last executing test programs: 1m2.494076214s ago: executing program 0 (id=1221): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000340)={0x4, 0x19}) r3 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000040)={0x40, 0x14000, 0x0, 0xffffffffffffffff, 0x9}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000300)={0x0, 0x0}, &(0x7f00000001c0)=[@featur1={0x1, 0xc}], 0x1) ioctl$KVM_RUN(r8, 0x8933, 0x0) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000340)={0x5, 0x8}) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000080), 0x2000, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r10, 0x4068aea3, &(0x7f00000001c0)={0xdf, 0x0, 0xd000}) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0) 52.90915901s ago: executing program 1 (id=1223): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x25) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x1}}], 0x28}, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) 50.83914157s ago: executing program 0 (id=1224): r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0xe, 0x16831, 0xffffffffffffffff, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181900, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r6, 0x401054d5, 0x110c230020) r7 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f00000000c0)={0xffffffffffffffff, 0xcb, 0x2}) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) r9 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x11) ioctl$KVM_SET_DEVICE_ATTR_vm(r9, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0xf63a, 0x0, &(0x7f0000000000)=0x2}) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000e34000/0x2000)=nil, 0x0, 0x0, 0x10010, 0xffffffffffffffff, 0x0) write$eventfd(r8, &(0x7f00000001c0)=0xffffffffffffffff, 0xff46) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000340)={0x5}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r11, 0x4068aea3, &(0x7f0000000000)={0xa8, 0x0, 0x3}) ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000140)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_GET_DIRTY_LOG(r11, 0x4010ae42, &(0x7f0000000200)={0x101ff, 0x0, &(0x7f0000feb000/0x4000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CAP_PTP_KVM(r9, 0x4068aea3, &(0x7f0000000280)) 41.998774442s ago: executing program 1 (id=1225): openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8521, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) (fail_nth: 5) 35.1504578s ago: executing program 1 (id=1226): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x101e40, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000b75000/0x400000)=nil) r2 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x3) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1a) ioctl$KVM_ARM_VCPU_INIT(r5, 0x4020aeae, &(0x7f0000000100)={0x5, 0x18}) ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f0000000140)=@arm64_fw={0x6030000000140005, 0x0}) r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r10 = syz_kvm_add_vcpu$arm64(r9, &(0x7f00000000c0)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) ioctl$KVM_GET_ONE_REG(r10, 0x4010aeab, &(0x7f0000000040)=@arm64_extra={0x603000000013c036, &(0x7f0000000100)=0x78b}) r11 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000be1000/0x400000)=nil) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x36) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x0, 0x8032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0xf, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x603000000013c4f1, 0xe782}}, @irq_setup={0x46, 0x18, {0x0, 0x39a}}, @msr={0x14, 0x20, {0x603000000013dce1, 0x8000}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0xc, 0x9}}, @svc={0x122, 0x40, {0x8400000c, [0x5, 0x3, 0x2, 0x9, 0x2]}}, @msr={0x14, 0x20, {0x603000000013deef, 0x8000}}, @msr={0x14, 0x20, {0x603000000013dce8, 0x8000}}], 0x108}, &(0x7f0000000300)=[@featur1={0x1, 0x9}], 0x1) r12 = syz_kvm_add_vcpu$arm64(r11, &(0x7f0000000140), 0x0, 0xffffffffffffffcc) ioctl$KVM_RUN(r12, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) 29.692505517s ago: executing program 0 (id=1227): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x140, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000180)=@arm64_extra={0x603000000013c513, 0x0}) r4 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r8, 0x4068aea3, &(0x7f00000004c0)={0xdf, 0x0, 0x8000}) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r8, 0x4068aea3, &(0x7f0000000140)={0xdf, 0x0, 0x1000}) r9 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_GET_REGS(r9, 0x8360ae81, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r11 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000100)={0x0, &(0x7f0000000700)=[@hvc={0x32, 0x40, {0xc4000012, [0x1, 0x80, 0x3, 0xf, 0x2]}}, @memwrite={0x6e, 0x30, @generic={0xfec5a000, 0xe2d, 0x0, 0x1}}, @svc={0x122, 0x40, {0xc400000d, [0x6, 0x3a3d, 0xc, 0x100000001]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x8100000, 0x8, 0x5, 0x8}}, @its_setup={0x82, 0x28, {0x3, 0x4, 0xad}}, @smc={0x1e, 0x40, {0x8400000f, [0x0, 0x0, 0x66, 0x5, 0x2000]}}, @msr={0x14, 0x20, {0x603000000013802e, 0x5}}, @hvc={0x32, 0x40, {0x10, [0xb37, 0x1, 0x8001, 0xee19, 0x7]}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x1, 0x9, 0x8001, 0x236, 0x4}}], 0x1d0}, &(0x7f0000000000)=[@featur2={0x1, 0x12}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r13, 0xae80, 0x0) r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) r16 = syz_kvm_setup_syzos_vm$arm64(r15, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r16, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000100)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f00000011c0)=@attr_set_pmu={0x0, 0x0, 0x3, &(0x7f0000000140)=0xffff}) ioctl$KVM_RUN(r13, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000040)=@attr_irq_timer={0x0, 0x1, 0x0, &(0x7f0000000200)=0x16}) syz_kvm_add_vcpu$arm64(r10, &(0x7f00000000c0)={0x0, &(0x7f00000001c0)=[@msr={0x14, 0x20, {0x6030000000138010, 0x8001}}], 0x20}, 0x0, 0x0) 17.318945435s ago: executing program 1 (id=1228): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x25) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) munmap(&(0x7f0000cd0000/0x2000)=nil, 0x2000) (async) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION2(r4, 0x40a0ae49, &(0x7f00000001c0)={0x10200, 0x4, 0x8080000, 0x1000, &(0x7f0000fff000/0x1000)=nil, 0x8}) (async) r5 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x1}}, @its_setup={0x82, 0x28, {0x3, 0x1, 0x3ee}}], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x9}) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x25) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2) r9 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, r8, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r9, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b0fb08986814d7bb14c94a6ab8031d1dfd92f000000000180007a835673feb954ebb2aa7fc869d22627e7000000000000000000000000ef00", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, r8, 0x0) (async) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) close(r10) (async, rerun: 32) r11 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async, rerun: 32) r12 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0) ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r13, 0x4068aea3, &(0x7f0000000040)={0xe4, 0x0, 0x1000}) (async) syz_kvm_setup_syzos_vm$arm64(r13, &(0x7f0000a89000/0x400000)=nil) (async, rerun: 32) ioctl$KVM_SET_USER_MEMORY_REGION(r13, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x2, 0xdddd0000, 0x2000, &(0x7f000000a000/0x2000)=nil}) (async, rerun: 32) r14 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x1) r16 = mmap$KVM_VCPU(&(0x7f000000e000/0x4000)=nil, 0x930, 0x3, 0x11, r15, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r16, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r15, 0x0) 16.689235871s ago: executing program 0 (id=1229): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x1, 0x4, 0x2}}], 0x28}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x25) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r6, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@its_setup={0x82, 0x28, {0x2, 0x4, 0x1}}], 0x28}, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000240)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f0000000000)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) 7.722462752s ago: executing program 1 (id=1230): r0 = openat$kvm(0x0, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0x4b49, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000000)=@attr_other={0x0, 0x0, 0x4, &(0x7f0000000240)=0xffffffff}) 6.583501858s ago: executing program 0 (id=1231): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000340)={0x5, 0x8}) ioctl$KVM_RUN(r2, 0xae80, 0x500) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) ioctl$KVM_ARM_VCPU_INIT(r2, 0x4020aeae, &(0x7f0000000340)={0x5, 0x8}) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000ff5000/0x3000)=nil, 0x930, 0x100000f, 0x24132, 0xffffffffffffffff, 0x0) ioctl$KVM_ARM_VCPU_INIT(0xffffffffffffffff, 0x4020aeae, 0x0) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, 0x0) 2.450799898s ago: executing program 1 (id=1232): r0 = openat$kvm(0x0, &(0x7f0000000280), 0x103080, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r2 = syz_kvm_vgic_v3_setup(r1, 0x1, 0x40) (fail_nth: 5) ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000100)=@attr_other={0x0, 0x1, 0x84, &(0x7f0000000140)=0x200a88}) 0s ago: executing program 0 (id=1233): r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r2, 0x4068aea3, &(0x7f00000004c0)={0xdf, 0x0, 0x8000}) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x500) syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000000)={0x0, 0x0}, 0x0, 0x0) kernel console output (not intermixed with test programs): [ 398.689707][ T25] audit: type=1400 audit(397.940:60): avc: denied { read } for pid=3171 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 416.214928][ T3171] 8021q: adding VLAN 0 to HW filter on device bond0 [ 466.746252][ T3171] eql: remember to turn off Van-Jacobson compression on your slave devices Warning: Permanently added '[localhost]:7447' (ED25519) to the list of known hosts. [ 637.216875][ T25] audit: type=1400 audit(636.500:61): avc: denied { name_bind } for pid=3331 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 638.103454][ T25] audit: type=1400 audit(637.380:62): avc: denied { execute } for pid=3332 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 638.131506][ T25] audit: type=1400 audit(637.410:63): avc: denied { execute_no_trans } for pid=3332 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 669.586606][ T25] audit: type=1400 audit(668.870:64): avc: denied { mounton } for pid=3332 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 669.629144][ T25] audit: type=1400 audit(668.910:65): avc: denied { mount } for pid=3332 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 669.724704][ T3332] cgroup: Unknown subsys name 'net' [ 669.803422][ T25] audit: type=1400 audit(669.090:66): avc: denied { unmount } for pid=3332 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 670.280562][ T3332] cgroup: Unknown subsys name 'cpuset' [ 670.431344][ T3332] cgroup: Unknown subsys name 'rlimit' [ 671.812492][ T25] audit: type=1400 audit(671.100:67): avc: denied { setattr } for pid=3332 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 671.844917][ T25] audit: type=1400 audit(671.130:68): avc: denied { create } for pid=3332 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 671.870269][ T25] audit: type=1400 audit(671.150:69): avc: denied { write } for pid=3332 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 671.886278][ T25] audit: type=1400 audit(671.170:70): avc: denied { module_request } for pid=3332 comm="syz-executor" kmod="net-pf-16-proto-16-family-nl802154" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 672.372357][ T25] audit: type=1400 audit(671.650:71): avc: denied { read } for pid=3332 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 672.431333][ T25] audit: type=1400 audit(671.700:72): avc: denied { mounton } for pid=3332 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 672.446870][ T25] audit: type=1400 audit(671.730:73): avc: denied { mount } for pid=3332 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 673.547789][ T3337] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 673.811401][ T3332] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 732.423255][ T25] kauditd_printk_skb: 4 callbacks suppressed [ 732.449831][ T25] audit: type=1400 audit(731.710:78): avc: denied { execmem } for pid=3338 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 795.900545][ T25] audit: type=1400 audit(795.180:79): avc: denied { read } for pid=3340 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 795.919603][ T25] audit: type=1400 audit(795.200:80): avc: denied { read } for pid=3341 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 795.945577][ T25] audit: type=1400 audit(795.230:81): avc: denied { open } for pid=3340 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 796.031004][ T25] audit: type=1400 audit(795.300:82): avc: denied { mounton } for pid=3341 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 797.245859][ T25] audit: type=1400 audit(796.530:83): avc: denied { sys_module } for pid=3340 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 820.429707][ T3340] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 820.560479][ T3340] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 821.310444][ T3341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 821.606791][ T3341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 837.991570][ T3340] hsr_slave_0: entered promiscuous mode [ 838.024845][ T3340] hsr_slave_1: entered promiscuous mode [ 838.923708][ T3341] hsr_slave_0: entered promiscuous mode [ 838.982825][ T3341] hsr_slave_1: entered promiscuous mode [ 839.019545][ T3341] debugfs: 'hsr0' already exists in 'hsr' [ 839.029924][ T3341] Cannot create hsr debugfs directory [ 845.370884][ T3340] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 845.704762][ T3340] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 846.086374][ T3340] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 846.493804][ T3340] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 848.183973][ T3341] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 848.361423][ T3341] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 848.576906][ T3341] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 848.794473][ T3341] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 861.654608][ T3340] 8021q: adding VLAN 0 to HW filter on device bond0 [ 864.082534][ T3341] 8021q: adding VLAN 0 to HW filter on device bond0 [ 920.454633][ T3340] veth0_vlan: entered promiscuous mode [ 921.005731][ T3340] veth1_vlan: entered promiscuous mode [ 923.233864][ T3341] veth0_vlan: entered promiscuous mode [ 923.595365][ T3340] veth0_macvtap: entered promiscuous mode [ 924.114794][ T3340] veth1_macvtap: entered promiscuous mode [ 924.256838][ T3341] veth1_vlan: entered promiscuous mode [ 926.724404][ T3386] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 926.749076][ T3386] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 926.752938][ T3386] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 926.761097][ T3386] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 927.345494][ T3341] veth0_macvtap: entered promiscuous mode [ 928.015292][ T3341] veth1_macvtap: entered promiscuous mode [ 929.766950][ T25] audit: type=1400 audit(929.050:84): avc: denied { mount } for pid=3340 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 929.989499][ T25] audit: type=1400 audit(929.260:85): avc: denied { mounton } for pid=3340 comm="syz-executor" path="/syzkaller.3j7xWF/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 930.236701][ T25] audit: type=1400 audit(929.520:86): avc: denied { mount } for pid=3340 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 930.613905][ T25] audit: type=1400 audit(929.860:87): avc: denied { mounton } for pid=3340 comm="syz-executor" path="/syzkaller.3j7xWF/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 930.835256][ T25] audit: type=1400 audit(930.120:88): avc: denied { mounton } for pid=3340 comm="syz-executor" path="/syzkaller.3j7xWF/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3765 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 931.135753][ T3447] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 931.156434][ T3447] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 931.182777][ T3447] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 931.196236][ T3447] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 931.581513][ T25] audit: type=1400 audit(930.790:89): avc: denied { unmount } for pid=3340 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 931.846397][ T25] audit: type=1400 audit(931.070:90): avc: denied { mounton } for pid=3340 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 931.985174][ T25] audit: type=1400 audit(931.270:91): avc: denied { mount } for pid=3340 comm="syz-executor" name="/" dev="gadgetfs" ino=3777 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 932.400058][ T25] audit: type=1400 audit(931.670:92): avc: denied { mount } for pid=3340 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 932.621035][ T25] audit: type=1400 audit(931.890:93): avc: denied { mounton } for pid=3340 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 934.892978][ T3340] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 936.459234][ T25] kauditd_printk_skb: 1 callbacks suppressed [ 936.465071][ T25] audit: type=1400 audit(935.720:95): avc: denied { read write } for pid=3340 comm="syz-executor" name="loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 936.531796][ T25] audit: type=1400 audit(935.790:96): avc: denied { open } for pid=3340 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 936.599902][ T25] audit: type=1400 audit(935.880:97): avc: denied { ioctl } for pid=3340 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=638 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 951.268712][ T25] audit: type=1400 audit(950.550:98): avc: denied { execute } for pid=3495 comm="syz.0.1" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3818 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 967.620401][ T25] audit: type=1400 audit(966.800:99): avc: denied { read } for pid=3507 comm="syz.0.5" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 967.625434][ T25] audit: type=1400 audit(966.870:100): avc: denied { open } for pid=3507 comm="syz.0.5" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 968.168702][ T25] audit: type=1400 audit(967.390:101): avc: denied { ioctl } for pid=3507 comm="syz.0.5" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae03 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 970.820009][ T25] audit: type=1400 audit(970.100:102): avc: denied { write } for pid=3509 comm="syz.1.6" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1068.085369][ T25] audit: type=1400 audit(1067.340:103): avc: denied { setattr } for pid=3575 comm="syz.1.38" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1396.124042][ T25] audit: type=1400 audit(1395.410:104): avc: denied { append } for pid=3787 comm="syz.0.131" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1458.575466][ T25] audit: type=1400 audit(1457.840:105): avc: denied { create } for pid=3826 comm="syz.0.145" anonclass=[kvm-gmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 1506.062454][ T25] audit: type=1400 audit(1505.220:106): avc: denied { execmem } for pid=3850 comm="syz.0.157" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 1723.674234][ T25] audit: type=1400 audit(1722.940:107): avc: denied { map } for pid=3987 comm="syz.0.211" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=7535 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 1723.738970][ T25] audit: type=1400 audit(1723.010:108): avc: denied { read execute } for pid=3987 comm="syz.0.211" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=7535 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 1845.667347][ T4059] kvm [4057]: Unsupported guest access at: eeef0000 [ 1845.667347][ T4059] { Op0( 2), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2732.084234][ T25] audit: type=1400 audit(2731.360:109): avc: denied { ioctl } for pid=4584 comm="syz.1.448" path="net:[4026532624]" dev="nsfs" ino=4026532624 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 3028.443037][ T4758] kvm [4758]: Failed to find VMA for hva 0x20dd7000 [ 3392.924688][ T4971] kvm [4971]: Failed to find VMA for hva 0x20c01000 [ 3447.222362][ T25] audit: type=1400 audit(3446.490:110): avc: denied { map } for pid=5002 comm="syz.1.598" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 3447.249149][ T25] audit: type=1400 audit(3446.520:111): avc: denied { execute } for pid=5002 comm="syz.1.598" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 3582.238136][ C0] hrtimer: interrupt took 877120 ns [ 3650.125714][ T5108] KVM: debugfs: duplicate directory 5108-5 [ 4246.175531][ T25] audit: type=1400 audit(4245.410:112): avc: denied { execute } for pid=5448 comm="syz.0.766" path=2F3338332F10FBFF67525673312B0104 dev="tmpfs" ino=1941 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 6427.901447][ T6582] FAULT_INJECTION: forcing a failure. [ 6427.901447][ T6582] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 6427.991693][ T6582] CPU: 0 UID: 0 PID: 6582 Comm: syz.1.1178 Not tainted syzkaller #0 PREEMPT [ 6427.992408][ T6582] Hardware name: linux,dummy-virt (DT) [ 6427.994702][ T6582] Call trace: [ 6427.995143][ T6582] show_stack+0x2c/0x3c (C) [ 6427.997024][ T6582] __dump_stack+0x30/0x40 [ 6427.997423][ T6582] dump_stack_lvl+0xd8/0x12c [ 6427.997721][ T6582] dump_stack+0x1c/0x28 [ 6427.998007][ T6582] should_fail_ex+0x56c/0x6d8 [ 6427.998254][ T6582] should_fail+0x14/0x24 [ 6427.998460][ T6582] should_fail_usercopy+0x20/0x30 [ 6427.998681][ T6582] simple_read_from_buffer+0xd0/0x294 [ 6427.998924][ T6582] proc_fail_nth_read+0x184/0x214 [ 6427.999199][ T6582] vfs_read+0x220/0x9d8 [ 6427.999400][ T6582] ksys_read+0x108/0x1fc [ 6427.999595][ T6582] __arm64_sys_read+0x98/0xcc [ 6427.999796][ T6582] invoke_syscall+0x90/0x230 [ 6428.000130][ T6582] el0_svc_common+0x120/0x2f4 [ 6428.000418][ T6582] do_el0_svc+0x58/0x74 [ 6428.000694][ T6582] el0_svc+0x5c/0x238 [ 6428.000983][ T6582] el0t_64_sync_handler+0x84/0x12c [ 6428.001298][ T6582] el0t_64_sync+0x198/0x19c [ 6436.141881][ T6587] FAULT_INJECTION: forcing a failure. [ 6436.141881][ T6587] name failslab, interval 1, probability 0, space 0, times 1 [ 6436.147460][ T6587] CPU: 0 UID: 0 PID: 6587 Comm: syz.1.1180 Not tainted syzkaller #0 PREEMPT [ 6436.147850][ T6587] Hardware name: linux,dummy-virt (DT) [ 6436.147981][ T6587] Call trace: [ 6436.148076][ T6587] show_stack+0x2c/0x3c (C) [ 6436.148435][ T6587] __dump_stack+0x30/0x40 [ 6436.148743][ T6587] dump_stack_lvl+0xd8/0x12c [ 6436.149031][ T6587] dump_stack+0x1c/0x28 [ 6436.149327][ T6587] should_fail_ex+0x56c/0x6d8 [ 6436.149542][ T6587] should_failslab+0xb8/0xec [ 6436.149832][ T6587] __kmalloc_noprof+0xe8/0x680 [ 6436.150090][ T6587] tomoyo_realpath_from_path+0xdc/0x628 [ 6436.150384][ T6587] tomoyo_path_number_perm+0x13c/0x33c [ 6436.150647][ T6587] tomoyo_file_ioctl+0x2c/0x3c [ 6436.150931][ T6587] security_file_ioctl+0xe0/0x2cc [ 6436.151241][ T6587] __arm64_sys_ioctl+0xd0/0x244 [ 6436.151535][ T6587] invoke_syscall+0x90/0x230 [ 6436.151835][ T6587] el0_svc_common+0x120/0x2f4 [ 6436.152155][ T6587] do_el0_svc+0x58/0x74 [ 6436.152434][ T6587] el0_svc+0x5c/0x238 [ 6436.152735][ T6587] el0t_64_sync_handler+0x84/0x12c [ 6436.153025][ T6587] el0t_64_sync+0x198/0x19c [ 6436.239554][ T6587] ERROR: Out of memory at tomoyo_realpath_from_path. [ 6445.914290][ T6593] FAULT_INJECTION: forcing a failure. [ 6445.914290][ T6593] name failslab, interval 1, probability 0, space 0, times 0 [ 6445.961527][ T6593] CPU: 0 UID: 0 PID: 6593 Comm: syz.0.1182 Not tainted syzkaller #0 PREEMPT [ 6445.961913][ T6593] Hardware name: linux,dummy-virt (DT) [ 6445.962020][ T6593] Call trace: [ 6445.962126][ T6593] show_stack+0x2c/0x3c (C) [ 6445.962482][ T6593] __dump_stack+0x30/0x40 [ 6445.962773][ T6593] dump_stack_lvl+0xd8/0x12c [ 6445.963072][ T6593] dump_stack+0x1c/0x28 [ 6445.963371][ T6593] should_fail_ex+0x56c/0x6d8 [ 6445.963587][ T6593] should_failslab+0xb8/0xec [ 6445.963863][ T6593] __kmalloc_noprof+0xe8/0x680 [ 6445.964167][ T6593] tomoyo_realpath_from_path+0xdc/0x628 [ 6445.964466][ T6593] tomoyo_path_number_perm+0x13c/0x33c [ 6445.964720][ T6593] tomoyo_file_ioctl+0x2c/0x3c [ 6445.964999][ T6593] security_file_ioctl+0xe0/0x2cc [ 6445.965314][ T6593] __arm64_sys_ioctl+0xd0/0x244 [ 6445.965606][ T6593] invoke_syscall+0x90/0x230 [ 6445.965898][ T6593] el0_svc_common+0x120/0x2f4 [ 6445.966201][ T6593] do_el0_svc+0x58/0x74 [ 6445.966485][ T6593] el0_svc+0x5c/0x238 [ 6445.966774][ T6593] el0t_64_sync_handler+0x84/0x12c [ 6445.967078][ T6593] el0t_64_sync+0x198/0x19c [ 6446.095988][ T6593] ERROR: Out of memory at tomoyo_realpath_from_path. [ 6469.542370][ T6604] FAULT_INJECTION: forcing a failure. [ 6469.542370][ T6604] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 6469.616265][ T6604] CPU: 0 UID: 0 PID: 6604 Comm: syz.0.1186 Not tainted syzkaller #0 PREEMPT [ 6469.616659][ T6604] Hardware name: linux,dummy-virt (DT) [ 6469.616768][ T6604] Call trace: [ 6469.616847][ T6604] show_stack+0x2c/0x3c (C) [ 6469.617232][ T6604] __dump_stack+0x30/0x40 [ 6469.617548][ T6604] dump_stack_lvl+0xd8/0x12c [ 6469.617836][ T6604] dump_stack+0x1c/0x28 [ 6469.618130][ T6604] should_fail_ex+0x56c/0x6d8 [ 6469.618365][ T6604] should_fail+0x14/0x24 [ 6469.618572][ T6604] should_fail_usercopy+0x20/0x30 [ 6469.618795][ T6604] simple_read_from_buffer+0xd0/0x294 [ 6469.619050][ T6604] proc_fail_nth_read+0x184/0x214 [ 6469.619323][ T6604] vfs_read+0x220/0x9d8 [ 6469.619527][ T6604] ksys_read+0x108/0x1fc [ 6469.619725][ T6604] __arm64_sys_read+0x98/0xcc [ 6469.619944][ T6604] invoke_syscall+0x90/0x230 [ 6469.620262][ T6604] el0_svc_common+0x120/0x2f4 [ 6469.620543][ T6604] do_el0_svc+0x58/0x74 [ 6469.620813][ T6604] el0_svc+0x5c/0x238 [ 6469.621120][ T6604] el0t_64_sync_handler+0x84/0x12c [ 6469.621425][ T6604] el0t_64_sync+0x198/0x19c [ 6500.959681][ T6621] FAULT_INJECTION: forcing a failure. [ 6500.959681][ T6621] name failslab, interval 1, probability 0, space 0, times 0 [ 6500.964525][ T6621] CPU: 0 UID: 0 PID: 6621 Comm: syz.0.1191 Not tainted syzkaller #0 PREEMPT [ 6500.964854][ T6621] Hardware name: linux,dummy-virt (DT) [ 6500.964958][ T6621] Call trace: [ 6500.965035][ T6621] show_stack+0x2c/0x3c (C) [ 6500.965418][ T6621] __dump_stack+0x30/0x40 [ 6500.965716][ T6621] dump_stack_lvl+0xd8/0x12c [ 6500.966009][ T6621] dump_stack+0x1c/0x28 [ 6500.966306][ T6621] should_fail_ex+0x56c/0x6d8 [ 6500.966521][ T6621] should_failslab+0xb8/0xec [ 6500.966794][ T6621] __kmalloc_noprof+0xe8/0x680 [ 6500.967057][ T6621] tomoyo_encode+0x274/0x4e4 [ 6500.967351][ T6621] tomoyo_realpath_from_path+0x5bc/0x628 [ 6500.967633][ T6621] tomoyo_path_number_perm+0x13c/0x33c [ 6500.967890][ T6621] tomoyo_file_ioctl+0x2c/0x3c [ 6500.968226][ T6621] security_file_ioctl+0xe0/0x2cc [ 6500.968527][ T6621] __arm64_sys_ioctl+0xd0/0x244 [ 6500.968816][ T6621] invoke_syscall+0x90/0x230 [ 6500.969120][ T6621] el0_svc_common+0x120/0x2f4 [ 6500.969406][ T6621] do_el0_svc+0x58/0x74 [ 6500.969679][ T6621] el0_svc+0x5c/0x238 [ 6500.969967][ T6621] el0t_64_sync_handler+0x84/0x12c [ 6500.970281][ T6621] el0t_64_sync+0x198/0x19c [ 6501.089311][ T6621] ERROR: Out of memory at tomoyo_realpath_from_path. [ 6516.306794][ T6632] FAULT_INJECTION: forcing a failure. [ 6516.306794][ T6632] name failslab, interval 1, probability 0, space 0, times 0 [ 6516.364306][ T6632] CPU: 0 UID: 0 PID: 6632 Comm: syz.0.1195 Not tainted syzkaller #0 PREEMPT [ 6516.364698][ T6632] Hardware name: linux,dummy-virt (DT) [ 6516.364806][ T6632] Call trace: [ 6516.364885][ T6632] show_stack+0x2c/0x3c (C) [ 6516.365279][ T6632] __dump_stack+0x30/0x40 [ 6516.365581][ T6632] dump_stack_lvl+0xd8/0x12c [ 6516.365882][ T6632] dump_stack+0x1c/0x28 [ 6516.366189][ T6632] should_fail_ex+0x56c/0x6d8 [ 6516.366408][ T6632] should_failslab+0xb8/0xec [ 6516.366683][ T6632] __kmalloc_noprof+0xe8/0x680 [ 6516.366924][ T6632] tomoyo_encode+0x274/0x4e4 [ 6516.367217][ T6632] tomoyo_realpath_from_path+0x5bc/0x628 [ 6516.367500][ T6632] tomoyo_path_number_perm+0x13c/0x33c [ 6516.367753][ T6632] tomoyo_file_ioctl+0x2c/0x3c [ 6516.368069][ T6632] security_file_ioctl+0xe0/0x2cc [ 6516.368389][ T6632] __arm64_sys_ioctl+0xd0/0x244 [ 6516.368684][ T6632] invoke_syscall+0x90/0x230 [ 6516.368969][ T6632] el0_svc_common+0x120/0x2f4 [ 6516.369280][ T6632] do_el0_svc+0x58/0x74 [ 6516.369558][ T6632] el0_svc+0x5c/0x238 [ 6516.369847][ T6632] el0t_64_sync_handler+0x84/0x12c [ 6516.370158][ T6632] el0t_64_sync+0x198/0x19c [ 6516.501671][ T6632] ERROR: Out of memory at tomoyo_realpath_from_path. [ 6546.742364][ T6648] FAULT_INJECTION: forcing a failure. [ 6546.742364][ T6648] name failslab, interval 1, probability 0, space 0, times 0 [ 6546.763483][ T6648] CPU: 0 UID: 0 PID: 6648 Comm: syz.1.1200 Not tainted syzkaller #0 PREEMPT [ 6546.763872][ T6648] Hardware name: linux,dummy-virt (DT) [ 6546.764018][ T6648] Call trace: [ 6546.764125][ T6648] show_stack+0x2c/0x3c (C) [ 6546.764485][ T6648] __dump_stack+0x30/0x40 [ 6546.764785][ T6648] dump_stack_lvl+0xd8/0x12c [ 6546.765088][ T6648] dump_stack+0x1c/0x28 [ 6546.765388][ T6648] should_fail_ex+0x56c/0x6d8 [ 6546.765605][ T6648] should_failslab+0xb8/0xec [ 6546.765890][ T6648] __kmalloc_noprof+0xe8/0x680 [ 6546.766154][ T6648] tomoyo_encode+0x274/0x4e4 [ 6546.766436][ T6648] tomoyo_realpath_from_path+0x5bc/0x628 [ 6546.766717][ T6648] tomoyo_path_number_perm+0x13c/0x33c [ 6546.766972][ T6648] tomoyo_file_ioctl+0x2c/0x3c [ 6546.767279][ T6648] security_file_ioctl+0xe0/0x2cc [ 6546.767576][ T6648] __arm64_sys_ioctl+0xd0/0x244 [ 6546.767864][ T6648] invoke_syscall+0x90/0x230 [ 6546.768204][ T6648] el0_svc_common+0x120/0x2f4 [ 6546.768490][ T6648] do_el0_svc+0x58/0x74 [ 6546.768766][ T6648] el0_svc+0x5c/0x238 [ 6546.769072][ T6648] el0t_64_sync_handler+0x84/0x12c [ 6546.769382][ T6648] el0t_64_sync+0x198/0x19c [ 6546.850125][ T6648] ERROR: Out of memory at tomoyo_realpath_from_path. [ 6593.052696][ T6675] FAULT_INJECTION: forcing a failure. [ 6593.052696][ T6675] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 6593.075157][ T6675] CPU: 0 UID: 0 PID: 6675 Comm: syz.0.1209 Not tainted syzkaller #0 PREEMPT [ 6593.075543][ T6675] Hardware name: linux,dummy-virt (DT) [ 6593.075650][ T6675] Call trace: [ 6593.075728][ T6675] show_stack+0x2c/0x3c (C) [ 6593.076145][ T6675] __dump_stack+0x30/0x40 [ 6593.076453][ T6675] dump_stack_lvl+0xd8/0x12c [ 6593.076742][ T6675] dump_stack+0x1c/0x28 [ 6593.077021][ T6675] should_fail_ex+0x56c/0x6d8 [ 6593.077271][ T6675] should_fail+0x14/0x24 [ 6593.077483][ T6675] should_fail_usercopy+0x20/0x30 [ 6593.077708][ T6675] _inline_copy_from_user+0x44/0x18c [ 6593.077981][ T6675] kvm_arch_vcpu_ioctl+0x3dc/0x14cc [ 6593.078263][ T6675] kvm_vcpu_ioctl+0x600/0xc6c [ 6593.078534][ T6675] __arm64_sys_ioctl+0x18c/0x244 [ 6593.078826][ T6675] invoke_syscall+0x90/0x230 [ 6593.079133][ T6675] el0_svc_common+0x120/0x2f4 [ 6593.079417][ T6675] do_el0_svc+0x58/0x74 [ 6593.079688][ T6675] el0_svc+0x5c/0x238 [ 6593.080004][ T6675] el0t_64_sync_handler+0x84/0x12c [ 6593.080327][ T6675] el0t_64_sync+0x198/0x19c [ 6647.902972][ T6705] FAULT_INJECTION: forcing a failure. [ 6647.902972][ T6705] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 6647.910931][ T6705] CPU: 0 UID: 0 PID: 6705 Comm: syz.1.1218 Not tainted syzkaller #0 PREEMPT [ 6647.911308][ T6705] Hardware name: linux,dummy-virt (DT) [ 6647.911424][ T6705] Call trace: [ 6647.911502][ T6705] show_stack+0x2c/0x3c (C) [ 6647.911849][ T6705] __dump_stack+0x30/0x40 [ 6647.912206][ T6705] dump_stack_lvl+0xd8/0x12c [ 6647.912506][ T6705] dump_stack+0x1c/0x28 [ 6647.912788][ T6705] should_fail_ex+0x56c/0x6d8 [ 6647.913001][ T6705] should_fail_alloc_page+0xd4/0xd8 [ 6647.913309][ T6705] prepare_alloc_pages+0x234/0x628 [ 6647.913571][ T6705] __alloc_frozen_pages_noprof+0xd8/0x2cc [ 6647.913831][ T6705] alloc_pages_mpol+0x204/0x4c4 [ 6647.914088][ T6705] folio_alloc_mpol_noprof+0x54/0x2b0 [ 6647.914351][ T6705] vma_alloc_folio_noprof+0x348/0x490 [ 6647.914605][ T6705] vma_alloc_zeroed_movable_folio+0x80/0xa0 [ 6647.914881][ T6705] folio_prealloc+0x48/0x1c0 [ 6647.915140][ T6705] do_pte_missing+0x2528/0x374c [ 6647.915398][ T6705] handle_mm_fault+0x1b04/0x2bf0 [ 6647.915634][ T6705] do_page_fault+0x414/0x14c8 [ 6647.915904][ T6705] do_translation_fault+0xbc/0xfc [ 6647.916232][ T6705] do_mem_abort+0x58/0x114 [ 6647.916498][ T6705] el0_da+0x64/0x218 [ 6647.916788][ T6705] el0t_64_sync_handler+0x90/0x12c [ 6647.917093][ T6705] el0t_64_sync+0x198/0x19c [ 6648.029747][ T6705] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 6678.954069][ T6723] FAULT_INJECTION: forcing a failure. [ 6678.954069][ T6723] name failslab, interval 1, probability 0, space 0, times 0 [ 6679.015342][ T6723] CPU: 0 UID: 0 PID: 6723 Comm: syz.1.1225 Not tainted syzkaller #0 PREEMPT [ 6679.015741][ T6723] Hardware name: linux,dummy-virt (DT) [ 6679.015858][ T6723] Call trace: [ 6679.015964][ T6723] show_stack+0x2c/0x3c (C) [ 6679.016363][ T6723] __dump_stack+0x30/0x40 [ 6679.016666][ T6723] dump_stack_lvl+0xd8/0x12c [ 6679.016952][ T6723] dump_stack+0x1c/0x28 [ 6679.017255][ T6723] should_fail_ex+0x56c/0x6d8 [ 6679.017487][ T6723] should_failslab+0xb8/0xec [ 6679.017768][ T6723] kmem_cache_alloc_lru_noprof+0x94/0x5b8 [ 6679.018017][ T6723] __d_alloc+0x54/0x850 [ 6679.018258][ T6723] d_alloc_pseudo+0x34/0x130 [ 6679.018480][ T6723] alloc_file_pseudo+0x94/0x1e8 [ 6679.018711][ T6723] hugetlb_file_setup+0x364/0x544 [ 6679.018978][ T6723] ksys_mmap_pgoff+0x17c/0x448 [ 6679.019293][ T6723] __arm64_sys_mmap+0x13c/0x198 [ 6679.019580][ T6723] invoke_syscall+0x90/0x230 [ 6679.019864][ T6723] el0_svc_common+0x120/0x2f4 [ 6679.020179][ T6723] do_el0_svc+0x58/0x74 [ 6679.020466][ T6723] el0_svc+0x5c/0x238 [ 6679.020757][ T6723] el0t_64_sync_handler+0x84/0x12c [ 6679.021056][ T6723] el0t_64_sync+0x198/0x19c [ 6718.124254][ T6742] FAULT_INJECTION: forcing a failure. [ 6718.124254][ T6742] name failslab, interval 1, probability 0, space 0, times 0 [ 6718.169395][ T6742] CPU: 0 UID: 0 PID: 6742 Comm: syz.1.1232 Not tainted syzkaller #0 PREEMPT [ 6718.169799][ T6742] Hardware name: linux,dummy-virt (DT) [ 6718.169907][ T6742] Call trace: [ 6718.169986][ T6742] show_stack+0x2c/0x3c (C) [ 6718.170370][ T6742] __dump_stack+0x30/0x40 [ 6718.170668][ T6742] dump_stack_lvl+0xd8/0x12c [ 6718.170953][ T6742] dump_stack+0x1c/0x28 [ 6718.171260][ T6742] should_fail_ex+0x56c/0x6d8 [ 6718.171481][ T6742] should_failslab+0xb8/0xec [ 6718.171757][ T6742] __kmalloc_cache_noprof+0x8c/0x5cc [ 6718.172032][ T6742] vgic_allocate_private_irqs_locked+0x10c/0x608 [ 6718.172301][ T6742] kvm_vgic_create+0x4f4/0x964 [ 6718.172515][ T6742] vgic_create+0x58/0x78 [ 6718.172795][ T6742] kvm_ioctl_create_device+0x18c/0x710 [ 6718.173066][ T6742] kvm_vm_ioctl+0x704/0x9a4 [ 6718.173315][ T6742] __arm64_sys_ioctl+0x18c/0x244 [ 6718.173610][ T6742] invoke_syscall+0x90/0x230 [ 6718.173890][ T6742] el0_svc_common+0x120/0x2f4 [ 6718.174192][ T6742] do_el0_svc+0x58/0x74 [ 6718.174468][ T6742] el0_svc+0x5c/0x238 [ 6718.174756][ T6742] el0t_64_sync_handler+0x84/0x12c [ 6718.175059][ T6742] el0t_64_sync+0x198/0x19c [ 6718.761438][ T6741] Unable to handle kernel paging request at virtual address ffef800000000000 [ 6718.839504][ T6741] KASAN: maybe wild-memory-access in range [0xff00000000000000-0xff0000000000000f] [ 6718.851224][ T6741] Mem abort info: [ 6718.853793][ T6741] ESR = 0x0000000096000004 [ 6718.854339][ T6741] EC = 0x25: DABT (current EL), IL = 32 bits [ 6718.854702][ T6741] SET = 0, FnV = 0 [ 6718.854997][ T6741] EA = 0, S1PTW = 0 [ 6718.855326][ T6741] FSC = 0x04: level 0 translation fault [ 6718.855675][ T6741] Data abort info: [ 6718.855972][ T6741] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 [ 6718.856324][ T6741] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 6718.856669][ T6741] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 6718.857162][ T6741] [ffef800000000000] address between user and kernel address ranges [ 6718.929726][ T25] audit: type=1400 audit(6718.170:113): avc: denied { read } for pid=3130 comm="syslogd" name="log" dev="vda" ino=1857 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 6718.953241][ T6741] Internal error: Oops: 0000000096000004 [#1] SMP [ 6718.956509][ T6741] Modules linked in: [ 6718.957797][ T6741] CPU: 0 UID: 0 PID: 6741 Comm: syz.1.1232 Not tainted syzkaller #0 PREEMPT [ 6718.959098][ T6741] Hardware name: linux,dummy-virt (DT) [ 6718.960190][ T6741] pstate: 01402009 (nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 6718.961394][ T6741] pc : kvm_vgic_destroy+0x2d4/0x624 [ 6718.962331][ T6741] lr : kvm_vgic_destroy+0x290/0x624 [ 6718.963179][ T6741] sp : ffff80008eb67b90 [ 6718.963839][ T6741] x29: ffff80008eb67ba0 x28: 0000000000000005 x27: f1f000001fe512d8 [ 6718.965375][ T6741] x26: f1f000001fe50db0 x25: 00000000000000f1 x24: f1f000001fe50d8c [ 6718.966630][ T6741] x23: 00000000000000f1 x22: 00000000000000f1 x21: f1f000001fe50ad0 [ 6718.967908][ T6741] x20: efff800000000000 x19: f1f000001fe50000 x18: 0000000068379e15 [ 6718.969114][ T6741] x17: 0000000000000015 x16: ffff80008001159c x15: ffff80008eb67950 [ 6718.970364][ T6741] x14: ffffffffffffffff x13: 0000000000000028 x12: ecf000000ea65d70 [ 6718.971627][ T6741] x11: ffff800088209a68 x10: 0000000000ff0100 x9 : 0ff0000000000000 [ 6718.973029][ T6741] x8 : 0000000000000000 x7 : ffff80008672f958 x6 : 0000000000000000 [ 6718.974276][ T6741] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000002 [ 6718.975499][ T6741] x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000007 [ 6718.976855][ T6741] Call trace: [ 6718.977531][ T6741] kvm_vgic_destroy+0x2d4/0x624 (P) [ 6718.978401][ T6741] kvm_arch_destroy_vm+0x88/0x138 [ 6718.979276][ T6741] kvm_put_kvm+0x778/0xbe0 [ 6718.980080][ T6741] kvm_vm_release+0x58/0x78 [ 6718.980885][ T6741] __fput+0x4ac/0x978 [ 6718.981606][ T6741] ____fput+0x20/0x58 [ 6718.982380][ T6741] task_work_run+0x1b8/0x250 [ 6718.983237][ T6741] exit_to_user_mode_loop+0x110/0x188 [ 6718.984149][ T6741] el0_svc+0x17c/0x238 [ 6718.984976][ T6741] el0t_64_sync_handler+0x84/0x12c [ 6718.985928][ T6741] el0t_64_sync+0x198/0x19c [ 6718.987309][ T6741] Code: 54000420 b2481c28 d344fd09 d378fc28 (38696a89) [ 6718.989237][ T6741] ---[ end trace 0000000000000000 ]--- [ 6718.990888][ T6741] Kernel panic - not syncing: Oops: Fatal exception [ 6718.992799][ T6741] Kernel Offset: disabled [ 6718.993487][ T6741] CPU features: 0x0000000,001a3005,fbe327a1,057ffe1f [ 6718.994526][ T6741] Memory Limit: none [ 6718.996153][ T6741] Rebooting in 86400 seconds.. VM DIAGNOSIS: 11:44:27 Registers: info registers vcpu 0 CPU#0 PC=ffff800086733f8c X00=ffff80008c6f74f8 X01=ffff80008c6f7f80 X02=0000000000000010 X03=0000000000000010 X04=0000000000000001 X05=0000000000000001 X06=0000000000000000 X07=ffff800080ce6380 X08=18f000000de11b80 X09=ffff80008c737b10 X10=0000000000ff0100 X11=00000000000000a5 X12=00000000000000ff X13=00000000000000a5 X14=0ffff80008c6f761 X15=ffff80008c6f7630 X16=0000000000000000 X17=00000000000000a5 X18=fff0000072d5b448 X19=ffff80008c6f7600 X20=ffff80008c6f7508 X21=0000000000000010 X22=ffff80008c6f74f8 X23=ffff80008c737bbf X24=ffff80008c737ce8 X25=ffff80008c6f7548 X26=0000000003ffffff X27=0000000000000006 X28=0000000000000000 X29=ffff80008c6f75b0 X30=ffff8000800e091c SP=ffff80008c6f74a0 PSTATE=80402009 N--- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000 P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000 FFR=0000 Z00=0800000000000000:0800000000000000 Z01=0000000800000000:0000000000000000 Z02=0000000000000008:0000000000000000 Z03=00d000a800000000:0000000000000000 Z04=0000000000000000:0000000000000002 Z05=0000000000000008:0000000000000002 Z06=0000000000000000:0000000000000000 Z07=0000000000000000:0000000000000000 Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000 Z17=0000000000000000:0000000000000000 Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000 Z22=bb448243222c92da:e3914ed4e87380b0 Z23=43788d6f07084f17:4508b00c6052a10f Z24=b20fae707afde253:388e9c6c4fa85ca0 Z25=8e9f894b2581e79e:20c883c9819d5c97 Z26=57c93d417f4d0394:89cd11f6992873d1 Z27=6b69be1163cb6500:a4ac85c293540e63 Z28=6edc4d3a2914b135:d8e9c869e2695c88 Z29=0000000000000000:0009000700030001 Z30=ffffff80ffffffd8:0000ffffd06dfde0 Z31=0000000000000000:0000000000000000