last executing test programs: 46.938813463s ago: executing program 0 (id=1763): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000f, 0x11, r3, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0) r5 = eventfd2(0x0, 0x0) close(r5) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) mmap$KVM_VCPU(&(0x7f0000004000/0x4000)=nil, r6, 0x467af21e7e8bde02, 0x11, r5, 0x0) write$eventfd(r5, &(0x7f0000000180)=0x5, 0xfffffde3) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xc0e00, 0x2000) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1) ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1}) ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000240)=@arm64_fp={0x6040000000100050, 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x41, 0x0) 43.192980177s ago: executing program 1 (id=1764): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async, rerun: 64) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async, rerun: 64) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0) (async, rerun: 32) munmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000e95000/0x4000)=nil, 0x0, 0x1000006, 0x2010, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x300000c, 0x4f832, 0xffffffffffffffff, 0x0) (async, rerun: 32) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000000)={0x4}) (async, rerun: 32) close(0x5) r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r5, 0x1, 0x100) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0xf, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000001c0)={0x4, 0xffffffffffffffff}) ioctl$KVM_HAS_DEVICE_ATTR(r6, 0x4018aee3, &(0x7f0000000000)=@attr_arm64={0x0, 0x1, 0x1, 0x0}) 39.308912308s ago: executing program 0 (id=1765): syz_kvm_add_vcpu$arm64(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x0, 0x4}}], 0x50}, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f00000000c0)={0x3, 0xffffffffffffffff}) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_IRQ_LINE(r7, 0x4008ae61, &(0x7f0000000080)={0x80020009, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000000)=0x1000000000}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x5, &(0x7f0000000100)=0x8010000001000001}) r8 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=ANY=[], 0x50}, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000000)={0x2710, 0x0, 0x80a0000, 0x1000, &(0x7f0000ffe000/0x1000)=nil}) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r9, 0xae80, 0x0) 35.527467146s ago: executing program 1 (id=1766): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4020ae46, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000100000000000001000000000010"]) ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000100)={0x1, 0x140, 0x400, 0x0}) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x28600, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x7, 0xffffffffffffffff}) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1) ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000000240)={0x5, 0x11}) ioctl$KVM_ARM_VCPU_FINALIZE(r9, 0x4004aec2, &(0x7f0000000180)=0x4) ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f00000000c0)=@arm64_sve={0x6080000000150080, &(0x7f0000000000)=0x1}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000080)=@attr_other={0x0, 0x0, 0x6, 0xfffffffffffffffe}) r10 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x6000, 0x2000, &(0x7f0000fa2000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0xd000, 0x2000, &(0x7f0000fa2000/0x2000)=nil}) r11 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000200)={0x7, 0xffffffffffffffff}) ioctl$KVM_GET_DEVICE_ATTR(r12, 0x4018aee2, &(0x7f0000000080)=@attr_other={0x0, 0x9, 0x7, &(0x7f0000000000)=0x8}) 22.414171084s ago: executing program 0 (id=1767): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x10003, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x59) 21.968943181s ago: executing program 1 (id=1768): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, &(0x7f00000009c0)=[@mrs={0xbe, 0x18, {0x603000000013c02c}}], 0x18}, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) r4 = mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async, rerun: 64) r5 = mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) (rerun: 64) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) (async) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async, rerun: 64) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x100, 0x0) (rerun: 64) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) r11 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000080)={0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="82000000000000002800000000000000000000000000000001000000000000000803000000000000aa0000000000000028000000000000000e01030000000b0000000cc80000000000000200000038ea"], 0x50}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r9, 0x1, 0x100) (async) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000}) ioctl$KVM_RUN(r11, 0xae80, 0x0) (async, rerun: 64) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) (async, rerun: 64) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) (async) r13 = openat$kvm(0x0, &(0x7f00000000c0), 0x909483, 0x0) (async) r14 = openat$kvm(0x0, &(0x7f0000000040), 0x101002, 0x0) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) r16 = ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r15, r16, &(0x7f0000c00000/0x400000)=nil, &(0x7f00000000c0)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f0000000100)=[@featur2={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r16, 0xae80, 0x0) (async) ioctl$KVM_SET_ONE_REG(r16, 0x4010aeac, &(0x7f0000000240)=@arm64_bitmap={0x6030000000160002, &(0x7f0000000200)=0x3}) (async, rerun: 32) r17 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) (rerun: 32) ioctl$KVM_CREATE_VCPU(r17, 0xae41, 0x8) 16.592287741s ago: executing program 0 (id=1769): munmap(&(0x7f0000647000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x53033, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000fde000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0x3, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f40000/0x5000)=nil, 0x5000) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0) r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000400)={0x0, &(0x7f0000000000)=[@irq_setup={0x46, 0x18, {0x1, 0x2f4}}, @hvc={0x32, 0x40, {0xc400000e, [0x8, 0x8000000000000001, 0x6, 0x8001, 0x283]}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x1, 0xd, 0x8, 0xf3, 0x2}}, @code={0xa, 0x9c, {"a0448cd20080b0f2c10180d2c20080d2030080d2c40080d2020000d4c0c785d20060b0f2810180d2020080d2830080d2e40180d2020000d4000008d5000028d5807188d200c0b0f2410180d2c20180d2030080d2c40080d2020000d440789cd20020b0f2810180d2820180d2030180d2a40080d2020000d400000031000000110060000c0030000f"}}, @uexit={0x0, 0x18, 0x9}, @uexit={0x0, 0x18, 0x33c5}, @hvc={0x32, 0x40, {0x84000002, [0xe, 0x7, 0x6, 0x1]}}, @smc={0x1e, 0x40, {0x30000000, [0x10, 0x0, 0x0, 0x9]}}, @its_setup={0x82, 0x28, {0x4, 0x3, 0x1b6}}, @irq_setup={0x46, 0x18, {0x0, 0x351}}, @irq_setup={0x46, 0x18, {0x3, 0x2ce}}, @hvc={0x32, 0x40, {0x80000001, [0x2d, 0x81, 0x5, 0x0, 0x5]}}, @irq_setup={0x46, 0x18, {0x0, 0x23b}}, @code={0xa, 0x9c, {"007008d5007008d5000c00bc60f182d20020b0f2410080d2820180d2230180d2040080d2020000d400f986d200a0b0f2e10080d2e20180d2a30080d2e40180d2020000d400a4800d0008c01a400e93d20000b8f2210180d2820180d2030080d2e40180d2020000d4008008d5e0bb80d200e0b0f2810080d2a20080d2430180d2240180d2020000d4"}}, @msr={0x14, 0x20, {0x603000000013df4e, 0x5}}, @code={0xa, 0x84, {"007008d5007008d500f38cd20080b0f2010180d2820180d2630180d2240180d2020000d4a0bb97d20000b0f2e10180d2820180d2430180d2e40080d2020000d4007008d5008008d50060000e000480dae08992d20040b0f2010080d2820080d2230180d2240080d2020000d4000008d5"}}, @uexit={0x0, 0x18}], 0x3d4}, &(0x7f0000000440)=[@featur2={0x1, 0xe}], 0x1) 13.818860292s ago: executing program 1 (id=1770): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000f, 0x11, r4, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r4, 0x0) (async, rerun: 32) r6 = eventfd2(0x0, 0x0) close(r6) (async, rerun: 64) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) (rerun: 64) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000005, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x2000009, 0x4102932, 0xffffffffffffffff, 0x0) write$eventfd(r6, &(0x7f0000000180)=0x4, 0x8) (async) r7 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) (async, rerun: 32) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async, rerun: 32) ioctl$KVM_RUN(r4, 0xae80, 0x0) (async, rerun: 64) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async, rerun: 64) close(0x5) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) close(0x5) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0) 9.657215538s ago: executing program 0 (id=1771): r0 = mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x28031, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000bfd000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000b80)={0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e00000000000000400000000000000012000084"], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1) syz_kvm_vgic_v3_setup(r3, 0x2, 0x40) ioctl$KVM_RUN(r5, 0xae80, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000240)="fb4149dd033be3ac3bc4a22332fdaa8de0518df242008031d1dfd92f0000000001fff9ffdc9610fbff77521ce30d8f00", 0x0, 0xfcf7) 6.913681365s ago: executing program 1 (id=1772): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000000)={0xa8, 0x0, 0x1}) (async, rerun: 64) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) (rerun: 64) ioctl$KVM_CREATE_VM(r3, 0x40086602, 0x20000000) r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000000)={0x0, &(0x7f0000000080)=[@hvc={0x32, 0x40, {0xc4000010, [0x3, 0x100000000000005, 0x6, 0x80000001, 0xbf0]}}], 0x40}, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 4.626942495s ago: executing program 0 (id=1773): r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x909483, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) (async) r7 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000080)={0x0, &(0x7f0000000000)=[@memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x6900, 0xff, 0x7}}], 0x30}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r4, 0x2, 0x3c0) ioctl$KVM_RUN(r7, 0xae80, 0x0) (async) r8 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r8, 0x4020aeae, &(0x7f0000000340)={0x5}) (async) ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000080)=@arm64_core={0x6030000000100028, &(0x7f0000000040)=0x8}) (async) r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r11 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x4) ioctl$KVM_ARM_VCPU_INIT(r11, 0x4020aeae, &(0x7f0000000080)={0x5, 0xb}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f0000000140)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000040)={0x7ffd, 0xb}}) (async) r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) (async) r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r14, 0x4040aea0, &(0x7f00000000c0)=@arm64={0x27, 0xf4, 0x2, '\x00', 0x8000000000000000}) (async) r15 = openat$kvm(0x0, &(0x7f0000000040), 0x200, 0x0) syz_kvm_setup_cpu$arm64(r10, r11, &(0x7f0000bfd000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f00000004c0)=[@irq_setup={0x46, 0x18, {0x3, 0x3b8}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x380, 0xffffffffffffff23, 0x8}}, @code={0xa, 0x6c, {"606193d20080b8f2210180d2e20180d2830180d2440180d2020000d4000008d500c8a00e007008d5008008d50094000f0000204b008008d5207196d20040b0f2c10080d2420180d2e30180d2c40180d2020000d4007008d5"}}, @uexit={0x0, 0x18, 0x80000001}, @hvc={0x32, 0x40, {0x84000050, [0x9e1e, 0x0, 0xa, 0xe, 0x100000001]}}, @uexit={0x0, 0x18, 0x1}, @its_setup={0x82, 0x28, {0x1, 0x2, 0x2fa}}, @code={0xa, 0x6c, {"0030005f000028d5000008d580c586d20040b0f2410180d2a20080d2830180d2c40080d2020000d4008c002f0004006e0004803ce0bd8dd20080b8f2c10080d2020080d2430180d2a40080d2020000d4000008d50020006f"}}, @hvc={0x32, 0x40, {0x84000051, [0x9100000, 0x9, 0x8, 0x4]}}, @hvc={0x32, 0x40, {0x84000053, [0x0, 0x0, 0x44e, 0x101, 0x1ff]}}, @hvc={0x32, 0x40, {0x84000050, [0x81, 0x3, 0x7, 0x3ff, 0xffff]}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x4, 0x8, 0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x0, 0x0, 0x4, 0xf, 0x40, 0x400, 0x4}}, @smc={0x1e, 0x40, {0x84000006, [0xffffffffffffff04, 0xff, 0x3, 0x3, 0x4]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x100, 0x3, 0xf}}], 0x338}], 0x1, 0x0, &(0x7f0000000100)=[@featur2={0x1, 0x14}], 0x1) (async) r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r16, 0xae03, 0xbb) 0s ago: executing program 1 (id=1774): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2041, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_vgic_v3_setup(r2, 0x1, 0x100) (async) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x4, 0x1, 0x0}) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) mmap$KVM_VCPU(&(0x7f0000000000/0x3000)=nil, 0x0, 0x100000a, 0x12, r5, 0x100000) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) (async) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) (async) r10 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x4) mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, r6, 0x1000004, 0x32e7851d6de9e532, r10, 0x0) (async) ioctl$KVM_GET_SREGS(r10, 0x8000ae83, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, 0x0, 0x1, 0x11, r5, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) kernel console output (not intermixed with test programs): [ 415.728678][ T3129] eql: remember to turn off Van-Jacobson compression on your slave devices Warning: Permanently added '[localhost]:2782' (ED25519) to the list of known hosts. [ 589.778359][ T25] audit: type=1400 audit(588.930:59): avc: denied { name_bind } for pid=3287 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 590.723057][ T25] audit: type=1400 audit(589.880:60): avc: denied { execute } for pid=3288 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 590.748998][ T25] audit: type=1400 audit(589.890:61): avc: denied { execute_no_trans } for pid=3288 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 610.306957][ T25] audit: type=1400 audit(609.460:62): avc: denied { mounton } for pid=3288 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 610.338460][ T25] audit: type=1400 audit(609.490:63): avc: denied { mount } for pid=3288 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 610.425647][ T3288] cgroup: Unknown subsys name 'net' [ 610.475890][ T25] audit: type=1400 audit(609.630:64): avc: denied { unmount } for pid=3288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 610.908662][ T3288] cgroup: Unknown subsys name 'cpuset' [ 611.012972][ T3288] cgroup: Unknown subsys name 'rlimit' [ 611.999316][ T25] audit: type=1400 audit(611.150:65): avc: denied { setattr } for pid=3288 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 612.018795][ T25] audit: type=1400 audit(611.160:66): avc: denied { mounton } for pid=3288 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 612.044605][ T25] audit: type=1400 audit(611.200:67): avc: denied { mount } for pid=3288 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 613.243266][ T3291] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 613.264275][ T25] audit: type=1400 audit(612.410:68): avc: denied { relabelto } for pid=3291 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 613.291544][ T25] audit: type=1400 audit(612.440:69): avc: denied { write } for pid=3291 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 613.465048][ T25] audit: type=1400 audit(612.620:70): avc: denied { read } for pid=3288 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 613.483777][ T25] audit: type=1400 audit(612.630:71): avc: denied { open } for pid=3288 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 613.523158][ T3288] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 660.453893][ T25] audit: type=1400 audit(659.610:72): avc: denied { execmem } for pid=3292 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 664.241824][ T25] audit: type=1400 audit(663.390:73): avc: denied { read } for pid=3294 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 664.276212][ T25] audit: type=1400 audit(663.410:74): avc: denied { open } for pid=3295 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 664.333683][ T25] audit: type=1400 audit(663.470:75): avc: denied { mounton } for pid=3294 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 664.567486][ T25] audit: type=1400 audit(663.720:77): avc: denied { module_request } for pid=3294 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 664.599378][ T25] audit: type=1400 audit(663.710:76): avc: denied { module_request } for pid=3295 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 665.715872][ T25] audit: type=1400 audit(664.860:78): avc: denied { sys_module } for pid=3295 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 689.666111][ T3294] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 689.918143][ T3294] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 691.142420][ T3295] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 691.314125][ T3295] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 707.663787][ T3294] hsr_slave_0: entered promiscuous mode [ 707.690421][ T3294] hsr_slave_1: entered promiscuous mode [ 708.754493][ T3295] hsr_slave_0: entered promiscuous mode [ 708.787875][ T3295] hsr_slave_1: entered promiscuous mode [ 708.813574][ T3295] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 708.822023][ T3295] Cannot create hsr debugfs directory [ 714.221877][ T25] audit: type=1400 audit(713.370:79): avc: denied { create } for pid=3294 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 714.272237][ T25] audit: type=1400 audit(713.420:80): avc: denied { write } for pid=3294 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 714.331052][ T25] audit: type=1400 audit(713.480:81): avc: denied { read } for pid=3294 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 714.446820][ T3294] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 714.757409][ T3294] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 715.059151][ T3294] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 715.438754][ T3294] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 716.767691][ T3295] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 716.968806][ T3295] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 717.157629][ T3295] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 717.306646][ T3295] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 730.115070][ T3294] 8021q: adding VLAN 0 to HW filter on device bond0 [ 732.624297][ T3295] 8021q: adding VLAN 0 to HW filter on device bond0 [ 787.768697][ T3294] veth0_vlan: entered promiscuous mode [ 788.194976][ T3294] veth1_vlan: entered promiscuous mode [ 790.193914][ T3294] veth0_macvtap: entered promiscuous mode [ 790.754618][ T3295] veth0_vlan: entered promiscuous mode [ 790.824221][ T3294] veth1_macvtap: entered promiscuous mode [ 791.413117][ T3295] veth1_vlan: entered promiscuous mode [ 792.942232][ T3294] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 792.947212][ T3294] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 792.957925][ T3294] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 792.968274][ T3294] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 794.145072][ T3295] veth0_macvtap: entered promiscuous mode [ 794.743330][ T3295] veth1_macvtap: entered promiscuous mode [ 795.564981][ T25] audit: type=1400 audit(794.700:82): avc: denied { mount } for pid=3294 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 795.735507][ T25] audit: type=1400 audit(794.890:83): avc: denied { mounton } for pid=3294 comm="syz-executor" path="/syzkaller.ivosM4/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 795.978721][ T25] audit: type=1400 audit(795.130:84): avc: denied { mount } for pid=3294 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 796.422733][ T25] audit: type=1400 audit(795.570:85): avc: denied { mounton } for pid=3294 comm="syz-executor" path="/syzkaller.ivosM4/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 796.550892][ T25] audit: type=1400 audit(795.700:86): avc: denied { mounton } for pid=3294 comm="syz-executor" path="/syzkaller.ivosM4/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 796.804883][ T3295] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 796.809116][ T3295] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 796.831307][ T3295] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 796.848209][ T3295] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 797.191127][ T25] audit: type=1400 audit(796.340:87): avc: denied { unmount } for pid=3294 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 797.467773][ T25] audit: type=1400 audit(796.620:88): avc: denied { mounton } for pid=3294 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 797.672026][ T25] audit: type=1400 audit(796.820:89): avc: denied { mount } for pid=3294 comm="syz-executor" name="/" dev="gadgetfs" ino=3278 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 797.928482][ T25] audit: type=1400 audit(797.070:90): avc: denied { mount } for pid=3294 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 797.993679][ T25] audit: type=1400 audit(797.140:91): avc: denied { mounton } for pid=3294 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 799.567169][ T3294] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 800.593876][ T25] kauditd_printk_skb: 1 callbacks suppressed [ 800.620638][ T25] audit: type=1400 audit(799.740:93): avc: denied { read write } for pid=3294 comm="syz-executor" name="loop0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 800.628623][ T25] audit: type=1400 audit(799.760:94): avc: denied { open } for pid=3294 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 800.696201][ T25] audit: type=1400 audit(799.830:95): avc: denied { ioctl } for pid=3294 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=637 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 803.689294][ T25] audit: type=1400 audit(802.840:96): avc: denied { read } for pid=3435 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 803.723737][ T25] audit: type=1400 audit(802.870:97): avc: denied { open } for pid=3435 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 804.417720][ T25] audit: type=1400 audit(803.520:98): avc: denied { ioctl } for pid=3435 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 805.312165][ T25] audit: type=1400 audit(804.460:99): avc: denied { write } for pid=3435 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 805.408515][ T25] audit: type=1400 audit(804.560:100): avc: denied { append } for pid=3436 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 907.018263][ T25] audit: type=1400 audit(906.170:101): avc: denied { map } for pid=3497 comm="syz.0.18" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 947.075769][ T25] audit: type=1400 audit(946.200:102): avc: denied { execute } for pid=3525 comm="syz.1.26" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=5074 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 1002.678507][ T25] audit: type=1400 audit(1001.820:103): avc: denied { setattr } for pid=3566 comm="syz.0.38" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1069.604789][ T3618] KVM: debugfs: duplicate directory 3618-5 [ 1069.987081][ T3618] KVM: debugfs: duplicate directory 3618-5 [ 1167.206837][ T3682] kvm [3682]: Failed to find VMA for hva 0x20bfe000 [ 1290.905237][ T25] audit: type=1400 audit(1290.060:104): avc: denied { ioctl } for pid=3764 comm="syz.0.94" path="net:[4026531840]" dev="nsfs" ino=4026531840 ioctlcmd=0xb707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 1346.403829][ T3798] kvm [3798]: Failed to find VMA for hva 0x20d8d000 [ 1513.459275][ T3909] kvm [3909]: Failed to find VMA for hva 0x20c00000 [ 1575.011738][ T3951] kvm [3951]: Failed to find VMA for hva 0x20d8d000 [ 1768.669443][ T4088] kvm [4088]: Failed to find VMA for hva 0x20c01000 [ 1768.893713][ T4089] KVM: debugfs: duplicate directory 4089-5 [ 2055.618630][ T4297] kvm [4297]: Failed to find VMA for hva 0x20d8d000 [ 2076.094802][ T4314] KVM: debugfs: duplicate directory 4314-5 [ 2279.453097][ T25] audit: type=1400 audit(2278.600:105): avc: denied { execute } for pid=4461 comm="syz.0.291" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 2295.128290][ T4477] debugfs: File 'vgic-its-state@0' in directory '4477-4' already present! [ 2303.822930][ T4480] kvm [4480]: Failed to find VMA for hva 0x21016000 [ 2352.012757][ T4513] kvm [4513]: Failed to find VMA for hva 0x20c00000 [ 2420.381273][ T4558] KVM: debugfs: duplicate directory 4558-5 [ 2660.085356][ T4740] kvm [4740]: Failed to find VMA for hva 0x20fcc000 [ 2660.134330][ T4740] kvm [4740]: Failed to find VMA for hva 0x20fcc000 [ 2660.207450][ T4740] kvm [4740]: Failed to find VMA for hva 0x20fcc000 [ 2660.272724][ T4742] kvm [4742]: Failed to find VMA for hva 0x20e8a000 [ 2660.307264][ T4740] kvm [4740]: Failed to find VMA for hva 0x20fcc000 [ 2660.368238][ T4740] kvm [4740]: Failed to find VMA for hva 0x20fcc000 [ 2660.386162][ T4740] kvm [4740]: Failed to find VMA for hva 0x20fcc000 [ 2660.573506][ T4740] kvm [4740]: Failed to find VMA for hva 0x20fcc000 [ 2660.708391][ T4740] kvm [4740]: Failed to find VMA for hva 0x20fcc000 [ 2660.804027][ T4740] kvm [4740]: Failed to find VMA for hva 0x20fcc000 [ 2660.952675][ T4740] kvm [4740]: Failed to find VMA for hva 0x20fcc000 [ 2660.978215][ T4740] kvm [4740]: Failed to find VMA for hva 0x20fcc000 [ 2661.103671][ T4740] kvm [4740]: Failed to find VMA for hva 0x20fcc000 [ 2661.194304][ T4740] kvm [4740]: Failed to find VMA for hva 0x20fcc000 [ 2661.284692][ T4740] kvm [4740]: Failed to find VMA for hva 0x20fcc000 [ 3009.945982][ T5006] kvm [5005]: Unsupported guest access at: eeef0000 [ 3009.945982][ T5006] { Op0( 2), Op1( 4), CRn(15), CRm(11), Op2( 0), func_read }, [ 3610.163749][ T5440] kvm [5440]: Failed to find VMA for hva 0x20d8d000 [ 3634.398742][ T5459] kvm [5459]: Failed to find VMA for hva 0x21016000 [ 3751.428502][ T5548] kvm [5547]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 3751.428502][ T5548] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 3751.494754][ T5548] kvm [5547]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3751.494754][ T5548] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 3751.526866][ T5548] kvm [5547]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3751.526866][ T5548] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 3751.557678][ T5548] kvm [5547]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3751.557678][ T5548] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 3751.621896][ T5548] kvm [5547]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3751.621896][ T5548] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 3751.635556][ T5548] kvm [5547]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3751.635556][ T5548] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 3751.694960][ T5548] kvm [5547]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3751.694960][ T5548] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 3751.757441][ T5548] kvm [5547]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3751.757441][ T5548] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 3751.788186][ T5548] kvm [5547]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3751.788186][ T5548] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 3751.885587][ T5548] kvm [5547]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3751.885587][ T5548] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 3868.128975][ T5635] kvm [5635]: Failed to find VMA for hva 0x21016000 [ 3868.435609][ T5634] kvm [5634]: Failed to find VMA for hva 0x21016000 [ 3974.618295][ T5704] kvm [5704]: Failed to find VMA for hva 0x20d8d000 [ 4105.549251][ T5793] KVM: debugfs: duplicate directory 5793-4 [ 4361.406307][ T5987] KVM: debugfs: duplicate directory 5987-5 [ 4490.618092][ T6066] kvm [6066]: Failed to find VMA for hva 0x20d8c000 [ 4490.724569][ T6069] kvm [6069]: Failed to find VMA for hva 0x20d8c000 [ 4946.452279][ T25] audit: type=1400 audit(4945.600:106): avc: denied { execute } for pid=6422 comm="syz.0.842" path=2F3431382FFF67521CD66F8F1F447D3570707CD24B7EEBB207 dev="tmpfs" ino=2123 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 5050.939161][ T6494] print_sys_reg_msg: 564 callbacks suppressed [ 5050.962187][ T6494] kvm [6491]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 5050.962187][ T6494] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5050.977297][ T6494] kvm [6491]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5050.977297][ T6494] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5051.023388][ T6494] kvm [6491]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5051.023388][ T6494] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5051.057152][ T6494] kvm [6491]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5051.057152][ T6494] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5051.122338][ T6494] kvm [6491]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5051.122338][ T6494] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5051.147552][ T6494] kvm [6491]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5051.147552][ T6494] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5051.164833][ T6494] kvm [6491]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5051.164833][ T6494] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5051.202728][ T6494] kvm [6491]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5051.202728][ T6494] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5051.216621][ T6494] kvm [6491]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5051.216621][ T6494] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5051.291846][ T6494] kvm [6491]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5051.291846][ T6494] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5305.747334][ T6676] kvm [6676]: Failed to find VMA for hva 0x20fcc000 [ 5315.718518][ T6681] kvm [6681]: Failed to find VMA for hva 0x20c01000 [ 5649.234311][ T6916] kvm [6916]: Failed to find VMA for hva 0x20c01000 [ 5768.255303][ T6989] kvm [6989]: Failed to find VMA for hva 0x20e8a000 [ 5788.619141][ T7007] kvm [7007]: Failed to find VMA for hva 0x21016000 [ 5808.261212][ T7023] KVM: debugfs: duplicate directory 7023-10 [ 5899.082359][ T7085] kvm [7085]: Failed to find VMA for hva 0x20c01000 [ 6007.504430][ T7161] kvm [7160]: Unsupported guest access at: eeef0000 [ 6007.504430][ T7161] { Op0( 2), Op1( 4), CRn(15), CRm(11), Op2( 0), func_read }, [ 6009.224358][ T7161] kvm [7161]: Failed to find VMA for hva 0x20d8d000 [ 6271.473823][ T7350] kvm [7350]: Failed to find VMA for hva 0x20c01000 [ 6333.619224][ T7389] kvm [7389]: Failed to find VMA for hva 0x20c01000 [ 6423.275736][ T7456] kvm [7456]: Failed to find VMA for hva 0x20c01000 [ 6454.368738][ T7477] kvm [7476]: Unsupported guest access at: eeef0000 [ 6454.368738][ T7477] { Op0( 2), Op1( 0), CRn( 0), CRm( 6), Op2( 2), func_write }, [ 6586.113289][ T7565] kvm [7565]: Failed to find VMA for hva 0x20d8d000 [ 6603.554936][ T7576] kvm [7576]: Failed to find VMA for hva 0x20c01000 [ 6633.647178][ T7594] KVM: debugfs: duplicate directory 7594-4 [ 6686.255166][ T7636] KVM: debugfs: duplicate directory 7636-5 [ 6686.895734][ T7636] KVM: debugfs: duplicate directory 7636-5 [ 6693.636575][ T7639] kvm [7639]: Failed to find VMA for hva 0x20000000 [ 6716.812637][ T6368] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6718.242027][ T6368] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6720.018465][ T6368] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6721.585812][ T6368] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6740.353444][ T6368] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 6740.687214][ T6368] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 6740.845035][ T6368] bond0 (unregistering): Released all slaves [ 6742.891796][ T6368] hsr_slave_0: left promiscuous mode [ 6742.982898][ T6368] hsr_slave_1: left promiscuous mode [ 6743.556539][ T6368] veth1_macvtap: left promiscuous mode [ 6743.581879][ T6368] veth0_macvtap: left promiscuous mode [ 6743.602764][ T6368] veth1_vlan: left promiscuous mode [ 6743.633985][ T6368] veth0_vlan: left promiscuous mode [ 6818.038400][ T7649] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 6818.307774][ T7649] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 6855.579089][ T7649] hsr_slave_0: entered promiscuous mode [ 6855.728491][ T7649] hsr_slave_1: entered promiscuous mode [ 6855.826094][ T7649] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 6855.831230][ T7649] Cannot create hsr debugfs directory [ 6878.303100][ T7649] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 6878.748192][ T7649] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 6879.201903][ T7649] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 6879.586252][ T7649] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 6906.365375][ T7649] 8021q: adding VLAN 0 to HW filter on device bond0 [ 7001.035183][ T7649] veth0_vlan: entered promiscuous mode [ 7001.884308][ T7649] veth1_vlan: entered promiscuous mode [ 7004.367421][ T7649] veth0_macvtap: entered promiscuous mode [ 7004.667955][ T7649] veth1_macvtap: entered promiscuous mode [ 7007.157242][ T7649] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 7007.197831][ T7649] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 7007.233224][ T7649] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 7007.252431][ T7649] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 7045.045003][ T3347] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7046.427200][ T3347] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7047.592290][ T3347] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7048.911834][ T3347] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7066.092571][ T3347] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 7066.332887][ T3347] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 7066.554757][ T3347] bond0 (unregistering): Released all slaves [ 7068.617197][ T3347] hsr_slave_0: left promiscuous mode [ 7068.702802][ T3347] hsr_slave_1: left promiscuous mode [ 7069.169444][ T3347] veth1_macvtap: left promiscuous mode [ 7069.186033][ T3347] veth0_macvtap: left promiscuous mode [ 7069.194984][ T3347] veth1_vlan: left promiscuous mode [ 7069.213855][ T3347] veth0_vlan: left promiscuous mode [ 7147.358379][ T7906] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 7147.805028][ T7906] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 7176.734069][ T7906] hsr_slave_0: entered promiscuous mode [ 7176.799399][ T7906] hsr_slave_1: entered promiscuous mode [ 7200.952755][ T7906] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 7201.307641][ T7906] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 7201.633005][ T7906] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 7202.009163][ T7906] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 7227.939406][ T7906] 8021q: adding VLAN 0 to HW filter on device bond0 [ 7318.855462][ T7906] veth0_vlan: entered promiscuous mode [ 7319.538590][ T7906] veth1_vlan: entered promiscuous mode [ 7322.047991][ T7906] veth0_macvtap: entered promiscuous mode [ 7322.428816][ T7906] veth1_macvtap: entered promiscuous mode [ 7325.125096][ T7906] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 7325.147854][ T7906] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 7325.167299][ T7906] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 7325.168512][ T7906] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 7341.337143][ T8163] kvm [8163]: Failed to find VMA for hva 0x20d8d000 [ 7425.252444][ T8217] kvm [8217]: Failed to find VMA for hva 0x20c01000 [ 7867.693310][ T8532] kvm [8532]: Failed to find VMA for hva 0x20c01000 [ 7915.678294][ T8567] kvm [8566]: Unsupported guest access at: eeef0000 [ 7915.678294][ T8567] { Op0( 2), Op1( 0), CRn( 0), CRm( 6), Op2( 2), func_write }, [ 8243.623112][ T8822] kvm [8822]: Failed to find VMA for hva 0x20c00000 [ 8243.703105][ T8822] kvm [8822]: Failed to find VMA for hva 0x20c00000 [ 8454.699009][ T8955] kvm [8955]: Failed to find VMA for hva 0x20c01000 [ 8580.631459][ T9050] kvm [9050]: Failed to find VMA for hva 0x20c01000 [ 8589.845995][ T9058] kvm [9058]: Failed to find VMA for hva 0x21016000 [ 8601.877380][ T9066] kvm [9066]: Failed to find VMA for hva 0x20c07000 [ 8677.978645][ T9113] KVM: debugfs: duplicate directory 9113-4 [ 9174.274670][ T9463] kvm [9463]: Failed to find VMA for hva 0x20c01000 [ 9623.703167][ T9805] print_sys_reg_msg: 256 callbacks suppressed [ 9623.743284][ T9805] kvm [9803]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 9623.743284][ T9805] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 9623.787528][ T9805] kvm [9803]: Unsupported guest CP15 access at: 00000100 [000001db] [ 9623.787528][ T9805] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 9623.818475][ T9805] kvm [9803]: Unsupported guest CP15 access at: 00000100 [000001db] [ 9623.818475][ T9805] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 9623.863028][ T9805] kvm [9803]: Unsupported guest CP15 access at: 00000100 [000001db] [ 9623.863028][ T9805] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 9623.887369][ T9805] kvm [9803]: Unsupported guest CP15 access at: 00000100 [000001db] [ 9623.887369][ T9805] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 9623.925703][ T9805] kvm [9803]: Unsupported guest CP15 access at: 00000100 [000001db] [ 9623.925703][ T9805] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 9623.958548][ T9805] kvm [9803]: Unsupported guest CP15 access at: 00000100 [000001db] [ 9623.958548][ T9805] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 9623.992366][ T9805] kvm [9803]: Unsupported guest CP15 access at: 00000100 [000001db] [ 9623.992366][ T9805] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 9624.079330][ T9805] kvm [9803]: Unsupported guest CP15 access at: 00000100 [000001db] [ 9624.079330][ T9805] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 9624.144393][ T9805] kvm [9803]: Unsupported guest CP15 access at: 00000100 [000001db] [ 9624.144393][ T9805] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 9759.267931][ T9904] ================================================================== [ 9759.268781][ T9904] BUG: KASAN: invalid-access in _raw_spin_lock_irqsave+0x5c/0x7c [ 9759.270747][ T9904] Read of size 1 at addr 00000000000013c8 by task syz.0.1773/9904 [ 9759.271158][ T9904] [ 9759.272306][ T9904] CPU: 0 UID: 0 PID: 9904 Comm: syz.0.1773 Not tainted 6.15.0-rc4-syzkaller-g1b85d923ba8c #0 PREEMPT [ 9759.272847][ T9904] Hardware name: linux,dummy-virt (DT) [ 9759.273307][ T9904] Call trace: [ 9759.273658][ T9904] show_stack+0x2c/0x3c (C) [ 9759.274260][ T9904] __dump_stack+0x30/0x40 [ 9759.274536][ T9904] dump_stack_lvl+0xd8/0x12c [ 9759.274752][ T9904] print_report+0x5c/0xa0 [ 9759.274999][ T9904] kasan_report+0xb0/0x110 [ 9759.275275][ T9904] __kasan_check_byte+0x3c/0x54 [ 9759.275574][ T9904] lock_acquire+0xb0/0x2e0 [ 9759.275860][ T9904] _raw_spin_lock_irqsave+0x5c/0x7c [ 9759.276161][ T9904] kvm_vgic_set_owner+0x18c/0x294 [ 9759.276406][ T9904] kvm_timer_enable+0x1c4/0x794 [ 9759.276624][ T9904] kvm_arch_vcpu_run_pid_change+0x1f0/0x484 [ 9759.276847][ T9904] kvm_vcpu_ioctl+0xae8/0xc24 [ 9759.277093][ T9904] __arm64_sys_ioctl+0x18c/0x244 [ 9759.277296][ T9904] invoke_syscall+0x90/0x2b4 [ 9759.277581][ T9904] el0_svc_common+0x180/0x2f4 [ 9759.277849][ T9904] do_el0_svc+0x58/0x74 [ 9759.278119][ T9904] el0_svc+0x58/0x134 [ 9759.278399][ T9904] el0t_64_sync_handler+0x78/0x108 [ 9759.278697][ T9904] el0t_64_sync+0x198/0x19c [ 9759.279248][ T9904] ================================================================== [ 9759.281613][ T9904] Disabling lock debugging due to kernel taint [ 9759.282760][ T9904] Unable to handle kernel paging request at virtual address ffef80000000013b [ 9759.283241][ T9904] KASAN: maybe wild-memory-access in range [0xff000000000013b0-0xff000000000013bf] [ 9759.283649][ T9904] Mem abort info: [ 9759.283877][ T9904] ESR = 0x0000000096000004 [ 9759.284197][ T9904] EC = 0x25: DABT (current EL), IL = 32 bits [ 9759.284489][ T9904] SET = 0, FnV = 0 [ 9759.284753][ T9904] EA = 0, S1PTW = 0 [ 9759.284996][ T9904] FSC = 0x04: level 0 translation fault [ 9759.285303][ T9904] Data abort info: [ 9759.285559][ T9904] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 [ 9759.285816][ T9904] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 9759.286105][ T9904] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 9759.286510][ T9904] [ffef80000000013b] address between user and kernel address ranges [ 9759.287392][ T9904] Internal error: Oops: 0000000096000004 [#1] SMP [ 9759.309144][ T9904] Modules linked in: [ 9759.311045][ T9904] CPU: 0 UID: 0 PID: 9904 Comm: syz.0.1773 Tainted: G B 6.15.0-rc4-syzkaller-g1b85d923ba8c #0 PREEMPT [ 9759.312561][ T9904] Tainted: [B]=BAD_PAGE [ 9759.313295][ T9904] Hardware name: linux,dummy-virt (DT) [ 9759.317938][ T9904] pstate: 614020c9 (nZCv daIF +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 9759.319176][ T9904] pc : do_raw_spin_lock+0x4c/0x2b4 [ 9759.320162][ T9904] lr : _raw_spin_lock_irqsave+0x64/0x7c [ 9759.321156][ T9904] sp : ffff8000a2dd7930 [ 9759.321901][ T9904] x29: ffff8000a2dd7940 x28: 3bf000001d2d1d40 x27: 3bf000001d2d31b0 [ 9759.323610][ T9904] x26: 0000000000000001 x25: 3bf000001d2d3390 x24: 0000000000000010 [ 9759.324963][ T9904] x23: 8aff8000a2dbb000 x22: 3bf000001d2d1d40 x21: ffff80008020b2b8 [ 9759.326367][ T9904] x20: 00000000000013b0 x19: efff800000000000 x18: 0000000002b1b48b [ 9759.327764][ T9904] x17: 00000000000000d9 x16: 00000000000000fe x15: 0000000000000000 [ 9759.329152][ T9904] x14: 0000000000000000 x13: 00000000ffffffff x12: 0000000000000002 [ 9759.330507][ T9904] x11: 0000000000000001 x10: 0ff000000000013b x9 : 0000000000000000 [ 9759.332055][ T9904] x8 : 00000000000013b4 x7 : ffff8000870bb0c3 x6 : ffff800086592f3c [ 9759.333459][ T9904] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff8000802b42dc [ 9759.334791][ T9904] x2 : 0000000000000001 x1 : 0000000000000000 x0 : 00000000000013b0 [ 9759.336333][ T9904] Call trace: [ 9759.337036][ T9904] do_raw_spin_lock+0x4c/0x2b4 (P) [ 9759.338019][ T9904] _raw_spin_lock_irqsave+0x64/0x7c [ 9759.339023][ T9904] kvm_vgic_set_owner+0x18c/0x294 [ 9759.339965][ T9904] kvm_timer_enable+0x1c4/0x794 [ 9759.340830][ T9904] kvm_arch_vcpu_run_pid_change+0x1f0/0x484 [ 9759.341758][ T9904] kvm_vcpu_ioctl+0xae8/0xc24 [ 9759.342609][ T9904] __arm64_sys_ioctl+0x18c/0x244 [ 9759.343529][ T9904] invoke_syscall+0x90/0x2b4 [ 9759.344427][ T9904] el0_svc_common+0x180/0x2f4 [ 9759.345334][ T9904] do_el0_svc+0x58/0x74 [ 9759.346242][ T9904] el0_svc+0x58/0x134 [ 9759.347139][ T9904] el0t_64_sync_handler+0x78/0x108 [ 9759.348132][ T9904] el0t_64_sync+0x198/0x19c [ 9759.349457][ T9904] Code: d344fd4a aa0003f4 f90007e9 d378fd09 (386a6a6a) [ 9759.351107][ T9904] ---[ end trace 0000000000000000 ]--- [ 9759.352804][ T9904] Kernel panic - not syncing: Oops: Fatal exception [ 9759.354985][ T9904] Kernel Offset: disabled [ 9759.355882][ T9904] CPU features: 0x0000,00000340,02fbcdf1,057ffe1f [ 9759.357039][ T9904] Memory Limit: none [ 9759.358468][ T9904] Rebooting in 86400 seconds.. VM DIAGNOSIS: 13:36:20 Registers: info registers vcpu 0 CPU#0 PC=ffff80008209d634 X00=0000000000000003 X01=0000000000000002 X02=000000000000007b X03=ffff80008209d530 X04=0000000000000001 X05=0000000000000000 X06=ffff800081e87f2c X07=ffff8000870bb0c3 X08=e8f000001d050000 X09=0000000000000000 X10=0000000000ff0100 X11=00000000000000fe X12=000000000000001e X13=0000000000000007 X14=0000000000000000 X15=0000000000000000 X16=00000000000000fe X17=00000000000000d9 X18=0000000002b1b48b X19=efff800000000000 X20=1ef000000e049080 X21=37ff80008c42b018 X22=0000000000000002 X23=1ef000000e04917a X24=000000000000001e X25=1ef000000e0492c8 X26=1ef000000e0490c8 X27=000000000000001e X28=000000000000001e X29=ffff8000a2dd7090 X30=ffff80008209d634 SP=ffff8000a2dd7080 PSTATE=804020c9 N--- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000 P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000 FFR=0000 Z00=0000000000000000:0000000000000000 Z01=ffff000000ff0000:0000000000000000 Z02=0000000000000000:ff000f0000000000 Z03=ffffffffffff00ff:0000ff000000ff00 Z04=0000000000000000:ffffff0f00f000f0 Z05=bcbcbcc0bcc030fc:bcbcbcc0bcc030fc Z06=0000000000000073:0000aaaadf17e3e0 Z07=0000000000000074:0000aaaadf17b620 Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000 Z16=0000fffffe7d29a0:0000fffffe7d29a0 Z17=ffffff80ffffffd8:0000fffffe7d2970 Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000