last executing test programs: 50.508191254s ago: executing program 0 (id=1674): openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000eb2000/0x3000)=nil, 0x930, 0x0, 0x32e7851d6de9e532, 0xffffffffffffffff, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000340)={0x5}) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000080)=@arm64_extra={0x603000000013df11, &(0x7f0000000040)}) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000647000/0x1000)=nil, 0x1000) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) munmap(&(0x7f000000f000/0x2000)=nil, 0x2000) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) 47.448217232s ago: executing program 1 (id=1675): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000fa2000/0x2000)=nil}) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f0000000000)={0x0, &(0x7f0000000040)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffd0, 0x3, 0x1}}], 0x30}, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x1000, 0x2000, &(0x7f0000fa2000/0x2000)=nil}) 41.496311757s ago: executing program 0 (id=1676): r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, &(0x7f0000000000)={0x4, [0x6, 0x100, 0x1, 0x1]}) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000040)={0x4, 0xffffffffffffffff, 0x1}) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bff000/0x400000)=nil) ioctl$KVM_ARM_VCPU_FINALIZE(r0, 0x4004aec2, &(0x7f0000000080)=0x1) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f00000000c0)) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000180)=@attr_arm64={0x0, 0x4, 0x4, &(0x7f0000000140)=0x6}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) munmap(&(0x7f0000c71000/0x3000)=nil, 0x3000) syz_kvm_vgic_v3_setup(r1, 0x2, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f00000001c0)={0x2, 0x1000}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x420100, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CLEAR_DIRTY_LOG(r5, 0xc018aec0, &(0x7f0000000640)={0x10000, 0x340, 0x2c0, &(0x7f0000000240)=[0x5, 0x3, 0x3, 0x40d9, 0x101, 0x7, 0x3, 0x5, 0x5, 0x9, 0x1, 0x8001, 0x8, 0x10, 0x7b7a, 0x6, 0x0, 0xd, 0x100000001, 0x8, 0x1000, 0x3, 0xfd1b, 0x7, 0x0, 0x4, 0x8, 0x80000001, 0x8000000000000001, 0x7, 0x1, 0xe, 0x8000000000000000, 0x9, 0x6, 0x2, 0x0, 0xffffffffffffffff, 0x40, 0xffffffffffffff78, 0x9, 0x9, 0x2f, 0x1, 0x4, 0x7, 0x8, 0x7, 0x0, 0x7, 0x2, 0x2, 0xffffffffffff1d96, 0x0, 0x3, 0xffffffffffff0000, 0x5, 0x101, 0x2, 0x499, 0x9, 0x1, 0x24, 0x2, 0x3, 0x49c, 0x8000000000000000, 0x0, 0x4, 0x0, 0xa4, 0x6, 0x6, 0x6, 0x4, 0x800, 0x1, 0xb3, 0x8000000000000001, 0x8, 0x0, 0xf09c, 0x2, 0x9, 0x2000000, 0x8, 0xbba7, 0x7, 0xfffffffffffffffb, 0x6, 0x4, 0x8, 0x332a000000000000, 0x20000000000000, 0x2, 0x9, 0xd56, 0x0, 0x5, 0x7, 0x3ff, 0xc, 0x9, 0x9, 0x1, 0x0, 0x3ff, 0xffff, 0x7ff, 0x2, 0xfffffffffffff800, 0x1, 0x2, 0x8001, 0xffffffff, 0x80, 0x7, 0x7f, 0x0, 0x4, 0xc0d1, 0x3, 0x20, 0x8, 0x3, 0x0, 0x140000000, 0x5]}) r6 = eventfd2(0x10, 0x80800) r7 = ioctl$KVM_CREATE_GUEST_MEMFD(r5, 0xc040aed4, &(0x7f0000000680)) ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f00000006c0)={0x2, 0x2, 0x5000, 0x2000, &(0x7f0000cd0000/0x2000)=nil, 0x7fffffff, r7}) ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000780)={0x9, 0xd000, 0x0, r6, 0x3}) munmap(&(0x7f0000e43000/0x1000)=nil, 0x1000) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000007c0)={0x7f, 0x2, 0x8, r6, 0xc}) r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) syz_kvm_setup_cpu$arm64(r8, r3, &(0x7f0000c00000/0x400000)=nil, &(0x7f00000009c0)=[{0x0, &(0x7f0000000800)=[@mrs={0xbe, 0x18, {0x603000000013e100}}, @smc={0x1e, 0x40, {0x84000008, [0x1, 0x1, 0xb, 0x0, 0xffffffffc42445ae]}}, @hvc={0x32, 0x40, {0x32000000, [0x8001, 0x1, 0x3ff, 0xffffffffffffff80, 0x6]}}, @uexit={0x0, 0x18, 0x6}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x17b}}, @irq_setup={0x46, 0x18, {0x1, 0x334}}, @code={0xa, 0x9c, {"0000805a007008d5000008d5205d99d200c0b0f2c10180d2020180d2430080d2440180d2020000d40060400ca00598d20080b8f2210080d2620080d2630180d2a40080d2020000d4202284d20000b0f2a10080d2a20080d2630080d2240080d2020000d4007008d5001c200e20d588d20080b8f2a10180d2620180d2830080d2840080d2020000d4"}}], 0x18c}], 0x1, 0x0, &(0x7f0000000a00)=[@featur2={0x1, 0x20}], 0x1) r9 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1) ioctl$KVM_CHECK_EXTENSION_VM(r5, 0xae03, 0x9) r10 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r10, 0x4008ae6a, &(0x7f0000000a40)={0x3, 0x0, [{0xb, 0x1, 0x5b0bcf9e91681f7c, 0x0, @irqchip={0xd, 0x8}}, {0x7e54076, 0x1, 0x0, 0x0, @irqchip={0xffffe442, 0x1}}, {0x0, 0x5, 0x0, 0x0, @sint={0x6, 0x6}}]}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000b00), 0xa0382, 0x0) r11 = mmap$KVM_VCPU(&(0x7f0000cf8000/0x4000)=nil, 0x0, 0x2000003, 0x4000010, r9, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r11, 0x20, &(0x7f0000000b40)="166e28ee595666a143c147499081520be81b778450669d551b2b8fb3491fafc64f6f61ec0c486c52a384b4b0c28daa4a0aeeef682f6aa27e9610022b6857e579ea76c7643d4d6efd", 0x0, 0x48) 38.327057832s ago: executing program 1 (id=1677): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x104, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40480, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) r8 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x2800003, 0x11, r7, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000100)="fb0149dd033be3982ce16f8f1f449a7a835600000000000000000000000000ffffffffffffffde000000000000ffffffe0cad4b7a900", 0x0, 0xa0) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r7, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4040aea0, &(0x7f0000000040)=@x86={0x30, 0x9, 0x8, 0x0, 0x4, 0x9e, 0x5, 0x0, 0x4, 0xe, 0x8, 0xf8, 0x0, 0x652e, 0x0, 0x1, 0x0, 0x1, 0x0, '\x00', 0xf, 0x6}) ioctl$KVM_GET_ONE_REG(r2, 0x8000ae8c, 0x0) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000080)=@arm64_fw={0x6030000000140003, &(0x7f0000000000)=0x2}) r10 = openat$kvm(0x0, &(0x7f0000000040), 0x402, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000afc000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r12, &(0x7f00000000c0)={0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="3200000000e297e8ea"], 0x40}, 0x0, 0x0) r13 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x0) r16 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r15, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r16, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r15, 0x0) r17 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) mmap$KVM_VCPU(&(0x7f0000da3000/0x3000)=nil, 0x930, 0x8, 0x38031, 0xffffffffffffffff, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000000)={0xffffffffffffffff, 0x29c, 0x3}) ioctl$KVM_CREATE_VM(r17, 0x401c5820, 0x20000000) 34.499787101s ago: executing program 0 (id=1678): openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="14000000000000002000000000000000e9bf5694cc"], 0x20}, 0x0, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r7 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000f, 0x11, r6, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r7, 0x20, &(0x7f0000000100)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67301ce16f8f1f449a7a835673312b54ebb2aa8cc869d22627e7000000000000000000001f000e00", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r6, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x121218, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 27.641128777s ago: executing program 1 (id=1679): r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) munmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000) (async) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0x48) (async) r4 = mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x3000002, 0x8a031, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_MMIO(r4, 0x20, &(0x7f0000000000)="7cfaa2bfd6dd76375aa1bde04fceeb33743b07d73b3e9aac", 0x0, 0x18) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b6565d2f1, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) (async) r5 = eventfd2(0x0, 0x0) close(r5) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) (async) write$eventfd(r5, &(0x7f0000000000), 0xfffffe1e) (async) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CAP_HALT_POLL(r7, 0x4068aea3, 0x0) (async) r8 = syz_kvm_setup_syzos_vm$arm64(r7, &(0x7f0000bfd000/0x400000)=nil) munmap(&(0x7f0000c1d000/0x2000)=nil, 0x2000) (async) r9 = syz_kvm_add_vcpu$arm64(r8, &(0x7f0000000b80)={0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1e00000000000000400000000000000008000084"], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r9, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x0, 0x5c1fd1b656592f1, 0xffffffffffffffff, 0x0) 25.808513496s ago: executing program 0 (id=1680): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) syz_kvm_vgic_v3_setup(r1, 0x5, 0x1e0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f0000000300)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f00000002c0)=0x64}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r2, 0x4018aee1, &(0x7f0000000100)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000080)=0x31}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x4, 0x1, 0xeeee0000, 0x1000, &(0x7f0000fff000/0x1000)=nil}) 21.032677606s ago: executing program 1 (id=1681): r0 = eventfd2(0x8001, 0x0) write$eventfd(r0, &(0x7f0000000000)=0xfffffffffffffffb, 0x8) (async) write$eventfd(r0, &(0x7f0000000000)=0x89ef, 0x8) (async) r1 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x10004, 0x4, 0x1, 0x1000, &(0x7f0000005000/0x1000)=nil}) r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x909483, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) (async) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x109000, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r9, 0xae04) (async) r11 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1) mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, r6, 0x0, 0x12, r11, 0x0) mmap$KVM_VCPU(&(0x7f0000ffa000/0x4000)=nil, r6, 0x0, 0x2012, r11, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000f4f000/0x2000)=nil, r10, 0x0, 0x11, r11, 0x0) (async) r12 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x2000)=nil, r10, 0x0, 0x10, r12, 0x0) (async) r13 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x4) ioctl$KVM_ARM_VCPU_INIT(r13, 0x4020aeae, &(0x7f0000000080)={0x5, 0xb}) (async) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000280)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000040)={0x7fff, 0x200b, 0x1}}) (async) close(0x5) (async) close(0x4) 18.386696945s ago: executing program 0 (id=1682): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x101000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING(r4, 0x4068aea3, &(0x7f00000001c0)={0xc0, 0x0, 0x10000}) r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_CAP_ARM_USER_IRQ(r3, 0x4068aea3, 0xfffffffffffffffe) r6 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000b60000/0x400000)=nil) ioctl$KVM_SET_DEVICE_ATTR_vm(r1, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x80000001}}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0x4020aeae, 0x0) ioctl$KVM_CREATE_DEVICE(r9, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)}) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x8, 0x100, &(0x7f0000000040)=0xc000000000000000}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x7f) r11 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000140)={0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="3200000000000000400000000000000050000084"], 0x80}, 0x0, 0x0) ioctl$KVM_RUN(r11, 0xae80, 0x0) r12 = openat$kvm(0x0, &(0x7f0000000040), 0x189000, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000c00000/0x400000)=nil) r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) close(r2) syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil) 13.550984543s ago: executing program 1 (id=1683): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000240), 0x121e82, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x22ea00, 0x0) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000100)={0x5, 0x0, 0x2000, 0x2000, &(0x7f0000e85000/0x2000)=nil}) openat$kvm(0x0, &(0x7f00000001c0), 0x751293c96863de54, 0x0) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000bfd000/0x400000)=nil) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000200)={0x5}) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x8, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_SIGNAL_MASK(r3, 0x4004ae8b, &(0x7f00000001c0)=ANY=[]) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_KVMCLOCK_CTRL(r3, 0xaead) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000340)={0x5}) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000240)="fb4149dd033be3ac3bc4a22332fdaa8de0518df242008031d1dfd92f0000000001fff9ffdc9610fbff77521ce30d8f00", 0x0, 0xfcf7) r10 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x5) syz_kvm_setup_cpu$arm64(r7, r10, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000140)=[{0x0, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000040)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f0000000000)=0xc0000000000}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000200)={0x5, 0x2, 0xaf38750a749bc10, 0x1000, &(0x7f0000e19000/0x1000)=nil}) 1.97704802s ago: executing program 0 (id=1684): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4020ae46, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000001000000000000000806"]) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x6, 0xffffffffffffffff}) write$eventfd(r2, &(0x7f00000001c0)=0xffffff7f, 0xe80) 0s ago: executing program 1 (id=1685): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000dd3000/0x4000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) r4 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)=@arm64={0x6, 0x9, 0x4, '\x00', 0x1}) ioctl$KVM_CREATE_VM(r4, 0x401c5820, 0x20000000) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000100)=@arm64={0x5, 0x7, 0x1}) kernel console output (not intermixed with test programs): [ 402.480527][ T3132] 8021q: adding VLAN 0 to HW filter on device bond0 [ 448.124533][ T3132] eql: remember to turn off Van-Jacobson compression on your slave devices Warning: Permanently added '[localhost]:35682' (ED25519) to the list of known hosts. [ 607.601253][ T25] audit: type=1400 audit(606.730:61): avc: denied { name_bind } for pid=3298 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 608.546562][ T25] audit: type=1400 audit(607.670:62): avc: denied { execute } for pid=3299 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 608.572444][ T25] audit: type=1400 audit(607.700:63): avc: denied { execute_no_trans } for pid=3299 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 626.579771][ T25] audit: type=1400 audit(625.710:64): avc: denied { mounton } for pid=3299 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 626.613921][ T25] audit: type=1400 audit(625.740:65): avc: denied { mount } for pid=3299 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 626.698130][ T3299] cgroup: Unknown subsys name 'net' [ 626.749230][ T25] audit: type=1400 audit(625.880:66): avc: denied { unmount } for pid=3299 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 627.148930][ T3299] cgroup: Unknown subsys name 'cpuset' [ 627.250861][ T3299] cgroup: Unknown subsys name 'rlimit' [ 628.182040][ T25] audit: type=1400 audit(627.310:67): avc: denied { setattr } for pid=3299 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 628.204327][ T25] audit: type=1400 audit(627.330:68): avc: denied { mounton } for pid=3299 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 628.233291][ T25] audit: type=1400 audit(627.360:69): avc: denied { mount } for pid=3299 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 629.442764][ T3302] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 629.468162][ T25] audit: type=1400 audit(628.590:70): avc: denied { relabelto } for pid=3302 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 629.494684][ T25] audit: type=1400 audit(628.610:71): avc: denied { write } for pid=3302 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 629.682181][ T25] audit: type=1400 audit(628.810:72): avc: denied { read } for pid=3299 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 629.701554][ T25] audit: type=1400 audit(628.820:73): avc: denied { open } for pid=3299 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 629.743827][ T3299] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 679.270906][ T25] audit: type=1400 audit(678.400:74): avc: denied { execmem } for pid=3303 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 682.852390][ T25] audit: type=1400 audit(681.980:75): avc: denied { read } for pid=3305 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 682.891048][ T25] audit: type=1400 audit(682.020:76): avc: denied { open } for pid=3305 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 682.961564][ T25] audit: type=1400 audit(682.090:77): avc: denied { mounton } for pid=3305 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 683.244009][ T25] audit: type=1400 audit(682.370:78): avc: denied { module_request } for pid=3305 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 683.282346][ T25] audit: type=1400 audit(682.410:79): avc: denied { module_request } for pid=3306 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 684.429121][ T25] audit: type=1400 audit(683.550:80): avc: denied { sys_module } for pid=3306 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 713.047764][ T3305] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 713.178510][ T3305] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 714.323261][ T3306] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 714.558844][ T3306] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 726.627550][ T3305] hsr_slave_0: entered promiscuous mode [ 726.653292][ T3305] hsr_slave_1: entered promiscuous mode [ 727.752815][ T3306] hsr_slave_0: entered promiscuous mode [ 727.783851][ T3306] hsr_slave_1: entered promiscuous mode [ 727.818182][ T3306] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 727.827876][ T3306] Cannot create hsr debugfs directory [ 732.998042][ T25] audit: type=1400 audit(732.120:81): avc: denied { create } for pid=3305 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 733.052419][ T25] audit: type=1400 audit(732.180:82): avc: denied { write } for pid=3305 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 733.119924][ T25] audit: type=1400 audit(732.250:83): avc: denied { read } for pid=3305 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 733.274279][ T3305] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 733.744431][ T3305] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 734.033318][ T3305] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 734.267235][ T3305] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 735.752716][ T3306] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 735.928235][ T3306] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 736.081626][ T3306] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 736.371313][ T3306] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 749.102378][ T3305] 8021q: adding VLAN 0 to HW filter on device bond0 [ 751.250376][ T3306] 8021q: adding VLAN 0 to HW filter on device bond0 [ 808.534922][ T3305] veth0_vlan: entered promiscuous mode [ 808.999697][ T3305] veth1_vlan: entered promiscuous mode [ 811.000284][ T3305] veth0_macvtap: entered promiscuous mode [ 811.158897][ T3306] veth0_vlan: entered promiscuous mode [ 811.387173][ T3305] veth1_macvtap: entered promiscuous mode [ 812.002712][ T3306] veth1_vlan: entered promiscuous mode [ 813.728180][ T3305] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 813.733041][ T3305] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 813.752304][ T3305] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 813.783393][ T3305] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 814.613525][ T3306] veth0_macvtap: entered promiscuous mode [ 815.288211][ T3306] veth1_macvtap: entered promiscuous mode [ 816.427651][ T25] audit: type=1400 audit(815.550:84): avc: denied { mount } for pid=3305 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 816.697709][ T25] audit: type=1400 audit(815.820:85): avc: denied { mounton } for pid=3305 comm="syz-executor" path="/syzkaller.866UvK/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 817.088088][ T25] audit: type=1400 audit(816.210:86): avc: denied { mount } for pid=3305 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 817.667779][ T25] audit: type=1400 audit(816.680:87): avc: denied { mounton } for pid=3305 comm="syz-executor" path="/syzkaller.866UvK/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 817.835141][ T25] audit: type=1400 audit(816.960:88): avc: denied { mounton } for pid=3305 comm="syz-executor" path="/syzkaller.866UvK/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3277 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 817.899781][ T3306] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 817.918710][ T3306] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 817.972518][ T3306] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 817.996514][ T3306] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 818.837310][ T25] audit: type=1400 audit(817.960:89): avc: denied { unmount } for pid=3305 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 819.217493][ T25] audit: type=1400 audit(818.340:90): avc: denied { mounton } for pid=3305 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 819.419936][ T25] audit: type=1400 audit(818.500:91): avc: denied { mount } for pid=3305 comm="syz-executor" name="/" dev="gadgetfs" ino=3289 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 819.842507][ T25] audit: type=1400 audit(818.940:92): avc: denied { mount } for pid=3305 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 820.008040][ T25] audit: type=1400 audit(819.110:93): avc: denied { mounton } for pid=3305 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 821.804874][ T3305] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 823.469878][ T25] kauditd_printk_skb: 1 callbacks suppressed [ 823.477007][ T25] audit: type=1400 audit(822.580:95): avc: denied { read write } for pid=3305 comm="syz-executor" name="loop1" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 823.519804][ T25] audit: type=1400 audit(822.610:96): avc: denied { open } for pid=3305 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 823.599643][ T25] audit: type=1400 audit(822.690:97): avc: denied { ioctl } for pid=3305 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=638 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 828.078410][ T25] audit: type=1400 audit(827.200:98): avc: denied { read } for pid=3457 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 828.117080][ T25] audit: type=1400 audit(827.220:99): avc: denied { open } for pid=3457 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 828.218646][ T25] audit: type=1400 audit(827.330:100): avc: denied { ioctl } for pid=3457 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae04 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 830.777728][ T25] audit: type=1400 audit(829.880:101): avc: denied { append } for pid=3458 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 838.666242][ T25] audit: type=1400 audit(837.790:102): avc: denied { setattr } for pid=3467 comm="syz.1.3" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 841.328555][ T25] audit: type=1400 audit(840.430:103): avc: denied { write } for pid=3467 comm="syz.1.3" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 919.397201][ T25] audit: type=1400 audit(918.520:104): avc: denied { execute } for pid=3530 comm="syz.1.19" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4229 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 921.120842][ T3532] kvm [3532]: Failed to find VMA for hva 0x20c01000 [ 1113.034600][ T3665] kvm [3665]: Failed to find VMA for hva 0x21016000 [ 1134.492020][ T3677] kvm [3676]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 1134.492020][ T3677] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 1134.520860][ T3677] kvm [3676]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1134.520860][ T3677] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 1134.598476][ T3677] kvm [3676]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1134.598476][ T3677] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 1134.653665][ T3677] kvm [3676]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1134.653665][ T3677] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 1134.730147][ T3677] kvm [3676]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1134.730147][ T3677] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 1134.760687][ T3677] kvm [3676]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1134.760687][ T3677] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 1134.798988][ T3677] kvm [3676]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1134.798988][ T3677] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 1134.927843][ T3677] kvm [3676]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1134.927843][ T3677] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 1134.973492][ T3677] kvm [3676]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1134.973492][ T3677] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 1135.048377][ T3677] kvm [3676]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1135.048377][ T3677] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 1136.158151][ T3677] kvm [3677]: Failed to find VMA for hva 0x20000000 [ 1204.031111][ T25] audit: type=1400 audit(1203.080:105): avc: denied { map } for pid=3722 comm="syz.0.75" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1278.680394][ T3773] kvm [3773]: Failed to find VMA for hva 0x20c01000 [ 1373.577528][ T25] audit: type=1400 audit(1372.700:106): avc: denied { ioctl } for pid=3840 comm="syz.1.107" path="net:[4026531840]" dev="nsfs" ino=4026531840 ioctlcmd=0x5829 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 1425.238191][ T25] audit: type=1400 audit(1424.360:107): avc: denied { execute } for pid=3875 comm="syz.0.116" path="/sys/kernel/debug/kcov" dev="debugfs" ino=107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=file permissive=1 [ 1455.042768][ T3894] kvm [3894]: Failed to find VMA for hva 0x20c01000 [ 1479.800924][ T3912] kvm [3912]: Failed to find VMA for hva 0x21016000 [ 1932.114407][ T4234] kvm [4234]: Failed to find VMA for hva 0x21016000 [ 1932.759027][ T4234] kvm [4234]: Failed to find VMA for hva 0x21016000 [ 1980.018541][ T4267] kvm [4267]: Failed to find VMA for hva 0x20bfe000 [ 2082.457153][ T4340] kvm [4340]: Failed to find VMA for hva 0x20d8d000 [ 2092.937419][ T4344] kvm [4344]: Failed to find VMA for hva 0x20c01000 [ 2103.501589][ T4349] kvm [4349]: Failed to find VMA for hva 0x20a00000 [ 2120.831385][ T4365] kvm [4365]: Failed to find VMA for hva 0x21016000 [ 2495.748330][ T4625] print_sys_reg_msg: 68 callbacks suppressed [ 2495.777368][ T4625] kvm [4624]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 2495.777368][ T4625] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2495.813466][ T4625] kvm [4624]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2495.813466][ T4625] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2495.848797][ T4625] kvm [4624]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2495.848797][ T4625] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2495.889631][ T4625] kvm [4624]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2495.889631][ T4625] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2495.941282][ T4625] kvm [4624]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2495.941282][ T4625] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2495.964964][ T4625] kvm [4624]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2495.964964][ T4625] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2496.004790][ T4625] kvm [4624]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2496.004790][ T4625] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2496.034120][ T4625] kvm [4624]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2496.034120][ T4625] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2496.068916][ T4625] kvm [4624]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2496.068916][ T4625] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2496.101483][ T4625] kvm [4624]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2496.101483][ T4625] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 2662.641109][ T4745] KVM: debugfs: duplicate directory 4745-7 [ 2724.353894][ T4783] debugfs: File 'vgic-its-state@0' in directory '4783-9' already present! [ 2784.491297][ T4818] kvm [4818]: Failed to find VMA for hva 0x20c01000 [ 3032.124553][ T5001] kvm [5001]: Failed to find VMA for hva 0x20b61000 [ 3060.167729][ T25] audit: type=1400 audit(3059.280:108): avc: denied { execute } for pid=5013 comm="syz.0.453" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 3452.698405][ T5286] kvm [5286]: Failed to find VMA for hva 0x20c01000 [ 3601.055042][ T5387] kvm [5387]: Failed to find VMA for hva 0x2036f000 [ 3656.382893][ T5427] kvm [5427]: Failed to find VMA for hva 0x208a1000 [ 3873.389089][ T5568] kvm [5568]: Failed to find VMA for hva 0x2036f000 [ 4260.564815][ T5830] kvm [5830]: Failed to find VMA for hva 0x21016000 [ 4260.632634][ T5830] kvm [5830]: Failed to find VMA for hva 0x21016000 [ 4313.581622][ T5865] kvm [5865]: Failed to find VMA for hva 0x20d8d000 [ 4378.180318][ T5910] kvm [5910]: Failed to find VMA for hva 0x20c01000 [ 4522.483398][ T6010] kvm [6010]: Failed to find VMA for hva 0x20d8d000 [ 4766.562708][ T6178] kvm [6178]: Failed to find VMA for hva 0x21016000 [ 4767.922095][ T6180] KVM: debugfs: duplicate directory 6180-4 [ 4946.720119][ T6315] kvm [6315]: Failed to find VMA for hva 0x20d8d000 [ 4977.721877][ T6334] kvm [6334]: Failed to find VMA for hva 0x20c01000 [ 5096.791862][ T6419] irq bypass consumer (token 00000000b70dd1dd) registration fails: -16 [ 5142.257148][ T6447] irq bypass consumer (token 0000000090bf2e12) registration fails: -16 [ 5184.622381][ T6471] kvm [6470]: Unsupported guest access at: eeef0000 [ 5184.622381][ T6471] { Op0( 2), Op1( 0), CRn( 0), CRm( 0), Op2( 2), func_write }, [ 5198.282051][ T6479] irq bypass consumer (token 00000000893517a8) registration fails: -16 [ 5201.344548][ T6482] kvm [6482]: Failed to find VMA for hva 0x21016000 [ 5324.763312][ T6568] kvm [6568]: Failed to find VMA for hva 0x208a1000 [ 5649.479670][ T6815] kvm [6815]: Failed to find VMA for hva 0x208a1000 [ 5806.186886][ T6930] irq bypass consumer (token 000000001bff3642) registration fails: -16 [ 5839.203828][ T6954] print_sys_reg_msg: 20 callbacks suppressed [ 5839.247833][ T6954] kvm [6953]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 5839.247833][ T6954] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5839.264785][ T6954] kvm [6953]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5839.264785][ T6954] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5839.321302][ T6954] kvm [6953]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5839.321302][ T6954] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5839.360966][ T6954] kvm [6953]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5839.360966][ T6954] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5839.413024][ T6954] kvm [6953]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5839.413024][ T6954] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5839.444762][ T6954] kvm [6953]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5839.444762][ T6954] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5839.498505][ T6954] kvm [6953]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5839.498505][ T6954] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5839.538416][ T6954] kvm [6953]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5839.538416][ T6954] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5839.579902][ T6954] kvm [6953]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5839.579902][ T6954] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5839.619121][ T6954] kvm [6953]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5839.619121][ T6954] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 6219.750523][ T7204] kvm [7204]: Failed to find VMA for hva 0x21016000 [ 6624.928822][ T4472] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6626.292283][ T4472] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6627.319704][ T4472] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6628.314771][ T4472] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6644.820398][ T4472] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 6645.156600][ T4472] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 6645.359161][ T4472] bond0 (unregistering): Released all slaves [ 6647.374447][ T4472] hsr_slave_0: left promiscuous mode [ 6647.487071][ T4472] hsr_slave_1: left promiscuous mode [ 6648.118371][ T4472] veth1_macvtap: left promiscuous mode [ 6648.123679][ T4472] veth0_macvtap: left promiscuous mode [ 6648.144461][ T4472] veth1_vlan: left promiscuous mode [ 6648.183874][ T4472] veth0_vlan: left promiscuous mode [ 6731.584074][ T7480] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 6731.942399][ T7480] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 6763.263731][ T7480] hsr_slave_0: entered promiscuous mode [ 6763.314927][ T7480] hsr_slave_1: entered promiscuous mode [ 6763.373529][ T7480] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 6763.384648][ T7480] Cannot create hsr debugfs directory [ 6788.483412][ T7480] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 6788.941218][ T7480] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 6789.273978][ T7480] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 6789.833877][ T7480] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 6793.149880][ T7597] kvm [7597]: Failed to find VMA for hva 0x2036f000 [ 6804.742914][ T7617] kvm [7617]: Failed to find VMA for hva 0x21016000 [ 6816.233867][ T7480] 8021q: adding VLAN 0 to HW filter on device bond0 [ 6890.409358][ T7684] kvm [7684]: Failed to find VMA for hva 0x20d8d000 [ 6918.439487][ T7480] veth0_vlan: entered promiscuous mode [ 6919.470120][ T7480] veth1_vlan: entered promiscuous mode [ 6922.858884][ T7480] veth0_macvtap: entered promiscuous mode [ 6923.430893][ T7480] veth1_macvtap: entered promiscuous mode [ 6926.252351][ T7480] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 6926.298256][ T7480] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 6926.308816][ T7480] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 6926.319844][ T7480] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 6928.677481][ T25] audit: type=1400 audit(6927.770:109): avc: denied { mounton } for pid=7480 comm="syz-executor" path="/syzkaller.o2lbTY/syz-tmp" dev="vda" ino=1879 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 6951.094828][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6952.310968][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6953.764459][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6955.212223][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6977.142320][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 6977.519799][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 6977.778367][ T12] bond0 (unregistering): Released all slaves [ 6980.350321][ T12] hsr_slave_0: left promiscuous mode [ 6980.498065][ T12] hsr_slave_1: left promiscuous mode [ 6981.146457][ T12] veth1_macvtap: left promiscuous mode [ 6981.152524][ T12] veth0_macvtap: left promiscuous mode [ 6981.193355][ T12] veth1_vlan: left promiscuous mode [ 6981.213792][ T12] veth0_vlan: left promiscuous mode [ 7058.599902][ T7725] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 7058.868686][ T7725] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 7089.789306][ T7725] hsr_slave_0: entered promiscuous mode [ 7089.892361][ T7725] hsr_slave_1: entered promiscuous mode [ 7115.083677][ T7725] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 7115.481360][ T7725] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 7115.850990][ T7725] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 7116.134667][ T7725] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 7130.290705][ T7864] kvm [7864]: Failed to find VMA for hva 0x20c01000 [ 7142.809506][ T7725] 8021q: adding VLAN 0 to HW filter on device bond0 [ 7233.115039][ T7725] veth0_vlan: entered promiscuous mode [ 7233.791800][ T7725] veth1_vlan: entered promiscuous mode [ 7236.202162][ T7725] veth0_macvtap: entered promiscuous mode [ 7236.588805][ T7725] veth1_macvtap: entered promiscuous mode [ 7238.637784][ T7725] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 7238.647356][ T7725] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 7238.661256][ T7725] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 7238.688148][ T7725] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 7429.843807][ T8080] kvm [8080]: Failed to find VMA for hva 0x21016000 [ 7765.204170][ T8303] kvm [8303]: Failed to find VMA for hva 0x21016000 [ 7765.329214][ T8303] kvm [8303]: Failed to find VMA for hva 0x21016000 [ 7829.458525][ T8339] kvm [8339]: Failed to find VMA for hva 0x20d8d000 [ 8070.579525][ T8502] kvm [8502]: Failed to find VMA for hva 0x20d8d000 [ 8153.989441][ T8565] kvm [8565]: Failed to find VMA for hva 0x20c01000 [ 8326.632453][ T8682] kvm [8682]: Failed to find VMA for hva 0x20d8d000 [ 8458.162213][ T8771] KVM: debugfs: duplicate directory 8771-5 [ 8615.640551][ T8870] print_sys_reg_msg: 215 callbacks suppressed [ 8615.677657][ T8870] kvm [8869]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 8615.677657][ T8870] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 8615.707370][ T8870] kvm [8869]: Unsupported guest CP15 access at: 00000100 [000001db] [ 8615.707370][ T8870] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 8615.751434][ T8870] kvm [8869]: Unsupported guest CP15 access at: 00000100 [000001db] [ 8615.751434][ T8870] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 8615.770075][ T8870] kvm [8869]: Unsupported guest CP15 access at: 00000100 [000001db] [ 8615.770075][ T8870] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 8615.803667][ T8870] kvm [8869]: Unsupported guest CP15 access at: 00000100 [000001db] [ 8615.803667][ T8870] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 8615.858377][ T8870] kvm [8869]: Unsupported guest CP15 access at: 00000100 [000001db] [ 8615.858377][ T8870] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 8615.881074][ T8870] kvm [8869]: Unsupported guest CP15 access at: 00000100 [000001db] [ 8615.881074][ T8870] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 8615.941892][ T8870] kvm [8869]: Unsupported guest CP15 access at: 00000100 [000001db] [ 8615.941892][ T8870] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 8615.970414][ T8870] kvm [8869]: Unsupported guest CP15 access at: 00000100 [000001db] [ 8615.970414][ T8870] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 8616.014167][ T8870] kvm [8869]: Unsupported guest CP15 access at: 00000100 [000001db] [ 8616.014167][ T8870] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 8620.649849][ T8870] print_sys_reg_msg: 459 callbacks suppressed [ 8620.713780][ T8870] kvm [8869]: Unsupported guest CP15 access at: 00000100 [000001db] [ 8620.713780][ T8870] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 8620.750048][ T8870] kvm [8869]: Unsupported guest CP15 access at: 00000100 [000001db] [ 8620.750048][ T8870] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 8620.792294][ T8870] kvm [8869]: Unsupported guest CP15 access at: 00000100 [000001db] [ 8620.792294][ T8870] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 8620.878492][ T8870] kvm [8869]: Unsupported guest CP15 access at: 00000100 [000001db] [ 8620.878492][ T8870] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 8620.970364][ T8870] kvm [8869]: Unsupported guest CP15 access at: 00000100 [000001db] [ 8620.970364][ T8870] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 8621.071695][ T8870] kvm [8869]: Unsupported guest CP15 access at: 00000100 [000001db] [ 8621.071695][ T8870] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 8621.099365][ T8870] kvm [8869]: Unsupported guest CP15 access at: 00000100 [000001db] [ 8621.099365][ T8870] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 8621.132338][ T8870] kvm [8869]: Unsupported guest CP15 access at: 00000100 [000001db] [ 8621.132338][ T8870] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 8621.217895][ T8870] kvm [8869]: Unsupported guest CP15 access at: 00000100 [000001db] [ 8621.217895][ T8870] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 8621.263650][ T8870] kvm [8869]: Unsupported guest CP15 access at: 00000100 [000001db] [ 8621.263650][ T8870] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 8755.980694][ T8956] kvm [8956]: Failed to find VMA for hva 0x20c01000 [ 8858.904762][ T9027] KVM: debugfs: duplicate directory 9027-5 [ 8870.170401][ T9034] kvm [9034]: Failed to find VMA for hva 0x21016000 [ 8870.287670][ T9034] kvm [9034]: Failed to find VMA for hva 0x21016000 [ 9221.707238][ T9285] kvm [9285]: Failed to find VMA for hva 0x20d8d000 [ 9327.160887][ T9370] KVM: debugfs: duplicate directory 9370-4 [ 9392.652303][ T9414] print_sys_reg_msg: 314 callbacks suppressed [ 9392.677560][ T9414] kvm [9413]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 9392.677560][ T9414] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 9392.699508][ T9414] kvm [9413]: Unsupported guest CP15 access at: 00000100 [000001db] [ 9392.699508][ T9414] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 9392.748455][ T9414] kvm [9413]: Unsupported guest CP15 access at: 00000100 [000001db] [ 9392.748455][ T9414] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 9392.809322][ T9414] kvm [9413]: Unsupported guest CP15 access at: 00000100 [000001db] [ 9392.809322][ T9414] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 9392.863014][ T9414] kvm [9413]: Unsupported guest CP15 access at: 00000100 [000001db] [ 9392.863014][ T9414] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 9392.909287][ T9414] kvm [9413]: Unsupported guest CP15 access at: 00000100 [000001db] [ 9392.909287][ T9414] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 9392.929435][ T9414] kvm [9413]: Unsupported guest CP15 access at: 00000100 [000001db] [ 9392.929435][ T9414] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 9392.962874][ T9414] kvm [9413]: Unsupported guest CP15 access at: 00000100 [000001db] [ 9392.962874][ T9414] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 9392.991858][ T9414] kvm [9413]: Unsupported guest CP15 access at: 00000100 [000001db] [ 9392.991858][ T9414] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 9393.068403][ T9414] kvm [9413]: Unsupported guest CP15 access at: 00000100 [000001db] [ 9393.068403][ T9414] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 9487.050040][ T9489] ------------[ cut here ]------------ [ 9487.050981][ T9489] WARNING: CPU: 0 PID: 9489 at arch/arm64/kvm/inject_fault.c:63 pend_sync_exception+0x198/0x5ac [ 9487.055264][ T9489] Modules linked in: [ 9487.058187][ T9489] CPU: 0 UID: 0 PID: 9489 Comm: syz.1.1685 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 9487.060422][ T9489] Hardware name: linux,dummy-virt (DT) [ 9487.062054][ T9489] pstate: 81402009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 9487.063744][ T9489] pc : pend_sync_exception+0x198/0x5ac [ 9487.065022][ T9489] lr : pend_sync_exception+0x198/0x5ac [ 9487.066263][ T9489] sp : ffff80008f7478c0 [ 9487.067335][ T9489] x29: ffff80008f7478c0 x28: 0000000000000078 x27: 78f0000018032028 [ 9487.069680][ T9489] x26: 0000000000000078 x25: 0000000000000000 x24: 0000000000000000 [ 9487.071592][ T9489] x23: 0000000000000000 x22: 0000000000000078 x21: 78f0000018032c01 [ 9487.073664][ T9489] x20: 0000000000000007 x19: efff800000000000 x18: 0000000000000000 [ 9487.075601][ T9489] x17: 00000000000000c6 x16: ffff800080011d9c x15: 0000000020000100 [ 9487.077608][ T9489] x14: ffffffffffffffff x13: 0000000000000028 x12: 0000000000000065 [ 9487.079597][ T9489] x11: 0000000000080000 x10: 0000000000000b9d x9 : edff8000a0803000 [ 9487.081672][ T9489] x8 : 0000000000000b9e x7 : ffff800080b08704 x6 : ffff80008f747a88 [ 9487.083620][ T9489] x5 : ffff80008f747a88 x4 : 0000000000000001 x3 : ffff8000801a2e80 [ 9487.085592][ T9489] x2 : 0000000000000000 x1 : 0000000000000002 x0 : 0000000000000000 [ 9487.087778][ T9489] Call trace: [ 9487.088963][ T9489] pend_sync_exception+0x198/0x5ac (P) [ 9487.090508][ T9489] __kvm_inject_sea+0x268/0x96c [ 9487.091952][ T9489] kvm_inject_sea+0x98/0x72c [ 9487.093263][ T9489] __kvm_arm_vcpu_set_events+0x134/0x238 [ 9487.094428][ T9489] kvm_arch_vcpu_ioctl+0xed8/0x16b0 [ 9487.095691][ T9489] kvm_vcpu_ioctl+0x5c4/0xc2c [ 9487.096895][ T9489] __arm64_sys_ioctl+0x18c/0x244 [ 9487.098113][ T9489] invoke_syscall+0x90/0x2b4 [ 9487.099373][ T9489] el0_svc_common+0x180/0x2f4 [ 9487.100640][ T9489] do_el0_svc+0x58/0x74 [ 9487.101779][ T9489] el0_svc+0x58/0x160 [ 9487.102928][ T9489] el0t_64_sync_handler+0x78/0x108 [ 9487.104157][ T9489] el0t_64_sync+0x198/0x19c [ 9487.105581][ T9489] irq event stamp: 1564 [ 9487.106539][ T9489] hardirqs last enabled at (1563): [] _raw_read_unlock_irqrestore+0x44/0xbc [ 9487.108405][ T9489] hardirqs last disabled at (1564): [] el1_dbg+0x24/0x80 [ 9487.109879][ T9489] softirqs last enabled at (1554): [] handle_softirqs+0xb8c/0xd08 [ 9487.111555][ T9489] softirqs last disabled at (1549): [] __do_softirq+0x14/0x20 [ 9487.113335][ T9489] ---[ end trace 0000000000000000 ]--- SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 9498.625032][ T21] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9500.652286][ T21] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9502.214692][ T21] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 9503.512023][ T21] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 VM DIAGNOSIS: 22:11:48 Registers: info registers vcpu 0 CPU#0 PC=ffff800080453598 X00=0000000000000001 X01=65f000001d80a860 X02=ffff8000804580e0 X03=0000000000000000 X04=ffff80008f746f20 X05=0000000000000020 X06=0000000000000000 X07=ffff80008047db18 X08=00000000000c0410 X09=ffff800087d639a8 X10=ffff800087f39a30 X11=0000000000000144 X12=0000000000000044 X13=0000000000000002 X14=00000000000000c8 X15=ffff800087f39a30 X16=ffff800080011d9c X17=00000000000000c6 X18=0000000000000000 X19=0000000000000000 X20=0000000000000000 X21=ffff80008047db18 X22=ffff8000877e6618 X23=0000000000000000 X24=0000000000000001 X25=0000000000000000 X26=ffff800087666580 X27=00000000000003c0 X28=0000000000000000 X29=ffff80008f7470e0 X30=ffff800080451698 SP=ffff80008f747090 PSTATE=204023c9 --C- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000 P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000 FFR=0000 Z00=0000000000000000:0000000000000000 Z01=ffffffffffff0000:0000000000000000 Z02=0000000000000000:ffffff0000000000 Z03=ffffffffffff00ff:0000ff000000ff00 Z04=0000000000000000:ffffff0f00f000f0 Z05=00c0003000030000:00c0003000030000 Z06=0000000000000073:0000aaaae3f9e3e0 Z07=0000000000000074:0000aaaae3f9b620 Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000 Z16=0000ffffda8bb7c0:0000ffffda8bb7c0 Z17=ffffff80ffffffd8:0000ffffda8bb790 Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000