last executing test programs: 39m56.888211281s ago: executing program 1 (id=5): r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x3}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r2, 0x800454d2, 0x40) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x33) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r4, 0x8040aeb6, 0xfffffffffffffffe) 39m54.803949306s ago: executing program 0 (id=6): r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000300)={0x5e, "e0b52fa8476b80ca5367465015d2fe94a640c4e4c7bb7eb6177ccfcf080823c5f87bed186a64406d698dff4609dec9917ddbc8fe7068e439553e3ea7a066b4e68447282362c16cd8c6a1b6a9e097159aae6fdc06002f44147232a81538c8"}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x6, 0x86, 0x6, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, 0x8, '\x00', 0x1, 0x7}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x200000000000) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000240)={0x1fe, 0x3, 0xffff1000, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f00000000c0)={0x2, 0x3, 0x100000, 0x1000, &(0x7f00000e7000/0x1000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f00000000c0)={0x2, 0x3, 0x100000, 0x1000, &(0x7f00000e7000/0x1000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xcccc0000, 0x1000, &(0x7f0000f15000/0x1000)=nil}) mmap$KVM_VCPU(&(0x7f0000000000/0xc00000)=nil, 0x930, 0x0, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000200)={0x1fd, 0x0, 0xeeee0000, 0x1000, &(0x7f0000ffd000/0x1000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000200)={0x1fd, 0x0, 0xeeee0000, 0x1000, &(0x7f0000ffd000/0x1000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x2710, 0x3, 0x200000, 0x1000, &(0x7f0000ffd000/0x1000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x2710, 0x3, 0x200000, 0x1000, &(0x7f0000ffd000/0x1000)=nil}) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000100)={0x0, 0x5, 0x30000, 0x2000, &(0x7f000009e000/0x2000)=nil}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000100)={0x0, 0x5, 0x30000, 0x2000, &(0x7f000009e000/0x2000)=nil}) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f00000002c0)={0x4, 0xffffffffffffffff}) write$eventfd(r6, &(0x7f00000001c0)=0x3, 0x50) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x3}) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x3}) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000280)={0x2}) (async) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000280)={0x2, 0xffffffffffffffff}) ioctl$KVM_CREATE_VM(r9, 0x800454e1, 0x10000000000000) (async) ioctl$KVM_CREATE_VM(r9, 0x800454e1, 0x10000000000000) r10 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r10, 0xae03, 0x80) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x6, &(0x7f0000000000)=0xff7ffffffffffffc}) (async) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x6, &(0x7f0000000000)=0xff7ffffffffffffc}) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x4, &(0x7f0000000080)=0x9}) 39m49.965615178s ago: executing program 1 (id=7): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x8280, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="000000005d0600000000000000c00712b46ad9447bc8a9e7e65e5a445824e6db4f0c2745ef0f3ee7051ca3581628981b5c6f703fc06c3e415b0b8f16b9ea070b2c5cae1cacb1212d", 0x0, 0x48) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) (async, rerun: 32) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) 39m45.811508312s ago: executing program 0 (id=8): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async, rerun: 64) r2 = openat$kvm(0x0, &(0x7f0000000040), 0xe0000, 0x0) (rerun: 64) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) r4 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, 0x0) (async) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r5, 0x4010aeb5, &(0x7f0000000140)={0x1}) (async) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000bff000/0x400000)=nil) (async) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4000ae84, 0x0) syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async, rerun: 64) r7 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) (rerun: 64) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@smc={0x1e, 0x40, {0xc4000003, [0x1000004, 0x100000003, 0x5, 0x101, 0x9]}}], 0x40}, &(0x7f0000000280)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r8, 0xae80, 0x0) (async, rerun: 64) ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, 0x0) (async, rerun: 64) r9 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@mrs={0xbe, 0x18, {0x603000000013c02c}}, @msr={0x14, 0x20, {0x603000000013f099, 0x8000}}], 0x38}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r10, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) (async) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r11, 0xae01, 0xe) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x6, 0x6, 0x6, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x9, 0x0, 0x0, 0x3, 0x5, 0x8, '\x00', 0x1, 0x400000000002}) ioctl$KVM_SET_ONE_REG(r10, 0x4010aeac, &(0x7f00000000c0)=@arm64_ccsidr={0x6020000000110007, &(0x7f0000000080)=0x9}) (async, rerun: 64) r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (rerun: 64) ioctl$KVM_CREATE_VM(r14, 0xc0189436, 0x1ffffffc) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000140)={0x4, 0x0, [{0x1, 0x6, 0x1, 0x0, @msi={0x5, 0x4ec6}}, {0x9, 0x3, 0x1, 0x0, @adapter={0xd4ff}}, {0x0, 0x0, 0x0, 0x0, @msi={0x0, 0x0, 0x0, 0xe2}}, {0x0, 0x0, 0x0, 0x0, @irqchip={0x9, 0x9}}]}) write$eventfd(r13, &(0x7f00000001c0)=0x3, 0x50) (async) munmap(&(0x7f0000ed5000/0x4000)=nil, 0x4000) 39m41.109393826s ago: executing program 1 (id=9): r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, r1, 0x2800002, 0x4010, 0xffffffffffffffff, 0x0) (async) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}], 0x28}, 0x0, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, r1, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) (async) r6 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000013000/0x400000)=nil) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000000)={0x3b, "fbd4cc2a509f0fc6850434e19f65c964afec4ce7754ce4bdea7094a3bec04fc171d3b3221cb4e4bb8e227a970b4057387c7a12c420d30aa854b419"}) (async) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (rerun: 64) syz_kvm_vgic_v3_setup(r3, 0x1, 0x3a0) (async) ioctl$KVM_RUN(r5, 0xae80, 0x0) 39m36.607339296s ago: executing program 0 (id=10): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_vgic_v3_setup(r4, 0x4, 0x220) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r8, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r5, 0x4018aee3, &(0x7f0000000240)=@attr_other={0x0, 0x6, 0x0, 0x0}) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000180)={0x5000}) r9 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r10, r11, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000040)=@arm64_sys={0x603000000013c028, &(0x7f0000000600)=0x1}) r12 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) r14 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) r15 = syz_kvm_add_vcpu$arm64(r14, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013dce9, 0x8000}}], 0x20}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r15, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r15, 0xae80, 0x0) r16 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x3, 0x1, 0x1}}], 0x28}, 0x0, 0x0) ioctl$KVM_RUN(r16, 0xae80, 0x0) 39m27.179320419s ago: executing program 1 (id=11): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x4}}], 0x28}, 0x0, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x88, 0x0}) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1c1800, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x2a) r7 = openat$kvm(0xffffffffffffff9c, 0x0, 0x8900, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x24) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000040)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r10, 0x4040aea0, &(0x7f00000000c0)=@arm64={0x7, 0x0, 0xfc, '\x00', 0x4}) ioctl$KVM_RUN(r10, 0xae80, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r10, 0x4040aea0, &(0x7f0000000080)=@arm64={0xd, 0x8, 0x7, '\x00', 0x2d}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000c79000/0x4000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8}) r11 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x200000002c) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000240)={0x5}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_pmu_filter={0x0, 0x0, 0x2, 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r11, 0xae01, 0x40d) 39m21.989879682s ago: executing program 0 (id=12): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) munmap$KVM_VCPU(0x0, 0x1000000000) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x2, 0x4f832, 0xffffffffffffffff, 0x1000000) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff}) close(r2) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r5, 0x4010aeab, &(0x7f0000000000)) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(0xffffffffffffffff, 0x4068aea3, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000100)=@attr_riscv64=@attr_config={0x0, 0x1, 0x0, &(0x7f00000000c0)=0x1}) ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x161681, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r8, r9, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x20}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100040, &(0x7f0000000000)=0x3bd}) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x5, 0x0, &(0x7f0000000000)=0x8}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x9, 0xb, 0x0, 0x2, 0x6, 0x6, 0x6, 0x48, 0x88, 0xfb, 0x9, 0x0, 0xb, 0x6, 0xa, 0x3, 0x8, 0x1, '\x00', 0x10, 0x6}) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r10, &(0x7f00000001c0)=0x8100000001, 0x2d73) 39m15.021117813s ago: executing program 1 (id=13): r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xffffffffffffffff) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x20e4586c}) ioctl$KVM_RUN(r3, 0xae80, 0x0) openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0xffffffffffffffff) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000000)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x20e4586c}) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) 39m13.651155143s ago: executing program 0 (id=14): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x163800, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x800, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000c0c000/0x2000)=nil, 0x930, 0x1000002, 0x80031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r5, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0) r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@smc={0x1e, 0x0, {0x84000053, [0x4, 0x6, 0xffffffffffffffff, 0x400, 0xfffffffffffff801]}}], 0xfffffee6}, 0x0, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x163800, 0x0) (async) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x3) (async) ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) (async) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x800, 0x0) (async) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) (async) mmap$KVM_VCPU(&(0x7f0000c0c000/0x2000)=nil, 0x930, 0x1000002, 0x80031, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r5, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@smc={0x1e, 0x0, {0x84000053, [0x4, 0x6, 0xffffffffffffffff, 0x400, 0xfffffffffffff801]}}], 0xfffffee6}, 0x0, 0x0) (async) ioctl$KVM_RUN(r10, 0xae80, 0x0) (async) 39m9.344452421s ago: executing program 1 (id=15): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x40000000000001, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x80000, 0x10007, 0x0, 0x0, 0x2}}], 0x50}, 0x0, 0x0) (async) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r4, 0x4068aea3, &(0x7f0000000000)={0xdf, 0x0, 0xa000}) (async) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async, rerun: 64) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) (rerun: 64) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000240)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 39m3.281152929s ago: executing program 0 (id=16): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)}, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 38m22.789811399s ago: executing program 32 (id=15): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x40000000000001, 0x4, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x80000, 0x10007, 0x0, 0x0, 0x2}}], 0x50}, 0x0, 0x0) (async) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r4, 0x4068aea3, &(0x7f0000000000)={0xdf, 0x0, 0xa000}) (async) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async, rerun: 64) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) (rerun: 64) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000240)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 38m15.708905263s ago: executing program 33 (id=16): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)}, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 33m40.262811285s ago: executing program 2 (id=17): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x6) syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000002000/0x400000)=nil) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0x80111500, 0x2a) close(r2) ioctl$KVM_ARM_SET_COUNTER_OFFSET(r0, 0x4010aeb5, &(0x7f0000000000)={0x10001, 0x2}) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000140)={0x0, &(0x7f0000000200)=[@hvc={0x32, 0x40, {0xc4000053, [0xfffffffffffffffc, 0x1, 0x1, 0x9d, 0x6]}}], 0x40}, 0x0, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000a, 0x11, r9, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000380)="f30149ddae810b65d0ecc1d3a6abf4e7454e37c4b85007000000b7fbc51869be2e0000000f000000000000000001000000000000000000000000000e00", 0x0, 0x48) ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000100)=@attr_other={0x0, 0x651, 0x400, &(0x7f00000000c0)=0xffffffffffffffff}) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x753481, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x161942, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r12, 0x4008ae6a, &(0x7f0000000100)={0x1, 0x0, [{0x0, 0x2, 0xbf6a7be1b71b6187, 0x0, @irqchip={0x0, 0x8}}]}) r13 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x1) ioctl$KVM_CREATE_GUEST_MEMFD(r15, 0xc040aed4, &(0x7f0000000580)={0x2, 0x1}) r16 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0xfffffffffffffffe) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) ioctl$KVM_IRQ_LINE_STATUS(r16, 0xc008ae67, 0x0) 33m20.577845777s ago: executing program 2 (id=19): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3b) (async, rerun: 32) r1 = eventfd2(0x401, 0x80000) (rerun: 32) ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f0000000000)={0xffff, 0xc000, 0x0, r1, 0x6}) (async) ioctl$KVM_SIGNAL_MSI(r0, 0x4020aea5, &(0x7f0000000040)={0x4000, 0xdddd0000, 0xd77c, 0x1, 0x5b5}) (async, rerun: 32) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) (rerun: 32) ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000000080)={0x2, 0x8}) (async) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f00000000c0)={0xb, 0xffffffffffffffff, 0x1}) (async) ioctl$KVM_SET_REGS(r2, 0x4360ae82, &(0x7f0000000100)={[0xb47, 0x0, 0x5, 0x2, 0x8000000000000000, 0x5, 0x0, 0x8, 0x10001, 0x1, 0x4, 0xa, 0x3, 0x1, 0xff9, 0x6], 0xe000, 0x102c5}) (async) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f00000001c0)={0x5, 0x80}) (async) r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bfd000/0x400000)=nil) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f0000000200)={0x58000, 0x14000, 0x1}) (async, rerun: 64) ioctl$KVM_CAP_HALT_POLL(r0, 0x4068aea3, &(0x7f0000000240)={0xb6, 0x0, 0xe}) (async, rerun: 64) r4 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r5 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000440)={0x0, &(0x7f00000002c0)=[@irq_setup={0x46, 0x18, {0x1, 0xcc}}, @svc={0x122, 0x40, {0x80000000, [0x1, 0x0, 0x3, 0x933, 0x9]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x2, 0xb, 0x0, 0x71, 0x2}}, @smc={0x1e, 0x40, {0xc4000014, [0x7, 0xc, 0x9, 0x2, 0x2]}}, @code={0xa, 0x84, {"401299d200e0b0f2a10180d2020180d2430180d2e40080d2020000d400ec202e602f84d20000b0f2e10180d2020180d2430080d2240180d2020000d40038300e803c8ad20000b0f2c10180d2620180d2630080d2440080d2020000d40024000f008008d5000028d5000028d5008008d5"}}, @irq_setup={0x46, 0x18, {0x1, 0x298}}], 0x15c}, &(0x7f0000000480)=[@featur2={0x1, 0x84}], 0x1) ioctl$KVM_RUN(r5, 0xae80, 0x0) (async) ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f00000004c0)={0x5, 0x1}) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000540)=@arm64_core={0x603000000010004c, &(0x7f0000000500)=0x5}) ioctl$KVM_GET_MP_STATE(r5, 0x8004ae98, &(0x7f0000000580)) (async, rerun: 64) ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f00000005c0)={0x6, 0x7000, 0x4, r4, 0x5}) (rerun: 64) r6 = syz_kvm_vgic_v3_setup(r0, 0x3, 0x200) (async) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r5, 0x4018aee3, &(0x7f0000000600)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0xca58}) (async, rerun: 32) ioctl$KVM_SIGNAL_MSI(r0, 0x4020aea5, &(0x7f0000000640)={0x7000, 0x41000, 0x100, 0x0, 0xe5}) (async, rerun: 32) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r0, 0x4018aee2, &(0x7f00000006c0)=@attr_other={0x0, 0x2, 0x0, &(0x7f0000000680)=0x4}) ioctl$KVM_HAS_DEVICE_ATTR(r6, 0x4018aee3, &(0x7f0000000740)=@attr_riscv64=@attr_imsic={0x0, 0x1, 0x7, &(0x7f0000000700)=0x5}) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000780)={0x6, 0xffffffffffffffff, 0x1}) (async) ioctl$KVM_CAP_ARM_USER_IRQ(r0, 0x4068aea3, &(0x7f00000007c0)) ioctl$KVM_GET_VCPU_EVENTS(r5, 0x8040ae9f, &(0x7f0000000840)=@arm64) r7 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2a) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000880)={0x4, 0xffffffffffffffff, 0x1}) 33m6.975987232s ago: executing program 2 (id=21): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000280)=@arm64_sys={0x603000000013c801, &(0x7f00000000c0)=0x1000001000001}) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x80000000) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x4200, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200080, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x4000002) r8 = openat$kvm(0x0, &(0x7f0000000380), 0x84000, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r11, 0x4018aee3, &(0x7f0000000000)=@attr_other={0x0, 0x4, 0x5, &(0x7f00000002c0)=0x7}) r12 = openat$kvm(0x0, &(0x7f0000000100), 0x13d542, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) ioctl$KVM_CAP_HALT_POLL(r13, 0x4068aea3, 0x0) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x10001) r14 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil) r17 = syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138017, 0x8000}}], 0x20}, 0x0, 0x0) ioctl$KVM_RUN(r17, 0xae80, 0x0) r18 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) r19 = syz_kvm_add_vcpu$arm64(r18, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@mrs={0xbe, 0x18, {0x603000000013c02c}}, @msr={0x14, 0x20, {0x603000000013f099, 0x8000}}], 0x38}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r19, 0x4018aee1, &(0x7f0000000340)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x100}) ioctl$KVM_RUN(r19, 0xae80, 0x0) ioctl$KVM_CREATE_GUEST_MEMFD(r7, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3}) 32m19.157200765s ago: executing program 34 (id=21): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x31) r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000280)=@arm64_sys={0x603000000013c801, &(0x7f00000000c0)=0x1000001000001}) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x80000000) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x4200, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x200080, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x4000002) r8 = openat$kvm(0x0, &(0x7f0000000380), 0x84000, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r11, 0x4018aee3, &(0x7f0000000000)=@attr_other={0x0, 0x4, 0x5, &(0x7f00000002c0)=0x7}) r12 = openat$kvm(0x0, &(0x7f0000000100), 0x13d542, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) ioctl$KVM_CAP_HALT_POLL(r13, 0x4068aea3, 0x0) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x10001) r14 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil) r17 = syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138017, 0x8000}}], 0x20}, 0x0, 0x0) ioctl$KVM_RUN(r17, 0xae80, 0x0) r18 = syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) r19 = syz_kvm_add_vcpu$arm64(r18, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@mrs={0xbe, 0x18, {0x603000000013c02c}}, @msr={0x14, 0x20, {0x603000000013f099, 0x8000}}], 0x38}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r19, 0x4018aee1, &(0x7f0000000340)=@attr_pvtime_ipa={0x0, 0x2, 0x0, 0x100}) ioctl$KVM_RUN(r19, 0xae80, 0x0) ioctl$KVM_CREATE_GUEST_MEMFD(r7, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000, 0x3}) 26m38.711578924s ago: executing program 3 (id=47): openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000003c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9410447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) eventfd2(0xd, 0x1) (async) r4 = eventfd2(0xd, 0x1) close(r4) (async) close(r4) r5 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff}) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) (async) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)}) (async) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)}) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) (async) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) r8 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r10 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x6100, 0x4, 0xa}}], 0x30}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r11, 0x1, 0x100) ioctl$KVM_RUN(r12, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000000)=0xc000000000000000}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) write$eventfd(r4, 0x0, 0x500) r13 = eventfd2(0x0, 0x0) close(r13) (async) close(r13) 26m25.763910915s ago: executing program 3 (id=48): munmap(&(0x7f0000011000/0xc00000)=nil, 0xc00000) mmap$KVM_VCPU(&(0x7f000052f000/0x4000)=nil, 0x930, 0xe, 0x8032, 0xffffffffffffffff, 0x0) openat$kvm(0x0, &(0x7f0000000280), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffa000/0x1000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000647000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x300000a, 0x53033, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) munmap(&(0x7f0000d8f000/0x4000)=nil, 0x4000) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x0, 0x3c2a1c3178cda732, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f000018f000/0x3000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) munmap(&(0x7f0000eed000/0x4000)=nil, 0x4000) 26m11.828537597s ago: executing program 3 (id=49): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async, rerun: 32) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (rerun: 32) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x2, 0x6}}], 0x50}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000000)=@attr_other={0x0, 0x4102, 0xfffffffffffffc00, &(0x7f0000000040)=0x4}) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) syz_kvm_vgic_v3_setup(r1, 0x2, 0x0) 25m59.875908511s ago: executing program 3 (id=50): openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000040)={0x7, 0xffffffffffffffff}) r1 = openat$kvm(0x0, &(0x7f00000001c0), 0x20600, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000ae9000/0x400000)=nil) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000b80)={0x0, &(0x7f0000000080)=[@mrs={0xbe, 0x18, {0x6030000000138032}}], 0x18}, 0x0, 0x0) r7 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000140)=@arm64_fw={0x6030000000140000, &(0x7f0000000200)=0x10001}) ioctl$KVM_SET_DEVICE_ATTR(r0, 0x8933, 0x0) 25m45.766284377s ago: executing program 3 (id=51): r0 = openat$kvm(0x0, &(0x7f0000000000), 0x80, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e) ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece) (async) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0, 0x30}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_ARM_VCPU_FINALIZE(r2, 0x4004aec2, &(0x7f0000000040)=0x5) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) r6 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r5, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r5, 0x0) (async) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20080, 0x0) (async, rerun: 32) r8 = ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f0000000000)={0x7, 0x2}) (rerun: 32) ioctl$KVM_SET_USER_MEMORY_REGION2(r4, 0x40a0ae49, &(0x7f0000000100)={0x10001, 0x6, 0x60000, 0x1000, &(0x7f0000006000/0x1000)=nil, 0x8, r8}) r9 = ioctl$KVM_CREATE_VM(r7, 0xc0189436, 0x20003fff) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r9, 0x4068aea3, &(0x7f0000000080)={0xdf, 0x0, 0x8000}) 25m22.377444181s ago: executing program 3 (id=52): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_ARM_SET_DEVICE_ADDR(r4, 0x4010aeab, &(0x7f0000000000)={0x140000000000, 0x10000}) r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x200, 0x0) r6 = ioctl$KVM_CREATE_GUEST_MEMFD(r5, 0xc040aed4, &(0x7f0000000040)={0x1000200001fe0000, 0x1}) ioctl$KVM_SET_USER_MEMORY_REGION2(r5, 0x40a0ae49, &(0x7f0000000180)={0x0, 0x4, 0x6000, 0x2000, &(0x7f0000ffd000/0x2000)=nil, 0x100000000000000}) close(r5) close(r6) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f00000000c0)={0x80000000, 0x4}) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3b) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r9, 0x0) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x2, 0x8000000, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000008, 0x100010, r9, 0x0) r13 = eventfd2(0x0, 0x0) close(r13) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, r14, 0x1000002, 0x20010, r9, 0x0) 24m33.760244472s ago: executing program 35 (id=52): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x401, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_ARM_SET_DEVICE_ADDR(r4, 0x4010aeab, &(0x7f0000000000)={0x140000000000, 0x10000}) r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x200, 0x0) r6 = ioctl$KVM_CREATE_GUEST_MEMFD(r5, 0xc040aed4, &(0x7f0000000040)={0x1000200001fe0000, 0x1}) ioctl$KVM_SET_USER_MEMORY_REGION2(r5, 0x40a0ae49, &(0x7f0000000180)={0x0, 0x4, 0x6000, 0x2000, &(0x7f0000ffd000/0x2000)=nil, 0x100000000000000}) close(r5) close(r6) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f00000000c0)={0x80000000, 0x4}) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3b) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) r10 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r9, 0x0) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x31) ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000000040)={0x1, 0x2, 0xeeef0000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x2, 0x8000000, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000008, 0x100010, r9, 0x0) r13 = eventfd2(0x0, 0x0) close(r13) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, r14, 0x1000002, 0x20010, r9, 0x0) 13m0.51558537s ago: executing program 5 (id=106): openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xd, 0x9, 0xb, 0x0, 0x5, 0x6, 0x6, 0x6, 0x48, 0x88, 0x64, 0x9, 0x0, 0x9, 0x40006, 0xe, 0x3, 0x7, 0x0, '\x00', 0x10, 0x6}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r3, &(0x7f00000001c0)=0xffffff7f, 0xff25) r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0xfffffffffffffffc) openat$kvm(0x0, 0x0, 0x0, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f0000000200)=[@msr={0x14, 0xffffffffffffff1e, {0x603000000013c529, 0xfffffffffffffffe}}, @memwrite={0x6e, 0x0, @vgic_gicd={0x8000000, 0x1000, 0xe2, 0x1}}], 0x40}, &(0x7f0000000300)=[@featur2={0x1, 0x81}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1}) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) syz_kvm_add_vcpu$arm64(0x0, 0x0, 0x0, 0x0) syz_kvm_vgic_v3_setup(r8, 0x2, 0x100) r9 = eventfd2(0x10000, 0x0) ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f0000000000)={r9, 0x3}) ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f0000000100)={r9, 0xb16b, 0x2, r9}) ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000100)=@arm64_core={0x6030000000100024, &(0x7f0000000000)=0xffffffffffffffff}) r10 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r6, 0x4004ae8b, &(0x7f0000000040)={0x3a, "6fd3e57348af07114fa0bd1ff63b1aa3e68267fed512bebd7e4ca90ee549cef157a3dff6ec685afaf541a49311c7a80af11d32c4cc20aea0f8d3"}) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0xfffffffefffffffc) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000700)={0x0, 0x0}, &(0x7f0000000740)=[@featur1={0x1, 0x33}], 0x1) ioctl$KVM_GET_REG_LIST(r13, 0xc008aeb0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 12m56.970175195s ago: executing program 4 (id=107): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000040)=@attr_pmu_init) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000000)={0x2000, 0xeeef0000, 0x8000, 0x1}) 12m45.571461064s ago: executing program 5 (id=108): r0 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r1, 0x40086602, 0x110ca32000) 12m45.140466346s ago: executing program 4 (id=109): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x3) r3 = openat$kvm(0x0, &(0x7f0000000140), 0x101282, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x5) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@smc={0x1e, 0x0, {0x84000053, [0x1000009, 0x8000000000000001, 0xffffffffffffffff, 0x400, 0xfffffffffffff801]}}], 0xc7}, 0x0, 0x0) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r13, 0x4020aeae, &(0x7f00000002c0)={0x5}) ioctl$KVM_SET_ONE_REG(r13, 0x4010aeac, &(0x7f0000000000)=@arm64_sys={0x603000000013c038, &(0x7f0000000080)=0x1}) ioctl$KVM_RUN(r10, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000c0b000/0x1000)=nil, r6, 0x2000003, 0x11, r5, 0x0) r14 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000100)={0x0, &(0x7f0000000880)=[@msr={0x14, 0x20, {0x603000000013defc, 0x5a8}}], 0x20}, 0x0, 0x0) ioctl$KVM_RUN(r14, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) 12m33.678436262s ago: executing program 4 (id=110): r0 = eventfd2(0x0, 0x0) close(r0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40800, 0x0) mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, 0x930, 0x6000004, 0x2011, r0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) syz_kvm_vgic_v3_setup(r2, 0x2, 0x100) ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000000000)={0x80, 0x10000000}) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x0, 0x40032, 0xffffffffffffffff, 0x0) 12m26.52057684s ago: executing program 5 (id=111): syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000c58000/0x1000)=nil, r1, 0x2000003, 0xaf832, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) r4 = mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r3, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f00000000c0)="e65bf643e6e1a3ffc871fcc8064f26b4d9f94b6f1ccd7b41443d2b5486580143226c0ead9a1620b6709fafba2af023314cc4bf610d6a743ad4913910b8364e5f73ea2fc43ac1ebfc", 0x0, 0x48) r5 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0xfffffffffffffffe) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000040)=[{0x0, &(0x7f00000001c0)=[@uexit={0x0, 0x18}], 0x18}], 0x1, 0x0, 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) 12m19.475768766s ago: executing program 4 (id=112): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, r2}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x7, 0xb, 0x89, 0x0, 0x7, 0x4, 0x20, 0x8, 0x2, 0x7, 0x1, 0x7, 0x0, 0x104007e, 0x81, 0x0, 0x45, 0x7, 0xb1, '\x00', 0xdf, 0x3}) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000001c0)={0x5000, 0x12000, 0x81}) r3 = eventfd2(0xa3dc, 0xc00) write$eventfd(r3, &(0x7f0000000000)=0x9, 0x8) 12m13.826324397s ago: executing program 5 (id=113): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfe000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000380)={0x0, &(0x7f0000000240)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xc00, 0x6}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x2, 0xc, 0x3, 0x1, 0x4}}, @its_setup={0x82, 0x28, {0x0, 0x1, 0x22a}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xd00, 0x54ee}}, @memwrite={0x6e, 0x30, @generic={0x7000, 0x222, 0x8, 0x2}}, @svc={0x122, 0x40, {0x30000000, [0x9, 0x3, 0x1, 0x4, 0x3]}}, @mrs={0xbe, 0x18, {0x603000000013e6cf}}], 0x138}, &(0x7f00000003c0)=[@featur1={0x1, 0x1}], 0x1) (async) r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) (async, rerun: 32) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000140)={0x0, 0x0}, 0x0, 0x0) (async, rerun: 32) r5 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x40) (async) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) (async) munmap(&(0x7f0000ec1000/0x3000)=nil, 0x3000) (async) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) (async, rerun: 64) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) (rerun: 64) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000481000/0x1000)=nil, 0x1000) (async) munmap(&(0x7f0000136000/0x2000)=nil, 0x2000) (async, rerun: 64) munmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000) (rerun: 64) munmap(&(0x7f00009f4000/0x1000)=nil, 0x1000) munmap(&(0x7f0000e4c000/0x4000)=nil, 0x4000) munmap(&(0x7f0000967000/0x2000)=nil, 0x2000) munmap(&(0x7f00007f5000/0xe000)=nil, 0xe000) (async, rerun: 64) munmap(&(0x7f00007fd000/0x800000)=nil, 0x800000) (async, rerun: 64) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000100)=@attr_riscv64=@attr_aplic={0x0, 0x1, @valid=0x2004, &(0x7f0000000040)=0x7f}) (async) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000ae9000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000b80)={0x0, 0x0}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000000140)=@arm64_fw={0x6030000000140000, &(0x7f0000000200)=0x1}) (async) close(r4) (async) ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) 12m6.591685303s ago: executing program 4 (id=114): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2482, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x12) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, &(0x7f0000000100)=[@smc={0x1e, 0x40, {0x200, [0x80000000000000, 0x53960c3d, 0xac8, 0x2, 0x8000000000000003]}}], 0x40}, &(0x7f00000001c0)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12m0.417634665s ago: executing program 5 (id=115): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x8040aeb6, &(0x7f00000001c0)=@attr_other={0x0, 0x8, 0x100, 0x0}) 11m55.153400979s ago: executing program 4 (id=116): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r1, 0x4068aea3, &(0x7f0000000100)={0xef, 0x0, 0x7}) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000040)={0x0, &(0x7f0000000600)}, 0x0, 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000000000)={0x4, [0x7, 0x7, 0x4, 0x8000000000000000]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 11m49.188631641s ago: executing program 5 (id=117): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2c) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000040)=@riscv64_core={0x8030000000200012, 0x0}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) close(0x4) munmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000) 11m7.878884999s ago: executing program 36 (id=116): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r1, 0x4068aea3, &(0x7f0000000100)={0xef, 0x0, 0x7}) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000040)={0x0, &(0x7f0000000600)}, 0x0, 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000000000)={0x4, [0x7, 0x7, 0x4, 0x8000000000000000]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 11m1.448719228s ago: executing program 37 (id=117): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2c) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r4, 0x4010aeac, &(0x7f0000000040)=@riscv64_core={0x8030000000200012, 0x0}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) close(0x4) munmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000) 2m4.258529302s ago: executing program 6 (id=118): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x280000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r4, 0x400454e2, 0x110c230f00) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x7f, 0x4, 0x3, 0x0, 0x800, 0x9, 0xd, 0x8b, 0x4, 0x0, 0xf, 0xfe, 0x0, 0x2, 0x6, 0x0, 0xd, 0xfe, 0xa, '\x00', 0x0, 0xb}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r5, &(0x7f00000001c0)=0x9, 0x1d) 1m51.669614504s ago: executing program 7 (id=119): ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, 0xffffffffffffffff) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) (async) r4 = syz_kvm_vgic_v3_setup(r3, 0x1, 0x100) ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000200)=@attr_arm64={0x0, 0x1, 0x304, &(0x7f00000001c0)=0x7}) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f00000001c0)="f21bc75509bf71c9d70236fc044842dae3ffffffffffffff4c24501958da2e2c18b875c2357c6ed600", 0x0, 0x48) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000000c0)={0x2, 0xffffffffffffffff}) write$eventfd(r5, &(0x7f00000001c0)=0xffffff7f, 0xff25) (async) r6 = openat$kvm(0x0, 0x0, 0x0, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) (async) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x10000008) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) r9 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r8, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0x3000)=nil, 0x930, 0x1, 0x13, r8, 0x0) (async) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0x80086601, 0x20100000) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000040)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r13, 0x4018aee1, &(0x7f0000000280)=@attr_other={0x0, 0x9, 0x5, &(0x7f0000000000)=0x16}) 1m47.508209939s ago: executing program 6 (id=120): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x703100, 0x0) munmap$KVM_VCPU(0x0, 0x1000000000) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000e, 0x24132, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x5}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x8, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r2, 0x400454dc, 0x23) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101080, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000040)={0x4, 0xffffffffffffffff}) ioctl$KVM_HAS_DEVICE_ATTR(r5, 0x4018aee3, &(0x7f0000000140)=@attr_arm64={0x0, 0x1, 0x0, 0x0}) 1m33.364580685s ago: executing program 6 (id=121): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, &(0x7f0000000000)={0x4, [0x6, 0x8ec, 0xffffffffffffff00, 0x7fffffff]}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f0000000000)={r6, 0x2, 0x1}) ioctl$KVM_CREATE_VM(r3, 0x400454de, 0x110f22fffb) 1m32.078650363s ago: executing program 7 (id=122): openat$kvm(0xffffffffffffff9c, 0x0, 0x4eed40, 0x0) openat$kvm(0x0, 0x0, 0x80, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xcd) syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000240)="57ffe02b199233af1c100f993e9c1541d69a2077275a13cf", 0x0, 0x18) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) r1 = mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000240)="37e68986ad644f5dc57bbc1ff382863b67f3eee57a32ec911d95f88f3dd8ea716e4a29cefbd440b2ecf83f57baf33b0c97182970a47ef45c954e42f2055384921830f6e273d2eb30", 0x0, 0x2a2019ac5ed2a1ef) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000100)="746abf250f7959c813e4adfb369b808022e69fe80cfadce4a1259e77bab54ac9749537b3d016bb7f745a6e22d2f9ff443f19467748a3fe02c239457600", 0x0, 0xfffffffffffffec5) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x82880, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r7, 0x0, 0x100) ioctl$KVM_SIGNAL_MSI(r7, 0x4020aea5, &(0x7f0000000000)={0xd0c19de284cd3ebf, 0x4, 0x7, 0x0, 0x6}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0x11, 0x8, 0xf, 0x0, 0x5, 0x6, 0x86, 0x6, 0x48, 0x86, 0xdd, 0x68, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, 0x8, '\x00', 0x1, 0x1}) write$eventfd(r5, &(0x7f00000001c0)=0x3, 0xfdef) 1m12.909676597s ago: executing program 6 (id=123): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x16, 0x4, 0x1}}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000080)=[{0x0, &(0x7f0000000240)=[@hvc={0x32, 0x40, {0x8600ff01, [0x7, 0x9, 0x8, 0xfffffffffffffff8, 0x100]}}], 0x40}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x4040, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000bff000/0x400000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000000)=@arm64_core={0x6030000000100044, &(0x7f00000001c0)=0x100000001}) r7 = ioctl$KVM_CREATE_VM(r0, 0x80111500, 0x22400004) r8 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x29) syz_kvm_vgic_v3_setup(r9, 0x2, 0x40) ioctl$KVM_IRQ_LINE_STATUS(r9, 0xc008ae67, &(0x7f0000000000)={0x9, 0x5}) write$eventfd(r7, &(0x7f0000000000), 0xfffffdef) syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000000000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xf, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) 1m3.697742004s ago: executing program 7 (id=124): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3c) ioctl$KVM_CAP_HALT_POLL(r0, 0x4068aea3, &(0x7f0000000000)={0xb6, 0x0, 0xffffffffffffffe7}) ioctl$KVM_HAS_DEVICE_ATTR_vm(r0, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x80, 0x427c, &(0x7f0000000080)=0x7}) ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r0, 0x4068aea3, &(0x7f0000000100)) ioctl$KVM_PPC_ALLOCATE_HTAB(r0, 0xc004aea7, &(0x7f0000000180)=0x3) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x34) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x54000, 0x104000, 0x1}) ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000600)={0x1ff, 0x2c0, 0x240, &(0x7f0000000200)=[0x3, 0x401, 0xb, 0x100000001, 0x4, 0x71, 0x80, 0xffffffffffffff06, 0x9, 0x7fffffffffffffff, 0x0, 0x0, 0x8, 0x1, 0x4, 0x8d, 0x3, 0x8, 0xa, 0x0, 0x5, 0x0, 0x6f4, 0xaac9, 0xa0c, 0x401, 0x0, 0x1, 0x9, 0x401, 0x5, 0xff, 0x7, 0x3, 0xa, 0x2, 0x3, 0x2, 0x3, 0x7, 0x3ec6, 0x81, 0x101, 0x7, 0xe459, 0x9, 0x7, 0xffffffff, 0x5, 0x7fff, 0x7f, 0x401, 0x0, 0x3, 0x0, 0x7, 0x0, 0x3, 0x7, 0x4, 0xff, 0x7fffffff, 0x9, 0x3, 0xfffffffffffffff9, 0x4, 0x0, 0x4, 0x200, 0x4, 0x3, 0x3, 0xffffffffffffffff, 0x5, 0xf, 0x6, 0xb, 0x7fffffff, 0x4, 0xe, 0x5, 0xc, 0x3, 0x8, 0x7, 0x2, 0xffffffffffffffff, 0x8, 0x1, 0x7, 0x5d, 0x5, 0x9, 0x5, 0x8, 0xa7af, 0x6, 0x1, 0x5, 0x8, 0x4, 0xffff, 0xe76, 0x8, 0x8, 0x0, 0x1, 0x7fff, 0x7, 0x5, 0x1, 0x0, 0x401, 0x100000000, 0x5, 0x2, 0x3, 0xb, 0x1, 0x100000000, 0x0, 0x5, 0x8, 0x2dc3, 0x9, 0x3, 0x10001, 0x7ff]}) r2 = syz_kvm_vgic_v3_setup(r1, 0x4, 0x1e0) ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000000680)=@attr_riscv64=@attr_config={0x0, 0x1, 0x0, &(0x7f0000000640)=0x3}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000700)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000006c0)=0x9}) r3 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000bff000/0x400000)=nil) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000780)=@attr_riscv64=@attr_addr={0x0, 0x1, @imsic=0x1, &(0x7f0000000740)=0xfa}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000007c0), 0x141881, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x8) r6 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000c40)={0x0, &(0x7f0000000800)=[@irq_setup={0x46, 0x18, {0x4, 0x175}}, @memwrite={0x6e, 0x30, @generic={0x3000, 0x690, 0x1e7, 0x4}}, @svc={0x122, 0x40, {0x8600ff01, [0x80000000, 0x1, 0x9, 0x8, 0x5]}}, @smc={0x1e, 0x40, {0xc400000e, [0x1, 0x6ab6, 0x4, 0xc840000000000000, 0x8]}}, @irq_setup={0x46, 0x18, {0x1, 0x29a}}, @code={0xa, 0x54, {"00000054008008d5000008d5000c40fc007008d5008008d50080601f007008d5002892d200e0b0f2c10080d2220080d2c30080d2040180d2020000d4000028d5"}}, @msr={0x14, 0x20, {0x603000000013def2, 0x86}}, @msr={0x14, 0x20, {0x603000000013c3a0, 0x1}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x2b2}}, @mrs={0xbe, 0x18, {0x603000000013c00f}}, @eret={0xe6, 0x18, 0xb9c}, @irq_setup={0x46, 0x18, {0x4, 0x198}}, @uexit={0x0, 0x18, 0x6}, @eret={0xe6, 0x18, 0xf}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x2, 0x8, 0x4708}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1a00, 0x1, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x3, 0x8, 0x0, 0xf}}, @code={0xa, 0x9c, {"a04884d20080b8f2810180d2420180d2c30080d2640180d2020000d400c0df0d60f59bd20000b0f2a10080d2020080d2830180d2440080d2020000d40080c00c201c98d200a0b0f2010080d2e20180d2c30080d2640080d2020000d4008008d5a01888d200c0b0f2210180d2e20080d2630180d2c40080d2020000d4000000f9000008d5007008d5"}}, @eret={0xe6, 0x18, 0xb918}, @hvc={0x32, 0x40, {0xc4000053, [0xa9, 0x800, 0xfffffffffffffffd, 0x10000]}}, @code={0xa, 0x84, {"0080a00d008008d5008008d50000689e007008d50040200ee0ae82d20000b8f2210180d2020180d2c30080d2c40180d2020000d4002a89d20060b8f2410180d2620080d2a30180d2e40180d2020000d4000028d5804c8ad200c0b0f2410080d2c20080d2e30180d2640080d2020000d4"}}, @irq_setup={0x46, 0x18, {0x2, 0x2f3}}, @uexit={0x0, 0x18, 0x73e}], 0x43c}, &(0x7f0000000c80)=[@featur1={0x1, 0x80}], 0x1) ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000d00)=@attr_riscv64=@attr_config={0x0, 0x1, 0x0, &(0x7f0000000cc0)=0x2}) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r5, 0x4068aea3, &(0x7f0000000d40)={0xdf, 0x0, 0x4000}) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000dc0)={0x1ff, 0x0, 0x41000, 0x1000, &(0x7f0000f1b000/0x1000)=nil}) r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0xe) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000e00)={0x9, 0x400}) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x34) ioctl$KVM_IRQ_LINE(r7, 0x4008ae61, &(0x7f0000000e40)={0xfffffc00, 0x6}) ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f0000000e80)=@arm64={0x7, 0x10, 0x4, '\x00', 0x8}) ioctl$KVM_CREATE_VM(r4, 0xae01, 0xd) mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, 0x0, 0x3000009, 0x11, r6, 0x0) r9 = eventfd2(0x6, 0x80801) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000ec0)={r9, 0x9, 0x2}) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000f40)=@riscv64_d={0x8030000006000015, &(0x7f0000000f00)=0x2}) 51.43420858s ago: executing program 6 (id=125): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000740)={0x10002, 0x1c0, 0x0, &(0x7f0000000340)=[0x5, 0x3cdf73e0, 0x9, 0x10, 0xfffffffffffffff2, 0xfffffffffffffffd, 0x2, 0x32, 0x8, 0x5, 0x100000001, 0x8a02, 0x7, 0xf9, 0x4, 0x100, 0x5, 0x9, 0x1c0, 0xffff, 0x2, 0x9, 0x100000001, 0x8000000000000001, 0xe, 0x1e, 0x7, 0x7ef, 0x10000, 0x4, 0x7, 0x2, 0x8, 0x1, 0xfffffffffffffffe, 0xff, 0x9, 0x9de6, 0x5, 0xa, 0x401, 0x6, 0x6, 0x1, 0x2, 0x7fffffff, 0x4, 0x3, 0x3, 0x4, 0xfffffffffffffff3, 0x2, 0xfffffffffffffffb, 0x5, 0x1, 0x800, 0x6f09, 0xce7b, 0x8, 0x7ff, 0xfffffffffffffffb, 0x0, 0x38aa, 0x9, 0xffffffffffffffff, 0x400, 0xfff, 0x3ff, 0x7fff, 0x1, 0x2, 0x0, 0x7, 0x9, 0xbf, 0x800, 0x4, 0x3, 0x3, 0x6, 0x101, 0x80000001, 0x6, 0x487, 0x7cc2f64e, 0x6, 0x8, 0xffffffff, 0x7, 0x4, 0x6b, 0x2, 0x0, 0xa8, 0x4, 0xfffffffffffffff8, 0x5, 0x40, 0x8, 0xffffffffffffffff, 0x7fffffffffffffff, 0x7ff, 0xffffffff, 0x7fff, 0x94f, 0x4, 0x9, 0x1, 0x4, 0x6, 0x0, 0x6, 0x84, 0xa2, 0x6, 0x9, 0x4, 0x5, 0x0, 0x8, 0x1, 0x5, 0x3, 0x1ff, 0x7fffffff, 0x900000000000, 0x6, 0x1]}) syz_kvm_add_vcpu$arm64(r3, &(0x7f00000002c0)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x81}], 0x1) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 64) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) (rerun: 64) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2a) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000b80)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000000)=@arm64_fw={0x6030000000140000, &(0x7f0000000200)=0x10002}) (async) r8 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c65d, 0xfffdffffc1af0ec0}}], 0x20}, 0x0, 0xffffffffffffff92) (async, rerun: 32) syz_kvm_add_vcpu$arm64(r2, 0x0, 0x0, 0x0) (rerun: 32) syz_kvm_vgic_v3_setup(r1, 0x3, 0xa0) (async, rerun: 32) ioctl$KVM_RUN(r8, 0xae80, 0x0) (rerun: 32) 15.499079734s ago: executing program 38 (id=124): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3c) ioctl$KVM_CAP_HALT_POLL(r0, 0x4068aea3, &(0x7f0000000000)={0xb6, 0x0, 0xffffffffffffffe7}) ioctl$KVM_HAS_DEVICE_ATTR_vm(r0, 0x4018aee3, &(0x7f00000000c0)=@attr_other={0x0, 0x80, 0x427c, &(0x7f0000000080)=0x7}) ioctl$KVM_CAP_ARM_SYSTEM_SUSPEND(r0, 0x4068aea3, &(0x7f0000000100)) ioctl$KVM_PPC_ALLOCATE_HTAB(r0, 0xc004aea7, &(0x7f0000000180)=0x3) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x34) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x54000, 0x104000, 0x1}) ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000600)={0x1ff, 0x2c0, 0x240, &(0x7f0000000200)=[0x3, 0x401, 0xb, 0x100000001, 0x4, 0x71, 0x80, 0xffffffffffffff06, 0x9, 0x7fffffffffffffff, 0x0, 0x0, 0x8, 0x1, 0x4, 0x8d, 0x3, 0x8, 0xa, 0x0, 0x5, 0x0, 0x6f4, 0xaac9, 0xa0c, 0x401, 0x0, 0x1, 0x9, 0x401, 0x5, 0xff, 0x7, 0x3, 0xa, 0x2, 0x3, 0x2, 0x3, 0x7, 0x3ec6, 0x81, 0x101, 0x7, 0xe459, 0x9, 0x7, 0xffffffff, 0x5, 0x7fff, 0x7f, 0x401, 0x0, 0x3, 0x0, 0x7, 0x0, 0x3, 0x7, 0x4, 0xff, 0x7fffffff, 0x9, 0x3, 0xfffffffffffffff9, 0x4, 0x0, 0x4, 0x200, 0x4, 0x3, 0x3, 0xffffffffffffffff, 0x5, 0xf, 0x6, 0xb, 0x7fffffff, 0x4, 0xe, 0x5, 0xc, 0x3, 0x8, 0x7, 0x2, 0xffffffffffffffff, 0x8, 0x1, 0x7, 0x5d, 0x5, 0x9, 0x5, 0x8, 0xa7af, 0x6, 0x1, 0x5, 0x8, 0x4, 0xffff, 0xe76, 0x8, 0x8, 0x0, 0x1, 0x7fff, 0x7, 0x5, 0x1, 0x0, 0x401, 0x100000000, 0x5, 0x2, 0x3, 0xb, 0x1, 0x100000000, 0x0, 0x5, 0x8, 0x2dc3, 0x9, 0x3, 0x10001, 0x7ff]}) r2 = syz_kvm_vgic_v3_setup(r1, 0x4, 0x1e0) ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000000680)=@attr_riscv64=@attr_config={0x0, 0x1, 0x0, &(0x7f0000000640)=0x3}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000700)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000006c0)=0x9}) r3 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000bff000/0x400000)=nil) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000780)=@attr_riscv64=@attr_addr={0x0, 0x1, @imsic=0x1, &(0x7f0000000740)=0xfa}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000007c0), 0x141881, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x8) r6 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000c40)={0x0, &(0x7f0000000800)=[@irq_setup={0x46, 0x18, {0x4, 0x175}}, @memwrite={0x6e, 0x30, @generic={0x3000, 0x690, 0x1e7, 0x4}}, @svc={0x122, 0x40, {0x8600ff01, [0x80000000, 0x1, 0x9, 0x8, 0x5]}}, @smc={0x1e, 0x40, {0xc400000e, [0x1, 0x6ab6, 0x4, 0xc840000000000000, 0x8]}}, @irq_setup={0x46, 0x18, {0x1, 0x29a}}, @code={0xa, 0x54, {"00000054008008d5000008d5000c40fc007008d5008008d50080601f007008d5002892d200e0b0f2c10080d2220080d2c30080d2040180d2020000d4000028d5"}}, @msr={0x14, 0x20, {0x603000000013def2, 0x86}}, @msr={0x14, 0x20, {0x603000000013c3a0, 0x1}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x2b2}}, @mrs={0xbe, 0x18, {0x603000000013c00f}}, @eret={0xe6, 0x18, 0xb9c}, @irq_setup={0x46, 0x18, {0x4, 0x198}}, @uexit={0x0, 0x18, 0x6}, @eret={0xe6, 0x18, 0xf}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x2, 0x8, 0x4708}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1a00, 0x1, 0x2}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x1, 0x3, 0x8, 0x0, 0xf}}, @code={0xa, 0x9c, {"a04884d20080b8f2810180d2420180d2c30080d2640180d2020000d400c0df0d60f59bd20000b0f2a10080d2020080d2830180d2440080d2020000d40080c00c201c98d200a0b0f2010080d2e20180d2c30080d2640080d2020000d4008008d5a01888d200c0b0f2210180d2e20080d2630180d2c40080d2020000d4000000f9000008d5007008d5"}}, @eret={0xe6, 0x18, 0xb918}, @hvc={0x32, 0x40, {0xc4000053, [0xa9, 0x800, 0xfffffffffffffffd, 0x10000]}}, @code={0xa, 0x84, {"0080a00d008008d5008008d50000689e007008d50040200ee0ae82d20000b8f2210180d2020180d2c30080d2c40180d2020000d4002a89d20060b8f2410180d2620080d2a30180d2e40180d2020000d4000028d5804c8ad200c0b0f2410080d2c20080d2e30180d2640080d2020000d4"}}, @irq_setup={0x46, 0x18, {0x2, 0x2f3}}, @uexit={0x0, 0x18, 0x73e}], 0x43c}, &(0x7f0000000c80)=[@featur1={0x1, 0x80}], 0x1) ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000d00)=@attr_riscv64=@attr_config={0x0, 0x1, 0x0, &(0x7f0000000cc0)=0x2}) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r5, 0x4068aea3, &(0x7f0000000d40)={0xdf, 0x0, 0x4000}) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000dc0)={0x1ff, 0x0, 0x41000, 0x1000, &(0x7f0000f1b000/0x1000)=nil}) r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0xe) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000e00)={0x9, 0x400}) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x34) ioctl$KVM_IRQ_LINE(r7, 0x4008ae61, &(0x7f0000000e40)={0xfffffc00, 0x6}) ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f0000000e80)=@arm64={0x7, 0x10, 0x4, '\x00', 0x8}) ioctl$KVM_CREATE_VM(r4, 0xae01, 0xd) mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, 0x0, 0x3000009, 0x11, r6, 0x0) r9 = eventfd2(0x6, 0x80801) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000ec0)={r9, 0x9, 0x2}) ioctl$KVM_SET_ONE_REG(r8, 0x4010aeac, &(0x7f0000000f40)=@riscv64_d={0x8030000006000015, &(0x7f0000000f00)=0x2}) 0s ago: executing program 39 (id=125): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000740)={0x10002, 0x1c0, 0x0, &(0x7f0000000340)=[0x5, 0x3cdf73e0, 0x9, 0x10, 0xfffffffffffffff2, 0xfffffffffffffffd, 0x2, 0x32, 0x8, 0x5, 0x100000001, 0x8a02, 0x7, 0xf9, 0x4, 0x100, 0x5, 0x9, 0x1c0, 0xffff, 0x2, 0x9, 0x100000001, 0x8000000000000001, 0xe, 0x1e, 0x7, 0x7ef, 0x10000, 0x4, 0x7, 0x2, 0x8, 0x1, 0xfffffffffffffffe, 0xff, 0x9, 0x9de6, 0x5, 0xa, 0x401, 0x6, 0x6, 0x1, 0x2, 0x7fffffff, 0x4, 0x3, 0x3, 0x4, 0xfffffffffffffff3, 0x2, 0xfffffffffffffffb, 0x5, 0x1, 0x800, 0x6f09, 0xce7b, 0x8, 0x7ff, 0xfffffffffffffffb, 0x0, 0x38aa, 0x9, 0xffffffffffffffff, 0x400, 0xfff, 0x3ff, 0x7fff, 0x1, 0x2, 0x0, 0x7, 0x9, 0xbf, 0x800, 0x4, 0x3, 0x3, 0x6, 0x101, 0x80000001, 0x6, 0x487, 0x7cc2f64e, 0x6, 0x8, 0xffffffff, 0x7, 0x4, 0x6b, 0x2, 0x0, 0xa8, 0x4, 0xfffffffffffffff8, 0x5, 0x40, 0x8, 0xffffffffffffffff, 0x7fffffffffffffff, 0x7ff, 0xffffffff, 0x7fff, 0x94f, 0x4, 0x9, 0x1, 0x4, 0x6, 0x0, 0x6, 0x84, 0xa2, 0x6, 0x9, 0x4, 0x5, 0x0, 0x8, 0x1, 0x5, 0x3, 0x1ff, 0x7fffffff, 0x900000000000, 0x6, 0x1]}) syz_kvm_add_vcpu$arm64(r3, &(0x7f00000002c0)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x81}], 0x1) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async, rerun: 64) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) (rerun: 64) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x2a) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000b80)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000000)=@arm64_fw={0x6030000000140000, &(0x7f0000000200)=0x10002}) (async) r8 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c65d, 0xfffdffffc1af0ec0}}], 0x20}, 0x0, 0xffffffffffffff92) (async, rerun: 32) syz_kvm_add_vcpu$arm64(r2, 0x0, 0x0, 0x0) (rerun: 32) syz_kvm_vgic_v3_setup(r1, 0x3, 0xa0) (async, rerun: 32) ioctl$KVM_RUN(r8, 0xae80, 0x0) (rerun: 32) kernel console output (not intermixed with test programs): [ 377.474098][ T24] audit: type=1400 audit(376.650:74): avc: denied { write } for pid=3258 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 381.665790][ T24] audit: type=1400 audit(380.850:75): avc: denied { write } for pid=3262 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 384.425846][ T3205] 8021q: adding VLAN 0 to HW filter on device bond0 [ 393.673047][ T24] audit: type=1400 audit(392.850:76): avc: denied { write } for pid=3268 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 399.162243][ T24] audit: type=1400 audit(398.340:77): avc: denied { write } for pid=3271 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 415.593672][ T24] audit: type=1400 audit(414.760:78): avc: denied { write } for pid=3278 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 419.802889][ T24] audit: type=1400 audit(418.970:79): avc: denied { write } for pid=3281 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 430.506421][ T24] audit: type=1400 audit(429.690:80): avc: denied { write } for pid=3286 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 434.404332][ T24] audit: type=1400 audit(433.540:81): avc: denied { write } for pid=3289 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 436.964174][ T3205] eql: remember to turn off Van-Jacobson compression on your slave devices [ 444.338304][ T24] audit: type=1400 audit(443.520:82): avc: denied { write } for pid=3293 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 448.255160][ T24] audit: type=1400 audit(447.430:83): avc: denied { write } for pid=3296 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 458.013698][ T24] audit: type=1400 audit(457.190:84): avc: denied { write } for pid=3299 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 463.424684][ T24] audit: type=1400 audit(462.570:85): avc: denied { write } for pid=3302 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 473.450379][ T24] audit: type=1400 audit(472.630:86): avc: denied { write } for pid=3307 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 477.313865][ T24] audit: type=1400 audit(476.490:87): avc: denied { write } for pid=3310 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 486.952401][ T24] audit: type=1400 audit(486.130:88): avc: denied { write } for pid=3314 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 491.073675][ T24] audit: type=1400 audit(490.220:89): avc: denied { write } for pid=3317 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 500.993189][ T24] audit: type=1400 audit(500.160:90): avc: denied { write } for pid=3321 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 504.872930][ T24] audit: type=1400 audit(504.010:91): avc: denied { write } for pid=3324 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 523.723004][ T24] audit: type=1400 audit(522.900:92): avc: denied { write } for pid=3331 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 528.213088][ T24] audit: type=1400 audit(527.390:93): avc: denied { write } for pid=3334 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 550.523112][ T24] audit: type=1400 audit(549.690:94): avc: denied { write } for pid=3343 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 554.584586][ T24] audit: type=1400 audit(553.760:95): avc: denied { write } for pid=3346 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 560.714105][ T24] audit: type=1400 audit(559.890:96): avc: denied { write } for pid=3349 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 564.723188][ T24] audit: type=1400 audit(563.890:97): avc: denied { write } for pid=3352 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 Warning: Permanently added '[localhost]:15791' (ED25519) to the list of known hosts. [ 607.147884][ T24] audit: type=1400 audit(606.320:98): avc: denied { name_bind } for pid=3357 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 608.016338][ T24] audit: type=1400 audit(607.200:99): avc: denied { execute } for pid=3358 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 608.039001][ T24] audit: type=1400 audit(607.220:100): avc: denied { execute_no_trans } for pid=3358 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 634.026238][ T24] audit: type=1400 audit(633.210:101): avc: denied { mounton } for pid=3358 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 634.087133][ T24] audit: type=1400 audit(633.270:102): avc: denied { mount } for pid=3358 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 634.249971][ T3358] cgroup: Unknown subsys name 'net' [ 634.370133][ T24] audit: type=1400 audit(633.550:103): avc: denied { unmount } for pid=3358 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 635.047597][ T3358] cgroup: Unknown subsys name 'cpuset' [ 635.278062][ T3358] cgroup: Unknown subsys name 'rlimit' [ 637.285929][ T24] audit: type=1400 audit(636.440:104): avc: denied { setattr } for pid=3358 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=704 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 637.335072][ T24] audit: type=1400 audit(636.480:105): avc: denied { mounton } for pid=3358 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 637.353994][ T24] audit: type=1400 audit(636.530:106): avc: denied { mount } for pid=3358 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 639.789014][ T24] audit: type=1400 audit(638.970:107): avc: denied { write } for pid=3361 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 641.037119][ T3362] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 641.074145][ T24] audit: type=1400 audit(640.250:108): avc: denied { relabelto } for pid=3362 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 641.113154][ T24] audit: type=1400 audit(640.280:109): avc: denied { write } for pid=3362 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 641.567741][ T24] audit: type=1400 audit(640.750:110): avc: denied { read } for pid=3358 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 641.613008][ T24] audit: type=1400 audit(640.780:111): avc: denied { open } for pid=3358 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 641.727411][ T3358] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 643.565649][ T24] audit: type=1400 audit(642.750:112): avc: denied { write } for pid=3365 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 705.807022][ T24] audit: type=1400 audit(704.990:113): avc: denied { execmem } for pid=3367 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 709.825910][ T24] audit: type=1400 audit(709.000:114): avc: denied { open } for pid=3370 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 709.834296][ T24] audit: type=1400 audit(709.010:115): avc: denied { read } for pid=3369 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 709.906104][ T24] audit: type=1400 audit(709.070:116): avc: denied { mounton } for pid=3369 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 710.140344][ T24] audit: type=1400 audit(709.320:117): avc: denied { module_request } for pid=3369 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 711.164874][ T24] audit: type=1400 audit(710.340:118): avc: denied { sys_module } for pid=3370 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 733.625930][ T3369] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 733.713483][ T3370] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 733.787468][ T3369] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 733.845021][ T3370] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 746.582548][ T3369] hsr_slave_0: entered promiscuous mode [ 746.610893][ T3369] hsr_slave_1: entered promiscuous mode [ 747.559818][ T3370] hsr_slave_0: entered promiscuous mode [ 747.603650][ T3370] hsr_slave_1: entered promiscuous mode [ 747.627066][ T3370] debugfs: 'hsr0' already exists in 'hsr' [ 747.633005][ T3370] Cannot create hsr debugfs directory [ 753.402896][ T24] audit: type=1400 audit(752.580:119): avc: denied { create } for pid=3369 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 753.464177][ T24] audit: type=1400 audit(752.640:120): avc: denied { write } for pid=3369 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 753.510898][ T24] audit: type=1400 audit(752.690:121): avc: denied { read } for pid=3369 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 753.658145][ T3369] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 753.914854][ T3369] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 754.083730][ T3369] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 754.316602][ T3369] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 754.419208][ T3369] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 754.620216][ T3369] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 754.816902][ T3369] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 754.948209][ T3369] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 756.259805][ T3370] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 756.364679][ T3370] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 756.436184][ T3370] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 756.555444][ T3370] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 756.590449][ T3370] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 756.706085][ T3370] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 756.869794][ T3370] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 757.067517][ T3370] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 774.899957][ T3369] 8021q: adding VLAN 0 to HW filter on device bond0 [ 776.001039][ T3370] 8021q: adding VLAN 0 to HW filter on device bond0 [ 828.535481][ T3369] veth0_vlan: entered promiscuous mode [ 829.146227][ T3369] veth1_vlan: entered promiscuous mode [ 831.534699][ T3370] veth0_vlan: entered promiscuous mode [ 832.647593][ T3369] veth0_macvtap: entered promiscuous mode [ 832.818027][ T3370] veth1_vlan: entered promiscuous mode [ 833.515873][ T3369] veth1_macvtap: entered promiscuous mode [ 836.016866][ T3370] veth0_macvtap: entered promiscuous mode [ 836.064716][ T41] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 836.135125][ T41] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 836.157414][ T41] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 836.271067][ T41] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 836.678827][ T3370] veth1_macvtap: entered promiscuous mode [ 838.926393][ T24] audit: type=1400 audit(838.110:122): avc: denied { mount } for pid=3369 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 839.112600][ T24] audit: type=1400 audit(838.290:123): avc: denied { mounton } for pid=3369 comm="syz-executor" path="/syzkaller.uwcgau/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 839.360561][ T24] audit: type=1400 audit(838.540:124): avc: denied { mount } for pid=3369 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 839.510404][ T3407] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 839.540506][ T3407] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 839.553671][ T41] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 839.557409][ T41] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 839.747677][ T24] audit: type=1400 audit(838.930:125): avc: denied { mounton } for pid=3369 comm="syz-executor" path="/syzkaller.uwcgau/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 839.908906][ T24] audit: type=1400 audit(839.080:126): avc: denied { mounton } for pid=3369 comm="syz-executor" path="/syzkaller.uwcgau/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3743 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 840.613326][ T24] audit: type=1400 audit(839.780:127): avc: denied { unmount } for pid=3369 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 840.917032][ T24] audit: type=1400 audit(840.060:128): avc: denied { mounton } for pid=3369 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1548 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 841.078165][ T24] audit: type=1400 audit(840.260:129): avc: denied { mount } for pid=3369 comm="syz-executor" name="/" dev="gadgetfs" ino=3755 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 841.522457][ T24] audit: type=1400 audit(840.680:130): avc: denied { mount } for pid=3369 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 841.722980][ T24] audit: type=1400 audit(840.880:131): avc: denied { mounton } for pid=3369 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 842.571110][ T3369] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 853.488005][ T24] kauditd_printk_skb: 4 callbacks suppressed [ 853.504441][ T24] audit: type=1400 audit(852.670:136): avc: denied { read write } for pid=3521 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 853.598296][ T24] audit: type=1400 audit(852.780:137): avc: denied { open } for pid=3521 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 853.714952][ T24] audit: type=1400 audit(852.880:138): avc: denied { ioctl } for pid=3521 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 862.613698][ T24] audit: type=1400 audit(861.760:139): avc: denied { execute } for pid=3531 comm="syz.0.4" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3900 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 864.633587][ T24] audit: type=1400 audit(863.800:140): avc: denied { execute } for pid=3529 comm="syz.1.3" path="/sys/kernel/debug/kcov" dev="debugfs" ino=108 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=file permissive=1 [ 865.376216][ T24] audit: type=1400 audit(864.540:141): avc: denied { append } for pid=3531 comm="syz.0.4" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 991.988184][ T3509] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 993.337280][ T3509] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 994.350166][ T3509] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 995.355646][ T3509] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1010.509579][ T3509] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1010.736256][ T3509] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1010.851070][ T3509] bond0 (unregistering): Released all slaves [ 1012.905760][ T3509] hsr_slave_0: left promiscuous mode [ 1013.116807][ T3509] hsr_slave_1: left promiscuous mode [ 1013.629396][ T3509] veth1_macvtap: left promiscuous mode [ 1013.644772][ T3509] veth0_macvtap: left promiscuous mode [ 1013.658999][ T3509] veth1_vlan: left promiscuous mode [ 1013.686116][ T3509] veth0_vlan: left promiscuous mode [ 1032.410278][ T3509] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1033.643238][ T3509] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1035.125291][ T3509] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1036.295999][ T3509] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1038.865965][ T24] audit: type=1400 audit(1038.010:142): avc: denied { write } for pid=3609 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1044.612452][ T24] audit: type=1400 audit(1043.780:143): avc: denied { write } for pid=3622 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1051.676564][ T3509] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1051.748110][ T3509] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1051.794475][ T3509] bond0 (unregistering): Released all slaves [ 1052.226012][ T3205] 8021q: adding VLAN 0 to HW filter on device eth1 [ 1052.719160][ T3509] hsr_slave_0: left promiscuous mode [ 1052.793498][ T3509] hsr_slave_1: left promiscuous mode [ 1053.173512][ T3509] veth1_macvtap: left promiscuous mode [ 1053.174652][ T3509] veth0_macvtap: left promiscuous mode [ 1053.185381][ T3509] veth1_vlan: left promiscuous mode [ 1053.195097][ T3509] veth0_vlan: left promiscuous mode [ 1068.507437][ T3576] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1069.838890][ T3576] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1080.258422][ T3583] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1080.317877][ T24] audit: type=1400 audit(1079.500:144): avc: denied { write } for pid=3642 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1080.819175][ T3583] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1084.394447][ T24] audit: type=1400 audit(1083.540:145): avc: denied { write } for pid=3647 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1087.537865][ T3205] 8021q: adding VLAN 0 to HW filter on device eth2 [ 1090.876311][ T3576] hsr_slave_0: entered promiscuous mode [ 1090.926259][ T3576] hsr_slave_1: entered promiscuous mode [ 1095.419221][ T24] audit: type=1400 audit(1094.600:146): avc: denied { write } for pid=3660 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1100.024213][ T24] audit: type=1400 audit(1099.180:147): avc: denied { write } for pid=3666 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1102.116875][ T3583] hsr_slave_0: entered promiscuous mode [ 1102.179753][ T3583] hsr_slave_1: entered promiscuous mode [ 1102.207559][ T3583] debugfs: 'hsr0' already exists in 'hsr' [ 1102.215765][ T3583] Cannot create hsr debugfs directory [ 1103.078442][ T3205] 8021q: adding VLAN 0 to HW filter on device eth3 [ 1104.547493][ T3576] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1104.806757][ T3576] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1104.870320][ T3576] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1105.083857][ T3576] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1105.842809][ T3576] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1106.070121][ T3576] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1106.476441][ T3576] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1106.678258][ T3576] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1113.374093][ T24] audit: type=1400 audit(1112.550:148): avc: denied { write } for pid=3679 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1115.184550][ T3583] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1115.418795][ T3583] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1115.518654][ T3583] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1115.724813][ T3583] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1115.829768][ T3583] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1116.017607][ T3583] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1116.104876][ T3583] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1116.330072][ T3583] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1120.132265][ T24] audit: type=1400 audit(1119.310:149): avc: denied { write } for pid=3692 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1124.457075][ T3205] 8021q: adding VLAN 0 to HW filter on device eth4 [ 1132.216914][ T3576] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1141.272810][ T24] audit: type=1400 audit(1140.380:150): avc: denied { write } for pid=3708 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1141.637201][ T3583] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1149.792624][ T24] audit: type=1400 audit(1148.950:151): avc: denied { write } for pid=3716 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1154.278934][ T3205] 8021q: adding VLAN 0 to HW filter on device eth5 [ 1161.333289][ T24] audit: type=1400 audit(1160.500:152): avc: denied { write } for pid=3723 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1169.190779][ T24] audit: type=1400 audit(1168.370:153): avc: denied { write } for pid=3731 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1186.215598][ T24] audit: type=1400 audit(1185.330:154): avc: denied { write } for pid=3746 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1194.808106][ T24] audit: type=1400 audit(1193.990:155): avc: denied { write } for pid=3756 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1200.524908][ T3205] 8021q: adding VLAN 0 to HW filter on device eth6 [ 1216.595237][ T24] audit: type=1400 audit(1215.760:156): avc: denied { write } for pid=3770 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1223.194764][ T24] audit: type=1400 audit(1222.310:157): avc: denied { write } for pid=3780 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1227.037446][ T3576] veth0_vlan: entered promiscuous mode [ 1227.930782][ T3576] veth1_vlan: entered promiscuous mode [ 1228.307112][ T3205] 8021q: adding VLAN 0 to HW filter on device eth7 [ 1230.979761][ T3576] veth0_macvtap: entered promiscuous mode [ 1231.473892][ T3576] veth1_macvtap: entered promiscuous mode [ 1235.323679][ T3445] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1235.327909][ T3445] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1235.494397][ T3703] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1235.498512][ T3703] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1235.866211][ T3583] veth0_vlan: entered promiscuous mode [ 1237.649585][ T3583] veth1_vlan: entered promiscuous mode [ 1241.968042][ T3583] veth0_macvtap: entered promiscuous mode [ 1242.674445][ T3583] veth1_macvtap: entered promiscuous mode [ 1244.578985][ T24] audit: type=1400 audit(1243.750:158): avc: denied { write } for pid=3789 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1246.013567][ T48] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1246.016857][ T48] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1246.154220][ T48] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1246.158191][ T48] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1256.680400][ T24] audit: type=1400 audit(1255.860:159): avc: denied { write } for pid=3796 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1264.968920][ T3205] 8021q: adding VLAN 0 to HW filter on device eth8 [ 1315.983887][ T24] audit: type=1400 audit(1315.150:160): avc: denied { write } for pid=3830 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1322.794620][ T24] audit: type=1400 audit(1321.970:161): avc: denied { write } for pid=3833 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1349.925470][ T3703] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1352.320510][ T3703] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1354.005381][ T24] audit: type=1400 audit(1353.180:162): avc: denied { write } for pid=3851 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1354.389949][ T3703] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1356.201004][ T3703] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1365.616058][ T24] audit: type=1400 audit(1364.780:163): avc: denied { write } for pid=3860 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1384.374950][ T3703] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1385.047127][ T3703] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1385.414938][ T3703] bond0 (unregistering): Released all slaves [ 1388.205884][ T3703] hsr_slave_0: left promiscuous mode [ 1388.397585][ T3703] hsr_slave_1: left promiscuous mode [ 1389.156665][ T3703] veth1_macvtap: left promiscuous mode [ 1389.194708][ T3703] veth0_macvtap: left promiscuous mode [ 1389.208050][ T3703] veth1_vlan: left promiscuous mode [ 1389.209856][ T3703] veth0_vlan: left promiscuous mode [ 1397.030256][ T24] audit: type=1400 audit(1396.210:164): avc: denied { write } for pid=3883 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1407.028734][ T24] audit: type=1400 audit(1406.210:165): avc: denied { write } for pid=3890 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1439.840574][ T24] audit: type=1400 audit(1439.020:166): avc: denied { write } for pid=3902 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1449.657509][ T24] audit: type=1400 audit(1448.830:167): avc: denied { write } for pid=3911 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1476.052940][ T24] audit: type=1400 audit(1475.180:168): avc: denied { write } for pid=3936 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1484.737175][ T24] audit: type=1400 audit(1483.910:169): avc: denied { write } for pid=3945 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1485.068871][ T3845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1485.323989][ T3845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1490.857771][ T3205] 8021q: adding VLAN 0 to HW filter on device eth9 [ 1499.045132][ T24] audit: type=1400 audit(1498.060:170): avc: denied { write } for pid=3950 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1509.003099][ T24] audit: type=1400 audit(1508.140:171): avc: denied { write } for pid=3957 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1523.804727][ T3845] hsr_slave_0: entered promiscuous mode [ 1523.876168][ T3845] hsr_slave_1: entered promiscuous mode [ 1532.723505][ T24] audit: type=1400 audit(1531.820:172): avc: denied { write } for pid=3972 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1540.963497][ T24] audit: type=1400 audit(1540.060:173): avc: denied { write } for pid=3979 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1543.707771][ T3845] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1544.166767][ T3845] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1544.201107][ T3845] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1544.650545][ T3845] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1544.763178][ T3845] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1545.165022][ T3845] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1545.320146][ T3845] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1545.788701][ T3845] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1548.807226][ T3205] 8021q: adding VLAN 0 to HW filter on device eth10 [ 1558.335789][ T24] audit: type=1400 audit(1557.490:174): avc: denied { write } for pid=3993 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1570.534433][ T24] audit: type=1400 audit(1569.710:175): avc: denied { write } for pid=4004 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1583.180483][ T3845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1606.905676][ T24] audit: type=1400 audit(1606.070:176): avc: denied { write } for pid=4025 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1619.933485][ T24] audit: type=1400 audit(1619.010:177): avc: denied { write } for pid=4033 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1628.487995][ T3205] 8021q: adding VLAN 0 to HW filter on device eth11 [ 1653.129100][ T24] audit: type=1400 audit(1652.310:178): avc: denied { write } for pid=4053 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1662.723883][ T24] audit: type=1400 audit(1661.880:179): avc: denied { write } for pid=4062 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1669.780100][ T3205] 8021q: adding VLAN 0 to HW filter on device eth12 [ 1683.524001][ T24] audit: type=1400 audit(1682.640:180): avc: denied { write } for pid=4077 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1694.684251][ T24] audit: type=1400 audit(1693.730:181): avc: denied { write } for pid=4088 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1721.334490][ T24] audit: type=1400 audit(1720.490:182): avc: denied { write } for pid=4103 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1731.695271][ T24] audit: type=1400 audit(1730.850:183): avc: denied { write } for pid=4116 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1739.435037][ T3845] veth0_vlan: entered promiscuous mode [ 1740.835876][ T3845] veth1_vlan: entered promiscuous mode [ 1744.868295][ T3845] veth0_macvtap: entered promiscuous mode [ 1745.709917][ T3845] veth1_macvtap: entered promiscuous mode [ 1751.193467][ T3509] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1751.195836][ T3509] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1751.295800][ T3509] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1751.335238][ T3509] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1760.615789][ T24] audit: type=1400 audit(1759.760:184): avc: denied { write } for pid=4125 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1771.048738][ T24] audit: type=1400 audit(1770.210:185): avc: denied { write } for pid=4132 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1836.060945][ T3869] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1838.004368][ T3869] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1838.158862][ T24] audit: type=1400 audit(1837.340:186): avc: denied { write } for pid=4162 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1839.867111][ T3869] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1842.874889][ T3869] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1851.340045][ T24] audit: type=1400 audit(1850.490:187): avc: denied { write } for pid=4172 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1876.139765][ T3869] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1876.543901][ T3869] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1876.874434][ T3869] bond0 (unregistering): Released all slaves [ 1879.636957][ T3869] hsr_slave_0: left promiscuous mode [ 1879.726572][ T3869] hsr_slave_1: left promiscuous mode [ 1880.378905][ T3869] veth1_macvtap: left promiscuous mode [ 1880.403525][ T3869] veth0_macvtap: left promiscuous mode [ 1880.408294][ T3869] veth1_vlan: left promiscuous mode [ 1880.423875][ T3869] veth0_vlan: left promiscuous mode [ 1942.688604][ T24] audit: type=1400 audit(1941.870:188): avc: denied { write } for pid=4213 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1951.019816][ T24] audit: type=1400 audit(1950.200:189): avc: denied { write } for pid=4222 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1956.879931][ T3205] 8021q: adding VLAN 0 to HW filter on device eth13 [ 1964.644022][ T24] audit: type=1400 audit(1963.800:190): avc: denied { write } for pid=4230 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1972.136558][ T4146] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1972.599912][ T4146] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1975.773958][ T24] audit: type=1400 audit(1974.930:191): avc: denied { write } for pid=4240 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1996.796518][ T24] audit: type=1400 audit(1995.980:192): avc: denied { write } for pid=4249 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2006.653459][ T24] audit: type=1400 audit(2005.820:193): avc: denied { write } for pid=4257 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2016.275539][ T4146] hsr_slave_0: entered promiscuous mode [ 2016.339749][ T4146] hsr_slave_1: entered promiscuous mode [ 2016.473330][ T4146] debugfs: 'hsr0' already exists in 'hsr' [ 2016.476688][ T4146] Cannot create hsr debugfs directory [ 2023.843077][ T24] audit: type=1400 audit(2023.010:194): avc: denied { write } for pid=4267 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2034.399280][ T24] audit: type=1400 audit(2033.580:195): avc: denied { write } for pid=4276 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2041.430325][ T4146] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 2041.909213][ T4146] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 2042.087607][ T4146] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 2042.726776][ T4146] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 2042.942941][ T4146] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 2043.540173][ T4146] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 2043.745008][ T4146] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 2044.227990][ T4146] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 2057.242977][ T24] audit: type=1400 audit(2056.390:196): avc: denied { write } for pid=4291 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2068.198037][ T24] audit: type=1400 audit(2067.380:197): avc: denied { write } for pid=4303 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2080.393881][ T4146] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2095.253242][ T24] audit: type=1400 audit(2094.410:198): avc: denied { setattr } for pid=4316 comm="syz.4.73" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 2098.665749][ T24] audit: type=1400 audit(2097.740:199): avc: denied { write } for pid=4314 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2110.349070][ T24] audit: type=1400 audit(2109.520:200): avc: denied { write } for pid=4327 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2120.198541][ T3205] 8021q: adding VLAN 0 to HW filter on device eth14 [ 2146.014809][ T24] audit: type=1400 audit(2145.120:201): avc: denied { write } for pid=4344 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2158.703127][ T24] audit: type=1400 audit(2157.750:202): avc: denied { write } for pid=4353 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2167.599437][ T3205] 8021q: adding VLAN 0 to HW filter on device eth15 [ 2191.263091][ T24] audit: type=1400 audit(2190.350:203): avc: denied { write } for pid=4369 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2201.215433][ T24] audit: type=1400 audit(2200.370:204): avc: denied { write } for pid=4380 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2208.778967][ T3205] 8021q: adding VLAN 0 to HW filter on device eth16 [ 2255.489304][ T4146] veth0_vlan: entered promiscuous mode [ 2256.997112][ T4146] veth1_vlan: entered promiscuous mode [ 2261.214397][ T4146] veth0_macvtap: entered promiscuous mode [ 2262.205673][ T4146] veth1_macvtap: entered promiscuous mode [ 2266.975102][ T3425] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2266.998722][ T3425] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2267.115566][ T3425] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2267.123418][ T3425] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2278.814083][ T24] audit: type=1400 audit(2277.900:205): avc: denied { write } for pid=4425 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2292.737119][ T24] audit: type=1400 audit(2291.900:206): avc: denied { write } for pid=4435 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2325.624040][ T24] audit: type=1400 audit(2324.770:207): avc: denied { write } for pid=4450 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2339.184152][ T24] audit: type=1400 audit(2338.330:208): avc: denied { write } for pid=4461 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2364.984242][ T24] audit: type=1400 audit(2364.150:209): avc: denied { write } for pid=4472 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2378.022956][ T24] audit: type=1400 audit(2377.190:210): avc: denied { write } for pid=4484 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2401.198521][ T24] audit: type=1400 audit(2400.360:211): avc: denied { write } for pid=4490 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2415.172438][ T24] audit: type=1400 audit(2414.250:212): avc: denied { write } for pid=4498 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2465.438562][ T24] audit: type=1400 audit(2464.530:213): avc: denied { map } for pid=4515 comm="syz.5.102" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 2465.475975][ T24] audit: type=1400 audit(2464.650:214): avc: denied { execute } for pid=4515 comm="syz.5.102" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 2572.471002][ T24] audit: type=1400 audit(2571.540:215): avc: denied { write } for pid=4567 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2582.385257][ T24] audit: type=1400 audit(2581.510:216): avc: denied { write } for pid=4571 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2702.318216][ T4575] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2702.777909][ T4575] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2711.944378][ T4578] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2712.385706][ T4578] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2742.489782][ T4575] hsr_slave_0: entered promiscuous mode [ 2742.616375][ T4575] hsr_slave_1: entered promiscuous mode [ 2742.737111][ T4575] debugfs: 'hsr0' already exists in 'hsr' [ 2742.764134][ T4575] Cannot create hsr debugfs directory [ 2750.034835][ T4578] hsr_slave_0: entered promiscuous mode [ 2750.129850][ T4578] hsr_slave_1: entered promiscuous mode [ 2750.284520][ T4578] debugfs: 'hsr0' already exists in 'hsr' [ 2750.325097][ T4578] Cannot create hsr debugfs directory [ 2778.287661][ T4575] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 2779.184959][ T4575] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 2779.399634][ T4575] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 2780.187699][ T4575] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 2780.368625][ T4575] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 2781.087388][ T4575] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 2782.373477][ T4575] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 2783.018003][ T4575] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 2788.707499][ T4578] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 2789.260441][ T4578] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 2789.427840][ T4578] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 2789.887916][ T4578] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 2790.048188][ T4578] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 2790.510268][ T4578] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 2790.715129][ T4578] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 2791.323255][ T4578] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 2828.325234][ T4575] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2836.396597][ T4578] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2885.674694][ T24] audit: type=1400 audit(2884.830:217): avc: denied { write } for pid=4683 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2901.929619][ T24] audit: type=1400 audit(2900.990:218): avc: denied { write } for pid=4692 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2936.120390][ T3407] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2938.620644][ T3407] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2940.949437][ T3407] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2943.340432][ T3407] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2971.344945][ T3407] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2971.550549][ T3407] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2971.773315][ T3407] bond0 (unregistering): Released all slaves [ 2975.127638][ T3407] hsr_slave_0: left promiscuous mode [ 2975.799533][ T3407] hsr_slave_1: left promiscuous mode [ 2976.523118][ T3407] veth1_macvtap: left promiscuous mode [ 2976.542774][ T3407] veth0_macvtap: left promiscuous mode [ 2976.544740][ T3407] veth1_vlan: left promiscuous mode [ 2976.563468][ T3407] veth0_vlan: left promiscuous mode [ 3019.516357][ T3407] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3021.748274][ T3407] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3023.708307][ T3407] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3025.550711][ T3407] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3037.624346][ T24] audit: type=1400 audit(3036.800:219): avc: denied { write } for pid=4732 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3047.596410][ T24] audit: type=1400 audit(3046.760:220): avc: denied { write } for pid=4741 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3049.830474][ T3407] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3050.090690][ T3407] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3050.287189][ T3407] bond0 (unregistering): Released all slaves [ 3054.225212][ T3407] hsr_slave_0: left promiscuous mode [ 3054.743832][ T3407] hsr_slave_1: left promiscuous mode [ 3055.838766][ T3407] veth1_macvtap: left promiscuous mode [ 3055.893652][ T3407] veth0_macvtap: left promiscuous mode [ 3055.896819][ T3407] veth1_vlan: left promiscuous mode [ 3055.943517][ T3407] veth0_vlan: left promiscuous mode [ 3086.059515][ T3205] 8021q: adding VLAN 0 to HW filter on device eth17 [ 3108.964267][ T24] audit: type=1400 audit(3108.140:221): avc: denied { write } for pid=4758 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3113.890243][ T4575] veth0_vlan: entered promiscuous mode [ 3115.244677][ T4575] veth1_vlan: entered promiscuous mode [ 3119.205405][ T4575] veth0_macvtap: entered promiscuous mode [ 3119.958597][ T4575] veth1_macvtap: entered promiscuous mode [ 3121.142484][ T24] audit: type=1400 audit(3120.230:222): avc: denied { write } for pid=4766 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3125.046780][ T4578] veth0_vlan: entered promiscuous mode [ 3126.983888][ T3407] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3127.068727][ T3407] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3127.106227][ T4670] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3127.122841][ T3425] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3128.037236][ T4578] veth1_vlan: entered promiscuous mode [ 3128.796642][ T3205] 8021q: adding VLAN 0 to HW filter on device eth18 [ 3135.996319][ T4578] veth0_macvtap: entered promiscuous mode [ 3137.636627][ T4578] veth1_macvtap: entered promiscuous mode [ 3142.629015][ T29] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3142.657217][ T29] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3142.964195][ T4655] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3142.988543][ T4655] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3158.926347][ T24] audit: type=1400 audit(3158.090:223): avc: denied { write } for pid=4773 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3172.773390][ T24] audit: type=1400 audit(3171.850:224): avc: denied { write } for pid=4786 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3182.730178][ T3205] 8021q: adding VLAN 0 to HW filter on device eth19 [ 3218.012955][ T24] audit: type=1400 audit(3217.050:225): avc: denied { write } for pid=4803 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3229.947184][ T24] audit: type=1400 audit(3229.090:226): avc: denied { write } for pid=4814 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3237.958254][ T3205] 8021q: adding VLAN 0 to HW filter on device eth20 [ 3260.013509][ T24] audit: type=1400 audit(3259.060:227): avc: denied { write } for pid=4818 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3271.346930][ T24] audit: type=1400 audit(3270.500:228): avc: denied { write } for pid=4823 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3278.339931][ T3205] 8021q: adding VLAN 0 to HW filter on device eth21 [ 3308.862456][ T24] audit: type=1400 audit(3308.020:229): avc: denied { write } for pid=4835 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3323.092718][ T24] audit: type=1400 audit(3322.220:230): avc: denied { write } for pid=4846 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3332.588315][ T3205] 8021q: adding VLAN 0 to HW filter on device eth22 [ 3362.424393][ T24] audit: type=1400 audit(3361.570:231): avc: denied { write } for pid=4856 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3376.843434][ T24] audit: type=1400 audit(3376.010:232): avc: denied { write } for pid=4866 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3386.829691][ T3205] 8021q: adding VLAN 0 to HW filter on device eth23 [ 3403.566373][ T24] audit: type=1400 audit(3402.710:233): avc: denied { write } for pid=4878 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3406.225155][ T4825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3406.704986][ T4825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3416.953375][ T24] audit: type=1400 audit(3416.090:234): avc: denied { write } for pid=4886 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3424.225484][ T4830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3424.799077][ T4830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3460.048040][ T24] audit: type=1400 audit(3459.100:235): avc: denied { write } for pid=4901 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3466.859693][ T4825] hsr_slave_0: entered promiscuous mode [ 3467.016979][ T4825] hsr_slave_1: entered promiscuous mode [ 3472.734080][ T24] audit: type=1400 audit(3471.780:236): avc: denied { write } for pid=4909 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3484.624351][ T3205] 8021q: adding VLAN 0 to HW filter on device eth24 [ 3486.619505][ T4830] hsr_slave_0: entered promiscuous mode [ 3486.777313][ T4830] hsr_slave_1: entered promiscuous mode [ 3486.964169][ T4830] debugfs: 'hsr0' already exists in 'hsr' [ 3487.004775][ T4830] Cannot create hsr debugfs directory [ 3521.408654][ T4825] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 3522.618984][ T4825] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 3522.996419][ T4825] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 3523.799772][ T4825] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 3524.049282][ T4825] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 3524.620580][ T4825] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 3525.080548][ T4825] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 3526.204906][ T4825] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 3537.776372][ T4830] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 3538.427198][ T4830] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 3538.698229][ T4830] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 3539.418282][ T4830] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 3539.738419][ T4830] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 3540.458056][ T4830] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 3540.600389][ T4830] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 3541.506247][ T4830] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 3575.653665][ T24] audit: type=1400 audit(3574.780:237): avc: denied { write } for pid=4949 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3591.643536][ T4825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3594.010866][ T24] audit: type=1400 audit(3593.180:238): avc: denied { write } for pid=4958 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3603.929349][ T4830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3630.686956][ T24] audit: type=1400 audit(3629.840:239): avc: denied { write } for pid=4967 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3649.834506][ T24] audit: type=1400 audit(3648.880:240): avc: denied { write } for pid=4976 comm="rm" name="hook-state" dev="tmpfs" ino=92 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 3664.033967][ T26] INFO: task syz.6.125:4811 blocked for more than 430 seconds. [ 3664.117341][ T26] Not tainted syzkaller #0 [ 3664.150973][ T26] Blocked by coredump. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 3664.188473][ T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 3664.189094][ T26] task:syz.6.125 state:D stack:0 pid:4811 tgid:4809 ppid:4575 task_flags:0x40044c flags:0x00000010 [ 3664.190675][ T26] Call trace: [ 3664.258625][ T26] __switch_to+0x5e0/0xb5c (T) [ 3664.322651][ T26] __schedule+0x1f54/0x38a8 [ 3664.364674][ T26] schedule+0xac/0x27c [ 3664.365365][ T26] schedule_timeout+0x68/0x1ec [ 3664.365915][ T26] do_wait_for_common+0x28c/0x440 [ 3664.366362][ T26] wait_for_completion+0x44/0x5c [ 3664.366811][ T26] __synchronize_srcu+0x1b4/0x1f4 [ 3664.367366][ T26] synchronize_srcu+0x668/0x8dc [ 3664.367895][ T26] __mmu_notifier_release+0x668/0x858 [ 3664.368390][ T26] exit_mmap+0xcc/0xb64 [ 3664.368898][ T26] __mmput+0x10c/0x528 [ 3664.369400][ T26] mmput+0x70/0xa8 [ 3664.369949][ T26] exit_mm+0x1e4/0x2f8 [ 3664.370451][ T26] do_exit+0x828/0x2404 [ 3664.370954][ T26] do_group_exit+0x1d4/0x2ac [ 3664.524278][ T26] get_signal+0x1440/0x154c [ 3664.524991][ T26] arch_do_signal_or_restart+0x180/0x4bf4 [ 3664.525568][ T26] exit_to_user_mode_loop+0x88/0x188 [ 3664.526109][ T26] el0_interrupt+0x1a8/0x27c [ 3664.526588][ T26] __el0_irq_handler_common+0x18/0x24 [ 3664.527089][ T26] el0t_64_irq_handler+0x10/0x1c [ 3664.527554][ T26] el0t_64_irq+0x198/0x19c [ 3664.645459][ T26] [ 3664.645459][ T26] Showing all locks held in the system: [ 3664.713622][ T26] 1 lock held by khungtaskd/26: [ 3664.714202][ T26] #0: ffff800087dc47f8 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x0/0x44 [ 3664.716775][ T26] 2 locks held by kworker/u4:5/48: [ 3664.717284][ T26] 2 locks held by getty/3233: [ 3664.717669][ T26] #0: ddf000001272e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c [ 3664.719391][ T26] #1: dbff80008cb5b2e8 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x310/0x1284 [ 3664.894872][ T26] 2 locks held by syz-executor/3358: [ 3664.895590][ T26] 3 locks held by kworker/u4:1/3424: [ 3664.895989][ T26] 3 locks held by kworker/u4:4/3425: [ 3664.896301][ T26] 3 locks held by kworker/u4:6/3702: [ 3664.897111][ T26] 3 locks held by kworker/u4:10/3869: [ 3664.897482][ T26] 3 locks held by kworker/u4:9/4581: [ 3664.897889][ T26] 2 locks held by kworker/u4:12/4655: [ 3664.898210][ T26] #0: bdf000000d036540 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x7f8/0x1d80 [ 3664.900258][ T26] #1: ffff8000a3987ca8 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x884/0x1d80 [ 3664.965482][ T26] 3 locks held by kworker/u4:13/4670: [ 3664.965914][ T26] 3 locks held by kworker/u4:14/4707: [ 3664.966249][ T26] 2 locks held by syz.7.124/4804: [ 3664.966585][ T26] 2 locks held by kworker/u4:7/4894: [ 3664.966934][ T26] #0: bdf000000d036540 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x7f8/0x1d80 [ 3664.968784][ T26] #1: ffff8000a1c17ca8 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x884/0x1d80 [ 3664.970490][ T26] 3 locks held by kworker/u4:8/4940: [ 3664.970839][ T26] 3 locks held by kworker/u4:15/4960: [ 3665.232856][ T26] 2 locks held by modprobe/4980: [ 3665.233641][ T26] 2 locks held by dhcpcd-run-hook/4981: [ 3665.234047][ T26] 1 lock held by modprobe/4982: [ 3665.234585][ T26] [ 3665.234895][ T26] ============================================= [ 3665.234895][ T26] [ 3665.235871][ T26] Kernel panic - not syncing: hung_task: blocked tasks [ 3665.243294][ T26] CPU: 0 UID: 0 PID: 26 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT [ 3665.244859][ T26] Hardware name: linux,dummy-virt (DT) [ 3665.245900][ T26] Call trace: [ 3665.246789][ T26] show_stack+0x2c/0x3c (C) [ 3665.247939][ T26] __dump_stack+0x30/0x40 [ 3665.248975][ T26] dump_stack_lvl+0x30/0x12c [ 3665.250016][ T26] dump_stack+0x1c/0x28 [ 3665.250971][ T26] vpanic+0x4d0/0x848 [ 3665.251900][ T26] vpanic+0x0/0x848 [ 3665.252801][ T26] hung_task_panic+0x0/0x2c [ 3665.253891][ T26] kthread+0x4d4/0x51c [ 3665.254904][ T26] ret_from_fork+0x10/0x20 [ 3665.256710][ T26] Kernel Offset: disabled [ 3665.257612][ T26] CPU features: 0x00000000,0034600b,f7c647a1,057ffe1f [ 3665.258899][ T26] Memory Limit: none [ 3665.261270][ T26] Rebooting in 86400 seconds..