[ 398.029429][ T3145] 8021q: adding VLAN 0 to HW filter on device bond0 [ 433.309646][ T3145] eql: remember to turn off Van-Jacobson compression on your slave devices Warning: Permanently added '[localhost]:50264' (ED25519) to the list of known hosts. [ 934.932797][ T25] audit: type=1400 audit(934.100:60): avc: denied { execute } for pid=3312 comm="sh" name="syz-execprog" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 934.978357][ T25] audit: type=1400 audit(934.130:61): avc: denied { execute_no_trans } for pid=3312 comm="sh" path="/syz-execprog" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 1970/01/01 00:16:27 parsed 1 programs [ 988.268968][ T25] audit: type=1400 audit(987.440:62): avc: denied { node_bind } for pid=3312 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 1013.228175][ T25] audit: type=1400 audit(1012.400:63): avc: denied { mounton } for pid=3321 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1870 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 1013.270252][ T25] audit: type=1400 audit(1012.430:64): avc: denied { mount } for pid=3321 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 1013.442821][ T3321] cgroup: Unknown subsys name 'net' [ 1013.576322][ T25] audit: type=1400 audit(1012.740:65): avc: denied { unmount } for pid=3321 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 1014.236163][ T3321] cgroup: Unknown subsys name 'cpuset' [ 1014.453169][ T3321] cgroup: Unknown subsys name 'rlimit' [ 1016.581431][ T25] audit: type=1400 audit(1015.750:66): avc: denied { setattr } for pid=3321 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 1016.611164][ T25] audit: type=1400 audit(1015.780:67): avc: denied { create } for pid=3321 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 1016.629412][ T25] audit: type=1400 audit(1015.800:68): avc: denied { write } for pid=3321 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 1016.657695][ T25] audit: type=1400 audit(1015.820:69): avc: denied { module_request } for pid=3321 comm="syz-executor" kmod="net-pf-16-proto-16-family-nl802154" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 1017.217657][ T25] audit: type=1400 audit(1016.380:70): avc: denied { read } for pid=3321 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 1017.272723][ T25] audit: type=1400 audit(1016.440:71): avc: denied { mounton } for pid=3321 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 1017.309066][ T25] audit: type=1400 audit(1016.480:72): avc: denied { mount } for pid=3321 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 1018.601318][ T3325] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 1018.623191][ T25] audit: type=1400 audit(1017.790:73): avc: denied { relabelto } for pid=3325 comm="mkswap" name="swap-file" dev="vda" ino=1873 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 1018.652668][ T25] audit: type=1400 audit(1017.810:74): avc: denied { write } for pid=3325 comm="mkswap" path="/swap-file" dev="vda" ino=1873 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 1018.802510][ T25] audit: type=1400 audit(1017.970:75): avc: denied { read } for pid=3321 comm="syz-executor" name="swap-file" dev="vda" ino=1873 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 1018.820818][ T25] audit: type=1400 audit(1017.990:76): avc: denied { open } for pid=3321 comm="syz-executor" path="/swap-file" dev="vda" ino=1873 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 1018.882342][ T3321] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 1042.861263][ T25] audit: type=1400 audit(1042.030:77): avc: denied { execmem } for pid=3326 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 1043.196653][ T25] audit: type=1400 audit(1042.360:78): avc: denied { read } for pid=3327 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 1043.237669][ T25] audit: type=1400 audit(1042.390:79): avc: denied { open } for pid=3327 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 1043.323268][ T25] audit: type=1400 audit(1042.490:80): avc: denied { mounton } for pid=3327 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 1044.480801][ T25] audit: type=1400 audit(1043.650:81): avc: denied { mount } for pid=3327 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 1044.528091][ T25] audit: type=1400 audit(1043.700:82): avc: denied { mounton } for pid=3327 comm="syz-executor" path="/syzkaller.1M8T64/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 1044.585441][ T25] audit: type=1400 audit(1043.740:83): avc: denied { mount } for pid=3327 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 1044.651618][ T25] audit: type=1400 audit(1043.820:84): avc: denied { mounton } for pid=3327 comm="syz-executor" path="/syzkaller.1M8T64/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 1044.691121][ T25] audit: type=1400 audit(1043.860:85): avc: denied { mounton } for pid=3327 comm="syz-executor" path="/syzkaller.1M8T64/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=2929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 1044.802033][ T25] audit: type=1400 audit(1043.970:86): avc: denied { unmount } for pid=3327 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 1045.281112][ T3327] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 1075.078272][ T25] kauditd_printk_skb: 8 callbacks suppressed [ 1075.086702][ T25] audit: type=1400 audit(1074.250:95): avc: denied { create } for pid=3348 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 1085.027273][ T25] audit: type=1401 audit(1084.190:96): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768" [ 1112.798964][ T25] audit: type=1400 audit(1111.970:97): avc: denied { create } for pid=3370 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1 [ 1112.982315][ T25] audit: type=1400 audit(1112.150:98): avc: denied { sys_admin } for pid=3370 comm="syz-executor" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 1116.861361][ T25] audit: type=1400 audit(1116.030:99): avc: denied { sys_chroot } for pid=3371 comm="syz-executor" capability=18 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 1124.462855][ T25] audit: type=1400 audit(1123.630:100): avc: denied { sys_module } for pid=3378 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 1142.502875][ T3378] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1142.572454][ T3378] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1148.991339][ T3378] hsr_slave_0: entered promiscuous mode [ 1149.022311][ T3378] hsr_slave_1: entered promiscuous mode [ 1152.880405][ T3378] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1153.012727][ T3378] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1153.087084][ T3378] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1153.177630][ T3378] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1160.140975][ T3378] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1185.452798][ T3378] veth0_vlan: entered promiscuous mode [ 1185.660894][ T3378] veth1_vlan: entered promiscuous mode [ 1186.683064][ T3378] veth0_macvtap: entered promiscuous mode [ 1186.839109][ T3378] veth1_macvtap: entered promiscuous mode [ 1188.103467][ T3346] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1188.176835][ T3346] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1188.181712][ T3346] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1188.217282][ T3346] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1194.211294][ T2129] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1195.603496][ T2129] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1196.539670][ T2129] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1197.359880][ T2129] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1214.087878][ T2129] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1214.240704][ T2129] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1214.327662][ T2129] bond0 (unregistering): Released all slaves [ 1215.628136][ T2129] hsr_slave_0: left promiscuous mode [ 1215.678053][ T2129] hsr_slave_1: left promiscuous mode [ 1216.114480][ T2129] veth1_macvtap: left promiscuous mode [ 1216.126872][ T2129] veth0_macvtap: left promiscuous mode [ 1216.150324][ T2129] veth1_vlan: left promiscuous mode [ 1216.177165][ T2129] veth0_vlan: left promiscuous mode 1970/01/01 00:21:14 executed programs: 0 [ 1311.383690][ T3507] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1311.539524][ T3507] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1330.669420][ T3507] hsr_slave_0: entered promiscuous mode [ 1330.739507][ T3507] hsr_slave_1: entered promiscuous mode [ 1344.413028][ T3507] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1344.663188][ T3507] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1344.908992][ T3507] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1345.062608][ T3507] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1358.323470][ T3507] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1413.967538][ T3507] veth0_vlan: entered promiscuous mode [ 1414.950260][ T3507] veth1_vlan: entered promiscuous mode [ 1417.577736][ T3507] veth0_macvtap: entered promiscuous mode [ 1417.797845][ T3507] veth1_macvtap: entered promiscuous mode [ 1419.489866][ T3347] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1419.496332][ T3347] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1419.508551][ T3347] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1419.540199][ T3347] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 1970/01/01 00:23:41 executed programs: 2 [ 1424.005377][ T25] audit: type=1400 audit(1423.170:101): avc: denied { read } for pid=3654 comm="syz.2.17" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1424.047093][ T25] audit: type=1400 audit(1423.210:102): avc: denied { open } for pid=3654 comm="syz.2.17" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1424.077447][ T25] audit: type=1400 audit(1423.230:103): avc: denied { ioctl } for pid=3654 comm="syz.2.17" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1425.873465][ T3654] ================================================================== [ 1425.874063][ T3654] BUG: KASAN: invalid-access in __kvm_pgtable_walk+0x8e4/0xa68 [ 1425.875863][ T3654] Read of size 8 at addr c6f000001329e000 by task syz.2.17/3654 [ 1425.876118][ T3654] Pointer tag: [c6], memory tag: [fe] [ 1425.876240][ T3654] [ 1425.877242][ T3654] CPU: 0 UID: 0 PID: 3654 Comm: syz.2.17 Not tainted syzkaller #0 PREEMPT [ 1425.877854][ T3654] Hardware name: linux,dummy-virt (DT) [ 1425.878333][ T3654] Call trace: [ 1425.878719][ T3654] show_stack+0x2c/0x3c (C) [ 1425.879414][ T3654] __dump_stack+0x30/0x40 [ 1425.879693][ T3654] dump_stack_lvl+0xd8/0x12c [ 1425.879921][ T3654] print_address_description+0xac/0x288 [ 1425.880206][ T3654] print_report+0x84/0xa0 [ 1425.880466][ T3654] kasan_report+0xb0/0x110 [ 1425.880688][ T3654] kasan_tag_mismatch+0x28/0x3c [ 1425.880961][ T3654] __hwasan_tag_mismatch+0x30/0x60 [ 1425.881279][ T3654] __kvm_pgtable_walk+0x8e4/0xa68 [ 1425.881612][ T3654] kvm_pgtable_walk+0x294/0x468 [ 1425.881912][ T3654] kvm_pgtable_stage2_destroy_range+0x60/0xb4 [ 1425.882224][ T3654] kvm_free_stage2_pgd+0x198/0x28c [ 1425.882514][ T3654] kvm_uninit_stage2_mmu+0x20/0x38 [ 1425.882790][ T3654] kvm_arch_flush_shadow_all+0x1a8/0x1e0 [ 1425.883109][ T3654] kvm_mmu_notifier_release+0x48/0xa8 [ 1425.883395][ T3654] mmu_notifier_unregister+0x128/0x42c [ 1425.883665][ T3654] kvm_put_kvm+0x6a0/0xfa8 [ 1425.883891][ T3654] kvm_vm_release+0x58/0x78 [ 1425.884159][ T3654] __fput+0x4ac/0x980 [ 1425.884362][ T3654] ____fput+0x20/0x58 [ 1425.884560][ T3654] task_work_run+0x1bc/0x254 [ 1425.884782][ T3654] do_notify_resume+0x1bc/0x270 [ 1425.885072][ T3654] el0_svc+0xb8/0x164 [ 1425.885368][ T3654] el0t_64_sync_handler+0x84/0x12c [ 1425.885667][ T3654] el0t_64_sync+0x198/0x19c [ 1425.886231][ T3654] [ 1425.886426][ T3654] The buggy address belongs to the physical page: [ 1425.887536][ T3654] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x62f000001329e400 pfn:0x5329e [ 1425.887930][ T3654] flags: 0x1ffce4000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x39) [ 1425.889126][ T3654] raw: 01ffce4000000000 ffffc1ffc085d188 ffffc1ffc0884bc8 0000000000000000 [ 1425.889376][ T3654] raw: 62f000001329e400 0000000000000000 00000000ffffffff 0000000000000000 [ 1425.889612][ T3654] page dumped because: kasan: bad access detected [ 1425.889744][ T3654] [ 1425.889864][ T3654] Memory state around the buggy address: [ 1425.890220][ T3654] fff000001329de00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1425.890413][ T3654] fff000001329df00: fb fb fb fb fb fb fb fb fe fe fe fe fe fe fe fe [ 1425.890624][ T3654] >fff000001329e000: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 1425.890787][ T3654] ^ [ 1425.891078][ T3654] fff000001329e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 1425.891285][ T3654] fff000001329e200: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 1425.891497][ T3654] ================================================================== [ 1426.125231][ T3654] Disabling lock debugging due to kernel taint [ 1431.002310][ T3654] Unable to handle kernel paging request at virtual address fffec3a653375600 [ 1431.048006][ T3654] KASAN: probably wild-memory-access in range [0xfff43a6533756000-0xfff43a653375600f] [ 1431.048908][ T3654] Mem abort info: [ 1431.049193][ T3654] ESR = 0x0000000096000004 [ 1431.049533][ T3654] EC = 0x25: DABT (current EL), IL = 32 bits [ 1431.075875][ T3654] SET = 0, FnV = 0 [ 1431.076467][ T3654] EA = 0, S1PTW = 0 [ 1431.076779][ T3654] FSC = 0x04: level 0 translation fault [ 1431.077148][ T3654] Data abort info: [ 1431.077413][ T3654] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 [ 1431.077726][ T3654] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 1431.078058][ T3654] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 1431.078529][ T3654] swapper pgtable: 4k pages, 52-bit VAs, pgdp=000000004769a000 [ 1431.078936][ T3654] [fffec3a653375600] pgd=0000000047ee1003, p4d=0000000000000000 [ 1431.080470][ T3654] Internal error: Oops: 0000000096000004 [#1] SMP [ 1431.091631][ T3654] Modules linked in: [ 1431.093398][ T3654] CPU: 0 UID: 0 PID: 3654 Comm: syz.2.17 Tainted: G B syzkaller #0 PREEMPT [ 1431.094935][ T3654] Tainted: [B]=BAD_PAGE [ 1431.095638][ T3654] Hardware name: linux,dummy-virt (DT) [ 1431.096707][ T3654] pstate: 80402009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 1431.098065][ T3654] pc : __kvm_pgtable_walk+0x268/0xa68 [ 1431.098997][ T3654] lr : __kvm_pgtable_walk+0x214/0xa68 [ 1431.099982][ T3654] sp : ffff80008ce577d0 [ 1431.100682][ T3654] x29: ffff80008ce57870 x28: 0000000000000005 x27: fff43a6533756000 [ 1431.102280][ T3654] x26: fff43a6533756000 x25: 0000000000000000 x24: 0000000000000001 [ 1431.103651][ T3654] x23: 00000000000000ff x22: efff800000000000 x21: ffff80008ce579d8 [ 1431.105043][ T3654] x20: 00000000000000ff x19: 00000000000000ff x18: 0000000000001b80 [ 1431.106433][ T3654] x17: 00000000000000c6 x16: 00000000000000fe x15: fff0000072d85404 [ 1431.107776][ T3654] x14: 0000000000000000 x13: ffff80008ce579e0 x12: ffff80008ce579e8 [ 1431.109160][ T3654] x11: ffff80008ce579e8 x10: 0000000000ff0100 x9 : ffff80008ce57828 [ 1431.110543][ T3654] x8 : 0fff43a653375600 x7 : ffff800080bc7858 x6 : 0000000000000000 [ 1431.111893][ T3654] x5 : 0000000000000000 x4 : 00000000000000ff x3 : 0000000000000001 [ 1431.113242][ T3654] x2 : fff43a6533756000 x1 : 0000000000000000 x0 : 0000000000000000 [ 1431.114705][ T3654] Call trace: [ 1431.115373][ T3654] __kvm_pgtable_walk+0x268/0xa68 (P) [ 1431.116437][ T3654] __kvm_pgtable_walk+0x600/0xa68 [ 1431.117403][ T3654] kvm_pgtable_walk+0x294/0x468 [ 1431.118335][ T3654] kvm_pgtable_stage2_destroy_range+0x60/0xb4 [ 1431.119398][ T3654] kvm_free_stage2_pgd+0x198/0x28c [ 1431.120354][ T3654] kvm_uninit_stage2_mmu+0x20/0x38 [ 1431.121198][ T3654] kvm_arch_flush_shadow_all+0x1a8/0x1e0 [ 1431.122239][ T3654] kvm_mmu_notifier_release+0x48/0xa8 [ 1431.123214][ T3654] mmu_notifier_unregister+0x128/0x42c [ 1431.124186][ T3654] kvm_put_kvm+0x6a0/0xfa8 [ 1431.125031][ T3654] kvm_vm_release+0x58/0x78 [ 1431.125922][ T3654] __fput+0x4ac/0x980 [ 1431.126698][ T3654] ____fput+0x20/0x58 [ 1431.127460][ T3654] task_work_run+0x1bc/0x254 [ 1431.128350][ T3654] do_notify_resume+0x1bc/0x270 [ 1431.129229][ T3654] el0_svc+0xb8/0x164 [ 1431.130081][ T3654] el0t_64_sync_handler+0x84/0x12c [ 1431.131049][ T3654] el0t_64_sync+0x198/0x19c [ 1431.132399][ T3654] Code: f94023ec f9400fed a9017d3f f800813f (38686ac8) [ 1431.134143][ T3654] ---[ end trace 0000000000000000 ]--- [ 1431.135723][ T3654] Kernel panic - not syncing: Oops: Fatal exception [ 1431.137702][ T3654] Kernel Offset: disabled [ 1431.138466][ T3654] CPU features: 0x000000,0001a300,5f7c67c1,057ffe1f [ 1431.139558][ T3654] Memory Limit: none [ 1431.141154][ T3654] Rebooting in 86400 seconds.. VM DIAGNOSIS: 02:00:45 Registers: info registers vcpu 0 CPU#0 PC=ffff800082136720 X00=0000000000000003 X01=0000000000000002 X02=0000000000000001 X03=ffff80008213661c X04=0000000000000001 X05=0000000000000001 X06=0000000000000000 X07=ffff800081f26774 X08=04f000000d9b9d80 X09=0000000000000000 X10=0000000000ff0100 X11=00000000000000fe X12=0000000000000002 X13=0000000000000002 X14=0000000000000000 X15=000000002356bd6d X16=00000000c673d431 X17=0000000000000000 X18=00000000c698bbd9 X19=efff800000000000 X20=81f000000dcb4880 X21=26ff80008c44b018 X22=0000000000000002 X23=81f000000dcb497c X24=0000000000000081 X25=81f000000dcb4ac8 X26=81f000000dcb48c8 X27=0000000000000081 X28=0000000000000081 X29=ffff80008c487b40 X30=ffff800082136720 SP=ffff80008c487b30 PSTATE=814020c9 N--- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000 P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000 FFR=0000 Z00=2f2f2f2f2f2f2f2f:2f2f2f2f2f2f2f2f Z01=6f6c622f7665642f:0000000000000000 Z02=0000003300000033:cccccccccccccccc Z03=000000ff000000ff:0000000000000000 Z04=3333333333333333:3333333333333333 Z05=0000000000000000:00030003cccccccc Z06=0000000000000073:0000aaab09dbe3c0 Z07=0000000000000074:0000aaab09dbb600 Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000 Z16=0000ffffdd3a9440:0000ffffdd3a9440 Z17=ffffff80ffffffd8:0000ffffdd3a9410 Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000