last executing test programs: 1m1.3695919s ago: executing program 0 (id=691): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) (async) r4 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) (async) r5 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000) mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x0, 0x4003831, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x0, 0x4003831, 0xffffffffffffffff, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, r8, 0x5000003, 0x80031, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, r8, 0x5000003, 0x80031, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) (async) r9 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) r10 = mmap$KVM_VCPU(&(0x7f0000ffe000/0x2000)=nil, 0x930, 0x2000004, 0x11, r9, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r9, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r9, 0x0) close(r6) eventfd2(0x0, 0x0) (async) r11 = eventfd2(0x0, 0x0) close(r6) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a3ef2, 0x0) write$eventfd(r11, &(0x7f0000000180)=0x5, 0xfffffe09) (async) write$eventfd(r11, &(0x7f0000000180)=0x5, 0xfffffe09) ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) syz_kvm_vgic_v3_setup(r3, 0x2, 0xa0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) 58.441187495s ago: executing program 1 (id=692): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000180), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x4) ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1}) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000040)=@arm64_core={0x6030000000100042, &(0x7f0000000000)=0xffffffffffffffff}) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r4, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x9, 0x2}}) syz_kvm_setup_cpu$arm64(r4, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000180)=[@hvc={0x32, 0x40, {0x86000000, [0x3, 0x8, 0x6, 0x0, 0xfffffffffffff509]}}], 0x40}], 0x1, 0x0, 0x0, 0x0) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r6 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000500)={0x0, &(0x7f0000000600)=[@smc={0x1e, 0x40, {0x84000000, [0x8, 0x7, 0x2, 0x5, 0x2]}}, @msr={0x14, 0x20, {0x603000000013c00c, 0xa1}}, @uexit={0x0, 0x18, 0x4}, @code={0xa, 0x6c, {"007008d5002c004e00dc205e007008d5008008d560dc82d20080b0f2c10080d2e20180d2030180d2c40180d2020000d40000589e00058ed20060b0f2c10080d2820080d2630080d2840180d2020000d4007008d5007008d5"}}, @msr={0x14, 0x20, {0x6030000000138046, 0x700000000000000}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x0, 0x7, 0x4, 0x7, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x1, 0x0, 0x8, 0x9b, 0xda, 0x3}}, @hvc={0x32, 0x40, {0xc400000c, [0x4, 0x7, 0x100, 0x2, 0xffffffff]}}, @hvc={0x32, 0x40, {0x84000011, [0x256, 0x7fff, 0x100, 0x2, 0x9]}}, @hvc={0x32, 0x40, {0x84000005, [0xf09, 0x0, 0x3, 0xa727, 0xffffffffffffa09a]}}, @irq_setup={0x46, 0x18, {0x3, 0x8c}}, @code={0xa, 0x9c, {"0000001c80a080d20000b0f2410180d2820180d2c30180d2640080d2020000d4000000720080200e007ca09b0000209b60888fd20060b0f2010180d2220180d2430080d2c40180d2020000d480b797d20040b8f2e10080d2620180d2e30080d2440080d2020000d40004c0dae01885d20040b0f2410080d2020080d2e30080d2640080d2020000d4"}}, @smc={0x1e, 0x40, {0xc4000011, [0x6, 0x7, 0x1e6e, 0x5, 0xfffffffffffffff7]}}, @code={0xa, 0x6c, {"00c0400d000008d5007008d580b993d20060b0f2010180d2020080d2e30080d2e40080d2020000d40060202e000008d5000080da40288cd20060b0f2010180d2020080d2830180d2e40080d2020000d4007008d50004000f"}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x255}}, @its_setup={0x82, 0x28, {0x4, 0x2, 0xdc}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x1, 0x4, 0x7, 0x6, 0x2}}, @irq_setup={0x46, 0x18, {0x1, 0x326}}, @hvc={0x32, 0x40, {0xc400000d, [0xffffffffffff1b55, 0x5, 0xffffffff, 0x7, 0x5]}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x2, 0x6, 0x0, 0x200}}, @eret={0xe6, 0x18, 0x8}, @smc={0x1e, 0x40, {0x84000014, [0x21b29a76, 0x2, 0x1a8, 0x2, 0x2]}}, @eret={0xe6, 0x18, 0x1}, @smc={0x1e, 0x40, {0x80003fff, [0x0, 0xfffffffffffffffd, 0x7, 0x3, 0x9]}}, @hvc={0x32, 0x40, {0x84000006, [0x4, 0xc0, 0x4, 0x401, 0x4]}}, @code={0xa, 0x9c, {"0020c09a007008d500178ad20020b8f2a10080d2e20180d2e30080d2840180d2020000d40070c00c0004003c20f984d20040b8f2a10080d2020080d2230080d2c40080d2020000d4007008d5008060c8e0d78ad20000b8f2210080d2e20080d2c30080d2840080d2020000d4406f8fd200a0b0f2810080d2020180d2e30180d2440180d2020000d4"}}, @code={0xa, 0x84, {"000008d50084df0d007008d5000008d5000028d5e0259dd20000b8f2e10080d2a20080d2630180d2240180d2020000d40000c06900f594d20020b8f2e10080d2a20180d2630080d2840080d2020000d4000028d5a07680d200a0b8f2410080d2c20180d2230180d2e40080d2020000d4"}}], 0x67c}, &(0x7f0000000540)=[@featur1={0x1, 0x82}], 0x1) mmap$KVM_VCPU(&(0x7f0000fff000/0x1000)=nil, r5, 0x0, 0x11, r6, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1) ioctl$KVM_SET_SIGNAL_MASK(r9, 0x4004ae8b, 0xfffffffffffffffe) ioctl$KVM_GET_ONE_REG(r6, 0x4010aeab, &(0x7f00000005c0)=@arm64_bitmap={0x6030000000160001, &(0x7f0000000580)=0xc}) ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f00000001c0)=@arm64_fp={0x6040000000100082, &(0x7f0000000040)=0x7}) r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQ_LINE(r10, 0x4008ae61, &(0x7f0000000000)={0x8, 0x88}) 52.209793256s ago: executing program 0 (id=693): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async, rerun: 32) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) (rerun: 32) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000}) (async, rerun: 64) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000080)=@attr_arm64={0x0, 0x8, 0x0, &(0x7f0000000240)=0x8}) (async, rerun: 64) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000eb4000/0x3000)=nil, 0x930, 0x200000c, 0x28031, 0xffffffffffffffff, 0x0) (async) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async) ioctl$KVM_SET_GSI_ROUTING(r6, 0x4008ae6a, &(0x7f0000000480)={0x2, 0x0, [{0x2, 0x2, 0x0, 0x0, @irqchip={0x8, 0x5}}, {0x2, 0x2, 0x0, 0x0, @sint={0x5, 0x4a}}]}) (async, rerun: 32) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) (rerun: 32) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000bfd000/0x400000)=nil) (async) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r9, 0x4020aeae, &(0x7f0000000200)={0x5}) ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f0000000040)=@arm64_sve_vls={0x606000000015ffff, 0x0}) (async) ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f00000002c0)=@arm64_fw={0x6030000000140002, &(0x7f0000000000)=0x8}) ioctl$KVM_RUN(r7, 0xae80, 0x0) 47.833379126s ago: executing program 1 (id=694): r0 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f831, 0xffffffffffffffff, 0x0) (async) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000f, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r2, 0x0) close(r1) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1c1cf2, 0x0) (async) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) (async) openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async) munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000f, 0x11, r6, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) (async) r8 = eventfd2(0x0, 0x0) close(r8) (async) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) (async, rerun: 32) write$eventfd(r8, &(0x7f0000000180)=0x5, 0xfffffde3) (async, rerun: 32) mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x3000002, 0x11, r1, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000240), 0xca680, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000140)={0x1, 0xffffffffffffffff, 0x1}) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="820000000000000028000000000000000100000000000000040000000000000002000000000000008200000000000000280000000000000004"], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r10, 0x1, 0x100) 44.343615476s ago: executing program 0 (id=695): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee1, &(0x7f00000002c0)=@attr_pmu_init) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r6 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000f, 0x11, r5, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000300)="fb0149dd833be3ac2cc4a29ea6abf4e7654e37c4b854009e5a9605000000000000008f1f449a7a835673312b54ebb2d308af7bd22627e700000000ffff5fffffffffff00", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0) r7 = eventfd2(0x80004d, 0x80800) close(r7) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) mmap$KVM_VCPU(&(0x7f0000004000/0x4000)=nil, r8, 0x467af21e7e8bde02, 0x11, r7, 0x0) write$eventfd(r7, &(0x7f0000000180)=0x5, 0xfffffde3) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xc0e00, 0x2000) openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f00000001c0)={0x8}) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0) 40.37957393s ago: executing program 1 (id=696): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000000), 0x380, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) close(r2) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0xef000000, [0x0, 0x1, 0x2, 0x3, 0x4]}}], 0x40}], 0x1, 0x0, 0x0, 0x0) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000080)={0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='n\x00\x00\x00\x00\x00\x00\x000\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b'], 0x30}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r3, 0xfffffbffffffffff, 0x240) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x7e) 35.234592783s ago: executing program 0 (id=697): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) mmap$KVM_VCPU(&(0x7f0000001000/0x2000)=nil, 0x930, 0x2000003, 0x4120932, 0xffffffffffffffff, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000080)={0x8, 0xffffffffffffffff}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x109000, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1) mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, r8, 0x0, 0x12, r11, 0x0) r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2041, 0x0) r14 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r13, 0xae04) mmap$KVM_VCPU(&(0x7f000000e000/0x3000)=nil, r14, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) r15 = mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r15, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) r16 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r17 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r16, 0xae04) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, r17, 0x100000c, 0x23ac5f9b426ec4b2, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffc000/0x3000)=nil, r12, 0x3000003, 0x12, r6, 0x0) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000340)={0x5}) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000080)=@arm64_core={0x603000000010003a, &(0x7f0000000100)=0x7}) 27.90418221s ago: executing program 1 (id=698): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd8, 0x1}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) munmap(&(0x7f0000ad4000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f831, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x7, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x40305839, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000240), 0x2400, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x1fe, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000000)) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000280)={0x10001, 0x1, 0x2, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xd8, 0x1}) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) munmap(&(0x7f0000ad4000/0x1000)=nil, 0x1000) (async) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f831, 0xffffffffffffffff, 0x0) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x7, 0xffffffffffffffff, 0x1}) (async) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x40305839, 0x0) (async) openat$kvm(0x0, &(0x7f0000000240), 0x2400, 0x0) (async) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x1fe, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) (async) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async) ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000000)) (async) ioctl$KVM_RUN(r5, 0xae80, 0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000280)={0x10001, 0x1, 0x2, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) (async) 14.911261837s ago: executing program 1 (id=699): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x40, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000000, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) openat$kvm(0x0, &(0x7f0000000100), 0x6ea382, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000f, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) r4 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) munmap(&(0x7f0000000000/0x2000)=nil, 0x2000) ioctl$KVM_CREATE_VM(r4, 0x401c5820, 0x20000000) 14.689427627s ago: executing program 0 (id=700): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8) (async) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000080), 0x300, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) close(0x4) (async) syz_kvm_vgic_v3_setup(r7, 0x1, 0x100) (async) ioctl$KVM_ARM_VCPU_INIT(r5, 0x4018aee3, 0xfffffffffffffffe) (async) r8 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) (async) syz_kvm_vgic_v3_setup(r8, 0x1, 0x40) (async) r10 = eventfd2(0x3ff, 0x80001) ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f00000002c0)={r10, 0x0, 0x0, r10}) ioctl$KVM_SET_GSI_ROUTING(r8, 0x4008ae6a, &(0x7f0000000080)=ANY=[]) (async) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x2002, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) r14 = syz_kvm_add_vcpu$arm64(r13, &(0x7f00000000c0)={0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="82000000000000002800000000000000010000000000000001000000000000001100000000000000aa00000000000000280000000000000009", @ANYRESOCT=r12], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r12, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r15, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r14, 0xae80, 0x0) (async) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000080)={0x5, 0xb}) (async) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000100)=0x81f}) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x2000001, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x0) 2.932171767s ago: executing program 1 (id=701): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_GET_API_VERSION(r2, 0xae00, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) (async) r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="82000000000000002800000000000000010000000000000001000000000000000100000000000000aa00000000000000280000000000000008"], 0x50}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r1, 0x1, 0x140) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) syz_kvm_setup_cpu$arm64(r6, r7, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000001080)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) (async) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) munmap(&(0x7f0000c07000/0x1000)=nil, 0x1000) (async) munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) (async) munmap(&(0x7f0000c90000/0x1000)=nil, 0x1000) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0x100000f, 0x9032, 0xffffffffffffffff, 0x0) ioctl$KVM_ARM_VCPU_FINALIZE(r7, 0x4004aec2, 0xffffffffffffffff) (async) ioctl$KVM_GET_DEVICE_ATTR_vm(r1, 0x4018aee2, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0xfffffffa, 0x8, 0x2}}) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) (async) openat$kvm(0x0, &(0x7f0000000240), 0xca680, 0x0) r10 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r11, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="82000000"], 0x50}, 0x0, 0x0) 0s ago: executing program 0 (id=702): munmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000) (async) mmap$KVM_VCPU(&(0x7f0000f71000/0x1000)=nil, 0x930, 0x2000008, 0x4003831, 0xffffffffffffffff, 0x0) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x4, 0x0, 0x0}) r6 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000bfd000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000004000000000000000040001c4", @ANYRESDEC], 0x40}, &(0x7f0000000240)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r7, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x0, 0x2000000, 0x810, r7, 0x0) r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, r8, 0x5000003, 0x80031, 0xffffffffffffffff, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x1000)=nil, 0x930, 0x2000007, 0x30d2a4fbfbea96b8, 0xffffffffffffffff, 0x0) (async) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = eventfd2(0xffffffff, 0x0) ioctl$KVM_IOEVENTFD(r9, 0x4040ae79, &(0x7f0000000100)={0x9, 0x2, 0x4, r12, 0x8}) r13 = eventfd2(0x100, 0x0) r14 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) (async) r15 = eventfd2(0x0, 0x0) write$eventfd(r15, 0xffffffffffffffff, 0x0) ioctl$KVM_IRQFD(r14, 0x4020ae76, &(0x7f00000000c0)={r13, 0x4, 0x1, r15}) (async) ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f0000000900)={0xb5, 0x0, 0x4, r13, 0x1}) (async) ioctl$KVM_IOEVENTFD(r11, 0x4040ae79, &(0x7f0000000080)={0x6, 0x0, 0x0, r13}) kernel console output (not intermixed with test programs): [ 394.724489][ T3130] 8021q: adding VLAN 0 to HW filter on device bond0 [ 445.018526][ T3130] eql: remember to turn off Van-Jacobson compression on your slave devices Warning: Permanently added '[localhost]:34040' (ED25519) to the list of known hosts. [ 627.897930][ T25] audit: type=1400 audit(626.990:63): avc: denied { name_bind } for pid=3285 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 628.894552][ T25] audit: type=1400 audit(627.990:64): avc: denied { execute } for pid=3286 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 628.932226][ T25] audit: type=1400 audit(628.010:65): avc: denied { execute_no_trans } for pid=3286 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 654.879798][ T25] audit: type=1400 audit(653.970:66): avc: denied { mounton } for pid=3286 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 654.917704][ T25] audit: type=1400 audit(654.010:67): avc: denied { mount } for pid=3286 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 655.007288][ T3286] cgroup: Unknown subsys name 'net' [ 655.057028][ T25] audit: type=1400 audit(654.150:68): avc: denied { unmount } for pid=3286 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 655.504579][ T3286] cgroup: Unknown subsys name 'cpuset' [ 655.609748][ T3286] cgroup: Unknown subsys name 'rlimit' [ 656.674821][ T25] audit: type=1400 audit(655.770:69): avc: denied { setattr } for pid=3286 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 656.713654][ T25] audit: type=1400 audit(655.790:70): avc: denied { mounton } for pid=3286 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 656.724396][ T25] audit: type=1400 audit(655.800:71): avc: denied { mount } for pid=3286 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 657.990218][ T3289] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 658.015033][ T25] audit: type=1400 audit(657.100:72): avc: denied { relabelto } for pid=3289 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 658.044981][ T25] audit: type=1400 audit(657.130:73): avc: denied { write } for pid=3289 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 658.223485][ T25] audit: type=1400 audit(657.310:74): avc: denied { read } for pid=3286 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 658.252263][ T25] audit: type=1400 audit(657.330:75): avc: denied { open } for pid=3286 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 658.288367][ T3286] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 708.784486][ T25] audit: type=1400 audit(707.880:76): avc: denied { execmem } for pid=3290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 712.366733][ T25] audit: type=1400 audit(711.460:77): avc: denied { read } for pid=3292 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 712.405937][ T25] audit: type=1400 audit(711.500:78): avc: denied { open } for pid=3292 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 712.489455][ T25] audit: type=1400 audit(711.580:79): avc: denied { mounton } for pid=3292 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 712.774019][ T25] audit: type=1400 audit(711.870:80): avc: denied { module_request } for pid=3292 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 714.049905][ T25] audit: type=1400 audit(713.140:81): avc: denied { sys_module } for pid=3292 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 739.456910][ T3292] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 739.878174][ T3292] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 739.943348][ T3293] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 740.213761][ T3293] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 753.716456][ T3292] hsr_slave_0: entered promiscuous mode [ 753.757651][ T3292] hsr_slave_1: entered promiscuous mode [ 754.858082][ T3293] hsr_slave_0: entered promiscuous mode [ 754.895242][ T3293] hsr_slave_1: entered promiscuous mode [ 754.928635][ T3293] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 754.934364][ T3293] Cannot create hsr debugfs directory [ 764.042367][ T25] audit: type=1400 audit(763.130:82): avc: denied { create } for pid=3292 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 764.121669][ T25] audit: type=1400 audit(763.200:83): avc: denied { write } for pid=3292 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 764.152884][ T25] audit: type=1400 audit(763.230:84): avc: denied { read } for pid=3292 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 764.416521][ T3292] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 765.045540][ T3292] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 765.319865][ T3292] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 765.993508][ T3292] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 768.301586][ T3293] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 768.534001][ T3293] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 768.758724][ T3293] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 769.123244][ T3293] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 787.586296][ T3292] 8021q: adding VLAN 0 to HW filter on device bond0 [ 789.418145][ T3293] 8021q: adding VLAN 0 to HW filter on device bond0 [ 851.994057][ T3292] veth0_vlan: entered promiscuous mode [ 852.788289][ T3292] veth1_vlan: entered promiscuous mode [ 853.047583][ T3293] veth0_vlan: entered promiscuous mode [ 853.933889][ T3293] veth1_vlan: entered promiscuous mode [ 855.570923][ T3292] veth0_macvtap: entered promiscuous mode [ 855.935563][ T3292] veth1_macvtap: entered promiscuous mode [ 856.595911][ T3293] veth0_macvtap: entered promiscuous mode [ 856.993395][ T3293] veth1_macvtap: entered promiscuous mode [ 858.389748][ T3292] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 858.399413][ T3292] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 858.416326][ T3292] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 858.447602][ T3292] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 859.744459][ T3293] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 859.748548][ T3293] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 859.764795][ T3293] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 859.774259][ T3293] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 861.486861][ T25] audit: type=1400 audit(860.570:85): avc: denied { mount } for pid=3292 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 861.688760][ T25] audit: type=1400 audit(860.780:86): avc: denied { mounton } for pid=3292 comm="syz-executor" path="/syzkaller.9iQWLE/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 861.966671][ T25] audit: type=1400 audit(861.050:87): avc: denied { mount } for pid=3292 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 862.567745][ T25] audit: type=1400 audit(861.650:88): avc: denied { mounton } for pid=3292 comm="syz-executor" path="/syzkaller.9iQWLE/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 862.773919][ T25] audit: type=1400 audit(861.850:89): avc: denied { mounton } for pid=3292 comm="syz-executor" path="/syzkaller.9iQWLE/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3262 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 863.105224][ T25] audit: type=1400 audit(862.180:90): avc: denied { unmount } for pid=3292 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 863.234798][ T25] audit: type=1400 audit(862.330:91): avc: denied { mounton } for pid=3292 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 863.311544][ T25] audit: type=1400 audit(862.370:92): avc: denied { mount } for pid=3292 comm="syz-executor" name="/" dev="gadgetfs" ino=3265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 863.447012][ T25] audit: type=1400 audit(862.540:93): avc: denied { mount } for pid=3292 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 863.528366][ T25] audit: type=1400 audit(862.620:94): avc: denied { mounton } for pid=3292 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 864.548856][ T3292] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 868.777215][ T25] kauditd_printk_skb: 4 callbacks suppressed [ 868.788757][ T25] audit: type=1400 audit(867.870:100): avc: denied { read } for pid=3436 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 868.819888][ T25] audit: type=1400 audit(867.910:101): avc: denied { open } for pid=3436 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 868.849563][ T25] audit: type=1400 audit(867.840:99): avc: denied { read } for pid=3437 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 869.397678][ T25] audit: type=1400 audit(868.490:102): avc: denied { ioctl } for pid=3437 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 871.918687][ T25] audit: type=1400 audit(871.000:103): avc: denied { write } for pid=3436 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 880.498915][ T25] audit: type=1400 audit(879.410:104): avc: denied { append } for pid=3437 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 912.385321][ T25] audit: type=1400 audit(911.450:105): avc: denied { setattr } for pid=3463 comm="syz.1.8" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 937.049465][ T25] audit: type=1400 audit(936.030:106): avc: denied { execute } for pid=3478 comm="syz.0.12" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4311 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 1074.646567][ T3560] kvm [3560]: Failed to find VMA for hva 0x20c00000 [ 1074.719125][ T3564] kvm [3564]: Failed to find VMA for hva 0x20c00000 [ 1277.997846][ T3694] kvm [3694]: Failed to find VMA for hva 0x20d8d000 [ 1490.966274][ T25] audit: type=1400 audit(1490.050:107): avc: denied { map } for pid=3828 comm="syz.1.109" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1491.036611][ T25] audit: type=1400 audit(1490.120:108): avc: denied { execute } for pid=3828 comm="syz.1.109" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1544.447186][ T3868] kvm [3868]: Failed to find VMA for hva 0x20e8a000 [ 1730.298789][ T3981] KVM: debugfs: duplicate directory 3981-5 [ 2187.455552][ T4278] kvm [4278]: Failed to find VMA for hva 0x20d8d000 [ 2251.948480][ T4320] KVM: debugfs: duplicate directory 4320-7 [ 2335.795792][ T4370] KVM: debugfs: duplicate directory 4370-12 [ 2494.203111][ T25] audit: type=1400 audit(2493.280:109): avc: denied { ioctl } for pid=4482 comm="syz.1.291" path="net:[4026531840]" dev="nsfs" ino=4026531840 ioctlcmd=0xb707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 2632.725580][ T4571] kvm [4571]: Failed to find VMA for hva 0x21016000 [ 2654.589939][ T4583] KVM: debugfs: duplicate directory 4583-5 [ 2740.973554][ T4647] kvm [4645]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 2740.973554][ T4647] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2740.987480][ T4647] kvm [4645]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2740.987480][ T4647] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2741.036313][ T4647] kvm [4645]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2741.036313][ T4647] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2741.083523][ T4647] kvm [4645]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2741.083523][ T4647] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2741.133667][ T4647] kvm [4645]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2741.133667][ T4647] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2741.169191][ T4647] kvm [4645]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2741.169191][ T4647] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2741.237087][ T4647] kvm [4645]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2741.237087][ T4647] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2741.263502][ T4647] kvm [4645]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2741.263502][ T4647] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2741.337766][ T4647] kvm [4645]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2741.337766][ T4647] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2741.389612][ T4647] kvm [4645]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2741.389612][ T4647] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2746.035286][ T4647] print_sys_reg_msg: 458 callbacks suppressed [ 2746.132934][ T4647] kvm [4645]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2746.132934][ T4647] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2746.146703][ T4647] kvm [4645]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2746.146703][ T4647] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2746.213949][ T4647] kvm [4645]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2746.213949][ T4647] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2746.233792][ T4647] kvm [4645]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2746.233792][ T4647] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2746.325764][ T4647] kvm [4645]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2746.325764][ T4647] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2746.416167][ T4647] kvm [4645]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2746.416167][ T4647] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2746.475195][ T4647] kvm [4645]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2746.475195][ T4647] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2746.595279][ T4647] kvm [4645]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2746.595279][ T4647] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2746.658013][ T4647] kvm [4645]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2746.658013][ T4647] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2746.665440][ T4647] kvm [4645]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2746.665440][ T4647] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2971.148376][ T4802] KVM: debugfs: duplicate directory 4802-4 [ 2975.463274][ T4805] kvm [4805]: Failed to find VMA for hva 0x21016000 [ 3016.726558][ T4825] debugfs: File 'vgic-its-state@8080000' in directory '4823-6' already present! [ 3283.838283][ T5011] kvm [5011]: Failed to find VMA for hva 0x20c01000 [ 3496.777997][ T5162] print_sys_reg_msg: 90 callbacks suppressed [ 3496.829932][ T5162] kvm [5161]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 3496.829932][ T5162] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3496.932358][ T5162] kvm [5161]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3496.932358][ T5162] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3496.950156][ T5162] kvm [5161]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3496.950156][ T5162] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3497.022780][ T5162] kvm [5161]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3497.022780][ T5162] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3497.076862][ T5162] kvm [5161]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3497.076862][ T5162] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3497.129660][ T5162] kvm [5161]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3497.129660][ T5162] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3497.173363][ T5162] kvm [5161]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3497.173363][ T5162] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3497.226660][ T5162] kvm [5161]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3497.226660][ T5162] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3497.266416][ T5162] kvm [5161]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3497.266416][ T5162] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3497.303049][ T5162] kvm [5161]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3497.303049][ T5162] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3729.916832][ T5320] KVM: debugfs: duplicate directory 5320-4 [ 3990.904531][ T5489] kvm [5489]: Failed to find VMA for hva 0x20c01000 [ 4059.874126][ T5533] kvm [5533]: Failed to find VMA for hva 0x20c01000 [ 4361.887099][ T5731] kvm [5731]: Failed to find VMA for hva 0x20c01000 [ 4407.255602][ T5756] KVM: debugfs: duplicate directory 5756-5 [ 4767.772466][ T5989] ================================================================== [ 4767.773320][ T5989] BUG: KASAN: invalid-access in _raw_spin_lock_irqsave+0x5c/0x7c [ 4767.775294][ T5989] Read of size 1 at addr 00000000000013c8 by task syz.1.701/5989 [ 4767.775698][ T5989] [ 4767.776830][ T5989] CPU: 0 UID: 0 PID: 5989 Comm: syz.1.701 Not tainted 6.15.0-rc4-syzkaller-g1b85d923ba8c #0 PREEMPT [ 4767.777386][ T5989] Hardware name: linux,dummy-virt (DT) [ 4767.777832][ T5989] Call trace: [ 4767.778218][ T5989] show_stack+0x2c/0x3c (C) [ 4767.778809][ T5989] __dump_stack+0x30/0x40 [ 4767.779126][ T5989] dump_stack_lvl+0xd8/0x12c [ 4767.779452][ T5989] print_report+0x5c/0xa0 [ 4767.779721][ T5989] kasan_report+0xb0/0x110 [ 4767.779985][ T5989] __kasan_check_byte+0x3c/0x54 [ 4767.780272][ T5989] lock_acquire+0xb0/0x2e0 [ 4767.780554][ T5989] _raw_spin_lock_irqsave+0x5c/0x7c [ 4767.780793][ T5989] kvm_vgic_set_owner+0x18c/0x294 [ 4767.781067][ T5989] kvm_timer_enable+0x1c4/0x794 [ 4767.781298][ T5989] kvm_arch_vcpu_run_pid_change+0x1f0/0x484 [ 4767.781532][ T5989] kvm_vcpu_ioctl+0xae8/0xc24 [ 4767.781775][ T5989] __arm64_sys_ioctl+0x18c/0x244 [ 4767.782084][ T5989] invoke_syscall+0x90/0x2b4 [ 4767.782381][ T5989] el0_svc_common+0x180/0x2f4 [ 4767.782657][ T5989] do_el0_svc+0x58/0x74 [ 4767.782949][ T5989] el0_svc+0x58/0x134 [ 4767.783204][ T5989] el0t_64_sync_handler+0x78/0x108 [ 4767.783444][ T5989] el0t_64_sync+0x198/0x19c [ 4767.783997][ T5989] ================================================================== [ 4767.786341][ T5989] Disabling lock debugging due to kernel taint [ 4767.787551][ T5989] Unable to handle kernel paging request at virtual address ffef80000000013b [ 4767.788029][ T5989] KASAN: maybe wild-memory-access in range [0xff000000000013b0-0xff000000000013bf] [ 4767.788399][ T5989] Mem abort info: [ 4767.788622][ T5989] ESR = 0x0000000096000004 [ 4767.788925][ T5989] EC = 0x25: DABT (current EL), IL = 32 bits [ 4767.789259][ T5989] SET = 0, FnV = 0 [ 4767.789535][ T5989] EA = 0, S1PTW = 0 [ 4767.789799][ T5989] FSC = 0x04: level 0 translation fault [ 4767.790118][ T5989] Data abort info: [ 4767.790388][ T5989] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 [ 4767.790650][ T5989] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 4767.790982][ T5989] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 4767.791441][ T5989] [ffef80000000013b] address between user and kernel address ranges [ 4767.792310][ T5989] Internal error: Oops: 0000000096000004 [#1] SMP [ 4767.811219][ T5989] Modules linked in: [ 4767.813108][ T5989] CPU: 0 UID: 0 PID: 5989 Comm: syz.1.701 Tainted: G B 6.15.0-rc4-syzkaller-g1b85d923ba8c #0 PREEMPT [ 4767.814425][ T5989] Tainted: [B]=BAD_PAGE [ 4767.815161][ T5989] Hardware name: linux,dummy-virt (DT) [ 4767.816115][ T5989] pstate: 604020c9 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 4767.817363][ T5989] pc : do_raw_spin_lock+0x4c/0x2b4 [ 4767.818233][ T5989] lr : _raw_spin_lock_irqsave+0x64/0x7c [ 4767.819099][ T5989] sp : ffff8000a8c77930 [ 4767.819852][ T5989] x29: ffff8000a8c77940 x28: d6f000001d4bd7c0 x27: d6f000001d4bec30 [ 4767.821522][ T5989] x26: 0000000000000001 x25: d6f000001d4bee10 x24: 0000000000000010 [ 4767.822963][ T5989] x23: 1bff8000a8d5d000 x22: d6f000001d4bd7c0 x21: ffff800080208ab8 [ 4767.824285][ T5989] x20: 00000000000013b0 x19: efff800000000000 x18: 00000000078f595b [ 4767.825681][ T5989] x17: 000000000000005b x16: 00000000000000fe x15: 0000000000000000 [ 4767.827190][ T5989] x14: 0000000000000000 x13: 00000000ffffffff x12: 0000000000000002 [ 4767.828571][ T5989] x11: 0000000000000001 x10: 0ff000000000013b x9 : 0000000000000000 [ 4767.830055][ T5989] x8 : 00000000000013b4 x7 : ffff8000870d1e20 x6 : ffff800086599264 [ 4767.831509][ T5989] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff8000802afe9c [ 4767.832764][ T5989] x2 : 0000000000000001 x1 : 0000000000000000 x0 : 00000000000013b0 [ 4767.834174][ T5989] Call trace: [ 4767.834862][ T5989] do_raw_spin_lock+0x4c/0x2b4 (P) [ 4767.835742][ T5989] _raw_spin_lock_irqsave+0x64/0x7c [ 4767.836596][ T5989] kvm_vgic_set_owner+0x18c/0x294 [ 4767.837462][ T5989] kvm_timer_enable+0x1c4/0x794 [ 4767.838287][ T5989] kvm_arch_vcpu_run_pid_change+0x1f0/0x484 [ 4767.839184][ T5989] kvm_vcpu_ioctl+0xae8/0xc24 [ 4767.839997][ T5989] __arm64_sys_ioctl+0x18c/0x244 [ 4767.840916][ T5989] invoke_syscall+0x90/0x2b4 [ 4767.841793][ T5989] el0_svc_common+0x180/0x2f4 [ 4767.842724][ T5989] do_el0_svc+0x58/0x74 [ 4767.843615][ T5989] el0_svc+0x58/0x134 [ 4767.844468][ T5989] el0t_64_sync_handler+0x78/0x108 [ 4767.845305][ T5989] el0t_64_sync+0x198/0x19c [ 4767.846568][ T5989] Code: d344fd4a aa0003f4 f90007e9 d378fd09 (386a6a6a) [ 4767.848325][ T5989] ---[ end trace 0000000000000000 ]--- [ 4767.849873][ T5989] Kernel panic - not syncing: Oops: Fatal exception [ 4767.852022][ T5989] Kernel Offset: disabled [ 4767.852828][ T5989] CPU features: 0x0000,00000340,02fbcdf1,057ffe1f [ 4767.853948][ T5989] Memory Limit: none [ 4767.855362][ T5989] Rebooting in 86400 seconds.. VM DIAGNOSIS: 20:10:41 Registers: info registers vcpu 0 CPU#0 PC=ffff80008208eb6c X00=0000000000000003 X01=0000000000000002 X02=000000000000007a X03=ffff80008208ea68 X04=0000000000000001 X05=0000000000000000 X06=ffff800081e7b000 X07=ffff8000870d1e20 X08=aaf000000dfa9d80 X09=0000000000000000 X10=0000000000ff0100 X11=00000000000000fe X12=000000000000006d X13=0000000000000007 X14=0000000000000000 X15=0000000000000000 X16=00000000000000fe X17=000000000000005b X18=00000000078f595b X19=efff800000000000 X20=6df000000e049080 X21=bcff80008c44b018 X22=0000000000000002 X23=6df000000e04917a X24=000000000000006d X25=6df000000e0492c8 X26=6df000000e0490c8 X27=000000000000006d X28=000000000000006d X29=ffff8000a8c77090 X30=ffff80008208eb6c SP=ffff8000a8c77080 PSTATE=804020c9 N--- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000 P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000 FFR=0000 Z00=1300000000000000:1300000000000000 Z01=0000001300000000:0000000000000000 Z02=0000000000000013:0000000000000000 Z03=00d000a800000000:0000000000000000 Z04=0000000000000000:0000000000000002 Z05=0000000000000013:0000000000000002 Z06=6edc4d3a2914b135:d8e9c869e2695c88 Z07=b20fae707afde253:388e9c6c4fa85ca0 Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000 Z16=0000ffffde10b000:0000ffffde10b000 Z17=ffffff80ffffffd0:0000ffffde10afd0 Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000