last executing test programs: 1m0.005870837s ago: executing program 1 (id=1163): mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x2, 0x4102932, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x2, 0x4102932, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_MMIO(0x0, 0x20, &(0x7f0000000000)="7cfaa2bfd6dd76375aa1bde04fceeb33743b07d73b3e9aac", 0x0, 0x18) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) (async) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x3ff}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_init) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f00000000c0)=@attr_pmu_init) ioctl$KVM_RUN(r2, 0xae80, 0x0) (async) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c7801, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="14000000000000002000000000000000f2c4130000003060008000000000000014000000000000002000000000000000e0dc1300000030d11b"], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000340)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000040)=0x9}) ioctl$KVM_RUN(r6, 0xae80, 0x0) (async) ioctl$KVM_RUN(r6, 0xae80, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) (async) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) close(0x5) (async) close(0x5) r8 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) (async) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x4) ioctl$KVM_ARM_VCPU_INIT(r10, 0x4020aeae, &(0x7f0000000000)={0x5, 0xa}) 48.938330125s ago: executing program 0 (id=1164): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x26e000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, 0xfffffffffffffffe) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8100, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x108000, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x10081, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r7 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f0000000080)={0x2, 0x0, 0x0, r7}) ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000240)={r7, 0xfb, 0x2, r7}) ioctl$KVM_CHECK_EXTENSION(r5, 0x40086602, 0x110e20ffff) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f831, 0xffffffffffffffff, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x541b, 0x0) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r11, 0x4018aee1, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0xef000000, 0x1000, 0x2}}) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r11, r12, &(0x7f0000e8a000/0x18000)=nil, &(0x7f0000000140)=[{0x0, &(0x7f0000000180)=[@smc={0x1e, 0x40, {0xef000000, [0x0, 0x1, 0x2, 0x3, 0x4]}}, @mrs={0xbe, 0x18, {0x603000000013c807}}], 0x58}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x1fe, 0x2, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) 48.279073493s ago: executing program 1 (id=1165): munmap(&(0x7f0000c8f000/0x4000)=nil, 0x4000) r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0x0, &(0x7f00000000c0), 0x8a02, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r3 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) syz_kvm_vgic_v3_setup(r4, 0x0, 0x20) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000000)={0x1fe, 0x0, 0x8080000, 0x1000, &(0x7f0000ffc000/0x1000)=nil}) r5 = syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000080)={0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="aa00000000000000280000000000000003"], 0x28}, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 40.811715496s ago: executing program 1 (id=1166): r0 = mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) r1 = mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) r2 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2000, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vm(r5, 0x8040aeb6, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff}) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) 38.000760193s ago: executing program 0 (id=1167): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000180)=[@mrs={0xbe, 0x18, {0x603000000013df7f}}, @uexit={0x0, 0x18, 0x5}, @svc={0x122, 0x40, {0x84000000, [0x740, 0x0, 0x352, 0xfffffffffffffffc, 0x80]}}, @smc={0x1e, 0x40, {0xc400000e, [0x7b, 0x4, 0x100000001, 0x1, 0x7ff]}}, @smc={0x1e, 0x40, {0x86000000, [0x101, 0x0, 0x6, 0x6, 0x9]}}, @hvc={0x32, 0x40, {0x80000001, [0xf9, 0x4, 0x7ff, 0x8, 0x6]}}], 0x130}, &(0x7f00000000c0)=[@featur1={0x1, 0x98}], 0x1) ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f00000002c0)=@arm64_fw={0x6030000000140000, &(0x7f0000000100)=0x1}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1}) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000140)=@arm64_ccsidr={0x6020000000110005, 0x0}) munmap(&(0x7f0000ea4000/0x2000)=nil, 0x2000) munmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) munmap(&(0x7f0000c8f000/0x4000)=nil, 0x4000) munmap(&(0x7f0000d83000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) munmap(&(0x7f0000d47000/0x2000)=nil, 0x2000) munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) r5 = openat$kvm(0x0, &(0x7f00000000c0), 0x200, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000240)={0x5, 0x11}) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000080)=@arm64_sve={0x60800000001501a0, 0x0}) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f831, 0xffffffffffffffff, 0x0) 30.686824854s ago: executing program 0 (id=1168): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000000)={0x2, 0x0, [{0xffff, 0x1, 0x1, 0x0, @sint={0x10000, 0x8001}}, {0x8000, 0x2, 0x1, 0x0, @sint={0x7fff, 0x7fffffff}}]}) r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000940)={0x0, &(0x7f0000000080)=[@eret={0xe6, 0x18, 0x931e}, @uexit={0x0, 0x18, 0x6}, @svc={0x122, 0x40, {0x200, [0x8000, 0x3, 0x2, 0x8]}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x294}}, @svc={0x122, 0x40, {0x3000000, [0x89, 0x7, 0x9, 0xb74c, 0x4]}}, @code={0xa, 0xb4, {"40838ed20060b0f2010080d2c20180d2030180d2e40080d2020000d40014200e208397d20000b8f2610180d2620180d2430180d2040080d2020000d4007008d5007008d540a48ed200c0b0f2c10180d2420080d2c30080d2640180d2020000d460db9bd200c0b0f2210080d2e20180d2030080d2440180d2020000d4a05c88d20000b0f2810080d2a20080d2c30180d2840180d2020000d4008008d5000008d5"}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x204}}, @mrs={0xbe, 0x18, {0x603000000013e081}}, @irq_setup={0x46, 0x18, {0x3, 0x11c}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x4, 0x7, 0x8, 0x8, 0x3}}, @msr={0x14, 0x20, {0x603000000013de90, 0x8097}}, @its_send_cmd={0xaa, 0x28, {0x0, 0x0, 0x2, 0xe, 0x9, 0xd6e, 0x3}}, @svc={0x122, 0x40, {0x84000010, [0x5, 0x8, 0x6, 0x0, 0x4]}}, @code={0xa, 0xb4, {"e07b9ad20080b8f2a10080d2420180d2030080d2440180d2020000d4205f98d20020b0f2810080d2620080d2e30180d2040080d2020000d4000880b860af8ad20060b8f2e10180d2820180d2030080d2c40180d2020000d400c0005f000008d5a09492d20060b0f2a10180d2a20080d2e30080d2a40180d2020000d480e296d20000b8f2810180d2620080d2430080d2640180d2020000d40000000a0040206e"}}, @smc={0x1e, 0x40, {0x84000011, [0x5, 0x1, 0x0, 0xfffffffffffffff1, 0x3]}}, @irq_setup={0x46, 0x18, {0x4, 0x370}}, @uexit={0x0, 0x18, 0x61d08000000}, @code={0xa, 0xcc, {"000028d50048c01aa0ee8dd20060b0f2a10080d2620080d2230180d2c40180d2020000d400d289d20040b0f2e10080d2220080d2830180d2640180d2020000d460369dd200a0b0f2a10180d2220180d2230080d2440080d2020000d460bb8fd200a0b0f2810080d2e20180d2c30180d2a40080d2020000d4007008d500fca09b20ed99d20020b0f2e10180d2c20080d2030080d2a40080d2020000d460f886d20080b8f2410180d2e20180d2430080d2040180d2020000d4"}}, @hvc={0x32, 0x40, {0x86000000, [0x6, 0xfffffffffffffffc, 0x1, 0x3, 0xfffffffffffffff9]}}, @code={0xa, 0x54, {"000028d5c0a683d20020b0f2a10080d2620080d2430180d2440080d2020000d4007008d5000008d500e0c00d00b4200e0000206a0020000e007008d50000df0c"}}, @code={0xa, 0x84, {"0090805f0040c00d0000a09b0000c00c002389d20000b8f2a10080d2620080d2c30080d2c40080d2020000d4007008d5000028d5000028d560b18fd20060b8f2810180d2a20080d2230080d2c40080d2020000d4800e9ed200a0b8f2e10080d2020180d2a30080d2840180d2020000d4"}}, @svc={0x122, 0x40, {0x5000000, [0x4, 0x0, 0x4, 0xa, 0x5]}}, @code={0xa, 0x9c, {"008008d5008992d200c0b0f2810080d2820180d2830180d2e40080d2020000d4008008d5602480d20000b0f2210180d2220080d2030080d2640080d2020000d4000028d50020a00de00300b2202794d20080b8f2e10080d2420080d2030180d2a40180d2020000d4407a93d200e0b8f2e10180d2420180d2c30180d2040080d2020000d4007008d5"}}, @code={0xa, 0xe4, {"0004000f606788d200e0b8f2c10180d2820180d2230080d2440180d2020000d4000cc078605c8fd200e0b8f2c10080d2020080d2830180d2a40180d2020000d400609f0de07b97d20040b0f2e10080d2a20080d2230080d2e40180d2020000d4805a92d20020b0f2810180d2e20180d2630080d2640080d2020000d4408f93d20020b8f2e10080d2a20180d2030080d2a40180d2020000d420e888d20000b8f2410180d2220180d2030180d2a40180d2020000d4a00784d20000b0f2810080d2420180d2430080d2440080d2020000d4"}}, @code={0xa, 0x54, {"0004200e806e85d20000b0f2c10080d2220180d2430180d2a40180d2020000d4008008d50020800c007008d5002c004e007008d50020800c00a0c00d007008d5"}}, @uexit={0x0, 0x18, 0x3}, @mrs={0xbe, 0x18, {0x603000000013c00c}}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x189}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x3, 0xc, 0x38c0, 0x8, 0x3}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x1, 0xd, 0x7}}, @svc={0x122, 0x40, {0x8, [0x8, 0x9, 0x7, 0x0, 0xc45]}}], 0x898}, &(0x7f0000000980)=[@featur1={0x1, 0x26}], 0x1) r2 = eventfd2(0x8, 0x80401) r3 = eventfd2(0x623, 0x80001) ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f00000009c0)={r2, 0x80a0, 0x0, r3}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000a00), 0x20000, 0x0) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000a40)={0x3, 0xffffffffffffffff, 0x1}) ioctl$KVM_ARM_VCPU_INIT(r1, 0x4020aeae, &(0x7f0000000a80)={0x4, 0x9}) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000ac0)={0x2, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000b40)=@attr_arm64={0x0, 0x0, 0x3, &(0x7f0000000b00)=0x4e9}) r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_ARM_VCPU_INIT(r1, 0x4020aeae, &(0x7f0000000b80)={0x0, 0x14}) ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f0000000bc0)={0x5, 0xeeef0000, 0x2, r2, 0x2}) write$eventfd(r2, &(0x7f0000000c00)=0x1, 0x8) ioctl$KVM_ARM_VCPU_INIT(r1, 0x4020aeae, &(0x7f0000000c40)={0x1, 0x62}) r8 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000bff000/0x400000)=nil) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000d40)={0x0, &(0x7f0000000c80)=[@hvc={0x32, 0x40, {0x4000, [0x2, 0x0, 0x8, 0x7, 0x10]}}, @msr={0x14, 0x20, {0x6030000000138025, 0x7}}, @its_setup={0x82, 0x28, {0x3, 0x0, 0xd6}}], 0x88}, &(0x7f0000000d80), 0x1) ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000dc0)={r2, 0x4, 0x2, r3}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000e40)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f0000000e00)=0x4}) ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f0000000e80)={r2, 0x3, 0x2, r2}) ioctl$KVM_GET_ONE_REG(r1, 0x4010aeab, &(0x7f0000000f00)=@other={0x9, &(0x7f0000000ec0)=0x1}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000f40), 0xa4080, 0x0) r11 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r10, 0xae04) mmap$KVM_VCPU(&(0x7f0000ca0000/0x1000)=nil, r11, 0x2800003, 0x8010, r1, 0x0) munmap(&(0x7f0000fe8000/0x4000)=nil, 0x4000) ioctl$KVM_PPC_ALLOCATE_HTAB(r7, 0xc004aea7, &(0x7f0000000f80)=0x5) syz_kvm_setup_cpu$arm64(r7, r9, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000001500)=[{0x0, &(0x7f0000000fc0)=[@smc={0x1e, 0x40, {0x10, [0x3, 0x7, 0x5, 0xcc, 0x2]}}, @smc={0x1e, 0x40, {0xc4000007, [0x3, 0x8000000000000000, 0x8, 0xd4, 0x9f]}}, @uexit={0x0, 0x18, 0xfffffffffffffffb}, @hvc={0x32, 0x40, {0x84000008, [0x0, 0x3, 0x9, 0x8, 0x7]}}, @msr={0x14, 0x20, {0x603000000013c109, 0x5}}, @hvc={0x32, 0x40, {0x4000000, [0x6, 0xf, 0xfffffffffffffffd, 0x59, 0xc]}}, @memwrite={0x6e, 0x30, @generic={0x2000, 0xa6d, 0x6, 0x5}}, @memwrite={0x6e, 0x30, @generic={0x8000000, 0xd48, 0xff28, 0xa}}, @smc={0x1e, 0x40, {0x84000012, [0x1, 0x1, 0xffff, 0xdfc3, 0x45]}}, @eret={0xe6, 0x18, 0x3}, @mrs={0xbe, 0x18, {0xd61feed68590c754}}, @msr={0x14, 0x20, {0x603000000013c230, 0x9}}, @svc={0x122, 0x40, {0xc4000003, [0x1, 0x42ae, 0x561, 0x7fff, 0x7]}}, @irq_setup={0x46, 0x18, {0x2, 0x2ae}}, @eret={0xe6, 0x18, 0xffffffff}, @mrs={0xbe, 0x18, {0x603000000013c017}}, @hvc={0x32, 0x40, {0xffff, [0x3, 0x0, 0x9, 0x10, 0x1]}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x4, 0x4, 0x2, 0x43}}, @smc={0x1e, 0x40, {0x20, [0x101, 0xe, 0xbae, 0x80, 0xca]}}, @irq_setup={0x46, 0x18, {0x2, 0xe3}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x73}}, @msr={0x14, 0x20, {0x603000000013c642, 0x8000000000000001}}, @hvc={0x32, 0x40, {0xc400000c, [0x100000000, 0x2, 0x0, 0x401, 0x8001]}}, @code={0xa, 0xb4, {"004286d200a0b8f2810080d2e20080d2a30080d2840180d2020000d4007008d560fe82d20040b8f2210080d2620180d2230180d2040080d2020000d400fca00e40e58bd20060b8f2810180d2e20180d2430080d2440080d2020000d4007008d5e0758fd20000b0f2210080d2020080d2430080d2240080d2020000d4007008d5603b86d200c0b0f2e10080d2e20080d2230180d2640080d2020000d40024005f"}}, @svc={0x122, 0x40, {0x6000000, [0x100000000, 0x9c, 0x1, 0x81, 0x36cb]}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x20020}}], 0x51c}], 0x1, 0x0, &(0x7f0000001540)=[@featur2={0x1, 0x1}], 0x1) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f00000015c0)=@arm64_ccsidr={0x6020000000110001, &(0x7f0000001580)=0x4}) 24.840644077s ago: executing program 0 (id=1169): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async) syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000040)={0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0000000000000000180000000000000000000000000000006e0000000000000030000000000000000000000800000000800000000000000001800000000000000f000000000000000a000000000000008400000000000000000028d5000040d340ed8cd200e0b0f2a10180d2a20080d2230180d2a40180d2020000d4008008d5000028d5000008d500000054007008d5000b88d200e0b8f2010080d2820180d2c30180d2e40080d2020000d480ff92d20020b8f2e10080d2820080d2a30180d2040080d2020000d4c0035fd61e0000000000000040000000000000000b000084000000004b040000000000000100d3b09b6a0000090000000000000001000000000000000300000000000000220100000000000040000000000000000000000500000000ff000000000000000e000000000000000100000000000000060000000000000005000000000000000000000000000000180000000000000008000000000000000a00000000000000840000000000000000000032008008d520d59dd200c0b8f2e10180d2a20080d2230080d2e40080d2020000d4000028d5007008d500de9bd200c0b8f2810080d2e20080d2e30180d2240180d2020000d40000c039002cc01a00aa85d200e0b8f2210180d2620180d2830080d2640180d2020000d4007008d5c0035fd64600000000000000180000000000000004000000c80200008200000000000000280000000000000000000000000000000300000000000000f9010000000000001400000000000000200000000000000074801300000030600200000000000000460000000000000018000000000000000000000072030000460000000000000018000000000000000100000053000000aa000000000000002800000000000000ae0002000000060000008d00000004000000020000000000aa0000000000000028000000000000000e0003000000070000000800000001000000040000000000aa0000000000000028000000000000000601010000000a0000000000000001000000000000000000"], 0x2f0}, &(0x7f0000000080)=[@featur2={0x1, 0x82}], 0x1) (async) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0x5460, 0x0) (async) close(r3) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) close(r2) 19.288944181s ago: executing program 1 (id=1170): syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0) r0 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000640)=[@eret={0xe6, 0x18, 0x8}, @eret={0xe6, 0x18, 0x1}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x18, 0x0, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x1, 0x4, 0x7, 0x2, 0x15, 0x1}}, @msr={0x14, 0x20, {0x603000000013c601, 0xeb28}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x2, 0x0, 0x7, 0x5, 0x2}}, @msr={0x14, 0x20, {0x603000000013e100, 0x80}}, @memwrite={0x6e, 0x30, @generic={0x6000, 0x7a0, 0x8, 0x2}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0x22f}}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x2d3}}, @svc={0x122, 0x40, {0x84000005, [0xfff, 0x7, 0x3, 0x3, 0x1]}}, @smc={0x1e, 0x40, {0x80008000, [0x0, 0x3, 0x9, 0x4, 0x7]}}, @its_send_cmd={0xaa, 0x28, {0xd, 0x0, 0x2, 0x0, 0x43, 0x9, 0x2}}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x268}}, @memwrite={0x6e, 0x30, @generic={0x2000, 0x7c1, 0x8, 0xd}}, @irq_setup={0x46, 0x18, {0x0, 0x187}}, @smc={0x1e, 0x40, {0x84000007, [0x61, 0xa0f5, 0x6, 0x4a7, 0x2]}}, @mrs={0xbe, 0x18, {0x603000000013e6c6}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x0, 0xf, 0x1, 0x7}}, @svc={0x122, 0x40, {0x2, [0x1, 0x82cb, 0x3ff, 0x7, 0x9]}}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x251}}, @msr={0x14, 0x20, {0x0, 0x6}}, @hvc={0x32, 0x40, {0xc4000051, [0x7fc00000, 0x9, 0x7fffffffffffffff, 0x0, 0xffffffffffffffa0]}}, @mrs={0xbe, 0x18}, @its_setup={0x82, 0x28, {0x2, 0x3, 0xf4}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x1ac}}, @smc={0x1e, 0x40, {0x80000000, [0x8, 0xbfe, 0xd141, 0x1, 0x1]}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x23c}}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x343}}], 0x4c8}, &(0x7f0000000040)=[@featur2={0x1, 0xc}], 0x1) r1 = eventfd2(0x6, 0x800) ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f00000000c0)={0xcf0487, 0x4000, 0x4, r1, 0x9}) ioctl$KVM_RUN(r0, 0xae80, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x400454cb, 0x0) 17.288850009s ago: executing program 0 (id=1171): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x2002, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f00000000c0)={0x5, 0x10}) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000000)=@arm64_extra={0x6030000000140000, &(0x7f00000001c0)=0x10000}) r6 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000000000000000000000000000100000000000000010000000000000001"], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r2, 0x1, 0x100) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000}) ioctl$KVM_RUN(r7, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x2, 0x4102932, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x4, 0x1, 0x0}) r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r11 = syz_kvm_setup_syzos_vm$arm64(r10, &(0x7f0000873000/0x400000)=nil) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000000)={0x0, &(0x7f00000000c0)=ANY=[@ANYRES64=r11], 0xfffffd06}, 0x0, 0x0) ioctl$KVM_RUN(r12, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0) 11.66998236s ago: executing program 1 (id=1172): ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) munmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000000)="790073a20534fcc3257abcd54c145d3598103c02da6e76988073fa92a86ed111ed623304fd20a10983f03f5641805351e9f6d2ae56a46955b4ff4f6283b52579269fb0073ea35d78", 0x0, 0x48) munmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x1, 0xffffffffffffffff, 0x1}) close(r0) ioctl$KVM_SET_DEVICE_ATTR(r0, 0x4018aee1, &(0x7f0000000100)=@attr_other={0x0, 0x6, 0x100, &(0x7f00000000c0)}) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r1, 0x4018aee1, &(0x7f0000000180)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000140)=0x4}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x600040, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000) r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000240)=@arm64_extra={0x603000000013c03e, &(0x7f0000000200)}) munmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000) r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000280)=@x86={0x3, 0x9e, 0x4, 0x0, 0x2, 0x9, 0x3, 0x6, 0xfa, 0x4, 0xc, 0xf7, 0x0, 0x8, 0x5, 0x7f, 0xff, 0x5, 0x7, '\x00', 0x7, 0x1}) ioctl$KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, &(0x7f0000000300)=@attr_other={0x0, 0x7, 0x2, &(0x7f00000002c0)}) close(r1) r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, r5, 0x2000002, 0x10, r1, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r4, 0x4010ae74, &(0x7f0000000340)={0x5, 0x55, 0x2}) r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_ARM_VCPU_INIT(r1, 0x4020aeae, &(0x7f0000000380)={0x5, 0x20}) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000400)=@arm64_fp_extra={0x60200000001000d5, &(0x7f00000003c0)=0x4}) ioctl$KVM_SIGNAL_MSI(r4, 0x4020aea5, &(0x7f0000000440)={0x10000, 0xc4cc4000, 0xc95, 0x0, 0xf7d}) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000940)={0x0, &(0x7f0000000480)=[@msr={0x14, 0x20, {0x603000000013de87, 0x8}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x0, 0x4, 0x81, 0x4b10c9d9, 0x4}}, @uexit={0x0, 0x18, 0x9}, @svc={0x122, 0x40, {0x3f000000, [0xfffffffffffffffb, 0x9, 0xf51, 0x7, 0x8]}}, @msr={0x14, 0x20, {0x603000000013df6d, 0x4}}, @uexit={0x0, 0x18}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0xa0, 0x9, 0x8}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x4, 0x5, 0x0, 0x8, 0x4}}, @eret={0xe6, 0x18, 0x800}, @mrs={0xbe, 0x18, {0x603000000013deb7}}, @eret={0xe6, 0x18, 0x8}, @eret={0xe6, 0x18, 0x3}, @memwrite={0x6e, 0x30, @generic={0x1, 0x688, 0x0, 0xc}}, @memwrite={0x6e, 0x30, @generic={0x2, 0x7a3, 0x6, 0xc}}, @memwrite={0x6e, 0x30, @generic={0xfffd4001, 0x7d6, 0x4}}, @hvc={0x32, 0x40, {0x80000002, [0x4855, 0xffff, 0x3, 0x8000, 0x7fffffff]}}, @uexit={0x0, 0x18, 0x8}, @smc={0x1e, 0x40, {0x73001004, [0x0, 0xffffffff, 0x100000000, 0xffff, 0xd3]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x0, 0x2, 0xa, 0x101, 0x2, 0x4}}, @uexit={0x0, 0x18, 0x9}, @svc={0x122, 0x40, {0x1, [0x8319, 0x80, 0x8, 0x2, 0x1]}}, @svc={0x122, 0x40, {0x32000000, [0x80, 0xc, 0x3, 0x5, 0x6]}}, @uexit={0x0, 0x18, 0x1}, @its_setup={0x82, 0x28, {0x2, 0x3, 0x338}}, @irq_setup={0x46, 0x18, {0x3, 0x22}}, @uexit={0x0, 0x18, 0x5}, @irq_setup={0x46, 0x18, {0x3, 0x21d}}, @hvc={0x32, 0x40, {0x0, [0x8, 0x8, 0xffffffff, 0x1, 0x8]}}, @hvc={0x32, 0x40, {0xc4000014, [0x3b, 0x0, 0x5, 0x5, 0xb]}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x1c4}}], 0x4a8}, &(0x7f0000000980)=[@featur1={0x1, 0x12}], 0x1) mmap$KVM_VCPU(&(0x7f0000ffe000/0x2000)=nil, r5, 0x1, 0x100010, r8, 0x0) syz_kvm_vgic_v3_setup(r6, 0x1, 0x360) 2.654666766s ago: executing program 1 (id=1173): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bff000/0x400000)=nil) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_FINALIZE(r3, 0x4004aec2, &(0x7f0000000040)=0x1) r4 = eventfd2(0x2, 0x800) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000080)={r4, 0x0, 0x3, r4}) ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f00000000c0)={0x8080000, 0x1000, 0x800, 0x1}) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x80, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x8000000000000001) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r4, 0x4068aea3, &(0x7f0000000140)={0xdf, 0x0, 0x18000}) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f00000001c0)={0x1, 0x101}) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000200)=0x4) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x800, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000280)=@arm64={0x3, 0x8, 0x8, '\x00', 0x7}) r8 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000007c0)={0x0, &(0x7f00000002c0)=[@memwrite={0x6e, 0x30, @generic={0x0, 0xe93, 0x0, 0xa}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x100, 0x1ff}}, @msr={0x14, 0x20, {0x603000000013df43, 0x8000}}, @irq_setup={0x46, 0x18, {0x2, 0x2f6}}, @hvc={0x32, 0x40, {0x84000014, [0x5, 0xd, 0xbed6, 0x8, 0x9]}}, @hvc={0x32, 0x40, {0x6000000, [0x8000000000000001, 0x3, 0xfffffffffffffffa, 0x7, 0x9]}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x2d7}}, @svc={0x122, 0x40, {0xc4000053, [0x1, 0x400, 0x2, 0x7f]}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x3, 0xd, 0xff, 0xff, 0x2}}, @msr={0x14, 0x20, {0x603000000013d807, 0x400}}, @eret={0xe6, 0x18, 0x8000000000000000}, @svc={0x122, 0x40, {0x3f000000, [0x81, 0x544, 0x2ef, 0xa, 0x7]}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x0, 0xc, 0xd, 0x7, 0x2}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x26e}}, @mrs={0xbe, 0x18, {0x603000000013dea1}}, @hvc={0x32, 0x40, {0xc4000007, [0x5, 0x7f, 0x5, 0x5, 0x2d7a]}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x4, 0x10, 0x9, 0x4, 0x1}}, @memwrite={0x6e, 0x30, @generic={0x0, 0x4b, 0x9, 0xf}}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x297}}, @svc={0x122, 0x40, {0x84000011, [0x3, 0x2, 0xfffffffffffff57c, 0x7f, 0x3]}}, @memwrite={0x6e, 0x30, @generic={0x100000, 0xa8, 0xe2f7, 0x4}}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x2b4}}, @uexit={0x0, 0x18, 0xaf3}, @irq_setup={0x46, 0x18, {0x1, 0x321}}, @eret={0xe6, 0x18, 0x78fd07b6}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x1b4}}, @its_setup={0x82, 0x28, {0x0, 0x4, 0x1eb}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x400, 0xb, 0x8}}, @msr={0x14, 0x20, {0x603000000013e533, 0x100000001}}, @mrs={0xbe, 0x18, {0x603000000013c013}}], 0x4e0}, &(0x7f0000000800), 0x1) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000840)=@arm64={0xd, 0x1, 0x5, '\x00', 0x2df6}) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r8, 0x4018aee2, &(0x7f00000008c0)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000880)=0x1}) ioctl$KVM_SET_DEVICE_ATTR_vm(r6, 0x4018aee1, &(0x7f0000000940)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000900)={0x3, 0xb9}}) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f00000009c0)=@other={0x2, &(0x7f0000000980)=0x8000000000000000}) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000a00)={0x3, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f0000000a80)=@attr_arm64={0x0, 0x5, 0x5, &(0x7f0000000a40)=0x5}) r10 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000fc0)={0x0, &(0x7f0000000ac0)=[@its_send_cmd={0xaa, 0x28, {0x1, 0x1, 0x3, 0x10, 0x415, 0x100}}, @smc={0x1e, 0x40, {0x84000012, [0x7, 0x7, 0x8, 0x7, 0xe]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1600, 0xc, 0xb}}, @memwrite={0x6e, 0x30, @generic={0x5000, 0xe40, 0x5, 0xe}}, @msr={0x14, 0x20, {0x603000000013e6c1, 0x9}}, @code={0xa, 0x6c, {"0028c01ac09e85d200a0b0f2810180d2420080d2230180d2840180d2020000d40060e00d007008d5000008d5008008d5a07383d20040b8f2610180d2020180d2830080d2840080d2020000d4004c207e007c200e007008d5"}}, @mrs={0xbe, 0x18, {0x603000000013f102}}, @svc={0x122, 0x40, {0x30000000, [0xd, 0x0, 0x401, 0x3, 0x879f]}}, @hvc={0x32, 0x40, {0xa0b1ebf1d6622189, [0x3, 0x8000000000000001, 0x9, 0x850, 0x5]}}, @hvc={0x32, 0x40, {0xffff, [0xa22, 0x9, 0x6, 0x3ff, 0x6]}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x9a}}, @code={0xa, 0x84, {"20c99bd200c0b8f2e10180d2c20080d2830180d2640080d2020000d40010000ee07296d200c0b0f2610180d2420180d2830180d2e40180d2020000d400049fd20060b8f2c10080d2220080d2430080d2c40080d2020000d400a0400d000008d50080206e008040c8000080d2008008d5"}}, @irq_setup={0x46, 0x18, {0x1, 0x321}}, @code={0xa, 0x9c, {"0020006f20c892d20040b8f2410080d2820180d2230080d2240080d2020000d4003a8dd200e0b0f2010180d2a20080d2230080d2240080d2020000d4000008d50000000be08a95d20000b8f2c10180d2a20180d2030080d2240080d2020000d4007008d5a0b09cd20080b8f2610180d2a20180d2030080d2e40080d2020000d40000202a007008d5"}}, @hvc={0x32, 0x40, {0x0, [0x3, 0x4, 0x0, 0x4]}}, @mrs={0xbe, 0x18, {0x603000000013e089}}, @irq_setup={0x46, 0x18, {0x2, 0x176}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xe00, 0x4, 0x6}}, @msr={0x14, 0x20, {0x603000000013defc, 0x6}}, @irq_setup={0x46, 0x18, {0x0, 0x105}}, @uexit={0x0, 0x18, 0x6}, @mrs={0xbe, 0x18, {0x603000000013e091}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0xc0, 0xfff, 0x2}}], 0x4c4}, &(0x7f0000001000), 0x1) ioctl$KVM_SET_VCPU_EVENTS(r10, 0x4040aea0, &(0x7f0000001040)=@arm64={0x9, 0x3, 0x5, '\x00', 0x2}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000010c0)=@attr_arm64={0x0, 0x7c63faafd19880b4, 0x2, &(0x7f0000001080)=0xf}) ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04) ioctl$KVM_ARM_VCPU_FINALIZE(r3, 0x4004aec2, &(0x7f0000001100)=0x2) 0s ago: executing program 0 (id=1174): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) munmap(&(0x7f0000647000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x53033, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000fde000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000eb3000/0x1000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f0f000/0x2000)=nil, 0x2000) munmap(&(0x7f0000f2a000/0x2000)=nil, 0x2000) munmap(&(0x7f00004a0000/0x2000)=nil, 0x2000) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000100)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x4, 0x0, 0x0}) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) munmap(&(0x7f0000f53000/0x4000)=nil, 0x4000) mmap$KVM_VCPU(&(0x7f0000f1a000/0x4000)=nil, 0x930, 0x1000008, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0x3, 0x9032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000f40000/0x5000)=nil, 0x5000) munmap(&(0x7f0000ff5000/0x1000)=nil, 0x1000) munmap(&(0x7f00006e2000/0x2000)=nil, 0x2000) r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r7, 0x380000f, 0x11, r6, 0x0) mmap$KVM_VCPU(&(0x7f000000d000/0x3000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): [ 459.770436][ T3132] eql: remember to turn off Van-Jacobson compression on your slave devices Warning: Permanently added '[localhost]:47927' (ED25519) to the list of known hosts. [ 610.029227][ T25] audit: type=1400 audit(609.110:60): avc: denied { name_bind } for pid=3300 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 611.004309][ T25] audit: type=1400 audit(610.070:61): avc: denied { execute } for pid=3301 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 611.022119][ T25] audit: type=1400 audit(610.100:62): avc: denied { execute_no_trans } for pid=3301 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 629.117023][ T25] audit: type=1400 audit(628.190:63): avc: denied { mounton } for pid=3301 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 629.148964][ T25] audit: type=1400 audit(628.230:64): avc: denied { mount } for pid=3301 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 629.236629][ T3301] cgroup: Unknown subsys name 'net' [ 629.285994][ T25] audit: type=1400 audit(628.360:65): avc: denied { unmount } for pid=3301 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 629.680289][ T3301] cgroup: Unknown subsys name 'cpuset' [ 629.781592][ T3301] cgroup: Unknown subsys name 'rlimit' [ 630.699822][ T25] audit: type=1400 audit(629.780:66): avc: denied { setattr } for pid=3301 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 630.719932][ T25] audit: type=1400 audit(629.800:67): avc: denied { mounton } for pid=3301 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 630.749039][ T25] audit: type=1400 audit(629.820:68): avc: denied { mount } for pid=3301 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 631.937473][ T3304] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 631.957719][ T25] audit: type=1400 audit(631.030:69): avc: denied { relabelto } for pid=3304 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 631.985390][ T25] audit: type=1400 audit(631.060:70): avc: denied { write } for pid=3304 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 632.160319][ T25] audit: type=1400 audit(631.240:71): avc: denied { read } for pid=3301 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 632.188347][ T25] audit: type=1400 audit(631.260:72): avc: denied { open } for pid=3301 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 632.229363][ T3301] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 680.206812][ T25] audit: type=1400 audit(679.290:73): avc: denied { execmem } for pid=3306 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 683.809257][ T25] audit: type=1400 audit(682.890:74): avc: denied { read } for pid=3308 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 683.838807][ T25] audit: type=1400 audit(682.900:75): avc: denied { open } for pid=3308 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 683.928580][ T25] audit: type=1400 audit(682.990:76): avc: denied { mounton } for pid=3308 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 684.196364][ T25] audit: type=1400 audit(683.240:77): avc: denied { module_request } for pid=3308 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 685.349601][ T25] audit: type=1400 audit(684.420:78): avc: denied { sys_module } for pid=3308 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 714.161516][ T3309] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 714.429778][ T3309] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 714.544834][ T3308] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 715.036490][ T3308] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 727.491090][ T3309] hsr_slave_0: entered promiscuous mode [ 727.521545][ T3309] hsr_slave_1: entered promiscuous mode [ 728.245912][ T3308] hsr_slave_0: entered promiscuous mode [ 728.278266][ T3308] hsr_slave_1: entered promiscuous mode [ 728.315708][ T3308] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 728.320375][ T3308] Cannot create hsr debugfs directory [ 733.795224][ T25] audit: type=1400 audit(732.870:79): avc: denied { create } for pid=3309 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 733.857100][ T25] audit: type=1400 audit(732.930:80): avc: denied { write } for pid=3309 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 733.876323][ T25] audit: type=1400 audit(732.950:81): avc: denied { read } for pid=3309 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 733.992063][ T3309] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 734.372024][ T3309] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 734.747052][ T3309] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 735.019423][ T3309] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 736.511837][ T3308] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 736.650590][ T3308] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 736.817800][ T3308] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 736.996667][ T3308] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 749.210416][ T3309] 8021q: adding VLAN 0 to HW filter on device bond0 [ 751.840881][ T3308] 8021q: adding VLAN 0 to HW filter on device bond0 [ 807.449810][ T3309] veth0_vlan: entered promiscuous mode [ 807.918964][ T3309] veth1_vlan: entered promiscuous mode [ 810.141579][ T3309] veth0_macvtap: entered promiscuous mode [ 810.172376][ T3308] veth0_vlan: entered promiscuous mode [ 810.587564][ T3309] veth1_macvtap: entered promiscuous mode [ 811.005731][ T3308] veth1_vlan: entered promiscuous mode [ 812.871792][ T3309] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 812.882116][ T3309] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 812.905504][ T3309] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 812.919896][ T3309] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 813.571706][ T3308] veth0_macvtap: entered promiscuous mode [ 814.215867][ T3308] veth1_macvtap: entered promiscuous mode [ 815.544847][ T25] audit: type=1400 audit(814.620:82): avc: denied { mount } for pid=3309 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 815.838340][ T25] audit: type=1400 audit(814.920:83): avc: denied { mounton } for pid=3309 comm="syz-executor" path="/syzkaller.TAXRAP/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 816.139431][ T25] audit: type=1400 audit(815.130:84): avc: denied { mount } for pid=3309 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 816.479083][ T25] audit: type=1400 audit(815.490:85): avc: denied { mounton } for pid=3309 comm="syz-executor" path="/syzkaller.TAXRAP/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 816.588567][ T3308] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 816.600143][ T25] audit: type=1400 audit(815.650:86): avc: denied { mounton } for pid=3309 comm="syz-executor" path="/syzkaller.TAXRAP/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3264 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 816.634565][ T3308] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 816.645764][ T3308] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 816.668821][ T3308] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 817.475270][ T25] audit: type=1400 audit(816.540:87): avc: denied { unmount } for pid=3309 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 817.989235][ T25] audit: type=1400 audit(817.070:88): avc: denied { mounton } for pid=3309 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 818.155251][ T25] audit: type=1400 audit(817.230:89): avc: denied { mount } for pid=3309 comm="syz-executor" name="/" dev="gadgetfs" ino=3272 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 818.600348][ T25] audit: type=1400 audit(817.610:90): avc: denied { mount } for pid=3309 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 818.672106][ T25] audit: type=1400 audit(817.750:91): avc: denied { mounton } for pid=3309 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 820.562371][ T3309] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 822.209655][ T25] kauditd_printk_skb: 1 callbacks suppressed [ 822.225144][ T25] audit: type=1400 audit(821.290:93): avc: denied { read write } for pid=3309 comm="syz-executor" name="loop0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 822.254515][ T25] audit: type=1400 audit(821.320:94): avc: denied { open } for pid=3309 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 822.306586][ T25] audit: type=1400 audit(821.380:95): avc: denied { ioctl } for pid=3309 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=637 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 826.974478][ T25] audit: type=1400 audit(826.030:96): avc: denied { read } for pid=3462 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 827.075662][ T25] audit: type=1400 audit(826.130:97): avc: denied { open } for pid=3462 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 828.161593][ T25] audit: type=1400 audit(827.230:98): avc: denied { ioctl } for pid=3462 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 838.626027][ T25] audit: type=1400 audit(837.700:99): avc: denied { execute } for pid=3470 comm="syz.1.3" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3391 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 839.035088][ T25] audit: type=1400 audit(838.030:100): avc: denied { write } for pid=3470 comm="syz.1.3" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 842.095476][ T25] audit: type=1400 audit(841.160:101): avc: denied { append } for pid=3470 comm="syz.1.3" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 853.278194][ T25] audit: type=1400 audit(852.360:102): avc: denied { map } for pid=3478 comm="syz.1.5" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 978.576817][ T3552] kvm [3552]: Failed to find VMA for hva 0x21016000 [ 1207.898357][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 1207.898357][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1207.938504][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1207.938504][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1207.949559][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1207.949559][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1207.987404][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1207.987404][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1208.008406][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1208.008406][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1208.026202][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1208.026202][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1208.069330][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1208.069330][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1208.100622][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1208.100622][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1208.125590][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1208.125590][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1208.151805][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1208.151805][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1212.937767][ T3697] print_sys_reg_msg: 535 callbacks suppressed [ 1212.966506][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1212.966506][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1213.057532][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1213.057532][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1213.089274][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1213.089274][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1213.120462][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1213.120462][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1213.201038][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1213.201038][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1213.241197][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1213.241197][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1213.300477][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1213.300477][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1213.349624][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1213.349624][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1213.420530][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1213.420530][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1213.470932][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1213.470932][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1218.086569][ T3697] print_sys_reg_msg: 605 callbacks suppressed [ 1218.126657][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1218.126657][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1218.171088][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1218.171088][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1218.217055][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1218.217055][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1218.298282][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1218.298282][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1218.338515][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1218.338515][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1218.420899][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1218.420899][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1218.461835][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1218.461835][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1218.529695][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1218.529695][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1218.566576][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1218.566576][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1218.640931][ T3697] kvm [3696]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1218.640931][ T3697] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1235.011941][ T3712] debugfs: File 'vgic-its-state@8080000' in directory '3712-4' already present! [ 1329.664629][ T3773] kvm [3773]: Failed to find VMA for hva 0x20d8c000 [ 1367.735567][ T25] audit: type=1400 audit(1366.810:103): avc: denied { ioctl } for pid=3797 comm="syz.0.105" path="net:[4026532638]" dev="nsfs" ino=4026532638 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 1517.007434][ T3903] kvm [3903]: Failed to find VMA for hva 0x208a1000 [ 1517.021521][ T3904] kvm [3904]: Failed to find VMA for hva 0x208a1000 [ 1526.795617][ T3916] kvm [3916]: Failed to find VMA for hva 0x21016000 [ 1632.954607][ T25] audit: type=1400 audit(1631.980:104): avc: denied { setattr } for pid=3988 comm="syz.1.158" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1651.438000][ T4002] kvm [4002]: Failed to find VMA for hva 0x20d8d000 [ 1940.776103][ T4183] kvm [4183]: Failed to find VMA for hva 0x20d8d000 [ 1972.656322][ T4203] KVM: debugfs: duplicate directory 4203-10 [ 2374.049967][ T4466] kvm [4466]: Failed to find VMA for hva 0x208a1000 [ 2476.595632][ T4535] kvm [4535]: Failed to find VMA for hva 0x20d8d000 [ 2497.176846][ T4555] KVM: debugfs: duplicate directory 4555-6 [ 2700.857468][ T4694] kvm [4694]: Failed to find VMA for hva 0x208a1000 [ 3019.859922][ T4914] kvm [4914]: Failed to find VMA for hva 0x208a1000 [ 3134.271945][ T4979] print_sys_reg_msg: 119 callbacks suppressed [ 3134.321431][ T4979] kvm [4978]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 3134.321431][ T4979] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3134.379686][ T4979] kvm [4978]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3134.379686][ T4979] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3134.405571][ T4979] kvm [4978]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3134.405571][ T4979] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3134.491773][ T4979] kvm [4978]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3134.491773][ T4979] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3134.536468][ T4979] kvm [4978]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3134.536468][ T4979] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3134.577418][ T4979] kvm [4978]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3134.577418][ T4979] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3134.622189][ T4979] kvm [4978]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3134.622189][ T4979] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3134.679958][ T4979] kvm [4978]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3134.679958][ T4979] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3134.726168][ T4979] kvm [4978]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3134.726168][ T4979] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3134.767908][ T4979] kvm [4978]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3134.767908][ T4979] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3139.315742][ T4979] print_sys_reg_msg: 438 callbacks suppressed [ 3139.387330][ T4979] kvm [4978]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3139.387330][ T4979] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3139.486538][ T4979] kvm [4978]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3139.486538][ T4979] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3139.536987][ T4979] kvm [4978]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3139.536987][ T4979] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3139.638848][ T4979] kvm [4978]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3139.638848][ T4979] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3139.685851][ T4979] kvm [4978]: Unsupported guest CP15 access at: 00000100 [000001db] [ 3139.685851][ T4979] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 3672.904672][ T25] audit: type=1400 audit(3671.980:105): avc: denied { execute } for pid=5277 comm="syz.1.524" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 3857.102287][ T5388] kvm [5388]: Failed to find VMA for hva 0x20d8d000 [ 3917.131075][ T5428] kvm [5428]: Failed to find VMA for hva 0x20c00000 [ 3920.437423][ T5431] kvm [5431]: Failed to find VMA for hva 0x20c01000 [ 3984.050944][ T5470] kvm [5470]: Failed to find VMA for hva 0x20c01000 [ 3984.349422][ T5474] kvm [5474]: Failed to find VMA for hva 0x208a1000 [ 4214.385810][ T5621] kvm [5621]: Failed to find VMA for hva 0x208a1000 [ 4413.465245][ T5746] kvm [5746]: Failed to find VMA for hva 0x20c01000 [ 4499.959866][ T5804] kvm [5804]: Failed to find VMA for hva 0x20c01000 [ 4528.841817][ T5825] KVM: debugfs: duplicate directory 5825-5 [ 5223.678666][ T6274] kvm [6274]: Failed to find VMA for hva 0x20c01000 [ 5611.980819][ T6518] KVM: debugfs: duplicate directory 6518-9 [ 5644.606531][ T6536] kvm [6535]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 5644.606531][ T6536] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5644.626962][ T6536] kvm [6535]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5644.626962][ T6536] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5644.695565][ T6536] kvm [6535]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5644.695565][ T6536] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5644.764836][ T6536] kvm [6535]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5644.764836][ T6536] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5644.779171][ T6536] kvm [6535]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5644.779171][ T6536] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5644.819711][ T6536] kvm [6535]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5644.819711][ T6536] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5644.870088][ T6536] kvm [6535]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5644.870088][ T6536] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5644.909948][ T6536] kvm [6535]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5644.909948][ T6536] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5644.946202][ T6536] kvm [6535]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5644.946202][ T6536] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5644.998772][ T6536] kvm [6535]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5644.998772][ T6536] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5784.949675][ T6634] kvm [6634]: Failed to find VMA for hva 0x2101a000 [ 5871.646892][ T6696] kvm [6696]: Failed to find VMA for hva 0x20c01000 [ 5951.139889][ T6754] debugfs: File 'vgic-its-state@8080000' in directory '6754-4' already present! [ 6149.831362][ T6887] kvm [6887]: Failed to find VMA for hva 0x21016000 [ 6170.888710][ T25] audit: type=1400 audit(6169.920:106): avc: denied { getattr } for pid=6899 comm="syz.0.996" path="net:[4026532638]" dev="nsfs" ino=4026532638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 6312.420627][ T6993] kvm [6993]: Failed to find VMA for hva 0x20c01000 [ 6433.108539][ T7087] kvm [7087]: Failed to find VMA for hva 0x21016000 [ 6474.955170][ T7110] kvm [7110]: Failed to find VMA for hva 0x20d8d000 [ 6474.977501][ T7111] kvm [7111]: Failed to find VMA for hva 0x20d8d000 [ 6511.770906][ T7136] kvm [7136]: Failed to find VMA for hva 0x20d8d000 [ 6511.776428][ T7133] kvm [7133]: Failed to find VMA for hva 0x20d8d000 [ 6563.728133][ T7172] kvm [7172]: Failed to find VMA for hva 0x20c01000 [ 6642.500841][ T7227] kvm [7227]: Failed to find VMA for hva 0x20c01000 [ 6790.674766][ T7315] KVM: debugfs: duplicate directory 7315-5 [ 6842.827136][ T7341] kvm [7341]: Failed to find VMA for hva 0x20d8d000 [ 7087.170804][ T7504] kvm [7504]: Failed to find VMA for hva 0x20c01000 [ 7099.787527][ T7512] ------------[ cut here ]------------ [ 7099.788418][ T7512] WARNING: CPU: 0 PID: 7512 at arch/arm64/kvm/inject_fault.c:63 pend_sync_exception+0x198/0x5ac [ 7099.794648][ T7512] Modules linked in: [ 7099.797524][ T7512] CPU: 0 UID: 0 PID: 7512 Comm: syz.1.1173 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 7099.799669][ T7512] Hardware name: linux,dummy-virt (DT) [ 7099.801134][ T7512] pstate: 81402009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 7099.802691][ T7512] pc : pend_sync_exception+0x198/0x5ac [ 7099.803849][ T7512] lr : pend_sync_exception+0x198/0x5ac [ 7099.805025][ T7512] sp : ffff80008ee878c0 [ 7099.806025][ T7512] x29: ffff80008ee878c0 x28: 0000000000000083 x27: 83f0000017d602a8 [ 7099.808271][ T7512] x26: 0000000000000083 x25: 0000000000000000 x24: 0000000000000000 [ 7099.810191][ T7512] x23: 0000000000000000 x22: 0000000000000083 x21: 83f0000017d60e81 [ 7099.812049][ T7512] x20: 0000000000000007 x19: efff800000000000 x18: 0000000000000000 [ 7099.813862][ T7512] x17: 00000000000000c3 x16: ffff800080011d9c x15: 0000000020000840 [ 7099.815807][ T7512] x14: ffffffffffffffff x13: 0000000000000028 x12: 0000000000000057 [ 7099.817687][ T7512] x11: 0000000000080000 x10: 00000000000009d6 x9 : fcff80008f4ba000 [ 7099.819724][ T7512] x8 : 00000000000009d7 x7 : ffff800080b08704 x6 : ffff80008ee87a88 [ 7099.821661][ T7512] x5 : ffff80008ee87a88 x4 : 0000000000000001 x3 : ffff8000801a2e80 [ 7099.823645][ T7512] x2 : 0000000000000000 x1 : 0000000000000002 x0 : 0000000000000000 [ 7099.825820][ T7512] Call trace: [ 7099.827047][ T7512] pend_sync_exception+0x198/0x5ac (P) [ 7099.828598][ T7512] __kvm_inject_sea+0x268/0x96c [ 7099.829962][ T7512] kvm_inject_sea+0x98/0x72c [ 7099.831222][ T7512] __kvm_arm_vcpu_set_events+0x134/0x238 [ 7099.832474][ T7512] kvm_arch_vcpu_ioctl+0xed8/0x16b0 [ 7099.833639][ T7512] kvm_vcpu_ioctl+0x5c4/0xc2c [ 7099.834763][ T7512] __arm64_sys_ioctl+0x18c/0x244 [ 7099.835908][ T7512] invoke_syscall+0x90/0x2b4 [ 7099.837124][ T7512] el0_svc_common+0x180/0x2f4 [ 7099.838365][ T7512] do_el0_svc+0x58/0x74 [ 7099.839537][ T7512] el0_svc+0x58/0x160 [ 7099.840600][ T7512] el0t_64_sync_handler+0x78/0x108 [ 7099.841767][ T7512] el0t_64_sync+0x198/0x19c [ 7099.843116][ T7512] irq event stamp: 2258 [ 7099.844065][ T7512] hardirqs last enabled at (2257): [] _raw_read_unlock_irqrestore+0x44/0xbc [ 7099.845808][ T7512] hardirqs last disabled at (2258): [] el1_dbg+0x24/0x80 [ 7099.847381][ T7512] softirqs last enabled at (2240): [] local_bh_enable+0x10/0x34 [ 7099.848932][ T7512] softirqs last disabled at (2238): [] local_bh_disable+0x10/0x34 [ 7099.850680][ T7512] ---[ end trace 0000000000000000 ]--- SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 7117.038300][ T3943] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7117.894984][ T3943] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7118.676871][ T3943] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7119.147491][ T3943] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7127.639036][ T3943] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 7127.801063][ T3943] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 7127.915813][ T3943] bond0 (unregistering): Released all slaves [ 7128.739092][ T3943] hsr_slave_0: left promiscuous mode [ 7128.790439][ T3943] hsr_slave_1: left promiscuous mode [ 7128.940696][ T3943] veth1_macvtap: left promiscuous mode [ 7128.951306][ T3943] veth0_macvtap: left promiscuous mode [ 7128.974689][ T3943] veth1_vlan: left promiscuous mode [ 7128.979559][ T3943] veth0_vlan: left promiscuous mode VM DIAGNOSIS: 14:36:24 Registers: info registers vcpu 0 CPU#0 PC=ffff8000804516b8 X00=0000000000000000 X01=ffff8000872b1fa2 X02=ffff8000804580e0 X03=0000000000000000 X04=ffff80008ee87000 X05=0000000000000020 X06=0000000000000000 X07=ffff80008652e834 X08=00000000000003c0 X09=0000000000000000 X10=0000000000000057 X11=0000000000080000 X12=0000000000000044 X13=0000000000000002 X14=00000000000000c8 X15=ffff800087f39a30 X16=ffff800080011d9c X17=00000000000000c3 X18=0000000000000000 X19=0000000000000000 X20=0000000000000000 X21=ffff80008652e834 X22=ffff8000877e66a8 X23=0000000000000000 X24=0000000000000001 X25=0000000000000000 X26=ffff800087666580 X27=00000000000003c0 X28=0000000000000000 X29=ffff80008ee871c0 X30=ffff800080451698 SP=ffff80008ee87170 PSTATE=604023c9 -ZC- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000 P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000 FFR=0000 Z00=0000000000000000:0000000000000000 Z01=0000fffffebee2d0:ec69bd5e74dd1500 Z02=0000fffffebee2b0:ffffff80ffffffd8 Z03=0000fffffebee360:0000fffffebee360 Z04=0000fffffebee360:0000ffffb3136d08 Z05=0000fffffebee330:0000fffffebee360 Z06=6edc4d3a2914b135:d8e9c869e2695c88 Z07=b20fae707afde253:388e9c6c4fa85ca0 Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000 Z16=0000fffffebee580:0000fffffebee580 Z17=ffffff80ffffffd0:0000fffffebee550 Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000