last executing test programs: 57.631825438s ago: executing program 1 (id=1395): r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$arm64(r3, &(0x7f0000c00000/0x400000)=nil) r5 = syz_kvm_add_vcpu$arm64(r4, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="820000000000000028000000000000010000000000000001000000000000000100000000000000000028000000000000000b0000000000040000000e000800"/79], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r3, 0x100000000001, 0x3e0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r5, 0xae80, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r8 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r7, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1) ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000040)={0x7, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000280)=@attr_arm64={0x0, 0x0, 0x3, 0x0}) ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x12, r7, 0x0) r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r12, 0x40086602, 0x110caafffd) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0) r13 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r7, 0x4018aee3, &(0x7f0000000080)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000000)=0x101}) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x0) r16 = mmap$KVM_VCPU(&(0x7f0000cc9000/0x2000)=nil, 0x930, 0x3, 0x11, r15, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r16, 0x20, &(0x7f0000000100)="dca03703eabf33fc49610f3c6782811828496c12d65086daa0744cee5881c4bc991b68c81b911509cfd2d61ff892b8a3aa5d736f7f52d82a35408c439faed3963264641bfb3816dc", 0x0, 0x48) ioctl$KVM_GET_VCPU_MMAP_SIZE(r13, 0xae04) 53.082453893s ago: executing program 0 (id=1396): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2041, 0x0) r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f000000e000/0x3000)=nil, r1, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000c8e000/0x2000)=nil, r1, 0x1000006, 0x1010, r2, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x909483, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x4) ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000000)={0x5, 0xa}) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000180)=@arm64_fp={0x604000000010008a, 0x0}) r6 = openat$kvm(0xffffffffffffff9c, 0x0, 0x65a480, 0x0) ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0xef) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000}) r7 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) munmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) r10 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r9, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r9, 0x0) r11 = eventfd2(0x0, 0x0) r12 = openat$kvm(0x0, &(0x7f0000000180), 0x0, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000f7e000/0x4000)=nil, r1, 0x3000000, 0x4f832, 0xffffffffffffffff, 0x0) r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x4) ioctl$KVM_ARM_VCPU_INIT(r14, 0x4020aeae, &(0x7f0000000080)={0x5, 0x1}) ioctl$KVM_SET_ONE_REG(r14, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000100)=0x17}) close(r11) 42.252355503s ago: executing program 1 (id=1397): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_RESET_DIRTY_RINGS(r0, 0xaec7) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000000)={0xb, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000000080)=@attr_arm64={0x0, 0x2, 0x0, &(0x7f0000000040)=0x1}) r2 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000bfd000/0x400000)=nil) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f00000000c0)={0x3, 0x0, [{0x1, 0x4, 0x0, 0x0, @irqchip={0x3ff, 0x346}}, {0x7, 0x2, 0x0, 0x0, @irqchip={0xffff}}, {0x9, 0x5, 0x1, 0x0, @adapter={0x200, 0x80, 0x8000000000000001}}]}) r3 = eventfd2(0x8, 0x0) write$eventfd(r3, &(0x7f0000000180)=0x5, 0x8) r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r4, 0xae03, 0x3) munmap(&(0x7f0000e66000/0x3000)=nil, 0x3000) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000700)={0x0, &(0x7f00000001c0)=[@memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x8, 0x3, 0x2}}, @msr={0x14, 0x20, {0x603000000013c085, 0x52}}, @hvc={0x32, 0x40, {0x4000000, [0x9, 0x200, 0x7ff, 0xa59]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x100, 0x1, 0xc}}, @uexit={0x0, 0x18, 0x3}, @code={0xa, 0xb4, {"0098207e20de96d20080b8f2210180d2220180d2830180d2e40080d2020000d4807c82d200a0b8f2c10180d2220180d2a30080d2040080d2020000d4e0029cd20000b8f2e10080d2220080d2630180d2c40080d2020000d400a8205e0080e00da0278cd20000b0f2610180d2a20180d2230180d2840080d2020000d4408784d200c0b8f2210080d2a20080d2030080d2440080d2020000d4000008d5007008d5"}}, @code={0xa, 0x54, {"007008d50020e00d007008d5209199d200c0b0f2010080d2420180d2e30180d2240080d2020000d4008008d500fc200e007008d50040206e007008d5000028d5"}}, @hvc={0x32, 0x40, {0x80000000, [0x9, 0xf, 0x7, 0x3ff, 0x2]}}, @its_setup={0x82, 0x28, {0x2, 0x0, 0x249}}, @its_send_cmd={0xaa, 0x28, {0x94379b37c770eb81, 0x1, 0x0, 0x2, 0x7, 0x2, 0x2}}, @smc={0x1e, 0x40, {0x84000002, [0x1, 0x4c, 0x1000, 0x5, 0x4]}}, @smc={0x1e, 0x40, {0x2000, [0x9, 0x54a, 0x4, 0x4, 0x889]}}, @eret={0xe6, 0x18, 0x1}, @code={0xa, 0x84, {"007008d50020400d000000310020006fc0999bd20000b8f2a10080d2020080d2a30080d2440180d2020000d480bf8bd200a0b0f2610180d2a20180d2430180d2c40180d2020000d40000af9e40ca92d200e0b0f2410080d2620080d2430180d2240080d2020000d4000028d50084007f"}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x24a}}, @eret={0xe6, 0x18, 0x3a8}, @uexit={0x0, 0x18, 0x3}, @smc={0x1e, 0x40, {0x84000053, [0xfffffffffffffff8, 0x8, 0x401, 0x8, 0x4]}}, @hvc={0x32, 0x40, {0x32000000, [0xe33, 0x5, 0x24, 0x1000, 0x3e2]}}, @smc={0x1e, 0x40, {0x86000001, [0x6, 0xfffffffffffffffe, 0x5, 0x6, 0x2b]}}, @smc={0x1e, 0x40, {0x84000005, [0x40, 0x7, 0xc2dd, 0x6, 0x4]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x4767893b3cfa8d9d, 0x955f, 0x1}}], 0x514}, &(0x7f0000000740)=[@featur1={0x1, 0x2}], 0x1) syz_kvm_setup_cpu$arm64(r4, r5, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000c80)=[{0x0, &(0x7f0000000780)=[@uexit={0x0, 0x18, 0x1}, @irq_setup={0x46, 0x18, {0x4, 0x1b6}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffd0, 0x7, 0xf}}, @uexit={0x0, 0x18, 0x4}, @msr={0x14, 0x20, {0x603000000013c112, 0x1}}, @svc={0x122, 0x40, {0xc4000001, [0xd483, 0x9, 0x2, 0x0, 0x826]}}, @irq_setup={0x46, 0x18, {0x4, 0xdc}}, @eret={0xe6, 0x18, 0x3}, @smc={0x1e, 0x40, {0xc4000007, [0xd, 0x4, 0x101, 0x7, 0x10001]}}, @svc={0x122, 0x40, {0x86000000, [0x7, 0x40, 0x31c, 0x5, 0x10000]}}, @memwrite={0x6e, 0x30, @generic={0xdddd0000, 0x132, 0x6, 0x1}}, @hvc={0x32, 0x40, {0x8400000c, [0xe7a, 0x6, 0x26, 0x800, 0x3]}}, @its_send_cmd={0xaa, 0x28, {0x4, 0x1, 0x2, 0x0, 0x1, 0x0, 0x4}}, @memwrite={0x6e, 0x30, @generic={0xeeee8000, 0xaf6, 0x0, 0x1}}, @mrs={0xbe, 0x18, {0x603000000013e534}}, @its_send_cmd={0xaa, 0x28, {0x8, 0x0, 0x3, 0x10, 0x10000, 0x8}}, @mrs={0xbe, 0x18, {0x603000000013df49}}, @uexit={0x0, 0x18, 0x5000}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x1200, 0x7}}, @hvc={0x32, 0x40, {0x86000000, [0xa606, 0x2, 0x1, 0x10000, 0x3]}}, @mrs={0xbe, 0x18, {0x60300000001383c6}}, @irq_setup={0x46, 0x18, {0x3, 0x42}}, @irq_setup={0x46, 0x18, {0x2, 0x19f}}, @memwrite={0x6e, 0x30, @generic={0x5000, 0x8b3, 0x2}}, @memwrite={0x6e, 0x30, @generic={0x100000, 0xd50, 0x2, 0x3}}, @eret={0xe6, 0x18, 0x644}, @smc={0x1e, 0x40, {0x100, [0x5, 0x0, 0x7fffffff, 0x100000001, 0x8]}}, @mrs={0xbe, 0x18, {0x328a}}, @memwrite={0x6e, 0x30, @generic={0x2000, 0xa37, 0xfffffffffffffffb, 0xf}}, @its_send_cmd={0xaa, 0x28, {0x2, 0x0, 0x3, 0x8, 0x3, 0x1800000, 0x3}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x100, 0x0, 0x6}}, @its_setup={0x82, 0x28, {0x4, 0x1, 0x333}}], 0x4f8}], 0x1, 0x0, &(0x7f0000000cc0)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000ec0)={0x0, &(0x7f0000000d00)=[@irq_setup={0x46, 0x18, {0x0, 0x266}}, @eret={0xe6, 0x18, 0x7fffffffffffffff}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x1ba}}, @mrs={0xbe, 0x18, {0x603000000013dee9}}, @mrs={0xbe, 0x18, {0x603000000013fffb}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x4, 0xd, 0x10fe, 0x4e, 0x4}}, @uexit={0x0, 0x18, 0x7}, @eret={0xe6, 0x18, 0x9}, @its_setup={0x82, 0x28, {0x3, 0x4, 0x266}}, @its_send_cmd={0xaa, 0x28, {0xb, 0x0, 0x1, 0x5, 0x3, 0x5, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013df4f}}, @uexit={0x0, 0x18, 0x5427}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x24b}}], 0x188}, &(0x7f0000000f00)=[@featur2={0x1, 0x9}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r6, 0x4018aee1, &(0x7f0000000f80)=@attr_pmu_filter={0x0, 0x0, 0x2, &(0x7f0000000f40)={0x5, 0x2}}) r7 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000015c0)={0x0, &(0x7f0000000fc0)=[@msr={0x14, 0x20, {0x603000000013c2b1, 0x6}}, @mrs={0xbe, 0x18, {0x603000000013dee3}}, @hvc={0x32, 0x40, {0xc4000005, [0x3, 0x2, 0x9, 0x3, 0xf8]}}, @svc={0x122, 0x40, {0x6000000, [0x100, 0x1ff, 0x4, 0x4]}}, @hvc={0x32, 0x40, {0xc4000012, [0x80, 0x7, 0x4, 0x6, 0xed]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x400, 0x1, 0x8}}, @svc={0x122, 0x40, {0x84000014, [0xb5, 0x1, 0x6, 0x3, 0x7fffffff]}}, @smc={0x1e, 0x40, {0x1000000, [0x1, 0xfff, 0x7, 0xfffffffffffffade, 0x427b]}}, @smc={0x1e, 0x40, {0x0, [0x6, 0xccb0, 0x8000000000000000, 0xfffffffffffff000, 0x2]}}, @code={0xa, 0xb4, {"008008d5008008d50004c05ae02895d200c0b0f2610080d2820080d2230080d2e40180d2020000d400b0200e00b585d20040b0f2210080d2020080d2a30080d2a40180d2020000d4000028d540818bd20040b8f2c10080d2020180d2830180d2e40080d2020000d4c01380d20000b8f2c10180d2020080d2230080d2a40180d2020000d4c07784d200c0b0f2e10180d2020180d2230080d2840080d2020000d4"}}, @irq_setup={0x46, 0x18, {0x3, 0x23e}}, @irq_setup={0x46, 0x18, {0x3, 0x382}}, @uexit={0x0, 0x18, 0xd}, @uexit={0x0, 0x18, 0x960e}, @mrs={0xbe, 0x18, {0x603000000013e208}}, @smc={0x1e, 0x40, {0x4000, [0x9, 0x8, 0x965a, 0x5, 0x2]}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x4, 0x4, 0x0, 0x9, 0x4}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x4, 0x8, 0x80, 0x4e9c}}, @msr={0x14, 0x20, {0x603000000013c024, 0xfffffffffffffffb}}, @smc={0x1e, 0x40, {0x8400000d, [0x7, 0xc5c, 0x100, 0x0, 0x5]}}, @mrs={0xbe, 0x18, {0x603000000013f510}}, @mrs={0xbe, 0x18, {0x603000000013e091}}, @uexit={0x0, 0x18, 0x1}, @uexit={0x0, 0x18, 0x6}, @smc={0x1e, 0x40, {0x8000, [0xfffffffffffffff6, 0x5, 0x7, 0x0, 0xa]}}, @uexit={0x0, 0x18}, @uexit={0x0, 0x18, 0x1}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x4, 0x4, 0x1, 0x6, 0x3}}, @hvc={0x32, 0x40, {0x200, [0xfffffffffffffff4, 0x2, 0x6, 0xa, 0x4]}}, @memwrite={0x6e, 0x30, @generic={0x5001, 0x1bb, 0x7, 0x2}}, @irq_setup={0x46, 0x18, {0x4, 0x15a}}, @hvc={0x32, 0x40, {0x84000003, [0xffffffffffffffc6, 0x0, 0x9, 0x3afe, 0x100000000]}}], 0x5c4}, &(0x7f0000001600)=[@featur2={0x1, 0xb}], 0x1) r8 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000001640)={0x5, 0xffffffffffffffff, 0x1}) r9 = eventfd2(0x2, 0x80001) write$eventfd(r9, &(0x7f0000001680)=0x9, 0x8) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000001a00)={0x0, &(0x7f00000016c0)=[@its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x4, 0xd, 0x7, 0x1000, 0x2}}, @its_send_cmd={0xaa, 0x28, {0x18, 0x0, 0x2, 0x2, 0x0, 0x7, 0x2}}, @msr={0x14, 0x20, {0x603000000013802e, 0x4}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80e0000, 0x8, 0x1, 0x6}}, @its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x1, 0x0, 0xc, 0x9, 0x2}}, @uexit={0x0, 0x18, 0x8}, @irq_setup={0x46, 0x18, {0x1, 0x63}}, @smc={0x1e, 0x40, {0x4, [0x9, 0x7, 0x8, 0xbc, 0xf62]}}, @hvc={0x32, 0x40, {0x86000008, [0xaa, 0x1, 0x8, 0x1, 0x74]}}, @svc={0x122, 0x40, {0x80000001, [0x8, 0xffffffff, 0x7, 0x7, 0x1ff]}}, @eret={0xe6, 0x18, 0x3}, @irq_setup={0x46, 0x18, {0x0, 0x2af}}, @svc={0x122, 0x40, {0xc4000005, [0x0, 0x3ff, 0x8, 0xb1, 0x2]}}, @memwrite={0x6e, 0x30, @generic={0x2000, 0x742, 0xa, 0x8}}, @its_setup={0x82, 0x28, {0x2, 0x1, 0x3b}}, @irq_setup={0x46, 0x18, {0x4, 0x191}}, @mrs={0xbe, 0x18, {0x603000000013df75}}, @eret={0xe6, 0x18, 0xfffffffffffffffb}, @its_setup={0x82, 0x28, {0x4, 0x0, 0x13a}}, @irq_setup={0x46, 0x18, {0x0, 0x38c}}, @irq_setup={0x46, 0x18, {0x0, 0x270}}], 0x320}, &(0x7f0000001a40)=[@featur2={0x1, 0x52}], 0x1) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000001a80)="8a145a1fee97d17577b7147083508fb326bd5e80951c7f0f4e7ec2bc731b02fb1c3aff7b3fc21e8fd3e2429594cb4521f8c987a0f9d72739c5bc0188bee46fe7960d3876ace88040", 0x0, 0x48) ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r1, 0x4018aee3, &(0x7f0000001b40)=@attr_irq_timer={0x0, 0x1, 0x1, &(0x7f0000001b00)=0x1a}) ioctl$KVM_SET_SIGNAL_MASK(r7, 0x4004ae8b, &(0x7f0000001b80)={0xf2, "16a3762b4531fce37e8d69b9fa8d71c91340fa8b64a4d83a4b07579a26d727cb309c8ccccf82211aebfde5f505dd9bac5e47eb5f0072ca7fc5cad0eb98fe6842065756800b8e5c35ef9227ef65abf9c86d79a0aa5eac9a065a0d395411e39813228f9f53e164ba7e196f820526fab2b719231f03ce6ee753c1e1ce8e06e7b8f3ddbf48e20c48658ce8af48a0b0895ec8d09525afc15155d748a6d26e63578fe3808916d3e6033601b84a0681f8e67ad2dc7875178c173c1d0859af3d825796f462af00ad0dbed08f27845dd3c851e67eba41a010c21d9a0b426dc15dec2e2ce46c18510fe08c7096c31ffea5d08265935ded"}) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000001c80)="fe04cbd740852daa15ae2d5eeef2237defa44ba947c7a5ee2a14ef55f7693bfef3241fc91428f872797c63f48690b40f0682a5f503e05ebb5e211bd4d79a06cbc530a3c3f1f33aa5", 0x0, 0x48) 41.512290772s ago: executing program 0 (id=1398): munmap(&(0x7f0000f14000/0x3000)=nil, 0x3000) munmap(&(0x7f0000057000/0x4000)=nil, 0x4000) (async) munmap(&(0x7f0000057000/0x4000)=nil, 0x4000) munmap(&(0x7f0000c90000/0x1000)=nil, 0x1000) (async) munmap(&(0x7f0000c90000/0x1000)=nil, 0x1000) munmap(&(0x7f0000482000/0x2000)=nil, 0x2000) munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000) (async) munmap(&(0x7f0000e76000/0x12000)=nil, 0x12000) mmap$KVM_VCPU(&(0x7f0000fed000/0x3000)=nil, 0x930, 0x0, 0x4030031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000ff2000/0xd000)=nil, 0xd000) (async) munmap(&(0x7f0000ff2000/0xd000)=nil, 0xd000) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x43133, 0xffffffffffffffff, 0xfffffffff0000000) munmap(&(0x7f0000ff5000/0x1000)=nil, 0x1000) munmap(&(0x7f0000db0000/0x1000)=nil, 0x1000) munmap(&(0x7f0000fff000/0x1000)=nil, 0x1000) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r1, 0x4020aeae, &(0x7f0000000000)={0x5, 0x8}) syz_kvm_vgic_v3_setup(r0, 0x5, 0x40) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r1, 0x4018aee1, &(0x7f0000000300)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f00000002c0)=0x64}) mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, 0x0, 0x2000002, 0x30, r1, 0x0) (async) r2 = mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, 0x0, 0x2000002, 0x30, r1, 0x0) syz_memcpy_off$KVM_EXIT_MMIO(r2, 0x20, &(0x7f0000000040)="cb11d8ede925def7880fc0bd252962f95b11867929c8e2e1", 0x0, 0x18) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$arm64(r4, r5, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x36c}], 0x1, 0x0, 0x0, 0x0) (async) syz_kvm_setup_cpu$arm64(r4, r5, &(0x7f0000000000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x36c}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) (async) ioctl$KVM_RUN(r5, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000d10000/0xa000)=nil, 0x930, 0x3000006, 0x28031, 0xffffffffffffffff, 0x0) (async) r6 = mmap$KVM_VCPU(&(0x7f0000d10000/0xa000)=nil, 0x930, 0x3000006, 0x28031, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x80000400004) 34.692927567s ago: executing program 1 (id=1399): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xf) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) 31.565671939s ago: executing program 0 (id=1400): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000200)={0x5, 0x8}) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async) ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f0000000140)={0xdddd0000, 0x104000}) (async) ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f0000000000)={0x100000, 0x8000}) (async) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r5, 0x4010ae68, &(0x7f0000000100)={0x80a0000}) (async) syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000180)={0x0, &(0x7f0000000380)=ANY=[], 0x11d}, 0x0, 0x0) 25.394988438s ago: executing program 1 (id=1401): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000000), 0x121e82, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000240), 0xca680, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="8200000000000000280000000000000001000000000000f500000000000000000200000000000000aa0000000000000028000000000000000f"], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r4, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff, 0x1}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r6, 0xae80, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r8, 0xae03, 0x9e) r9 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0x4020aeae, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000000000000000000082"]) ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)}) ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000002c0)=@attr_arm64={0x0, 0x1, 0x0, &(0x7f0000000280)=0x1}) ioctl$KVM_SET_DEVICE_ATTR(r11, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) r12 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) r13 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r13, 0x4020aeae, &(0x7f0000000340)={0x5}) r14 = syz_kvm_vgic_v3_setup(r2, 0x2, 0x40) ioctl$KVM_RUN(r13, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0x9, 0x200ff, &(0x7f0000000180)=0x2}) r15 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x0) ioctl$KVM_SET_ONE_REG(r12, 0x4010aeac, &(0x7f0000000100)=@arm64_core={0x6030000000100044, &(0x7f0000000080)=0x8}) 20.659891323s ago: executing program 0 (id=1402): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xe5) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000080)=@arm64_fp={0x60400000001000a2}) 11.777338481s ago: executing program 0 (id=1403): openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x10400, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x2081, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r2, 0x4068aea3, &(0x7f00000001c0)={0xdf, 0x0, 0x19000}) openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) (async) r3 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) r5 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x7, 0x4f832, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x801c581f, 0x0) ioctl$KVM_HAS_DEVICE_ATTR_vm(r6, 0x4018aee3, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000000)={0x10201, 0x6, 0x4, 0x1000, &(0x7f0000ffe000/0x1000)=nil}) ioctl$KVM_GET_API_VERSION(r0, 0x2, 0x1000000000000) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) 6.83710831s ago: executing program 1 (id=1404): r0 = mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x1dcff7e4afce9601, 0x10, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x3, 0x4102932, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x180000b, 0x11, r3, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000080)="fb0149dd033be3ac2cc4a29ea6abf4e7454e37c4b85400005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa76c869d22627e700", 0x0, 0x29) r5 = mmap$KVM_VCPU(&(0x7f0000011000/0x1000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0) r6 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) syz_memcpy_off$KVM_EXIT_MMIO(r5, 0x20, &(0x7f0000000000)="6e36438f10f619cc942905cb3dd59a85766a91cf8a258a3a", 0x0, 0x18) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4}) ioctl$KVM_CREATE_VM(r6, 0x401c5820, 0x20000000) openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0) munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000240)="fb4149dd033be3ac3bc4a22332fdaa8de0518df242008031d1dfd92f0000000001fff9ffdc9610fbff77521ce30d8f00", 0x0, 0xfcf7) 2.974038517s ago: executing program 0 (id=1405): r0 = openat$kvm(0x0, &(0x7f0000000240), 0xca680, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) ioctl$KVM_ARM_VCPU_INIT(r3, 0x4020aeae, &(0x7f0000000080)={0x5}) (async) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000140)=@arm64_extra={0x603000000013df19, &(0x7f0000000100)=0x1}) (async) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)=@arm64={0x1, 0x34, 0x9, '\x00', 0x9}) (async, rerun: 32) ioctl$KVM_RUN(r3, 0xae80, 0x0) (rerun: 32) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$arm64(r4, &(0x7f0000c00000/0x400000)=nil) r6 = syz_kvm_add_vcpu$arm64(r5, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@hvc={0x32, 0x40, {0x86000001, [0x100000001, 0x80000000, 0x0, 0x400000000005c, 0x6]}}], 0x40}, 0x0, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async, rerun: 64) syz_kvm_vgic_v3_setup(r8, 0x1, 0x40) (async, rerun: 64) ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f00000002c0)={0xffffffffffffffff, 0x1}) (async) ioctl$KVM_RUN(r6, 0xae80, 0x0) 0s ago: executing program 1 (id=1406): r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) ioctl$KVM_GET_ONE_REG(r0, 0x4010aeab, &(0x7f0000000080)=@arm64_fp_extra={0x60200000001000d4, &(0x7f0000000000)=0x2}) (async) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x20200, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000200)={0x5}) (async) r6 = mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000002, 0x11, r5, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) (async) syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000100)="a9adba87ec79baf2e99a2f000000ee52000000000000000350535b5520250425ff7580bae29ce6ee827fdc58891de8a6ebcbad09a58c08df1a1ba156a4a1c0b8603900", 0x0, 0x48) r7 = syz_kvm_vgic_v3_setup(r2, 0x3, 0x40) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x6, 0x382bc663, &(0x7f0000000280)=0xfffffffffffffff8}) kernel console output (not intermixed with test programs): [ 387.142932][ T3132] 8021q: adding VLAN 0 to HW filter on device bond0 [ 444.718184][ T3132] eql: remember to turn off Van-Jacobson compression on your slave devices Warning: Permanently added '[localhost]:15441' (ED25519) to the list of known hosts. [ 604.135879][ T25] audit: type=1400 audit(603.210:61): avc: denied { name_bind } for pid=3290 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 605.070729][ T25] audit: type=1400 audit(604.140:62): avc: denied { execute } for pid=3291 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 605.098275][ T25] audit: type=1400 audit(604.170:63): avc: denied { execute_no_trans } for pid=3291 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 630.583354][ T25] audit: type=1400 audit(629.650:64): avc: denied { mounton } for pid=3291 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 630.615377][ T25] audit: type=1400 audit(629.690:65): avc: denied { mount } for pid=3291 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 630.697520][ T3291] cgroup: Unknown subsys name 'net' [ 630.749023][ T25] audit: type=1400 audit(629.820:66): avc: denied { unmount } for pid=3291 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 631.161981][ T3291] cgroup: Unknown subsys name 'cpuset' [ 631.263710][ T3291] cgroup: Unknown subsys name 'rlimit' [ 632.173382][ T25] audit: type=1400 audit(631.250:67): avc: denied { setattr } for pid=3291 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 632.193519][ T25] audit: type=1400 audit(631.260:68): avc: denied { mounton } for pid=3291 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 632.224553][ T25] audit: type=1400 audit(631.290:69): avc: denied { mount } for pid=3291 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 633.459177][ T3299] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 633.484413][ T25] audit: type=1400 audit(632.550:70): avc: denied { relabelto } for pid=3299 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 633.512298][ T25] audit: type=1400 audit(632.580:71): avc: denied { write } for pid=3299 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 633.686292][ T25] audit: type=1400 audit(632.760:72): avc: denied { read } for pid=3291 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 633.707331][ T25] audit: type=1400 audit(632.780:73): avc: denied { open } for pid=3291 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 633.778269][ T3291] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 682.035201][ T25] audit: type=1400 audit(681.110:74): avc: denied { execmem } for pid=3300 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 685.718609][ T25] audit: type=1400 audit(684.790:75): avc: denied { read } for pid=3302 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 685.754600][ T25] audit: type=1400 audit(684.830:76): avc: denied { open } for pid=3302 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 685.825572][ T25] audit: type=1400 audit(684.900:77): avc: denied { mounton } for pid=3302 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 686.076096][ T25] audit: type=1400 audit(685.150:79): avc: denied { module_request } for pid=3303 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 686.087698][ T25] audit: type=1400 audit(685.140:78): avc: denied { module_request } for pid=3302 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 687.254215][ T25] audit: type=1400 audit(686.320:80): avc: denied { sys_module } for pid=3303 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 715.605605][ T3302] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 715.871864][ T3302] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 716.445752][ T3303] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 716.927967][ T3303] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 729.264803][ T3302] hsr_slave_0: entered promiscuous mode [ 729.294199][ T3302] hsr_slave_1: entered promiscuous mode [ 730.378870][ T3303] hsr_slave_0: entered promiscuous mode [ 730.415267][ T3303] hsr_slave_1: entered promiscuous mode [ 730.445471][ T3303] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 730.456811][ T3303] Cannot create hsr debugfs directory [ 735.823024][ T25] audit: type=1400 audit(734.890:81): avc: denied { create } for pid=3302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 735.872024][ T25] audit: type=1400 audit(734.940:82): avc: denied { write } for pid=3302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 735.931337][ T25] audit: type=1400 audit(735.000:83): avc: denied { read } for pid=3302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 736.076411][ T3302] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 736.396805][ T3302] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 736.744237][ T3302] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 737.121686][ T3302] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 738.548322][ T3303] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 738.724020][ T3303] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 738.878482][ T3303] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 739.096206][ T3303] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 752.114978][ T3302] 8021q: adding VLAN 0 to HW filter on device bond0 [ 754.494238][ T3303] 8021q: adding VLAN 0 to HW filter on device bond0 [ 811.478529][ T3302] veth0_vlan: entered promiscuous mode [ 811.913161][ T3302] veth1_vlan: entered promiscuous mode [ 813.898443][ T3302] veth0_macvtap: entered promiscuous mode [ 814.483522][ T3302] veth1_macvtap: entered promiscuous mode [ 814.598116][ T3303] veth0_vlan: entered promiscuous mode [ 815.368744][ T3303] veth1_vlan: entered promiscuous mode [ 816.736850][ T3302] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 816.748725][ T3302] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 816.758077][ T3302] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 816.778670][ T3302] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 819.181153][ T3303] veth0_macvtap: entered promiscuous mode [ 819.974517][ T3303] veth1_macvtap: entered promiscuous mode [ 820.500456][ T25] audit: type=1400 audit(819.560:84): avc: denied { mount } for pid=3302 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 820.785279][ T25] audit: type=1400 audit(819.820:85): avc: denied { mounton } for pid=3302 comm="syz-executor" path="/syzkaller.A1tfff/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 821.012263][ T25] audit: type=1400 audit(820.080:86): avc: denied { mount } for pid=3302 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 821.464729][ T25] audit: type=1400 audit(820.540:87): avc: denied { mounton } for pid=3302 comm="syz-executor" path="/syzkaller.A1tfff/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 821.752892][ T25] audit: type=1400 audit(820.790:88): avc: denied { mounton } for pid=3302 comm="syz-executor" path="/syzkaller.A1tfff/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 822.834848][ T25] audit: type=1400 audit(821.910:89): avc: denied { unmount } for pid=3302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 822.868169][ T3303] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 822.885040][ T3303] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 822.901288][ T3303] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 822.912621][ T3303] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 823.296182][ T25] audit: type=1400 audit(822.320:90): avc: denied { mounton } for pid=3302 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 823.470654][ T25] audit: type=1400 audit(822.530:91): avc: denied { mount } for pid=3302 comm="syz-executor" name="/" dev="gadgetfs" ino=3278 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 824.031509][ T25] audit: type=1400 audit(823.100:92): avc: denied { mount } for pid=3302 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 824.153048][ T25] audit: type=1400 audit(823.210:93): avc: denied { mounton } for pid=3302 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 826.262496][ T3302] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 827.711408][ T25] kauditd_printk_skb: 1 callbacks suppressed [ 827.725045][ T25] audit: type=1400 audit(826.780:95): avc: denied { read write } for pid=3302 comm="syz-executor" name="loop0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 827.800744][ T25] audit: type=1400 audit(826.790:96): avc: denied { open } for pid=3302 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 827.815440][ T25] audit: type=1400 audit(826.850:97): avc: denied { ioctl } for pid=3302 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=637 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 832.176375][ T25] audit: type=1400 audit(831.210:98): avc: denied { read } for pid=3455 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 832.206464][ T25] audit: type=1400 audit(831.270:99): avc: denied { open } for pid=3455 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 832.421911][ T25] audit: type=1400 audit(831.480:100): avc: denied { ioctl } for pid=3455 comm="syz.0.1" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae04 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 842.251604][ T25] audit: type=1400 audit(841.310:101): avc: denied { append } for pid=3464 comm="syz.1.3" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 845.202060][ T25] audit: type=1400 audit(844.160:102): avc: denied { execute } for pid=3468 comm="syz.0.4" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3426 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 852.145216][ T25] audit: type=1400 audit(851.220:103): avc: denied { write } for pid=3477 comm="syz.0.6" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1005.394202][ T3589] kvm [3589]: Failed to find VMA for hva 0x21016000 [ 1005.532201][ T3589] kvm [3589]: Failed to find VMA for hva 0x21016000 [ 1075.393569][ T25] audit: type=1400 audit(1074.310:104): avc: denied { map } for pid=3639 comm="syz.0.56" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1125.722102][ T25] audit: type=1400 audit(1124.680:105): avc: denied { setattr } for pid=3679 comm="syz.0.65" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1153.247605][ T3699] kvm [3699]: Failed to find VMA for hva 0x20000000 [ 1371.976018][ T3852] debugfs: File 'vgic-its-state@8080000' in directory '3852-9' already present! [ 1532.968642][ T25] audit: type=1400 audit(1532.020:106): avc: denied { ioctl } for pid=3961 comm="syz.0.152" path="net:[4026531840]" dev="nsfs" ino=4026531840 ioctlcmd=0x5829 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 1890.061505][ T4192] kvm [4191]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 1890.061505][ T4192] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1890.079000][ T4192] kvm [4191]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1890.079000][ T4192] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1890.194698][ T4192] kvm [4191]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1890.194698][ T4192] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1890.224538][ T4192] kvm [4191]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1890.224538][ T4192] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1890.272970][ T4192] kvm [4191]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1890.272970][ T4192] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1890.312431][ T4192] kvm [4191]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1890.312431][ T4192] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1890.336709][ T4192] kvm [4191]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1890.336709][ T4192] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1890.348592][ T4192] kvm [4191]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1890.348592][ T4192] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1890.395450][ T4192] kvm [4191]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1890.395450][ T4192] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1890.453544][ T4192] kvm [4191]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1890.453544][ T4192] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2072.794117][ T4309] kvm [4309]: Failed to find VMA for hva 0x20000000 [ 2126.143360][ T4342] kvm [4342]: Failed to find VMA for hva 0x20c01000 [ 2353.702168][ T25] audit: type=1400 audit(2352.760:107): avc: denied { execute } for pid=4509 comm="syz.1.312" path="/sys/kernel/debug/kcov" dev="debugfs" ino=107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=file permissive=1 [ 2411.847437][ T4554] kvm [4554]: Failed to find VMA for hva 0x21016000 [ 2502.141995][ T4614] kvm [4614]: Failed to find VMA for hva 0x205c9000 [ 2525.491900][ T4625] kvm [4625]: Failed to find VMA for hva 0x20c01000 [ 2736.527920][ T4767] kvm [4767]: Failed to find VMA for hva 0x208a1000 [ 2853.122459][ T4850] kvm [4850]: Failed to find VMA for hva 0x20c01000 [ 2898.625400][ T4880] kvm [4880]: Failed to find VMA for hva 0x208a1000 [ 3009.061616][ T25] audit: type=1400 audit(3008.110:108): avc: denied { execute } for pid=4957 comm="syz.1.442" path=2F3232322F10FBFF67525673312B0104 dev="tmpfs" ino=1134 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 3042.401662][ T4983] debugfs: File 'vgic-its-state@8080000' in directory '4983-8' already present! [ 3333.826321][ T25] audit: type=1400 audit(3332.900:109): avc: denied { execute } for pid=5177 comm="syz.0.505" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 3680.832938][ T5422] kvm [5422]: Failed to find VMA for hva 0x208a1000 [ 3815.082348][ T5497] kvm [5497]: Failed to find VMA for hva 0x20c01000 [ 4239.484365][ T5773] kvm [5773]: Failed to find VMA for hva 0x20d8d000 [ 4255.106378][ T5786] kvm [5786]: Failed to find VMA for hva 0x21016000 [ 4332.578112][ T5829] kvm [5829]: Failed to find VMA for hva 0x2101a000 [ 4424.633902][ T5892] debugfs: File 'vgic-its-state@0' in directory '5892-13' already present! [ 4504.968655][ T5948] kvm [5948]: Failed to find VMA for hva 0x20d8d000 [ 4581.866927][ T5992] kvm [5992]: Failed to find VMA for hva 0x21016000 [ 4702.111497][ T25] audit: type=1400 audit(4701.180:110): avc: denied { map } for pid=6085 comm="syz.0.772" path="pipe:[2429]" dev="pipefs" ino=2429 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 4883.784803][ T6222] kvm [6220]: Unsupported guest access at: eeef0000 [ 4883.784803][ T6222] { Op0( 2), Op1( 7), CRn(15), CRm(13), Op2( 1), func_write }, [ 5029.735532][ T6321] kvm [6321]: Failed to find VMA for hva 0x21016000 [ 5063.057221][ T25] audit: type=1400 audit(5062.090:111): avc: denied { getattr } for pid=6341 comm="syz.0.844" path="net:[4026532626]" dev="nsfs" ino=4026532626 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 5110.723214][ T6371] kvm [6371]: Failed to find VMA for hva 0x20d8d000 [ 5379.083713][ T6543] kvm [6543]: Failed to find VMA for hva 0x20c01000 [ 5607.405492][ T6705] kvm [6705]: Failed to find VMA for hva 0x20d8d000 [ 6100.662929][ T7027] kvm [7027]: Failed to find VMA for hva 0x2036f000 [ 6208.581894][ T7096] kvm [7096]: Failed to find VMA for hva 0x20c01000 [ 6548.598369][ T7341] kvm [7341]: Failed to find VMA for hva 0x20c01000 [ 6685.638587][ T7446] kvm [7446]: Failed to find VMA for hva 0x20c01000 [ 6760.011580][ T7491] kvm [7491]: Failed to find VMA for hva 0x21016000 [ 6864.408899][ T4773] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6865.485048][ T4773] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6866.617202][ T4773] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6867.787236][ T4773] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 6880.988861][ T4773] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 6881.106789][ T4773] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 6881.188854][ T4773] bond0 (unregistering): Released all slaves [ 6883.382909][ T4773] hsr_slave_0: left promiscuous mode [ 6883.472538][ T4773] hsr_slave_1: left promiscuous mode [ 6884.265414][ T4773] veth1_macvtap: left promiscuous mode [ 6884.291666][ T4773] veth0_macvtap: left promiscuous mode [ 6884.324462][ T4773] veth1_vlan: left promiscuous mode [ 6884.373690][ T4773] veth0_vlan: left promiscuous mode [ 6975.128942][ T7551] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 6975.497751][ T7551] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 7005.205212][ T7551] hsr_slave_0: entered promiscuous mode [ 7005.292291][ T7551] hsr_slave_1: entered promiscuous mode [ 7005.366992][ T7551] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 7005.375052][ T7551] Cannot create hsr debugfs directory [ 7029.737333][ T7551] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 7030.379026][ T7551] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 7031.085115][ T7551] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 7031.538048][ T7551] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 7058.267849][ T7551] 8021q: adding VLAN 0 to HW filter on device bond0 [ 7160.383911][ T7551] veth0_vlan: entered promiscuous mode [ 7161.315487][ T7551] veth1_vlan: entered promiscuous mode [ 7164.423585][ T7551] veth0_macvtap: entered promiscuous mode [ 7164.961842][ T7551] veth1_macvtap: entered promiscuous mode [ 7167.856927][ T7551] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 7167.884461][ T7551] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 7167.902600][ T7551] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 7167.922273][ T7551] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 7211.055209][ T6167] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7212.675404][ T6167] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7214.307659][ T6167] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7215.693021][ T6167] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 7234.563187][ T6167] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 7234.803505][ T6167] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 7234.975774][ T6167] bond0 (unregistering): Released all slaves [ 7236.936616][ T6167] hsr_slave_0: left promiscuous mode [ 7237.005052][ T6167] hsr_slave_1: left promiscuous mode [ 7237.543123][ T6167] veth1_macvtap: left promiscuous mode [ 7237.563145][ T6167] veth0_macvtap: left promiscuous mode [ 7237.578801][ T6167] veth1_vlan: left promiscuous mode [ 7237.602485][ T6167] veth0_vlan: left promiscuous mode [ 7298.543015][ T7885] kvm [7885]: Failed to find VMA for hva 0x20d8d000 [ 7311.502063][ T7829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 7311.717120][ T7829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 7313.718586][ T7902] kvm [7902]: Failed to find VMA for hva 0x20c01000 [ 7347.053495][ T7829] hsr_slave_0: entered promiscuous mode [ 7347.134085][ T7829] hsr_slave_1: entered promiscuous mode [ 7348.283731][ T7929] kvm [7929]: Failed to find VMA for hva 0x2101a000 [ 7368.953097][ T7829] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 7369.277065][ T7829] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 7369.584689][ T7829] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 7369.952312][ T7829] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 7398.475072][ T7829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 7492.627894][ T7829] veth0_vlan: entered promiscuous mode [ 7493.163208][ T7829] veth1_vlan: entered promiscuous mode [ 7495.772870][ T7829] veth0_macvtap: entered promiscuous mode [ 7496.313129][ T7829] veth1_macvtap: entered promiscuous mode [ 7499.007107][ T7829] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 7499.032018][ T7829] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 7499.053199][ T7829] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 7499.065296][ T7829] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 7825.886462][ T8300] print_sys_reg_msg: 313 callbacks suppressed [ 7825.945239][ T8300] kvm [8298]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 7825.945239][ T8300] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 7825.984002][ T8300] kvm [8298]: Unsupported guest CP15 access at: 00000100 [000001db] [ 7825.984002][ T8300] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 7826.025563][ T8300] kvm [8298]: Unsupported guest CP15 access at: 00000100 [000001db] [ 7826.025563][ T8300] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 7826.045481][ T8300] kvm [8298]: Unsupported guest CP15 access at: 00000100 [000001db] [ 7826.045481][ T8300] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 7826.097124][ T8300] kvm [8298]: Unsupported guest CP15 access at: 00000100 [000001db] [ 7826.097124][ T8300] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 7826.142097][ T8300] kvm [8298]: Unsupported guest CP15 access at: 00000100 [000001db] [ 7826.142097][ T8300] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 7826.167276][ T8300] kvm [8298]: Unsupported guest CP15 access at: 00000100 [000001db] [ 7826.167276][ T8300] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 7826.204989][ T8300] kvm [8298]: Unsupported guest CP15 access at: 00000100 [000001db] [ 7826.204989][ T8300] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 7826.285352][ T8300] kvm [8298]: Unsupported guest CP15 access at: 00000100 [000001db] [ 7826.285352][ T8300] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 7826.301986][ T8300] kvm [8298]: Unsupported guest CP15 access at: 00000100 [000001db] [ 7826.301986][ T8300] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 8088.614662][ T8489] kvm [8489]: Failed to find VMA for hva 0x20d8d000 [ 8096.666534][ T8497] kvm [8497]: Failed to find VMA for hva 0x21016000 [ 8252.004635][ T8612] ------------[ cut here ]------------ [ 8252.005519][ T8612] WARNING: CPU: 0 PID: 8612 at arch/arm64/kvm/inject_fault.c:63 pend_sync_exception+0x198/0x5ac [ 8252.009773][ T8612] Modules linked in: [ 8252.012743][ T8612] CPU: 0 UID: 0 PID: 8612 Comm: syz.0.1405 Not tainted 6.16.0-rc3-syzkaller-g15724a984643 #0 PREEMPT [ 8252.014841][ T8612] Hardware name: linux,dummy-virt (DT) [ 8252.016451][ T8612] pstate: 81402009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 8252.018043][ T8612] pc : pend_sync_exception+0x198/0x5ac [ 8252.019113][ T8612] lr : pend_sync_exception+0x198/0x5ac [ 8252.020232][ T8612] sp : ffff80008ef178c0 [ 8252.021237][ T8612] x29: ffff80008ef178c0 x28: 000000000000002d x27: 2df000001d6082a8 [ 8252.023397][ T8612] x26: 000000000000002d x25: 0000000000000000 x24: 0000000000000000 [ 8252.025155][ T8612] x23: 0000000000000000 x22: 000000000000002d x21: 2df000001d608e81 [ 8252.027046][ T8612] x20: 0000000000000007 x19: efff800000000000 x18: 0000000000000000 [ 8252.029011][ T8612] x17: 0000000000000027 x16: ffff800080011d9c x15: 0000000020000000 [ 8252.030752][ T8612] x14: ffffffffffffffff x13: 0000000000000028 x12: 0000000000000092 [ 8252.032463][ T8612] x11: 92f0000014bc6de4 x10: 0000000000ff0100 x9 : 0000000000000000 [ 8252.034455][ T8612] x8 : 92f0000014bc5880 x7 : ffff800080b08704 x6 : ffff80008ef17a88 [ 8252.036185][ T8612] x5 : ffff80008ef17a88 x4 : 0000000000000001 x3 : ffff8000801a2e80 [ 8252.038028][ T8612] x2 : 0000000000000000 x1 : 0000000000000002 x0 : 0000000000000000 [ 8252.040086][ T8612] Call trace: [ 8252.041188][ T8612] pend_sync_exception+0x198/0x5ac (P) [ 8252.042672][ T8612] __kvm_inject_sea+0x268/0x96c [ 8252.044033][ T8612] kvm_inject_sea+0x98/0x72c [ 8252.045174][ T8612] __kvm_arm_vcpu_set_events+0x134/0x238 [ 8252.046330][ T8612] kvm_arch_vcpu_ioctl+0xed8/0x16b0 [ 8252.047473][ T8612] kvm_vcpu_ioctl+0x5c4/0xc2c [ 8252.048669][ T8612] __arm64_sys_ioctl+0x18c/0x244 [ 8252.049891][ T8612] invoke_syscall+0x90/0x2b4 [ 8252.051092][ T8612] el0_svc_common+0x180/0x2f4 [ 8252.052216][ T8612] do_el0_svc+0x58/0x74 [ 8252.053226][ T8612] el0_svc+0x58/0x160 [ 8252.054239][ T8612] el0t_64_sync_handler+0x78/0x108 [ 8252.055368][ T8612] el0t_64_sync+0x198/0x19c [ 8252.056749][ T8612] irq event stamp: 322 [ 8252.057665][ T8612] hardirqs last enabled at (321): [] _raw_read_unlock_irqrestore+0x44/0xbc [ 8252.059343][ T8612] hardirqs last disabled at (322): [] el1_dbg+0x24/0x80 [ 8252.060929][ T8612] softirqs last enabled at (288): [] local_bh_enable+0x10/0x34 [ 8252.062434][ T8612] softirqs last disabled at (286): [] local_bh_disable+0x10/0x34 [ 8252.064180][ T8612] ---[ end trace 0000000000000000 ]--- SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 8267.417982][ T8550] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8268.193380][ T8550] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8268.597134][ T8550] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8269.018776][ T8550] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 8277.472683][ T8550] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 8277.612196][ T8550] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 8277.725060][ T8550] bond0 (unregistering): Released all slaves [ 8279.323627][ T8550] hsr_slave_0: left promiscuous mode [ 8279.492928][ T8550] hsr_slave_1: left promiscuous mode [ 8279.940491][ T8550] veth1_macvtap: left promiscuous mode [ 8279.942354][ T8550] veth0_macvtap: left promiscuous mode [ 8279.956840][ T8550] veth1_vlan: left promiscuous mode [ 8279.966776][ T8550] veth0_vlan: left promiscuous mode VM DIAGNOSIS: 21:15:58 Registers: info registers vcpu 0 CPU#0 PC=ffff80008044f8c8 X00=00000000000003c0 X01=ffff8000872b1fa2 X02=0000000000000000 X03=ffff80008047b3ec X04=0000000000000000 X05=0000000000000001 X06=0000000000000000 X07=ffff800081ebe428 X08=00000000000003c0 X09=0000000000000092 X10=0000000000000092 X11=92f0000014bc5880 X12=0000000000ff0100 X13=00000000ffffffff X14=0000000000000000 X15=0000000020000000 X16=ffff800080011d9c X17=0000000000000027 X18=0000000000000000 X19=00000000000003c0 X20=0000000000000001 X21=ffff800087706128 X22=92f0000014bc6360 X23=ffff800087666580 X24=92f0000014bc5880 X25=0000000000000002 X26=92f0000014bc5890 X27=00000000000003c0 X28=ffff800087705000 X29=ffff80008ef171d0 X30=ffff80008651b408 SP=ffff80008ef171d0 PSTATE=604023c9 -ZC- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000 P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000 FFR=0000 Z00=0000000000000000:0000000000000000 Z01=0000fffff4e04b80:c34fb25a0e758a00 Z02=0000fffff4e04b60:ffffff80ffffffd8 Z03=0000fffff4e04c10:0000fffff4e04c10 Z04=0000fffff4e04c10:0000ffffbbf36d08 Z05=0000fffff4e04be0:0000fffff4e04c10 Z06=6edc4d3a2914b135:d8e9c869e2695c88 Z07=b20fae707afde253:388e9c6c4fa85ca0 Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000 Z16=0000fffff4e04e30:0000fffff4e04e30 Z17=ffffff80ffffffd0:0000fffff4e04e00 Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000