 0x0) 2m41.002680246s ago: executing program 9 (id=295): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000100)={0x0, &(0x7f0000000240)=[@its_setup={0x82, 0x28, {0x3, 0x0, 0x16f}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x2, 0x8, 0x8, 0x100}}], 0x50}, 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000000), 0x20001, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r7, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3) r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r10, 0x8, 0x13, r9, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, r10, 0x1000001, 0x12, r9, 0x0) r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r11, 0x8, 0x13, r7, 0x0) syz_kvm_vgic_v3_setup(r1, 0x2, 0x40) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2m25.351010245s ago: executing program 8 (id=296): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) munmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x15) (async) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc9, 0x3}) (async) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async) r6 = openat$kvm(0x0, &(0x7f0000000180), 0x20ac01, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff}) (async) r9 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1) r10 = mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, 0x930, 0x1800002, 0x11, r9, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000280)="d6011813013c360000000000f4ff8000802346cbd98762c7795582ba3948ecff090001000000000000000000040000000100", 0x0, 0x48) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0xa1a2b165a56d5ec2, 0x11, r9, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4030582b, &(0x7f0000000040)=@attr_other={0x0, 0x0, 0xfffffffffffffff7, 0x0}) syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000500)=[{0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="4600000000000000180000000000000003000000e502000046000000000000001800000000000000020000003e0000006e00000000000000300000000000000000900000000000009a06000000000000700000000000000004000000000000000000f2c4130000003060000000000000000000000000000000001800000000000000457a00000000000014000000000000002000000000000000aac213000000306000000000010000006e0000000000000030000000000000000000080800000000f0ff000000000000010100000000000008000000000000004600000000000000180000000000000001000000430100001e0000000000000040000000000000002000000000000000ffffff7f00000000000800000000000095c1ffffffffffff06000000000000000509000000000000be000000000000001800000000000000000000000000000032000000000000004000000000000000004000000000000002000000000000006b060000000000004000000000000000090000000000000003000000000000001e0000000000000040000000000000000100008000000000380a000000000000ffffffffffffff7fed080000000000000400000000000000ff00"/472], 0x1d8}], 0x1, 0x0, &(0x7f0000000540)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x9, 0x9}) (async) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x900, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x28) (async) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x2012, r13, 0x40000) r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil) r17 = syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000080)={0x0, &(0x7f0000000240)=[@irq_setup={0x5, 0x18}], 0x18}, 0x0, 0x0) ioctl$KVM_RUN(r17, 0xae80, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r17, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x1, 0xf, '\x00', 0xfffffffffffff105}) ioctl$KVM_RUN(r17, 0xae80, 0x0) 2m9.343287587s ago: executing program 9 (id=297): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000280)=@attr_arm64={0x0, 0x8, 0x88, &(0x7f0000000040)=0x1}) (async) r3 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5) (async) munmap(&(0x7f0000481000/0x1000)=nil, 0x1000) (async) munmap(&(0x7f0000136000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) (async) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) munmap(&(0x7f00007fd000/0x800000)=nil, 0x800000) 2m6.28536551s ago: executing program 8 (id=298): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x800, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000100)=@arm64_fw={0x6030000000140000, &(0x7f0000000180)=0x1}) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2e) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x5) syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f00000003c0)=[@featur2={0x1, 0x17}], 0x1) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0x8}) r9 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) syz_kvm_setup_cpu$arm64(r7, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000940)=[{0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1e0000000000009a756d3c004000000000000000070000ff00000000000000000100000005000000000000000200000000000000ffffff7f0000000053000000000000001e0000000000000040000000000000006000000000000000000006000000000000000000000000008d000000000000000500000000007cf02be0fffeff0000000000000000000000000000180000000000000084ed000000000000000000000000000018000000000000007f00000000000000ca23fef575b8a75277c7a9168b465c757e00f759db43cf6ca12bd88ece5f9c47a7e667b510eddd81b1a10030498ce9ffdad3f5d9ce3d2e6d3919d6444bdd5c25636246914cefc0b7c62c7b8085f2700c8987031e"], 0xb0}], 0x1, 0x0, &(0x7f0000000980)=[@featur2={0x1, 0xf2}], 0x1) r10 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x25) ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2) r11 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2) syz_kvm_vgic_v3_setup(r12, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000180)={0x8}) ioctl$KVM_RUN(r11, 0xae80, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r15, 0x401054d5, 0x10000000000000) ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f0000000240)=@arm64_core={0x603000000010003c, &(0x7f0000000080)=0x5}) 1m53.628857669s ago: executing program 9 (id=299): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000200)={0x5, 0x0, [{0x2, 0x5, 0x0, 0x0, @sint={0x7, 0x1}}, {0x2, 0x4, 0x0, 0x0, @adapter={0x3, 0xffffffffffff7315, 0x4, 0x37, 0x9}}, {0x1c35, 0x1, 0x0, 0x0, @adapter={0x8, 0xfd, 0x4b, 0x2, 0xf3}}, {0xc45, 0x5, 0x0, 0x0, @sint={0xf73, 0x3fc}}, {0x7, 0x0, 0x1, 0x0, @irqchip={0x6, 0xfffffc32}}]}) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@mrs={0xbe, 0x18, {0x603000000013c017}}], 0x18}, 0x0, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f00000000c0)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000000)=0x400000000}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000100)=0x8010000000000002}) r10 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x2b) ioctl$KVM_REGISTER_COALESCED_MMIO(r12, 0x4010ae67, &(0x7f0000000240)={0x1, 0xe000, 0x1}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r15, 0x400454e2, 0x110c230f00) ioctl$KVM_REGISTER_COALESCED_MMIO(r12, 0x4010ae67, &(0x7f0000000080)={0x3000, 0x1000, 0x1}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r12, 0x4010ae68, &(0x7f0000000040)={0x0, 0x10c000, 0x1}) syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_REGISTER_COALESCED_MMIO(r10, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616}) ioctl$KVM_REGISTER_COALESCED_MMIO(r10, 0x4010ae67, &(0x7f0000000180)={0x200000, 0x8000, 0x1}) syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) 1m31.928169988s ago: executing program 8 (id=300): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000140), 0x121681, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2400, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f00000001c0)={0x1, 0x0, 0xf000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_CREATE_DEVICE(r6, 0xc018aec0, &(0x7f00000000c0)={0x1}) r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r7, r8, &(0x7f0000e8a000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac4e37c4005a9614fbff67521ce16f8f09449a7a836b73312954000000000000000000000000000000000000000000000000000000dc6900", 0x0, 0x2e) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) r9 = eventfd2(0x0, 0x0) close(r9) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x88c80, 0x0) r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000ff9000/0x4000)=nil, r10, 0xa, 0x80010, r9, 0x0) r11 = eventfd2(0x0, 0x0) write$eventfd(r11, &(0x7f0000000180)=0x81, 0x8) close(r11) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000c4c000/0x4000)=nil, 0x930, 0x2000004, 0x2011, r11, 0x0) 1m22.050621483s ago: executing program 9 (id=301): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_GET_API_VERSION(r2, 0x2, 0x1000000000000) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0x80111500, 0x20000000) close(r5) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2d) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x6000, 0x2000, &(0x7f0000fa2000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x2000, 0x1000, &(0x7f0000fa2000/0x1000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000100)={0x1, 0x0, 0x5000, 0x2000, &(0x7f0000fa2000/0x2000)=nil}) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0x80111500, 0x20000000) r10 = ioctl$KVM_CREATE_VM(r9, 0x541b, 0x10000000000000) r11 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x5d3881, 0x0) ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) r13 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0) syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r13, 0xae04) mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r14, 0x3, 0x40b2811, 0xffffffffffffffff, 0x0) r15 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=[@code={0xa, 0x9c, {"1f0020ab40cd8cd200a0b0f2410180d2820080d2c30080d2840180d2020000d4000000ea408393d20060b8f2810080d2420180d2a30080d2c40180d2020000d4007008d50080001b009c005f407b91d20040b8f2210180d2020180d2e30180d2c40080d2020000d440f191d20040b8f2410080d2620180d2e30180d2240080d2020000d40020c00d"}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x4, 0x5, 0xf, 0x200, 0x4}}, @eret={0xe6, 0x18, 0xe3}, @mrs={0xbe, 0x18, {0x603000000013df58}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x3, 0x5, 0x4, 0x80, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013f7b8}}, @svc={0x122, 0xc357da94b2e8b227, {0x8400000c, [0x0, 0x1800000000, 0x7fffffffffffffff, 0x7, 0x9]}}, @smc={0x1e, 0x40, {0x8600ff01, [0xd, 0x5, 0x3, 0x3, 0x8]}}], 0x1b4}, 0x0, 0x0) ioctl$KVM_RUN(r15, 0xae80, 0x0) write$eventfd(r3, &(0x7f00000001c0)=0x1, 0x11) 1m5.560389416s ago: executing program 8 (id=302): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r4 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x40) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000000c0)=@attr_riscv64=@attr_addr={0x0, 0x1, @imsic=0x1, &(0x7f0000000080)}) r5 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000f2b000/0x3000)=nil, 0x0, 0x3000002, 0x112, 0xffffffffffffffff, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2a) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, 0x0) r8 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000b80)={0x0, &(0x7f00000000c0)=[@hvc={0x32, 0x40, {0x84000015, [0x7, 0x8000000000000000, 0xffffffffffffffff, 0xee24, 0xfffffffffffeffff]}}], 0x40}, &(0x7f0000000040)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) syz_kvm_vgic_v3_setup(r1, 0x2, 0x0) r9 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000380)={0x0, &(0x7f0000000440)}, &(0x7f00000003c0)=[@featur1={0x1, 0x84}], 0x1) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r11 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29) r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c65e, 0x8000}}], 0x20}, 0x0, 0x0) ioctl$KVM_RUN(r15, 0xae80, 0x0) r16 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0xc) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r16, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x4000}) ioctl$KVM_RESET_DIRTY_RINGS(r11, 0xaec7) ioctl$KVM_ARM_SET_DEVICE_ADDR(r9, 0x4010aeab, &(0x7f0000000400)={0x6, 0x41000}) 51.77447749s ago: executing program 9 (id=303): mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x9000000) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000240)=ANY=[], 0x40}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000840)={0x0, &(0x7f0000000280)=[@hvc={0x32, 0x40, {0x0, [0x0, 0x8001, 0x1, 0x0, 0x1]}}, @mrs={0xbe, 0x18}, @svc={0x122, 0x40, {0x80000002, [0x4, 0x90, 0x4, 0xc, 0x7]}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0x265}}, @smc={0x1e, 0x40, {0x84000053, [0x691, 0x3c, 0x6, 0x1, 0x9]}}, @uexit={0x0, 0x18, 0x58}, @mrs={0xbe, 0x18, {0x603000000013e518}}, @svc={0x122, 0x40, {0x40000000, [0x6, 0x9, 0x1, 0xdd7, 0xffffffffffffff3d]}}, @hvc={0x32, 0x40, {0x20, [0x10000, 0x0, 0x10000, 0xfff, 0x9b]}}, @uexit={0x0, 0x18, 0x9}, @uexit={0x0, 0x18, 0xfff}, @svc={0x122, 0x40, {0x40, [0x797, 0x8, 0x40, 0x8, 0x78a]}}, @svc={0x122, 0x40, {0xee959d385de4a6b0, [0x4, 0x5, 0x8000, 0x3, 0x4]}}, @smc={0x1e, 0x40, {0x8400000d, [0x1, 0x4fc6, 0xb4f3, 0x3, 0x8000000000000001]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff4, 0x7, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013e535}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x31f}}, @code={0xa, 0xb4, {"0018285e007008d5207691d20040b0f2010080d2e20180d2430080d2a40180d2020000d40000311e007008d5007008d560d58cd20020b8f2010080d2c20080d2a30180d2a40080d2020000d460ae95d20020b0f2210080d2820080d2a30080d2640180d2020000d4003a90d20000b0f2610180d2820180d2c30080d2a40180d2020000d480ac93d20080b8f2010080d2420080d2a30180d2040080d2020000d4"}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x28c}}, @mrs={0xbe, 0x18, {0x603000000013debd}}, @svc={0x122, 0x40, {0x8000, [0x10, 0x1, 0xa, 0xffff]}}, @hvc={0x32, 0x40, {0x80000000, [0x2, 0xa, 0x3e7, 0x9d99, 0x1]}}, @uexit={0x0, 0x18, 0x4}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x43}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x241}}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x342}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x48, 0x6}}, @irq_setup={0x46, 0x18, {0x4, 0x342}}, @uexit={0x0, 0x18, 0x5}, @msr={0x14, 0x20, {0x603000000013e703, 0x6}}], 0x594}, &(0x7f0000000880)=[@featur1={0x1, 0x1}], 0x1) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r4, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000667000/0x2000)=nil, 0x2000) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) 17.770914103s ago: executing program 40 (id=302): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r4 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x40) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000000c0)=@attr_riscv64=@attr_addr={0x0, 0x1, @imsic=0x1, &(0x7f0000000080)}) r5 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000f2b000/0x3000)=nil, 0x0, 0x3000002, 0x112, 0xffffffffffffffff, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2a) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, 0x0) r8 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000b80)={0x0, &(0x7f00000000c0)=[@hvc={0x32, 0x40, {0x84000015, [0x7, 0x8000000000000000, 0xffffffffffffffff, 0xee24, 0xfffffffffffeffff]}}], 0x40}, &(0x7f0000000040)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) syz_kvm_vgic_v3_setup(r1, 0x2, 0x0) r9 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000380)={0x0, &(0x7f0000000440)}, &(0x7f00000003c0)=[@featur1={0x1, 0x84}], 0x1) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0) r11 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29) r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c65e, 0x8000}}], 0x20}, 0x0, 0x0) ioctl$KVM_RUN(r15, 0xae80, 0x0) r16 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0xc) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r16, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x4000}) ioctl$KVM_RESET_DIRTY_RINGS(r11, 0xaec7) ioctl$KVM_ARM_SET_DEVICE_ADDR(r9, 0x4010aeab, &(0x7f0000000400)={0x6, 0x41000}) 0s ago: executing program 41 (id=303): mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x9000000) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000240)=ANY=[], 0x40}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000840)={0x0, &(0x7f0000000280)=[@hvc={0x32, 0x40, {0x0, [0x0, 0x8001, 0x1, 0x0, 0x1]}}, @mrs={0xbe, 0x18}, @svc={0x122, 0x40, {0x80000002, [0x4, 0x90, 0x4, 0xc, 0x7]}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0x265}}, @smc={0x1e, 0x40, {0x84000053, [0x691, 0x3c, 0x6, 0x1, 0x9]}}, @uexit={0x0, 0x18, 0x58}, @mrs={0xbe, 0x18, {0x603000000013e518}}, @svc={0x122, 0x40, {0x40000000, [0x6, 0x9, 0x1, 0xdd7, 0xffffffffffffff3d]}}, @hvc={0x32, 0x40, {0x20, [0x10000, 0x0, 0x10000, 0xfff, 0x9b]}}, @uexit={0x0, 0x18, 0x9}, @uexit={0x0, 0x18, 0xfff}, @svc={0x122, 0x40, {0x40, [0x797, 0x8, 0x40, 0x8, 0x78a]}}, @svc={0x122, 0x40, {0xee959d385de4a6b0, [0x4, 0x5, 0x8000, 0x3, 0x4]}}, @smc={0x1e, 0x40, {0x8400000d, [0x1, 0x4fc6, 0xb4f3, 0x3, 0x8000000000000001]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff4, 0x7, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013e535}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x31f}}, @code={0xa, 0xb4, {"0018285e007008d5207691d20040b0f2010080d2e20180d2430080d2a40180d2020000d40000311e007008d5007008d560d58cd20020b8f2010080d2c20080d2a30180d2a40080d2020000d460ae95d20020b0f2210080d2820080d2a30080d2640180d2020000d4003a90d20000b0f2610180d2820180d2c30080d2a40180d2020000d480ac93d20080b8f2010080d2420080d2a30180d2040080d2020000d4"}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x28c}}, @mrs={0xbe, 0x18, {0x603000000013debd}}, @svc={0x122, 0x40, {0x8000, [0x10, 0x1, 0xa, 0xffff]}}, @hvc={0x32, 0x40, {0x80000000, [0x2, 0xa, 0x3e7, 0x9d99, 0x1]}}, @uexit={0x0, 0x18, 0x4}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x43}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x241}}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x342}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x48, 0x6}}, @irq_setup={0x46, 0x18, {0x4, 0x342}}, @uexit={0x0, 0x18, 0x5}, @msr={0x14, 0x20, {0x603000000013e703, 0x6}}], 0x594}, &(0x7f0000000880)=[@featur1={0x1, 0x1}], 0x1) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) mmap$KVM_VCPU(&(0x7f000064b000/0x4000)=nil, r4, 0x100000d, 0x9032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000667000/0x2000)=nil, 0x2000) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) kernel console output (not intermixed with test programs): [ 369.710645][ T24] audit: type=1400 audit(368.920:76): avc: denied { write } for pid=3263 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 372.319286][ T3207] 8021q: adding VLAN 0 to HW filter on device bond0 [ 379.093357][ T24] audit: type=1400 audit(378.260:77): avc: denied { write } for pid=3273 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 384.073361][ T24] audit: type=1400 audit(383.160:78): avc: denied { write } for pid=3276 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 402.407902][ T24] audit: type=1400 audit(401.600:79): avc: denied { write } for pid=3283 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 406.375897][ T24] audit: type=1400 audit(405.590:80): avc: denied { write } for pid=3286 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 412.631739][ T24] audit: type=1400 audit(411.840:81): avc: denied { write } for pid=3289 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 416.463761][ T24] audit: type=1400 audit(415.660:82): avc: denied { write } for pid=3292 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 425.731907][ T24] audit: type=1400 audit(424.940:83): avc: denied { write } for pid=3296 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 429.494333][ T24] audit: type=1400 audit(428.700:84): avc: denied { write } for pid=3299 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 432.001688][ T3207] eql: remember to turn off Van-Jacobson compression on your slave devices [ 438.788367][ T24] audit: type=1400 audit(438.000:85): avc: denied { write } for pid=3303 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 442.455737][ T24] audit: type=1400 audit(441.660:86): avc: denied { write } for pid=3306 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 451.450906][ T24] audit: type=1400 audit(450.660:87): avc: denied { write } for pid=3309 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 456.500357][ T24] audit: type=1400 audit(455.710:88): avc: denied { write } for pid=3312 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 467.001975][ T24] audit: type=1400 audit(466.210:89): avc: denied { write } for pid=3317 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 470.813373][ T24] audit: type=1400 audit(470.010:90): avc: denied { write } for pid=3320 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 482.078480][ T24] audit: type=1400 audit(481.290:91): avc: denied { write } for pid=3325 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 485.813289][ T24] audit: type=1400 audit(485.020:92): avc: denied { write } for pid=3328 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 491.070230][ T24] audit: type=1400 audit(490.280:93): avc: denied { write } for pid=3330 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 494.794422][ T24] audit: type=1400 audit(494.000:94): avc: denied { write } for pid=3333 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 513.725327][ T24] audit: type=1400 audit(512.920:95): avc: denied { write } for pid=3341 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 518.793731][ T24] audit: type=1400 audit(517.990:96): avc: denied { write } for pid=3344 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 540.944474][ T24] audit: type=1400 audit(540.150:97): avc: denied { write } for pid=3353 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 544.690811][ T24] audit: type=1400 audit(543.900:98): avc: denied { write } for pid=3356 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 550.623628][ T24] audit: type=1400 audit(549.830:99): avc: denied { write } for pid=3359 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 554.493294][ T24] audit: type=1400 audit(553.700:100): avc: denied { write } for pid=3362 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 Warning: Permanently added '[localhost]:30664' (ED25519) to the list of known hosts. [ 589.769441][ T24] audit: type=1400 audit(588.980:101): avc: denied { name_bind } for pid=3367 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 590.601331][ T24] audit: type=1400 audit(589.810:102): avc: denied { execute } for pid=3368 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 590.626366][ T24] audit: type=1400 audit(589.840:103): avc: denied { execute_no_trans } for pid=3368 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 614.278952][ T24] audit: type=1400 audit(613.490:104): avc: denied { mounton } for pid=3368 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 614.319219][ T24] audit: type=1400 audit(613.530:105): avc: denied { mount } for pid=3368 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 614.405763][ T3368] cgroup: Unknown subsys name 'net' [ 614.460958][ T24] audit: type=1400 audit(613.670:106): avc: denied { unmount } for pid=3368 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 614.858498][ T3368] cgroup: Unknown subsys name 'cpuset' [ 614.993994][ T3368] cgroup: Unknown subsys name 'rlimit' [ 615.847032][ T24] audit: type=1400 audit(615.050:107): avc: denied { setattr } for pid=3368 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=704 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 615.870885][ T24] audit: type=1400 audit(615.070:108): avc: denied { mounton } for pid=3368 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 615.894034][ T24] audit: type=1400 audit(615.100:109): avc: denied { mount } for pid=3368 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 616.876408][ T3371] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 616.894907][ T24] audit: type=1400 audit(616.100:110): avc: denied { relabelto } for pid=3371 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 616.924109][ T24] audit: type=1400 audit(616.120:111): avc: denied { write } for pid=3371 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 617.090398][ T24] audit: type=1400 audit(616.300:112): avc: denied { read } for pid=3368 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 617.109446][ T24] audit: type=1400 audit(616.320:113): avc: denied { open } for pid=3368 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 617.159099][ T3368] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 677.147543][ T24] audit: type=1400 audit(676.360:114): avc: denied { execmem } for pid=3372 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 680.910960][ T24] audit: type=1400 audit(680.120:115): avc: denied { read } for pid=3375 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 680.941860][ T24] audit: type=1400 audit(680.150:116): avc: denied { open } for pid=3375 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 681.004547][ T24] audit: type=1400 audit(680.210:117): avc: denied { mounton } for pid=3374 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 681.255080][ T24] audit: type=1400 audit(680.460:118): avc: denied { module_request } for pid=3374 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 682.238010][ T24] audit: type=1400 audit(681.430:119): avc: denied { sys_module } for pid=3374 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 707.360081][ T3375] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 707.444965][ T3374] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 707.516885][ T3375] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 707.570933][ T3374] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 719.201764][ T3374] hsr_slave_0: entered promiscuous mode [ 719.249336][ T3374] hsr_slave_1: entered promiscuous mode [ 720.158533][ T3375] hsr_slave_0: entered promiscuous mode [ 720.189634][ T3375] hsr_slave_1: entered promiscuous mode [ 720.223948][ T3375] debugfs: 'hsr0' already exists in 'hsr' [ 720.229691][ T3375] Cannot create hsr debugfs directory [ 725.805048][ T24] audit: type=1400 audit(725.010:120): avc: denied { create } for pid=3374 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 725.836734][ T24] audit: type=1400 audit(725.040:121): avc: denied { write } for pid=3374 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 725.918813][ T24] audit: type=1400 audit(725.130:122): avc: denied { read } for pid=3374 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 726.086712][ T3374] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 726.465120][ T3374] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 726.538063][ T3374] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 726.758208][ T3374] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 726.847780][ T3374] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 727.021564][ T3374] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 727.187412][ T3374] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 727.279824][ T3374] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 728.808409][ T3375] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 728.964563][ T3375] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 729.040976][ T3375] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 729.217581][ T3375] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 729.324834][ T3375] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 729.486788][ T3375] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 729.554176][ T3375] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 729.684288][ T3375] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 741.021349][ T3374] 8021q: adding VLAN 0 to HW filter on device bond0 [ 743.308434][ T3375] 8021q: adding VLAN 0 to HW filter on device bond0 [ 794.019445][ T3374] veth0_vlan: entered promiscuous mode [ 794.499798][ T3374] veth1_vlan: entered promiscuous mode [ 796.565626][ T3374] veth0_macvtap: entered promiscuous mode [ 797.015818][ T3374] veth1_macvtap: entered promiscuous mode [ 797.270517][ T3375] veth0_vlan: entered promiscuous mode [ 798.149861][ T3375] veth1_vlan: entered promiscuous mode [ 799.521496][ T3428] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 799.580528][ T3428] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 799.586771][ T3428] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 799.604261][ T3428] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 801.316118][ T3375] veth0_macvtap: entered promiscuous mode [ 801.893795][ T24] audit: type=1400 audit(801.100:123): avc: denied { mount } for pid=3374 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 802.045214][ T3375] veth1_macvtap: entered promiscuous mode [ 802.149977][ T24] audit: type=1400 audit(801.340:124): avc: denied { mounton } for pid=3374 comm="syz-executor" path="/syzkaller.IWq1J3/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 802.417940][ T24] audit: type=1400 audit(801.630:125): avc: denied { mount } for pid=3374 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 802.685424][ T24] audit: type=1400 audit(801.890:126): avc: denied { mounton } for pid=3374 comm="syz-executor" path="/syzkaller.IWq1J3/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 802.837164][ T24] audit: type=1400 audit(802.010:127): avc: denied { mounton } for pid=3374 comm="syz-executor" path="/syzkaller.IWq1J3/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3745 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 803.429504][ T24] audit: type=1400 audit(802.640:128): avc: denied { unmount } for pid=3374 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 803.749045][ T24] audit: type=1400 audit(802.810:129): avc: denied { mounton } for pid=3374 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1548 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 803.880149][ T24] audit: type=1400 audit(803.070:130): avc: denied { mount } for pid=3374 comm="syz-executor" name="/" dev="gadgetfs" ino=3753 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 804.240227][ T24] audit: type=1400 audit(803.450:131): avc: denied { mount } for pid=3374 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 804.286348][ T3478] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 804.301035][ T3478] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 804.344921][ T3478] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 804.356282][ T3478] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 804.397067][ T24] audit: type=1400 audit(803.610:132): avc: denied { mounton } for pid=3374 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 805.717694][ T3374] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 806.905821][ T24] kauditd_printk_skb: 1 callbacks suppressed [ 806.911363][ T24] audit: type=1400 audit(806.090:134): avc: denied { read write } for pid=3374 comm="syz-executor" name="loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 806.930584][ T24] audit: type=1400 audit(806.140:135): avc: denied { open } for pid=3374 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 807.074632][ T24] audit: type=1400 audit(806.210:136): avc: denied { ioctl } for pid=3374 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 818.325497][ T24] audit: type=1400 audit(817.530:137): avc: denied { read } for pid=3526 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 818.453588][ T24] audit: type=1400 audit(817.640:138): avc: denied { open } for pid=3526 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 818.637442][ T24] audit: type=1400 audit(817.840:139): avc: denied { ioctl } for pid=3526 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0x9436 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 823.765900][ T24] audit: type=1400 audit(822.970:140): avc: denied { write } for pid=3528 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 825.123815][ T24] audit: type=1400 audit(824.310:141): avc: denied { map } for pid=3528 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 825.175714][ T24] audit: type=1400 audit(824.360:142): avc: denied { execute } for pid=3528 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 847.141724][ T24] audit: type=1400 audit(846.350:143): avc: denied { append } for pid=3544 comm="syz.0.7" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 883.757337][ T24] audit: type=1400 audit(882.970:144): avc: denied { setattr } for pid=3565 comm="syz.1.14" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 890.223250][ T24] audit: type=1400 audit(889.350:145): avc: denied { create } for pid=3572 comm="syz.0.16" anonclass=[kvm-gmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 890.299121][ T24] audit: type=1400 audit(889.500:146): avc: denied { map } for pid=3572 comm="syz.0.16" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=4502 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 890.354376][ T24] audit: type=1400 audit(889.550:147): avc: denied { read execute } for pid=3572 comm="syz.0.16" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=4502 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 917.059803][ T24] audit: type=1400 audit(916.270:148): avc: denied { execute } for pid=3591 comm="syz.1.21" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4772 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 943.155533][ T24] audit: type=1400 audit(942.340:149): avc: denied { write } for pid=3608 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 952.717105][ T24] audit: type=1400 audit(951.820:150): avc: denied { write } for pid=3620 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1104.179328][ T3708] kvm [3708]: Failed to find VMA for hva 0x21016000 [ 1129.326531][ T3716] kvm [3716]: Failed to find VMA for hva 0x20dcb000 [ 1168.410171][ T24] audit: type=1400 audit(1167.620:151): avc: denied { execute } for pid=3732 comm="syz.1.63" path=2F33312F10FBFF67525673312B0104 dev="tmpfs" ino=173 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 1196.220465][ T24] audit: type=1400 audit(1195.430:152): avc: denied { write } for pid=3750 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1204.613109][ T24] audit: type=1400 audit(1203.810:153): avc: denied { write } for pid=3754 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1269.051040][ T2156] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1270.059736][ T2156] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1271.171315][ T2156] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1272.036800][ T2156] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1283.380991][ T2156] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1283.479980][ T2156] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1283.540178][ T2156] bond0 (unregistering): Released all slaves [ 1284.805363][ T2156] hsr_slave_0: left promiscuous mode [ 1284.916233][ T2156] hsr_slave_1: left promiscuous mode [ 1285.186956][ T2156] veth1_macvtap: left promiscuous mode [ 1285.199990][ T2156] veth0_macvtap: left promiscuous mode [ 1285.217072][ T2156] veth1_vlan: left promiscuous mode [ 1285.221051][ T2156] veth0_vlan: left promiscuous mode [ 1307.730154][ T3428] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1308.897806][ T3428] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1309.507122][ T24] audit: type=1400 audit(1308.720:154): avc: denied { write } for pid=3798 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1309.717686][ T3428] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1310.557746][ T3428] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1315.091455][ T24] audit: type=1400 audit(1314.280:155): avc: denied { write } for pid=3803 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1322.619809][ T3428] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1322.689650][ T3428] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1322.739382][ T3428] bond0 (unregistering): Released all slaves [ 1323.126275][ T3207] 8021q: adding VLAN 0 to HW filter on device eth1 [ 1323.878210][ T3428] hsr_slave_0: left promiscuous mode [ 1323.965052][ T3428] hsr_slave_1: left promiscuous mode [ 1324.283700][ T3428] veth1_macvtap: left promiscuous mode [ 1324.287402][ T3428] veth0_macvtap: left promiscuous mode [ 1324.309404][ T3428] veth1_vlan: left promiscuous mode [ 1324.321528][ T3428] veth0_vlan: left promiscuous mode [ 1343.434894][ T24] audit: type=1400 audit(1342.640:156): avc: denied { write } for pid=3822 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1347.554940][ T24] audit: type=1400 audit(1346.690:157): avc: denied { write } for pid=3833 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1350.460119][ T3207] 8021q: adding VLAN 0 to HW filter on device eth2 [ 1352.348053][ T3769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1353.009313][ T3769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1354.165794][ T3773] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1354.410149][ T3773] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1360.437776][ T24] audit: type=1400 audit(1359.590:158): avc: denied { write } for pid=3846 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1366.253745][ T24] audit: type=1400 audit(1365.460:159): avc: denied { write } for pid=3854 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1370.278125][ T3207] 8021q: adding VLAN 0 to HW filter on device eth3 [ 1376.118837][ T3769] hsr_slave_0: entered promiscuous mode [ 1376.156731][ T3769] hsr_slave_1: entered promiscuous mode [ 1378.008110][ T3773] hsr_slave_0: entered promiscuous mode [ 1378.066262][ T3773] hsr_slave_1: entered promiscuous mode [ 1378.107213][ T3773] debugfs: 'hsr0' already exists in 'hsr' [ 1378.116374][ T3773] Cannot create hsr debugfs directory [ 1378.285618][ T24] audit: type=1400 audit(1377.480:160): avc: denied { write } for pid=3866 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1382.201853][ T24] audit: type=1400 audit(1381.410:161): avc: denied { write } for pid=3871 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1384.716362][ T3207] 8021q: adding VLAN 0 to HW filter on device eth4 [ 1388.055406][ T3769] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1388.427933][ T3769] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1388.537317][ T3769] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1388.718937][ T3769] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1388.810746][ T3769] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1389.167714][ T3769] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1389.337361][ T3769] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1389.685194][ T3769] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1392.666069][ T3773] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1392.925242][ T3773] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1393.035950][ T3773] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1393.255221][ T3773] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1393.310331][ T3773] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1393.548725][ T3773] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1393.644979][ T3773] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1393.875177][ T3773] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1395.758386][ T24] audit: type=1400 audit(1394.970:162): avc: denied { write } for pid=3883 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1401.869235][ T24] audit: type=1400 audit(1401.030:163): avc: denied { write } for pid=3897 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1405.998522][ T3207] 8021q: adding VLAN 0 to HW filter on device eth5 [ 1412.619570][ T3769] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1416.549015][ T3773] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1419.835827][ T24] audit: type=1400 audit(1419.030:164): avc: denied { write } for pid=3908 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1427.814136][ T24] audit: type=1400 audit(1427.020:165): avc: denied { write } for pid=3920 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1433.250656][ T3207] 8021q: adding VLAN 0 to HW filter on device eth6 [ 1450.015604][ T24] audit: type=1400 audit(1449.200:166): avc: denied { write } for pid=3932 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1456.331181][ T24] audit: type=1400 audit(1455.530:167): avc: denied { write } for pid=3941 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1460.789983][ T3207] 8021q: adding VLAN 0 to HW filter on device eth7 [ 1473.161098][ T24] audit: type=1400 audit(1472.370:168): avc: denied { write } for pid=3957 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1480.256199][ T24] audit: type=1400 audit(1479.450:169): avc: denied { write } for pid=3966 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1485.920602][ T3207] 8021q: adding VLAN 0 to HW filter on device eth8 [ 1506.398803][ T3769] veth0_vlan: entered promiscuous mode [ 1507.329198][ T3769] veth1_vlan: entered promiscuous mode [ 1511.135434][ T3773] veth0_vlan: entered promiscuous mode [ 1511.267171][ T3769] veth0_macvtap: entered promiscuous mode [ 1512.106636][ T3769] veth1_macvtap: entered promiscuous mode [ 1512.834410][ T3773] veth1_vlan: entered promiscuous mode [ 1516.628300][ T2171] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1516.676600][ T3913] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1516.694284][ T3913] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1516.700911][ T3913] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1518.445335][ T3773] veth0_macvtap: entered promiscuous mode [ 1519.367438][ T3773] veth1_macvtap: entered promiscuous mode [ 1522.683577][ T24] audit: type=1400 audit(1521.880:170): avc: denied { unmount } for pid=3769 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 1523.454917][ T3467] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1523.501411][ T3913] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1523.574482][ T3913] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1523.658279][ T2156] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1531.554012][ T24] audit: type=1400 audit(1530.750:171): avc: denied { write } for pid=3998 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1541.994508][ T24] audit: type=1400 audit(1541.180:172): avc: denied { write } for pid=4010 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1575.039099][ T24] audit: type=1400 audit(1574.230:173): avc: denied { write } for pid=4025 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1586.093200][ T24] audit: type=1400 audit(1585.240:174): avc: denied { write } for pid=4036 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1603.685016][ T24] audit: type=1400 audit(1602.860:175): avc: denied { write } for pid=4045 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1615.365399][ T24] audit: type=1400 audit(1614.570:176): avc: denied { write } for pid=4055 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1640.311856][ T24] audit: type=1400 audit(1639.520:177): avc: denied { write } for pid=4071 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1649.476457][ T24] audit: type=1400 audit(1648.670:178): avc: denied { write } for pid=4080 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1666.121716][ T24] audit: type=1400 audit(1665.310:179): avc: denied { write } for pid=4085 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1677.655288][ T24] audit: type=1400 audit(1676.850:180): avc: denied { write } for pid=4096 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1697.895771][ T24] audit: type=1400 audit(1697.100:181): avc: denied { write } for pid=4106 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1707.303758][ T24] audit: type=1400 audit(1706.460:182): avc: denied { write } for pid=4119 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1742.854654][ T24] audit: type=1400 audit(1741.940:183): avc: denied { write } for pid=4138 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1753.433779][ T24] audit: type=1400 audit(1752.630:184): avc: denied { write } for pid=4151 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1778.455175][ T24] audit: type=1400 audit(1777.650:185): avc: denied { write } for pid=4168 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1790.164204][ T24] audit: type=1400 audit(1789.280:186): avc: denied { write } for pid=4175 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1812.673217][ T24] audit: type=1400 audit(1811.810:187): avc: denied { write } for pid=4190 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1822.465506][ T24] audit: type=1400 audit(1821.670:188): avc: denied { write } for pid=4201 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1918.537244][ T24] audit: type=1400 audit(1917.750:189): avc: denied { write } for pid=4240 comm="syz.2.123" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=12274 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 1977.874443][ T24] audit: type=1400 audit(1977.020:190): avc: denied { write } for pid=4274 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1989.706535][ T24] audit: type=1400 audit(1988.870:191): avc: denied { write } for pid=4286 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2056.316932][ T4318] kvm [4318]: Failed to find VMA for hva 0x20d8d000 [ 2189.896033][ T24] audit: type=1400 audit(2189.090:192): avc: denied { write } for pid=4392 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2198.114958][ T24] audit: type=1400 audit(2197.310:193): avc: denied { write } for pid=4403 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2512.889642][ T24] audit: type=1400 audit(2512.090:194): avc: denied { write } for pid=4562 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2524.403723][ T24] audit: type=1400 audit(2523.610:195): avc: denied { write } for pid=4575 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2775.256877][ T4659] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2775.576744][ T4659] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2785.353912][ T4665] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2785.578882][ T4665] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2802.767816][ T4659] hsr_slave_0: entered promiscuous mode [ 2802.876345][ T4659] hsr_slave_1: entered promiscuous mode [ 2802.925141][ T4659] debugfs: 'hsr0' already exists in 'hsr' [ 2802.928237][ T4659] Cannot create hsr debugfs directory [ 2820.299045][ T4665] hsr_slave_0: entered promiscuous mode [ 2820.516831][ T4665] hsr_slave_1: entered promiscuous mode [ 2820.665745][ T4665] debugfs: 'hsr0' already exists in 'hsr' [ 2820.683997][ T4665] Cannot create hsr debugfs directory [ 2828.265251][ T4659] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 2828.648414][ T4659] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 2829.207225][ T4659] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 2829.401568][ T4659] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 2830.049340][ T4659] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 2830.376837][ T4659] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 2830.885392][ T4659] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 2831.019441][ T4659] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 2841.788187][ T4665] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 2842.287486][ T4665] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 2842.478545][ T4665] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 2842.870821][ T4665] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 2842.971659][ T4665] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 2843.421029][ T4665] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 2843.584645][ T4665] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 2844.016556][ T4665] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 2869.849482][ T4659] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2875.890380][ T4685] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2879.368651][ T4685] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2881.058573][ T4685] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2883.261162][ T4685] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2892.061141][ T4665] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2903.328386][ T4685] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2903.471738][ T4685] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2903.578039][ T4685] bond0 (unregistering): Released all slaves [ 2905.326637][ T4685] hsr_slave_0: left promiscuous mode [ 2905.440349][ T4685] hsr_slave_1: left promiscuous mode [ 2905.807813][ T4685] veth1_macvtap: left promiscuous mode [ 2905.824016][ T4685] veth0_macvtap: left promiscuous mode [ 2905.830490][ T4685] veth1_vlan: left promiscuous mode [ 2905.845638][ T4685] veth0_vlan: left promiscuous mode [ 2933.407332][ T4685] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2935.740440][ T4685] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2937.878918][ T4685] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2939.908196][ T4685] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2950.054048][ T24] audit: type=1400 audit(2949.200:196): avc: denied { write } for pid=4774 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2960.094077][ T24] audit: type=1400 audit(2959.190:197): avc: denied { write } for pid=4786 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2964.270993][ T4685] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2964.451836][ T4685] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2964.578952][ T4685] bond0 (unregistering): Released all slaves [ 2965.498463][ T3207] 8021q: adding VLAN 0 to HW filter on device eth9 [ 2966.694303][ T4685] hsr_slave_0: left promiscuous mode [ 2966.968091][ T4685] hsr_slave_1: left promiscuous mode [ 2967.355005][ T4685] veth1_macvtap: left promiscuous mode [ 2967.359885][ T4685] veth0_macvtap: left promiscuous mode [ 2967.378272][ T4685] veth1_vlan: left promiscuous mode [ 2967.395797][ T4685] veth0_vlan: left promiscuous mode [ 3003.995919][ T24] audit: type=1400 audit(3003.180:198): avc: denied { write } for pid=4797 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3012.823639][ T24] audit: type=1400 audit(3012.030:199): avc: denied { write } for pid=4807 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3017.650083][ T3207] 8021q: adding VLAN 0 to HW filter on device eth10 [ 3024.083584][ T24] audit: type=1400 audit(3023.270:200): avc: denied { write } for pid=4815 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3031.123728][ T24] audit: type=1400 audit(3030.330:201): avc: denied { write } for pid=4825 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3051.643916][ T24] audit: type=1400 audit(3050.850:202): avc: denied { write } for pid=4840 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3060.613748][ T24] audit: type=1400 audit(3059.790:203): avc: denied { write } for pid=4850 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3067.484320][ T3207] 8021q: adding VLAN 0 to HW filter on device eth11 [ 3068.064843][ T4659] veth0_vlan: entered promiscuous mode [ 3069.138634][ T4659] veth1_vlan: entered promiscuous mode [ 3072.986155][ T4659] veth0_macvtap: entered promiscuous mode [ 3073.431084][ T4659] veth1_macvtap: entered promiscuous mode [ 3076.780371][ T3426] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3076.800410][ T3426] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3076.835559][ T3426] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3076.841529][ T3426] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3088.835477][ T4665] veth0_vlan: entered promiscuous mode [ 3089.757378][ T24] audit: type=1400 audit(3088.950:204): avc: denied { write } for pid=4863 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3090.034610][ T4665] veth1_vlan: entered promiscuous mode [ 3093.947700][ T4665] veth0_macvtap: entered promiscuous mode [ 3094.798156][ T4665] veth1_macvtap: entered promiscuous mode [ 3098.468463][ T3780] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3098.606176][ T3780] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3098.617851][ T3780] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3098.663348][ T12] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3101.514970][ T24] audit: type=1400 audit(3100.700:205): avc: denied { write } for pid=4871 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3109.281091][ T3207] 8021q: adding VLAN 0 to HW filter on device eth12 [ 3134.171017][ T24] audit: type=1400 audit(3133.380:206): avc: denied { write } for pid=4887 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3145.035016][ T24] audit: type=1400 audit(3144.230:207): avc: denied { write } for pid=4897 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3152.309284][ T3207] 8021q: adding VLAN 0 to HW filter on device eth13 [ 3187.009600][ T24] audit: type=1400 audit(3186.130:208): avc: denied { write } for pid=4915 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3199.548607][ T24] audit: type=1400 audit(3198.750:209): avc: denied { write } for pid=4925 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3207.428903][ T3207] 8021q: adding VLAN 0 to HW filter on device eth14 [ 3233.204826][ T24] audit: type=1400 audit(3232.410:210): avc: denied { write } for pid=4946 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3240.603720][ T24] audit: type=1400 audit(3239.800:211): avc: denied { write } for pid=4949 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3245.527538][ T3207] 8021q: adding VLAN 0 to HW filter on device eth15 [ 3253.323745][ T24] audit: type=1400 audit(3252.520:212): avc: denied { write } for pid=4952 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3260.867811][ T24] audit: type=1400 audit(3260.060:213): avc: denied { write } for pid=4955 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3282.615485][ T4755] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3285.056209][ T4755] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3288.349842][ T4755] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3289.364911][ T24] audit: type=1400 audit(3288.550:214): avc: denied { write } for pid=4963 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3290.800450][ T4755] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3301.425324][ T24] audit: type=1400 audit(3300.630:215): avc: denied { write } for pid=4972 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3314.886652][ T4755] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3315.109904][ T4755] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3315.376622][ T4755] bond0 (unregistering): Released all slaves [ 3316.585980][ T3207] 8021q: adding VLAN 0 to HW filter on device eth16 [ 3318.469554][ T4755] hsr_slave_0: left promiscuous mode [ 3318.909673][ T4755] hsr_slave_1: left promiscuous mode [ 3319.554819][ T4755] veth1_macvtap: left promiscuous mode [ 3319.556777][ T4755] veth0_macvtap: left promiscuous mode [ 3319.581243][ T4755] veth1_vlan: left promiscuous mode [ 3319.695725][ T4755] veth0_vlan: left promiscuous mode [ 3344.850609][ T4755] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3347.111200][ T4755] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3349.080209][ T4755] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3350.910127][ T4755] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3361.236083][ T24] audit: type=1400 audit(3360.410:216): avc: denied { write } for pid=4993 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3370.178538][ T24] audit: type=1400 audit(3369.360:217): avc: denied { write } for pid=5002 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3373.109815][ T4755] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3373.328571][ T4755] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3373.556498][ T4755] bond0 (unregistering): Released all slaves [ 3375.499898][ T3207] 8021q: adding VLAN 0 to HW filter on device eth17 [ 3375.933699][ T4755] hsr_slave_0: left promiscuous mode [ 3376.009600][ T4755] hsr_slave_1: left promiscuous mode [ 3376.492692][ T4755] veth1_macvtap: left promiscuous mode [ 3376.573268][ T4755] veth0_macvtap: left promiscuous mode [ 3376.575947][ T4755] veth1_vlan: left promiscuous mode [ 3376.593718][ T4755] veth0_vlan: left promiscuous mode [ 3406.484113][ T24] audit: type=1400 audit(3405.610:218): avc: denied { write } for pid=5009 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3413.945681][ T24] audit: type=1400 audit(3413.140:219): avc: denied { write } for pid=5019 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3419.401196][ T3207] 8021q: adding VLAN 0 to HW filter on device eth18 [ 3428.015935][ T24] audit: type=1400 audit(3427.220:220): avc: denied { write } for pid=5030 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3434.714602][ T24] audit: type=1400 audit(3433.860:221): avc: denied { write } for pid=5041 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3435.906831][ T4969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3436.205916][ T4969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3439.646067][ T4965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3439.951153][ T4965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3455.264048][ T24] audit: type=1400 audit(3454.470:222): avc: denied { write } for pid=5054 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3461.994536][ T24] audit: type=1400 audit(3461.190:223): avc: denied { write } for pid=5064 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3464.599305][ T4969] hsr_slave_0: entered promiscuous mode [ 3464.671121][ T4969] hsr_slave_1: entered promiscuous mode [ 3466.620864][ T3207] 8021q: adding VLAN 0 to HW filter on device eth19 [ 3469.839112][ T4965] hsr_slave_0: entered promiscuous mode [ 3469.960966][ T4965] hsr_slave_1: entered promiscuous mode [ 3470.054386][ T4965] debugfs: 'hsr0' already exists in 'hsr' [ 3470.057904][ T4965] Cannot create hsr debugfs directory [ 3489.187275][ T4969] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 3489.727686][ T4969] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 3489.871459][ T4969] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 3490.280295][ T4969] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 3490.511490][ T4969] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 3491.057314][ T4969] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 3491.370993][ T4969] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 3491.767943][ T4969] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 3492.633086][ T24] audit: type=1400 audit(3491.840:224): avc: denied { write } for pid=5074 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3496.914729][ T4965] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 3497.525605][ T4965] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 3497.656055][ T4965] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 3498.038083][ T4965] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 3498.205809][ T4965] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 3498.797130][ T4965] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 3498.999307][ T4965] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 3499.405655][ T4965] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 3501.965017][ T24] audit: type=1400 audit(3501.140:225): avc: denied { write } for pid=5086 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3508.145345][ T3207] 8021q: adding VLAN 0 to HW filter on device eth20 [ 3527.289175][ T4969] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3530.684049][ T24] audit: type=1400 audit(3529.890:226): avc: denied { write } for pid=5109 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3532.781007][ T4965] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3542.664371][ T24] audit: type=1400 audit(3541.810:227): avc: denied { write } for pid=5115 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3550.038590][ T3207] 8021q: adding VLAN 0 to HW filter on device eth21 [ 3576.254277][ T24] audit: type=1400 audit(3575.420:228): avc: denied { write } for pid=5131 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3585.387652][ T24] audit: type=1400 audit(3584.600:229): avc: denied { write } for pid=5141 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3592.687265][ T3207] 8021q: adding VLAN 0 to HW filter on device eth22 [ 3606.035173][ T24] audit: type=1400 audit(3605.220:230): avc: denied { write } for pid=5149 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3616.773880][ T24] audit: type=1400 audit(3615.960:231): avc: denied { write } for pid=5159 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3643.545221][ T24] audit: type=1400 audit(3642.730:232): avc: denied { write } for pid=5175 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3654.324481][ T24] audit: type=1400 audit(3653.440:233): avc: denied { write } for pid=5186 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3662.028673][ T3207] 8021q: adding VLAN 0 to HW filter on device eth23 [ 3673.415622][ T24] audit: type=1400 audit(3672.610:234): avc: denied { write } for pid=5193 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3684.216137][ T24] audit: type=1400 audit(3683.410:235): avc: denied { write } for pid=5203 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3687.807028][ T4969] veth0_vlan: entered promiscuous mode [ 3688.909968][ T4969] veth1_vlan: entered promiscuous mode [ 3692.530203][ T4965] veth0_vlan: entered promiscuous mode [ 3694.715785][ T4965] veth1_vlan: entered promiscuous mode [ 3695.959357][ T4969] veth0_macvtap: entered promiscuous mode [ 3697.074652][ T4969] veth1_macvtap: entered promiscuous mode [ 3701.005349][ T4965] veth0_macvtap: entered promiscuous mode [ 3702.317365][ T4965] veth1_macvtap: entered promiscuous mode [ 3702.929670][ T3426] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3702.936990][ T3426] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3703.005980][ T3913] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3703.084030][ T2171] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3709.927809][ T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3710.253298][ T3913] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3710.278731][ T4755] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3710.643832][ T4754] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3720.277635][ T24] audit: type=1400 audit(3719.490:236): avc: denied { write } for pid=5211 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3736.299678][ T24] audit: type=1400 audit(3735.490:237): avc: denied { write } for pid=5222 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3746.840990][ T3207] 8021q: adding VLAN 0 to HW filter on device eth24 [ 3811.897514][ T24] audit: type=1400 audit(3811.110:238): avc: denied { write } for pid=5256 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3825.453676][ T24] audit: type=1400 audit(3824.650:239): avc: denied { write } for pid=5264 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3861.649609][ T24] audit: type=1400 audit(3860.850:240): avc: denied { write } for pid=5281 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3877.000639][ T24] audit: type=1400 audit(3876.210:241): avc: denied { write } for pid=5291 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3902.960610][ T24] audit: type=1400 audit(3902.160:242): avc: denied { write } for pid=5297 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3918.083681][ T24] audit: type=1400 audit(3917.260:243): avc: denied { write } for pid=5305 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4003.156653][ T24] audit: type=1400 audit(4002.340:244): avc: denied { write } for pid=5350 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4018.627057][ T24] audit: type=1400 audit(4017.810:245): avc: denied { write } for pid=5363 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4056.833680][ T24] audit: type=1400 audit(4056.000:246): avc: denied { write } for pid=5381 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4070.388600][ T24] audit: type=1400 audit(4069.550:247): avc: denied { write } for pid=5389 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4100.825719][ T24] audit: type=1400 audit(4100.030:248): avc: denied { write } for pid=5406 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4109.135174][ T24] audit: type=1400 audit(4108.340:249): avc: denied { write } for pid=5409 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4121.991887][ T24] audit: type=1400 audit(4121.200:250): avc: denied { write } for pid=5411 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4133.134561][ T24] audit: type=1400 audit(4132.320:251): avc: denied { write } for pid=5416 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4166.594761][ T24] audit: type=1400 audit(4165.770:252): avc: denied { write } for pid=5422 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4179.006349][ T24] audit: type=1400 audit(4178.220:253): avc: denied { write } for pid=5432 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4209.237151][ T3780] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4213.895038][ T3780] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4217.229094][ T3780] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4219.975883][ T3780] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4237.406306][ T24] audit: type=1400 audit(4236.610:254): avc: denied { write } for pid=5453 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4248.814942][ T24] audit: type=1400 audit(4247.990:255): avc: denied { write } for pid=5466 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4256.949901][ T3780] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 4257.995123][ T3780] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 4259.259771][ T3780] bond0 (unregistering): Released all slaves [ 4263.173510][ T3780] hsr_slave_0: left promiscuous mode [ 4263.318353][ T3780] hsr_slave_1: left promiscuous mode [ 4264.223868][ T3780] veth1_macvtap: left promiscuous mode [ 4264.224986][ T3780] veth0_macvtap: left promiscuous mode [ 4264.240209][ T3780] veth1_vlan: left promiscuous mode [ 4264.274252][ T3780] veth0_vlan: left promiscuous mode [ 4296.646738][ T3780] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4298.636929][ T3780] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4301.087578][ T3780] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4303.845947][ T3780] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4311.075185][ T24] audit: type=1400 audit(4310.220:256): avc: denied { write } for pid=5483 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4324.477827][ T24] audit: type=1400 audit(4323.690:257): avc: denied { write } for pid=5496 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4336.474214][ T3780] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 4337.184561][ T3780] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 4337.498435][ T3780] bond0 (unregistering): Released all slaves [ 4338.651746][ T3207] 8021q: adding VLAN 0 to HW filter on device eth25 [ 4342.130071][ T3780] hsr_slave_0: left promiscuous mode [ 4342.264034][ T3780] hsr_slave_1: left promiscuous mode [ 4342.678929][ T3780] veth1_macvtap: left promiscuous mode [ 4342.739813][ T3780] veth0_macvtap: left promiscuous mode [ 4342.750157][ T3780] veth1_vlan: left promiscuous mode [ 4342.763822][ T3780] veth0_vlan: left promiscuous mode [ 4364.006163][ T5420] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4365.718652][ T5420] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4368.588248][ T5423] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4369.270108][ T5423] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4392.715031][ T24] audit: type=1400 audit(4391.900:258): avc: denied { write } for pid=5515 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4401.463252][ T24] audit: type=1400 audit(4400.670:259): avc: denied { write } for pid=5525 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4404.979580][ T5420] hsr_slave_0: entered promiscuous mode [ 4405.077125][ T5420] hsr_slave_1: entered promiscuous mode [ 4407.118199][ T3207] 8021q: adding VLAN 0 to HW filter on device eth26 [ 4408.720867][ T5423] hsr_slave_0: entered promiscuous mode [ 4408.800745][ T5423] hsr_slave_1: entered promiscuous mode [ 4408.841408][ T5423] debugfs: 'hsr0' already exists in 'hsr' [ 4408.923449][ T5423] Cannot create hsr debugfs directory [ 4415.394772][ T24] audit: type=1400 audit(4414.530:260): avc: denied { write } for pid=5530 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4422.345221][ T24] audit: type=1400 audit(4421.490:261): avc: denied { write } for pid=5534 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4429.987821][ T5420] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 4430.996221][ T5420] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 4431.171461][ T5420] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 4432.006308][ T5420] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 4432.295642][ T5420] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 4433.047042][ T5420] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 4434.464373][ T5420] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 4434.956659][ T5420] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 4439.536045][ T24] audit: type=1400 audit(4438.730:262): avc: denied { write } for pid=5538 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4441.717562][ T5423] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 4442.287738][ T5423] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 4442.538443][ T5423] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 4443.096935][ T5423] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 4443.201757][ T5423] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 4443.771932][ T5423] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 4444.068030][ T5423] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 4444.520387][ T5423] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 4453.036606][ T24] audit: type=1400 audit(4452.150:263): avc: denied { write } for pid=5559 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4480.210582][ T5420] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4486.190678][ T5423] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4493.136256][ T24] audit: type=1400 audit(4492.330:264): avc: denied { write } for pid=5574 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4505.184940][ T24] audit: type=1400 audit(4504.390:265): avc: denied { write } for pid=5584 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4513.550661][ T3207] 8021q: adding VLAN 0 to HW filter on device eth27 [ 4545.554917][ T24] audit: type=1400 audit(4544.750:266): avc: denied { write } for pid=5600 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4557.609171][ T24] audit: type=1400 audit(4556.800:267): avc: denied { write } for pid=5609 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4566.149985][ T3207] 8021q: adding VLAN 0 to HW filter on device eth28 [ 4660.270061][ T5420] veth0_vlan: entered promiscuous mode [ 4661.726525][ T5420] veth1_vlan: entered promiscuous mode [ 4666.484731][ T5423] veth0_vlan: entered promiscuous mode [ 4668.809797][ T5420] veth0_macvtap: entered promiscuous mode [ 4669.098425][ T5423] veth1_vlan: entered promiscuous mode [ 4670.095523][ T5420] veth1_macvtap: entered promiscuous mode [ 4677.611120][ T5423] veth0_macvtap: entered promiscuous mode [ 4678.764166][ T4755] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 4678.914927][ T4968] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 4678.956460][ T5127] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 4678.969586][ T5127] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 4679.429554][ T5423] veth1_macvtap: entered promiscuous mode [ 4688.485125][ T3426] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 4688.507258][ T3426] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 4688.685421][ T3426] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 4688.717629][ T3426] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 4904.905351][ T24] audit: type=1400 audit(4903.970:268): avc: denied { write } for pid=5758 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4919.446738][ T24] audit: type=1400 audit(4918.630:269): avc: denied { write } for pid=5768 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4937.861002][ T3207] 8021q: adding VLAN 0 to HW filter on device eth29 [ 4954.214927][ T24] audit: type=1400 audit(4953.390:270): avc: denied { write } for pid=5779 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4968.023812][ T24] audit: type=1400 audit(4967.210:271): avc: denied { write } for pid=5786 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5035.258694][ T5759] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 5035.880817][ T5759] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 5057.591737][ T5765] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 5058.259449][ T5765] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 5098.535678][ T5759] hsr_slave_0: entered promiscuous mode [ 5098.680532][ T5759] hsr_slave_1: entered promiscuous mode [ 5098.869464][ T5759] debugfs: 'hsr0' already exists in 'hsr' [ 5098.946543][ T5759] Cannot create hsr debugfs directory [ 5099.334729][ T24] audit: type=1400 audit(5098.520:272): avc: denied { write } for pid=5836 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5114.406444][ T24] audit: type=1400 audit(5113.590:273): avc: denied { write } for pid=5845 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5130.201524][ T5765] hsr_slave_0: entered promiscuous mode [ 5130.518785][ T5765] hsr_slave_1: entered promiscuous mode [ 5130.591590][ T5765] debugfs: 'hsr0' already exists in 'hsr' [ 5130.745180][ T5765] Cannot create hsr debugfs directory [ 5145.657059][ T24] audit: type=1400 audit(5144.850:274): avc: denied { write } for pid=5848 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5161.129419][ T24] audit: type=1400 audit(5160.270:275): avc: denied { write } for pid=5855 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5172.410123][ T3207] 8021q: adding VLAN 0 to HW filter on device eth30 [ 5178.438481][ T5759] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 5179.151287][ T5759] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 5179.496975][ T5759] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 5180.098594][ T5759] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 5183.694233][ T5759] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 5185.019069][ T5759] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 5185.385499][ T5759] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 5185.911356][ T5759] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 5197.864632][ T24] audit: type=1400 audit(5196.950:276): avc: denied { write } for pid=5860 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5210.626618][ T5765] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 5211.400068][ T5765] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 5211.661666][ T5765] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 5212.186460][ T5765] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 5212.459275][ T5765] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 5213.121784][ T5765] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 5213.340958][ T5765] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 5213.843209][ T24] audit: type=1400 audit(5212.990:277): avc: denied { write } for pid=5872 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5214.069429][ T5765] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 5225.819779][ T3207] 8021q: adding VLAN 0 to HW filter on device eth31 [ 5251.305123][ T5759] 8021q: adding VLAN 0 to HW filter on device bond0 [ 5251.794258][ T24] audit: type=1400 audit(5250.870:278): avc: denied { write } for pid=5889 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5269.617593][ T24] audit: type=1400 audit(5268.750:279): avc: denied { write } for pid=5897 comm="rm" name="hook-state" dev="tmpfs" ino=107 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 5269.945913][ T5765] 8021q: adding VLAN 0 to HW filter on device bond0 [ 5280.677554][ T3207] 8021q: adding VLAN 0 to HW filter on device eth32 [ 5283.220066][ T26] INFO: task syz.9.303:5745 blocked for more than 430 seconds. [ 5283.377138][ T26] Not tainted syzkaller #0 [ 5283.394902][ T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 5283.395578][ T26] task:syz.9.303 state:D stack:0 pid:5745 tgid:5745 ppid:5423 task_flags:0x400040 flags:0x00000011 [ 5283.397047][ T26] Call trace: [ 5283.397539][ T26] __switch_to+0x5e0/0xb70 (T) [ 5283.400290][ T26] __schedule+0x2554/0x3828 [ 5283.400805][ T26] schedule+0xac/0x278 [ 5283.401248][ T26] schedule_timeout+0x68/0x1ec [ 5283.401687][ T26] do_wait_for_common+0x270/0x428 [ 5283.645275][ T26] wait_for_completion+0x44/0x5c [ 5283.645905][ T26] __synchronize_srcu+0x1b4/0x1f4 [ 5283.646436][ T26] synchronize_srcu+0x668/0x8dc [ 5283.646989][ T26] mmu_notifier_unregister+0x320/0x428 [ 5283.647522][ T26] kvm_put_kvm+0x69c/0xbbc [ 5283.647970][ T26] kvm_vm_release+0x58/0x78 [ 5283.648425][ T26] __fput+0x4ac/0x978 [ 5283.649346][ T26] ____fput+0x20/0x30 [ 5283.649811][ T26] task_work_run+0x1b8/0x250 [ 5283.650287][ T26] exit_to_user_mode_loop+0x110/0x188 [ 5283.650741][ T26] el0_svc+0x184/0x238 [ 5283.651226][ T26] el0t_64_sync_handler+0x84/0x12c [ 5283.651680][ T26] el0t_64_sync+0x198/0x19c SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 5283.857393][ T26] [ 5283.857393][ T26] Showing all locks held in the system: [ 5283.858078][ T26] 3 locks held by kworker/u4:0/12: [ 5283.858690][ T26] 1 lock held by khungtaskd/26: [ 5283.859078][ T26] #0: ffff800087db4518 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x0/0x44 [ 5283.861567][ T26] 1 lock held by klogd/3170: [ 5283.861944][ T26] 2 locks held by dhcpcd/3207: [ 5283.986541][ T26] 2 locks held by getty/3235: [ 5283.987055][ T26] #0: 36f000001276e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c [ 5283.988914][ T26] #1: e6ff80008cb4b2e8 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x314/0x1214 [ 5283.990631][ T26] 2 locks held by syz-executor/3368: [ 5283.990969][ T26] 2 locks held by kworker/u4:2/3426: [ 5283.991338][ T26] 2 locks held by kworker/u4:3/3780: [ 5283.991649][ T26] #0: fcf000000d036540 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x804/0x1d5c [ 5284.126732][ T26] #1: ffff80008fff7cb8 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x890/0x1d5c [ 5284.128418][ T26] 3 locks held by kworker/u4:9/3913: [ 5284.128767][ T26] 3 locks held by kworker/u4:8/4735: [ 5284.129105][ T26] 2 locks held by kworker/u4:12/4755: [ 5284.129390][ T26] #0: fcf000000d036540 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x804/0x1d5c [ 5284.131223][ T26] #1: ffff80008e247cb8 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x890/0x1d5c [ 5284.286555][ T26] 3 locks held by kworker/u4:13/5127: [ 5284.286955][ T26] 3 locks held by kworker/u4:5/5443: [ 5284.287348][ T26] 3 locks held by kworker/u4:15/5591: [ 5284.287658][ T26] 2 locks held by syz.8.302/5739: [ 5284.288021][ T26] 2 locks held by kworker/u4:7/5901: [ 5284.288471][ T26] [ 5284.288722][ T26] ============================================= [ 5284.288722][ T26] [ 5284.289678][ T26] Kernel panic - not syncing: hung_task: blocked tasks [ 5284.300217][ T26] CPU: 0 UID: 0 PID: 26 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT [ 5284.301880][ T26] Hardware name: linux,dummy-virt (DT) [ 5284.302947][ T26] Call trace: [ 5284.303830][ T26] show_stack+0x2c/0x3c (C) [ 5284.305007][ T26] __dump_stack+0x30/0x40 [ 5284.306036][ T26] dump_stack_lvl+0x30/0x12c [ 5284.307098][ T26] dump_stack+0x1c/0x28 [ 5284.308159][ T26] vpanic+0x4cc/0x844 [ 5284.309041][ T26] vpanic+0x0/0x844 [ 5284.309899][ T26] hung_task_panic+0x0/0x2c [ 5284.310975][ T26] kthread+0x4d4/0x51c [ 5284.311979][ T26] ret_from_fork+0x10/0x20 [ 5284.313910][ T26] Kernel Offset: disabled [ 5284.314748][ T26] CPU features: 0x00000000,0034600b,f7c647a1,057ffe1f [ 5284.316087][ T26] Memory Limit: none [ 5284.318426][ T26] Rebooting in 86400 seconds..