last executing test programs: 1h3m30.310176692s ago: executing program 0 (id=56): ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x41, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) r4 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x1, 0x5, &(0x7f0000000140)=0x6}) r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000b80)={0x0, &(0x7f0000000080)=[@hvc={0x32, 0x40, {0x84000009, [0x9, 0x8, 0x8000, 0x603c8354, 0x200]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, 0x0) syz_kvm_vgic_v3_setup(r1, 0x2, 0x80) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000100)={0x4, 0xffffffffffffffff}) ioctl$KVM_GET_DEVICE_ATTR(r9, 0x4018aee2, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 1h3m20.456168728s ago: executing program 0 (id=57): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@smc={0x1e, 0x40, {0xc4000004, [0x200, 0xfffffffffffffffa, 0x8, 0x1eb, 0x9]}}, @code={0xa, 0xe8, {"a00c81d20020b0f2610080d2020080d2c30180d2040080d2020000d4007008d5a04e88d200e0b0f2c10180d2e20180d2a30080d2c40080d2020000d4e0868fd20060b8f2810180d2820180d2630180d2440180d2020000d4007008d5000028d5409c80d200c0b0f2610080d2a20080d2e30180d2c40180d2020000d4401f92d200c0b8f2e10080d2420180d2e30080d2c40180d2020000d4204b84d200e0b8f2610080d2020180d2a30080d2840180d2020000d41f2003d5"}}, @mrs={0xbe, 0x18, {0x603000000013c602}}, @smc={0x1e, 0x40, {0x40, [0x1, 0x9, 0x8001, 0x9, 0x4]}}, @hvc={0x32, 0x40, {0x6000000, [0x8000000000000001, 0xfffffffffffffff4, 0x2, 0x1, 0xfffffffffffffbfe]}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x6b}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffd0, 0xfff, 0xc}}, @mrs={0xbe, 0x18, {0x603000000013df05}}, @memwrite={0x6e, 0x30, @generic={0x3000, 0x77d, 0x1, 0x2}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x247}}, @eret={0xe6, 0x18, 0x6}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x100, 0x4, 0x6}}, @mrs={0xbe, 0x18, {0x603000000013c65e}}], 0x2cc}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0x40087602, 0x20000000) (async) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000000)={0x7}) r6 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x0, r6}) (async) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000}) (async) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f00000000c0)={0x8}) (async) ioctl$KVM_SIGNAL_MSI(r4, 0x4020aea5, &(0x7f0000000000)={0x6000}) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8}) (async) r7 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2) r10 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r9, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000300)="fb4149dd033b8986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67525673312b01040000000000002627e7000000000000000200", 0x0, 0xfffffffffffffe73) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r9, 0x0) (async) r11 = eventfd2(0x70, 0x0) close(r11) (async) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) (async) write$eventfd(r11, &(0x7f0000000100)=0xfffffffffffffffe, 0x8) r12 = eventfd2(0x0, 0x0) close(r12) close(0xffffffffffffffff) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xc0c82, 0x0) 1h3m19.361555643s ago: executing program 1 (id=58): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r1, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000540)={0x0, &(0x7f0000000300)=[@code={0xa, 0x3c, {"007008d50004002f007008d500f8b07e0000209e007008d5000008d50084ff0d007008d5000040bd"}}, @mrs={0xbe, 0x18, {0x603000000013e6d4}}, @eret={0xe6, 0x18, 0x4}, @code={0xa, 0x54, {"0020c00c007008d500a8312e0000005c00c8302e007008d5a08d95d200e0b8f2210080d2020180d2e30180d2e40180d2020000d400e4200e0060e00d00ec207e"}}, @smc={0x1e, 0x40, {0x80000000, [0x3ffe35b8, 0xfffffffffffffffd, 0x8d0, 0x1, 0x7]}}, @svc={0x122, 0x40, {0x400, [0x4, 0x1, 0x3, 0x224, 0x7]}}, @hvc={0x32, 0x40, {0x86000000, [0x1ff, 0x4, 0x4, 0x4, 0xd]}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x1, 0x3, 0xa, 0x0, 0x800, 0x1}}, @msr={0x14, 0x20, {0x603000000013da29, 0x9}}, @svc={0x122, 0x40, {0x80007fff, [0x5, 0x8001, 0xae8, 0xffffffffffffffff, 0x2]}}, @irq_setup={0x46, 0x18, {0x2, 0x13f}}], 0x220}, &(0x7f0000000580)=[@featur2={0x1, 0x7d}], 0x1) ioctl$KVM_GET_MP_STATE(r4, 0x8004ae98, &(0x7f00000005c0)) r5 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r3, 0x4010aeb5, &(0x7f00000002c0)={0x200}) ioctl$KVM_RUN(r6, 0xae80, 0x0) munmap(&(0x7f0000800000/0x800000)=nil, 0x800000) 1h3m12.647599663s ago: executing program 1 (id=59): munmap(&(0x7f0000e8b000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xc) syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0x0, 0x0, 0x0, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000011000/0x3000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) r2 = mmap$KVM_VCPU(&(0x7f0000002000/0x4000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f00000000c0)={0xbbfbfe6201889764, 0xffffffffffffffff, 0x1}) 1h3m9.121591785s ago: executing program 0 (id=60): openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x10c00, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000240)={0x1fe, 0x3, 0xdddd1000, 0x1000, &(0x7f0000fff000/0x1000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f00000000c0)={0x2, 0x3, 0x7000, 0x2000, &(0x7f000000f000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000200)={0x1fd, 0x0, 0xeeee0000, 0x1000, &(0x7f0000ffd000/0x1000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000fff000/0x1000)=nil}) r6 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000200)={0x0, &(0x7f0000000500)}, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f0000000000)=@x86={0x9, 0x80, 0x2, 0x0, 0x0, 0x2, 0x6e, 0xfb, 0x46, 0x4, 0x8, 0xb9, 0x0, 0x8d0, 0xffffff7c, 0x4, 0x5, 0xec, 0x9, '\x00', 0xff, 0x80000001}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000e51000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x0, 0x1000008, 0x13112, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000300)={0x0, &(0x7f0000000000)=[@hvc={0x32, 0x40, {0xc4000053, [0xa, 0x0, 0x0, 0x6, 0x800]}}], 0x40}, 0x0, 0x0) ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, &(0x7f0000000000)={0x5, 0x18}) mmap$KVM_VCPU(&(0x7f0000528000/0x2000)=nil, 0x0, 0x700000e, 0x4000010, r6, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) 1h3m6.281267419s ago: executing program 1 (id=61): r0 = openat$kvm(0x0, 0x0, 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x29) r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r3, 0x4b47, 0xfffffffffffffffe) r4 = mmap$KVM_VCPU(&(0x7f0000daf000/0x3000)=nil, 0x0, 0x1000005, 0x8010, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000000)="d744063e05e47351b0db254a90de0100bb010e629a0263bf39c3280303c1f4a89f3e6d0823f5494c5af587757f963f25d3027708645f5e72acb31245e0e71b06e93840dca27ce9b3", 0x0, 0x48) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) r7 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r6, 0x2, 0x12, r5, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f00000002c0)="fb016bddfb405ee52cc6a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb2070000000000000000000000c20cecfa0a97ab7800", 0x0, 0x48) r8 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r12, 0x4010aeab, &(0x7f0000000180)=@arm64_sys={0x603000000013c2b1, 0x0}) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) r17 = ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x1) ioctl$KVM_ARM_VCPU_INIT(r17, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1}) ioctl$KVM_SET_ONE_REG(r17, 0x4010aeac, &(0x7f00000000c0)=@arm64_fw={0x6030000000140000, &(0x7f0000000180)=0x7}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x9, 0xb, 0x0, 0x2, 0x6, 0x6, 0x6, 0x48, 0x88, 0xfb, 0x9, 0x0, 0xb, 0x6, 0xa, 0x3, 0x8, 0x1, '\x00', 0x10, 0x6}) ioctl$KVM_CREATE_DEVICE(r14, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r18, &(0x7f00000001c0)=0x3, 0x10) 1h2m56.765548791s ago: executing program 0 (id=62): mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x1000000) munmap(&(0x7f0000584000/0x800000)=nil, 0x800000) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x27) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CLEAR_DIRTY_LOG(r3, 0xc018aec0, &(0x7f00000007c0)={0x2, 0x2c0, 0x200, &(0x7f00000003c0)=[0x9, 0x8, 0xffffffff80000001, 0x6, 0x21e2, 0x1000, 0x800, 0x5, 0x0, 0xa160, 0x8, 0x8, 0xb, 0x80000000, 0x7, 0x8, 0x9e, 0x3, 0x9, 0x0, 0x3, 0x7, 0x1, 0x0, 0x6, 0x0, 0xde0f, 0xc3, 0x80000000, 0x4, 0x4ba0, 0x10000, 0xffffffff, 0x0, 0x7, 0x9, 0x800, 0x5, 0x0, 0x2, 0x7f5, 0x5, 0x5, 0x2, 0xfffffffffffffff4, 0x3a7d, 0x3, 0x6, 0x8001, 0x1, 0x200, 0xffffffffffffa323, 0x5, 0x6, 0x100, 0x7f, 0x2, 0x1, 0x3, 0x9, 0x7, 0x100000001, 0x6, 0x2, 0x6, 0x196, 0x10001, 0x1, 0x9, 0x10000, 0x8, 0x81, 0x5, 0x9, 0x5, 0x8000, 0x4, 0x304d8a97, 0xff, 0x6, 0x5128, 0x34680000080, 0x7, 0x7d, 0x7, 0x6a7, 0x8001, 0x1c, 0xb, 0x200, 0x0, 0x1, 0xcd8, 0x40, 0x5, 0x4, 0x3, 0x100000000, 0xfffffffffffff006, 0x5, 0x6, 0x101, 0x5, 0xcf, 0x10000, 0xcb7, 0x3, 0x7, 0x8, 0xffffffffffffffff, 0xffffffffffffffff, 0x8, 0xa, 0x8, 0x4, 0x7fff, 0x4, 0xfffffffffffffffa, 0x2, 0xfffffffffffffff7, 0x100, 0x9, 0x6, 0x26, 0x80000001, 0xc, 0x4, 0x5]}) ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f00000000c0)={0x58000, 0xeeee8000, 0x0, 0x0, 0x81}) r4 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bc2000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=[@featur2={0x1, 0x2}], 0x1) ioctl$KVM_SET_GUEST_DEBUG_arm64(r5, 0x4208ae9b, &(0x7f00000001c0)={0x3, 0x0, {[0x2, 0xd6, 0x504, 0xf2f, 0x2, 0x8, 0x100000001, 0xa4, 0xfb, 0x4b3, 0xc, 0x8, 0x0, 0xf, 0xc], [0x6, 0x3, 0xee, 0x3ff, 0x4, 0x3, 0x4, 0x4, 0x5b, 0x2, 0x6, 0x6f2, 0x3, 0x8000000000008, 0xa38], [0x0, 0x1, 0x100, 0xc2ec, 0x1, 0x5, 0x9, 0x7fff, 0x7, 0x80000000, 0x6, 0xfffffffffffffffb, 0x6, 0x4, 0x4, 0x1], [0x2, 0x89c8, 0xed, 0x0, 0x7, 0x7, 0x7, 0x7, 0x3, 0x2, 0x1, 0x400, 0x3ff, 0x49e4, 0x0, 0x9]}}) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4040aea0, &(0x7f0000000100)=@arm64={0x4e, 0x2, 0x0, '\x00', 0x4}) ioctl$KVM_GET_VCPU_EVENTS(r9, 0x8040ae9f, &(0x7f0000000000)=@arm64) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r5, 0x4000ae84, &(0x7f0000000400)={{0xeeef0000, 0x9000, 0xb, 0x3, 0x81, 0x51, 0x1, 0x9, 0xfd, 0x2, 0x8, 0x6}, {0x25000, 0x1, 0x3, 0x5, 0x0, 0x5, 0x8, 0x71, 0x2, 0x32, 0x6, 0xf6}, {0x2, 0xa000, 0x8, 0x3, 0x3, 0xf5, 0x1d, 0x2, 0x4, 0xe, 0x9, 0x2}, {0x1000, 0x200000, 0xe, 0xd, 0x40, 0x3, 0x7, 0xe, 0x8, 0x8, 0x24, 0x2}, {0x80a0000, 0x8000000, 0x4, 0x9, 0x4, 0x10, 0x2, 0x6, 0x2, 0x3, 0x6, 0x1}, {0x70000, 0x54000, 0x10, 0x9, 0x80, 0x2, 0x8, 0x4, 0x5, 0x3, 0x6}, {0xfec00000, 0x0, 0xa, 0x57, 0x8, 0x4, 0x2, 0x5, 0x3, 0x4, 0x9b, 0x1b}, {0x4, 0xd000, 0xd, 0x0, 0x7, 0xe, 0x0, 0x3, 0xb, 0x95, 0x22, 0x9}, {0xf000, 0x6}, {0x1}, 0x10008, 0x0, 0x10000, 0x50288, 0x1, 0x5400, 0x40000, [0x4, 0x1, 0xfffffffffffff000, 0x8]}) 1h2m52.457767366s ago: executing program 1 (id=63): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x22) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r3, 0x1, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r5, 0x4018aee2, &(0x7f00000000c0)=@attr_pmu_irq={0x0, 0x0, 0x0, 0x0}) r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) r8 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x120) ioctl$KVM_RUN(r7, 0xae80, 0x0) close(r8) close(0x4) close(0x5) 1h2m45.450299965s ago: executing program 0 (id=64): syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000040)={0x0, &(0x7f0000000800)=[@smc={0x1e, 0x40, {0x84000011, [0x2000000100, 0x9, 0x4a8abc91, 0x8, 0x1]}}, @eret={0xe6, 0x18, 0x8}, @msr={0x14, 0x20, {0x603000000013e534, 0x74}}, @irq_setup={0x46, 0x18, {0x3, 0x87}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x3cf}}, @svc={0x122, 0x40, {0xff, [0xfffffffffffffffe, 0x6, 0x1, 0x10000, 0x9]}}, @code={0xa, 0x84, {"403a9cd20080b0f2410080d2c20180d2c30180d2a40180d2020000d4008008d51f000031008080c8602a8ed200c0b0f2210080d2820080d2830080d2840080d2020000d4000cc03c007008d540688ed200c0b0f2a10080d2c20180d2c30180d2a40180d2020000d4007008d5007008d5"}}, @msr={0x14, 0x20, {0x0, 0x79}}, @mrs={0xbe, 0x18, {0x603000000013df76}}, @its_setup={0x82, 0x28, {0x3, 0x0, 0x137}}, @msr={0x14, 0x20, {0x603000000013c214, 0x6}}, @irq_setup={0x46, 0x18, {0x2, 0x55}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x4, 0x3, 0x1ff, 0x1000}}, @hvc={0x32, 0x40, {0x8400000a, [0xe10, 0x7, 0xc, 0x9, 0xc00000000000]}}, @svc={0x122, 0x40, {0xc4000004, [0x3, 0x6, 0x1ff, 0xe3b, 0x6]}}, @mrs={0xbe, 0x18, {0x603000000013e08b}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x10, 0xffffffffffffffff, 0x1}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x24c}}], 0x32c}, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x19, 0x9b, 0xf, 0x0, 0x5, 0x8, 0x82, 0x42, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x100001, 0x129, 0x0, 0x3, 0xa, 0x8, '\x00', 0x1, 0x80000000}) (async) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x19, 0x9b, 0xf, 0x0, 0x5, 0x8, 0x82, 0x42, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x100001, 0x129, 0x0, 0x3, 0xa, 0x8, '\x00', 0x1, 0x80000000}) write$eventfd(r4, &(0x7f00000001c0)=0x3, 0x8e80) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0xc3033, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0xc3033, 0xffffffffffffffff, 0x0) 1h2m42.693215273s ago: executing program 1 (id=65): mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0) 1h2m40.589719177s ago: executing program 0 (id=66): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x1000007, 0x11, r2, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x28081, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000769000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000080)=[@featur2={0x1, 0x5}], 0x1) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) r6 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x2a) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000b80)={0x0, 0x0}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000000)=@arm64_fw={0x6030000000140000, &(0x7f0000000200)=0x10002}) r11 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000b80)={0x0, &(0x7f0000000100)=[@hvc={0x32, 0x40, {0x84000015, [0x100000001, 0x8000000000000000, 0xffffffffffffffff, 0xee24, 0xfffffffffffeffff]}}], 0x40}, &(0x7f0000000040)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r11, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000d, 0x24132, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00004bf000/0x400000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) r12 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000380)={0x0, &(0x7f0000000100)=[@smc={0x1e, 0x40, {0x84000004, [0x3, 0x3, 0x2, 0x3f8b, 0xf7b0]}}], 0x40}, &(0x7f00000000c0)=[@featur2={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r12, 0xae80, 0x0) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x1) 1h2m36.171931439s ago: executing program 1 (id=67): openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) (async, rerun: 64) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x165780, 0x0) (async, rerun: 64) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x88080, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x5, 0x2, 0x80a0000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x1000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x100, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_vgic_v3_setup(r6, 0x1, 0x100) ioctl$KVM_GET_DEVICE_ATTR(r7, 0x4018aee2, &(0x7f0000000000)=@attr_arm64={0x0, 0x3, 0x3, 0xffffffffffffffff}) (async, rerun: 32) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25) (rerun: 32) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_ASSIGN_SET_MSIX_NR(r9, 0x4008ae73, 0x0) (async) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000380)}, 0x0, 0x0) (async, rerun: 32) syz_kvm_vgic_v3_setup(r9, 0xffffffffffbffffc, 0x120) (rerun: 32) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async, rerun: 32) ioctl$KVM_RUN(r11, 0xae80, 0x0) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000d34000/0x2000)=nil, 0x0, 0x8, 0x4f830, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) (async, rerun: 64) ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f00000000c0)={0x6, 0x7}) (async, rerun: 64) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async, rerun: 64) ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000280)=@arm64_ccsidr={0x6020000000110006, &(0x7f0000000140)=0x7}) (rerun: 64) 1h1m54.708520107s ago: executing program 32 (id=66): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x1000007, 0x11, r2, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x28081, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000769000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000080)=[@featur2={0x1, 0x5}], 0x1) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) r6 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x2a) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000b80)={0x0, 0x0}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000000)=@arm64_fw={0x6030000000140000, &(0x7f0000000200)=0x10002}) r11 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000b80)={0x0, &(0x7f0000000100)=[@hvc={0x32, 0x40, {0x84000015, [0x100000001, 0x8000000000000000, 0xffffffffffffffff, 0xee24, 0xfffffffffffeffff]}}], 0x40}, &(0x7f0000000040)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r11, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000d, 0x24132, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00004bf000/0x400000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) r12 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000380)={0x0, &(0x7f0000000100)=[@smc={0x1e, 0x40, {0x84000004, [0x3, 0x3, 0x2, 0x3f8b, 0xf7b0]}}], 0x40}, &(0x7f00000000c0)=[@featur2={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r12, 0xae80, 0x0) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x1) 1h1m47.149894901s ago: executing program 33 (id=67): openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) (async, rerun: 64) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x165780, 0x0) (async, rerun: 64) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x88080, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x5, 0x2, 0x80a0000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000500)={0x5, 0x1, 0x1000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x100, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_vgic_v3_setup(r6, 0x1, 0x100) ioctl$KVM_GET_DEVICE_ATTR(r7, 0x4018aee2, &(0x7f0000000000)=@attr_arm64={0x0, 0x3, 0x3, 0xffffffffffffffff}) (async, rerun: 32) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25) (rerun: 32) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_ASSIGN_SET_MSIX_NR(r9, 0x4008ae73, 0x0) (async) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f0000000380)}, 0x0, 0x0) (async, rerun: 32) syz_kvm_vgic_v3_setup(r9, 0xffffffffffbffffc, 0x120) (rerun: 32) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async, rerun: 32) ioctl$KVM_RUN(r11, 0xae80, 0x0) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000d34000/0x2000)=nil, 0x0, 0x8, 0x4f830, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) (async, rerun: 64) ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f00000000c0)={0x6, 0x7}) (async, rerun: 64) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async, rerun: 64) ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000280)=@arm64_ccsidr={0x6020000000110006, &(0x7f0000000140)=0x7}) (rerun: 64) 45m3.190326407s ago: executing program 2 (id=181): openat$kvm(0x0, 0xfffffffffffffffe, 0x0, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013df65}}], 0x20}, &(0x7f0000000280)=[@featur1={0x1, 0x41}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) ioctl$KVM_RUN(r5, 0xae80, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000040)=@arm64={0x5, 0x2, 0x7f, '\x00', 0x200}) syz_kvm_add_vcpu$arm64(r7, &(0x7f00000002c0)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x81}], 0x1) r8 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c65d, 0xfffdffffc1af0ec0}}], 0x20}, 0x0, 0xffffffffffffff92) syz_kvm_add_vcpu$arm64(r6, 0x0, 0x0, 0x0) r9 = eventfd2(0x2, 0x0) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x30, 0x80a0000, 0x8, r9}) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000200)={0x3, 0xffffffffffffffff, 0x1}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x8002, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x2c) ioctl$KVM_SET_USER_MEMORY_REGION2(r11, 0x40a0ae49, &(0x7f0000000040)={0x1fd, 0x4, 0x10000, 0x2000, &(0x7f0000ffe000/0x2000)=nil, 0xfffffffffffff000}) syz_kvm_vgic_v3_setup(r1, 0x3, 0xa0) ioctl$KVM_RUN(r8, 0xae80, 0x0) 44m53.132561227s ago: executing program 2 (id=183): mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x0, 0x100000f, 0x8010, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0x0, 0x0, 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x400000, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x6, 0xa6, 0x9, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x0, 0x189, 0x0, 0x3, 0x5, 0x8, '\x00', 0x1, 0x96}) write$eventfd(r2, &(0x7f00000001c0)=0x3, 0xfdef) 44m44.615644547s ago: executing program 2 (id=186): mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x6030000000100050, 0x0}) (async) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) r4 = eventfd2(0x0, 0x0) close(r4) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x20400, 0x1f01) (async) write$eventfd(r4, &(0x7f0000000180)=0x5, 0xfffffde3) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) (async) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x22) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000240)={0x1fe, 0x3, 0xffff1000, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, 0x0) (async) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) 44m37.027698726s ago: executing program 2 (id=187): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000004}}], 0x50}, 0x0, 0x0) munmap(&(0x7f0000e77000/0x2000)=nil, 0x2000) r4 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000b46000/0x1000)=nil, 0x1000) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) munmap(&(0x7f0000fb0000/0x3000)=nil, 0x3000) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000bc7000/0x4000)=nil, 0x4000) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1c1800, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2b) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000aec000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000040)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4040aea0, &(0x7f00000000c0)=@arm64={0x7, 0x0, 0xfc, '\x00', 0x4}) ioctl$KVM_RUN(r9, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x4, 0x3, 0x0}) 44m23.857802671s ago: executing program 2 (id=189): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r3, r4, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100040, &(0x7f0000000000)=0x3bd}) (async) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_ASSIGN_SET_MSIX_NR(r6, 0x4008ae73, 0x0) (async) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000380)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x39d}}], 0x28}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r6, 0xffffffffffbffffc, 0x120) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_RUN(r8, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) r10 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) (async) r13 = eventfd2(0x0, 0x80000) ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x2, r13, 0x3}) r14 = eventfd2(0x8, 0x80800) ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000000, 0xeeef0000, 0x0, r14}) ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, 0x0) ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f0000000000)={0x203, 0x0, 0x2, r13, 0xf}) (async) r15 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000540)={0x0, &(0x7f0000000180)=[@svc={0x122, 0x40, {0x84000050, [0x5, 0x7, 0x3, 0x7, 0x80]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x48, 0x7fff, 0x2}}, @uexit={0x0, 0x6, 0xd}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x334}}, @hvc={0x32, 0x40, {0x1000, [0x71fb3cfa, 0x0, 0x2, 0xca4, 0x9]}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x4, 0xb, 0xffffffff, 0xffffffb1, 0x1}}, @uexit={0x0, 0x18, 0x3}, @hvc={0x32, 0x40, {0xc4000004, [0x0, 0x1, 0x1, 0x7fffffffffffffff]}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x1, 0xe, 0x0, 0x9, 0x3}}, @mrs={0xbe, 0x18, {0x603000000013df6d}}, @uexit={0x0, 0x18, 0x2}, @irq_setup={0x46, 0x18, {0x1, 0x285}}, @svc={0x122, 0x40, {0x86000000, [0x6, 0xfffffffffffffffd, 0x4, 0x0, 0x7]}}, @eret={0xe6, 0x18, 0x7}, @eret={0xe6, 0x18, 0x4}, @msr={0x14, 0x20, {0x603000000013dee3, 0x95}}, @eret={0xe6, 0x18, 0x6}, @svc={0x122, 0x40, {0x8400000b, [0xad, 0x9, 0x2, 0x2, 0x7]}}], 0x2c8}, &(0x7f0000000580)=[@featur1={0x1, 0xd4}], 0x1) ioctl$KVM_RUN(r15, 0xae80, 0x0) (async) ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, 0xfffffffffffffffe) 44m2.879915209s ago: executing program 2 (id=191): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000c01000/0x4000)=nil, r1, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x5, 0x0, 0x1000, 0x1000, &(0x7f0000275000/0x1000)=nil}) syz_kvm_setup_cpu$arm64(r3, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000280)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000040)={0x10001, 0x1, 0x5000, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000500)={0x2710, 0x0, 0x10000, 0x2000, &(0x7f0000000000/0x2000)=nil}) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x82c01, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x32) r7 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) 43m16.179678915s ago: executing program 34 (id=191): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000c01000/0x4000)=nil, r1, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x5, 0x0, 0x1000, 0x1000, &(0x7f0000275000/0x1000)=nil}) syz_kvm_setup_cpu$arm64(r3, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000280)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000040)={0x10001, 0x1, 0x5000, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000500)={0x2710, 0x0, 0x10000, 0x2000, &(0x7f0000000000/0x2000)=nil}) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x82c01, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x32) r7 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) 37m11.667348127s ago: executing program 3 (id=221): mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r6 = eventfd2(0x7, 0x80801) write$eventfd(r6, &(0x7f00000001c0)=0x6a, 0x8) r7 = eventfd2(0x0, 0x0) close(r7) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) r8 = openat$kvm(0x0, &(0x7f0000000200), 0x121040, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r9, r10, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f0000000080)=@arm64_core={0x603000000010003e, &(0x7f0000000100)=0xed5b}) write$eventfd(r7, &(0x7f0000000180)=0x5, 0xfffffde3) ioctl$KVM_GET_REGS(r2, 0x8360ae81, &(0x7f0000000240)) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x8, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) 36m49.099560805s ago: executing program 3 (id=222): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x2b47ac74fcb688ea, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000b7b000/0x400000)=nil) openat$kvm(0xffffffffffffff9c, 0x0, 0x200, 0x0) ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x189d80, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x26) ioctl$KVM_CAP_ARM_MTE(r8, 0x4068aea3, &(0x7f0000000200)={0x3e8}) syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000b7b000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000040)=@riscv64_timer={0x8030000004000000, &(0x7f0000000080)=0x4}) r9 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r10 = openat$kvm(0x0, &(0x7f0000000100), 0x650000, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x25) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r12, 0x4020aeae, &(0x7f0000000000)={0x0, 0x18}) ioctl$KVM_ARM_VCPU_FINALIZE(r12, 0x4004aec2, &(0x7f00000001c0)=0x4) openat$kvm(0x0, 0x0, 0x0, 0x0) close(0x4) close(0x5) r13 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, &(0x7f0000000040)}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r13, 0xae80, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac6cc4a22332a77b23b08986814d7bb14c94a6ab8031d10300000000b016243865a2a23d8f1f449a7a835673312b54ebb2aa7fc869d22627e700", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) 36m43.907323721s ago: executing program 4 (id=195): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) (async) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80403, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, r4, 0x2800002, 0x4010, 0xffffffffffffffff, 0x0) (async) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, r4, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, 0x0, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000000)=@arm64_fw={0x6030000000140000, &(0x7f0000000200)=0x10003}) (async) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async, rerun: 64) syz_kvm_vgic_v3_setup(r6, 0x1, 0x3a0) (async) ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3}) (async) r9 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r11, 0x4020aeae, &(0x7f0000000340)={0x5}) (async) ioctl$KVM_RUN(r11, 0xae80, 0x0) (async) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r10, 0x4010aeb5, &(0x7f0000000140)={0x1}) mmap$KVM_VCPU(&(0x7f0000fcf000/0x4000)=nil, 0x930, 0x2000003, 0x110, r8, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20000, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x2b) ioctl$KVM_CREATE_DEVICE(r13, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x8, 0xb, 0x0, 0x2, 0x6, 0x6, 0x6, 0x48, 0x88, 0xf5, 0x9, 0x0, 0x9, 0x6, 0xa, 0x3, 0x8, 0x0, '\x00', 0x10, 0x2}) (async) write$eventfd(r14, &(0x7f00000001c0)=0xff0, 0xe) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 36m37.258450494s ago: executing program 3 (id=223): r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x800, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000b46000/0x400000)=nil) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000240)={0x1fe, 0x3, 0xffff6000, 0x1000, &(0x7f0000e49000/0x1000)=nil}) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) r5 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r9, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_RUN(r9, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000300)=@attr_arm64={0x0, 0x4, 0x1, 0x0}) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000300)="fb4149dd033b8986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67525673312b01040000000000002627e7000000000000000200", 0x0, 0xfffffffffffffe73) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r2, 0x0) r11 = eventfd2(0x70, 0x0) close(r11) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) write$eventfd(r11, &(0x7f0000000100)=0xfffffffffffffffe, 0x8) r12 = eventfd2(0x0, 0x0) close(r12) r13 = eventfd2(0x0, 0x0) close(r13) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xc0c82, 0x0) mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, 0x930, 0x2000004, 0x2011, r13, 0x0) 36m19.425831781s ago: executing program 3 (id=224): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2ca2a29ea6abf4e7454e37c4b8540000409610fbff67521ce16f8f0a449a7a835673312b54ebf2aa76c869d22627c000160000000000017f3000", 0x0, 0x48) (async) r4 = mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) (async) openat$kvm(0x0, 0x0, 0x0, 0x0) (async) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x26) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4040aea0, 0x0) (async) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) (async) r10 = eventfd2(0x0, 0x0) close(r10) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) (async, rerun: 32) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async, rerun: 32) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000240)="f21bc75509bf71ba470236fc044800fff7ffffffd249f297e87fd600000000000000002000e4ff000000f500", 0x0, 0x48) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async) r13 = eventfd2(0x8, 0x0) write$eventfd(r13, &(0x7f0000000100)=0x5e, 0x8) (async) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r14, 0xae03, 0x17) munmap$KVM_VCPU(0x0, 0x1000000000) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) 36m18.965818319s ago: executing program 4 (id=225): munmap$KVM_VCPU(0x0, 0x1000000000) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c79000/0x4000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x22) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) 36m8.409866453s ago: executing program 4 (id=226): munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x80111500, 0x20000000) r0 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) r1 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x6, 0xf, 0x0, 0x5, 0x6, 0x86, 0x6, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x0, 0x800001, 0x0, 0x3, 0x5, 0x8, '\x00', 0x9, 0x93}) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$eventfd(r5, &(0x7f00000001c0)=0x3, 0xfdef) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000800000/0x800000)=nil, 0x800000) 36m1.921213949s ago: executing program 3 (id=227): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x7f, 0x4, 0x3, 0x0, 0x8, 0x9, 0xd, 0x8b, 0x4, 0x0, 0xf, 0x0, 0x0, 0x2, 0x6, 0x0, 0xd, 0xfe, 0xa, '\x00', 0x0, 0x8}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r2, &(0x7f00000001c0)=0x9, 0x1d) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r4, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x23) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x46cc00, 0x0) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x8003, 0x10000000004}}], 0x28}, 0x0, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) munmap(&(0x7f0000800000/0x800000)=nil, 0x800000) 35m47.609438201s ago: executing program 3 (id=228): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000a9c000/0x400000)=nil) r3 = ioctl$KVM_CREATE_GUEST_MEMFD(0xffffffffffffffff, 0xc040aed4, &(0x7f0000000240)={0x6, 0x3}) ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000340)={0x4, 0x2, 0x0, 0x2000, &(0x7f0000c91000/0x2000)=nil, 0x8, r3}) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80403, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_GUEST_MEMFD(r8, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3}) ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2) syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r9 = eventfd2(0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000004000/0x4000)=nil, 0x930, 0x0, 0x11, r9, 0x0) r10 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x9, 0x2, 0x0, 0xa, 0x1}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r6, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r10, 0xae80, 0x0) r12 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000300)=@riscv64_aia_csr={0x8030000003010001, &(0x7f0000000000)=0x2}) 35m45.178417739s ago: executing program 4 (id=229): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x38) r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000500)={0x0, &(0x7f0000000000)=[@svc={0x122, 0x40, {0x80000002, [0x3, 0x3fdb650d, 0xe0000, 0x9, 0xf51]}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x2, 0x0, 0x8, 0xe, 0x4}}, @hvc={0x32, 0x40, {0x8600ff01, [0x5, 0x6, 0x4, 0x6, 0x7fffffff]}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x4, 0x1, 0x6a94, 0x81, 0x2}}, @smc={0x1e, 0x40, {0x8400000c, [0x8000000000000000, 0x5, 0x2800000000000, 0x2, 0x1e]}}, @uexit={0x0, 0x18, 0x10}, @smc={0x1e, 0x40, {0xc4000005, [0x3, 0x7fff, 0xffffffffffffffff, 0xfffffffffffffff7, 0x9]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x0, 0x0, 0x9, 0x1867534d, 0x3}}, @eret={0xe6, 0x18, 0x8}, @code={0xa, 0x6c, {"000008d5007008d5000c80b8007008d5007008d5007008d50040200e201289d20060b8f2c10180d2020080d2e30080d2c40080d2020000d4000008d5e0f78dd200e0b8f2410080d2820080d2430080d2840180d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x0, 0x1, 0x7, 0xfffffff8, 0x4}}, @eret={0xe6, 0x18, 0x7fffffff}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0xfe60, 0x7, 0x8}}, @code={0xa, 0x6c, {"0000a00da0d982d20060b8f2010080d2e20080d2030080d2640180d2020000d400e4200e008008d5000028d50074000f0040204e007008d5c08c94d200c0b8f2610180d2e20180d2a30180d2440180d2020000d4000008d5"}}, @smc={0x1e, 0x40, {0x86000001, [0x3, 0x8, 0x8a3, 0x1, 0xf5c]}}, @code={0xa, 0x54, {"000028d50000c02c007008d5008008d5007008d5e0049bd20020b0f2810080d2620180d2630180d2040180d2020000d4007008d5007008d5000008d500008012"}}, @svc={0x122, 0x40, {0x84000005, [0xa, 0x7, 0x6, 0x5, 0x8]}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x3, 0x2, 0x100, 0x89, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x4, 0xd, 0x200, 0x8}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x4, 0x3, 0x1, 0x15, 0x4}}, @smc={0x1e, 0x40, {0x80008000, [0x3, 0x1, 0x0, 0x400, 0x4]}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x2e6}}, @smc={0x1e, 0x40, {0x20, [0x9, 0x49, 0x14, 0xc27, 0xffff]}}], 0x4e4}, &(0x7f0000000540)=[@featur1={0x1, 0x30}], 0x1) mmap$KVM_VCPU(&(0x7f0000ff9000/0x4000)=nil, 0x0, 0x5, 0x1010, r1, 0x0) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000580)={0xb, 0xffffffffffffffff, 0x1}) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xe) ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x9) r3 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000640)={0x0, &(0x7f00000005c0)=[@msr={0x14, 0x20, {0x603000000013c64b, 0xe}}, @mrs={0xbe, 0x18, {0x603000000013de94}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x137}}], 0x60}, &(0x7f0000000680)=[@featur1={0x1, 0xac}], 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r3, 0x4004ae8b, &(0x7f00000006c0)={0xcf, "52c1db7d9f10f6c01af7cdb52a06648941a3aab6c58fde93964b530987bbb00d582cca1aeca2d0a9f9e1872ab9c71c04dfdefbc6b2c462ae9bc89e98d369ad5ccf4a8fa3d963cd4c93b24bd7bbe359c9fdcf79db781a6d27513279ab3ccadbaaa0f5671b09611582c287b7b5ee1dc11f32266b6fd3ebc8f09d2d0c0164d16f2b966d0c5ad3d7767ed260b09da412b6bc69cae653acfb8cd72cffae138485c534ac436166ef2119c4f6c98ad50b800cf6494855a6532b9f5b664040964b50b2263904e349945712ecb01622d196e6a0"}) ioctl$KVM_GET_MP_STATE(r3, 0x8004ae98, &(0x7f00000007c0)) syz_kvm_vgic_v3_setup(r2, 0x2, 0x80) r4 = mmap$KVM_VCPU(&(0x7f0000ffc000/0x1000)=nil, 0x0, 0x2000009, 0x80010, r3, 0x0) syz_memcpy_off$KVM_EXIT_MMIO(r4, 0x20, &(0x7f0000000800)="d04964cc070885f05c95ad986b87049a1d346fbf34bc0f74", 0x0, 0x18) ioctl$KVM_RUN(r1, 0xae80, 0x0) r5 = ioctl$KVM_GET_STATS_FD_cpu(r3, 0xaece) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000880)=@riscv64_config={0x0, &(0x7f0000000840)=0x6}) write$eventfd(r5, &(0x7f00000008c0)=0x436f, 0x8) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r0, 0x4068aea3, &(0x7f0000000900)={0xe4, 0x0, 0x80000001}) ioctl$KVM_SET_SIGNAL_MASK(r3, 0x4004ae8b, &(0x7f0000000980)={0x89, "067f730b848e44cfd585962bdcb63e31ff134993556bbe84468e651c235db91977625820786c4d0c4dab3360ed4f81d861db7eb4e37de60cbebd2ea4b38c0a7c53b069caa966ddbb6c55960c89e88cffdd1cc26af3a37b47a78422e3dd7313f1c2efc0c6e02ff8449ef05e8ccefe67fd19497efac208ae9e18a9e77bae920cf779b9899ba48c3f644b"}) ioctl$KVM_DIRTY_TLB(r3, 0x4010aeaa, &(0x7f0000000a40)={0x5, 0x6}) r6 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000ac0)={0x0, &(0x7f0000000a80)=[@irq_setup={0x46, 0x18, {0x1, 0x55}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x342}}], 0x40}, &(0x7f0000000b00)=[@featur1={0x1, 0x12}], 0x1) ioctl$KVM_KVMCLOCK_CTRL(r6, 0xaead) ioctl$KVM_SET_REGS(r5, 0x4360ae82, &(0x7f0000000b40)={[0x7, 0x4, 0x3, 0x9, 0x6, 0xf, 0x10, 0x100000000, 0xf44, 0x78, 0x81, 0x1e94, 0x8, 0x1000, 0x1, 0x2], 0x7000}) ioctl$KVM_KVMCLOCK_CTRL(r6, 0xaead) syz_kvm_setup_cpu$arm64(r2, r5, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000001180)=[{0x0, &(0x7f0000000c00)=[@uexit={0x0, 0x18, 0xfffffffffffff1cc}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x3, 0x9, 0x7, 0xbc5, 0x4}}, @irq_setup={0x46, 0x18, {0x2, 0x5}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x5c}}, @uexit={0x0, 0x18, 0x5}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1a80, 0x3}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x0, 0x10, 0x3, 0x3}}, @memwrite={0x6e, 0x30, @generic={0x4, 0x628, 0xc4}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x1, 0xc, 0x81, 0x3, 0x2}}, @smc={0x1e, 0x40, {0x400, [0x7, 0x3, 0x8000, 0x9, 0x4]}}, @hvc={0x32, 0x40, {0x30000000, [0xe7d1, 0x4f, 0x7ff, 0x80, 0xa]}}, @eret={0xe6, 0x18, 0x8590}, @svc={0x122, 0x40, {0x0, [0x5, 0x7, 0x81, 0x0, 0x7]}}, @smc={0x1e, 0x40, {0x10, [0x10000, 0x3ff, 0x7fffffff, 0x800, 0x80000001]}}, @code={0xa, 0xb4, {"0000001c008008d500f4a00e007c200ec09e85d20040b0f2210080d2820080d2830080d2040080d2020000d4a0dc98d20000b0f2410080d2c20080d2e30180d2040080d2020000d4c02783d20000b0f2a10080d2420180d2a30080d2040080d2020000d4a0bd87d20000b8f2210180d2820180d2830080d2040180d2020000d440948fd20040b0f2810080d2e20180d2630180d2640080d2020000d40040601e"}}, @eret={0xe6, 0x18, 0x4}, @svc={0x122, 0x40, {0x84000005, [0x9, 0x40, 0x5, 0xffffffffffff3b4e, 0x3]}}, @svc={0x122, 0x40, {0x31000000, [0x10000, 0xa, 0x8, 0x7, 0xe]}}, @code={0xa, 0xb4, {"80ce9dd200a0b8f2410180d2420180d2c30080d2440180d2020000d4401280d20060b0f2810180d2620180d2830180d2840080d2020000d40000c0930020c01ae0b481d20080b0f2210080d2220180d2430080d2a40180d2020000d4203b8fd200c0b0f2a10080d2c20080d2e30080d2240180d2020000d4008008d5a03897d20060b8f2610080d2e20080d2e30180d2440180d2020000d4000028d5000028d5"}}, @code={0xa, 0x9c, {"0040206ec07f8ed200c0b0f2210080d2a20180d2030180d2040180d2020000d4808786d20000b0f2810080d2820080d2230180d2240080d2020000d4007008d5008008d5e0718fd200c0b8f2a10080d2420180d2030180d2a40180d2020000d40004200e00a0000c008008d500319ad20040b8f2610180d2e20180d2230180d2240180d2020000d4"}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x88, 0x8}}, @hvc={0x32, 0x40, {0x1000, [0x38000000, 0x7fff, 0x2edb, 0x99, 0x5]}}], 0x56c}], 0x1, 0x0, &(0x7f00000011c0), 0x1) r7 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) ioctl$KVM_KVMCLOCK_CTRL(r7, 0xaead) r8 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000014c0)={0x0, &(0x7f0000001200)=[@uexit={0x0, 0x18, 0x703}, @msr={0x14, 0x20, {0x603000000013c667, 0x7}}, @uexit={0x0, 0x18, 0x5}, @hvc={0x32, 0x40, {0x86000001, [0x7f, 0x9, 0x3, 0x2, 0x1]}}, @smc={0x1e, 0x40, {0x84000002, [0x8, 0x5, 0x1d2, 0x0, 0xfb0]}}, @code={0xa, 0x84, {"0048217e60fc90d200c0b8f2610080d2e20180d2430180d2840180d2020000d4000400bc0008607800fc205e20069ad20060b8f2610080d2820080d2830080d2440180d2020000d4000020cb607782d200e0b8f2010180d2a20180d2a30180d2e40180d2020000d4000028d5008008d5"}}, @irq_setup={0x46, 0x18, {0x3, 0x160}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x1, 0x2, 0xf, 0x1, 0x5, 0x3}}, @eret={0xe6, 0x18, 0x37}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x3, 0x6, 0x5, 0x9}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x3ab}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1a00, 0xd, 0x2}}, @msr={0x14, 0x20, {0x603000000013e180, 0x6}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x2d4}}, @svc={0x122, 0x40, {0x84000010, [0xf, 0x2, 0x800, 0x8, 0x2]}}], 0x2b4}, &(0x7f0000001500)=[@featur1={0x1, 0x11}], 0x1) ioctl$KVM_SET_SREGS(r8, 0x4000ae84, &(0x7f0000001540)={{0xffff1000, 0x30000, 0x8, 0x3, 0xd, 0x3, 0x1, 0x18, 0xf, 0x1, 0x3f, 0xfb}, {0x60000, 0x0, 0xe, 0x8, 0xea, 0xbf, 0xb4, 0x1, 0x27, 0x5, 0x6, 0xc}, {0xd000, 0x7000, 0x10, 0x6, 0x0, 0x6, 0x3, 0xfb, 0x4, 0x4, 0x9, 0x1}, {0xa000, 0x26000, 0xf, 0x6, 0x3, 0x4, 0xb, 0x1, 0xf3, 0x5f, 0xb, 0x5}, {0x1000, 0x95000, 0x0, 0x18, 0x42, 0x2, 0x5f, 0x9, 0x5, 0x4, 0x3, 0x3}, {0x80a0000, 0xc000, 0x8, 0x10, 0xaf, 0x2, 0x7f, 0x86, 0x80, 0x1, 0x6, 0x1}, {0x9000, 0xc000, 0x0, 0x5, 0x6, 0x2, 0x2, 0xcc, 0xff, 0x9, 0x9, 0x7}, {0x231b4800, 0xfec65000, 0xa, 0x2, 0x81, 0x6, 0x2, 0x7, 0x1, 0x6, 0x10, 0x1d}, {0xdddd1000, 0x1105}, {0xd000, 0x3}, 0xa0000000, 0x0, 0xeeee0000, 0x40080, 0xb, 0x8801, 0xffffffff, [0x2, 0x9, 0x6, 0x6]}) openat$kvm(0xffffffffffffff9c, 0x0, 0x200000, 0x0) 35m37.564328967s ago: executing program 4 (id=230): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x280, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="f21bc75509bf71c9d702360308000000000000677e80b875c2357c6e11000000000000000000000000f2ff000000000000000000ff4000", 0x0, 0x48) ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f00000001c0)={0x5000, 0x102000, 0x20081}) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r7, &(0x7f00000001c0)=0x8100000001, 0x51a8) r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000c0c000/0x2000)=nil, 0x930, 0x1000006, 0x80031, 0xffffffffffffffff, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_DIRTY_TLB(r4, 0x4010aeaa, &(0x7f00000000c0)={0x3765, 0x3}) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f0000000040)=[@hvc={0x32, 0x40, {0x8400000f, [0x101, 0x2, 0x7, 0x6, 0x6]}}], 0x40}, &(0x7f0000000080)=[@featur2={0x1, 0xa}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil) ioctl$KVM_RUN(r10, 0xae80, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000000)={0x0, &(0x7f0000000640)=[@eret={0xe6, 0x18, 0xf4c3}, @hvc={0x32, 0x40, {0x86000001, [0x4, 0xffffffdeffffffff, 0x5, 0x8, 0x3]}}, @smc={0x1e, 0x40, {0x5000000, [0x9, 0x8, 0x2, 0x30, 0xc2]}}, @eret={0xe6, 0x18, 0x10001}, @code={0xa, 0x54, {"0004000f000008d51f00202b0000c02c000c00bc007008d5007008d5407985d20080b0f2610180d2820080d2c30080d2040180d2020000d400209f0d00a0000d"}}, @eret={0xe6, 0x18, 0x8000000000000001}, @msr={0x14, 0x20, {0x603000000013c00d}}, @smc={0x1e, 0x40, {0x3f000000, [0x7ff, 0x81, 0x8, 0xab, 0x8]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x3, 0x1, 0x2, 0xb}}, @uexit={0x0, 0x18, 0x8}, @uexit={0x0, 0x18, 0x4000000000007}, @code={0xa, 0x9c, {"007008d5000008d50090800f60ee97d20020b8f2c10180d2c20080d2830180d2440180d2020000d4007008d5e0ea92d20060b8f2e10180d2c20180d2e30080d2440080d2020000d4a06c8fd20020b8f2c10080d2e20080d2c30080d2440080d2020000d4000008d5000008d540099dd20000b8f2a10180d2020180d2830180d2c40180d2020000d4"}}, @uexit={0x0, 0x18, 0x101}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x1, 0x3, 0xfffffffa, 0x8001, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x18, 0xffffffffffffffff, 0x9}}, @smc={0x1e, 0x40, {0x200, [0x7ff, 0xffffffff, 0xfffffffffffffff7, 0xffffffffffffff49, 0x81]}}], 0x320}, &(0x7f0000000280)=[@featur2={0x1, 0x55}], 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x163800, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r15, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_GET_ONE_REG(r15, 0x4010aeab, &(0x7f0000000240)=@arm64_ccsidr={0x602000000011000a, &(0x7f0000000100)=0xd3}) ioctl$KVM_GET_API_VERSION(r13, 0xae00, 0x0) 35m1.069575036s ago: executing program 35 (id=228): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000a9c000/0x400000)=nil) r3 = ioctl$KVM_CREATE_GUEST_MEMFD(0xffffffffffffffff, 0xc040aed4, &(0x7f0000000240)={0x6, 0x3}) ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000340)={0x4, 0x2, 0x0, 0x2000, &(0x7f0000c91000/0x2000)=nil, 0x8, r3}) r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80403, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_GUEST_MEMFD(r8, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3}) ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2) syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r9 = eventfd2(0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000004000/0x4000)=nil, 0x930, 0x0, 0x11, r9, 0x0) r10 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x9, 0x2, 0x0, 0xa, 0x1}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r6, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r10, 0xae80, 0x0) r12 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000300)=@riscv64_aia_csr={0x8030000003010001, &(0x7f0000000000)=0x2}) 34m50.737595552s ago: executing program 36 (id=230): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x280, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="f21bc75509bf71c9d702360308000000000000677e80b875c2357c6e11000000000000000000000000f2ff000000000000000000ff4000", 0x0, 0x48) ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f00000001c0)={0x5000, 0x102000, 0x20081}) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r7, &(0x7f00000001c0)=0x8100000001, 0x51a8) r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000c0c000/0x2000)=nil, 0x930, 0x1000006, 0x80031, 0xffffffffffffffff, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_DIRTY_TLB(r4, 0x4010aeaa, &(0x7f00000000c0)={0x3765, 0x3}) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f0000000040)=[@hvc={0x32, 0x40, {0x8400000f, [0x101, 0x2, 0x7, 0x6, 0x6]}}], 0x40}, &(0x7f0000000080)=[@featur2={0x1, 0xa}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil) ioctl$KVM_RUN(r10, 0xae80, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000000)={0x0, &(0x7f0000000640)=[@eret={0xe6, 0x18, 0xf4c3}, @hvc={0x32, 0x40, {0x86000001, [0x4, 0xffffffdeffffffff, 0x5, 0x8, 0x3]}}, @smc={0x1e, 0x40, {0x5000000, [0x9, 0x8, 0x2, 0x30, 0xc2]}}, @eret={0xe6, 0x18, 0x10001}, @code={0xa, 0x54, {"0004000f000008d51f00202b0000c02c000c00bc007008d5007008d5407985d20080b0f2610180d2820080d2c30080d2040180d2020000d400209f0d00a0000d"}}, @eret={0xe6, 0x18, 0x8000000000000001}, @msr={0x14, 0x20, {0x603000000013c00d}}, @smc={0x1e, 0x40, {0x3f000000, [0x7ff, 0x81, 0x8, 0xab, 0x8]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x3, 0x1, 0x2, 0xb}}, @uexit={0x0, 0x18, 0x8}, @uexit={0x0, 0x18, 0x4000000000007}, @code={0xa, 0x9c, {"007008d5000008d50090800f60ee97d20020b8f2c10180d2c20080d2830180d2440180d2020000d4007008d5e0ea92d20060b8f2e10180d2c20180d2e30080d2440080d2020000d4a06c8fd20020b8f2c10080d2e20080d2c30080d2440080d2020000d4000008d5000008d540099dd20000b8f2a10180d2020180d2830180d2c40180d2020000d4"}}, @uexit={0x0, 0x18, 0x101}, @its_send_cmd={0xaa, 0x28, {0x8, 0x1, 0x1, 0x3, 0xfffffffa, 0x8001, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x18, 0xffffffffffffffff, 0x9}}, @smc={0x1e, 0x40, {0x200, [0x7ff, 0xffffffff, 0xfffffffffffffff7, 0xffffffffffffff49, 0x81]}}], 0x320}, &(0x7f0000000280)=[@featur2={0x1, 0x55}], 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x163800, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r15, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_GET_ONE_REG(r15, 0x4010aeab, &(0x7f0000000240)=@arm64_ccsidr={0x602000000011000a, &(0x7f0000000100)=0xd3}) ioctl$KVM_GET_API_VERSION(r13, 0xae00, 0x0) 2m33.957524699s ago: executing program 6 (id=418): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async) ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r1, 0x4068aea3, &(0x7f0000000080)) r3 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f0000000100)={0xb6, 0x0, 0x72cd}) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) mmap$KVM_VCPU(&(0x7f0000479000/0x1000)=nil, r5, 0x2000003, 0x4010, 0xffffffffffffffff, 0x0) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) r7 = mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, r6, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) (async) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04) mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, r9, 0x3000002, 0x8a031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000340)={0x5}) (async) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000280)=@arm64_sys={0x603000000013c090, &(0x7f0000000040)=0x5}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x10) 2m21.525768959s ago: executing program 6 (id=419): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000280)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_vgic_v3_setup(r2, 0x4, 0x100) (async) ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, &(0x7f0000000040)={0x5, 0xde}) ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f00000000c0)=@attr_arm64={0x0, 0x3, 0x5}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x1, 0xeeee0000, 0x1000, &(0x7f0000fff000/0x1000)=nil}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bfe000/0x400000)=nil) write$eventfd(r6, &(0x7f00000001c0)=0x7ffffff, 0xe80) (async) r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) mmap$KVM_VCPU(&(0x7f00002e7000/0x4000)=nil, r7, 0x2, 0x32010, r6, 0x0) r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r8, 0x4018aee1, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r9, 0x4018aee3, 0xffffffffffffffff) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r11, r12, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="460000000000000018000000000097f19200000100800020c13c4ed9f239e427ec"], 0x18}], 0x1, 0x0, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r11, 0x1, 0x100) ioctl$KVM_RUN(r12, 0xae80, 0x0) (async) ioctl$KVM_IRQ_LINE(r11, 0x4008ae61, &(0x7f0000000100)={0x1000020, 0x1}) (async) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r12, &(0x7f00009ea000/0x400000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="e600000000000000180000000000000009000000000000000a000000000000006c00000000000000e0fe8dd20080b8f2410080d2c20080d2030180d2040180d2020000d40008285e0000600d000000b50000601f1020601ec05d87d20040b8f2a10080d26e5e088c6a3e4ae8d8a3a20180d2030080d2c40180d2020000d4000000b2000028d50060000ec0035fd61400000000000000200000000000000030e51300000030600104000000000000be000000000000001800000000000000719f13000000306046000000000000001886c47d650c29ef0eb310206b5f00000000000000000000000e0000008200000000000000280000000000000003000000000000000000000000000000770200000000000082000000000000002800000000000000020000000000000001000000000000008e000000000000008200000000000000280000000000000000"], 0x14c}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, 0x0) (async) ioctl$KVM_RUN(r12, 0xae80, 0x0) 2m14.507857132s ago: executing program 5 (id=420): ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0xf3c) r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae03, 0x29) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r4 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r3, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x88201, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0x40305839, 0x2000000000000059) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0xf3c) (async) openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r2, 0xae03, 0x29) (async) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async) mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r3, 0x0) (async) openat$kvm(0xffffffffffffff9c, 0x0, 0x88201, 0x0) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0) (async) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r5, 0x40305839, 0x2000000000000059) (async) 2m3.769867403s ago: executing program 6 (id=421): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x80800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000a21000/0x400000)=nil) ioctl$KVM_CAP_PTP_KVM(r1, 0x4068aea3, &(0x7f0000000180)) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x210}}], 0x18}, 0x0, 0x0) r4 = eventfd2(0x8, 0x80801) syz_kvm_vgic_v3_setup(r1, 0x1, 0x3a0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000140)={0x8000000}) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x6, 0x8000000, 0x1, r4}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1m58.855750409s ago: executing program 5 (id=422): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1b) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) openat$kvm(0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x7, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)=@x86={0x19, 0x9b, 0xf, 0x0, 0x5, 0x48, 0x82, 0x42, 0x48, 0x86, 0xdd, 0x5, 0x0, 0x100001, 0x132, 0x9, 0x3, 0xa, 0x8, '\x00', 0x5, 0x80000008}) write$eventfd(r5, &(0x7f00000001c0)=0x3, 0x8e80) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r6, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000080)="fb0149dd033be3ac4e37c4005a9614fbff67521ce16f8f09449a7a836b73312954000000000000000000000000000000000000000000000000000000dc6900", 0x0, 0x2e) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x103201, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x35) syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000000000/0x400000)=nil) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) 1m42.937638867s ago: executing program 5 (id=423): ioctl$KVM_CAP_HALT_POLL(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000000)={0xb6, 0x0, 0x1}) ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) (async) r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3e) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async) r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffd000/0x1000)=nil, r2, 0x1000008, 0x40010, r0, 0x0) ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r0, 0x4068aea3, &(0x7f0000000080)) ioctl$KVM_CAP_PTP_KVM(r1, 0x4068aea3, &(0x7f0000000100)) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3) (async) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3) ioctl$KVM_CAP_PTP_KVM(r3, 0x4068aea3, &(0x7f0000000180)) (async) ioctl$KVM_CAP_PTP_KVM(r3, 0x4068aea3, &(0x7f0000000180)) ioctl$KVM_GET_STATS_FD_vm(r0, 0xaece) (async) r4 = ioctl$KVM_GET_STATS_FD_vm(r0, 0xaece) ioctl$KVM_RESET_DIRTY_RINGS(r0, 0xaec7) ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f0000000200)={0x54000, 0x101000, 0x1}) ioctl$KVM_SET_USER_MEMORY_REGION2(r4, 0x40a0ae49, &(0x7f0000000240)={0x10200, 0x2, 0xeeee8000, 0x2000, &(0x7f0000ffd000/0x2000)=nil, 0x538c, r4}) r5 = mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r2, 0x0, 0x12, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000300)="284431f0139f0378dbeb812fba121f867aac08b7086107adb8f8be0e29ee05bbd31faaf3ed895de395c56a968d4f3f8c5528e6aeb4183a6ef0ebaa216d3f197f851f9d0f4e512111", 0x0, 0x48) r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1f) syz_kvm_vgic_v3_setup(r0, 0x0, 0x200) ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000380)={0x4, 0x4}) (async) ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000380)={0x4, 0x4}) ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f00000003c0)={r0, 0x5ed, 0x2, r0}) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x30) (async) r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x30) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000bfd000/0x400000)=nil) ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) (async) ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f0000000400)={0x10004, 0x0, &(0x7f0000c70000/0x2000)=nil}) syz_memcpy_off$KVM_EXIT_MMIO(r5, 0x20, &(0x7f0000000440)="68366d5992209884cfad58f5506deb5d5d37b594122da1bb", 0x0, 0x18) ioctl$KVM_GET_STATS_FD_vm(r3, 0xaece) (async) r8 = ioctl$KVM_GET_STATS_FD_vm(r3, 0xaece) ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4040aea0, &(0x7f0000000480)=@arm64={0x5, 0x0, 0x9, '\x00', 0x8}) (async) ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4040aea0, &(0x7f0000000480)=@arm64={0x5, 0x0, 0x9, '\x00', 0x8}) ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x4018aee1, &(0x7f0000000500)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000004c0)={0x4, 0x8}}) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f0000000540)={0xdf, 0x0, 0x1000}) ioctl$KVM_SET_GUEST_DEBUG_arm64(r0, 0x4208ae9b, &(0x7f00000005c0)={0x2, 0x0, {[0x9, 0x2, 0x4, 0xfa5, 0x2, 0x2, 0x9, 0x100000001, 0x3, 0x4, 0x7, 0x8000, 0x295, 0x2, 0x7ff, 0x4], [0x3, 0x1, 0x3, 0x4, 0x7fffffff, 0x2, 0x101, 0x3, 0x4, 0xe, 0x800, 0xfffffffffffff95c, 0x3, 0x2, 0x8, 0x8000000000000000], [0x3, 0xe, 0x2, 0xfc25, 0x9, 0x3, 0x3, 0x0, 0x3, 0x4, 0x5, 0x8, 0x2, 0x100, 0x7, 0x5], [0x4, 0x7fff, 0x9, 0x7, 0x4b, 0x6, 0xffffffffffffffff, 0x2b, 0x6, 0x10000, 0x10, 0x101, 0x8000000000000001, 0x96da, 0x835, 0x4]}}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3d) 1m35.246394154s ago: executing program 5 (id=424): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x20) ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000000000)={0x4fe98b2, 0xfffffffa}) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@hvc={0x32, 0x40, {0x84000050, [0x2, 0x2, 0x2, 0x3, 0x7]}}], 0x40}, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 1m21.380279974s ago: executing program 6 (id=425): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x22) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x22) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) (async) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0) mmap$KVM_VCPU(&(0x7f0000e04000/0x2000)=nil, 0x930, 0x1, 0x11, r2, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000e04000/0x2000)=nil, 0x930, 0x1, 0x11, r2, 0x0) munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, 0x0, 0x8, 0x13, r2, 0x0) mmap$KVM_VCPU(&(0x7f0000011000/0x3000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) (async) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0) 1m21.379889774s ago: executing program 5 (id=426): syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2e) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000100)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x603000000010001a, &(0x7f00000000c0)=0x11}) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000080)=@arm64={0xe6, 0x7, 0x8, '\x00', 0xff}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) (async) r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) (async) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000080)=@x86={0x0, 0xfb, 0x3, 0x0, 0x10, 0x7, 0x6, 0xe, 0xf, 0x2, 0x6, 0xfd, 0x0, 0xc03, 0x8, 0x3, 0x10, 0x0, 0x0, '\x00', 0x87, 0xfffffffffffffffe}) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f00000001c0)={0x8}) (async) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) (async) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000080)=0x8004000000000000}) (async) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000080)=0x8004000000000000}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) r13 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) r15 = syz_kvm_setup_syzos_vm$arm64(r14, &(0x7f0000c00000/0x400000)=nil) r16 = syz_kvm_add_vcpu$arm64(r15, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@smc={0x1e, 0x0, {0x84000053, [0x1000009, 0x8000000000000001, 0xffffffffffffffff, 0x400, 0xfffffffffffff801]}}], 0xc7}, 0x0, 0x0) ioctl$KVM_RUN(r16, 0xae80, 0x0) (async) ioctl$KVM_RUN(r16, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r9, 0x2000003, 0x11, r8, 0x0) syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000100)={0x0, &(0x7f0000000880)=[@msr={0x14, 0x20, {0x603000000013defc, 0x5a8}}], 0x20}, 0x0, 0x0) (async) r17 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000100)={0x0, &(0x7f0000000880)=[@msr={0x14, 0x20, {0x603000000013defc, 0x5a8}}], 0x20}, 0x0, 0x0) ioctl$KVM_RUN(r17, 0xae80, 0x0) 1m3.13935525s ago: executing program 6 (id=427): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0xe}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f00000000c0)={0x2, 0x0, 0x0, 0x1, 0x10005}) 57.507783653s ago: executing program 5 (id=428): eventfd2(0x0, 0x0) (async) r0 = eventfd2(0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x2800002, 0x11, r3, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f00001f8000/0x2000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0) r5 = eventfd2(0x0, 0x0) close(r5) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) (async) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) write$eventfd(r5, &(0x7f0000000180)=0x5, 0xfffffde3) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x34) (async) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x34) r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000b7c000/0x400000)=nil) (async) r10 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000b7c000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000040)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x20e4586c}) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x20e4586c}) ioctl$KVM_RUN(r11, 0xae80, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0) eventfd2(0xfffffffd, 0x800) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x24) (async) r12 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x24) ioctl$KVM_IRQFD(r12, 0x4020ae76, &(0x7f0000000000)={0xffffffffffffffff, 0x60fb202b, 0xf5c1e58e40804305, r0}) munmap(&(0x7f0000011000/0xc00000)=nil, 0xc00000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) munmap(&(0x7f0000d8f000/0x4000)=nil, 0x4000) (async) munmap(&(0x7f0000d8f000/0x4000)=nil, 0x4000) 48.227192844s ago: executing program 6 (id=429): syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="7cfaa2bfd6dd76375aa1bde04fceeb33743b07d73b3e9aac", 0x0, 0xffffffffffffff94) r0 = eventfd2(0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0xc1, 0xf, 0x0, 0x5, 0x6, 0x86, 0xfe, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x10000005, 0x93a, 0x20, 0x3, 0x4, 0x8, '\x00', 0x3, 0x8093}) write$eventfd(r3, &(0x7f00000001c0)=0x3, 0xfdef) ioctl$KVM_CREATE_VM(r0, 0x4020940d, 0x20000001) 9.948385367s ago: executing program 37 (id=428): eventfd2(0x0, 0x0) (async) r0 = eventfd2(0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x2800002, 0x11, r3, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f00001f8000/0x2000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0) r5 = eventfd2(0x0, 0x0) close(r5) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) (async) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) write$eventfd(r5, &(0x7f0000000180)=0x5, 0xfffffde3) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x34) (async) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x34) r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000b7c000/0x400000)=nil) (async) r10 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000b7c000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000040)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x20e4586c}) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x20e4586c}) ioctl$KVM_RUN(r11, 0xae80, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0) eventfd2(0xfffffffd, 0x800) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x24) (async) r12 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x24) ioctl$KVM_IRQFD(r12, 0x4020ae76, &(0x7f0000000000)={0xffffffffffffffff, 0x60fb202b, 0xf5c1e58e40804305, r0}) munmap(&(0x7f0000011000/0xc00000)=nil, 0xc00000) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) munmap(&(0x7f0000d8f000/0x4000)=nil, 0x4000) (async) munmap(&(0x7f0000d8f000/0x4000)=nil, 0x4000) 0s ago: executing program 38 (id=429): syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="7cfaa2bfd6dd76375aa1bde04fceeb33743b07d73b3e9aac", 0x0, 0xffffffffffffff94) r0 = eventfd2(0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0xc1, 0xf, 0x0, 0x5, 0x6, 0x86, 0xfe, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x10000005, 0x93a, 0x20, 0x3, 0x4, 0x8, '\x00', 0x3, 0x8093}) write$eventfd(r3, &(0x7f00000001c0)=0x3, 0xfdef) ioctl$KVM_CREATE_VM(r0, 0x4020940d, 0x20000001) kernel console output (not intermixed with test programs): [ 365.778548][ T24] audit: type=1400 audit(364.970:75): avc: denied { write } for pid=3261 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 368.456350][ T3205] 8021q: adding VLAN 0 to HW filter on device bond0 [ 375.303353][ T24] audit: type=1400 audit(374.450:76): avc: denied { write } for pid=3268 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 379.038723][ T24] audit: type=1400 audit(378.220:77): avc: denied { write } for pid=3272 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 394.434434][ T24] audit: type=1400 audit(393.610:78): avc: denied { write } for pid=3277 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 398.914725][ T24] audit: type=1400 audit(398.080:79): avc: denied { write } for pid=3280 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 410.825369][ T24] audit: type=1400 audit(409.990:80): avc: denied { write } for pid=3286 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 414.503175][ T24] audit: type=1400 audit(413.690:81): avc: denied { write } for pid=3289 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 416.850471][ T3205] eql: remember to turn off Van-Jacobson compression on your slave devices [ 424.642680][ T24] audit: type=1400 audit(423.800:82): avc: denied { write } for pid=3294 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 428.312754][ T24] audit: type=1400 audit(427.490:83): avc: denied { write } for pid=3297 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 433.986550][ T24] audit: type=1400 audit(433.160:84): avc: denied { write } for pid=3299 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 437.633101][ T24] audit: type=1400 audit(436.800:85): avc: denied { write } for pid=3302 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 450.248049][ T24] audit: type=1400 audit(449.440:86): avc: denied { write } for pid=3307 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 455.182601][ T24] audit: type=1400 audit(454.370:87): avc: denied { write } for pid=3310 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 461.394077][ T24] audit: type=1400 audit(460.550:88): avc: denied { write } for pid=3312 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 465.028923][ T24] audit: type=1400 audit(464.220:89): avc: denied { write } for pid=3315 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 472.440321][ T24] audit: type=1400 audit(471.630:90): avc: denied { write } for pid=3319 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 476.253871][ T24] audit: type=1400 audit(475.440:91): avc: denied { write } for pid=3322 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 487.243710][ T24] audit: type=1400 audit(486.430:92): avc: denied { write } for pid=3327 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 490.910471][ T24] audit: type=1400 audit(490.100:93): avc: denied { write } for pid=3330 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 512.342695][ T24] audit: type=1400 audit(511.530:94): avc: denied { write } for pid=3340 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 517.413787][ T24] audit: type=1400 audit(516.590:95): avc: denied { write } for pid=3343 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 530.433832][ T24] audit: type=1400 audit(529.620:96): avc: denied { write } for pid=3348 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 534.353829][ T24] audit: type=1400 audit(533.510:97): avc: denied { write } for pid=3351 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 545.042578][ T24] audit: type=1400 audit(544.230:98): avc: denied { write } for pid=3355 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 548.814197][ T24] audit: type=1400 audit(548.000:99): avc: denied { write } for pid=3358 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 Warning: Permanently added '[localhost]:13144' (ED25519) to the list of known hosts. [ 579.252450][ T24] audit: type=1400 audit(578.420:100): avc: denied { name_bind } for pid=3363 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 580.595043][ T24] audit: type=1400 audit(579.790:101): avc: denied { execute } for pid=3364 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 580.619624][ T24] audit: type=1400 audit(579.800:102): avc: denied { execute_no_trans } for pid=3364 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 604.646642][ T24] audit: type=1400 audit(603.830:103): avc: denied { mounton } for pid=3364 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 604.680718][ T24] audit: type=1400 audit(603.870:104): avc: denied { mount } for pid=3364 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 604.765123][ T3364] cgroup: Unknown subsys name 'net' [ 604.824448][ T24] audit: type=1400 audit(604.010:105): avc: denied { unmount } for pid=3364 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 605.232915][ T3364] cgroup: Unknown subsys name 'cpuset' [ 605.346436][ T3364] cgroup: Unknown subsys name 'rlimit' [ 606.174463][ T24] audit: type=1400 audit(605.360:106): avc: denied { setattr } for pid=3364 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=704 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 606.196342][ T24] audit: type=1400 audit(605.390:107): avc: denied { mounton } for pid=3364 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 606.214247][ T24] audit: type=1400 audit(605.400:108): avc: denied { mount } for pid=3364 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 607.180923][ T3367] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 607.200164][ T24] audit: type=1400 audit(606.390:109): avc: denied { relabelto } for pid=3367 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 607.226587][ T24] audit: type=1400 audit(606.420:110): avc: denied { write } for pid=3367 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 607.416956][ T24] audit: type=1400 audit(606.600:111): avc: denied { read } for pid=3364 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 607.430521][ T24] audit: type=1400 audit(606.620:112): avc: denied { open } for pid=3364 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 607.483826][ T3364] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 666.398253][ T24] audit: type=1400 audit(665.590:113): avc: denied { execmem } for pid=3368 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 670.136154][ T24] audit: type=1400 audit(669.310:114): avc: denied { read } for pid=3371 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 670.158279][ T24] audit: type=1400 audit(669.320:115): avc: denied { open } for pid=3370 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 670.223898][ T24] audit: type=1400 audit(669.410:116): avc: denied { mounton } for pid=3371 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 670.446185][ T24] audit: type=1400 audit(669.640:117): avc: denied { module_request } for pid=3371 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 670.493011][ T24] audit: type=1400 audit(669.660:118): avc: denied { module_request } for pid=3370 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 671.401150][ T24] audit: type=1400 audit(670.590:119): avc: denied { sys_module } for pid=3371 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 693.753922][ T3371] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 693.975113][ T3371] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 696.017200][ T3370] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 696.207064][ T3370] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 708.355497][ T3371] hsr_slave_0: entered promiscuous mode [ 708.398770][ T3371] hsr_slave_1: entered promiscuous mode [ 709.820994][ T3370] hsr_slave_0: entered promiscuous mode [ 709.867188][ T3370] hsr_slave_1: entered promiscuous mode [ 709.883952][ T3370] debugfs: 'hsr0' already exists in 'hsr' [ 709.895944][ T3370] Cannot create hsr debugfs directory [ 715.134128][ T24] audit: type=1400 audit(714.320:120): avc: denied { create } for pid=3371 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 715.155584][ T24] audit: type=1400 audit(714.340:121): avc: denied { write } for pid=3371 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 715.206717][ T24] audit: type=1400 audit(714.400:122): avc: denied { read } for pid=3371 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 715.337366][ T3371] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 715.668336][ T3371] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 715.720035][ T3371] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 715.896856][ T3371] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 716.017825][ T3371] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 716.218826][ T3371] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 716.283551][ T3371] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 716.369662][ T3371] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 717.994606][ T3370] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 718.116013][ T3370] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 718.215526][ T3370] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 718.311090][ T3370] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 718.389328][ T3370] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 718.487978][ T3370] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 718.578883][ T3370] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 718.745451][ T3370] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 729.730938][ T3371] 8021q: adding VLAN 0 to HW filter on device bond0 [ 732.138616][ T3370] 8021q: adding VLAN 0 to HW filter on device bond0 [ 782.375281][ T3371] veth0_vlan: entered promiscuous mode [ 782.858587][ T3371] veth1_vlan: entered promiscuous mode [ 785.173545][ T3370] veth0_vlan: entered promiscuous mode [ 785.334332][ T3371] veth0_macvtap: entered promiscuous mode [ 785.771227][ T3371] veth1_macvtap: entered promiscuous mode [ 785.994663][ T3370] veth1_vlan: entered promiscuous mode [ 788.028413][ T3412] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 788.044481][ T3412] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 788.057393][ T3412] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 788.078713][ T3412] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 788.729173][ T3370] veth0_macvtap: entered promiscuous mode [ 789.256149][ T3370] veth1_macvtap: entered promiscuous mode [ 790.695125][ T24] audit: type=1400 audit(789.870:123): avc: denied { mount } for pid=3371 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 790.948756][ T24] audit: type=1400 audit(790.140:124): avc: denied { mounton } for pid=3371 comm="syz-executor" path="/syzkaller.w0B86t/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 791.205500][ T24] audit: type=1400 audit(790.380:125): avc: denied { mount } for pid=3371 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 791.498036][ T24] audit: type=1400 audit(790.690:126): avc: denied { mounton } for pid=3371 comm="syz-executor" path="/syzkaller.w0B86t/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 791.730314][ T24] audit: type=1400 audit(790.920:127): avc: denied { mounton } for pid=3371 comm="syz-executor" path="/syzkaller.w0B86t/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3752 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 792.186045][ T3384] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 792.234030][ T3464] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 792.238340][ T3464] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 792.249071][ T3464] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 792.405930][ T24] audit: type=1400 audit(791.570:128): avc: denied { unmount } for pid=3371 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 792.559809][ T24] audit: type=1400 audit(791.740:129): avc: denied { mounton } for pid=3371 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1548 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 792.670687][ T24] audit: type=1400 audit(791.860:130): avc: denied { mount } for pid=3371 comm="syz-executor" name="/" dev="gadgetfs" ino=3761 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 793.026141][ T24] audit: type=1400 audit(792.220:131): avc: denied { mount } for pid=3371 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 793.109755][ T24] audit: type=1400 audit(792.300:132): avc: denied { mounton } for pid=3371 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 794.596477][ T3371] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 795.738776][ T24] kauditd_printk_skb: 1 callbacks suppressed [ 795.755503][ T24] audit: type=1400 audit(794.930:134): avc: denied { read write } for pid=3371 comm="syz-executor" name="loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 795.784169][ T24] audit: type=1400 audit(794.970:135): avc: denied { open } for pid=3371 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 795.872610][ T24] audit: type=1400 audit(794.970:136): avc: denied { ioctl } for pid=3371 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 805.310031][ T24] audit: type=1400 audit(804.500:137): avc: denied { read } for pid=3522 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 805.350860][ T24] audit: type=1400 audit(804.540:138): avc: denied { open } for pid=3522 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 807.639547][ T24] audit: type=1400 audit(806.830:139): avc: denied { ioctl } for pid=3524 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 809.487011][ T24] audit: type=1400 audit(808.650:140): avc: denied { write } for pid=3524 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 839.375961][ T24] audit: type=1400 audit(838.530:141): avc: denied { execute } for pid=3541 comm="syz.1.7" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4173 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 864.272612][ T24] audit: type=1400 audit(863.450:142): avc: denied { ioctl } for pid=3557 comm="syz.1.12" path="net:[4026532627]" dev="nsfs" ino=4026532627 ioctlcmd=0xb704 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 873.987307][ T24] audit: type=1400 audit(873.170:143): avc: denied { write } for pid=3561 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 882.196271][ T24] audit: type=1400 audit(881.390:144): avc: denied { append } for pid=3571 comm="syz.0.16" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 883.715118][ T24] audit: type=1400 audit(882.900:145): avc: denied { write } for pid=3570 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1079.388149][ T24] audit: type=1400 audit(1078.520:146): avc: denied { setattr } for pid=3684 comm="syz.0.57" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1144.560615][ T24] audit: type=1400 audit(1143.750:147): avc: denied { write } for pid=3718 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1148.042757][ T24] audit: type=1400 audit(1147.230:148): avc: denied { write } for pid=3721 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1181.650463][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1183.050341][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1185.487989][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1186.673778][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1199.786779][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1199.939217][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1199.993699][ T12] bond0 (unregistering): Released all slaves [ 1201.205156][ T12] hsr_slave_0: left promiscuous mode [ 1201.316174][ T12] hsr_slave_1: left promiscuous mode [ 1201.696313][ T12] veth1_macvtap: left promiscuous mode [ 1201.699851][ T12] veth0_macvtap: left promiscuous mode [ 1201.723636][ T12] veth1_vlan: left promiscuous mode [ 1201.729803][ T12] veth0_vlan: left promiscuous mode [ 1219.260101][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1220.018066][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1221.084821][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1222.180073][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1223.376197][ T24] audit: type=1400 audit(1222.560:149): avc: denied { write } for pid=3754 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1228.466072][ T24] audit: type=1400 audit(1227.660:150): avc: denied { write } for pid=3761 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1234.998989][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1235.069195][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1235.117621][ T12] bond0 (unregistering): Released all slaves [ 1235.793058][ T3205] 8021q: adding VLAN 0 to HW filter on device eth1 [ 1236.079208][ T12] hsr_slave_0: left promiscuous mode [ 1236.122780][ T12] hsr_slave_1: left promiscuous mode [ 1236.318194][ T12] veth1_macvtap: left promiscuous mode [ 1236.363199][ T12] veth0_macvtap: left promiscuous mode [ 1236.370392][ T12] veth1_vlan: left promiscuous mode [ 1236.379249][ T12] veth0_vlan: left promiscuous mode [ 1260.386131][ T24] audit: type=1400 audit(1259.580:151): avc: denied { write } for pid=3779 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1264.652987][ T24] audit: type=1400 audit(1263.830:152): avc: denied { write } for pid=3790 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1265.678976][ T3725] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1265.910023][ T3725] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1267.530877][ T3205] 8021q: adding VLAN 0 to HW filter on device eth2 [ 1271.836797][ T3732] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1271.999475][ T3732] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1275.763709][ T24] audit: type=1400 audit(1274.950:153): avc: denied { write } for pid=3801 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1280.142548][ T24] audit: type=1400 audit(1279.320:154): avc: denied { write } for pid=3810 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1283.078497][ T3205] 8021q: adding VLAN 0 to HW filter on device eth3 [ 1284.920960][ T3725] hsr_slave_0: entered promiscuous mode [ 1284.987066][ T3725] hsr_slave_1: entered promiscuous mode [ 1291.064855][ T24] audit: type=1400 audit(1290.250:155): avc: denied { write } for pid=3822 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1291.198670][ T3732] hsr_slave_0: entered promiscuous mode [ 1291.239724][ T3732] hsr_slave_1: entered promiscuous mode [ 1291.283273][ T3732] debugfs: 'hsr0' already exists in 'hsr' [ 1291.286341][ T3732] Cannot create hsr debugfs directory [ 1294.829352][ T24] audit: type=1400 audit(1294.010:156): avc: denied { write } for pid=3826 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1297.439241][ T3205] 8021q: adding VLAN 0 to HW filter on device eth4 [ 1299.396146][ T3725] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1299.724495][ T3725] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1300.324192][ T3725] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1300.689926][ T3725] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1300.907244][ T3725] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1301.253343][ T3725] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1301.301254][ T3725] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1301.747249][ T3725] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1306.818059][ T3732] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1307.185073][ T3732] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1307.290265][ T3732] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1307.654412][ T3732] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1307.730404][ T3732] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1308.130813][ T3732] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1308.323579][ T3732] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1308.649268][ T3732] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1312.554768][ T24] audit: type=1400 audit(1311.730:157): avc: denied { write } for pid=3839 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1320.230268][ T24] audit: type=1400 audit(1319.420:158): avc: denied { write } for pid=3856 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1324.684276][ T3205] 8021q: adding VLAN 0 to HW filter on device eth5 [ 1327.407897][ T3725] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1332.550515][ T3732] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1337.958522][ T24] audit: type=1400 audit(1337.150:159): avc: denied { write } for pid=3867 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1343.915014][ T24] audit: type=1400 audit(1343.090:160): avc: denied { write } for pid=3877 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1349.273440][ T3205] 8021q: adding VLAN 0 to HW filter on device eth6 [ 1364.577232][ T24] audit: type=1400 audit(1363.760:161): avc: denied { write } for pid=3890 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1372.687493][ T24] audit: type=1400 audit(1371.830:162): avc: denied { write } for pid=3899 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1378.196135][ T3205] 8021q: adding VLAN 0 to HW filter on device eth7 [ 1391.693596][ T24] audit: type=1400 audit(1390.860:163): avc: denied { write } for pid=3915 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1398.095468][ T24] audit: type=1400 audit(1397.290:164): avc: denied { write } for pid=3925 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1402.530135][ T3205] 8021q: adding VLAN 0 to HW filter on device eth8 [ 1414.097704][ T3725] veth0_vlan: entered promiscuous mode [ 1414.870161][ T3725] veth1_vlan: entered promiscuous mode [ 1417.757371][ T3725] veth0_macvtap: entered promiscuous mode [ 1418.176708][ T3725] veth1_macvtap: entered promiscuous mode [ 1421.356356][ T3732] veth0_vlan: entered promiscuous mode [ 1423.766505][ T3732] veth1_vlan: entered promiscuous mode [ 1424.106188][ T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1424.117492][ T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1424.333282][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1424.348840][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1429.719819][ T3732] veth0_macvtap: entered promiscuous mode [ 1430.744923][ T3732] veth1_macvtap: entered promiscuous mode [ 1431.317340][ T24] audit: type=1400 audit(1430.510:165): avc: denied { unmount } for pid=3725 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 1434.680399][ T3464] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1434.732978][ T3412] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1434.738688][ T3412] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1434.973800][ T3735] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1458.824557][ T24] audit: type=1400 audit(1458.010:166): avc: denied { write } for pid=3965 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1467.633788][ T24] audit: type=1400 audit(1466.770:167): avc: denied { write } for pid=3975 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1488.317546][ T24] audit: type=1400 audit(1487.450:168): avc: denied { write } for pid=3988 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1499.967135][ T24] audit: type=1400 audit(1499.150:169): avc: denied { write } for pid=3998 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1500.303740][ T24] audit: type=1400 audit(1499.490:170): avc: denied { map } for pid=3997 comm="syz.3.76" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1500.387941][ T24] audit: type=1400 audit(1499.510:171): avc: denied { execute } for pid=3997 comm="syz.3.76" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1522.460684][ T24] audit: type=1400 audit(1521.650:172): avc: denied { write } for pid=4014 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1532.996041][ T24] audit: type=1400 audit(1532.170:173): avc: denied { write } for pid=4020 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1547.253414][ T24] audit: type=1400 audit(1546.440:174): avc: denied { write } for pid=4029 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1557.923721][ T24] audit: type=1400 audit(1556.950:175): avc: denied { write } for pid=4037 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1577.278922][ T24] audit: type=1400 audit(1576.450:176): avc: denied { write } for pid=4047 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1587.357899][ T24] audit: type=1400 audit(1586.540:177): avc: denied { write } for pid=4055 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1603.993013][ T24] audit: type=1400 audit(1603.170:178): avc: denied { write } for pid=4063 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1615.354286][ T24] audit: type=1400 audit(1614.510:179): avc: denied { write } for pid=4072 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1634.538412][ T24] audit: type=1400 audit(1633.730:180): avc: denied { write } for pid=4083 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1643.700955][ T24] audit: type=1400 audit(1642.870:181): avc: denied { write } for pid=4092 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1683.626284][ T24] audit: type=1400 audit(1682.820:182): avc: denied { write } for pid=4119 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1695.096252][ T24] audit: type=1400 audit(1694.280:183): avc: denied { write } for pid=4128 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1716.126078][ T24] audit: type=1400 audit(1715.300:184): avc: denied { write } for pid=4142 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1726.406268][ T24] audit: type=1400 audit(1725.580:185): avc: denied { write } for pid=4150 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1899.787247][ T24] audit: type=1400 audit(1898.970:186): avc: denied { create } for pid=4240 comm="syz.2.140" anonclass=[kvm-gmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 2031.165465][ T24] audit: type=1400 audit(2030.240:187): avc: denied { write } for pid=4310 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2040.243247][ T24] audit: type=1400 audit(2039.400:188): avc: denied { write } for pid=4314 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2238.917561][ T24] audit: type=1400 audit(2238.110:189): avc: denied { write } for pid=4427 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2247.942492][ T24] audit: type=1400 audit(2247.130:190): avc: denied { write } for pid=4436 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2312.868457][ T3412] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2314.520432][ T3412] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2316.229136][ T3412] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2318.053941][ T3412] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2342.373443][ T3412] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2342.739002][ T3412] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2342.938885][ T3412] bond0 (unregistering): Released all slaves [ 2345.418388][ T3412] hsr_slave_0: left promiscuous mode [ 2345.533631][ T3412] hsr_slave_1: left promiscuous mode [ 2346.361260][ T3412] veth1_macvtap: left promiscuous mode [ 2346.377036][ T3412] veth0_macvtap: left promiscuous mode [ 2346.396774][ T3412] veth1_vlan: left promiscuous mode [ 2346.409905][ T3412] veth0_vlan: left promiscuous mode [ 2397.102635][ T24] audit: type=1400 audit(2396.260:191): avc: denied { write } for pid=4500 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2405.798284][ T24] audit: type=1400 audit(2404.980:192): avc: denied { write } for pid=4511 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2411.943984][ T4449] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2412.080341][ T3205] 8021q: adding VLAN 0 to HW filter on device eth9 [ 2412.387278][ T4449] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2413.859078][ T24] audit: type=1400 audit(2413.050:193): avc: denied { map } for pid=4516 comm="syz.3.205" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=15641 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 2413.957686][ T24] audit: type=1400 audit(2413.140:194): avc: denied { read } for pid=4516 comm="syz.3.205" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=15641 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 2429.412921][ T24] audit: type=1400 audit(2428.540:195): avc: denied { write } for pid=4529 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2436.722813][ T24] audit: type=1400 audit(2435.910:196): avc: denied { write } for pid=4537 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2442.027496][ T3205] 8021q: adding VLAN 0 to HW filter on device eth10 [ 2443.491091][ T4449] hsr_slave_0: entered promiscuous mode [ 2443.596700][ T4449] hsr_slave_1: entered promiscuous mode [ 2463.887217][ T24] audit: type=1400 audit(2463.070:197): avc: denied { write } for pid=4552 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2466.799940][ T4449] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 2467.230802][ T4449] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 2467.410028][ T4449] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 2467.748036][ T4449] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 2467.919471][ T4449] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 2468.340712][ T4449] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 2468.449666][ T4449] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 2468.879793][ T4449] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 2474.650865][ T24] audit: type=1400 audit(2473.840:198): avc: denied { write } for pid=4562 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2480.630211][ T3205] 8021q: adding VLAN 0 to HW filter on device eth11 [ 2498.808974][ T4449] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2499.185741][ T24] audit: type=1400 audit(2498.370:199): avc: denied { write } for pid=4581 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2509.805601][ T24] audit: type=1400 audit(2508.970:200): avc: denied { write } for pid=4591 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2516.997213][ T3205] 8021q: adding VLAN 0 to HW filter on device eth12 [ 2571.475613][ T24] audit: type=1400 audit(2570.640:201): avc: denied { write } for pid=4631 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2583.113597][ T24] audit: type=1400 audit(2582.300:202): avc: denied { write } for pid=4643 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2600.844451][ T24] audit: type=1400 audit(2600.020:203): avc: denied { write } for pid=4653 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2610.462562][ T24] audit: type=1400 audit(2609.650:204): avc: denied { write } for pid=4661 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2629.433452][ T24] audit: type=1400 audit(2628.550:205): avc: denied { write } for pid=4673 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2640.543329][ T24] audit: type=1400 audit(2639.690:206): avc: denied { write } for pid=4682 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2651.937008][ T4449] veth0_vlan: entered promiscuous mode [ 2653.217390][ T4449] veth1_vlan: entered promiscuous mode [ 2657.304752][ T4449] veth0_macvtap: entered promiscuous mode [ 2658.057833][ T4449] veth1_macvtap: entered promiscuous mode [ 2661.873273][ T3423] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2661.903478][ T3423] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2662.065937][ T3423] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2662.094211][ T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2663.247071][ T24] audit: type=1400 audit(2662.410:207): avc: denied { write } for pid=4695 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2674.573299][ T24] audit: type=1400 audit(2673.740:208): avc: denied { write } for pid=4704 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2694.505942][ T24] audit: type=1400 audit(2693.670:209): avc: denied { write } for pid=4714 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2706.123443][ T24] audit: type=1400 audit(2705.310:210): avc: denied { write } for pid=4721 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2723.219409][ T4735] kvm [4735]: Failed to find VMA for hva 0x20d51000 [ 2859.175198][ T4426] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2859.670089][ T4749] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2860.061230][ T4426] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2860.736247][ T4749] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2862.259618][ T4426] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2864.414805][ T4426] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2883.776384][ T4426] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2884.365188][ T4426] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2884.538002][ T4426] bond0 (unregistering): Released all slaves [ 2887.784476][ T4426] hsr_slave_0: left promiscuous mode [ 2887.884500][ T4426] hsr_slave_1: left promiscuous mode [ 2888.350920][ T4426] veth1_macvtap: left promiscuous mode [ 2888.409140][ T4426] veth0_macvtap: left promiscuous mode [ 2888.429274][ T4426] veth1_vlan: left promiscuous mode [ 2888.437818][ T4426] veth0_vlan: left promiscuous mode [ 2908.296135][ T4756] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2908.750562][ T4756] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2912.757124][ T4426] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2915.671125][ T4426] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2916.797908][ T4749] hsr_slave_0: entered promiscuous mode [ 2916.855038][ T4749] hsr_slave_1: entered promiscuous mode [ 2916.890187][ T4749] debugfs: 'hsr0' already exists in 'hsr' [ 2916.897536][ T4749] Cannot create hsr debugfs directory [ 2917.314470][ T4426] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2919.393826][ T4426] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2921.262849][ T24] audit: type=1400 audit(2920.380:211): avc: denied { write } for pid=4813 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2929.229111][ T24] audit: type=1400 audit(2928.370:212): avc: denied { write } for pid=4821 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2942.954722][ T4426] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2943.110316][ T4426] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2943.228966][ T4426] bond0 (unregistering): Released all slaves [ 2944.647464][ T3205] 8021q: adding VLAN 0 to HW filter on device eth13 [ 2945.060577][ T4426] hsr_slave_0: left promiscuous mode [ 2945.188874][ T4426] hsr_slave_1: left promiscuous mode [ 2945.649590][ T4426] veth1_macvtap: left promiscuous mode [ 2945.683552][ T4426] veth0_macvtap: left promiscuous mode [ 2945.685268][ T4426] veth1_vlan: left promiscuous mode [ 2945.697174][ T4426] veth0_vlan: left promiscuous mode [ 2966.320431][ T4756] hsr_slave_0: entered promiscuous mode [ 2966.360106][ T4756] hsr_slave_1: entered promiscuous mode [ 2970.129002][ T4749] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 2970.453497][ T4749] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 2970.480126][ T4749] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 2970.741028][ T4749] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 2971.790274][ T4749] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 2971.957171][ T4749] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 2972.039563][ T4749] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 2972.228842][ T4749] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 2974.704889][ T24] audit: type=1400 audit(2973.880:213): avc: denied { write } for pid=4833 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2981.354313][ T24] audit: type=1400 audit(2980.540:214): avc: denied { write } for pid=4844 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2983.767270][ T4756] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 2984.047539][ T4756] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 2984.110417][ T4756] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 2984.434431][ T4756] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 2984.564494][ T4756] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 2984.858804][ T4756] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 2984.969186][ T4756] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 2985.319525][ T4756] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 2987.033991][ T3205] 8021q: adding VLAN 0 to HW filter on device eth14 [ 3005.447609][ T4749] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3007.956338][ T24] audit: type=1400 audit(3007.130:215): avc: denied { write } for pid=4863 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3018.077140][ T4756] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3018.274096][ T24] audit: type=1400 audit(3017.420:216): avc: denied { write } for pid=4871 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3023.888496][ T3205] 8021q: adding VLAN 0 to HW filter on device eth16 [ 3043.739868][ T24] audit: type=1400 audit(3042.930:217): avc: denied { write } for pid=4885 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3054.145575][ T24] audit: type=1400 audit(3053.300:218): avc: denied { write } for pid=4894 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3060.739159][ T3205] 8021q: adding VLAN 0 to HW filter on device eth15 [ 3080.203486][ T24] audit: type=1400 audit(3079.380:219): avc: denied { write } for pid=4909 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3088.177997][ T24] audit: type=1400 audit(3087.350:220): avc: denied { write } for pid=4920 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3093.621319][ T3205] 8021q: adding VLAN 0 to HW filter on device eth17 [ 3103.176387][ T24] audit: type=1400 audit(3102.340:221): avc: denied { write } for pid=4928 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3112.714673][ T24] audit: type=1400 audit(3111.870:222): avc: denied { write } for pid=4939 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3140.303506][ T24] audit: type=1400 audit(3139.490:223): avc: denied { write } for pid=4955 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3141.210430][ T4749] veth0_vlan: entered promiscuous mode [ 3142.426511][ T4749] veth1_vlan: entered promiscuous mode [ 3145.956307][ T4749] veth0_macvtap: entered promiscuous mode [ 3146.516174][ T4749] veth1_macvtap: entered promiscuous mode [ 3149.965595][ T3735] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3150.007438][ T4223] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3150.154124][ T4426] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3150.158090][ T4426] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3150.555897][ T24] audit: type=1400 audit(3149.710:224): avc: denied { write } for pid=4963 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3155.848105][ T4756] veth0_vlan: entered promiscuous mode [ 3156.398778][ T3205] 8021q: adding VLAN 0 to HW filter on device eth18 [ 3157.438933][ T4756] veth1_vlan: entered promiscuous mode [ 3161.295402][ T4756] veth0_macvtap: entered promiscuous mode [ 3161.975955][ T4756] veth1_macvtap: entered promiscuous mode [ 3166.610433][ T4697] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3166.615337][ T4697] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3166.775118][ T4697] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3167.036008][ T4697] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3184.684252][ T24] audit: type=1400 audit(3183.830:225): avc: denied { write } for pid=4973 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3199.102860][ T24] audit: type=1400 audit(3198.240:226): avc: denied { write } for pid=4982 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3209.210291][ T3205] 8021q: adding VLAN 0 to HW filter on device eth19 [ 3248.890039][ T24] audit: type=1400 audit(3248.060:227): avc: denied { write } for pid=5002 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3262.892742][ T24] audit: type=1400 audit(3262.060:228): avc: denied { write } for pid=5013 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3271.534245][ T3205] 8021q: adding VLAN 0 to HW filter on device eth20 [ 3319.203420][ T24] audit: type=1400 audit(3318.370:229): avc: denied { write } for pid=5042 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3333.004358][ T24] audit: type=1400 audit(3332.120:230): avc: denied { write } for pid=5053 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3374.673833][ T24] audit: type=1400 audit(3373.800:231): avc: denied { write } for pid=5072 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3388.833268][ T24] audit: type=1400 audit(3387.970:232): avc: denied { write } for pid=5081 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3411.253622][ T24] audit: type=1400 audit(3410.420:233): avc: denied { write } for pid=5091 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3424.107070][ T24] audit: type=1400 audit(3423.210:234): avc: denied { write } for pid=5101 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3473.690750][ T24] audit: type=1400 audit(3472.850:235): avc: denied { write } for pid=5124 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3488.267499][ T24] audit: type=1400 audit(3487.430:236): avc: denied { write } for pid=5134 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3522.933808][ T24] audit: type=1400 audit(3522.100:237): avc: denied { write } for pid=5149 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3536.599840][ T24] audit: type=1400 audit(3535.780:238): avc: denied { write } for pid=5161 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3571.950008][ T24] audit: type=1400 audit(3570.990:239): avc: denied { write } for pid=5176 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3584.304305][ T24] audit: type=1400 audit(3583.380:240): avc: denied { write } for pid=5185 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3628.952688][ T24] audit: type=1400 audit(3628.050:241): avc: denied { write } for pid=5211 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3641.213100][ T24] audit: type=1400 audit(3640.350:242): avc: denied { write } for pid=5220 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3671.749714][ T24] audit: type=1400 audit(3670.940:243): avc: denied { write } for pid=5231 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3686.877173][ T24] audit: type=1400 audit(3686.050:244): avc: denied { write } for pid=5245 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3719.005199][ T24] audit: type=1400 audit(3718.100:245): avc: denied { write } for pid=5256 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3731.712967][ T24] audit: type=1400 audit(3730.870:246): avc: denied { map } for pid=5267 comm="syz.5.288" path="pipe:[17811]" dev="pipefs" ino=17811 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 3733.176011][ T24] audit: type=1400 audit(3732.350:247): avc: denied { write } for pid=5268 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3757.114084][ T24] audit: type=1400 audit(3756.300:248): avc: denied { write } for pid=5276 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3770.173220][ T24] audit: type=1400 audit(3769.330:249): avc: denied { write } for pid=5289 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4017.443361][ T24] audit: type=1400 audit(4016.600:250): avc: denied { write } for pid=5405 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4032.065673][ T24] audit: type=1400 audit(4031.240:251): avc: denied { write } for pid=5417 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4547.861225][ T24] audit: type=1400 audit(4547.050:252): avc: denied { write } for pid=5654 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4561.399261][ T24] audit: type=1400 audit(4560.580:253): avc: denied { write } for pid=5664 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4947.924103][ T24] audit: type=1400 audit(4947.030:254): avc: denied { write } for pid=5826 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4958.423399][ T24] audit: type=1400 audit(4957.610:255): avc: denied { write } for pid=5837 comm="rm" name="hook-state" dev="tmpfs" ino=118 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4972.119859][ T5799] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4972.515305][ T5799] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4985.226492][ T5804] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4985.620731][ T5804] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 5013.979100][ T5799] hsr_slave_0: entered promiscuous mode [ 5014.059599][ T5799] hsr_slave_1: entered promiscuous mode [ 5014.169052][ T5799] debugfs: 'hsr0' already exists in 'hsr' [ 5014.216103][ T5799] Cannot create hsr debugfs directory [ 5026.345819][ T5804] hsr_slave_0: entered promiscuous mode [ 5026.438094][ T5804] hsr_slave_1: entered promiscuous mode [ 5026.508397][ T5804] debugfs: 'hsr0' already exists in 'hsr' [ 5026.514860][ T5804] Cannot create hsr debugfs directory [ 5044.153737][ T5799] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 5044.698775][ T5799] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 5045.784639][ T5799] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 5046.121116][ T5799] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 5046.209618][ T5799] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 5046.596648][ T5799] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 5049.155951][ T5799] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 5049.558423][ T5799] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 5063.420305][ T5804] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 5064.071102][ T5804] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 5064.317845][ T5804] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 5064.907184][ T5804] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 5065.060654][ T5804] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 5065.634768][ T5804] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 5065.835094][ T5804] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 5066.409429][ T5804] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 5093.717039][ T5799] 8021q: adding VLAN 0 to HW filter on device bond0 [ 5106.376587][ T5804] 8021q: adding VLAN 0 to HW filter on device bond0 [ 5273.618393][ T26] INFO: task syz.6.429:5794 blocked for more than 430 seconds. [ 5273.656391][ T26] Not tainted syzkaller #0 [ 5273.683790][ T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 5273.684814][ T26] task:syz.6.429 state:D stack:0 pid:5794 tgid:5794 ppid:4756 task_flags:0x400040 flags:0x00000011 [ 5273.686318][ T26] Call trace: [ 5273.686813][ T26] __switch_to+0x5e0/0xb70 (T) [ 5273.689013][ T26] __schedule+0x2554/0x3828 [ 5273.689532][ T26] schedule+0xac/0x278 [ 5273.690000][ T26] schedule_timeout+0x68/0x1ec [ 5273.690458][ T26] do_wait_for_common+0x270/0x428 [ 5273.690908][ T26] wait_for_completion+0x44/0x5c SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 5273.885335][ T26] __synchronize_srcu+0x1b4/0x1f4 [ 5273.893294][ T26] synchronize_srcu+0x668/0x8dc [ 5273.894057][ T26] mmu_notifier_unregister+0x320/0x428 [ 5273.894562][ T26] kvm_put_kvm+0x69c/0xbbc [ 5273.895012][ T26] kvm_vm_release+0x58/0x78 [ 5273.895463][ T26] __fput+0x4ac/0x978 [ 5273.895908][ T26] ____fput+0x20/0x30 [ 5273.896331][ T26] task_work_run+0x1b8/0x250 [ 5273.896787][ T26] exit_to_user_mode_loop+0x110/0x188 [ 5273.897309][ T26] el0_svc+0x184/0x238 [ 5273.897784][ T26] el0t_64_sync_handler+0x84/0x12c [ 5273.898251][ T26] el0t_64_sync+0x198/0x19c [ 5273.900361][ T26] [ 5273.900361][ T26] Showing all locks held in the system: [ 5273.900859][ T26] 3 locks held by kworker/u4:0/12: [ 5274.028304][ T26] #0: fff0000074d280e0 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x364/0x3828 [ 5274.063414][ T26] #1: fff0000074d13208 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x6c/0x6e8 [ 5274.065129][ T26] #2: fff0000074d14b58 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x5cc/0xe90 [ 5274.067503][ T26] 1 lock held by khungtaskd/26: [ 5274.067894][ T26] #0: ffff800087db4518 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x0/0x44 [ 5274.069729][ T26] 2 locks held by getty/3233: [ 5274.070061][ T26] #0: 3df00000127360a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c [ 5274.223840][ T26] #1: b5ff80008cb4b2e8 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x314/0x1214 [ 5274.225732][ T26] 2 locks held by syz-executor/3364: [ 5274.226079][ T26] 3 locks held by kworker/u4:6/3423: [ 5274.226370][ T26] 3 locks held by kworker/u4:8/3735: [ 5274.226678][ T26] 2 locks held by kworker/u4:5/4426: [ 5274.226994][ T26] #0: 8af000000d036540 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x804/0x1d5c [ 5274.228878][ T26] #1: ffff80008f947cb8 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x890/0x1d5c [ 5274.230509][ T26] 2 locks held by kworker/u4:9/4697: [ 5274.230840][ T26] #0: 8af000000d036540 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x804/0x1d5c [ 5274.407510][ T26] #1: ffff80008f867cb8 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x890/0x1d5c [ 5274.409162][ T26] 3 locks held by kworker/u4:12/4948: [ 5274.409525][ T26] 3 locks held by kworker/u4:2/5569: [ 5274.409857][ T26] 2 locks held by syz.5.428/5792: [ 5274.410205][ T26] 2 locks held by kworker/u4:13/5887: [ 5274.410505][ T26] 3 locks held by kworker/u4:14/5917: [ 5274.410817][ T26] 1 lock held by modprobe/5962: [ 5274.411144][ T26] 1 lock held by modprobe/5963: [ 5274.517760][ T26] [ 5274.518125][ T26] ============================================= [ 5274.518125][ T26] [ 5274.519099][ T26] Kernel panic - not syncing: hung_task: blocked tasks [ 5274.523677][ T26] CPU: 0 UID: 0 PID: 26 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT [ 5274.525102][ T26] Hardware name: linux,dummy-virt (DT) [ 5274.525883][ T26] Call trace: [ 5274.526587][ T26] show_stack+0x2c/0x3c (C) [ 5274.527611][ T26] __dump_stack+0x30/0x40 [ 5274.528401][ T26] dump_stack_lvl+0x30/0x12c [ 5274.529383][ T26] dump_stack+0x1c/0x28 [ 5274.530267][ T26] vpanic+0x4cc/0x844 [ 5274.531119][ T26] vpanic+0x0/0x844 [ 5274.531858][ T26] hung_task_panic+0x0/0x2c [ 5274.532711][ T26] kthread+0x4d4/0x51c [ 5274.533627][ T26] ret_from_fork+0x10/0x20 [ 5274.535408][ T26] Kernel Offset: disabled [ 5274.536076][ T26] CPU features: 0x00000000,0034600b,f7c647a1,057ffe1f [ 5274.537031][ T26] Memory Limit: none [ 5274.539201][ T26] Rebooting in 86400 seconds..