last executing test programs: 7m23.996352085s ago: executing program 1 (id=1516): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil) (async) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000000000/0x400000)=nil) r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff}) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) (async) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000080)=0x8000000000000000}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) r3 = syz_kvm_add_vcpu$arm64(0x0, 0x0, &(0x7f0000000840)=[@featur1={0x1, 0xc7}], 0x1) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3) (async) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) (async) ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000240)=@arm64_sys={0x603000000013dcea, &(0x7f0000000180)=0x10000008}) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x900, 0x0) (async) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x900, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x28) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) (async) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x2012, r9, 0x40000) (async) mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x2012, r9, 0x40000) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, r3, 0x0) munmap(&(0x7f0000800000/0x800000)=nil, 0x800000) 7m13.339938041s ago: executing program 1 (id=1518): openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r1, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000000)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100006, &(0x7f0000000100)=0xc5c5}) munmap(&(0x7f00006b3000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x900, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_GUEST_MEMFD(r5, 0xc040aed4, &(0x7f0000000040)={0x1000200001fe0000, 0x1}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x2, 0x10000}) ioctl$KVM_SET_USER_MEMORY_REGION2(r5, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x6000, 0x2000, &(0x7f0000ffc000/0x2000)=nil, 0x100000000000000, r6}) r7 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x28) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0xdddd1000, 0x2000, &(0x7f0000fa3000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) ioctl$KVM_CREATE_DEVICE(r9, 0xc018aec0, &(0x7f00000000c0)={0x1, 0xffffffffffffffff, 0x300}) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000e31000/0x2000)=nil, 0x930, 0xa, 0x2012, r10, 0x40000) 7m12.134988838s ago: executing program 0 (id=1519): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xe1) openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xb8000, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0x40086602, 0x2f) r2 = mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x1000002, 0xaf832, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f00000000c0)="d5f5f543d3681d26b4d9f0ffffffff7b41445c085486580143226c0ead9a1620ba24f023314cc4bf610d6a743ad4913923b8364e5f73ea2fc43ac1abfc00", 0x0, 0xffffffffffffff32) syz_memcpy_off$KVM_EXIT_MMIO(r2, 0x20, 0x0, 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, 0x0, 0x300000a, 0x16831, 0xffffffffffffffff, 0x0) r4 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000140)={0x0, &(0x7f0000000300)=[@msr={0x14, 0x20, {0x603000000013fe07, 0xfffffffffffffff7}}, @svc={0x122, 0x40, {0x84000010, [0x0, 0x3, 0x100, 0x2, 0x2]}}, @msr={0x14, 0x20, {0x603000000013df7a, 0x3e52}}, @irq_setup={0x46, 0x18, {0x0, 0x2fe}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x0, 0xc, 0xe, 0x4ee3}}, @hvc={0x32, 0x40, {0x1c8008018, [0x4, 0x3, 0x0, 0x40, 0x1ff]}}, @irq_setup={0x46, 0x18, {0x3, 0xd3}}, @msr={0x14, 0x20, {0x603000000013da17, 0xfffffffffffffdbd}}, @irq_setup={0x46, 0x18, {0x2, 0x2ec}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x800, 0xfffffffffffffeff, 0x2}}, @eret={0xe6, 0x18, 0x700ef37c}, @eret={0xe6, 0x18, 0x8000000000000000}, @irq_setup={0x46, 0x18, {0x4, 0x190}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x2, 0xb, 0x100, 0x1, 0x3}}, @hvc={0x32, 0x40, {0x80008000, [0xff, 0x8, 0x0, 0x1, 0x8]}}, @msr={0x14, 0x20, {0x603000000013e66c, 0x5}}, @eret={0xe6, 0x18, 0xfffffffffffffffb}, @uexit={0x0, 0x18}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x4, 0xf, 0x4, 0x46, 0x100001}}, @irq_setup={0x46, 0x18, {0x3, 0x3ac}}, @eret={0xe6, 0x18, 0x2}, @mrs={0xbe, 0x18, {0x603000000013df42}}, @its_send_cmd={0xaa, 0x28, {0xe, 0x0, 0x1, 0xc, 0x4, 0x0, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x1, 0x7, 0x1e08, 0xfffffffa, 0x3}}], 0x340}, &(0x7f0000000200)=[@featur1={0x1, 0x1}], 0x1) r5 = eventfd2(0xfffffff9, 0x800) write$eventfd(r5, &(0x7f0000000640)=0xa, 0x8) close(r3) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r4, 0x4018aee1, &(0x7f0000000280)=@attr_other={0x0, 0x7ff, 0x8, &(0x7f0000000240)=0x7}) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f2, 0xffffffffffffffff, 0x0) 7m2.80991751s ago: executing program 0 (id=1520): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0x7, 0x6c56, 0x2}}) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x300000000000000, &(0x7f0000000000)={0x0, 0x57fd, 0x2}}) 6m58.878027839s ago: executing program 1 (id=1521): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xe7) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0xa}) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000c00000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000080)={0x0, &(0x7f0000000000)=[@its_setup={0x82, 0x28, {0x1, 0x1, 0xe}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r7, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000}) ioctl$KVM_RUN(r9, 0xae80, 0x0) ioctl$KVM_SIGNAL_MSI(r7, 0x4020aea5, &(0x7f0000000200)={0x8090040, 0x0, 0x0, 0x1}) r11 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f00000001c0)=@arm64_core={0x603000000010001e, &(0x7f0000000000)=0xfdb}) openat$kvm(0x0, 0x0, 0x42881, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1, 0x16831, 0xffffffffffffffff, 0x0) r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x25) r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r14, 0x40086602, 0x8000000400000004) r15 = syz_kvm_vgic_v3_setup(r13, 0x1, 0x100) ioctl$KVM_GET_API_VERSION(r15, 0xae00, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r16 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r16, 0x40086602, 0x20000000) 6m56.367446039s ago: executing program 0 (id=1522): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0x541b, 0x1) openat$kvm(0x0, &(0x7f0000000040), 0x82801, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f00000002c0)=@arm64_fp_extra={0x60200000001000d4, &(0x7f0000000280)=0x7fffffff}) 6m49.72859186s ago: executing program 0 (id=1523): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x0, 0x0}) (async) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r4 = ioctl$KVM_CREATE_VM(r3, 0x894c, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1}) (async) ioctl$KVM_CREATE_VCPU(r4, 0xb702, 0x0) (async) openat$kvm(0x0, &(0x7f0000000080), 0x141001, 0x0) r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r9, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@irq_setup={0x5, 0x18, {0x1, 0x20}}], 0x18}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r8, 0x2, 0x100) (async) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async) 6m45.916269942s ago: executing program 1 (id=1524): mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x0, 0x3c2a1c3178cda732, 0xffffffffffffffff, 0x2040000) 6m40.449330329s ago: executing program 1 (id=1525): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000100)=@arm64_sys={0x603000000013c663, 0x0}) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000100)={0x4, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000080)=@attr_arm64={0x0, 0x1, 0x2, &(0x7f0000000240)=0xffffffff}) 6m21.635868809s ago: executing program 0 (id=1526): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000c60000/0x2000)=nil, r1, 0x300000a, 0x12, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x6000006, 0x4d832, 0xffffffffffffffff, 0x0) 6m21.635639769s ago: executing program 1 (id=1527): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000000)) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013d000, 0x9}}], 0x20}, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) (async) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000000)) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013d000, 0x9}}], 0x20}, 0x0, 0x0) (async) ioctl$KVM_RUN(r4, 0xae80, 0x0) (async) 6m21.635494089s ago: executing program 0 (id=1528): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x0, 0x0, 0x6, 0x0, 0x9}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async, rerun: 64) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) (rerun: 64) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async, rerun: 32) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async, rerun: 32) ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000000)={0xc0, 0x0, 0x1000}) 5m42.727971815s ago: executing program 32 (id=1527): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000000)) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013d000, 0x9}}], 0x20}, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x34) (async) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000000)) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000180)=[@msr={0x14, 0x20, {0x603000000013d000, 0x9}}], 0x20}, 0x0, 0x0) (async) ioctl$KVM_RUN(r4, 0xae80, 0x0) (async) 5m35.638975772s ago: executing program 33 (id=1528): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x27) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x1}}, @its_send_cmd={0xaa, 0x28, {0xf, 0x0, 0x0, 0x0, 0x6, 0x0, 0x9}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async, rerun: 64) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) (rerun: 64) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async, rerun: 32) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async, rerun: 32) ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000000)={0xc0, 0x0, 0x1000}) 58.525316872s ago: executing program 2 (id=1529): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_sve={0x6080000000150439, 0x0}) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}, @msr={0x14, 0x20, {0x603000000013dce0, 0x8001}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r6, 0xae80, 0x0) 47.65634938s ago: executing program 3 (id=1530): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}, @msr={0x14, 0x20, {0x603000000013dce1, 0xfffffffffffffbff}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) r4 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000640)=@arm64_core={0x6030000000100024, &(0x7f0000000000)=0x4ab}) ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000240)=@arm64_core={0x603000000010004e, &(0x7f0000000200)=0x8000000000000000}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0x80111500, 0x20000000) ioctl$KVM_CREATE_VM(r8, 0x5760, 0x2000001c) r9 = openat$kvm(0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r10 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = ioctl$KVM_CREATE_GUEST_MEMFD(r12, 0xc040aed4, &(0x7f0000000040)={0x1000200001fe0000, 0x1}) ioctl$KVM_SET_USER_MEMORY_REGION2(r12, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x6000, 0x2000, &(0x7f0000ffc000/0x2000)=nil, 0x100000000000000, r13}) close(r12) r14 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x1) r16 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r15, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r16, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r15, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) 11.788056512s ago: executing program 34 (id=1529): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r2, r3, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000100)=@arm64_sve={0x6080000000150439, 0x0}) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}, @msr={0x14, 0x20, {0x603000000013dce0, 0x8001}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r6, 0xae80, 0x0) 0s ago: executing program 35 (id=1530): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f0000000380)=[@msr={0x14, 0x20, {0x603000000013dce0, 0x7ffc}}, @msr={0x14, 0x20, {0x603000000013dce1, 0xfffffffffffffbff}}], 0x40}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) r4 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r5, r6, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000640)=@arm64_core={0x6030000000100024, &(0x7f0000000000)=0x4ab}) ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f0000000240)=@arm64_core={0x603000000010004e, &(0x7f0000000200)=0x8000000000000000}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0x80111500, 0x20000000) ioctl$KVM_CREATE_VM(r8, 0x5760, 0x2000001c) r9 = openat$kvm(0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r10 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = ioctl$KVM_CREATE_GUEST_MEMFD(r12, 0xc040aed4, &(0x7f0000000040)={0x1000200001fe0000, 0x1}) ioctl$KVM_SET_USER_MEMORY_REGION2(r12, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x6000, 0x2000, &(0x7f0000ffc000/0x2000)=nil, 0x100000000000000, r13}) close(r12) r14 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x1) r16 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r15, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r16, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fb707cd24b7eebb20700000000000000000000000100", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r15, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x80, 0x0) kernel console output (not intermixed with test programs): [ 437.485800][ T3170] 8021q: adding VLAN 0 to HW filter on device bond0 [ 473.202763][ T3170] eql: remember to turn off Van-Jacobson compression on your slave devices Warning: Permanently added '[localhost]:48559' (ED25519) to the list of known hosts. [ 670.287096][ T25] audit: type=1400 audit(669.560:61): avc: denied { name_bind } for pid=3343 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 671.203308][ T25] audit: type=1400 audit(670.480:62): avc: denied { execute } for pid=3344 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 671.223975][ T25] audit: type=1400 audit(670.500:63): avc: denied { execute_no_trans } for pid=3344 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 698.120174][ T25] audit: type=1400 audit(697.380:64): avc: denied { mounton } for pid=3344 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 698.211965][ T25] audit: type=1400 audit(697.470:65): avc: denied { mount } for pid=3344 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 698.382350][ T3344] cgroup: Unknown subsys name 'net' [ 698.502112][ T25] audit: type=1400 audit(697.760:66): avc: denied { unmount } for pid=3344 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 699.247434][ T3344] cgroup: Unknown subsys name 'cpuset' [ 699.494659][ T3344] cgroup: Unknown subsys name 'rlimit' [ 702.141375][ T25] audit: type=1400 audit(701.410:67): avc: denied { setattr } for pid=3344 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 702.170554][ T25] audit: type=1400 audit(701.440:68): avc: denied { create } for pid=3344 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 702.199800][ T25] audit: type=1400 audit(701.470:69): avc: denied { write } for pid=3344 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 702.227177][ T25] audit: type=1400 audit(701.500:70): avc: denied { module_request } for pid=3344 comm="syz-executor" kmod="net-pf-16-proto-16-family-nl802154" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 703.197169][ T25] audit: type=1400 audit(702.470:71): avc: denied { read } for pid=3344 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 703.280799][ T25] audit: type=1400 audit(702.540:72): avc: denied { mounton } for pid=3344 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 703.313565][ T25] audit: type=1400 audit(702.590:73): avc: denied { mount } for pid=3344 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 704.664177][ T3348] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 704.691793][ T25] audit: type=1400 audit(703.960:74): avc: denied { relabelto } for pid=3348 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 704.721958][ T25] audit: type=1400 audit(703.990:75): avc: denied { write } for pid=3348 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 704.914272][ T25] audit: type=1400 audit(704.190:76): avc: denied { read } for pid=3344 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 704.935432][ T25] audit: type=1400 audit(704.200:77): avc: denied { open } for pid=3344 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 704.985400][ T3344] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 760.559874][ T25] audit: type=1400 audit(759.820:78): avc: denied { execmem } for pid=3349 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 811.773315][ T25] audit: type=1400 audit(811.030:79): avc: denied { read } for pid=3352 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 811.785227][ T25] audit: type=1400 audit(811.040:80): avc: denied { open } for pid=3351 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 811.863082][ T25] audit: type=1400 audit(811.120:81): avc: denied { mounton } for pid=3352 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 813.135484][ T25] audit: type=1400 audit(812.400:82): avc: denied { sys_module } for pid=3351 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 841.925005][ T3351] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 842.341236][ T3351] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 842.433887][ T3352] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 842.704922][ T3352] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 854.942323][ T3351] hsr_slave_0: entered promiscuous mode [ 854.973696][ T3351] hsr_slave_1: entered promiscuous mode [ 855.939561][ T3352] hsr_slave_0: entered promiscuous mode [ 855.972744][ T3352] hsr_slave_1: entered promiscuous mode [ 856.009918][ T3352] debugfs: 'hsr0' already exists in 'hsr' [ 856.015605][ T3352] Cannot create hsr debugfs directory [ 862.343875][ T3351] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 862.777277][ T3351] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 863.195462][ T3351] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 863.524062][ T3351] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 865.261758][ T3352] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 865.424707][ T3352] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 865.653591][ T3352] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 865.954718][ T3352] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 879.217612][ T3351] 8021q: adding VLAN 0 to HW filter on device bond0 [ 882.796254][ T3352] 8021q: adding VLAN 0 to HW filter on device bond0 [ 941.526879][ T3351] veth0_vlan: entered promiscuous mode [ 942.241838][ T3351] veth1_vlan: entered promiscuous mode [ 945.116506][ T3352] veth0_vlan: entered promiscuous mode [ 946.102181][ T3351] veth0_macvtap: entered promiscuous mode [ 946.460677][ T3352] veth1_vlan: entered promiscuous mode [ 946.945164][ T3351] veth1_macvtap: entered promiscuous mode [ 950.720797][ T3352] veth0_macvtap: entered promiscuous mode [ 950.829924][ T43] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 950.849785][ T43] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 950.863394][ T43] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 950.881409][ T43] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 951.581654][ T3352] veth1_macvtap: entered promiscuous mode [ 954.791586][ T25] audit: type=1400 audit(954.010:83): avc: denied { mount } for pid=3351 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 955.063532][ T25] audit: type=1400 audit(954.340:84): avc: denied { mounton } for pid=3351 comm="syz-executor" path="/syzkaller.4nSQWG/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 955.336515][ T25] audit: type=1400 audit(954.610:85): avc: denied { mount } for pid=3351 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 955.925620][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 956.040606][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 956.045227][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 956.059974][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 956.171144][ T25] audit: type=1400 audit(955.390:86): avc: denied { mounton } for pid=3351 comm="syz-executor" path="/syzkaller.4nSQWG/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 956.503109][ T25] audit: type=1400 audit(955.740:87): avc: denied { mounton } for pid=3351 comm="syz-executor" path="/syzkaller.4nSQWG/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3775 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 957.494122][ T25] audit: type=1400 audit(956.770:88): avc: denied { unmount } for pid=3351 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 957.876861][ T25] audit: type=1400 audit(957.150:89): avc: denied { mounton } for pid=3351 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 958.070502][ T25] audit: type=1400 audit(957.310:90): avc: denied { mount } for pid=3351 comm="syz-executor" name="/" dev="gadgetfs" ino=3785 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 958.813181][ T25] audit: type=1400 audit(958.060:91): avc: denied { mount } for pid=3351 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 958.954415][ T25] audit: type=1400 audit(958.230:92): avc: denied { mounton } for pid=3351 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 960.806754][ T3351] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 962.470152][ T25] kauditd_printk_skb: 1 callbacks suppressed [ 962.497667][ T25] audit: type=1400 audit(961.740:94): avc: denied { read write } for pid=3351 comm="syz-executor" name="loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 962.531303][ T25] audit: type=1400 audit(961.800:95): avc: denied { open } for pid=3351 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 962.634899][ T25] audit: type=1400 audit(961.910:96): avc: denied { ioctl } for pid=3351 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=639 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 976.770785][ T25] audit: type=1400 audit(976.040:97): avc: denied { read } for pid=3507 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 976.849990][ T25] audit: type=1400 audit(976.100:98): avc: denied { open } for pid=3507 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 977.754060][ T25] audit: type=1400 audit(977.020:99): avc: denied { ioctl } for pid=3507 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae03 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 993.111328][ T25] audit: type=1400 audit(992.370:100): avc: denied { execute } for pid=3519 comm="syz.1.7" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3860 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 1002.579923][ T25] audit: type=1400 audit(1001.830:101): avc: denied { map } for pid=3525 comm="syz.0.10" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1002.686316][ T25] audit: type=1400 audit(1001.960:102): avc: denied { execute } for pid=3525 comm="syz.0.10" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1102.182799][ T25] audit: type=1400 audit(1101.450:103): avc: denied { write } for pid=3586 comm="syz.0.38" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1146.970904][ T25] audit: type=1400 audit(1146.170:104): avc: denied { setattr } for pid=3612 comm="syz.1.51" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1322.367554][ T25] audit: type=1400 audit(1321.580:105): avc: denied { append } for pid=3717 comm="syz.1.100" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1460.172681][ T25] audit: type=1400 audit(1459.440:106): avc: denied { create } for pid=3799 comm="syz.1.133" anonclass=[kvm-gmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 1460.389139][ T25] audit: type=1400 audit(1459.630:107): avc: denied { map } for pid=3799 comm="syz.1.133" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=5419 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 1460.463601][ T25] audit: type=1400 audit(1459.730:108): avc: denied { read } for pid=3799 comm="syz.1.133" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=5419 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 1779.544004][ T25] audit: type=1400 audit(1778.820:109): avc: denied { map } for pid=3990 comm="syz.1.209" path="pipe:[2782]" dev="pipefs" ino=2782 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 1779.635145][ T25] audit: type=1400 audit(1778.890:110): avc: denied { execute } for pid=3990 comm="syz.1.209" path="pipe:[2782]" dev="pipefs" ino=2782 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 2186.532503][ T4213] kvm [4212]: Unsupported guest access at: eeef0000 [ 2186.532503][ T4213] { Op0( 2), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2593.968957][ C0] hrtimer: interrupt took 1087160 ns [ 2657.862558][ T25] audit: type=1400 audit(2657.090:111): avc: denied { ioctl } for pid=4468 comm="syz.0.388" path="net:[4026532636]" dev="nsfs" ino=4026532636 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 3138.211179][ T25] audit: type=1400 audit(3137.470:112): avc: denied { write } for pid=4728 comm="syz.1.486" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=14722 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 3146.720988][ T4731] kvm [4731]: Failed to find VMA for hva 0x20dea000 [ 3165.835432][ T4745] debugfs: 'vgic-its-state@8080000' already exists in '4745-4' [ 3275.836091][ T4800] KVM: debugfs: duplicate directory 4800-6 [ 3276.517331][ T4800] KVM: debugfs: duplicate directory 4800-6 [ 3322.746757][ T25] audit: type=1400 audit(3322.020:113): avc: denied { map } for pid=4820 comm="syz.1.521" path="/" dev="tmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 3346.912311][ T25] audit: type=1400 audit(3346.160:114): avc: denied { execute } for pid=4835 comm="syz.1.526" path=2F3236352FFF67521CD66F8F1F447D3570707CD24B7EEBB207 dev="tmpfs" ino=1346 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 4054.156685][ T5229] KVM: debugfs: duplicate directory 5229-9 [ 4121.274530][ T5273] KVM: debugfs: duplicate directory 5273-8 [ 4156.094690][ T5291] KVM: debugfs: duplicate directory 5291-8 [ 4185.640380][ T5307] KVM: debugfs: duplicate directory 5307-9 [ 4426.713255][ T5438] KVM: debugfs: duplicate directory 5438-9 [ 4486.632329][ T5473] kvm [5473]: Failed to find VMA for hva 0x21016000 [ 4668.921451][ T5571] KVM: debugfs: duplicate directory 5571-9 [ 4856.525158][ T5665] KVM: debugfs: duplicate directory 5665-8 [ 4983.942253][ T5729] KVM: debugfs: duplicate directory 5729-8 [ 5512.652167][ T6002] KVM: debugfs: duplicate directory 6002-9 [ 5740.956162][ T6112] KVM: debugfs: duplicate directory 6112-9 [ 5976.486237][ T6230] KVM: debugfs: duplicate directory 6230-8 [ 6029.083111][ T6259] KVM: debugfs: duplicate directory 6259-8 [ 6093.883429][ T6294] KVM: debugfs: duplicate directory 6294-6 [ 6274.021314][ T6389] KVM: debugfs: duplicate directory 6389-8 [ 6274.994794][ T6391] KVM: debugfs: duplicate directory 6391-8 [ 6453.686828][ T6487] KVM: debugfs: duplicate directory 6487-8 [ 6472.891385][ T6498] KVM: debugfs: duplicate directory 6498-8 [ 6523.595214][ T6523] FAULT_INJECTION: forcing a failure. [ 6523.595214][ T6523] name failslab, interval 1, probability 0, space 0, times 1 [ 6523.606506][ T6523] CPU: 0 UID: 0 PID: 6523 Comm: syz.0.1124 Not tainted syzkaller #0 PREEMPT [ 6523.607153][ T6523] Hardware name: linux,dummy-virt (DT) [ 6523.607631][ T6523] Call trace: [ 6523.608084][ T6523] show_stack+0x2c/0x3c (C) [ 6523.609992][ T6523] __dump_stack+0x30/0x40 [ 6523.610369][ T6523] dump_stack_lvl+0xd8/0x12c [ 6523.610691][ T6523] dump_stack+0x1c/0x28 [ 6523.610978][ T6523] should_fail_ex+0x56c/0x6d8 [ 6523.611197][ T6523] should_failslab+0xb8/0xec [ 6523.611496][ T6523] __kmalloc_noprof+0xe8/0x680 [ 6523.611742][ T6523] tomoyo_realpath_from_path+0xdc/0x628 [ 6523.612027][ T6523] tomoyo_path_number_perm+0x13c/0x33c [ 6523.612287][ T6523] tomoyo_file_ioctl+0x2c/0x3c [ 6523.612603][ T6523] security_file_ioctl+0xe0/0x2cc [ 6523.612907][ T6523] __arm64_sys_ioctl+0xd0/0x244 [ 6523.613205][ T6523] invoke_syscall+0x90/0x230 [ 6523.613514][ T6523] el0_svc_common+0x120/0x2f4 [ 6523.613801][ T6523] do_el0_svc+0x58/0x74 [ 6523.614075][ T6523] el0_svc+0x5c/0x238 [ 6523.614375][ T6523] el0t_64_sync_handler+0x84/0x12c [ 6523.614681][ T6523] el0t_64_sync+0x198/0x19c [ 6523.774936][ T6523] ERROR: Out of memory at tomoyo_realpath_from_path. [ 6572.762311][ T6547] FAULT_INJECTION: forcing a failure. [ 6572.762311][ T6547] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 6572.817312][ T6547] CPU: 0 UID: 0 PID: 6547 Comm: syz.1.1133 Not tainted syzkaller #0 PREEMPT [ 6572.817683][ T6547] Hardware name: linux,dummy-virt (DT) [ 6572.817834][ T6547] Call trace: [ 6572.817928][ T6547] show_stack+0x2c/0x3c (C) [ 6572.818310][ T6547] __dump_stack+0x30/0x40 [ 6572.818630][ T6547] dump_stack_lvl+0xd8/0x12c [ 6572.818931][ T6547] dump_stack+0x1c/0x28 [ 6572.819216][ T6547] should_fail_ex+0x56c/0x6d8 [ 6572.819460][ T6547] should_fail+0x14/0x24 [ 6572.819670][ T6547] should_fail_usercopy+0x20/0x30 [ 6572.819894][ T6547] simple_read_from_buffer+0xd0/0x294 [ 6572.820141][ T6547] proc_fail_nth_read+0x184/0x214 [ 6572.820408][ T6547] vfs_read+0x220/0x9d8 [ 6572.820644][ T6547] ksys_read+0x108/0x1fc [ 6572.820850][ T6547] __arm64_sys_read+0x98/0xcc [ 6572.821050][ T6547] invoke_syscall+0x90/0x230 [ 6572.821349][ T6547] el0_svc_common+0x120/0x2f4 [ 6572.821641][ T6547] do_el0_svc+0x58/0x74 [ 6572.821910][ T6547] el0_svc+0x5c/0x238 [ 6572.822194][ T6547] el0t_64_sync_handler+0x84/0x12c [ 6572.822504][ T6547] el0t_64_sync+0x198/0x19c [ 6739.209752][ T6638] FAULT_INJECTION: forcing a failure. [ 6739.209752][ T6638] name failslab, interval 1, probability 0, space 0, times 0 [ 6739.240373][ T6638] CPU: 0 UID: 0 PID: 6638 Comm: syz.1.1164 Not tainted syzkaller #0 PREEMPT [ 6739.240795][ T6638] Hardware name: linux,dummy-virt (DT) [ 6739.240907][ T6638] Call trace: [ 6739.240987][ T6638] show_stack+0x2c/0x3c (C) [ 6739.241380][ T6638] __dump_stack+0x30/0x40 [ 6739.241684][ T6638] dump_stack_lvl+0xd8/0x12c [ 6739.241970][ T6638] dump_stack+0x1c/0x28 [ 6739.242257][ T6638] should_fail_ex+0x56c/0x6d8 [ 6739.242505][ T6638] should_failslab+0xb8/0xec [ 6739.242783][ T6638] kmem_cache_alloc_noprof+0x90/0x5b4 [ 6739.243028][ T6638] security_inode_alloc+0x3c/0x330 [ 6739.243339][ T6638] inode_init_always_gfp+0xb48/0xfd0 [ 6739.243612][ T6638] alloc_inode+0x98/0x23c [ 6739.243858][ T6638] new_inode+0x34/0x1c4 [ 6739.244104][ T6638] hugetlbfs_get_inode+0x78/0x8bc [ 6739.244392][ T6638] hugetlb_file_setup+0x188/0x544 [ 6739.244684][ T6638] ksys_mmap_pgoff+0x17c/0x448 [ 6739.244979][ T6638] __arm64_sys_mmap+0x13c/0x198 [ 6739.245274][ T6638] invoke_syscall+0x90/0x230 [ 6739.245580][ T6638] el0_svc_common+0x120/0x2f4 [ 6739.245856][ T6638] do_el0_svc+0x58/0x74 [ 6739.246126][ T6638] el0_svc+0x5c/0x238 [ 6739.246433][ T6638] el0t_64_sync_handler+0x84/0x12c [ 6739.246723][ T6638] el0t_64_sync+0x198/0x19c [ 6765.515610][ T6652] FAULT_INJECTION: forcing a failure. [ 6765.515610][ T6652] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 6765.569986][ T6652] CPU: 0 UID: 0 PID: 6652 Comm: syz.1.1170 Not tainted syzkaller #0 PREEMPT [ 6765.570398][ T6652] Hardware name: linux,dummy-virt (DT) [ 6765.570520][ T6652] Call trace: [ 6765.570600][ T6652] show_stack+0x2c/0x3c (C) [ 6765.570964][ T6652] __dump_stack+0x30/0x40 [ 6765.571276][ T6652] dump_stack_lvl+0xd8/0x12c [ 6765.571598][ T6652] dump_stack+0x1c/0x28 [ 6765.571889][ T6652] should_fail_ex+0x56c/0x6d8 [ 6765.572116][ T6652] should_fail_alloc_page+0xd4/0xd8 [ 6765.572440][ T6652] prepare_alloc_pages+0x234/0x628 [ 6765.572747][ T6652] __alloc_frozen_pages_noprof+0xd8/0x2cc [ 6765.573023][ T6652] alloc_pages_mpol+0x204/0x4c4 [ 6765.573305][ T6652] folio_alloc_mpol_noprof+0x54/0x2b0 [ 6765.573585][ T6652] vma_alloc_folio_noprof+0x348/0x490 [ 6765.573850][ T6652] vma_alloc_zeroed_movable_folio+0x80/0xa0 [ 6765.574135][ T6652] folio_prealloc+0x48/0x1c0 [ 6765.574397][ T6652] do_pte_missing+0x2528/0x374c [ 6765.574669][ T6652] handle_mm_fault+0x1b04/0x2bf0 [ 6765.574915][ T6652] do_page_fault+0x414/0x14c8 [ 6765.575178][ T6652] do_translation_fault+0xbc/0xfc [ 6765.575471][ T6652] do_mem_abort+0x58/0x114 [ 6765.575739][ T6652] el0_da+0x64/0x218 [ 6765.576029][ T6652] el0t_64_sync_handler+0x90/0x12c [ 6765.576338][ T6652] el0t_64_sync+0x198/0x19c [ 6765.692107][ T6652] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 6774.419640][ T6657] KVM: debugfs: duplicate directory 6657-9 [ 6803.973472][ T6669] KVM: debugfs: duplicate directory 6669-9 [ 6829.775760][ T6680] KVM: debugfs: duplicate directory 6680-8 [ 6835.701208][ T6682] FAULT_INJECTION: forcing a failure. [ 6835.701208][ T6682] name failslab, interval 1, probability 0, space 0, times 0 [ 6835.709543][ T6682] CPU: 0 UID: 0 PID: 6682 Comm: syz.0.1183 Not tainted syzkaller #0 PREEMPT [ 6835.709930][ T6682] Hardware name: linux,dummy-virt (DT) [ 6835.710041][ T6682] Call trace: [ 6835.710122][ T6682] show_stack+0x2c/0x3c (C) [ 6835.710505][ T6682] __dump_stack+0x30/0x40 [ 6835.710819][ T6682] dump_stack_lvl+0xd8/0x12c [ 6835.711107][ T6682] dump_stack+0x1c/0x28 [ 6835.711413][ T6682] should_fail_ex+0x56c/0x6d8 [ 6835.711644][ T6682] should_failslab+0xb8/0xec [ 6835.711926][ T6682] kmem_cache_alloc_noprof+0x90/0x5b4 [ 6835.712174][ T6682] alloc_empty_file+0x60/0x17c [ 6835.712416][ T6682] alloc_file_pseudo+0xf0/0x1e8 [ 6835.712693][ T6682] hugetlb_file_setup+0x364/0x544 [ 6835.712972][ T6682] ksys_mmap_pgoff+0x17c/0x448 [ 6835.713271][ T6682] __arm64_sys_mmap+0x13c/0x198 [ 6835.713587][ T6682] invoke_syscall+0x90/0x230 [ 6835.713873][ T6682] el0_svc_common+0x120/0x2f4 [ 6835.714150][ T6682] do_el0_svc+0x58/0x74 [ 6835.714434][ T6682] el0_svc+0x5c/0x238 [ 6835.714732][ T6682] el0t_64_sync_handler+0x84/0x12c [ 6835.715017][ T6682] el0t_64_sync+0x198/0x19c [ 6869.256263][ T6702] KVM: debugfs: duplicate directory 6702-8 [ 6895.242237][ T6713] KVM: debugfs: duplicate directory 6713-8 [ 6991.795435][ T6758] FAULT_INJECTION: forcing a failure. [ 6991.795435][ T6758] name failslab, interval 1, probability 0, space 0, times 0 [ 6991.809607][ T6758] CPU: 0 UID: 0 PID: 6758 Comm: syz.1.1209 Not tainted syzkaller #0 PREEMPT [ 6991.809998][ T6758] Hardware name: linux,dummy-virt (DT) [ 6991.810108][ T6758] Call trace: [ 6991.810187][ T6758] show_stack+0x2c/0x3c (C) [ 6991.810574][ T6758] __dump_stack+0x30/0x40 [ 6991.810877][ T6758] dump_stack_lvl+0xd8/0x12c [ 6991.811169][ T6758] dump_stack+0x1c/0x28 [ 6991.811475][ T6758] should_fail_ex+0x56c/0x6d8 [ 6991.811692][ T6758] should_failslab+0xb8/0xec [ 6991.811965][ T6758] kmem_cache_alloc_noprof+0x90/0x5b4 [ 6991.812207][ T6758] __anon_vma_prepare+0xbc/0x580 [ 6991.812476][ T6758] do_pte_missing+0x19a4/0x374c [ 6991.812772][ T6758] handle_mm_fault+0x1b04/0x2bf0 [ 6991.813006][ T6758] __get_user_pages+0x2d0c/0x3818 [ 6991.813304][ T6758] populate_vma_page_range+0x234/0x318 [ 6991.813610][ T6758] __mm_populate+0x198/0x350 [ 6991.813881][ T6758] vm_mmap_pgoff+0x35c/0x3dc [ 6991.814160][ T6758] ksys_mmap_pgoff+0xec/0x448 [ 6991.814461][ T6758] __arm64_sys_mmap+0x13c/0x198 [ 6991.814767][ T6758] invoke_syscall+0x90/0x230 [ 6991.815047][ T6758] el0_svc_common+0x120/0x2f4 [ 6991.815341][ T6758] do_el0_svc+0x58/0x74 [ 6991.815628][ T6758] el0_svc+0x5c/0x238 [ 6991.815912][ T6758] el0t_64_sync_handler+0x84/0x12c [ 6991.816195][ T6758] el0t_64_sync+0x198/0x19c [ 7061.800709][ T6790] FAULT_INJECTION: forcing a failure. [ 7061.800709][ T6790] name failslab, interval 1, probability 0, space 0, times 0 [ 7061.807402][ T6790] CPU: 0 UID: 0 PID: 6790 Comm: syz.1.1220 Not tainted syzkaller #0 PREEMPT [ 7061.807767][ T6790] Hardware name: linux,dummy-virt (DT) [ 7061.807883][ T6790] Call trace: [ 7061.807967][ T6790] show_stack+0x2c/0x3c (C) [ 7061.808334][ T6790] __dump_stack+0x30/0x40 [ 7061.808683][ T6790] dump_stack_lvl+0xd8/0x12c [ 7061.808983][ T6790] dump_stack+0x1c/0x28 [ 7061.809265][ T6790] should_fail_ex+0x56c/0x6d8 [ 7061.809511][ T6790] should_failslab+0xb8/0xec [ 7061.809794][ T6790] __kmalloc_cache_node_noprof+0x90/0x5e4 [ 7061.810047][ T6790] alloc_cpumask_var_node+0x78/0x150 [ 7061.810316][ T6790] kvm_arch_init_vm+0xc0/0x2a8 [ 7061.810575][ T6790] kvm_dev_ioctl+0x854/0x13d4 [ 7061.810832][ T6790] __arm64_sys_ioctl+0x18c/0x244 [ 7061.811120][ T6790] invoke_syscall+0x90/0x230 [ 7061.811428][ T6790] el0_svc_common+0x120/0x2f4 [ 7061.811709][ T6790] do_el0_svc+0x58/0x74 [ 7061.811981][ T6790] el0_svc+0x5c/0x238 [ 7061.812260][ T6790] el0t_64_sync_handler+0x84/0x12c [ 7061.812591][ T6790] el0t_64_sync+0x198/0x19c [ 7061.932999][ T6790] => alloc_cpumask_var: failed! [ 7061.950974][ T6790] CPU: 0 UID: 0 PID: 6790 Comm: syz.1.1220 Not tainted syzkaller #0 PREEMPT [ 7061.951402][ T6790] Hardware name: linux,dummy-virt (DT) [ 7061.951520][ T6790] Call trace: [ 7061.951603][ T6790] show_stack+0x2c/0x3c (C) [ 7061.951958][ T6790] __dump_stack+0x30/0x40 [ 7061.952246][ T6790] dump_stack_lvl+0xd8/0x12c [ 7061.952592][ T6790] dump_stack+0x1c/0x28 [ 7061.952890][ T6790] alloc_cpumask_var_node+0x140/0x150 [ 7061.953175][ T6790] kvm_arch_init_vm+0xc0/0x2a8 [ 7061.953453][ T6790] kvm_dev_ioctl+0x854/0x13d4 [ 7061.953711][ T6790] __arm64_sys_ioctl+0x18c/0x244 [ 7061.953998][ T6790] invoke_syscall+0x90/0x230 [ 7061.954277][ T6790] el0_svc_common+0x120/0x2f4 [ 7061.954581][ T6790] do_el0_svc+0x58/0x74 [ 7061.954856][ T6790] el0_svc+0x5c/0x238 [ 7061.955137][ T6790] el0t_64_sync_handler+0x84/0x12c [ 7061.955445][ T6790] el0t_64_sync+0x198/0x19c [ 7099.003854][ T6811] kvm [6809]: Unsupported guest access at: eeef0000 [ 7099.003854][ T6811] { Op0( 2), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 7305.117529][ T6910] FAULT_INJECTION: forcing a failure. [ 7305.117529][ T6910] name failslab, interval 1, probability 0, space 0, times 0 [ 7305.141184][ T6910] CPU: 0 UID: 0 PID: 6910 Comm: syz.0.1261 Not tainted syzkaller #0 PREEMPT [ 7305.141568][ T6910] Hardware name: linux,dummy-virt (DT) [ 7305.141683][ T6910] Call trace: [ 7305.141769][ T6910] show_stack+0x2c/0x3c (C) [ 7305.142127][ T6910] __dump_stack+0x30/0x40 [ 7305.142442][ T6910] dump_stack_lvl+0xd8/0x12c [ 7305.142738][ T6910] dump_stack+0x1c/0x28 [ 7305.143021][ T6910] should_fail_ex+0x56c/0x6d8 [ 7305.143233][ T6910] should_failslab+0xb8/0xec [ 7305.143537][ T6910] kmem_cache_alloc_lru_noprof+0x94/0x5b8 [ 7305.143788][ T6910] debugfs_alloc_inode+0x2c/0x3c [ 7305.144043][ T6910] alloc_inode+0x80/0x23c [ 7305.144305][ T6910] new_inode+0x34/0x1c4 [ 7305.144603][ T6910] debugfs_create_dir+0x74/0x44c [ 7305.144869][ T6910] kvm_create_vm_debugfs+0x150/0x7d0 [ 7305.145141][ T6910] kvm_dev_ioctl+0x974/0x13d4 [ 7305.145419][ T6910] __arm64_sys_ioctl+0x18c/0x244 [ 7305.145717][ T6910] invoke_syscall+0x90/0x230 [ 7305.145997][ T6910] el0_svc_common+0x120/0x2f4 [ 7305.146279][ T6910] do_el0_svc+0x58/0x74 [ 7305.146584][ T6910] el0_svc+0x5c/0x238 [ 7305.146873][ T6910] el0t_64_sync_handler+0x84/0x12c [ 7305.147160][ T6910] el0t_64_sync+0x198/0x19c [ 7305.259171][ T6910] debugfs: out of free dentries, can not create directory '6910-5' [ 7365.265834][ T6936] KVM: debugfs: duplicate directory 6936-9 [ 7369.315476][ T6938] KVM: debugfs: duplicate directory 6938-9 [ 7431.720694][ T6974] KVM: debugfs: duplicate directory 6974-9 [ 7477.235483][ T7001] KVM: debugfs: duplicate directory 7001-9 [ 7511.336086][ T7020] KVM: debugfs: duplicate directory 7020-8 [ 7544.933609][ T7038] KVM: debugfs: duplicate directory 7038-9 [ 7550.370656][ T7040] KVM: debugfs: duplicate directory 7040-8 [ 7683.857707][ T7107] KVM: debugfs: duplicate directory 7107-8 [ 7910.826829][ T7227] KVM: debugfs: duplicate directory 7227-5 [ 8016.816043][ T7273] kvm [7272]: Unsupported guest access at: eeef0000 [ 8016.816043][ T7273] { Op0( 2), Op1( 0), CRn( 0), CRm( 0), Op2( 2), func_write }, [ 8072.622135][ T7300] FAULT_INJECTION: forcing a failure. [ 8072.622135][ T7300] name failslab, interval 1, probability 0, space 0, times 0 [ 8072.642418][ T7300] CPU: 0 UID: 0 PID: 7300 Comm: syz.1.1383 Not tainted syzkaller #0 PREEMPT [ 8072.642808][ T7300] Hardware name: linux,dummy-virt (DT) [ 8072.642915][ T7300] Call trace: [ 8072.643007][ T7300] show_stack+0x2c/0x3c (C) [ 8072.643378][ T7300] __dump_stack+0x30/0x40 [ 8072.643671][ T7300] dump_stack_lvl+0xd8/0x12c [ 8072.643956][ T7300] dump_stack+0x1c/0x28 [ 8072.644258][ T7300] should_fail_ex+0x56c/0x6d8 [ 8072.644491][ T7300] should_failslab+0xb8/0xec [ 8072.644813][ T7300] kmem_cache_alloc_noprof+0x90/0x5b4 [ 8072.645076][ T7300] security_inode_alloc+0x3c/0x330 [ 8072.645369][ T7300] inode_init_always_gfp+0xb48/0xfd0 [ 8072.645634][ T7300] alloc_inode+0x98/0x23c [ 8072.645873][ T7300] new_inode+0x34/0x1c4 [ 8072.646135][ T7300] __debugfs_create_file+0xc4/0x4e0 [ 8072.646416][ T7300] debugfs_create_file_full+0x58/0x70 [ 8072.646672][ T7300] kvm_create_vm_debugfs+0x374/0x7d0 [ 8072.646937][ T7300] kvm_dev_ioctl+0x974/0x13d4 [ 8072.647217][ T7300] __arm64_sys_ioctl+0x18c/0x244 [ 8072.647527][ T7300] invoke_syscall+0x90/0x230 [ 8072.647821][ T7300] el0_svc_common+0x120/0x2f4 [ 8072.648124][ T7300] do_el0_svc+0x58/0x74 [ 8072.648420][ T7300] el0_svc+0x5c/0x238 [ 8072.648744][ T7300] el0t_64_sync_handler+0x84/0x12c [ 8072.649051][ T7300] el0t_64_sync+0x198/0x19c [ 8072.800337][ T7300] debugfs: out of free dentries, can not create file 'remote_tlb_flush_requests' [ 8162.882097][ T7346] FAULT_INJECTION: forcing a failure. [ 8162.882097][ T7346] name failslab, interval 1, probability 0, space 0, times 0 [ 8162.909553][ T7346] CPU: 0 UID: 0 PID: 7346 Comm: syz.1.1399 Not tainted syzkaller #0 PREEMPT [ 8162.909947][ T7346] Hardware name: linux,dummy-virt (DT) [ 8162.910055][ T7346] Call trace: [ 8162.910133][ T7346] show_stack+0x2c/0x3c (C) [ 8162.910520][ T7346] __dump_stack+0x30/0x40 [ 8162.910820][ T7346] dump_stack_lvl+0xd8/0x12c [ 8162.911111][ T7346] dump_stack+0x1c/0x28 [ 8162.911417][ T7346] should_fail_ex+0x56c/0x6d8 [ 8162.911657][ T7346] should_failslab+0xb8/0xec [ 8162.911938][ T7346] kmem_cache_alloc_lru_noprof+0x94/0x5b8 [ 8162.912181][ T7346] __d_alloc+0x54/0x850 [ 8162.912418][ T7346] d_alloc+0x60/0x24c [ 8162.912666][ T7346] lookup_one_qstr_excl+0xf0/0x38c [ 8162.912900][ T7346] start_dirop+0x70/0xb4 [ 8162.913119][ T7346] simple_start_creating+0x80/0xac [ 8162.913408][ T7346] debugfs_start_creating+0x104/0x1c4 [ 8162.913681][ T7346] __debugfs_create_file+0x84/0x4e0 [ 8162.913927][ T7346] debugfs_create_file_full+0x58/0x70 [ 8162.914173][ T7346] kvm_create_vm_debugfs+0x57c/0x7d0 [ 8162.914461][ T7346] kvm_dev_ioctl+0x974/0x13d4 [ 8162.914718][ T7346] __arm64_sys_ioctl+0x18c/0x244 [ 8162.914999][ T7346] invoke_syscall+0x90/0x230 [ 8162.915280][ T7346] el0_svc_common+0x120/0x2f4 [ 8162.915587][ T7346] do_el0_svc+0x58/0x74 [ 8162.915870][ T7346] el0_svc+0x5c/0x238 [ 8162.916156][ T7346] el0t_64_sync_handler+0x84/0x12c [ 8162.916473][ T7346] el0t_64_sync+0x198/0x19c [ 8199.137234][ T7367] FAULT_INJECTION: forcing a failure. [ 8199.137234][ T7367] name failslab, interval 1, probability 0, space 0, times 0 [ 8199.170814][ T7367] CPU: 0 UID: 0 PID: 7367 Comm: syz.0.1405 Not tainted syzkaller #0 PREEMPT [ 8199.171210][ T7367] Hardware name: linux,dummy-virt (DT) [ 8199.171331][ T7367] Call trace: [ 8199.171422][ T7367] show_stack+0x2c/0x3c (C) [ 8199.171778][ T7367] __dump_stack+0x30/0x40 [ 8199.172068][ T7367] dump_stack_lvl+0xd8/0x12c [ 8199.172380][ T7367] dump_stack+0x1c/0x28 [ 8199.172703][ T7367] should_fail_ex+0x56c/0x6d8 [ 8199.172927][ T7367] should_failslab+0xb8/0xec [ 8199.173201][ T7367] kmem_cache_alloc_lru_noprof+0x94/0x5b8 [ 8199.173479][ T7367] debugfs_alloc_inode+0x2c/0x3c [ 8199.173740][ T7367] alloc_inode+0x80/0x23c [ 8199.173986][ T7367] new_inode+0x34/0x1c4 [ 8199.174235][ T7367] __debugfs_create_file+0xc4/0x4e0 [ 8199.174506][ T7367] debugfs_create_file_full+0x58/0x70 [ 8199.174756][ T7367] kvm_create_vm_debugfs+0x57c/0x7d0 [ 8199.175021][ T7367] kvm_dev_ioctl+0x974/0x13d4 [ 8199.175271][ T7367] __arm64_sys_ioctl+0x18c/0x244 [ 8199.175583][ T7367] invoke_syscall+0x90/0x230 [ 8199.175863][ T7367] el0_svc_common+0x120/0x2f4 [ 8199.176157][ T7367] do_el0_svc+0x58/0x74 [ 8199.176457][ T7367] el0_svc+0x5c/0x238 [ 8199.176776][ T7367] el0t_64_sync_handler+0x84/0x12c [ 8199.177071][ T7367] el0t_64_sync+0x198/0x19c [ 8199.264469][ T7367] debugfs: out of free dentries, can not create file 'halt_successful_poll' [ 8248.432030][ T7389] FAULT_INJECTION: forcing a failure. [ 8248.432030][ T7389] name failslab, interval 1, probability 0, space 0, times 0 [ 8248.449140][ T7389] CPU: 0 UID: 0 PID: 7389 Comm: syz.0.1411 Not tainted syzkaller #0 PREEMPT [ 8248.449556][ T7389] Hardware name: linux,dummy-virt (DT) [ 8248.449667][ T7389] Call trace: [ 8248.449747][ T7389] show_stack+0x2c/0x3c (C) [ 8248.450096][ T7389] __dump_stack+0x30/0x40 [ 8248.450413][ T7389] dump_stack_lvl+0xd8/0x12c [ 8248.450703][ T7389] dump_stack+0x1c/0x28 [ 8248.450981][ T7389] should_fail_ex+0x56c/0x6d8 [ 8248.451200][ T7389] should_failslab+0xb8/0xec [ 8248.451501][ T7389] kmem_cache_alloc_noprof+0x90/0x5b4 [ 8248.451747][ T7389] security_inode_alloc+0x3c/0x330 [ 8248.452014][ T7389] inode_init_always_gfp+0xb48/0xfd0 [ 8248.452269][ T7389] alloc_inode+0x98/0x23c [ 8248.452550][ T7389] new_inode+0x34/0x1c4 [ 8248.452819][ T7389] __debugfs_create_file+0xc4/0x4e0 [ 8248.453083][ T7389] debugfs_create_file_full+0x58/0x70 [ 8248.453363][ T7389] kvm_create_vm_debugfs+0x57c/0x7d0 [ 8248.453640][ T7389] kvm_dev_ioctl+0x974/0x13d4 [ 8248.453890][ T7389] __arm64_sys_ioctl+0x18c/0x244 [ 8248.454177][ T7389] invoke_syscall+0x90/0x230 [ 8248.454483][ T7389] el0_svc_common+0x120/0x2f4 [ 8248.454770][ T7389] do_el0_svc+0x58/0x74 [ 8248.455046][ T7389] el0_svc+0x5c/0x238 [ 8248.455344][ T7389] el0t_64_sync_handler+0x84/0x12c [ 8248.455638][ T7389] el0t_64_sync+0x198/0x19c [ 8248.564769][ T7389] debugfs: out of free dentries, can not create file 'halt_successful_poll' [ 8539.845672][ T7567] FAULT_INJECTION: forcing a failure. [ 8539.845672][ T7567] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 8539.853555][ T7567] CPU: 0 UID: 0 PID: 7567 Comm: syz.1.1468 Not tainted syzkaller #0 PREEMPT [ 8539.853931][ T7567] Hardware name: linux,dummy-virt (DT) [ 8539.854038][ T7567] Call trace: [ 8539.854127][ T7567] show_stack+0x2c/0x3c (C) [ 8539.854522][ T7567] __dump_stack+0x30/0x40 [ 8539.854820][ T7567] dump_stack_lvl+0xd8/0x12c [ 8539.855103][ T7567] dump_stack+0x1c/0x28 [ 8539.855410][ T7567] should_fail_ex+0x56c/0x6d8 [ 8539.855632][ T7567] should_fail+0x14/0x24 [ 8539.855839][ T7567] should_fail_usercopy+0x20/0x30 [ 8539.856056][ T7567] simple_read_from_buffer+0xd0/0x294 [ 8539.856320][ T7567] proc_fail_nth_read+0x184/0x214 [ 8539.856617][ T7567] vfs_read+0x220/0x9d8 [ 8539.856830][ T7567] ksys_read+0x108/0x1fc [ 8539.857028][ T7567] __arm64_sys_read+0x98/0xcc [ 8539.857228][ T7567] invoke_syscall+0x90/0x230 [ 8539.857566][ T7567] el0_svc_common+0x120/0x2f4 [ 8539.857858][ T7567] do_el0_svc+0x58/0x74 [ 8539.858133][ T7567] el0_svc+0x5c/0x238 [ 8539.858448][ T7567] el0t_64_sync_handler+0x84/0x12c [ 8539.858744][ T7567] el0t_64_sync+0x198/0x19c [ 8677.813967][ T7654] kvm [7654]: Failed to find VMA for hva 0x21016000 [ 8677.970845][ T7654] kvm [7654]: Failed to find VMA for hva 0x21016000 [ 8898.610173][ T25] audit: type=1400 audit(8897.880:115): avc: denied { module_request } for pid=7760 comm="syz-executor" kmod="netdev-nr2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 8954.734827][ T7760] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 8955.160436][ T7760] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 8963.325455][ T7764] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 8963.767021][ T7764] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 8982.826493][ T7760] hsr_slave_0: entered promiscuous mode [ 8982.943214][ T7760] hsr_slave_1: entered promiscuous mode [ 8982.987776][ T7760] debugfs: 'hsr0' already exists in 'hsr' [ 8983.042240][ T7760] Cannot create hsr debugfs directory [ 8990.405209][ T7764] hsr_slave_0: entered promiscuous mode [ 8990.467739][ T7764] hsr_slave_1: entered promiscuous mode [ 8990.529638][ T7764] debugfs: 'hsr0' already exists in 'hsr' [ 8990.540109][ T7764] Cannot create hsr debugfs directory [ 9002.560176][ T7760] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 9003.403748][ T7760] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 9004.083239][ T7760] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 9004.791832][ T7760] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 9011.746260][ T7764] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 9012.270275][ T7764] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 9012.853871][ T7764] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 9013.409900][ T7764] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 9039.065462][ T7760] 8021q: adding VLAN 0 to HW filter on device bond0 [ 9045.864400][ T7764] 8021q: adding VLAN 0 to HW filter on device bond0 [ 9148.706447][ T7760] veth0_vlan: entered promiscuous mode [ 9149.944616][ T7760] veth1_vlan: entered promiscuous mode [ 9153.487243][ T7760] veth0_macvtap: entered promiscuous mode [ 9154.324664][ T7760] veth1_macvtap: entered promiscuous mode [ 9159.614087][ T6403] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 9159.684345][ T6403] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 9159.845060][ T7764] veth0_vlan: entered promiscuous mode [ 9159.875032][ T7832] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 9159.876521][ T7832] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 9162.140505][ T7764] veth1_vlan: entered promiscuous mode [ 9166.985757][ T7764] veth0_macvtap: entered promiscuous mode [ 9167.887653][ T7764] veth1_macvtap: entered promiscuous mode [ 9171.691447][ T7731] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 9171.924222][ T7843] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 9172.131622][ T7731] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 9172.240507][ T7731] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 9298.481532][ T27] INFO: task syz.0.1528:7750 blocked for more than 430 seconds. [ 9298.495413][ T27] Not tainted syzkaller #0 [ 9298.501435][ T27] Blocked by coredump. [ 9298.501642][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 9298.501957][ T27] task:syz.0.1528 state:D stack:0 pid:7750 tgid:7748 ppid:3352 task_flags:0x40044c flags:0x00000010 [ 9298.502813][ T27] Call trace: [ 9298.503056][ T27] __switch_to+0x584/0xb00 (T) [ 9298.503512][ T27] __schedule+0x200c/0x3428 [ 9298.503827][ T27] schedule+0xac/0x27c [ 9298.504104][ T27] schedule_timeout+0x68/0x1ec [ 9298.504451][ T27] do_wait_for_common+0x28c/0x440 [ 9298.504806][ T27] wait_for_completion+0x44/0x5c [ 9298.505109][ T27] __synchronize_srcu+0x2a4/0x320 [ 9298.505490][ T27] synchronize_srcu+0x3d0/0x4f8 [ 9298.506336][ T27] __mmu_notifier_release+0x424/0x614 [ 9298.506741][ T27] exit_mmap+0xbc/0xb8c [ 9298.507074][ T27] __mmput+0x10c/0x528 [ 9298.507439][ T27] mmput+0x70/0xa8 [ 9298.610200][ T27] exit_mm+0x158/0x248 [ 9298.626455][ T27] do_exit+0x790/0x2378 [ 9298.659857][ T27] do_group_exit+0x1d4/0x2ac [ 9298.667083][ T27] get_signal+0x1440/0x154c [ 9298.680467][ T27] arch_do_signal_or_restart+0x23c/0x4bac [ 9298.684682][ T27] exit_to_user_mode_loop+0x88/0x188 [ 9298.685305][ T27] el0_svc+0x17c/0x238 [ 9298.685843][ T27] el0t_64_sync_handler+0x84/0x12c [ 9298.686347][ T27] el0t_64_sync+0x198/0x19c SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 9298.784377][ T27] [ 9298.784377][ T27] Showing all locks held in the system: [ 9298.790663][ T27] 1 lock held by khungtaskd/27: [ 9298.791197][ T27] #0: ffff800087a86d08 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x0/0x44 [ 9298.793905][ T27] 1 lock held by klogd/3133: [ 9298.794307][ T27] 2 locks held by getty/3201: [ 9298.794671][ T27] #0: b3f000001242a8a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c [ 9298.796477][ T27] #1: 27ff80008c80b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x308/0x1234 [ 9298.950121][ T27] 2 locks held by syz-executor/3344: [ 9298.952959][ T27] 3 locks held by kworker/u4:4/4908: [ 9298.957432][ T27] 3 locks held by kworker/u4:3/7119: [ 9299.000267][ T27] #0: fff0000072d59ed8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x368/0x3428 [ 9299.010647][ T27] #1: fff0000072d45588 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x6c/0x6e8 [ 9299.012340][ T27] #2: fff0000072d46e98 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x5c8/0xe7c [ 9299.014078][ T27] 2 locks held by kworker/u4:8/7731: [ 9299.014431][ T27] #0: 39f000000cc26948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x7c8/0x1a10 [ 9299.016408][ T27] #1: ffff8000a3b47c88 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x854/0x1a10 [ 9299.115153][ T27] 2 locks held by syz.1.1527/7744: [ 9299.141440][ T27] 3 locks held by kworker/u4:9/7832: [ 9299.178913][ T27] 3 locks held by kworker/u4:11/7896: [ 9299.181708][ T27] 2 locks held by syz-executor/7927: [ 9299.182387][ T27] 1 lock held by modprobe/7957: [ 9299.182958][ T27] [ 9299.183232][ T27] ============================================= [ 9299.183232][ T27] [ 9299.184142][ T27] Kernel panic - not syncing: hung_task: blocked tasks [ 9299.189740][ T27] CPU: 0 UID: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT [ 9299.190904][ T27] Hardware name: linux,dummy-virt (DT) [ 9299.191694][ T27] Call trace: [ 9299.192343][ T27] show_stack+0x2c/0x3c (C) [ 9299.193365][ T27] __dump_stack+0x30/0x40 [ 9299.194291][ T27] dump_stack_lvl+0x30/0x12c [ 9299.195224][ T27] dump_stack+0x1c/0x28 [ 9299.196033][ T27] vpanic+0x1d4/0x4e4 [ 9299.196887][ T27] vpanic+0x0/0x4e4 [ 9299.197673][ T27] hung_task_panic+0x0/0x2c [ 9299.198581][ T27] kthread+0x794/0x99c [ 9299.199434][ T27] ret_from_fork+0x10/0x20 [ 9299.201248][ T27] Kernel Offset: disabled [ 9299.201986][ T27] CPU features: 0x0000000,001a3005,fbe327a1,057ffe1f [ 9299.203062][ T27] Memory Limit: none [ 9299.205243][ T27] Rebooting in 86400 seconds..