last executing test programs: 51.236820306s ago: executing program 0 (id=1180): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x488340, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0x5450, 0x0) 47.904195828s ago: executing program 1 (id=1181): openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x381800, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x400842, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0x40049409, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000000080)={0x4b48c01c}) 46.621484462s ago: executing program 0 (id=1182): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x404900, 0x0) ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x83) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xe3) openat$kvm(0x0, 0x0, 0x0, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x4018aee1, &(0x7f0000000200)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0x8, 0xbc, 0x2}}) ioctl$KVM_SET_DEVICE_ATTR_vm(r3, 0x4018aee1, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x8, 0x401, 0x2}}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x200000, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) syz_kvm_vgic_v3_setup(r6, 0x0, 0x20) r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60) ioctl$KVM_SET_GSI_ROUTING(r6, 0x4008ae6a, 0xfffffffffffffffe) openat$kvm(0x0, &(0x7f0000000100), 0x183a42, 0x0) close(0x5) 43.226777511s ago: executing program 1 (id=1183): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) r4 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x2, 0x3c0) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000006c0)={0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="32000000000005"], 0x55c}, &(0x7f0000000700)=[@featur2={0x1, 0x1}], 0x1) ioctl$KVM_RUN(r4, 0xae80, 0x0) syz_kvm_add_vcpu$arm64(r3, 0x0, 0x0, 0x0) 37.571334992s ago: executing program 0 (id=1184): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x2c00, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000700)={0x7, 0xffffffffffffffff}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x0, 0x0}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x5, 0x0, &(0x7f0000000240)=0x104}) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f831, 0xffffffffffffffff, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x1000000) 33.254577472s ago: executing program 1 (id=1185): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_vgic_v3_setup(r3, 0x3, 0xa0) ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, 0xfffffffffffffffe) r5 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1400000000000000200000000000000015801300000030600080000000000000140000000000000020000000000000001d8013000000306000800000000000001400000000000000200000000000000025801300000030600080000000000000140000000000000020000000000000002d8013000000306000800000000000001400000000000000200000000000000006801200000030600080000000000000140000000000000020000000000000000e8013000000306000800000000000001400000000000000200000000000000016801300000030600080000000000000140000000000000020000000000000001e8013000000306000800000000000001400000000000000200000000000000007801300000030600080000000000000140000000000000020000000000000000f801300000030600080000000000000"], 0x140}, 0x0, 0x0) (async, rerun: 64) r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (rerun: 64) r8 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r7, 0x3, 0x11, r6, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) (async) syz_kvm_assert_syzos_uexit$arm64(r8, 0xffffffffffffffff) (async) syz_kvm_assert_reg(r6, 0x6030000000138015, 0x8000) (async) syz_kvm_assert_reg(r6, 0x603000000013801d, 0x8000) (async) syz_kvm_assert_reg(r6, 0x6030000000138025, 0x8000) (async) syz_kvm_assert_reg(r6, 0x603000000013802d, 0x8000) syz_kvm_assert_reg(r6, 0x6030000000138006, 0x8000) syz_kvm_assert_reg(r6, 0x603000000013800e, 0x8000) (async, rerun: 64) syz_kvm_assert_reg(r6, 0x6030000000138016, 0x8000) (async, rerun: 64) syz_kvm_assert_reg(r6, 0x603000000013801e, 0x8000) (async) syz_kvm_assert_reg(r6, 0x6030000000138007, 0x8000) syz_kvm_assert_reg(r6, 0x603000000013800f, 0x8000) 28.676231504s ago: executing program 0 (id=1186): r0 = openat$kvm(0x0, &(0x7f0000000240), 0x121e82, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) r4 = mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000340)={0x5}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000080)=0x8000000000000000}) openat$kvm(0x0, &(0x7f0000000240), 0x121e82, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) (async) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async) ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000340)={0x5}) (async) ioctl$KVM_RUN(r5, 0xae80, 0x0) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000001c0)={0x8}) (async) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000080)=0x8000000000000000}) (async) 23.427746656s ago: executing program 1 (id=1187): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1) ioctl$KVM_ARM_VCPU_INIT(r6, 0x4020aeae, &(0x7f0000000080)={0x5, 0x12}) ioctl$KVM_SET_ONE_REG(r6, 0x4010aeac, &(0x7f0000000000)=@arm64_sys={0x603000000013c024, &(0x7f00000000c0)}) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) ioctl$KVM_SET_GSI_ROUTING(r3, 0x4020ae46, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000100000000000001000000000010000002"]) ioctl$KVM_CLEAR_DIRTY_LOG(r3, 0xc018aec0, &(0x7f0000000100)={0x1, 0x1ffc01, 0x400, 0x0}) ioctl$KVM_IOEVENTFD(r1, 0x4020940d, &(0x7f0000000080)={0xec70, 0x0, 0x1, 0xffffffffffffffff, 0x5}) 16.961004075s ago: executing program 0 (id=1188): munmap(&(0x7f0000647000/0x1000)=nil, 0x1000) r0 = mmap$KVM_VCPU(&(0x7f00006b5000/0x2000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) munmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0x80111500, 0x20000000) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x62221, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc9}) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0xb701, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2a60, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r9, 0xb701, 0x0) ioctl$KVM_CREATE_VM(r3, 0x5761, 0x10000000000000) ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x501080, 0x0) ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x1) 10.269973002s ago: executing program 1 (id=1189): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xffffffffffffffed) ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000647000/0x1000)=nil, 0x1000) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r6, 0xc008ae67, &(0x7f0000000040)={0x0, 0x9}) syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) 1.312990802s ago: executing program 1 (id=1190): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000bfd000/0x400000)=nil) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000100)={0x7}) r9 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='n\x00\x00\x00\x00\x00\x00\x000\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\x00\x00\x00\x00i'], 0x30}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r5, 0xfffffbffffffffff, 0x240) ioctl$KVM_RUN(r9, 0xae80, 0x0) r10 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) ioctl$KVM_CAP_ARM_MTE(r10, 0x4068aea3, &(0x7f0000000240)) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000200)={0x7, 0xffffffffffffffff}) ioctl$KVM_HAS_DEVICE_ATTR(r11, 0x4018aee3, &(0x7f00000000c0)=@attr_arm64={0x0, 0x6, 0x1, 0x0}) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4020ae46, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000100000000000000080009"]) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) write$eventfd(r12, &(0x7f00000001c0), 0xe80) 0s ago: executing program 0 (id=1191): munmap(&(0x7f0000647000/0x1000)=nil, 0x1000) (async) munmap(&(0x7f0000647000/0x1000)=nil, 0x1000) munmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000) munmap(&(0x7f000075a000/0xb000)=nil, 0xb000) munmap(&(0x7f0000c8f000/0x4000)=nil, 0x4000) (async) munmap(&(0x7f0000c8f000/0x4000)=nil, 0x4000) munmap(&(0x7f0000d83000/0x4000)=nil, 0x4000) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) (async) munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) (async) munmap(&(0x7f00004ff000/0x1000)=nil, 0x1000) munmap(&(0x7f0000d47000/0x2000)=nil, 0x2000) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x1c1040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40c02, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0xc3) r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r8, 0x8040ae9f, 0xffffffffffffffff) (async) ioctl$KVM_GET_VCPU_EVENTS(r8, 0x8040ae9f, 0xffffffffffffffff) ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4040aea0, &(0x7f0000000000)=@arm64={0x7, 0x5, 0x0, '\x00', 0x1}) (async) ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4040aea0, &(0x7f0000000000)=@arm64={0x7, 0x5, 0x0, '\x00', 0x1}) munmap(&(0x7f00000be000/0x1000)=nil, 0xffffffffdff41fff) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1) ioctl$KVM_ARM_VCPU_INIT(r11, 0x4020aeae, &(0x7f0000000080)={0x5}) ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000140)=@arm64_sys={0x603000000013c2b0, &(0x7f0000000000)=0x8000000000000000}) (async) ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f0000000140)=@arm64_sys={0x603000000013c2b0, &(0x7f0000000000)=0x8000000000000000}) syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) kernel console output (not intermixed with test programs): [ 382.716153][ T3132] 8021q: adding VLAN 0 to HW filter on device bond0 [ 433.969247][ T3132] eql: remember to turn off Van-Jacobson compression on your slave devices Warning: Permanently added '[localhost]:48202' (ED25519) to the list of known hosts. [ 592.872222][ T25] audit: type=1400 audit(591.980:60): avc: denied { name_bind } for pid=3281 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 594.827057][ T25] audit: type=1400 audit(593.960:61): avc: denied { execute } for pid=3282 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 594.869885][ T25] audit: type=1400 audit(594.000:62): avc: denied { execute_no_trans } for pid=3282 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 620.170206][ T25] audit: type=1400 audit(619.300:63): avc: denied { mounton } for pid=3282 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 620.208058][ T25] audit: type=1400 audit(619.340:64): avc: denied { mount } for pid=3282 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 620.293656][ T3282] cgroup: Unknown subsys name 'net' [ 620.344298][ T25] audit: type=1400 audit(619.480:65): avc: denied { unmount } for pid=3282 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 620.717237][ T3282] cgroup: Unknown subsys name 'cpuset' [ 620.823789][ T3282] cgroup: Unknown subsys name 'rlimit' [ 621.793788][ T25] audit: type=1400 audit(620.920:66): avc: denied { setattr } for pid=3282 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 621.819562][ T25] audit: type=1400 audit(620.950:67): avc: denied { mounton } for pid=3282 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 621.838256][ T25] audit: type=1400 audit(620.970:68): avc: denied { mount } for pid=3282 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 623.025126][ T3290] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 623.047449][ T25] audit: type=1400 audit(622.170:69): avc: denied { relabelto } for pid=3290 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 623.082788][ T25] audit: type=1400 audit(622.200:70): avc: denied { write } for pid=3290 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 623.243791][ T25] audit: type=1400 audit(622.370:71): avc: denied { read } for pid=3282 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 623.274100][ T25] audit: type=1400 audit(622.400:72): avc: denied { open } for pid=3282 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 623.308259][ T3282] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 671.347868][ T25] audit: type=1400 audit(670.480:73): avc: denied { execmem } for pid=3291 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 674.927653][ T25] audit: type=1400 audit(674.060:74): avc: denied { read } for pid=3293 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 674.973887][ T25] audit: type=1400 audit(674.080:75): avc: denied { open } for pid=3293 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 675.038516][ T25] audit: type=1400 audit(674.170:76): avc: denied { mounton } for pid=3294 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 675.275238][ T25] audit: type=1400 audit(674.400:77): avc: denied { module_request } for pid=3293 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 675.298514][ T25] audit: type=1400 audit(674.430:78): avc: denied { module_request } for pid=3294 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 676.443554][ T25] audit: type=1400 audit(675.570:79): avc: denied { sys_module } for pid=3294 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 702.088977][ T3293] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 702.282393][ T3293] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 704.415916][ T3294] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 704.617346][ T3294] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 717.945566][ T3293] hsr_slave_0: entered promiscuous mode [ 718.005478][ T3293] hsr_slave_1: entered promiscuous mode [ 719.638261][ T3294] hsr_slave_0: entered promiscuous mode [ 719.660803][ T3294] hsr_slave_1: entered promiscuous mode [ 719.683574][ T3294] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 719.688078][ T3294] Cannot create hsr debugfs directory [ 724.789603][ T25] audit: type=1400 audit(723.920:80): avc: denied { create } for pid=3293 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 724.846892][ T25] audit: type=1400 audit(723.980:81): avc: denied { write } for pid=3293 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 724.924093][ T25] audit: type=1400 audit(724.000:82): avc: denied { read } for pid=3293 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 725.053912][ T3293] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 725.236377][ T3293] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 725.365046][ T3293] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 725.732683][ T3293] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 727.089310][ T3294] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 727.315473][ T3294] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 727.577649][ T3294] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 727.738770][ T3294] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 739.878595][ T3293] 8021q: adding VLAN 0 to HW filter on device bond0 [ 742.476005][ T3294] 8021q: adding VLAN 0 to HW filter on device bond0 [ 798.018224][ T3293] veth0_vlan: entered promiscuous mode [ 798.614846][ T3293] veth1_vlan: entered promiscuous mode [ 800.449758][ T3293] veth0_macvtap: entered promiscuous mode [ 800.939394][ T3293] veth1_macvtap: entered promiscuous mode [ 801.166684][ T3294] veth0_vlan: entered promiscuous mode [ 801.863984][ T3294] veth1_vlan: entered promiscuous mode [ 803.025735][ T3293] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 803.032523][ T3293] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 803.046638][ T3293] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 803.056463][ T3293] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 805.155603][ T3294] veth0_macvtap: entered promiscuous mode [ 805.775687][ T3294] veth1_macvtap: entered promiscuous mode [ 805.800089][ T25] audit: type=1400 audit(804.930:83): avc: denied { mount } for pid=3293 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 805.979926][ T25] audit: type=1400 audit(805.110:84): avc: denied { mounton } for pid=3293 comm="syz-executor" path="/syzkaller.fJWhvo/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 806.113860][ T25] audit: type=1400 audit(805.240:85): avc: denied { mount } for pid=3293 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 806.369738][ T25] audit: type=1400 audit(805.460:86): avc: denied { mounton } for pid=3293 comm="syz-executor" path="/syzkaller.fJWhvo/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 806.430196][ T25] audit: type=1400 audit(805.560:87): avc: denied { mounton } for pid=3293 comm="syz-executor" path="/syzkaller.fJWhvo/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3231 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 807.132317][ T25] audit: type=1400 audit(806.250:88): avc: denied { unmount } for pid=3293 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 807.399654][ T25] audit: type=1400 audit(806.530:89): avc: denied { mounton } for pid=3293 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 807.518597][ T25] audit: type=1400 audit(806.650:90): avc: denied { mount } for pid=3293 comm="syz-executor" name="/" dev="gadgetfs" ino=3241 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 807.552585][ T3294] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 807.556775][ T3294] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 807.567597][ T3294] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 807.597634][ T3294] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 807.808530][ T25] audit: type=1400 audit(806.940:91): avc: denied { mount } for pid=3293 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 807.915231][ T25] audit: type=1400 audit(806.990:92): avc: denied { mounton } for pid=3293 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 809.802935][ T3293] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 810.923225][ T25] kauditd_printk_skb: 1 callbacks suppressed [ 810.932227][ T25] audit: type=1400 audit(810.000:94): avc: denied { read write } for pid=3293 comm="syz-executor" name="loop0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 811.036541][ T25] audit: type=1400 audit(810.050:95): avc: denied { open } for pid=3293 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 811.064332][ T25] audit: type=1400 audit(810.150:96): avc: denied { ioctl } for pid=3293 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=637 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 814.006854][ T25] audit: type=1400 audit(813.090:97): avc: denied { read } for pid=3444 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 814.067274][ T25] audit: type=1400 audit(813.190:98): avc: denied { open } for pid=3444 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 814.768175][ T25] audit: type=1400 audit(813.900:99): avc: denied { ioctl } for pid=3444 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 816.406070][ T25] audit: type=1400 audit(815.540:100): avc: denied { write } for pid=3446 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 819.200684][ T25] audit: type=1400 audit(818.330:101): avc: denied { append } for pid=3444 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 860.307990][ T3469] debugfs: File 'vgic-its-state@0' in directory '3469-4' already present! [ 915.297976][ T25] audit: type=1400 audit(914.340:102): avc: denied { execute } for pid=3499 comm="syz.0.16" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4582 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 986.296816][ T3541] kvm [3541]: Failed to find VMA for hva 0x21016000 [ 1000.925481][ T25] audit: type=1400 audit(1000.020:103): avc: denied { ioctl } for pid=3551 comm="syz.1.31" path="net:[4026531840]" dev="nsfs" ino=4026531840 ioctlcmd=0xb707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 1105.637292][ T3616] kvm [3616]: Failed to find VMA for hva 0x21016000 [ 1156.393446][ T3646] debugfs: File 'vgic-its-state@0' in directory '3646-5' already present! [ 1200.195088][ T3662] kvm [3662]: Failed to find VMA for hva 0x21016000 [ 1233.383862][ T3685] kvm [3684]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 1233.383862][ T3685] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 1233.447680][ T3685] kvm [3684]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1233.447680][ T3685] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 1233.469897][ T3685] kvm [3684]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1233.469897][ T3685] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 1233.515027][ T3685] kvm [3684]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1233.515027][ T3685] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 1233.527026][ T3685] kvm [3684]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1233.527026][ T3685] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 1233.574356][ T3685] kvm [3684]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1233.574356][ T3685] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 1233.624376][ T3685] kvm [3684]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1233.624376][ T3685] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 1233.639004][ T3685] kvm [3684]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1233.639004][ T3685] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 1233.686479][ T3685] kvm [3684]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1233.686479][ T3685] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 1233.730535][ T3685] kvm [3684]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1233.730535][ T3685] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 1235.996980][ T3683] kvm [3683]: Failed to find VMA for hva 0x20c01000 [ 1410.946386][ T25] audit: type=1400 audit(1410.040:104): avc: denied { setattr } for pid=3784 comm="syz.1.102" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1458.325163][ T25] audit: type=1400 audit(1457.450:105): avc: denied { map } for pid=3813 comm="syz.0.111" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1515.267295][ T3852] kvm [3852]: Failed to find VMA for hva 0x21016000 [ 1810.437948][ T4029] kvm [4029]: Failed to find VMA for hva 0x20d8d000 [ 1872.669743][ T4067] kvm [4067]: Failed to find VMA for hva 0x21016000 [ 1987.786723][ T4138] kvm [4138]: Failed to find VMA for hva 0x21016000 [ 2031.586399][ T4164] kvm [4164]: Failed to find VMA for hva 0x21016000 [ 2340.772316][ T4384] FAULT_INJECTION: forcing a failure. [ 2340.772316][ T4384] name failslab, interval 1, probability 0, space 0, times 1 [ 2340.796148][ T4384] CPU: 0 UID: 0 PID: 4384 Comm: syz.1.279 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 2340.796783][ T4384] Hardware name: linux,dummy-virt (DT) [ 2340.797292][ T4384] Call trace: [ 2340.797719][ T4384] show_stack+0x2c/0x3c (C) [ 2340.799609][ T4384] __dump_stack+0x30/0x40 [ 2340.799885][ T4384] dump_stack_lvl+0xd8/0x12c [ 2340.800128][ T4384] dump_stack+0x1c/0x28 [ 2340.800334][ T4384] should_fail_ex+0x570/0x6e0 [ 2340.800568][ T4384] should_failslab+0xb8/0xec [ 2340.800780][ T4384] kmem_cache_alloc_noprof+0x80/0x3f0 [ 2340.801140][ T4384] __anon_vma_prepare+0xbc/0x580 [ 2340.801375][ T4384] expand_downwards+0x9e0/0xbac [ 2340.801657][ T4384] expand_stack_locked+0x28/0x38 [ 2340.801915][ T4384] lock_mm_and_find_vma+0x1ec/0x360 [ 2340.802206][ T4384] do_page_fault+0x510/0x15c8 [ 2340.802480][ T4384] do_translation_fault+0xbc/0xfc [ 2340.802745][ T4384] do_mem_abort+0x50/0x110 [ 2340.802997][ T4384] el0_da+0x64/0x144 [ 2340.803255][ T4384] el0t_64_sync_handler+0x84/0x108 [ 2340.803492][ T4384] el0t_64_sync+0x198/0x19c [ 2361.682903][ T4395] kvm [4395]: Failed to find VMA for hva 0x208a1000 [ 2399.055245][ T4414] FAULT_INJECTION: forcing a failure. [ 2399.055245][ T4414] name failslab, interval 1, probability 0, space 0, times 0 [ 2399.082886][ T4414] CPU: 0 UID: 0 PID: 4414 Comm: syz.1.290 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 2399.083280][ T4414] Hardware name: linux,dummy-virt (DT) [ 2399.083397][ T4414] Call trace: [ 2399.083480][ T4414] show_stack+0x2c/0x3c (C) [ 2399.083828][ T4414] __dump_stack+0x30/0x40 [ 2399.084023][ T4414] dump_stack_lvl+0xd8/0x12c [ 2399.084241][ T4414] dump_stack+0x1c/0x28 [ 2399.084429][ T4414] should_fail_ex+0x570/0x6e0 [ 2399.084659][ T4414] should_failslab+0xb8/0xec [ 2399.084895][ T4414] __kmalloc_noprof+0xdc/0x4b8 [ 2399.085222][ T4414] kvm_io_bus_register_dev+0x1b0/0x6ec [ 2399.085472][ T4414] vgic_register_dist_iodev+0xf8/0x12c [ 2399.085700][ T4414] kvm_vgic_map_resources+0x1f4/0x314 [ 2399.085983][ T4414] kvm_arch_vcpu_run_pid_change+0x180/0x484 [ 2399.086250][ T4414] kvm_vcpu_ioctl+0xaf0/0xc2c [ 2399.086508][ T4414] __arm64_sys_ioctl+0x18c/0x244 [ 2399.086734][ T4414] invoke_syscall+0x90/0x2b4 [ 2399.087009][ T4414] el0_svc_common+0x180/0x2f4 [ 2399.087308][ T4414] do_el0_svc+0x58/0x74 [ 2399.087580][ T4414] el0_svc+0x58/0x160 [ 2399.087811][ T4414] el0t_64_sync_handler+0x78/0x108 [ 2399.088057][ T4414] el0t_64_sync+0x198/0x19c [ 2399.247103][ T4414] kvm [4414]: Unable to register VGIC dist MMIO regions [ 2420.909605][ T4427] FAULT_INJECTION: forcing a failure. [ 2420.909605][ T4427] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 2420.937639][ T4427] CPU: 0 UID: 0 PID: 4427 Comm: syz.0.293 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 2420.937990][ T4427] Hardware name: linux,dummy-virt (DT) [ 2420.938131][ T4427] Call trace: [ 2420.938223][ T4427] show_stack+0x2c/0x3c (C) [ 2420.938577][ T4427] __dump_stack+0x30/0x40 [ 2420.938782][ T4427] dump_stack_lvl+0xd8/0x12c [ 2420.938976][ T4427] dump_stack+0x1c/0x28 [ 2420.939201][ T4427] should_fail_ex+0x570/0x6e0 [ 2420.939445][ T4427] should_fail_alloc_page+0xd4/0xd8 [ 2420.939665][ T4427] prepare_alloc_pages+0x20c/0x5e0 [ 2420.939877][ T4427] __alloc_frozen_pages_noprof+0xd8/0x2d0 [ 2420.940106][ T4427] alloc_pages_mpol+0x204/0x4c8 [ 2420.940397][ T4427] folio_alloc_mpol_noprof+0x4c/0x2b4 [ 2420.940680][ T4427] vma_alloc_folio_noprof+0x348/0x494 [ 2420.941007][ T4427] vma_alloc_zeroed_movable_folio+0x80/0xa0 [ 2420.941326][ T4427] folio_prealloc+0x3c/0x1c4 [ 2420.941530][ T4427] handle_mm_fault+0x3fe4/0x579c [ 2420.941813][ T4427] do_page_fault+0x424/0x15c8 [ 2420.942089][ T4427] do_translation_fault+0xbc/0xfc [ 2420.942364][ T4427] do_mem_abort+0x50/0x110 [ 2420.942616][ T4427] el0_da+0x64/0x144 [ 2420.942845][ T4427] el0t_64_sync_handler+0x84/0x108 [ 2420.943091][ T4427] el0t_64_sync+0x198/0x19c [ 2421.082955][ T4427] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 2456.547207][ T4451] FAULT_INJECTION: forcing a failure. [ 2456.547207][ T4451] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2456.963596][ T4451] CPU: 0 UID: 0 PID: 4451 Comm: syz.1.299 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 2456.963973][ T4451] Hardware name: linux,dummy-virt (DT) [ 2456.964115][ T4451] Call trace: [ 2456.964208][ T4451] show_stack+0x2c/0x3c (C) [ 2456.964562][ T4451] __dump_stack+0x30/0x40 [ 2456.964758][ T4451] dump_stack_lvl+0xd8/0x12c [ 2456.964991][ T4451] dump_stack+0x1c/0x28 [ 2456.965233][ T4451] should_fail_ex+0x570/0x6e0 [ 2456.965474][ T4451] should_fail_alloc_page+0xd4/0xd8 [ 2456.965691][ T4451] prepare_alloc_pages+0x20c/0x5e0 [ 2456.965902][ T4451] __alloc_frozen_pages_noprof+0xd8/0x2d0 [ 2456.966142][ T4451] alloc_pages_mpol+0x204/0x4c8 [ 2456.966432][ T4451] folio_alloc_mpol_noprof+0x4c/0x2b4 [ 2456.966720][ T4451] vma_alloc_folio_noprof+0x348/0x494 [ 2456.967003][ T4451] vma_alloc_zeroed_movable_folio+0x80/0xa0 [ 2456.967313][ T4451] folio_prealloc+0x3c/0x1c4 [ 2456.967519][ T4451] handle_mm_fault+0x3fe4/0x579c [ 2456.967805][ T4451] do_page_fault+0x424/0x15c8 [ 2456.968082][ T4451] do_translation_fault+0xbc/0xfc [ 2456.968373][ T4451] do_mem_abort+0x50/0x110 [ 2456.968637][ T4451] el0_da+0x64/0x144 [ 2456.968888][ T4451] el0t_64_sync_handler+0x84/0x108 [ 2456.969185][ T4451] el0t_64_sync+0x198/0x19c [ 2457.103948][ T4451] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 2478.127212][ T4465] kvm [4465]: Failed to find VMA for hva 0x21016000 [ 2533.438481][ T4494] kvm [4494]: Failed to find VMA for hva 0x20c01000 [ 2736.219912][ T4606] print_sys_reg_msg: 452 callbacks suppressed [ 2736.283630][ T4606] kvm [4605]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 2736.283630][ T4606] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2736.314794][ T4606] kvm [4605]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2736.314794][ T4606] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2736.374829][ T4606] kvm [4605]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2736.374829][ T4606] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2736.418105][ T4606] kvm [4605]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2736.418105][ T4606] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2736.468743][ T4606] kvm [4605]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2736.468743][ T4606] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2736.529406][ T4606] kvm [4605]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2736.529406][ T4606] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2736.594823][ T4606] kvm [4605]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2736.594823][ T4606] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2736.628947][ T4606] kvm [4605]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2736.628947][ T4606] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2736.695569][ T4606] kvm [4605]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2736.695569][ T4606] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2736.743393][ T4606] kvm [4605]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2736.743393][ T4606] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2821.839648][ T4654] kvm [4654]: Failed to find VMA for hva 0x21016000 [ 2903.709392][ T4707] FAULT_INJECTION: forcing a failure. [ 2903.709392][ T4707] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2903.728124][ T4707] CPU: 0 UID: 0 PID: 4707 Comm: syz.0.377 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 2903.728477][ T4707] Hardware name: linux,dummy-virt (DT) [ 2903.728587][ T4707] Call trace: [ 2903.728670][ T4707] show_stack+0x2c/0x3c (C) [ 2903.729094][ T4707] __dump_stack+0x30/0x40 [ 2903.729336][ T4707] dump_stack_lvl+0xd8/0x12c [ 2903.729538][ T4707] dump_stack+0x1c/0x28 [ 2903.729728][ T4707] should_fail_ex+0x570/0x6e0 [ 2903.729967][ T4707] should_fail_alloc_page+0xd4/0xd8 [ 2903.730203][ T4707] prepare_alloc_pages+0x20c/0x5e0 [ 2903.730450][ T4707] __alloc_frozen_pages_noprof+0xd8/0x2d0 [ 2903.730671][ T4707] alloc_pages_mpol+0x204/0x4c8 [ 2903.730965][ T4707] folio_alloc_mpol_noprof+0x4c/0x2b4 [ 2903.731284][ T4707] vma_alloc_folio_noprof+0x348/0x494 [ 2903.731580][ T4707] vma_alloc_zeroed_movable_folio+0x80/0xa0 [ 2903.731862][ T4707] folio_prealloc+0x3c/0x1c4 [ 2903.732075][ T4707] handle_mm_fault+0x3fe4/0x579c [ 2903.732375][ T4707] do_page_fault+0x424/0x15c8 [ 2903.732638][ T4707] do_translation_fault+0xbc/0xfc [ 2903.732938][ T4707] do_mem_abort+0x50/0x110 [ 2903.733230][ T4707] el0_da+0x64/0x144 [ 2903.733480][ T4707] el0t_64_sync_handler+0x84/0x108 [ 2903.733722][ T4707] el0t_64_sync+0x198/0x19c [ 2903.872670][ T4707] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 3049.418280][ T4805] FAULT_INJECTION: forcing a failure. [ 3049.418280][ T4805] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3049.438968][ T4805] CPU: 0 UID: 0 PID: 4805 Comm: syz.0.408 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 3049.439345][ T4805] Hardware name: linux,dummy-virt (DT) [ 3049.439456][ T4805] Call trace: [ 3049.439539][ T4805] show_stack+0x2c/0x3c (C) [ 3049.439886][ T4805] __dump_stack+0x30/0x40 [ 3049.440108][ T4805] dump_stack_lvl+0xd8/0x12c [ 3049.440307][ T4805] dump_stack+0x1c/0x28 [ 3049.440495][ T4805] should_fail_ex+0x570/0x6e0 [ 3049.440738][ T4805] should_fail_alloc_page+0xd4/0xd8 [ 3049.441031][ T4805] prepare_alloc_pages+0x20c/0x5e0 [ 3049.441283][ T4805] __alloc_frozen_pages_noprof+0xd8/0x2d0 [ 3049.441502][ T4805] alloc_pages_mpol+0x204/0x4c8 [ 3049.441788][ T4805] folio_alloc_mpol_noprof+0x4c/0x2b4 [ 3049.442101][ T4805] vma_alloc_folio_noprof+0x348/0x494 [ 3049.442396][ T4805] vma_alloc_zeroed_movable_folio+0x80/0xa0 [ 3049.442678][ T4805] folio_prealloc+0x3c/0x1c4 [ 3049.442877][ T4805] handle_mm_fault+0x3fe4/0x579c [ 3049.443192][ T4805] do_page_fault+0x424/0x15c8 [ 3049.443462][ T4805] do_translation_fault+0xbc/0xfc [ 3049.443729][ T4805] do_mem_abort+0x50/0x110 [ 3049.443983][ T4805] el0_da+0x64/0x144 [ 3049.444252][ T4805] el0t_64_sync_handler+0x84/0x108 [ 3049.444495][ T4805] el0t_64_sync+0x198/0x19c [ 3049.714252][ T4805] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 3065.288474][ T4816] kvm [4816]: Failed to find VMA for hva 0x21016000 [ 3089.634960][ T4832] kvm [4832]: Failed to find VMA for hva 0x21016000 [ 3108.076482][ T4841] FAULT_INJECTION: forcing a failure. [ 3108.076482][ T4841] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3108.102705][ T4841] CPU: 0 UID: 0 PID: 4841 Comm: syz.0.420 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 3108.103059][ T4841] Hardware name: linux,dummy-virt (DT) [ 3108.103188][ T4841] Call trace: [ 3108.103290][ T4841] show_stack+0x2c/0x3c (C) [ 3108.103645][ T4841] __dump_stack+0x30/0x40 [ 3108.103853][ T4841] dump_stack_lvl+0xd8/0x12c [ 3108.104075][ T4841] dump_stack+0x1c/0x28 [ 3108.104293][ T4841] should_fail_ex+0x570/0x6e0 [ 3108.104533][ T4841] should_fail_alloc_page+0xd4/0xd8 [ 3108.104752][ T4841] prepare_alloc_pages+0x20c/0x5e0 [ 3108.105001][ T4841] __alloc_frozen_pages_noprof+0xd8/0x2d0 [ 3108.105264][ T4841] alloc_pages_mpol+0x204/0x4c8 [ 3108.105556][ T4841] folio_alloc_mpol_noprof+0x4c/0x2b4 [ 3108.105840][ T4841] vma_alloc_folio_noprof+0x348/0x494 [ 3108.106136][ T4841] vma_alloc_zeroed_movable_folio+0x80/0xa0 [ 3108.106423][ T4841] folio_prealloc+0x3c/0x1c4 [ 3108.106624][ T4841] handle_mm_fault+0x3fe4/0x579c [ 3108.106911][ T4841] do_page_fault+0x424/0x15c8 [ 3108.107198][ T4841] do_translation_fault+0xbc/0xfc [ 3108.107466][ T4841] do_mem_abort+0x50/0x110 [ 3108.107719][ T4841] el0_da+0x64/0x144 [ 3108.107951][ T4841] el0t_64_sync_handler+0x84/0x108 [ 3108.108207][ T4841] el0t_64_sync+0x198/0x19c [ 3108.347085][ T4841] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 3341.894351][ T4992] kvm [4991]: Unsupported guest access at: eeef0000 [ 3341.894351][ T4992] { Op0( 2), Op1( 7), CRn(15), CRm(13), Op2( 1), func_write }, [ 3521.306675][ T5099] kvm [5099]: Failed to find VMA for hva 0x20c01000 [ 3928.040796][ T5349] FAULT_INJECTION: forcing a failure. [ 3928.040796][ T5349] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3928.112569][ T5349] CPU: 0 UID: 0 PID: 5349 Comm: syz.0.579 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 3928.112937][ T5349] Hardware name: linux,dummy-virt (DT) [ 3928.113076][ T5349] Call trace: [ 3928.113164][ T5349] show_stack+0x2c/0x3c (C) [ 3928.113522][ T5349] __dump_stack+0x30/0x40 [ 3928.113719][ T5349] dump_stack_lvl+0xd8/0x12c [ 3928.113912][ T5349] dump_stack+0x1c/0x28 [ 3928.114119][ T5349] should_fail_ex+0x570/0x6e0 [ 3928.114373][ T5349] should_fail_alloc_page+0xd4/0xd8 [ 3928.114594][ T5349] prepare_alloc_pages+0x20c/0x5e0 [ 3928.114803][ T5349] __alloc_frozen_pages_noprof+0xd8/0x2d0 [ 3928.115014][ T5349] alloc_pages_mpol+0x204/0x4c8 [ 3928.115318][ T5349] folio_alloc_mpol_noprof+0x4c/0x2b4 [ 3928.115604][ T5349] vma_alloc_folio_noprof+0x348/0x494 [ 3928.115887][ T5349] vma_alloc_zeroed_movable_folio+0x80/0xa0 [ 3928.116180][ T5349] folio_prealloc+0x3c/0x1c4 [ 3928.116390][ T5349] handle_mm_fault+0x3fe4/0x579c [ 3928.116675][ T5349] do_page_fault+0x424/0x15c8 [ 3928.116962][ T5349] do_translation_fault+0xbc/0xfc [ 3928.117263][ T5349] do_mem_abort+0x50/0x110 [ 3928.117527][ T5349] el0_da+0x64/0x144 [ 3928.117759][ T5349] el0t_64_sync_handler+0x84/0x108 [ 3928.117999][ T5349] el0t_64_sync+0x198/0x19c [ 3928.284922][ T5349] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 4071.806173][ T5446] FAULT_INJECTION: forcing a failure. [ 4071.806173][ T5446] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 4071.827662][ T5446] CPU: 0 UID: 0 PID: 5446 Comm: syz.1.606 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 4071.827999][ T5446] Hardware name: linux,dummy-virt (DT) [ 4071.828121][ T5446] Call trace: [ 4071.828221][ T5446] show_stack+0x2c/0x3c (C) [ 4071.828568][ T5446] __dump_stack+0x30/0x40 [ 4071.828764][ T5446] dump_stack_lvl+0xd8/0x12c [ 4071.828994][ T5446] dump_stack+0x1c/0x28 [ 4071.829219][ T5446] should_fail_ex+0x570/0x6e0 [ 4071.829465][ T5446] should_fail_alloc_page+0xd4/0xd8 [ 4071.829685][ T5446] prepare_alloc_pages+0x20c/0x5e0 [ 4071.829897][ T5446] __alloc_frozen_pages_noprof+0xd8/0x2d0 [ 4071.830122][ T5446] alloc_pages_mpol+0x204/0x4c8 [ 4071.830415][ T5446] folio_alloc_mpol_noprof+0x4c/0x2b4 [ 4071.830694][ T5446] vma_alloc_folio_noprof+0x348/0x494 [ 4071.830999][ T5446] vma_alloc_zeroed_movable_folio+0x80/0xa0 [ 4071.831305][ T5446] folio_prealloc+0x3c/0x1c4 [ 4071.831509][ T5446] handle_mm_fault+0x3fe4/0x579c [ 4071.831797][ T5446] do_page_fault+0x424/0x15c8 [ 4071.832075][ T5446] do_translation_fault+0xbc/0xfc [ 4071.832366][ T5446] do_mem_abort+0x50/0x110 [ 4071.832626][ T5446] el0_da+0x64/0x144 [ 4071.832883][ T5446] el0t_64_sync_handler+0x84/0x108 [ 4071.833158][ T5446] el0t_64_sync+0x198/0x19c [ 4072.152882][ T5446] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 4100.715725][ T5468] kvm [5468]: Failed to find VMA for hva 0x21016000 [ 4152.516504][ T5504] kvm [5504]: Failed to find VMA for hva 0x21016000 [ 4213.029142][ T5556] kvm [5556]: Failed to find VMA for hva 0x20d8b000 [ 4297.688623][ T25] audit: type=1400 audit(4296.800:106): avc: denied { execute } for pid=5616 comm="syz.0.651" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 4330.519460][ T5635] kvm [5635]: Failed to find VMA for hva 0x21016000 [ 4377.408089][ T5671] FAULT_INJECTION: forcing a failure. [ 4377.408089][ T5671] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 4377.573702][ T5671] CPU: 0 UID: 0 PID: 5671 Comm: syz.1.667 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 4377.574061][ T5671] Hardware name: linux,dummy-virt (DT) [ 4377.574189][ T5671] Call trace: [ 4377.574273][ T5671] show_stack+0x2c/0x3c (C) [ 4377.574619][ T5671] __dump_stack+0x30/0x40 [ 4377.574813][ T5671] dump_stack_lvl+0xd8/0x12c [ 4377.575008][ T5671] dump_stack+0x1c/0x28 [ 4377.575243][ T5671] should_fail_ex+0x570/0x6e0 [ 4377.575481][ T5671] should_fail_alloc_page+0xd4/0xd8 [ 4377.575698][ T5671] prepare_alloc_pages+0x20c/0x5e0 [ 4377.575908][ T5671] __alloc_frozen_pages_noprof+0xd8/0x2d0 [ 4377.576147][ T5671] alloc_pages_mpol+0x204/0x4c8 [ 4377.576429][ T5671] folio_alloc_mpol_noprof+0x4c/0x2b4 [ 4377.576711][ T5671] vma_alloc_folio_noprof+0x348/0x494 [ 4377.577027][ T5671] vma_alloc_zeroed_movable_folio+0x80/0xa0 [ 4377.577340][ T5671] folio_prealloc+0x3c/0x1c4 [ 4377.577543][ T5671] handle_mm_fault+0x3fe4/0x579c [ 4377.577827][ T5671] do_page_fault+0x424/0x15c8 [ 4377.578116][ T5671] do_translation_fault+0xbc/0xfc [ 4377.578392][ T5671] do_mem_abort+0x50/0x110 [ 4377.578650][ T5671] el0_da+0x64/0x144 [ 4377.578893][ T5671] el0t_64_sync_handler+0x84/0x108 [ 4377.579161][ T5671] el0t_64_sync+0x198/0x19c [ 4377.885265][ T5671] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 4387.306017][ T5675] print_sys_reg_msg: 327 callbacks suppressed [ 4387.343245][ T5675] kvm [5674]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 4387.343245][ T5675] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 4387.407769][ T5675] kvm [5674]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4387.407769][ T5675] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 4387.433982][ T5675] kvm [5674]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4387.433982][ T5675] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 4387.474854][ T5675] kvm [5674]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4387.474854][ T5675] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 4387.569882][ T5675] kvm [5674]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4387.569882][ T5675] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 4387.587459][ T5675] kvm [5674]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4387.587459][ T5675] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 4387.639270][ T5675] kvm [5674]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4387.639270][ T5675] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 4387.706735][ T5675] kvm [5674]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4387.706735][ T5675] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 4387.789467][ T5675] kvm [5674]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4387.789467][ T5675] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 4409.753584][ T5689] FAULT_INJECTION: forcing a failure. [ 4409.753584][ T5689] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 4409.765938][ T5689] CPU: 0 UID: 0 PID: 5689 Comm: syz.0.673 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 4409.766307][ T5689] Hardware name: linux,dummy-virt (DT) [ 4409.766422][ T5689] Call trace: [ 4409.766504][ T5689] show_stack+0x2c/0x3c (C) [ 4409.766857][ T5689] __dump_stack+0x30/0x40 [ 4409.767065][ T5689] dump_stack_lvl+0xd8/0x12c [ 4409.767275][ T5689] dump_stack+0x1c/0x28 [ 4409.767466][ T5689] should_fail_ex+0x570/0x6e0 [ 4409.767697][ T5689] should_fail_alloc_page+0xd4/0xd8 [ 4409.767915][ T5689] prepare_alloc_pages+0x20c/0x5e0 [ 4409.768169][ T5689] __alloc_frozen_pages_noprof+0xd8/0x2d0 [ 4409.768392][ T5689] alloc_pages_mpol+0x204/0x4c8 [ 4409.768672][ T5689] folio_alloc_mpol_noprof+0x4c/0x2b4 [ 4409.768988][ T5689] vma_alloc_folio_noprof+0x348/0x494 [ 4409.769309][ T5689] vma_alloc_zeroed_movable_folio+0x80/0xa0 [ 4409.769592][ T5689] folio_prealloc+0x3c/0x1c4 [ 4409.769800][ T5689] handle_mm_fault+0x3fe4/0x579c [ 4409.770115][ T5689] do_page_fault+0x424/0x15c8 [ 4409.770390][ T5689] do_translation_fault+0xbc/0xfc [ 4409.770657][ T5689] do_mem_abort+0x50/0x110 [ 4409.770927][ T5689] el0_da+0x64/0x144 [ 4409.771197][ T5689] el0t_64_sync_handler+0x84/0x108 [ 4409.771438][ T5689] el0t_64_sync+0x198/0x19c [ 4410.017825][ T5689] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 4438.760412][ T5708] FAULT_INJECTION: forcing a failure. [ 4438.760412][ T5708] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 4438.983545][ T5708] CPU: 0 UID: 0 PID: 5708 Comm: syz.0.678 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 4438.983927][ T5708] Hardware name: linux,dummy-virt (DT) [ 4438.984055][ T5708] Call trace: [ 4438.984144][ T5708] show_stack+0x2c/0x3c (C) [ 4438.984510][ T5708] __dump_stack+0x30/0x40 [ 4438.984706][ T5708] dump_stack_lvl+0xd8/0x12c [ 4438.984927][ T5708] dump_stack+0x1c/0x28 [ 4438.985143][ T5708] should_fail_ex+0x570/0x6e0 [ 4438.985393][ T5708] should_fail_alloc_page+0xd4/0xd8 [ 4438.985613][ T5708] prepare_alloc_pages+0x20c/0x5e0 [ 4438.985825][ T5708] __alloc_frozen_pages_noprof+0xd8/0x2d0 [ 4438.986051][ T5708] alloc_pages_mpol+0x204/0x4c8 [ 4438.986359][ T5708] folio_alloc_mpol_noprof+0x4c/0x2b4 [ 4438.986645][ T5708] vma_alloc_folio_noprof+0x348/0x494 [ 4438.986925][ T5708] vma_alloc_zeroed_movable_folio+0x80/0xa0 [ 4438.987226][ T5708] folio_prealloc+0x3c/0x1c4 [ 4438.987440][ T5708] handle_mm_fault+0x3fe4/0x579c [ 4438.987730][ T5708] do_page_fault+0x424/0x15c8 [ 4438.987992][ T5708] do_translation_fault+0xbc/0xfc [ 4438.988287][ T5708] do_mem_abort+0x50/0x110 [ 4438.988577][ T5708] el0_da+0x64/0x144 [ 4438.988826][ T5708] el0t_64_sync_handler+0x84/0x108 [ 4438.989112][ T5708] el0t_64_sync+0x198/0x19c [ 4439.309137][ T5708] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 4444.072796][ T5709] kvm [5709]: Failed to find VMA for hva 0x20c01000 [ 4465.820429][ T5726] FAULT_INJECTION: forcing a failure. [ 4465.820429][ T5726] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 4465.866469][ T5726] CPU: 0 UID: 0 PID: 5726 Comm: syz.1.684 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 4465.866811][ T5726] Hardware name: linux,dummy-virt (DT) [ 4465.866918][ T5726] Call trace: [ 4465.867001][ T5726] show_stack+0x2c/0x3c (C) [ 4465.867400][ T5726] __dump_stack+0x30/0x40 [ 4465.867607][ T5726] dump_stack_lvl+0xd8/0x12c [ 4465.867809][ T5726] dump_stack+0x1c/0x28 [ 4465.868000][ T5726] should_fail_ex+0x570/0x6e0 [ 4465.868258][ T5726] should_fail_alloc_page+0xd4/0xd8 [ 4465.868479][ T5726] prepare_alloc_pages+0x20c/0x5e0 [ 4465.868707][ T5726] __alloc_frozen_pages_noprof+0xd8/0x2d0 [ 4465.868959][ T5726] alloc_pages_mpol+0x204/0x4c8 [ 4465.869282][ T5726] folio_alloc_mpol_noprof+0x4c/0x2b4 [ 4465.869568][ T5726] vma_alloc_folio_noprof+0x348/0x494 [ 4465.869851][ T5726] vma_alloc_zeroed_movable_folio+0x80/0xa0 [ 4465.870156][ T5726] folio_prealloc+0x3c/0x1c4 [ 4465.870364][ T5726] handle_mm_fault+0x3fe4/0x579c [ 4465.870650][ T5726] do_page_fault+0x424/0x15c8 [ 4465.870923][ T5726] do_translation_fault+0xbc/0xfc [ 4465.871213][ T5726] do_mem_abort+0x50/0x110 [ 4465.871475][ T5726] el0_da+0x64/0x144 [ 4465.871704][ T5726] el0t_64_sync_handler+0x84/0x108 [ 4465.871939][ T5726] el0t_64_sync+0x198/0x19c [ 4466.088244][ T5726] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 4484.810496][ T5738] FAULT_INJECTION: forcing a failure. [ 4484.810496][ T5738] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 4484.849329][ T5738] CPU: 0 UID: 0 PID: 5738 Comm: syz.1.689 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 4484.849677][ T5738] Hardware name: linux,dummy-virt (DT) [ 4484.849788][ T5738] Call trace: [ 4484.849872][ T5738] show_stack+0x2c/0x3c (C) [ 4484.850254][ T5738] __dump_stack+0x30/0x40 [ 4484.850456][ T5738] dump_stack_lvl+0xd8/0x12c [ 4484.850650][ T5738] dump_stack+0x1c/0x28 [ 4484.850877][ T5738] should_fail_ex+0x570/0x6e0 [ 4484.851160][ T5738] should_fail_alloc_page+0xd4/0xd8 [ 4484.851406][ T5738] prepare_alloc_pages+0x20c/0x5e0 [ 4484.851622][ T5738] __alloc_frozen_pages_noprof+0xd8/0x2d0 [ 4484.851832][ T5738] alloc_pages_mpol+0x204/0x4c8 [ 4484.852135][ T5738] folio_alloc_mpol_noprof+0x4c/0x2b4 [ 4484.852432][ T5738] vma_alloc_folio_noprof+0x348/0x494 [ 4484.852716][ T5738] vma_alloc_zeroed_movable_folio+0x80/0xa0 [ 4484.853032][ T5738] folio_prealloc+0x3c/0x1c4 [ 4484.853265][ T5738] handle_mm_fault+0x3fe4/0x579c [ 4484.853553][ T5738] do_page_fault+0x424/0x15c8 [ 4484.853812][ T5738] do_translation_fault+0xbc/0xfc [ 4484.854087][ T5738] do_mem_abort+0x50/0x110 [ 4484.854352][ T5738] el0_da+0x64/0x144 [ 4484.854585][ T5738] el0t_64_sync_handler+0x84/0x108 [ 4484.854828][ T5738] el0t_64_sync+0x198/0x19c [ 4485.026911][ T5738] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 4513.256943][ T5756] FAULT_INJECTION: forcing a failure. [ 4513.256943][ T5756] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 4513.307263][ T5756] CPU: 0 UID: 0 PID: 5756 Comm: syz.1.695 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 4513.307603][ T5756] Hardware name: linux,dummy-virt (DT) [ 4513.307713][ T5756] Call trace: [ 4513.307796][ T5756] show_stack+0x2c/0x3c (C) [ 4513.308183][ T5756] __dump_stack+0x30/0x40 [ 4513.308390][ T5756] dump_stack_lvl+0xd8/0x12c [ 4513.308582][ T5756] dump_stack+0x1c/0x28 [ 4513.308769][ T5756] should_fail_ex+0x570/0x6e0 [ 4513.309065][ T5756] should_fail_alloc_page+0xd4/0xd8 [ 4513.309301][ T5756] prepare_alloc_pages+0x20c/0x5e0 [ 4513.309516][ T5756] __alloc_frozen_pages_noprof+0xd8/0x2d0 [ 4513.309729][ T5756] alloc_pages_mpol+0x204/0x4c8 [ 4513.310010][ T5756] folio_alloc_mpol_noprof+0x4c/0x2b4 [ 4513.310317][ T5756] vma_alloc_folio_noprof+0x348/0x494 [ 4513.310603][ T5756] vma_alloc_zeroed_movable_folio+0x80/0xa0 [ 4513.310895][ T5756] folio_prealloc+0x3c/0x1c4 [ 4513.311115][ T5756] handle_mm_fault+0x3fe4/0x579c [ 4513.311410][ T5756] do_page_fault+0x424/0x15c8 [ 4513.311672][ T5756] do_translation_fault+0xbc/0xfc [ 4513.311933][ T5756] do_mem_abort+0x50/0x110 [ 4513.312210][ T5756] el0_da+0x64/0x144 [ 4513.312448][ T5756] el0t_64_sync_handler+0x84/0x108 [ 4513.312685][ T5756] el0t_64_sync+0x198/0x19c [ 4513.610319][ T5756] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 4821.215750][ T25] audit: type=1400 audit(4820.340:107): avc: denied { map } for pid=5963 comm="syz.0.753" path="pipe:[2398]" dev="pipefs" ino=2398 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 4838.036732][ T5979] FAULT_INJECTION: forcing a failure. [ 4838.036732][ T5979] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 4838.065254][ T5979] CPU: 0 UID: 0 PID: 5979 Comm: syz.0.757 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 4838.065600][ T5979] Hardware name: linux,dummy-virt (DT) [ 4838.065708][ T5979] Call trace: [ 4838.065791][ T5979] show_stack+0x2c/0x3c (C) [ 4838.066164][ T5979] __dump_stack+0x30/0x40 [ 4838.066366][ T5979] dump_stack_lvl+0xd8/0x12c [ 4838.066562][ T5979] dump_stack+0x1c/0x28 [ 4838.066750][ T5979] should_fail_ex+0x570/0x6e0 [ 4838.066981][ T5979] should_fail+0x14/0x24 [ 4838.067222][ T5979] should_fail_usercopy+0x20/0x30 [ 4838.067461][ T5979] simple_read_from_buffer+0xd0/0x298 [ 4838.067737][ T5979] proc_fail_nth_read+0x114/0x178 [ 4838.067998][ T5979] vfs_read+0x220/0x958 [ 4838.068256][ T5979] ksys_read+0x100/0x1f4 [ 4838.068496][ T5979] __arm64_sys_read+0x98/0xcc [ 4838.068737][ T5979] invoke_syscall+0x90/0x2b4 [ 4838.069060][ T5979] el0_svc_common+0x180/0x2f4 [ 4838.069357][ T5979] do_el0_svc+0x58/0x74 [ 4838.069632][ T5979] el0_svc+0x58/0x160 [ 4838.069867][ T5979] el0t_64_sync_handler+0x78/0x108 [ 4838.070129][ T5979] el0t_64_sync+0x198/0x19c [ 4865.628401][ T5998] FAULT_INJECTION: forcing a failure. [ 4865.628401][ T5998] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 4865.665902][ T5998] CPU: 0 UID: 0 PID: 5998 Comm: syz.0.764 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 4865.666273][ T5998] Hardware name: linux,dummy-virt (DT) [ 4865.666389][ T5998] Call trace: [ 4865.666473][ T5998] show_stack+0x2c/0x3c (C) [ 4865.666823][ T5998] __dump_stack+0x30/0x40 [ 4865.667019][ T5998] dump_stack_lvl+0xd8/0x12c [ 4865.667260][ T5998] dump_stack+0x1c/0x28 [ 4865.667458][ T5998] should_fail_ex+0x570/0x6e0 [ 4865.667692][ T5998] should_fail+0x14/0x24 [ 4865.667911][ T5998] should_fail_usercopy+0x20/0x30 [ 4865.668173][ T5998] _inline_copy_from_user+0x3c/0x18c [ 4865.668432][ T5998] kvm_arch_vcpu_ioctl+0x388/0x16b0 [ 4865.668671][ T5998] kvm_vcpu_ioctl+0x5c4/0xc2c [ 4865.668966][ T5998] __arm64_sys_ioctl+0x18c/0x244 [ 4865.669239][ T5998] invoke_syscall+0x90/0x2b4 [ 4865.669530][ T5998] el0_svc_common+0x180/0x2f4 [ 4865.669808][ T5998] do_el0_svc+0x58/0x74 [ 4865.670093][ T5998] el0_svc+0x58/0x160 [ 4865.670338][ T5998] el0t_64_sync_handler+0x78/0x108 [ 4865.670576][ T5998] el0t_64_sync+0x198/0x19c [ 4887.474705][ T6015] FAULT_INJECTION: forcing a failure. [ 4887.474705][ T6015] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 4887.516448][ T6015] CPU: 0 UID: 0 PID: 6015 Comm: syz.0.769 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 4887.516787][ T6015] Hardware name: linux,dummy-virt (DT) [ 4887.516929][ T6015] Call trace: [ 4887.517020][ T6015] show_stack+0x2c/0x3c (C) [ 4887.517416][ T6015] __dump_stack+0x30/0x40 [ 4887.517619][ T6015] dump_stack_lvl+0xd8/0x12c [ 4887.517812][ T6015] dump_stack+0x1c/0x28 [ 4887.517998][ T6015] should_fail_ex+0x570/0x6e0 [ 4887.518254][ T6015] should_fail+0x14/0x24 [ 4887.518478][ T6015] should_fail_usercopy+0x20/0x30 [ 4887.518715][ T6015] _inline_copy_from_user+0x3c/0x18c [ 4887.518960][ T6015] kvm_arm_set_reg+0x4fc/0xe34 [ 4887.519195][ T6015] kvm_arch_vcpu_ioctl+0x5cc/0x16b0 [ 4887.519440][ T6015] kvm_vcpu_ioctl+0x5c4/0xc2c [ 4887.519698][ T6015] __arm64_sys_ioctl+0x18c/0x244 [ 4887.519930][ T6015] invoke_syscall+0x90/0x2b4 [ 4887.520231][ T6015] el0_svc_common+0x180/0x2f4 [ 4887.520512][ T6015] do_el0_svc+0x58/0x74 [ 4887.520784][ T6015] el0_svc+0x58/0x160 [ 4887.521084][ T6015] el0t_64_sync_handler+0x78/0x108 [ 4887.521349][ T6015] el0t_64_sync+0x198/0x19c [ 4946.323990][ T6048] kvm [6048]: Failed to find VMA for hva 0x20d8d000 [ 5062.715026][ T6126] kvm [6126]: Failed to find VMA for hva 0x20c0c000 [ 5190.594529][ T6213] kvm [6213]: Failed to find VMA for hva 0x20c01000 [ 5376.516409][ T6349] kvm [6349]: Failed to find VMA for hva 0x21016000 [ 5384.264680][ T6355] kvm [6355]: Failed to find VMA for hva 0x21016000 [ 5927.384178][ T6693] kvm [6693]: Failed to find VMA for hva 0x20c01000 [ 5950.700166][ T6709] kvm [6708]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 5950.700166][ T6709] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5950.746754][ T6709] kvm [6708]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5950.746754][ T6709] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5950.785121][ T6709] kvm [6708]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5950.785121][ T6709] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5950.835499][ T6709] kvm [6708]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5950.835499][ T6709] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5950.860277][ T6709] kvm [6708]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5950.860277][ T6709] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5950.908546][ T6709] kvm [6708]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5950.908546][ T6709] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5950.974104][ T6709] kvm [6708]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5950.974104][ T6709] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5950.986132][ T6709] kvm [6708]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5950.986132][ T6709] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5951.055106][ T6709] kvm [6708]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5951.055106][ T6709] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5951.110353][ T6709] kvm [6708]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5951.110353][ T6709] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5987.109499][ T6728] kvm [6728]: Failed to find VMA for hva 0x20d8d000 [ 6011.573141][ T6742] print_sys_reg_msg: 210 callbacks suppressed [ 6011.613329][ T6742] kvm [6741]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 6011.613329][ T6742] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 6011.645669][ T6742] kvm [6741]: Unsupported guest CP15 access at: 00000100 [000001db] [ 6011.645669][ T6742] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 6011.735407][ T6742] kvm [6741]: Unsupported guest CP15 access at: 00000100 [000001db] [ 6011.735407][ T6742] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 6011.785237][ T6742] kvm [6741]: Unsupported guest CP15 access at: 00000100 [000001db] [ 6011.785237][ T6742] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 6011.815518][ T6742] kvm [6741]: Unsupported guest CP15 access at: 00000100 [000001db] [ 6011.815518][ T6742] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 6011.874352][ T6742] kvm [6741]: Unsupported guest CP15 access at: 00000100 [000001db] [ 6011.874352][ T6742] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 6011.915200][ T6742] kvm [6741]: Unsupported guest CP15 access at: 00000100 [000001db] [ 6011.915200][ T6742] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 6011.989767][ T6742] kvm [6741]: Unsupported guest CP15 access at: 00000100 [000001db] [ 6011.989767][ T6742] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 6213.397076][ T6876] FAULT_INJECTION: forcing a failure. [ 6213.397076][ T6876] name failslab, interval 1, probability 0, space 0, times 0 [ 6213.434283][ T6876] CPU: 0 UID: 0 PID: 6876 Comm: syz.1.1030 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 6213.434704][ T6876] Hardware name: linux,dummy-virt (DT) [ 6213.434814][ T6876] Call trace: [ 6213.434899][ T6876] show_stack+0x2c/0x3c (C) [ 6213.435267][ T6876] __dump_stack+0x30/0x40 [ 6213.435502][ T6876] dump_stack_lvl+0xd8/0x12c [ 6213.435703][ T6876] dump_stack+0x1c/0x28 [ 6213.435893][ T6876] should_fail_ex+0x570/0x6e0 [ 6213.436147][ T6876] should_failslab+0xb8/0xec [ 6213.436377][ T6876] __kmalloc_noprof+0xdc/0x4b8 [ 6213.436677][ T6876] tomoyo_encode+0x27c/0x4ec [ 6213.436983][ T6876] tomoyo_realpath_from_path+0x5bc/0x628 [ 6213.437285][ T6876] tomoyo_path_number_perm+0x13c/0x33c [ 6213.437550][ T6876] tomoyo_file_ioctl+0x2c/0x3c [ 6213.437828][ T6876] security_file_ioctl+0xe8/0x2f0 [ 6213.438130][ T6876] __arm64_sys_ioctl+0xd0/0x244 [ 6213.438375][ T6876] invoke_syscall+0x90/0x2b4 [ 6213.438710][ T6876] el0_svc_common+0x180/0x2f4 [ 6213.438994][ T6876] do_el0_svc+0x58/0x74 [ 6213.439279][ T6876] el0_svc+0x58/0x160 [ 6213.439543][ T6876] el0t_64_sync_handler+0x78/0x108 [ 6213.439785][ T6876] el0t_64_sync+0x198/0x19c [ 6213.553002][ T6876] ERROR: Out of memory at tomoyo_realpath_from_path. [ 6344.006454][ T6960] KVM: debugfs: duplicate directory 6960-5 [ 6381.497245][ T6983] kvm [6983]: Failed to find VMA for hva 0x208a1000 [ 6622.299411][ T7123] kvm [7123]: Failed to find VMA for hva 0x21016000 [ 6880.503963][ T7317] kvm [7317]: Failed to find VMA for hva 0x20c01000 [ 7115.927376][ T7453] ------------[ cut here ]------------ [ 7115.928254][ T7453] WARNING: CPU: 0 PID: 7453 at arch/arm64/kvm/inject_fault.c:71 pend_serror_exception+0x19c/0x5ac [ 7115.931203][ T7453] Modules linked in: [ 7115.933395][ T7453] CPU: 0 UID: 0 PID: 7453 Comm: syz.0.1191 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 7115.935098][ T7453] Hardware name: linux,dummy-virt (DT) [ 7115.936385][ T7453] pstate: 81402009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 7115.937898][ T7453] pc : pend_serror_exception+0x19c/0x5ac [ 7115.939157][ T7453] lr : pend_serror_exception+0x19c/0x5ac [ 7115.940352][ T7453] sp : ffff80008e897930 [ 7115.941330][ T7453] x29: ffff80008e897930 x28: 57f000001d80d8a8 x27: 0000000000000001 [ 7115.943475][ T7453] x26: 0000000000000000 x25: 0000000000000001 x24: 0000000000000057 [ 7115.945343][ T7453] x23: 57f000001d80db28 x22: 0000000000000057 x21: 57f000001d80e701 [ 7115.947200][ T7453] x20: 0000000000000007 x19: efff800000000000 x18: 0000000000000000 [ 7115.949119][ T7453] x17: 000000000000003e x16: ffff800080011d9c x15: 0000000020000000 [ 7115.950774][ T7453] x14: ffffffffffffffff x13: 0000000000000028 x12: 00000000000000b7 [ 7115.952668][ T7453] x11: b7f0000011dcd064 x10: 0000000000ff0100 x9 : 0000000000000000 [ 7115.954691][ T7453] x8 : b7f0000011dcbb00 x7 : ffff800080b08704 x6 : ffff80008e897a88 [ 7115.956471][ T7453] x5 : ffff80008e897a88 x4 : 0000000000000001 x3 : ffff8000801a2e80 [ 7115.958341][ T7453] x2 : 0000000000000000 x1 : 0000000000000002 x0 : 0000000000000000 [ 7115.960102][ T7453] Call trace: [ 7115.961027][ T7453] pend_serror_exception+0x19c/0x5ac (P) [ 7115.962232][ T7453] kvm_inject_serror_esr+0x274/0xe40 [ 7115.963357][ T7453] __kvm_arm_vcpu_set_events+0x1d4/0x238 [ 7115.964512][ T7453] kvm_arch_vcpu_ioctl+0xed8/0x16b0 [ 7115.965670][ T7453] kvm_vcpu_ioctl+0x5c4/0xc2c [ 7115.966651][ T7453] __arm64_sys_ioctl+0x18c/0x244 [ 7115.967719][ T7453] invoke_syscall+0x90/0x2b4 [ 7115.968818][ T7453] el0_svc_common+0x180/0x2f4 [ 7115.970019][ T7453] do_el0_svc+0x58/0x74 [ 7115.971119][ T7453] el0_svc+0x58/0x160 [ 7115.972161][ T7453] el0t_64_sync_handler+0x78/0x108 [ 7115.973325][ T7453] el0t_64_sync+0x198/0x19c [ 7115.974554][ T7453] irq event stamp: 1728 [ 7115.975483][ T7453] hardirqs last enabled at (1727): [] _raw_read_unlock_irqrestore+0x44/0xbc [ 7115.977045][ T7453] hardirqs last disabled at (1728): [] el1_dbg+0x24/0x80 [ 7115.978544][ T7453] softirqs last enabled at (1710): [] local_bh_enable+0x10/0x34 [ 7115.980081][ T7453] softirqs last disabled at (1708): [] local_bh_disable+0x10/0x34 [ 7115.981650][ T7453] ---[ end trace 0000000000000000 ]--- SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 7133.337008][ T6069] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7134.719251][ T6069] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7135.716796][ T6069] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7136.249939][ T6069] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 VM DIAGNOSIS: 22:51:55 Registers: info registers vcpu 0 CPU#0 PC=ffff8000804516b8 X00=0000000000000000 X01=ffff8000872b1fa2 X02=ffff8000804580e0 X03=0000000000000000 X04=ffff80008e896fb0 X05=0000000000000020 X06=0000000000000000 X07=ffff80008047db2c X08=00000000000003c0 X09=0000000000000000 X10=00000000000000b7 X11=0000000000000144 X12=0000000000000044 X13=0000000000000002 X14=00000000000000c8 X15=ffff800087f39a30 X16=ffff800080011d9c X17=000000000000003e X18=0000000000000000 X19=0000000000000000 X20=0000000000000000 X21=ffff80008047db2c X22=ffff8000877e6640 X23=0000000000000000 X24=0000000000000001 X25=0000000000000000 X26=ffff800087666580 X27=00000000000003c0 X28=0000000000000000 X29=ffff80008e897170 X30=ffff800080451698 SP=ffff80008e897120 PSTATE=604023c9 -ZC- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000 P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000 FFR=0000 Z00=0000000000000000:0000000000000000 Z01=0000ffffc039ef10:22b4a3a59e98c500 Z02=0000ffffc039eef0:ffffff80ffffffd8 Z03=0000ffffc039efa0:0000ffffc039efa0 Z04=0000ffffc039efa0:0000ffffaa736d08 Z05=0000ffffc039ef70:0000ffffc039efa0 Z06=6edc4d3a2914b135:d8e9c869e2695c88 Z07=b20fae707afde253:388e9c6c4fa85ca0 Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000 Z16=0000ffffc039f1c0:0000ffffc039f1c0 Z17=ffffff80ffffffd0:0000ffffc039f190 Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000