last executing test programs:

337.981796ms ago: executing program 1 (id=2):
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0xf88e470f}]})
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$KVM_SET_DEBUGREGS(0xffffffffffffffff, 0x4080aea2, &(0x7f0000000080)={[0xeeee0000, 0xeeef0000, 0xdddd0000, 0xb000], 0x2000000db, 0xc})
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000100)={[{0x5, 0x4000, 0x4, 0x5, 0x0, 0x8, 0x3, 0xa, 0x7e, 0x4, 0x11, 0x5, 0x80204}, {0x804, 0x1, 0x1, 0x45, 0x7, 0x2, 0x1, 0xff, 0x0, 0x4, 0x6, 0x7f, 0x20c}, {0x1, 0x3, 0x38, 0x5, 0x84, 0x7, 0x3, 0x50, 0x0, 0x70, 0x4, 0x5}], 0xffffffff})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x20000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c4, 0x1004, 0xffffffffffffffff, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0x80000004000000, 0x8d], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x2, 0x2, 0x0, 0x4002004c4, 0x1004, 0x8000000000000000, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0xb3, 0x8d], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

334.101654ms ago: executing program 0 (id=1):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x8202, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000000)={0x0, &(0x7f0000000940)=[@code={0xa, 0x6d, {"0f01c8c40115c2b9120000000048b8a80c0000000000000f23c00f21f835020009000f23f8c4e1b172d03766b85f008ec04b0fc76a1a48b807000000000000000f23d00f21f8351000000b0f23f8c4a1fd65d466b801008ed80f01c5"}}], 0x6d})
ioctl$KVM_CAP_DISABLE_QUIRKS(r1, 0x4068aea3, &(0x7f0000000080)={0x74, 0x0, 0x63})
ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f0000000180)={0x1, 0x0, [{0x1, 0x2, 0x2, 0x7ff, 0x1}]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

240.908142ms ago: executing program 2 (id=3):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000004c0)={0x79, 0x0, 0x3})
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f00000000c0)={0x0, 0x0})
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000001c0)={{0x3000, 0x1, 0x8, 0x8, 0xb, 0xe6, 0x40, 0x0, 0x0, 0x81, 0x80}, {0x5000, 0xeeee8000, 0x3, 0x0, 0x42, 0x5, 0x75, 0x2, 0x36, 0x4, 0x2, 0x87}, {0x0, 0xdddd0000, 0xe, 0x0, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x5}, {0x1, 0xeeee0000, 0x9, 0x6, 0x5, 0x46, 0xb, 0xff, 0x8, 0x7, 0xe}, {0xf000, 0x3000, 0xf, 0x3, 0x16, 0x7, 0xab, 0x8, 0x9, 0x40, 0xf6, 0x97}, {0xeeefa000, 0xdddd0000, 0xe, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0x2f, 0x1, 0x7}, {0x3000, 0x3000, 0xf, 0x5, 0x7, 0x5, 0x7, 0x3, 0x9d, 0x81, 0x40, 0x70}, {0x8000000, 0x4000, 0x8, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x2, 0xc, 0xb0, 0x81}, {0xeeee0000, 0x30}, {0x8000000, 0x7}, 0x80000031, 0x0, 0x3000, 0x2024, 0x2, 0x0, 0x100c00, [0x6800000000000000, 0x4, 0x7, 0x8]})
ioctl$KVM_GET_MSRS_cpu(r3, 0xc008ae88, &(0x7f0000000480)={0x1, 0x0, [{0x872, 0x0, 0x9}]})

161.840966ms ago: executing program 3 (id=4):
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$KVM_SET_DEBUGREGS(0xffffffffffffffff, 0x4080aea2, &(0x7f0000000080)={[0xeeee0000, 0xeeef0000, 0xdddd0000, 0xb000], 0x2000000db, 0xc})
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000100)={[{0x5, 0x4000, 0x4, 0x5, 0x0, 0x8, 0x3, 0xa, 0x7e, 0x4, 0x11, 0x5, 0x80204}, {0x804, 0x1, 0x1, 0x45, 0x7, 0x2, 0x1, 0xff, 0x0, 0x4, 0x6, 0x7f, 0x209}, {0x1, 0x3, 0x38, 0x2, 0x84, 0x7, 0x3, 0x50, 0x0, 0x70, 0x4, 0x5}], 0xffffffff})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r1 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x20000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c4, 0x1004, 0xffffffffffffffff, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0x80000004000000, 0x8d], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x2, 0x2, 0x0, 0x4002004c4, 0x1004, 0x8000000000000000, 0xc595, 0x4, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0x5, 0x5], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

26.099092ms ago: executing program 0 (id=5):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=[@code={0x1, 0x60, {"3ef30fc735fc9a00003e0f01c8c4417df1a9b398000066b824008ec8460f79f2c4e1717db49c26000000b9800000c00f3235000400000f307b9666baa00066b8000066ef66bad1040f01c2260f78da"}}], 0x60})
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000000)={0x100000, 0xf00})
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
syz_kvm_add_vcpu$x86(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000940)=[@uexit={0x0, 0x18, 0x8}, @code={0xa, 0x71, {"0f20d835080000000f22d8b9bf080000b80a000000ba000000000f30b8010000000f01c166b8af000f00d8c4c299479be00b4c21b91d030000b83deb0000ba000000000f300f01dfb9800000c00f3235001000000f30642e2e450fc72e0f01c5"}}, @uexit={0x0, 0x18, 0x6}, @rdmsr={0x66, 0x18, {0x8aa}}, @rdmsr={0x32, 0x18, {0xbc5}}, @rdmsr={0x32, 0x18, {0x316}}, @wr_crn={0x46, 0x20, {0x3, 0xffffffffffffff00}}, @wrmsr={0x1e, 0x20, {0x339, 0x17fffffff}}, @wr_crn={0x46, 0x20, {0x2, 0x4000000}}, @uexit={0x0, 0x18, 0x7ff}, @rdmsr={0x32, 0x18, {0x35c}}, @rdmsr={0x66, 0x18, {0x3f6}}, @wr_crn={0x46, 0x20, {0x0, 0x4}}, @in_dx={0x69, 0x20, {0x8cf9}}, @wrmsr={0x1e, 0x20, {0x340, 0x5}}, @cpuid={0x14, 0x18, {0x3fd, 0x4}}], 0x209})
ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000040))
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f0000000100)={[{0x5, 0xc000, 0x4, 0x5, 0x0, 0x8, 0x80, 0x5, 0xb9, 0x1, 0x11, 0xd, 0x204}, {0x804, 0x0, 0x1, 0xfd, 0x87, 0x2, 0x2, 0xff, 0x0, 0x4, 0x6, 0x7f, 0x20c}, {0x4000001, 0x3, 0x38, 0x5, 0x8, 0x7, 0x3, 0x50, 0x0, 0x71, 0x3, 0x5, 0x4}], 0xffffffff})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000003c0)={[0x60000000000, 0xdb, 0x0, 0x8, 0x2000001, 0x5, 0x2004cb, 0xfffffffffffffff9, 0x2, 0x1136b2e5, 0x9, 0x0, 0x3, 0x0, 0x8000000000, 0xfffffffffffffffa], 0x1, 0x202})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x4, 0x2000000, 0x0, 0x2004cb, 0x0, 0x10a1d, 0x68ff, 0x5, 0x0, 0x3, 0x2, 0x0, 0xfffffffffffffffc], 0x10000, 0x202})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x0, 0x8, 0x9, 0x10}, {0xffff1000, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7}, {0x2000, 0x5000, 0xc, 0x0, 0x8, 0x4, 0x0, 0x1, 0x3, 0x0, 0x0, 0xfc}, {0x3000, 0xd000, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x8, 0x0, 0x4}, {0xeeee8000, 0xffff1000, 0x9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7}, {0x7000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x0, 0xf, 0xfe, 0x0, 0x0, 0xff}, {0x0, 0x3000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xa, 0x26}, {0x80a0000}, {0xdddd1000}, 0xddf8ffdb, 0x0, 0x0, 0x50, 0x0, 0xf801, 0x0, [0x0, 0x0, 0x1]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.201114ms ago: executing program 1 (id=6):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000280)={0x13, 0x1, 0x5})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0x17b, 0x0, 0xffffffffffffffff}]})

0s ago: executing program 2 (id=7):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0x756})
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@enable_nested={0x12c, 0x18}, @nested_create_vm={0x12d, 0x18}, @nested_load_code={0x12e, 0x4d, {0x0, "48b800800000000000000f23c80f21f8350c0020000f23f86d3266b864000f00d03500010000b8050002000f006080000f01b00f30"}}, @nested_vmlaunch={0x12f, 0x18}], 0x95})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000000)=0x4)
ioctl$KVM_GET_MP_STATE(r3, 0x8004ae98, &(0x7f0000000040))

kernel console output (not intermixed with test programs):

[   44.053070][   T40] audit: type=1400 audit(1764165177.293:59): avc:  denied  { write } for  pid=5841 comm="sh" path="pipe:[3960]" dev="pipefs" ino=3960 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[   44.060965][   T40] audit: type=1400 audit(1764165177.293:60): avc:  denied  { rlimitinh } for  pid=5841 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   44.067113][   T40] audit: type=1400 audit(1764165177.293:61): avc:  denied  { siginh } for  pid=5841 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
Warning: Permanently added '[localhost]:50894' (ED25519) to the list of known hosts.
[   46.183748][   T40] audit: type=1400 audit(1764165179.433:62): avc:  denied  { name_bind } for  pid=5910 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   46.209061][   T40] audit: type=1400 audit(1764165179.463:63): avc:  denied  { write } for  pid=5912 comm="sh" path="pipe:[3983]" dev="pipefs" ino=3983 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[   46.220563][   T40] audit: type=1400 audit(1764165179.473:64): avc:  denied  { execute } for  pid=5912 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   46.227547][   T40] audit: type=1400 audit(1764165179.473:65): avc:  denied  { execute_no_trans } for  pid=5912 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   48.327493][   T40] audit: type=1400 audit(1764165181.583:66): avc:  denied  { mounton } for  pid=5912 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   48.337694][ T5912] cgroup: Unknown subsys name 'net'
[   48.518649][ T5912] cgroup: Unknown subsys name 'cpuset'
[   48.523313][ T5912] cgroup: Unknown subsys name 'rlimit'
[   48.755414][ T5924] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[   49.478815][ T5912] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   52.744242][   T40] kauditd_printk_skb: 13 callbacks suppressed
[   52.744252][   T40] audit: type=1400 audit(1764165185.993:80): avc:  denied  { execmem } for  pid=5930 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   52.986241][   T40] audit: type=1400 audit(1764165186.233:81): avc:  denied  { create } for  pid=5935 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   52.993134][   T40] audit: type=1400 audit(1764165186.233:82): avc:  denied  { read write } for  pid=5935 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   53.001468][   T40] audit: type=1400 audit(1764165186.233:83): avc:  denied  { open } for  pid=5935 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   53.009710][   T40] audit: type=1400 audit(1764165186.243:84): avc:  denied  { ioctl } for  pid=5935 comm="syz-executor" path="socket:[8236]" dev="sockfs" ino=8236 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   53.040789][ T5942] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   53.043052][ T5948] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   53.044514][ T5942] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   53.045351][ T5949] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   53.046661][ T5951] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   53.050168][ T5942] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   53.051863][ T5951] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   53.054408][ T5942] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   53.056523][ T5951] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   53.058883][ T5948] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   53.059608][ T5942] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   53.059860][ T5948] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   53.063696][   T40] audit: type=1400 audit(1764165186.313:85): avc:  denied  { read } for  pid=5935 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   53.066106][ T5942] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   53.068380][ T5950] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   53.070881][   T40] audit: type=1400 audit(1764165186.313:86): avc:  denied  { open } for  pid=5935 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   53.076094][ T5941] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   53.077781][ T5941] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   53.079979][ T5950] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   53.097783][   T40] audit: type=1400 audit(1764165186.323:87): avc:  denied  { mounton } for  pid=5935 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   53.104617][ T5950] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   53.107588][ T5950] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   53.110091][ T5950] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   53.256501][   T40] audit: type=1400 audit(1764165186.513:88): avc:  denied  { module_request } for  pid=5935 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   53.290221][ T5935] chnl_net:caif_netlink_parms(): no params data found
[   53.476563][ T5935] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.479793][ T5935] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.482348][ T5935] bridge_slave_0: entered allmulticast mode
[   53.485056][ T5935] bridge_slave_0: entered promiscuous mode
[   53.490357][ T5935] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.492806][ T5935] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.495343][ T5935] bridge_slave_1: entered allmulticast mode
[   53.498531][ T5935] bridge_slave_1: entered promiscuous mode
[   53.524187][ T5937] chnl_net:caif_netlink_parms(): no params data found
[   53.608271][ T5935] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   53.647538][ T5935] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   53.687115][ T5936] chnl_net:caif_netlink_parms(): no params data found
[   53.740726][ T5937] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.743431][ T5937] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.746397][ T5937] bridge_slave_0: entered allmulticast mode
[   53.749062][ T5937] bridge_slave_0: entered promiscuous mode
[   53.787393][ T5935] team0: Port device team_slave_0 added
[   53.789771][ T5944] chnl_net:caif_netlink_parms(): no params data found
[   53.803843][ T5937] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.807444][ T5937] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.810251][ T5937] bridge_slave_1: entered allmulticast mode
[   53.814125][ T5937] bridge_slave_1: entered promiscuous mode
[   53.825687][ T5935] team0: Port device team_slave_1 added
[   53.924932][ T5937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   53.934528][ T5935] batman_adv: batadv0: Adding interface: batadv_slave_0
[   53.937688][ T5935] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   53.945662][ T5935] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   53.950635][ T5935] batman_adv: batadv0: Adding interface: batadv_slave_1
[   53.952991][ T5935] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   53.961956][ T5935] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   53.972731][ T5937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   54.055253][ T5936] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.058200][ T5936] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.060530][ T5936] bridge_slave_0: entered allmulticast mode
[   54.063323][ T5936] bridge_slave_0: entered promiscuous mode
[   54.080635][ T5937] team0: Port device team_slave_0 added
[   54.083220][ T5936] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.085523][ T5936] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.088752][ T5936] bridge_slave_1: entered allmulticast mode
[   54.091387][ T5936] bridge_slave_1: entered promiscuous mode
[   54.167727][ T5937] team0: Port device team_slave_1 added
[   54.182574][ T5944] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.184850][ T5944] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.187736][ T5944] bridge_slave_0: entered allmulticast mode
[   54.190469][ T5944] bridge_slave_0: entered promiscuous mode
[   54.196435][ T5935] hsr_slave_0: entered promiscuous mode
[   54.199150][ T5935] hsr_slave_1: entered promiscuous mode
[   54.227059][ T5936] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   54.231307][ T5944] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.234480][ T5944] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.237758][ T5944] bridge_slave_1: entered allmulticast mode
[   54.240959][ T5944] bridge_slave_1: entered promiscuous mode
[   54.259267][ T5936] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   54.277725][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.280336][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.291056][ T5937] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.385832][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.388543][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.398225][ T5937] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.417832][ T5936] team0: Port device team_slave_0 added
[   54.425720][ T5936] team0: Port device team_slave_1 added
[   54.430070][ T5944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   54.436330][ T5944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   54.556474][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.558804][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.567877][ T5936] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.575310][ T5944] team0: Port device team_slave_0 added
[   54.582378][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.585263][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.595683][ T5936] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.618707][ T5944] team0: Port device team_slave_1 added
[   54.661912][ T5937] hsr_slave_0: entered promiscuous mode
[   54.664340][ T5937] hsr_slave_1: entered promiscuous mode
[   54.666741][ T5937] debugfs: 'hsr0' already exists in 'hsr'
[   54.668677][ T5937] Cannot create hsr debugfs directory
[   54.724340][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.726854][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.735386][ T5944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.756229][ T5936] hsr_slave_0: entered promiscuous mode
[   54.758575][ T5936] hsr_slave_1: entered promiscuous mode
[   54.760756][ T5936] debugfs: 'hsr0' already exists in 'hsr'
[   54.763027][ T5936] Cannot create hsr debugfs directory
[   54.796300][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.799298][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.808444][ T5944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.958433][ T5944] hsr_slave_0: entered promiscuous mode
[   54.961127][ T5944] hsr_slave_1: entered promiscuous mode
[   54.963280][ T5944] debugfs: 'hsr0' already exists in 'hsr'
[   54.965130][ T5944] Cannot create hsr debugfs directory
[   55.126780][ T5950] Bluetooth: hci2: command tx timeout
[   55.129497][ T5945] Bluetooth: hci0: command tx timeout
[   55.129533][ T5942] Bluetooth: hci3: command tx timeout
[   55.130034][ T5942] Bluetooth: hci1: command tx timeout
[   55.137061][ T5935] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   55.179063][ T5935] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   55.190527][ T5935] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   55.204487][ T5935] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   55.260348][ T5937] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   55.267631][ T5937] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   55.274986][ T5937] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   55.288324][ T5937] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   55.338444][ T5936] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   55.349684][ T5936] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   55.357467][ T5936] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   55.364933][ T5935] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.368571][ T5936] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   55.415032][ T5935] 8021q: adding VLAN 0 to HW filter on device team0
[   55.431579][   T80] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.434766][   T80] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.456111][ T5944] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   55.461157][ T5944] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   55.466726][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.469027][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.476764][ T5944] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   55.480971][ T5944] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   55.539376][ T5937] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.571980][ T5937] 8021q: adding VLAN 0 to HW filter on device team0
[   55.584423][ T5936] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.595219][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.598101][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.600256][   T40] audit: type=1400 audit(1764165188.853:89): avc:  denied  { sys_module } for  pid=5935 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   55.614978][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.617553][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.644828][ T5936] 8021q: adding VLAN 0 to HW filter on device team0
[   55.657940][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.660254][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.668069][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.670481][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.683317][ T5944] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.717291][ T5944] 8021q: adding VLAN 0 to HW filter on device team0
[   55.725203][ T5935] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.738301][ T1148] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.740680][ T1148] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.749798][ T1148] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.752101][ T1148] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.801904][ T5937] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.820570][ T5935] veth0_vlan: entered promiscuous mode
[   55.839804][ T5937] veth0_vlan: entered promiscuous mode
[   55.851563][ T5935] veth1_vlan: entered promiscuous mode
[   55.854613][ T5937] veth1_vlan: entered promiscuous mode
[   55.867045][ T5936] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.902935][ T5935] veth0_macvtap: entered promiscuous mode
[   55.908047][ T5937] veth0_macvtap: entered promiscuous mode
[   55.916780][ T5937] veth1_macvtap: entered promiscuous mode
[   55.919341][ T5935] veth1_macvtap: entered promiscuous mode
[   55.941852][ T5944] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.955744][ T5936] veth0_vlan: entered promiscuous mode
[   55.967620][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.971868][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.979181][ T5936] veth1_vlan: entered promiscuous mode
[   55.987557][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_1
[   55.991666][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_1
[   56.008976][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.011930][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.024678][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.030401][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.038908][   T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.048837][   T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.052314][   T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.064633][ T5936] veth0_macvtap: entered promiscuous mode
[   56.067838][   T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.082321][ T5936] veth1_macvtap: entered promiscuous mode
[   56.104820][ T5944] veth0_vlan: entered promiscuous mode
[   56.132363][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.132860][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_0
[   56.135814][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.147646][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_1
[   56.152346][ T5944] veth1_vlan: entered promiscuous mode
[   56.167000][ T1148] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.170730][ T1148] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.183754][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.184311][ T1148] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.186661][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.189709][ T1148] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.204491][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.208663][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.223402][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.226336][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.235477][ T5944] veth0_macvtap: entered promiscuous mode
[   56.247246][ T5944] veth1_macvtap: entered promiscuous mode
[   56.264656][ T5937] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   56.275505][   T92] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.279593][   T92] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.291634][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_0
[   56.308238][   T92] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.310476][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_1
[   56.311609][   T92] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.316881][ T1148] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.320138][ T1148] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.323052][ T1148] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.339641][ T1148] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.399921][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.403327][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.439720][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.442693][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.631326][ T6038] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   56.688613][ T6043] ------------[ cut here ]------------
[   56.690532][ T6043] WARNING: CPU: 3 PID: 6043 at arch/x86/kvm/lapic.c:3483 kvm_apic_accept_events+0x444/0x4c0
[   56.694070][ T6043] Modules linked in:
[   56.695697][ T6043] CPU: 3 UID: 0 PID: 6043 Comm: syz.2.7 Not tainted syzkaller #0 PREEMPT(full) 
[   56.698926][ T6043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   56.702511][ T6043] RIP: 0010:kvm_apic_accept_events+0x444/0x4c0
[   56.704565][ T6043] Code: 34 03 00 00 02 00 00 00 e9 ae fd ff ff 4c 89 ef e8 81 ae de 00 e9 33 fc ff ff e8 47 ae de 00 e9 17 fd ff ff e8 ed 0b 76 00 90 <0f> 0b 90 e9 24 fd ff ff e8 5f ae de 00 e9 de fb ff ff e8 25 ae de
[   56.711066][ T6043] RSP: 0018:ffffc90004a37c38 EFLAGS: 00010287
[   56.713101][ T6043] RAX: 00000000000006fc RBX: 0000000000000002 RCX: ffffc900072b1000
[   56.715712][ T6043] RDX: 0000000000080000 RSI: ffffffff8146dbf3 RDI: 0000000000000005
[   56.718450][ T6043] RBP: ffff88803a399000 R08: 0000000000000005 R09: 0000000000000002
[   56.721137][ T6043] R10: 0000000000000002 R11: 0000000000000001 R12: 0000000000000001
[   56.724295][ T6043] R13: ffff88803a3990e0 R14: ffff888024fb52b0 R15: 0000000000000001
[   56.727858][ T6043] FS:  00007f0f2e9746c0(0000) GS:ffff8880d6d05000(0000) knlGS:0000000000000000
[   56.730789][ T6043] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   56.732979][ T6043] CR2: 000000110c349fd3 CR3: 00000000541e5000 CR4: 0000000000352ef0
[   56.735567][ T6043] Call Trace:
[   56.736928][ T6043]  <TASK>
[   56.738005][ T6043]  kvm_arch_vcpu_ioctl_get_mpstate+0x103/0x450
[   56.739996][ T6043]  kvm_vcpu_ioctl+0x7b8/0x1690
[   56.741606][ T6043]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   56.743295][ T6043]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   56.745286][ T6043]  ? do_vfs_ioctl+0x128/0x14f0
[   56.746963][ T6043]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   56.748786][ T6043]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   56.751185][ T6043]  ? hook_file_ioctl_common+0x145/0x410
[   56.753115][ T6043]  ? selinux_file_ioctl+0x180/0x270
[   56.754845][ T6043]  ? selinux_file_ioctl+0xb4/0x270
[   56.756661][ T6043]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   56.758423][ T6043]  __x64_sys_ioctl+0x18e/0x210
[   56.760163][ T6043]  do_syscall_64+0xcd/0xfa0
[   56.761941][ T6043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.763905][ T6043] RIP: 0033:0x7f0f2db8f749
[   56.765397][ T6043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.771863][ T6043] RSP: 002b:00007f0f2e974038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   56.774931][ T6043] RAX: ffffffffffffffda RBX: 00007f0f2dde5fa0 RCX: 00007f0f2db8f749
[   56.777682][ T6043] RDX: 0000200000000040 RSI: 000000008004ae98 RDI: 0000000000000005
[   56.780292][ T6043] RBP: 00007f0f2dc13f91 R08: 0000000000000000 R09: 0000000000000000
[   56.783033][ T6043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   56.785588][ T6043] R13: 00007f0f2dde6038 R14: 00007f0f2dde5fa0 R15: 00007ffe27c9c6c8
[   56.788324][ T6043]  </TASK>
[   56.789391][ T6043] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   56.791724][ T6043] CPU: 3 UID: 0 PID: 6043 Comm: syz.2.7 Not tainted syzkaller #0 PREEMPT(full) 
[   56.794766][ T6043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   56.798256][ T6043] Call Trace:
[   56.799373][ T6043]  <TASK>
[   56.800359][ T6043]  dump_stack_lvl+0x3d/0x1f0
[   56.801932][ T6043]  vpanic+0x640/0x6f0
[   56.803517][ T6043]  ? kvm_apic_accept_events+0x444/0x4c0
[   56.805454][ T6043]  panic+0xca/0xd0
[   56.807098][ T6043]  ? __pfx_panic+0x10/0x10
[   56.809022][ T6043]  check_panic_on_warn+0xab/0xb0
[   56.811049][ T6043]  __warn+0xf6/0x3c0
[   56.812736][ T6043]  ? kvm_apic_accept_events+0x444/0x4c0
[   56.815170][ T6043]  report_bug+0x3c3/0x580
[   56.817034][ T6043]  ? kvm_apic_accept_events+0x444/0x4c0
[   56.818905][ T6043]  handle_bug+0x184/0x210
[   56.820493][ T6043]  exc_invalid_op+0x17/0x50
[   56.822283][ T6043]  asm_exc_invalid_op+0x1a/0x20
[   56.823977][ T6043] RIP: 0010:kvm_apic_accept_events+0x444/0x4c0
[   56.826074][ T6043] Code: 34 03 00 00 02 00 00 00 e9 ae fd ff ff 4c 89 ef e8 81 ae de 00 e9 33 fc ff ff e8 47 ae de 00 e9 17 fd ff ff e8 ed 0b 76 00 90 <0f> 0b 90 e9 24 fd ff ff e8 5f ae de 00 e9 de fb ff ff e8 25 ae de
[   56.832646][ T6043] RSP: 0018:ffffc90004a37c38 EFLAGS: 00010287
[   56.835209][ T6043] RAX: 00000000000006fc RBX: 0000000000000002 RCX: ffffc900072b1000
[   56.838244][ T6043] RDX: 0000000000080000 RSI: ffffffff8146dbf3 RDI: 0000000000000005
[   56.841012][ T6043] RBP: ffff88803a399000 R08: 0000000000000005 R09: 0000000000000002
[   56.843710][ T6043] R10: 0000000000000002 R11: 0000000000000001 R12: 0000000000000001
[   56.846306][ T6043] R13: ffff88803a3990e0 R14: ffff888024fb52b0 R15: 0000000000000001
[   56.849021][ T6043]  ? kvm_apic_accept_events+0x443/0x4c0
[   56.851118][ T6043]  ? kvm_apic_accept_events+0x443/0x4c0
[   56.853039][ T6043]  kvm_arch_vcpu_ioctl_get_mpstate+0x103/0x450
[   56.855732][ T6043]  kvm_vcpu_ioctl+0x7b8/0x1690
[   56.857707][ T6043]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   56.859818][ T6043]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   56.862042][ T6043]  ? do_vfs_ioctl+0x128/0x14f0
[   56.863606][ T6043]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   56.865287][ T6043]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   56.867520][ T6043]  ? hook_file_ioctl_common+0x145/0x410
[   56.869367][ T6043]  ? selinux_file_ioctl+0x180/0x270
[   56.871064][ T6043]  ? selinux_file_ioctl+0xb4/0x270
[   56.872993][ T6043]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   56.875370][ T6043]  __x64_sys_ioctl+0x18e/0x210
[   56.877479][ T6043]  do_syscall_64+0xcd/0xfa0
[   56.879241][ T6043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.881460][ T6043] RIP: 0033:0x7f0f2db8f749
[   56.883282][ T6043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.889594][ T6043] RSP: 002b:00007f0f2e974038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   56.892396][ T6043] RAX: ffffffffffffffda RBX: 00007f0f2dde5fa0 RCX: 00007f0f2db8f749
[   56.895199][ T6043] RDX: 0000200000000040 RSI: 000000008004ae98 RDI: 0000000000000005
[   56.898545][ T6043] RBP: 00007f0f2dc13f91 R08: 0000000000000000 R09: 0000000000000000
[   56.901987][ T6043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   56.904650][ T6043] R13: 00007f0f2dde6038 R14: 00007f0f2dde5fa0 R15: 00007ffe27c9c6c8
[   56.907777][ T6043]  </TASK>
[   56.909975][ T6043] Kernel Offset: disabled
[   56.911720][ T6043] Rebooting in 86400 seconds..