last executing test programs: 52m24.924341643s ago: executing program 0 (id=50): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc018aec0, &(0x7f00000000c0)={0x6, 0xffffffffffffffff, 0x1}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x3, 0x2, &(0x7f0000000000)=0x7f60}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x80) ioctl$KVM_CREATE_VM(r2, 0xae01, 0xd) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r3, 0x400454cc, 0x110c230020) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x4000000000ffd) 52m16.884728924s ago: executing program 0 (id=51): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_filter={0x0, 0x0, 0x2, 0x0}) r4 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) (async) r6 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, 0x0, 0x0, 0x0) (async) r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x2a) (async) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x10000027) ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r9, 0x4068aea3, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000200)={0xffffffff, 0x2, 0x3}}) (async) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x12) (async) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil}) (async) ioctl$KVM_CLEAR_DIRTY_LOG(r11, 0xc018aec0, &(0x7f0000000140)={0x0, 0x240, 0x380, 0x0}) (async, rerun: 64) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 64) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) (async) r12 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000b80)={0x0, 0x0}, 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, 0x0, 0x80, 0x0) (async) r13 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r13, 0x4018aee3, 0x0) r14 = openat$kvm(0x0, 0x0, 0x64441, 0x0) ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) (async, rerun: 64) ioctl$KVM_RUN(r12, 0xae80, 0x0) (rerun: 64) 52m14.11338597s ago: executing program 1 (id=52): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000040)=@arm64_sys={0x603000000013c028, &(0x7f0000000600)=0x1}) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r6, 0x4068aea3, &(0x7f0000000000)={0xef, 0x0, 0x7}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r9, 0x400454d4, 0x110c230020) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CLEAR_DIRTY_LOG(r4, 0xc018aec0, 0xfffffffffffffffe) openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async) openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async) syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000040)=@arm64_sys={0x603000000013c028, &(0x7f0000000600)=0x1}) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) (async) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r6, 0x4068aea3, &(0x7f0000000000)={0xef, 0x0, 0x7}) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) (async) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async) ioctl$KVM_CREATE_VM(r9, 0x400454d4, 0x110c230020) (async) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_CLEAR_DIRTY_LOG(r4, 0xc018aec0, 0xfffffffffffffffe) (async) 52m6.662046776s ago: executing program 0 (id=53): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@mrs={0xbe, 0x18, {0x603000000013e208}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x80000, 0x10000, 0x0, 0x0, 0x2}}], 0x40}, 0x0, 0x0) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000280), 0x103080, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_vgic_v3_setup(r4, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f0000000040)=@attr_other={0x0, 0x9, 0x10080000000084, 0x0}) r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000b69000/0x400000)=nil) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x5, 0xb, 0x0, 0x2, 0x6, 0x6, 0x9, 0x8, 0x88, 0x47, 0x9, 0x0, 0x8, 0x6, 0xe2, 0x3, 0x6, 0x0, '\x00', 0x6, 0x6}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r8, 0x4, 0x20) ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r8, 0x4068aea3, &(0x7f00000002c0)) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000000)={0xef, 0x0, 0x7}) r9 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@mrs={0xbe, 0x18, {0x603000000013c807}}], 0x18}, 0x0, 0x0) ioctl$KVM_RUN(r9, 0xae80, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) 52m4.58683854s ago: executing program 1 (id=54): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x5d) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r5, 0x4010ae68, &(0x7f0000000040)={0xe000, 0x2000}) ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x4) r6 = ioctl$KVM_CREATE_GUEST_MEMFD(r3, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3}) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x2000003, 0x2013, r6, 0x0) r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x161942, 0x0) ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f0000000200)={0x6, 0x0, [{0xffffffff, 0x5, 0x0, 0x0, @adapter={0xe75a, 0x16698, 0x7, 0x10000, 0x7f}}, {0xfffffff7, 0x4, 0x0, 0x0, @msi={0xffffffff, 0x3, 0x8, 0x628c60f8}}, {0x3ff, 0x1, 0x1, 0x0, @msi={0x1, 0x4, 0x4, 0x63}}, {0x6, 0x5, 0x1, 0x0, @adapter={0x5, 0x1, 0x8, 0xc, 0x7}}, {0x1, 0x2, 0x0, 0x0, @msi={0x2, 0x0, 0x45a4, 0x3}}, {0x401, 0x2, 0x1, 0x0, @adapter={0x3, 0x0, 0x305fc039800, 0x6, 0x2}}]}) munmap(&(0x7f0000000000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000007000/0x2000)=nil, r7, 0x3000003, 0x2011, r6, 0x0) 51m55.160744904s ago: executing program 0 (id=55): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000080)={0x2ce, 0x0, 0x4, 0xffffffffffffffff, 0x11}) 51m52.596025457s ago: executing program 1 (id=56): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x141900, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0xb, 0xffffffffffffffff, 0x1}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000280)={{0x1, 0x8080000, 0xe, 0x6, 0x4, 0xa, 0x3, 0xe, 0x0, 0x1, 0xc, 0x3}, {0x2, 0x1000, 0xd, 0x13, 0x1, 0x8, 0x3, 0x8, 0x0, 0x46, 0x2}, {0x2, 0x5001, 0x4, 0xf, 0x5, 0x3, 0xc3, 0x6, 0x3, 0x6, 0x5, 0x3}, {0x3000, 0x3000, 0xc, 0xc, 0x7f, 0x6, 0x8, 0x7f, 0x9, 0x2, 0x3, 0x6}, {0x1, 0x8000000, 0x0, 0xd, 0x59, 0x2d, 0x5, 0xc, 0xfc, 0x0, 0xd8, 0xe5}, {0x2, 0x8092000, 0x8, 0xbd, 0x6, 0x7, 0x10, 0x1, 0xbf, 0x18, 0x2, 0x4}, {0x5000, 0x8000000, 0xc, 0x9, 0x0, 0xf, 0x10, 0x3, 0x0, 0x0, 0x80, 0x9}, {0xdddd0000, 0xffff, 0x10, 0x4, 0x3, 0x3, 0x0, 0xf9, 0x1, 0x8, 0x0, 0xfe}, {0x1}, {0xffff1000, 0x17}, 0x40019, 0x0, 0x1, 0x0, 0x100000002, 0x0, 0xdddd1000, [0x1, 0x3, 0x4000000000000009, 0x7]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000010c0)={[0x60000000003, 0x1000000000, 0x0, 0x10, 0xb46, 0x0, 0x7fffffff, 0x40000004, 0xffff, 0xffff7ffffffffffd, 0x5, 0xffffffffffffffff, 0x7fffffffffffffff, 0x0, 0x0, 0x7d8000000000000], 0x1, 0x202}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 51m46.469946824s ago: executing program 0 (id=57): r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000300)="fb4149dd033b8986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67525673312b01040000000000002627e7000000000000000200", 0x0, 0xfffffffffffffe73) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r2, 0x0) r4 = eventfd2(0x0, 0x0) close(r4) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) write$eventfd(r4, &(0x7f0000000100)=0xfffffffffffffffe, 0x8) r5 = eventfd2(0x10, 0x801) close(r5) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, 0x930, 0x2000004, 0x2011, r5, 0x0) 51m45.648787033s ago: executing program 1 (id=58): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000200)={0x3, "e0b52f"}) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000000)=@attr_arm64={0x0, 0x3, 0x3, 0xffffffffffffffff}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x6, 0x86, 0x6, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, 0x8, '\x00', 0x1, 0x7}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(0xffffffffffffffff, 0x4068aea3, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x5, 0x0, &(0x7f0000000000)=0x8}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x9, 0xb, 0x0, 0x2, 0x6, 0x6, 0x6, 0x48, 0x88, 0xfb, 0x9, 0x0, 0xb, 0x6, 0xa, 0x3, 0x8, 0x1, '\x00', 0x10, 0x6}) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r8, &(0x7f00000001c0)=0x8100000001, 0x2d73) write$eventfd(r5, &(0x7f00000001c0), 0xe80) r9 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f1, 0x8000}}, @msr={0x14, 0x20, {0x603000000013c4f2, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce0, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce2, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce3, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce4, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce5, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x120}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r12, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) ioctl$KVM_RUN(r12, 0xae80, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0) 51m29.773326823s ago: executing program 0 (id=59): openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x113880, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x29) syz_kvm_vgic_v3_setup(r4, 0x40002, 0x260) ioctl$KVM_IRQ_LINE_STATUS(r4, 0xc008ae67, &(0x7f0000000000)={0x9, 0x5}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x7, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r7, 0x401054d5, 0xb) r8 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@smc={0x1e, 0x0, {0x84000053, [0x1000009, 0x8000000000000001, 0xffffffffffffffff, 0x400, 0xfffffffffffff801]}}], 0xc7}, 0x0, 0x0) ioctl$KVM_RUN(r9, 0xae80, 0x0) 51m27.261130214s ago: executing program 1 (id=60): mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil) (async) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil) r0 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x400000f, 0x80031, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000680)="38ce8347fc1e86008cfc72bb352c8659dcc9225b48cb5cb00c73b0b33018748e73f7f1f493e89c859e17625ad1b19ca88da9c227db3473a7fd4ce992bfc316bd22ccc646cd69c728", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) (async) munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) 51m19.713307825s ago: executing program 1 (id=61): openat$kvm(0x0, 0x0, 0x0, 0x0) r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29) r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r2, 0x4b47, 0xfffffffffffffffe) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x26) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000300)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0}) r6 = eventfd2(0x8801, 0x800) r7 = eventfd2(0x83ff, 0x0) ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000180)={r6, 0x3fb6, 0x0, r7}) ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000000)={r7, 0x5, 0x2, r7}) ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000140)={r7, 0x5, 0x1, r6}) r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r10 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r9, 0x2, 0x12, r8, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000002c0)="fb016bddfb405ee52cc6a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb2070000000000000000000000c20cecfa0a97ab7800", 0x0, 0x48) r11 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x80000, 0x10000, 0x0, 0x0, 0x2}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r13, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000040)={0x2, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r15, 0xae80, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) 50m44.431920457s ago: executing program 32 (id=59): openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x113880, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x29) syz_kvm_vgic_v3_setup(r4, 0x40002, 0x260) ioctl$KVM_IRQ_LINE_STATUS(r4, 0xc008ae67, &(0x7f0000000000)={0x9, 0x5}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x7, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r7, 0x401054d5, 0xb) r8 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@smc={0x1e, 0x0, {0x84000053, [0x1000009, 0x8000000000000001, 0xffffffffffffffff, 0x400, 0xfffffffffffff801]}}], 0xc7}, 0x0, 0x0) ioctl$KVM_RUN(r9, 0xae80, 0x0) 50m32.764478715s ago: executing program 33 (id=61): openat$kvm(0x0, 0x0, 0x0, 0x0) r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x29) r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r2, 0x4b47, 0xfffffffffffffffe) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x26) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000300)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x0, 0x0}) r6 = eventfd2(0x8801, 0x800) r7 = eventfd2(0x83ff, 0x0) ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000180)={r6, 0x3fb6, 0x0, r7}) ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000000)={r7, 0x5, 0x2, r7}) ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000140)={r7, 0x5, 0x1, r6}) r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r10 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r9, 0x2, 0x12, r8, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000002c0)="fb016bddfb405ee52cc6a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb2070000000000000000000000c20cecfa0a97ab7800", 0x0, 0x48) r11 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x1, 0x80000, 0x10000, 0x0, 0x0, 0x2}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r13, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000040)={0x2, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r16, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r15, 0xae80, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) 42m7.654223985s ago: executing program 2 (id=87): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x21) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x9, 0xb, 0x0, 0x5, 0x6, 0x6, 0x26, 0x48, 0x86, 0xdd, 0x9, 0x0, 0x6, 0x973, 0xe, 0x3, 0x5, 0x0, '\x00', 0x10, 0x6}) r3 = openat$kvm(0x0, &(0x7f0000000040), 0xc0083, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x11, r3, 0x0) write$eventfd(r2, &(0x7f00000001c0)=0x3, 0x50) 41m56.150165794s ago: executing program 2 (id=89): r0 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) r1 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000240)={0x1fe, 0x3, 0xdddd1000, 0x1000, &(0x7f0000fff000/0x1000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f00000000c0)={0x10001, 0x3, 0x7000, 0x2000, &(0x7f000000f000/0x2000)=nil}) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x2001, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60) ioctl$KVM_SET_GSI_ROUTING(r7, 0x4008ae6a, &(0x7f0000000140)={0x2, 0x0, [{0x3, 0x1, 0x0, 0x0, @msi={0x0, 0x3, 0x1, 0x2}}, {0x3, 0x1, 0x0, 0x0, @msi={0x2, 0x7, 0xb, 0x5}}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000200)={0x1fd, 0x0, 0xeeee0000, 0x1000, &(0x7f0000ffd000/0x1000)=nil}) r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r8, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000fff000/0x1000)=nil}) r9 = eventfd2(0x2, 0x0) ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000140)={0x80, 0x4, 0x0, r9}) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616}) ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000180)={0x5000}) r10 = syz_kvm_add_vcpu$arm64(r1, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) 41m36.792777712s ago: executing program 2 (id=91): openat$kvm(0x0, 0xfffffffffffffffe, 0x0, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) (async) r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001}) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) r8 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x1800002, 0x11, r7, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000200)="f301181301d136000000000000f4ff0000802346cbd987000001000200ecff0900010200250000000000000000000000000001000000000040000000000000000000000100", 0x0, 0x48) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r7, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x40305829, &(0x7f0000000100)=@attr_arm64={0x0, 0x2, 0x0, 0x0}) r9 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r9, &(0x7f00000002c0)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x81}], 0x1) r10 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013deac, 0xfffdffffc1af0ec0}}], 0x20}, 0x0, 0x0) (async) syz_kvm_add_vcpu$arm64(r3, 0x0, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r1, 0x3, 0xa0) ioctl$KVM_RUN(r10, 0xae80, 0x0) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1c1800, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x2b) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000aec000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000040)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r11, 0xae04) (async) ioctl$KVM_SET_VCPU_EVENTS(r14, 0x4040aea0, &(0x7f00000000c0)=@arm64={0x7, 0x0, 0x5, '\x00', 0x4}) (async) ioctl$KVM_RUN(r14, 0xae80, 0x0) 41m19.487397588s ago: executing program 2 (id=93): r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) (async) r1 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r2 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) close(r2) (async) r5 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x40010, r4, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000340)="fb0149dd033be3ac2cc40000000001000000000000000017110000000000000000000000000000000000000000000000000000000000000000000000150000000000b900", 0x0, 0x48) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0) (async) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) (async) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r6, 0x40305839, 0x19) (async) r7 = syz_kvm_add_vcpu$arm64(r1, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000180)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000200)=0x4}) ioctl$KVM_RUN(r7, 0xae80, 0x0) (async) r8 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000080)={0xffffffffffffffff, 0x800c8, 0x2}) (async) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r9, 0xae01, 0x18) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x400454cb, 0x110c230020) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) (async) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f00000000c0)={0x7}) (async) r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000040)={0x2710, 0x0, 0x6000, 0x2000, &(0x7f0000fa2000/0x2000)=nil}) 41m4.285112418s ago: executing program 2 (id=95): munmap$KVM_VCPU(0x0, 0x1000000000) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r3, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r5 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, r4, 0x200000e, 0x10, r3, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000040)={0x5}) ioctl$KVM_RUN(r8, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, 0x0, 0x0, 0x0) 40m55.812167485s ago: executing program 2 (id=96): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2f) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f00003af000/0x400000)=nil) eventfd2(0x0, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x2044e0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) close(r5) r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000180)=[@its_setup={0x82, 0x28, {0x5, 0x3, 0x1}}], 0x28}, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x10201, 0x1, 0x8000000, 0x1000, &(0x7f0000fff000/0x1000)=nil}) r7 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x340) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000240)={0x8}) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r7, 0x4068aea3, &(0x7f00000001c0)={0xdf, 0x0, 0x9000}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x1, &(0x7f0000000200)=0x6}) ioctl$KVM_RUN(r6, 0xae80, 0x0) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31) ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000280)=@riscv64_aia_csr={0x8030000003010006, &(0x7f0000000000)=0x29}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000040)={0xffff1000, 0x8000}) 40m6.284686449s ago: executing program 34 (id=96): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2f) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f00003af000/0x400000)=nil) eventfd2(0x0, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x2044e0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) close(r5) r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000180)=[@its_setup={0x82, 0x28, {0x5, 0x3, 0x1}}], 0x28}, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x10201, 0x1, 0x8000000, 0x1000, &(0x7f0000fff000/0x1000)=nil}) r7 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x340) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000240)={0x8}) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r7, 0x4068aea3, &(0x7f00000001c0)={0xdf, 0x0, 0x9000}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x1, &(0x7f0000000200)=0x6}) ioctl$KVM_RUN(r6, 0xae80, 0x0) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x31) ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000280)=@riscv64_aia_csr={0x8030000003010006, &(0x7f0000000000)=0x29}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000040)={0xffff1000, 0x8000}) 34m34.15273533s ago: executing program 3 (id=123): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x5, 0xb, 0x0, 0x2, 0x6, 0x6, 0x9, 0x8, 0x89, 0x6, 0x2, 0x0, 0x6, 0x6, 0xe2, 0x3, 0x29, 0x0, '\x00', 0x10, 0x6}) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r5, &(0x7f00000001c0), 0xe80) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x603000000010004e, &(0x7f0000000000)=0x8000}) 34m11.914004863s ago: executing program 3 (id=124): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="f21bc75509bf71c9d70236fc044842dae3ffffffffffffff4c24501958da2e2c18b875c2357c6ed600", 0x0, 0x48) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r2, &(0x7f00000001c0)=0xffffff7f, 0xff25) 34m0.430394591s ago: executing program 3 (id=125): ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x40001, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f00000000c0)={0x5, 0x14}) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000180)=@arm64_sys={0x603000000013c024, 0x0}) r6 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000280)={0x14, 0xff, 0x1}}) r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r10 = ioctl$KVM_CREATE_VM(r9, 0x400454d0, 0x0) r11 = ioctl$KVM_GET_STATS_FD_vm(r10, 0xaece) ioctl$KVM_ASSIGN_SET_MSIX_NR(r11, 0x4008ae73, &(0x7f00000000c0)={0x3, 0x2}) 33m46.769613217s ago: executing program 3 (id=126): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8}) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x23) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r4, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000001c0)="fb0149dd833be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8faa767969d22627e700", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0) r6 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a97f2, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000140)={0x0, &(0x7f0000000240)=[@code={0xa, 0xb0, {"000080da000008d5000080a80060b8f2210080d2c20180d2e30080d2640080d2020000d4007a8dd20020b0f2010180d2c20080d2030180d2440080d2020000d4604f8bd20080b0f2610080d2820080d2430180d2008008d5020000d40090800f0080b0f2c10180d2620180d2830080d2240080d2020000d4406788d20020b0f2610080d2a20180d2a30080d2440180d2020000d4000008d50020004f"}}], 0xb0}, 0x0, 0x0) ioctl$KVM_CREATE_VM(r6, 0x401c5820, 0x20000007) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000140)={0x8, 0xffffffffffffffff}) r11 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1000000000000001, 0x28e}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r3, 0x1, 0x120) ioctl$KVM_RUN(r12, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0xa262, 0x0, &(0x7f0000000300)=0x10000}) r13 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x13) ioctl$KVM_REGISTER_COALESCED_MMIO(r13, 0x4010ae67, &(0x7f0000000000)={0x1, 0x37d03030d7a92616}) ioctl$KVM_REGISTER_COALESCED_MMIO(r13, 0x4010ae67, &(0x7f0000000180)={0x10000, 0x4000}) r14 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) 33m24.989821475s ago: executing program 3 (id=127): r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2d) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_vgic_v3_setup(r1, 0x3, 0x80) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffe0, 0x100, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x0, 0x1, 0x4, 0x9, 0x3}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x379}}], 0x80}, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) r5 = openat$kvm(0x0, 0x0, 0x0, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x27) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000000)=@arm64_ccsidr={0x602000000011000c, 0x0}) ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x8) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f0000000140)=@attr_arm64={0x0, 0x1, 0x0, 0x0}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 33m4.228434306s ago: executing program 3 (id=128): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7fff}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_kvm_setup_cpu$arm64(r1, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000200)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f0000000240)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) syz_kvm_vgic_v3_setup(r1, 0x4, 0x1e0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 32m56.022593223s ago: executing program 4 (id=99): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x80, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bfe000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f00000003c0)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xb0, 0x0, 0x5}}], 0x30}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r11 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x29) r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1) r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04) r15 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r14, 0x3, 0x11, r13, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r15, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r13, 0x0) openat$kvm(0x3f, &(0x7f0000000040), 0x0, 0x0) r16 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2) mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r16, 0x0) 32m17.063744116s ago: executing program 35 (id=128): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7fff}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_kvm_setup_cpu$arm64(r1, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000200)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f0000000240)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) syz_kvm_vgic_v3_setup(r1, 0x4, 0x1e0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 32m6.333693631s ago: executing program 36 (id=99): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x80, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bfe000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f00000003c0)=[@memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xb0, 0x0, 0x5}}], 0x30}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r11 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x29) r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1) r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04) r15 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, r14, 0x3, 0x11, r13, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r15, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r13, 0x0) openat$kvm(0x3f, &(0x7f0000000040), 0x0, 0x0) r16 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2) mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r16, 0x0) 14m25.191470418s ago: executing program 5 (id=195): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r3 = openat$kvm(0x0, &(0x7f0000000280), 0x103080, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) r6 = syz_kvm_vgic_v3_setup(r4, 0x1, 0x40) ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x1, 0x408, &(0x7f0000000140)=0x200a88}) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, r2, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000140), 0x101000, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_ARM_PREFERRED_TARGET(r5, 0x8020aeaf, &(0x7f0000000080)) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100008, &(0x7f0000000040)=0x8000000000000005}) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5) 14m9.834079072s ago: executing program 6 (id=196): mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r3, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0) r5 = eventfd2(0x0, 0x0) close(r5) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) write$eventfd(r5, &(0x7f0000000180)=0x5, 0xfffffde3) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r7 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2) r10 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r9, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000300)="fb4149dd033b8986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67525673312b01040000000000002627e7000000000000000200", 0x0, 0xfffffffffffffe73) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r9, 0x0) r11 = eventfd2(0x0, 0x0) close(r11) r12 = eventfd2(0x0, 0x0) close(r12) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x109272, 0x1f01) write$eventfd(r12, &(0x7f0000000180)=0x6, 0x8) 14m5.953391829s ago: executing program 5 (id=197): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x38) ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f0000000000)={0x2, 0x0, &(0x7f0000ffa000/0x3000)=nil}) openat$kvm(0xffffffffffffff9c, 0x0, 0x4eed40, 0x0) syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000240)="57ffe02b199233af1c100f993e9c1541d69a2077275a13cf", 0x0, 0x18) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x20080, 0x0) r3 = eventfd2(0x2, 0x40800) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x9, 0x4, 0x4, r3, 0x8}) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0x801c581f, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CAP_PTP_KVM(r0, 0x4068aea3, &(0x7f0000000040)) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x6, 0x86, 0x6, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x0, 0x800000, 0x0, 0x3, 0x5, 0x8, '\x00', 0x9, 0x93}) write$eventfd(r7, &(0x7f00000001c0)=0x3, 0xfdef) 13m53.654376817s ago: executing program 5 (id=198): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd7, 0x80000001}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000180)=@arm64={0xd, 0x8, 0x5, '\x00', 0x3}) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bfd000/0x400000)=nil) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r8, 0x4018aee1, &(0x7f0000000340)=@attr_arm64={0x0, 0x0, 0x0, 0xffffffffffffffff}) r9 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r6, r9, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100000, &(0x7f00000001c0)=0x100000001}) r10 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000b80)={0x0, 0x0}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1) r11 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c230, 0x8000}}], 0x20}, 0x0, 0x0) ioctl$KVM_RUN(r14, 0xae80, 0x0) r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x300, 0x0) syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000840)={0x0, &(0x7f0000000540)=[@uexit={0x0, 0x18, 0xb}, @hvc={0x32, 0x40, {0x4, [0x9, 0x120000000, 0x0, 0x800000, 0x2]}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x31d}}, @hvc={0x32, 0x40, {0x80007fff, [0x1, 0x9, 0xffff, 0x80, 0x4]}}, @smc={0x1e, 0x40, {0x80000002, [0x6, 0x2b62ad0a, 0x101, 0x66a, 0x1]}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x21c}}, @msr={0x14, 0x20, {0x603000000013803d, 0x4}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x100, 0x296142cf, 0x2}}, @irq_setup={0x46, 0x18, {0x3, 0x5b}}, @hvc={0x32, 0x40, {0x8600ff01, [0x3, 0xf, 0x7, 0x9, 0x3]}}, @msr={0x14, 0x20, {0x603000000013c2b0, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013deb4}}, @mrs={0xbe, 0x18, {0xc72784589ee9ca25}}, @eret={0xe6, 0x18, 0x6}, @svc={0x122, 0x40, {0x0, [0x8be6, 0x80000000, 0xfff, 0x57, 0x4]}}, @msr={0x14, 0x20, {0x603000000013df68, 0x9}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x40}}, @eret={0xe6, 0x18, 0xcc}, @its_setup={0x82, 0x28, {0x4, 0x2, 0x3e7}}], 0x300}, &(0x7f0000000880)=[@featur1={0x1, 0x6a}], 0x1) r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x28) syz_kvm_add_vcpu$arm64(r4, &(0x7f00000004c0)={0x0, &(0x7f0000000240)=[@code={0xa, 0x6c, {"40b495d20000b8f2810180d2020180d2830180d2640180d2020000d40024000f0084bf0d00c8a05e00008052000040b360338dd20080b8f2a10180d2620180d2c30080d2640080d2020000d4000028d50010204e0020c09a"}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x8, 0x400}}, @eret={0xe6, 0x18, 0xaa9}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1c80, 0x58a, 0x4}}, @uexit={0x0, 0x18, 0x7ff}, @smc={0x1e, 0x40, {0x84000004, [0x2, 0xea4f, 0x9, 0x6, 0x1ff]}}, @code={0xa, 0x6c, {"202d82d20080b0f2610080d2c20180d2830180d2840180d2020000d40040271e000008d580939cd200a0b0f2210080d2020080d2830180d2440180d2020000d4000008d5000028d500fca05e00000054008008d500a0200e"}}, @hvc={0x32, 0x40, {0x400, [0xe, 0x100000001, 0x7, 0x5, 0x8]}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x1, 0xc, 0x81, 0x9, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x6f, 0x4, 0xc, 0x8000, 0xfffffff7, 0x1}}, @smc={0x1e, 0x40, {0xc4000012, [0x7, 0x2, 0x7, 0xc, 0x6]}}], 0x278}, &(0x7f0000000500)=[@featur1={0x1, 0x1e}], 0x1) r17 = ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x0) r18 = mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x11, r17, 0x40000) syz_memcpy_off$KVM_EXIT_HYPERCALL(r18, 0x20, &(0x7f00000000c0)="f610f5b33c962b62c00d0914345792dd23a78cdac1300e5e167ce3c540e94f06530dc539e8c1d98289a14446bb8d486f0060cb76b4abc705083f72adeea32830e92b6c89e7b929ff", 0x0, 0x48) ioctl$KVM_GET_ONE_REG(r10, 0x4010aeab, &(0x7f0000000080)=@arm64_fw={0x6030000000140000, &(0x7f0000000040)=0x2}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) 13m50.525486087s ago: executing program 6 (id=199): r0 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) r1 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000640), 0x105400, 0x0) (async) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2a) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) (async) r4 = syz_kvm_add_vcpu$arm64(r1, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@msr={0x14, 0x20, {0x603000000013c807, 0xf50}}], 0x20}, 0x0, 0x0) (async) ioctl$KVM_HAS_DEVICE_ATTR_vm(r3, 0x4018aee3, &(0x7f0000000080)=@attr_other={0x0, 0x2, 0x0, &(0x7f0000000040)=0x8}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 13m40.715882163s ago: executing program 6 (id=200): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000c00)=[{0x0, &(0x7f0000000640)=[@its_setup={0x82, 0x28, {0x3, 0x3, 0x185}}, @eret={0xe6, 0x18, 0x42d5}, @hvc={0x32, 0x40, {0x4000000, [0x2, 0x543ba709, 0x4, 0x7, 0x3]}}, @eret={0xe6, 0x18, 0xc22}, @eret={0xe6, 0x18, 0x251b3336}, @hvc={0x32, 0x40, {0xc4000007, [0x401, 0x2, 0x1, 0x8, 0x5]}}, @its_setup={0x82, 0x28, {0x2, 0x4, 0x311}}, @smc={0x1e, 0x40, {0x200, [0x0, 0x8, 0x2, 0x8, 0xfffffffffffffff9]}}, @hvc={0x32, 0x40, {0x84000004, [0xffffffffffff0000, 0x0, 0x7, 0x9, 0x6]}}, @msr={0x14, 0x20, {0x6030000000138012, 0x5}}, @msr={0x14, 0x20, {0x603000000013df70, 0x4}}, @uexit={0x0, 0x18, 0x2}, @uexit={0x0, 0x18, 0x1}], 0x208}], 0x1, 0x0, &(0x7f0000000c40)=[@featur2={0x1, 0x8}], 0x1) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000040)=@arm64_sys={0x603000000013c028, &(0x7f0000000600)=0x6}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x20e4586c}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, r8, 0x1, 0x16831, 0xffffffffffffffff, 0x0) 13m24.384966516s ago: executing program 5 (id=201): ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x4, 0xffffffffffffffff}) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000140)=@arm64_sve={0x603000000013df02, 0x0}) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0xac) mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x13, r2, 0x0) 13m20.340152522s ago: executing program 6 (id=202): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, r4, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000940)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f0000000980)=[@featur2={0x1, 0x10}], 0x1) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000200)=0x6}) ioctl$KVM_SET_REGS(r5, 0x4360ae82, &(0x7f0000000340)={[0x3d57, 0x8, 0x6, 0x3, 0x2, 0x92c, 0xfffffffffffffe01, 0x10000000000000b, 0x5, 0x6, 0x4, 0x8, 0x3, 0x0, 0x2, 0xa], 0xc000, 0xa8804}) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0) ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f0000000180)={0x80000000, 0x6000, 0x0, 0xffffffffffffffff, 0xf}) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000000)={0x7}) r12 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f0000000080)={0x0, 0x6000, 0x0, r12}) ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f00000002c0)={0x0, 0x10000}) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f00000000c0)={0x8}) ioctl$KVM_SIGNAL_MSI(r9, 0x4020aea5, &(0x7f0000000000)={0x6000}) munmap$KVM_VCPU(0x0, 0x1000000000) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x0, 0xc, 0x80010, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x0, 0x2000008, 0x10010, r4, 0x0) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x2010, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) 13m7.676865172s ago: executing program 5 (id=203): mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x6030000000100050, 0x0}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r3, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0) r5 = eventfd2(0x0, 0x0) close(r5) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) write$eventfd(r5, &(0x7f0000000180)=0x5, 0xfffffde3) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0) r6 = mmap$KVM_VCPU(&(0x7f0000ff7000/0x4000)=nil, 0x0, 0x4, 0x110, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000000)="e711e1c351d0e4fed44df368444441978f836d10c6a6964d31fcbd860b041070d9688557bf425a98ed8f45b35161f1e31e737bd9ac537432afb5b1bcb69a57bdca602c5eaf8438d9", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0xcb3993e4c7433bb8, 0xffffffffffffffff, 0x0) 13m0.63610232s ago: executing program 6 (id=204): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r3 = ioctl$KVM_CREATE_VM(r2, 0x894c, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xb701, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0x6}) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0xb704, 0x0) 12m53.653976625s ago: executing program 5 (id=205): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x800, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x428003, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r9, 0x8, 0x13, r8, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) mmap$KVM_VCPU(&(0x7f0000f8b000/0x3000)=nil, r9, 0x2, 0x110, r10, 0x0) r11 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) ioctl$KVM_CREATE_IRQCHIP(r12, 0xae60) r13 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000b5b000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}], 0x20}, 0x0, 0x0) ioctl$KVM_RUN(r14, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r15 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000180)={0x0, &(0x7f00000000c0)=[@hvc={0x32, 0x40, {0x84000007, [0x8, 0x10000, 0x7, 0x3, 0x8]}}], 0x40}, 0x0, 0x0) 12m47.386418566s ago: executing program 6 (id=206): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r1, 0x0, 0x100) ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000000)={0xd0c19de284cd3ebf, 0x4, 0x7, 0x0, 0x6}) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r3, 0xc020660b, 0xe1) r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x40001, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000200)={0x5, 0x9}) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000bfe000/0x400000)=nil) r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r13, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0x1, 0x1001, 0x2}}) ioctl$KVM_SET_DEVICE_ATTR_vm(r13, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9e, 0x7fffffff, 0x2}}) r14 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f0000000000)=@arm64_extra={0x603000000013c026, &(0x7f0000000140)}) ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000180)=@arm64_sys={0x603000000013c024, 0x0}) r15 = syz_kvm_vgic_v3_setup(r4, 0x1, 0x40) ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0x1, 0x304, &(0x7f00000000c0)=0x83}) r16 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r17 = ioctl$KVM_CREATE_VM(r16, 0xae01, 0x4) r18 = syz_kvm_vgic_v3_setup(r17, 0x3, 0xc0) ioctl$KVM_SET_DEVICE_ATTR(r18, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x1, &(0x7f0000000100)=0x8}) 12m7.82284233s ago: executing program 37 (id=205): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x800, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x428003, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) r9 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, r9, 0x8, 0x13, r8, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) mmap$KVM_VCPU(&(0x7f0000f8b000/0x3000)=nil, r9, 0x2, 0x110, r10, 0x0) r11 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) ioctl$KVM_CREATE_IRQCHIP(r12, 0xae60) r13 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000b5b000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x2}}], 0x20}, 0x0, 0x0) ioctl$KVM_RUN(r14, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r15 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r15, &(0x7f0000000180)={0x0, &(0x7f00000000c0)=[@hvc={0x32, 0x40, {0x84000007, [0x8, 0x10000, 0x7, 0x3, 0x8]}}], 0x40}, 0x0, 0x0) 11m58.433447901s ago: executing program 38 (id=206): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r1, 0x0, 0x100) ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000000)={0xd0c19de284cd3ebf, 0x4, 0x7, 0x0, 0x6}) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r3, 0xc020660b, 0xe1) r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x40001, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000200)={0x5, 0x9}) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000bfe000/0x400000)=nil) r12 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r13, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0x1, 0x1001, 0x2}}) ioctl$KVM_SET_DEVICE_ATTR_vm(r13, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x9e, 0x7fffffff, 0x2}}) r14 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f0000000000)=@arm64_extra={0x603000000013c026, &(0x7f0000000140)}) ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000180)=@arm64_sys={0x603000000013c024, 0x0}) r15 = syz_kvm_vgic_v3_setup(r4, 0x1, 0x40) ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f0000000180)=@attr_other={0x0, 0x1, 0x304, &(0x7f00000000c0)=0x83}) r16 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r17 = ioctl$KVM_CREATE_VM(r16, 0xae01, 0x4) r18 = syz_kvm_vgic_v3_setup(r17, 0x3, 0xc0) ioctl$KVM_SET_DEVICE_ATTR(r18, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x1, &(0x7f0000000100)=0x8}) 2m30.587966437s ago: executing program 7 (id=207): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x8040aeb6, &(0x7f00000001c0)=@attr_other={0x0, 0x8, 0x100, 0x0}) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, 0x0, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r8, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x2, &(0x7f0000000200)=0xa000000}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000280)=0x400000080a0000}) r10 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_send_cmd={0xaa, 0x28, {0x3}}], 0x28}, 0x0, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) ioctl$KVM_SET_GUEST_DEBUG_arm64(r5, 0x4208ae9b, &(0x7f00000002c0)={0x10003, 0x0, {[0x200, 0x9, 0x8001, 0x10001, 0x8, 0x32, 0x7, 0x5, 0x6, 0x1, 0x80000000, 0x73ab, 0x0, 0x6, 0x8000000000000000, 0x1], [0x2, 0x4, 0x8, 0x7fffffffffffffff, 0x7, 0x2, 0x2f, 0x6, 0x5, 0x8a7, 0x5af, 0x9, 0x1, 0xfff, 0x0, 0x7], [0x2, 0x3, 0x9, 0x4, 0xfffffffffffff719, 0x2, 0x1000, 0x100, 0x1, 0x80000001, 0x3ff, 0x7fffffffffffffff, 0x0, 0x2, 0x0, 0xffffffffffffffff], [0x5, 0x3, 0x9, 0x1ecf, 0x6, 0x101, 0x25f, 0x8000, 0x4f7, 0x0, 0x4, 0x1, 0x7, 0x9, 0xfffffffffffffff7, 0x6]}}) 2m29.566791235s ago: executing program 8 (id=208): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) (async) syz_kvm_vgic_v3_setup(r1, 0x1, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000000)=@attr_pmu_irq={0x0, 0x0, 0x0, 0x0}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) munmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r6, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000240)="fb0149dd833be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8faa767969d22627e700", 0x0, 0x48) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) (async) r8 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) openat$kvm(0x0, &(0x7f00000000c0), 0x2c42, 0x0) syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x5, 0x1, 0x4}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0x10002000, 0x0, 0xfffffffd, 0x3}}], 0x1f}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000200)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f00000002c0)=0x3}) ioctl$KVM_CREATE_VM(r8, 0x401c5820, 0x20000007) (async) ioctl$KVM_GET_API_VERSION(0xffffffffffffffff, 0xae00, 0x0) (async) r9 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r9, 0x4010aeb5, &(0x7f0000000000)={0x9}) ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x100000c, 0x16831, 0xffffffffffffffff, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1) ioctl$KVM_SET_MP_STATE(r10, 0x4004ae99, 0x0) 2m10.772447024s ago: executing program 8 (id=209): r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000000340)=@attr_arm64={0x0, 0x0, 0x0, 0xffffffffffffffff}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xeeee0000, 0x1000, &(0x7f0000fd1000/0x1000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1ff, 0x0, 0x6000, 0x1000, &(0x7f0000ec2000/0x1000)=nil}) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x25) r9 = eventfd2(0x1, 0x1) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000000)={r9, 0xb, 0x2, r9}) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)}) ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000300)=0xc000000000000000}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000000)=0xc000000000000000}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000100)={0x1ff, 0x0, 0x0, 0x1000, &(0x7f0000fff000/0x1000)=nil}) 2m9.126545091s ago: executing program 7 (id=210): munmap(&(0x7f0000011000/0xc00000)=nil, 0xc00000) (async) mmap$KVM_VCPU(&(0x7f000052f000/0x4000)=nil, 0x930, 0xe, 0x8032, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) munmap(&(0x7f0000d8f000/0x4000)=nil, 0x4000) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r1, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) mmap$KVM_VCPU(&(0x7f0000f2b000/0x3000)=nil, r1, 0x3000002, 0x112, r4, 0x0) (async) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) (async) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) mmap$KVM_VCPU(&(0x7f00005a5000/0x1000)=nil, r5, 0x1000000, 0x4d832, 0xffffffffffffffff, 0x0) r6 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000002c0)={0x0, &(0x7f0000000380)=[@its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x1, 0x2, 0x7f, 0x100, 0x4}}, @msr={0x14, 0x20, {0x6030000000138076, 0xdc62}}, @svc={0x122, 0x40, {0x84000050, [0x3ff, 0x7, 0x3, 0x0, 0xff]}}, @eret={0xe6, 0x18, 0x1}, @smc={0x1e, 0x40, {0x84000012, [0x80, 0x1, 0x8, 0x1, 0x1]}}, @msr={0x14, 0x20, {0x603000000013c2a3, 0x45bb}}, @memwrite={0x6e, 0x30, @generic={0x6000, 0x84c, 0x8, 0x1}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x280, 0x0, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x50, 0x101}}, @its_send_cmd={0xaa, 0x28, {0x7, 0x0, 0x4, 0xe, 0x1, 0x7ff, 0x2}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x800, 0x8, 0x5}}, @irq_setup={0x46, 0x18, {0x3, 0x381}}, @eret={0xe6, 0x18, 0x1ff}, @hvc={0x32, 0x40, {0xc5000021, [0xff, 0x6, 0x3, 0x6]}}, @mrs={0xbe, 0x18, {0x603000000013801e}}, @hvc={0x32, 0x40, {0x8400000d, [0x7, 0x0, 0x4, 0x6, 0x99]}}], 0x2b0}, &(0x7f0000000300)=[@featur1={0x1, 0x2}], 0x1) (async) r7 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, 0xfffffffffffffffe) (async) syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f00007b6000/0x400000)=nil) (async) ioctl$KVM_ARM_PREFERRED_TARGET(r6, 0x8020aeaf, &(0x7f0000000340)) 1m49.313959603s ago: executing program 7 (id=211): r0 = openat$kvm(0x0, &(0x7f0000000240), 0x8802, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, r1, 0x2800002, 0x4010, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, r1, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r7 = ioctl$KVM_GET_STATS_FD_cpu(r5, 0xaece) ioctl$KVM_SET_USER_MEMORY_REGION2(r3, 0x40a0ae49, &(0x7f0000000100)={0x10001, 0x0, 0x58000, 0x2000, &(0x7f0000fa1000/0x2000)=nil, 0xffffffffffffffff, r7}) r8 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000bfe000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000b80)={0x0, 0x0}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000000)=@arm64_fw={0x6030000000140000, &(0x7f0000000200)=0x10003}) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000013000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (rerun: 64) r11 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = eventfd2(0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000004000/0x4000)=nil, 0x930, 0x0, 0x11, r13, 0x0) r14 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0x13, r15, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_RUN(r15, 0xae80, 0x0) syz_kvm_vgic_v3_setup(r3, 0x1, 0x3a0) ioctl$KVM_GET_VCPU_EVENTS(r7, 0x8040ae9f, &(0x7f0000000040)) ioctl$KVM_RUN(r5, 0xae80, 0x0) 1m45.640129093s ago: executing program 8 (id=212): r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0xdddd1000, 0x8080000, 0x8, 0x48, 0xb, 0xe6, 0x7f, 0x9, 0x0, 0x81, 0x80}, {0x5000, 0xffffffff, 0x3, 0x3, 0xc2, 0x5, 0x7d, 0x6, 0x36, 0x0, 0x2, 0x87}, {0x0, 0xdddd0000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x5}, {0x1, 0xfec00000, 0x9, 0x6, 0x5, 0x42, 0xb, 0x9, 0x8, 0x7, 0xe}, {0xeeee0000, 0xb000, 0xf, 0x3, 0x16, 0x7, 0xaa, 0x8, 0x9, 0x9, 0xf7, 0x97}, {0xeeefa000, 0xdddd0000, 0x9, 0xa0, 0xb1, 0x8, 0x11, 0xa0, 0x82, 0x2f, 0x5, 0x7}, {0x4000, 0x3000, 0x4, 0x5, 0x7, 0x5, 0x7, 0xc, 0x8, 0x81, 0x40, 0x70}, {0xd000, 0x4000, 0xa, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x2, 0xc, 0xb0, 0x81}, {0xeeee0000, 0x8}, {0x8000000, 0x7}, 0x80000031, 0x0, 0x3000, 0x2024, 0x2, 0x0, 0x100000, [0x4, 0x4, 0x3, 0x8]}) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r4, &(0x7f00000001c0)=0xffffffffffffffff, 0xfdef) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r5, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) r6 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x300, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x28) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r8, 0x4068aea3, &(0x7f0000000280)={0xdf, 0x0, 0x2000}) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) r10 = mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x11, r9, 0x40000) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000000c0)="f610f5b33c962b62c00d0914345792dd23a78cdac1300e5e167ce3c540e94f06530dc539e8c1d98289a14446bb8d486f0060cb76b4abc705083f72adeea32830e92b6c89e7b929ff", 0x0, 0x48) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) r11 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x31) r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0) r15 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r14, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r15, 0x20, &(0x7f00000001c0)="fb0149dd833be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8faa767969d22627e700", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r14, 0x0) r16 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) ioctl$KVM_CREATE_VM(r16, 0x401c5820, 0x20000007) syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) 1m17.642211148s ago: executing program 7 (id=213): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r4, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0) r6 = eventfd2(0x0, 0x0) close(r6) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) write$eventfd(r6, &(0x7f0000000180)=0x5, 0xfffffde3) munmap(&(0x7f0000011000/0xc00000)=nil, 0xc00000) r7 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138084, 0x8000}}, @msr={0x14, 0x20, {0x603000000013809c, 0x8000}}, @msr={0x14, 0x20, {0x603000000013c081, 0x8000}}], 0x60}, 0x0, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) 1m16.261794139s ago: executing program 8 (id=214): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r2, 0x4068aea3, &(0x7f00000000c0)) ioctl$KVM_HAS_DEVICE_ATTR_vm(r2, 0x4018aee3, &(0x7f0000000140)=@attr_other={0x0, 0x8001, 0x80000001, &(0x7f0000000080)}) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0x8400000e, [0x99b, 0x100000003, 0x5, 0x101, 0x10]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000a5a000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@mrs={0xbe, 0xfffffffffffffe2b, {0x603000000013c024}}], 0x18}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) munmap$KVM_VCPU(0x0, 0x1000000000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x2a) syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000400)={0x0, &(0x7f00000002c0)=[@mrs={0xbe, 0x18, {0x1fb9}}, @svc={0x122, 0x40, {0x80000001, [0xb19e, 0x6, 0x800, 0x8001]}}, @hvc={0x32, 0x40, {0xffff, [0x9, 0x7ac, 0x10000, 0xe, 0x800]}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x0, 0x2, 0x4, 0x4, 0x66ea, 0x3}}, @msr={0x14, 0x20, {0x1d9f, 0x3}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x8, 0x7, 0x8}}], 0x110}, &(0x7f0000000440)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r7, 0xae80, 0x0) 56.665445429s ago: executing program 7 (id=215): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x80) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r2, 0x400454cc, 0x110c230020) 50.659779676s ago: executing program 8 (id=216): r0 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000140)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xfffffffffffffef1) r1 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2f) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000280)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000240)=0x13}) syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) 8.082670876s ago: executing program 39 (id=215): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(0xffffffffffffffff, 0x1, 0x80) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r2, 0x400454cc, 0x110c230020) 0s ago: executing program 40 (id=216): r0 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000140)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xfffffffffffffef1) r1 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2f) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r5, 0x4018aee1, &(0x7f0000000280)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000000240)=0x13}) syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) kernel console output (not intermixed with test programs): [ 366.595430][ T24] audit: type=1400 audit(365.850:74): avc: denied { write } for pid=3257 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 370.528769][ T24] audit: type=1400 audit(369.750:75): avc: denied { write } for pid=3261 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 373.096964][ T3205] 8021q: adding VLAN 0 to HW filter on device bond0 [ 380.676779][ T24] audit: type=1400 audit(379.870:76): avc: denied { write } for pid=3268 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 385.815535][ T24] audit: type=1400 audit(385.070:77): avc: denied { write } for pid=3271 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 400.641718][ T24] audit: type=1400 audit(399.900:78): avc: denied { write } for pid=3276 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 404.487711][ T24] audit: type=1400 audit(403.710:79): avc: denied { write } for pid=3279 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 407.182500][ T3205] eql: remember to turn off Van-Jacobson compression on your slave devices [ 415.169873][ T24] audit: type=1400 audit(414.430:80): avc: denied { write } for pid=3284 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 419.250226][ T24] audit: type=1400 audit(418.510:81): avc: denied { write } for pid=3287 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 431.655928][ T24] audit: type=1400 audit(430.910:82): avc: denied { write } for pid=3293 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 435.429565][ T24] audit: type=1400 audit(434.680:83): avc: denied { write } for pid=3296 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 440.907273][ T24] audit: type=1400 audit(440.140:84): avc: denied { write } for pid=3298 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 445.142106][ T24] audit: type=1400 audit(444.400:85): avc: denied { write } for pid=3301 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 454.735517][ T24] audit: type=1400 audit(453.990:86): avc: denied { write } for pid=3304 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 459.445313][ T24] audit: type=1400 audit(458.640:87): avc: denied { write } for pid=3307 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 471.333598][ T24] audit: type=1400 audit(470.590:88): avc: denied { write } for pid=3313 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 475.065728][ T24] audit: type=1400 audit(474.320:89): avc: denied { write } for pid=3316 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 480.396034][ T24] audit: type=1400 audit(479.650:90): avc: denied { write } for pid=3318 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 484.172707][ T24] audit: type=1400 audit(483.430:91): avc: denied { write } for pid=3321 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 495.529681][ T24] audit: type=1400 audit(494.790:92): avc: denied { write } for pid=3326 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 499.345608][ T24] audit: type=1400 audit(498.600:93): avc: denied { write } for pid=3329 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 517.635560][ T24] audit: type=1400 audit(516.880:94): avc: denied { write } for pid=3336 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 522.100810][ T24] audit: type=1400 audit(521.360:95): avc: denied { write } for pid=3339 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 543.940954][ T24] audit: type=1400 audit(543.200:96): avc: denied { write } for pid=3348 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 547.733695][ T24] audit: type=1400 audit(546.990:97): avc: denied { write } for pid=3351 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 553.906917][ T24] audit: type=1400 audit(553.110:98): avc: denied { write } for pid=3354 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 557.797394][ T24] audit: type=1400 audit(557.030:99): avc: denied { write } for pid=3357 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 Warning: Permanently added '[localhost]:38307' (ED25519) to the list of known hosts. [ 587.520864][ T24] audit: type=1400 audit(586.780:100): avc: denied { name_bind } for pid=3362 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 589.455365][ T24] audit: type=1400 audit(588.710:101): avc: denied { execute } for pid=3363 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 589.473757][ T24] audit: type=1400 audit(588.730:102): avc: denied { execute_no_trans } for pid=3363 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 614.729485][ T24] audit: type=1400 audit(613.980:103): avc: denied { mounton } for pid=3363 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 614.777057][ T24] audit: type=1400 audit(614.020:104): avc: denied { mount } for pid=3363 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 614.858152][ T3363] cgroup: Unknown subsys name 'net' [ 614.917949][ T24] audit: type=1400 audit(614.180:105): avc: denied { unmount } for pid=3363 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 615.311200][ T3363] cgroup: Unknown subsys name 'cpuset' [ 615.412443][ T3363] cgroup: Unknown subsys name 'rlimit' [ 616.313293][ T24] audit: type=1400 audit(615.570:106): avc: denied { setattr } for pid=3363 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=704 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 616.338168][ T24] audit: type=1400 audit(615.600:107): avc: denied { mounton } for pid=3363 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 616.357621][ T24] audit: type=1400 audit(615.610:108): avc: denied { mount } for pid=3363 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 617.371522][ T3366] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 617.393355][ T24] audit: type=1400 audit(616.650:109): avc: denied { relabelto } for pid=3366 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 617.418568][ T24] audit: type=1400 audit(616.680:110): avc: denied { write } for pid=3366 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 617.617722][ T24] audit: type=1400 audit(616.870:111): avc: denied { read } for pid=3363 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 617.630937][ T24] audit: type=1400 audit(616.890:112): avc: denied { open } for pid=3363 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 617.682369][ T3363] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 678.032046][ T24] audit: type=1400 audit(677.290:113): avc: denied { execmem } for pid=3367 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 681.849009][ T24] audit: type=1400 audit(681.090:114): avc: denied { read } for pid=3370 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 681.872352][ T24] audit: type=1400 audit(681.100:115): avc: denied { open } for pid=3369 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 681.943684][ T24] audit: type=1400 audit(681.200:116): avc: denied { mounton } for pid=3370 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 682.179627][ T24] audit: type=1400 audit(681.430:117): avc: denied { module_request } for pid=3369 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 682.200670][ T24] audit: type=1400 audit(681.440:118): avc: denied { module_request } for pid=3370 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 683.177435][ T24] audit: type=1400 audit(682.430:119): avc: denied { sys_module } for pid=3370 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 708.085608][ T3369] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 708.339298][ T3369] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 708.399070][ T3370] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 708.620610][ T3370] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 720.152966][ T3369] hsr_slave_0: entered promiscuous mode [ 720.186680][ T3369] hsr_slave_1: entered promiscuous mode [ 721.120752][ T3370] hsr_slave_0: entered promiscuous mode [ 721.161451][ T3370] hsr_slave_1: entered promiscuous mode [ 721.190903][ T3370] debugfs: 'hsr0' already exists in 'hsr' [ 721.205980][ T3370] Cannot create hsr debugfs directory [ 726.742399][ T24] audit: type=1400 audit(726.000:120): avc: denied { create } for pid=3369 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 726.823043][ T24] audit: type=1400 audit(726.060:121): avc: denied { write } for pid=3369 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 726.867830][ T24] audit: type=1400 audit(726.120:122): avc: denied { read } for pid=3369 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 727.002548][ T3369] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 727.288606][ T3369] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 727.412349][ T3369] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 727.697937][ T3369] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 727.806298][ T3369] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 727.977897][ T3369] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 728.148844][ T3369] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 728.229714][ T3369] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 729.661534][ T3370] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 729.790420][ T3370] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 729.844094][ T3370] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 729.989116][ T3370] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 730.088086][ T3370] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 730.202474][ T3370] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 730.243111][ T3370] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 730.419562][ T3370] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 741.701722][ T24] audit: type=1400 audit(740.940:123): avc: denied { write } for pid=3459 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 744.423681][ T3369] 8021q: adding VLAN 0 to HW filter on device bond0 [ 747.449143][ T24] audit: type=1400 audit(746.640:124): avc: denied { write } for pid=3463 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 747.670114][ T3370] 8021q: adding VLAN 0 to HW filter on device bond0 [ 799.890894][ T3369] veth0_vlan: entered promiscuous mode [ 800.318810][ T3369] veth1_vlan: entered promiscuous mode [ 802.509715][ T3369] veth0_macvtap: entered promiscuous mode [ 802.560556][ T3370] veth0_vlan: entered promiscuous mode [ 803.017546][ T3369] veth1_macvtap: entered promiscuous mode [ 803.581391][ T3370] veth1_vlan: entered promiscuous mode [ 805.343198][ T2166] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 805.371052][ T2166] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 805.376305][ T2166] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 805.402041][ T2166] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 806.755993][ T3370] veth0_macvtap: entered promiscuous mode [ 807.240850][ T3370] veth1_macvtap: entered promiscuous mode [ 807.895691][ T24] audit: type=1400 audit(807.150:125): avc: denied { mount } for pid=3369 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 808.269143][ T24] audit: type=1400 audit(807.510:126): avc: denied { mounton } for pid=3369 comm="syz-executor" path="/syzkaller.tIh1JA/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 808.442259][ T24] audit: type=1400 audit(807.700:127): avc: denied { mount } for pid=3369 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 808.791205][ T24] audit: type=1400 audit(808.030:128): avc: denied { mounton } for pid=3369 comm="syz-executor" path="/syzkaller.tIh1JA/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 809.021875][ T24] audit: type=1400 audit(808.200:129): avc: denied { mounton } for pid=3369 comm="syz-executor" path="/syzkaller.tIh1JA/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3735 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 809.670464][ T24] audit: type=1400 audit(808.850:130): avc: denied { unmount } for pid=3369 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 809.748740][ T3422] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 809.753708][ T3422] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 809.839415][ T3422] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 809.840545][ T3422] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 810.066580][ T24] audit: type=1400 audit(809.320:131): avc: denied { mounton } for pid=3369 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1548 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 810.197759][ T24] audit: type=1400 audit(809.380:132): avc: denied { mount } for pid=3369 comm="syz-executor" name="/" dev="gadgetfs" ino=3744 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 810.401259][ T24] audit: type=1400 audit(809.660:133): avc: denied { mount } for pid=3369 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 810.500146][ T24] audit: type=1400 audit(809.760:134): avc: denied { mounton } for pid=3369 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 812.049515][ T3369] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 813.388525][ T24] kauditd_printk_skb: 1 callbacks suppressed [ 813.391606][ T24] audit: type=1400 audit(812.470:136): avc: denied { read write } for pid=3369 comm="syz-executor" name="loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 813.392628][ T24] audit: type=1400 audit(812.630:137): avc: denied { open } for pid=3369 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 813.565609][ T24] audit: type=1400 audit(812.630:138): avc: denied { ioctl } for pid=3369 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 825.957371][ T24] audit: type=1400 audit(825.210:139): avc: denied { read write } for pid=3526 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 826.049835][ T24] audit: type=1400 audit(825.310:140): avc: denied { open } for pid=3526 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 826.146052][ T24] audit: type=1400 audit(825.390:141): avc: denied { ioctl } for pid=3526 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 842.193012][ T24] audit: type=1400 audit(841.450:142): avc: denied { execute } for pid=3539 comm="syz.1.4" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3971 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 889.459174][ T3571] kvm [3571]: Failed to find VMA for hva 0x20c01000 [ 920.571712][ T24] audit: type=1400 audit(919.830:143): avc: denied { append } for pid=3588 comm="syz.1.18" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 921.139892][ T24] audit: type=1400 audit(920.350:144): avc: denied { create } for pid=3588 comm="syz.1.18" anonclass=[kvm-gmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 1023.738083][ T3647] kvm [3647]: Failed to find VMA for hva 0x20e73000 [ 1089.076700][ T24] audit: type=1400 audit(1088.330:145): avc: denied { map } for pid=3681 comm="syz.1.49" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=6556 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 1089.117970][ T24] audit: type=1400 audit(1088.370:146): avc: denied { read } for pid=3681 comm="syz.1.49" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=6556 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 1115.956917][ T24] audit: type=1400 audit(1115.210:147): avc: denied { write } for pid=3705 comm="syz.1.54" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=6920 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 1136.075792][ T24] audit: type=1400 audit(1135.330:148): avc: denied { execute } for pid=3712 comm="syz.0.57" path=2F32372F10FBFF67525673312B0104 dev="tmpfs" ino=153 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 1139.646047][ T24] audit: type=1400 audit(1138.900:149): avc: denied { write } for pid=3716 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1148.673386][ T24] audit: type=1400 audit(1147.910:150): avc: denied { write } for pid=3721 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1245.091301][ T3734] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1245.419842][ T3734] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1266.969463][ T3744] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1267.198392][ T3744] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1271.246029][ T3734] hsr_slave_0: entered promiscuous mode [ 1271.300627][ T3734] hsr_slave_1: entered promiscuous mode [ 1271.358079][ T3734] debugfs: 'hsr0' already exists in 'hsr' [ 1271.361376][ T3734] Cannot create hsr debugfs directory [ 1285.764063][ T3734] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1286.237885][ T3734] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1286.339004][ T3734] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1286.587584][ T3734] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1286.683620][ T3734] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1286.889939][ T3734] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1286.989074][ T3734] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1287.257215][ T3734] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1292.598910][ T3744] hsr_slave_0: entered promiscuous mode [ 1292.672584][ T3744] hsr_slave_1: entered promiscuous mode [ 1292.749706][ T3744] debugfs: 'hsr0' already exists in 'hsr' [ 1292.752987][ T3744] Cannot create hsr debugfs directory [ 1312.715921][ T3744] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1313.219221][ T3744] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1313.586552][ T3744] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1313.951384][ T3744] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1314.030922][ T3744] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1314.582564][ T3744] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1315.133496][ T3744] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1315.559349][ T3744] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1321.123100][ T3734] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1332.538836][ T2166] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1335.280476][ T2166] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1336.539474][ T2166] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1337.830943][ T2166] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1350.683777][ T2166] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1350.821532][ T2166] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1350.887670][ T2166] bond0 (unregistering): Released all slaves [ 1352.255903][ T2166] hsr_slave_0: left promiscuous mode [ 1352.369446][ T2166] hsr_slave_1: left promiscuous mode [ 1352.715917][ T2166] veth1_macvtap: left promiscuous mode [ 1352.719736][ T2166] veth0_macvtap: left promiscuous mode [ 1352.729204][ T2166] veth1_vlan: left promiscuous mode [ 1352.739187][ T2166] veth0_vlan: left promiscuous mode [ 1377.931203][ T2166] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1378.933097][ T2166] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1380.139227][ T2166] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1381.049398][ T2166] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1382.596872][ T3744] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1386.392777][ T24] audit: type=1400 audit(1385.610:151): avc: denied { write } for pid=3841 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1394.396838][ T24] audit: type=1400 audit(1393.610:152): avc: denied { write } for pid=3851 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1398.863663][ T2166] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1398.952864][ T2166] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1399.027423][ T2166] bond0 (unregistering): Released all slaves [ 1399.600447][ T3205] 8021q: adding VLAN 0 to HW filter on device eth1 [ 1400.355376][ T2166] hsr_slave_0: left promiscuous mode [ 1400.679446][ T2166] hsr_slave_1: left promiscuous mode [ 1401.380834][ T2166] veth1_macvtap: left promiscuous mode [ 1401.397035][ T2166] veth0_macvtap: left promiscuous mode [ 1401.407854][ T2166] veth1_vlan: left promiscuous mode [ 1401.418129][ T2166] veth0_vlan: left promiscuous mode [ 1433.226710][ T24] audit: type=1400 audit(1432.470:153): avc: denied { write } for pid=3866 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1440.435788][ T24] audit: type=1400 audit(1439.620:154): avc: denied { write } for pid=3875 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1445.158806][ T3205] 8021q: adding VLAN 0 to HW filter on device eth2 [ 1456.725342][ T24] audit: type=1400 audit(1455.930:155): avc: denied { write } for pid=3891 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1462.577203][ T24] audit: type=1400 audit(1461.810:156): avc: denied { write } for pid=3900 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1466.590787][ T3205] 8021q: adding VLAN 0 to HW filter on device eth4 [ 1470.041955][ T3734] veth0_vlan: entered promiscuous mode [ 1470.744052][ T3734] veth1_vlan: entered promiscuous mode [ 1474.239867][ T3734] veth0_macvtap: entered promiscuous mode [ 1474.679090][ T3734] veth1_macvtap: entered promiscuous mode [ 1477.333697][ T3811] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1477.341175][ T3811] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1477.381066][ T3811] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1477.383911][ T3811] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1480.620472][ T24] audit: type=1400 audit(1479.880:157): avc: denied { write } for pid=3912 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1480.990736][ T24] audit: type=1400 audit(1480.250:158): avc: denied { unmount } for pid=3734 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 1489.357189][ T24] audit: type=1400 audit(1488.550:159): avc: denied { write } for pid=3919 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1496.250513][ T3205] 8021q: adding VLAN 0 to HW filter on device eth3 [ 1497.299051][ T3744] veth0_vlan: entered promiscuous mode [ 1498.309581][ T3744] veth1_vlan: entered promiscuous mode [ 1501.993331][ T3744] veth0_macvtap: entered promiscuous mode [ 1502.961041][ T3744] veth1_macvtap: entered promiscuous mode [ 1506.718563][ T3389] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1506.829205][ T29] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1506.871080][ T29] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1506.932387][ T3768] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1517.687446][ T24] audit: type=1400 audit(1516.950:160): avc: denied { write } for pid=3931 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1517.967939][ T24] audit: type=1400 audit(1517.090:161): avc: denied { setattr } for pid=3932 comm="syz.2.64" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1527.179017][ T24] audit: type=1400 audit(1526.440:162): avc: denied { write } for pid=3943 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1533.991630][ T3205] 8021q: adding VLAN 0 to HW filter on device eth5 [ 1553.202000][ T24] audit: type=1400 audit(1552.440:163): avc: denied { write } for pid=3953 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1564.583183][ T24] audit: type=1400 audit(1563.840:164): avc: denied { write } for pid=3965 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1572.410606][ T3205] 8021q: adding VLAN 0 to HW filter on device eth6 [ 1580.722877][ T24] audit: type=1400 audit(1579.980:165): avc: denied { write } for pid=3971 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1590.249429][ T24] audit: type=1400 audit(1589.500:166): avc: denied { write } for pid=3984 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1618.688117][ T24] audit: type=1400 audit(1617.940:167): avc: denied { write } for pid=4001 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1629.189345][ T24] audit: type=1400 audit(1628.440:168): avc: denied { write } for pid=4009 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1637.200980][ T3205] 8021q: adding VLAN 0 to HW filter on device eth7 [ 1656.885849][ T24] audit: type=1400 audit(1656.110:169): avc: denied { write } for pid=4028 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1667.327928][ T24] audit: type=1400 audit(1666.580:170): avc: denied { write } for pid=4041 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1674.597431][ T3205] 8021q: adding VLAN 0 to HW filter on device eth8 [ 1713.817308][ T24] audit: type=1400 audit(1713.070:171): avc: denied { map } for pid=4066 comm="syz.2.87" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1731.482345][ T24] audit: type=1400 audit(1730.650:172): avc: denied { write } for pid=4076 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1743.289636][ T24] audit: type=1400 audit(1742.550:173): avc: denied { write } for pid=4085 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1768.468017][ T24] audit: type=1400 audit(1767.720:174): avc: denied { write } for pid=4103 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1777.599822][ T24] audit: type=1400 audit(1776.780:175): avc: denied { write } for pid=4114 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1814.560717][ T24] audit: type=1400 audit(1813.800:176): avc: denied { write } for pid=4134 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1819.601222][ T24] audit: type=1400 audit(1818.800:177): avc: denied { write } for pid=4137 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1828.912626][ T24] audit: type=1400 audit(1828.160:178): avc: denied { write } for pid=4140 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1838.887359][ T24] audit: type=1400 audit(1838.130:179): avc: denied { write } for pid=4145 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1861.523066][ T24] audit: type=1400 audit(1860.680:180): avc: denied { write } for pid=4156 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1870.452326][ T40] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1872.873663][ T40] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1874.420500][ T24] audit: type=1400 audit(1873.570:181): avc: denied { write } for pid=4169 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1876.461031][ T40] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1879.328714][ T40] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1898.241629][ T24] audit: type=1400 audit(1897.500:182): avc: denied { write } for pid=4187 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1907.702907][ T40] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1908.392430][ T40] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1908.752623][ T40] bond0 (unregistering): Released all slaves [ 1908.802680][ T24] audit: type=1400 audit(1908.060:183): avc: denied { write } for pid=4198 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1911.209449][ T40] hsr_slave_0: left promiscuous mode [ 1911.305943][ T40] hsr_slave_1: left promiscuous mode [ 1911.900944][ T40] veth1_macvtap: left promiscuous mode [ 1911.930791][ T40] veth0_macvtap: left promiscuous mode [ 1911.946845][ T40] veth1_vlan: left promiscuous mode [ 1911.986922][ T40] veth0_vlan: left promiscuous mode [ 1965.401940][ T24] audit: type=1400 audit(1964.660:184): avc: denied { write } for pid=4221 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1975.390421][ T24] audit: type=1400 audit(1974.630:185): avc: denied { write } for pid=4230 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1982.781997][ T3205] 8021q: adding VLAN 0 to HW filter on device eth9 [ 1995.816378][ T4151] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1996.143597][ T4151] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2006.252813][ T24] audit: type=1400 audit(2005.500:186): avc: denied { write } for pid=4250 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2014.393255][ T24] audit: type=1400 audit(2013.580:187): avc: denied { write } for pid=4261 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2020.031416][ T3205] 8021q: adding VLAN 0 to HW filter on device eth11 [ 2027.249916][ T24] audit: type=1400 audit(2026.510:188): avc: denied { write } for pid=4269 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2030.368985][ T4151] hsr_slave_0: entered promiscuous mode [ 2030.516701][ T4151] hsr_slave_1: entered promiscuous mode [ 2037.306078][ T24] audit: type=1400 audit(2036.450:189): avc: denied { write } for pid=4277 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2054.443838][ T4151] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 2054.828738][ T4151] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 2054.982118][ T4151] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 2055.339376][ T4151] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 2055.451395][ T4151] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 2055.812294][ T4151] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 2055.971566][ T4151] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 2056.105820][ T24] audit: type=1400 audit(2055.300:190): avc: denied { write } for pid=4285 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2056.337977][ T4151] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 2066.265526][ T24] audit: type=1400 audit(2065.480:191): avc: denied { write } for pid=4296 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2087.033878][ T24] audit: type=1400 audit(2086.230:192): avc: denied { write } for pid=4313 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2087.900142][ T4151] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2099.426264][ T24] audit: type=1400 audit(2098.680:193): avc: denied { write } for pid=4322 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2127.969125][ T24] audit: type=1400 audit(2127.200:194): avc: denied { write } for pid=4335 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2137.735997][ T24] audit: type=1400 audit(2136.980:195): avc: denied { write } for pid=4345 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2143.761083][ T3205] 8021q: adding VLAN 0 to HW filter on device eth10 [ 2168.772997][ T24] audit: type=1400 audit(2168.030:196): avc: denied { write } for pid=4365 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2178.760815][ T24] audit: type=1400 audit(2178.020:197): avc: denied { write } for pid=4374 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2184.800556][ T3205] 8021q: adding VLAN 0 to HW filter on device eth12 [ 2202.297938][ T24] audit: type=1400 audit(2201.540:198): avc: denied { write } for pid=4388 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2213.499315][ T24] audit: type=1400 audit(2212.730:199): avc: denied { write } for pid=4397 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2239.676743][ T4151] veth0_vlan: entered promiscuous mode [ 2241.263691][ T4151] veth1_vlan: entered promiscuous mode [ 2244.958168][ T4151] veth0_macvtap: entered promiscuous mode [ 2245.609906][ T4151] veth1_macvtap: entered promiscuous mode [ 2249.566950][ T3470] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2249.573020][ T3470] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2249.972259][ T3811] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2249.989082][ T3811] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2272.136532][ T24] audit: type=1400 audit(2271.380:200): avc: denied { write } for pid=4429 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2281.955844][ T24] audit: type=1400 audit(2281.140:201): avc: denied { write } for pid=4436 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2297.235463][ T24] audit: type=1400 audit(2296.440:202): avc: denied { write } for pid=4441 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2304.553659][ T24] audit: type=1400 audit(2303.810:203): avc: denied { write } for pid=4445 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2321.706205][ T24] audit: type=1400 audit(2320.940:204): avc: denied { write } for pid=4451 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2332.065887][ T24] audit: type=1400 audit(2331.240:205): avc: denied { write } for pid=4460 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2348.948288][ T24] audit: type=1400 audit(2348.150:206): avc: denied { write } for pid=4468 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2359.237077][ T24] audit: type=1400 audit(2358.440:207): avc: denied { write } for pid=4475 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2376.911564][ T24] audit: type=1400 audit(2376.170:208): avc: denied { write } for pid=4483 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2386.108147][ T24] audit: type=1400 audit(2385.320:209): avc: denied { write } for pid=4492 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2409.221289][ T4450] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2409.602691][ T4450] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2420.585646][ T4457] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2421.009542][ T4457] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2442.687183][ T2166] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2444.111288][ T2166] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2445.729305][ T2166] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2448.972923][ T2166] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2450.171453][ T4450] hsr_slave_0: entered promiscuous mode [ 2450.289835][ T4450] hsr_slave_1: entered promiscuous mode [ 2450.333189][ T4450] debugfs: 'hsr0' already exists in 'hsr' [ 2450.339640][ T4450] Cannot create hsr debugfs directory [ 2469.251735][ T2166] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2469.598652][ T2166] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2469.811962][ T2166] bond0 (unregistering): Released all slaves [ 2472.629252][ T2166] hsr_slave_0: left promiscuous mode [ 2472.689884][ T2166] hsr_slave_1: left promiscuous mode [ 2472.892313][ T2166] veth1_macvtap: left promiscuous mode [ 2472.910436][ T2166] veth0_macvtap: left promiscuous mode [ 2472.914001][ T2166] veth1_vlan: left promiscuous mode [ 2472.928888][ T2166] veth0_vlan: left promiscuous mode [ 2489.102136][ T4457] hsr_slave_0: entered promiscuous mode [ 2489.140151][ T4457] hsr_slave_1: entered promiscuous mode [ 2497.562437][ T2166] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2498.973199][ T2166] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2500.658833][ T2166] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2502.210547][ T2166] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2503.311325][ T24] audit: type=1400 audit(2502.550:210): avc: denied { write } for pid=4539 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2505.166743][ T4450] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 2505.477660][ T4450] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 2506.466254][ T4450] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 2506.801627][ T4450] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 2507.451191][ T4450] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 2507.723855][ T4450] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 2509.269954][ T4450] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 2509.793483][ T4450] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 2512.096872][ T24] audit: type=1400 audit(2511.330:211): avc: denied { write } for pid=4543 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2527.503517][ T2166] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2528.230492][ T2166] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2528.448790][ T2166] bond0 (unregistering): Released all slaves [ 2529.748941][ T3205] 8021q: adding VLAN 0 to HW filter on device eth13 [ 2530.580954][ T2166] hsr_slave_0: left promiscuous mode [ 2530.621005][ T2166] hsr_slave_1: left promiscuous mode [ 2530.968214][ T2166] veth1_macvtap: left promiscuous mode [ 2530.971550][ T2166] veth0_macvtap: left promiscuous mode [ 2530.998572][ T2166] veth1_vlan: left promiscuous mode [ 2531.002703][ T2166] veth0_vlan: left promiscuous mode [ 2551.169395][ T4457] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 2551.827012][ T4457] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 2551.953797][ T4457] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 2552.589371][ T4457] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 2552.760201][ T4457] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 2553.072571][ T4457] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 2553.273767][ T4457] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 2553.640961][ T4457] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 2567.508720][ T24] audit: type=1400 audit(2566.740:212): avc: denied { write } for pid=4571 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2577.166854][ T4450] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2577.687889][ T24] audit: type=1400 audit(2576.930:213): avc: denied { write } for pid=4580 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2585.029820][ T4457] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2585.261849][ T3205] 8021q: adding VLAN 0 to HW filter on device eth14 [ 2604.567004][ T24] audit: type=1400 audit(2603.800:214): avc: denied { write } for pid=4592 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2615.242516][ T24] audit: type=1400 audit(2614.500:215): avc: denied { write } for pid=4600 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2621.153932][ T3205] 8021q: adding VLAN 0 to HW filter on device eth15 [ 2642.936331][ T24] audit: type=1400 audit(2642.170:216): avc: denied { write } for pid=4615 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2652.845935][ T24] audit: type=1400 audit(2652.090:217): avc: denied { write } for pid=4627 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2658.662072][ T3205] 8021q: adding VLAN 0 to HW filter on device eth16 [ 2674.801658][ T24] audit: type=1400 audit(2674.060:218): avc: denied { write } for pid=4642 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2682.703904][ T24] audit: type=1400 audit(2681.960:219): avc: denied { write } for pid=4652 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2688.862603][ T3205] 8021q: adding VLAN 0 to HW filter on device eth17 [ 2712.940591][ T24] audit: type=1400 audit(2712.190:220): avc: denied { write } for pid=4668 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2717.239916][ T4450] veth0_vlan: entered promiscuous mode [ 2718.484119][ T4450] veth1_vlan: entered promiscuous mode [ 2721.917040][ T4450] veth0_macvtap: entered promiscuous mode [ 2723.087541][ T4450] veth1_macvtap: entered promiscuous mode [ 2723.298014][ T24] audit: type=1400 audit(2722.530:221): avc: denied { write } for pid=4677 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2724.758831][ T4457] veth0_vlan: entered promiscuous mode [ 2726.838969][ T4457] veth1_vlan: entered promiscuous mode [ 2729.401668][ T3205] 8021q: adding VLAN 0 to HW filter on device eth18 [ 2729.525726][ T3808] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2729.652091][ T3808] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2729.667933][ T3808] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2729.681641][ T3808] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2732.868721][ T4457] veth0_macvtap: entered promiscuous mode [ 2734.082566][ T4457] veth1_macvtap: entered promiscuous mode [ 2739.302686][ T3811] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2739.342248][ T3811] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2739.541472][ T3470] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2739.557029][ T3470] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2753.176771][ T24] audit: type=1400 audit(2752.400:222): avc: denied { write } for pid=4682 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2767.934076][ T24] audit: type=1400 audit(2767.120:223): avc: denied { write } for pid=4693 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2778.011164][ T3205] 8021q: adding VLAN 0 to HW filter on device eth19 [ 2808.469838][ T24] audit: type=1400 audit(2807.710:224): avc: denied { write } for pid=4710 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2822.716371][ T24] audit: type=1400 audit(2821.850:225): avc: denied { write } for pid=4719 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2832.173424][ T3205] 8021q: adding VLAN 0 to HW filter on device eth20 [ 2846.361847][ T24] audit: type=1400 audit(2845.620:226): avc: denied { write } for pid=4726 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2850.648746][ T24] audit: type=1400 audit(2849.900:227): avc: denied { execute } for pid=4732 comm="syz.6.139" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 2859.715690][ T24] audit: type=1400 audit(2858.950:228): avc: denied { write } for pid=4739 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2948.786809][ T24] audit: type=1400 audit(2947.960:229): avc: denied { write } for pid=4782 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2963.258480][ T24] audit: type=1400 audit(2962.440:230): avc: denied { write } for pid=4793 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3009.325866][ T24] audit: type=1400 audit(3008.570:231): avc: denied { write } for pid=4815 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3023.225748][ T24] audit: type=1400 audit(3022.460:232): avc: denied { write } for pid=4824 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3054.025867][ T24] audit: type=1400 audit(3053.270:233): avc: denied { write } for pid=4839 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3067.726213][ T24] audit: type=1400 audit(3066.830:234): avc: denied { write } for pid=4852 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3093.640527][ T24] audit: type=1400 audit(3092.900:235): avc: denied { write } for pid=4866 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3107.339640][ T24] audit: type=1400 audit(3106.560:236): avc: denied { write } for pid=4879 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3148.157713][ T24] audit: type=1400 audit(3147.370:237): avc: denied { write } for pid=4897 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3160.533438][ T24] audit: type=1400 audit(3159.770:238): avc: denied { write } for pid=4903 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3189.397859][ T24] audit: type=1400 audit(3188.630:239): avc: denied { write } for pid=4917 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3204.393914][ T24] audit: type=1400 audit(3203.500:240): avc: denied { write } for pid=4928 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3249.907757][ T24] audit: type=1400 audit(3249.150:241): avc: denied { write } for pid=4947 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3264.915754][ T24] audit: type=1400 audit(3264.140:242): avc: denied { write } for pid=4956 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3296.346709][ T24] audit: type=1400 audit(3295.490:243): avc: denied { write } for pid=4970 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3310.497096][ T24] audit: type=1400 audit(3309.720:244): avc: denied { write } for pid=4979 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3339.064078][ T24] audit: type=1400 audit(3338.320:245): avc: denied { write } for pid=4987 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3352.416503][ T24] audit: type=1400 audit(3351.650:246): avc: denied { write } for pid=4999 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3618.623614][ T5052] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3619.110478][ T5052] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3631.251876][ T5056] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3631.653659][ T5056] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3660.082935][ T5052] hsr_slave_0: entered promiscuous mode [ 3660.239136][ T5052] hsr_slave_1: entered promiscuous mode [ 3660.398799][ T5052] debugfs: 'hsr0' already exists in 'hsr' [ 3660.408329][ T5052] Cannot create hsr debugfs directory [ 3678.042241][ T5056] hsr_slave_0: entered promiscuous mode [ 3678.111114][ T5056] hsr_slave_1: entered promiscuous mode [ 3678.183292][ T5056] debugfs: 'hsr0' already exists in 'hsr' [ 3678.257055][ T5056] Cannot create hsr debugfs directory [ 3695.166430][ T5052] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 3695.663858][ T5052] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 3696.436711][ T5052] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 3696.729891][ T5052] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 3697.646997][ T5052] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 3697.953635][ T5052] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 3699.558669][ T5052] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 3700.260650][ T5052] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 3709.982485][ T5056] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 3710.799383][ T5056] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 3710.952917][ T5056] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 3711.601186][ T5056] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 3711.862912][ T5056] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 3712.671520][ T5056] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 3712.910078][ T5056] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 3713.558854][ T5056] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 3725.165829][ T24] audit: type=1400 audit(3724.290:247): avc: denied { write } for pid=5126 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3740.936126][ T24] audit: type=1400 audit(3740.130:248): avc: denied { write } for pid=5144 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3755.411724][ T5052] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3765.702732][ T5056] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3859.503187][ T29] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3861.850448][ T29] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3864.049102][ T29] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3866.163186][ T29] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3894.157852][ T29] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3894.823183][ T29] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3895.590172][ T29] bond0 (unregistering): Released all slaves [ 3899.203996][ T29] hsr_slave_0: left promiscuous mode [ 3899.358308][ T29] hsr_slave_1: left promiscuous mode [ 3900.365470][ T29] veth1_macvtap: left promiscuous mode [ 3900.385762][ T29] veth0_macvtap: left promiscuous mode [ 3900.387295][ T29] veth1_vlan: left promiscuous mode [ 3900.388572][ T29] veth0_vlan: left promiscuous mode [ 3940.829592][ T29] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3942.952425][ T29] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3944.838927][ T29] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3946.888065][ T29] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3962.890988][ T24] audit: type=1400 audit(3962.130:249): avc: denied { write } for pid=5209 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3974.681792][ T24] audit: type=1400 audit(3973.940:250): avc: denied { write } for pid=5218 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3976.653206][ T29] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3977.073260][ T29] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3977.429169][ T29] bond0 (unregistering): Released all slaves [ 3982.899964][ T29] hsr_slave_0: left promiscuous mode [ 3983.082234][ T29] hsr_slave_1: left promiscuous mode [ 3983.951331][ T29] veth1_macvtap: left promiscuous mode [ 3983.966282][ T29] veth0_macvtap: left promiscuous mode [ 3983.970242][ T29] veth1_vlan: left promiscuous mode [ 3984.037212][ T29] veth0_vlan: left promiscuous mode [ 4009.342947][ T3205] 8021q: adding VLAN 0 to HW filter on device eth21 [ 4024.911847][ T24] audit: type=1400 audit(4024.170:251): avc: denied { write } for pid=5227 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4036.256510][ T24] audit: type=1400 audit(4035.490:252): avc: denied { write } for pid=5236 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4051.735067][ T5052] veth0_vlan: entered promiscuous mode [ 4052.768002][ T5056] veth0_vlan: entered promiscuous mode [ 4054.106848][ T5052] veth1_vlan: entered promiscuous mode [ 4055.188593][ T5056] veth1_vlan: entered promiscuous mode [ 4060.221778][ T5052] veth0_macvtap: entered promiscuous mode [ 4061.358389][ T5056] veth0_macvtap: entered promiscuous mode [ 4061.622440][ T5052] veth1_macvtap: entered promiscuous mode [ 4062.698192][ T5056] veth1_macvtap: entered promiscuous mode [ 4064.079380][ T24] audit: type=1400 audit(4063.310:253): avc: denied { write } for pid=5248 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4067.486932][ T3470] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 4067.491242][ T3470] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 4067.540247][ T5149] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 4067.749276][ T3768] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 4069.783130][ T5087] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 4069.793326][ T5087] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 4070.111531][ T3422] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 4070.147488][ T3422] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 4075.590368][ T24] audit: type=1400 audit(4074.850:254): avc: denied { write } for pid=5251 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4082.997861][ T3205] 8021q: adding VLAN 0 to HW filter on device eth22 [ 4119.321124][ T24] audit: type=1400 audit(4118.480:255): avc: denied { write } for pid=5264 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4134.145896][ T24] audit: type=1400 audit(4133.290:256): avc: denied { write } for pid=5274 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4144.761436][ T3205] 8021q: adding VLAN 0 to HW filter on device eth23 [ 4177.636225][ T24] audit: type=1400 audit(4176.860:257): avc: denied { write } for pid=5288 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4191.597806][ T24] audit: type=1400 audit(4190.810:258): avc: denied { write } for pid=5298 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4202.393017][ T3205] 8021q: adding VLAN 0 to HW filter on device eth24 [ 4230.786504][ T24] audit: type=1400 audit(4230.040:259): avc: denied { write } for pid=5308 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4241.158024][ T24] audit: type=1400 audit(4240.400:260): avc: denied { write } for pid=5313 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4248.120445][ T3205] 8021q: adding VLAN 0 to HW filter on device eth25 [ 4276.986182][ T24] audit: type=1400 audit(4276.240:261): avc: denied { write } for pid=5321 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4291.545417][ T24] audit: type=1400 audit(4290.780:262): avc: denied { write } for pid=5331 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4300.400511][ T3205] 8021q: adding VLAN 0 to HW filter on device eth26 [ 4335.536714][ T24] audit: type=1400 audit(4334.700:263): avc: denied { write } for pid=5342 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4350.216695][ T24] audit: type=1400 audit(4349.450:264): avc: denied { write } for pid=5352 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4361.660905][ T3205] 8021q: adding VLAN 0 to HW filter on device eth27 [ 4394.159561][ T5316] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4394.801641][ T5316] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4400.658964][ T24] audit: type=1400 audit(4399.880:265): avc: denied { write } for pid=5373 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4404.523418][ T5320] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4405.173991][ T5320] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4415.439392][ T24] audit: type=1400 audit(4414.670:266): avc: denied { write } for pid=5381 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4425.422742][ T3205] 8021q: adding VLAN 0 to HW filter on device eth28 [ 4456.540187][ T5316] hsr_slave_0: entered promiscuous mode [ 4456.753234][ T5316] hsr_slave_1: entered promiscuous mode [ 4468.470784][ T5320] hsr_slave_0: entered promiscuous mode [ 4468.589807][ T5320] hsr_slave_1: entered promiscuous mode [ 4468.673525][ T5320] debugfs: 'hsr0' already exists in 'hsr' [ 4468.785448][ T5320] Cannot create hsr debugfs directory [ 4483.338609][ T24] audit: type=1400 audit(4482.590:267): avc: denied { write } for pid=5405 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4497.151457][ T24] audit: type=1400 audit(4496.410:268): avc: denied { write } for pid=5410 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4508.480521][ T5316] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 4509.209999][ T5316] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 4513.846550][ T5316] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 4514.972538][ T5316] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 4515.459114][ T5316] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 4516.134046][ T5316] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 4516.440927][ T5316] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 4517.220506][ T5316] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 4543.243636][ T5320] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 4543.929763][ T5320] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 4544.217670][ T5320] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 4544.889303][ T5320] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 4545.148684][ T5320] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 4545.800162][ T5320] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 4546.089637][ T5320] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 4546.709271][ T5320] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 4557.029189][ T24] audit: type=1400 audit(4556.230:269): avc: denied { write } for pid=5427 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4574.187370][ T24] audit: type=1400 audit(4573.440:270): avc: denied { write } for pid=5444 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4584.800664][ T5316] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4605.041534][ T5320] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4612.151633][ T24] audit: type=1400 audit(4611.400:271): avc: denied { write } for pid=5452 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4629.130258][ T24] audit: type=1400 audit(4628.370:272): avc: denied { write } for pid=5463 comm="rm" name="hook-state" dev="tmpfs" ino=109 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 4648.921683][ T26] INFO: task syz.8.216:5300 blocked for more than 430 seconds. [ 4649.080770][ T26] Not tainted syzkaller #0 [ 4649.130085][ T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 4649.132029][ T26] task:syz.8.216 state:D stack:0 pid:5300 tgid:5300 ppid:5056 task_flags:0x400040 flags:0x00000011 [ 4649.133615][ T26] Call trace: [ 4649.206277][ T26] __switch_to+0x5e0/0xb5c (T) [ 4649.288629][ T26] __schedule+0x1f54/0x38a8 [ 4649.316640][ T26] schedule+0xac/0x27c [ 4649.317338][ T26] schedule_timeout+0x68/0x1ec [ 4649.317830][ T26] do_wait_for_common+0x28c/0x440 [ 4649.318263][ T26] wait_for_completion+0x44/0x5c [ 4649.318688][ T26] __synchronize_srcu+0x1b4/0x1f4 [ 4649.319206][ T26] synchronize_srcu+0x668/0x8dc [ 4649.319740][ T26] mmu_notifier_unregister+0x320/0x428 [ 4649.320242][ T26] kvm_put_kvm+0x698/0xbb8 [ 4649.320678][ T26] kvm_vm_release+0x58/0x78 [ 4649.321137][ T26] __fput+0x4ac/0x978 [ 4649.321588][ T26] ____fput+0x20/0x30 [ 4649.322005][ T26] task_work_run+0x1b8/0x250 [ 4649.322486][ T26] exit_to_user_mode_loop+0x110/0x188 [ 4649.322960][ T26] el0_svc+0x184/0x238 [ 4649.323427][ T26] el0t_64_sync_handler+0x84/0x12c [ 4649.323908][ T26] el0t_64_sync+0x198/0x19c [ 4649.477150][ T26] [ 4649.477150][ T26] Showing all locks held in the system: [ 4649.477760][ T26] 1 lock held by khungtaskd/26: [ 4649.478223][ T26] #0: ffff800087dc48b8 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x0/0x44 [ 4649.480764][ T26] 2 locks held by kworker/u4:3/40: [ 4649.481129][ T26] #0: 2bf000000d036540 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x7f8/0x1d80 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 4649.483687][ T26] #1: ffff80008cf47ca8 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x884/0x1d80 [ 4649.667320][ T26] 1 lock held by dhcpcd/3205: [ 4649.667724][ T26] 2 locks held by getty/3236: [ 4649.668036][ T26] #0: acf00000127360a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c [ 4649.669697][ T26] #1: f0ff80008cb5b2e8 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x1284 [ 4649.671342][ T26] 1 lock held by sshd-session/3362: [ 4649.671705][ T26] 2 locks held by syz-executor/3363: [ 4649.672022][ T26] 2 locks held by kworker/u4:4/3422: [ 4649.672358][ T26] 3 locks held by kworker/u4:9/3811: [ 4649.672756][ T26] 3 locks held by kworker/u4:11/5058: [ 4649.673080][ T26] 3 locks held by kworker/u4:12/5087: [ 4649.673444][ T26] 3 locks held by kworker/u4:13/5138: [ 4649.673755][ T26] 3 locks held by kworker/u4:14/5149: [ 4649.674045][ T26] 3 locks held by kworker/u4:15/5165: [ 4649.876759][ T26] 2 locks held by syz.7.215/5295: [ 4649.877298][ T26] 1 lock held by syz-executor/5320: [ 4649.877837][ T26] [ 4649.878115][ T26] ============================================= [ 4649.878115][ T26] [ 4649.879093][ T26] Kernel panic - not syncing: hung_task: blocked tasks [ 4649.886147][ T26] CPU: 0 UID: 0 PID: 26 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT [ 4649.887903][ T26] Hardware name: linux,dummy-virt (DT) [ 4649.888995][ T26] Call trace: [ 4649.889881][ T26] show_stack+0x2c/0x3c (C) [ 4649.891065][ T26] __dump_stack+0x30/0x40 [ 4649.892179][ T26] dump_stack_lvl+0x30/0x12c [ 4649.893273][ T26] dump_stack+0x1c/0x28 [ 4649.894336][ T26] vpanic+0x4d0/0x848 [ 4649.895278][ T26] vpanic+0x0/0x848 [ 4649.896219][ T26] hung_task_panic+0x0/0x2c [ 4649.897101][ T26] kthread+0x4d4/0x51c [ 4649.898099][ T26] ret_from_fork+0x10/0x20 [ 4649.900176][ T26] Kernel Offset: disabled [ 4649.901073][ T26] CPU features: 0x00000000,0034600b,f7c647a1,057ffe1f [ 4649.902451][ T26] Memory Limit: none [ 4649.904833][ T26] Rebooting in 86400 seconds..