last executing test programs: 1m1.736781763s ago: executing program 1 (id=1072): syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000380)=[{0x0, &(0x7f00000000c0)=[@smc={0x1e, 0x40, {0xc5000020, [0x8, 0xff, 0x800, 0x3ff, 0x5]}}, @code={0xa, 0x84, {"200491d200e0b8f2e10180d2a20180d2230180d2a40180d2020000d400a288d20080b8f2410180d2e20180d2230180d2c40180d2020000d400000013007008d50000204b0004407c60c78bd20000b0f2410080d2420180d2a30080d2240180d2020000d4002c205e00f4006f0004805a"}}], 0xc4}], 0x1, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil) r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r5, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0) syz_kvm_setup_cpu$arm64(r1, r5, &(0x7f0000bef000/0x400000)=nil, &(0x7f0000000040)=[{0x0, &(0x7f00000003c0)=[@uexit={0x0, 0x18}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x38e}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x180, 0x5, 0x2}}, @msr={0x14, 0x20, {0x6030000000138077, 0xda}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x38}}, @smc={0x1e, 0x40, {0xc4000053, [0x1, 0xefe, 0x0, 0x5, 0x1]}}, @hvc={0x32, 0x40, {0x1000, [0x2, 0x4, 0x9, 0x8000000000000001, 0x7f]}}, @hvc={0x32, 0x40, {0x80000000, [0x7, 0xffffffff, 0x40, 0x1ff, 0x4]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x40, 0x8}}, @irq_setup={0x46, 0x18, {0x2, 0x2fe}}, @smc={0x1e, 0x40, {0x4000, [0xa01, 0xffffffffffffffff, 0xcc, 0x0, 0x3]}}, @uexit={0x0, 0x18, 0x5}, @hvc={0x32, 0x40, {0x880, [0x4, 0x0, 0x101, 0x2, 0x855]}}, @msr={0x14, 0x20, {0x603000000013c4ce}}, @irq_setup={0x46, 0x18, {0x3, 0x2c9}}, @irq_setup={0x46, 0x18, {0x3, 0x259}}, @code={0xa, 0x84, {"000028d50000c079007008d5000860fc007008d5008c004f0000629e802086d20000b0f2410180d2620180d2e30080d2240080d2020000d480eb8dd200c0b8f2c10080d2220180d2230180d2840180d2020000d4a0e691d20060b8f2410080d2020180d2a30180d2640180d2020000d4"}}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x93}}, @uexit={0x0, 0x18, 0x7}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x48, 0x40, 0x1}}, @svc={0x122, 0x40, {0x84000003, [0x400, 0x97, 0x2, 0x10, 0xbf0]}}, @code={0xa, 0x3c, {"0018200ee0039fda007008d5007008d5007008d5007008d5000008d5008008d50000599e000008d5"}}, @mrs={0xbe, 0x18, {0x50280000001a2e38}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff4, 0x0, 0x8}}, @mrs={0xbe, 0x18, {0x603000000013df68}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x38e}}, @msr={0x14, 0x20, {0x603000000013c039, 0xffffffffffff2fd6}}, @irq_setup={0x46, 0x18, {0x3, 0x121}}, @mrs={0xbe, 0x18, {0x603000000013e219}}, @irq_setup={0x46, 0x18, {0x3, 0x247}}, @code={0xa, 0x84, {"007008d5007008d5000c803c00c0005f0008a03c002c205e003d9cd200a0b8f2e10080d2220180d2630080d2440180d2020000d4002998d20060b0f2410080d2a20180d2630180d2c40080d2020000d400a4200e201f85d20060b0f2e10180d2c20080d2a30080d2440080d2020000d4"}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x40, 0xa7, 0x1}}], 0x5bc}], 0x1, 0x0, &(0x7f0000000080), 0x1) r6 = syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="1e0000000000000040000000000000000a00008400"], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1) ioctl$KVM_RUN(r6, 0xae80, 0x0) syz_kvm_setup_cpu$arm64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000380)=[{0x0, &(0x7f00000000c0)=[@smc={0x1e, 0x40, {0xc5000020, [0x8, 0xff, 0x800, 0x3ff, 0x5]}}, @code={0xa, 0x84, {"200491d200e0b8f2e10180d2a20180d2230180d2a40180d2020000d400a288d20080b8f2410180d2e20180d2230180d2c40180d2020000d400000013007008d50000204b0004407c60c78bd20000b0f2410080d2420180d2a30080d2240180d2020000d4002c205e00f4006f0004805a"}}], 0xc4}], 0x1, 0x0, 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000bfd000/0x400000)=nil) (async) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0xc, 0x5c1fd1b65647af1, 0xffffffffffffffff, 0x20000000) (async) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r5, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r5, 0x0) (async) syz_kvm_setup_cpu$arm64(r1, r5, &(0x7f0000bef000/0x400000)=nil, &(0x7f0000000040)=[{0x0, &(0x7f00000003c0)=[@uexit={0x0, 0x18}, @its_setup={0x82, 0x28, {0x0, 0x0, 0x38e}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x180, 0x5, 0x2}}, @msr={0x14, 0x20, {0x6030000000138077, 0xda}}, @its_setup={0x82, 0x28, {0x0, 0x3, 0x38}}, @smc={0x1e, 0x40, {0xc4000053, [0x1, 0xefe, 0x0, 0x5, 0x1]}}, @hvc={0x32, 0x40, {0x1000, [0x2, 0x4, 0x9, 0x8000000000000001, 0x7f]}}, @hvc={0x32, 0x40, {0x80000000, [0x7, 0xffffffff, 0x40, 0x1ff, 0x4]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x40, 0x8}}, @irq_setup={0x46, 0x18, {0x2, 0x2fe}}, @smc={0x1e, 0x40, {0x4000, [0xa01, 0xffffffffffffffff, 0xcc, 0x0, 0x3]}}, @uexit={0x0, 0x18, 0x5}, @hvc={0x32, 0x40, {0x880, [0x4, 0x0, 0x101, 0x2, 0x855]}}, @msr={0x14, 0x20, {0x603000000013c4ce}}, @irq_setup={0x46, 0x18, {0x3, 0x2c9}}, @irq_setup={0x46, 0x18, {0x3, 0x259}}, @code={0xa, 0x84, {"000028d50000c079007008d5000860fc007008d5008c004f0000629e802086d20000b0f2410180d2620180d2e30080d2240080d2020000d480eb8dd200c0b8f2c10080d2220180d2230180d2840180d2020000d4a0e691d20060b8f2410080d2020180d2a30180d2640180d2020000d4"}}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x93}}, @uexit={0x0, 0x18, 0x7}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x48, 0x40, 0x1}}, @svc={0x122, 0x40, {0x84000003, [0x400, 0x97, 0x2, 0x10, 0xbf0]}}, @code={0xa, 0x3c, {"0018200ee0039fda007008d5007008d5007008d5007008d5000008d5008008d50000599e000008d5"}}, @mrs={0xbe, 0x18, {0x50280000001a2e38}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff4, 0x0, 0x8}}, @mrs={0xbe, 0x18, {0x603000000013df68}}, @its_setup={0x82, 0x28, {0x1, 0x0, 0x38e}}, @msr={0x14, 0x20, {0x603000000013c039, 0xffffffffffff2fd6}}, @irq_setup={0x46, 0x18, {0x3, 0x121}}, @mrs={0xbe, 0x18, {0x603000000013e219}}, @irq_setup={0x46, 0x18, {0x3, 0x247}}, @code={0xa, 0x84, {"007008d5007008d5000c803c00c0005f0008a03c002c205e003d9cd200a0b8f2e10080d2220180d2630080d2440180d2020000d4002998d20060b0f2410080d2a20180d2630180d2c40080d2020000d400a4200e201f85d20060b0f2e10180d2c20080d2a30080d2440080d2020000d4"}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x40, 0xa7, 0x1}}], 0x5bc}], 0x1, 0x0, &(0x7f0000000080), 0x1) (async) syz_kvm_add_vcpu$arm64(r2, &(0x7f0000000b80)={0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="1e0000000000000040000000000000000a00008400"], 0x40}, &(0x7f0000000bc0)=[@featur1={0x1, 0x4}], 0x1) (async) ioctl$KVM_RUN(r6, 0xae80, 0x0) (async) 51.962957722s ago: executing program 1 (id=1074): munmap(&(0x7f0000cfc000/0x4000)=nil, 0x4000) openat$kvm(0x0, 0x0, 0x0, 0x0) syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x4) openat$kvm(0x0, 0x0, 0x800, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x48b00, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8, 0x1}) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2c) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r4, 0x400454d0, 0x21) r5 = mmap$KVM_VCPU(&(0x7f0000004000/0x2000)=nil, 0x930, 0x2800002, 0x11, 0xffffffffffffffff, 0x0) r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000100)=@other={0x1, 0x0}) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000001c0)="fb4149dd033be3ac2cc4a22332a77b23b08986814d7bb14c94a6ab8031d1dfd92f00000000010000005a9610fbff67521ce16f8f1f449a7a835673312b54ebb2aa7fc869d22627e7", 0x0, 0x48) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1, 0x11, 0xffffffffffffffff, 0x0) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000c17000/0x3000)=nil, 0x930, 0x2, 0x2010, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(r8, 0x801c581f, 0x0) r9 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xfffffffffffffffc) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000000)={0x1fe, 0x0, 0x8080000, 0x1000, &(0x7f0000ffc000/0x1000)=nil}) openat$kvm(0x0, &(0x7f0000000240), 0x580, 0x0) openat$kvm(0x0, &(0x7f0000000080), 0x101e40, 0x0) r10 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000b75000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r10, &(0x7f0000000140)={0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="32000000000000004000000000000000510400840000000051000084000000000600000000000000080000000000000009080000000000004907000000000000"], 0x40}, 0x0, 0x0) 43.913599305s ago: executing program 1 (id=1076): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x20200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00000001c0)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000100)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000380)}) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) r5 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) (async) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=ANY=[], 0x40}, 0x0, 0x0) (async) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=ANY=[], 0x40}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r6, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8}) (async) ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) openat$kvm(0x0, &(0x7f0000000240), 0xca680, 0x0) (async) r10 = openat$kvm(0x0, &(0x7f0000000240), 0xca680, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000140)=@arm64_core={0x6030000000100042, &(0x7f0000000100)=0x81f}) syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) (async) r12 = syz_kvm_setup_syzos_vm$arm64(r11, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r12, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="8200000000000000280000000000000001000000000000000400000000000000020000000000000082"], 0x50}, 0x0, 0x0) (async) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="8200000000000000280000000000000001000000000000000400000000000000020000000000000082"], 0x50}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r11, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000180)={0x8}) (async) ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r14, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r13, 0xae80, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000002c0)=@attr_other={0x0, 0x8, 0x108, &(0x7f0000000000)=0xc000000000000000}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x4, 0x2, 0x0}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_vgic_v3_setup(r1, 0x3, 0x40) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) 40.267262278s ago: executing program 0 (id=1077): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x83) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) (async) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000100)={0x0, 0x0}, 0x0, 0x0) r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async, rerun: 64) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f831, 0xffffffffffffffff, 0x0) (rerun: 64) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x3, 0x2, 0x100000, 0x1000, &(0x7f0000000000/0x1000)=nil}) (async) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000000)={0x5, 0x2}) (async, rerun: 64) ioctl$KVM_RUN(r7, 0xae80, 0x0) (rerun: 64) ioctl$KVM_GET_REG_LIST(r4, 0xc008aeb0, 0xfffffffffffffffe) openat$kvm(0x0, 0x0, 0x0, 0x0) (async) r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f832, 0xffffffffffffffff, 0x0) (async) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) (async) ioctl$KVM_SET_DEVICE_ATTR_vm(r8, 0x4018aee1, &(0x7f0000000200)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000100)={0x8, 0xbc, 0x2}}) ioctl$KVM_SET_DEVICE_ATTR_vm(r8, 0x4018aee1, &(0x7f0000000080)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000000)={0x8, 0x401, 0x2}}) 32.62257022s ago: executing program 0 (id=1078): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0) (async) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, &(0x7f0000000400)=ANY=[], 0x28}, 0x0, 0x0) (async) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = syz_kvm_setup_syzos_vm$arm64(r6, &(0x7f0000bfd000/0x400000)=nil) r8 = syz_kvm_add_vcpu$arm64(r7, &(0x7f0000000b80)={0x0, &(0x7f0000000280)=ANY=[@ANYRES64=r4], 0xffffffffffffff51}, 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r8, 0x4010aeab, &(0x7f0000000100)=@arm64_extra={0x603000000013df01, &(0x7f0000000080)=0x6}) (async) r9 = syz_kvm_vgic_v3_setup(r2, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000140)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000180)=0x8080000}) r11 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) r13 = syz_kvm_setup_syzos_vm$arm64(r12, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r13, &(0x7f0000000080)={0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="820000000000000028000000000000000200000000002200040000000000000001"], 0x28}, 0x0, 0x0) (async, rerun: 64) ioctl$KVM_SET_DEVICE_ATTR(r9, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x5, 0x0, &(0x7f00000000c0)=0x9}) (async, rerun: 64) ioctl$KVM_RUN(r4, 0xae80, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x0, 0x0, 0x4010, 0xffffffffffffffff, 0x0) r14 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) r16 = ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x2) mmap$KVM_VCPU(&(0x7f0000fef000/0x10000)=nil, 0x930, 0x3000002, 0x12, r16, 0x0) (async, rerun: 64) ioctl$KVM_RUN(r16, 0xae80, 0x0) (async, rerun: 64) mmap$KVM_VCPU(&(0x7f0000027000/0x13000)=nil, 0x930, 0x2, 0x4102932, 0xffffffffffffffff, 0x0) (async, rerun: 64) ioctl$KVM_SET_DEVICE_ATTR(r10, 0x4018aee1, &(0x7f0000000040)=@attr_other={0x0, 0x4, 0x8, &(0x7f0000000200)=0xd4}) (async, rerun: 64) r17 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r17, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) 30.251871343s ago: executing program 1 (id=1079): openat$kvm(0x0, &(0x7f0000000100), 0x28200, 0x0) r0 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r0, &(0x7f0000000140)={0x0, &(0x7f0000000000)=ANY=[], 0x20}, &(0x7f0000000280)=[@featur2={0x1, 0x44}], 0x1) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x10000, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000100)={0x8, 0xffffffffffffffff}) ioctl$KVM_GET_DEVICE_ATTR(r6, 0x4018aee2, &(0x7f0000000200)=@attr_arm64={0x0, 0x0, 0x0, 0x0}) r7 = openat$kvm(0x0, &(0x7f0000000140), 0x640082, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8000, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x3) ioctl$KVM_ARM_VCPU_INIT(r11, 0x4020aeae, &(0x7f0000000200)={0x0, 0x68}) ioctl$KVM_SET_ONE_REG(r11, 0x4010aeac, &(0x7f00000000c0)=@arm64_sys={0x603000000013dce0, &(0x7f0000000000)=0x3ff}) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r11, 0x4018aee1, &(0x7f00000000c0)=@attr_other={0x0, 0x750e, 0x8001, &(0x7f00000001c0)=0x4}) ioctl$KVM_RUN(r11, 0xae80, 0x0) r12 = syz_kvm_setup_syzos_vm$arm64(r8, &(0x7f0000c00000/0x400000)=nil) r13 = syz_kvm_add_vcpu$arm64(r12, &(0x7f0000000180)={0x0, &(0x7f00000001c0)=ANY=[], 0x60}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r13, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r13, 0xae80, 0x0) r14 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000180)={0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="14000000000000002000000000000000f1c4130000003060008000000000000014000000000000002000000000000000f2c4130000003060008000000000000014000000000000002000000000000000e0dc130000003060c7"], 0x140}, &(0x7f0000000300)=[@featur1={0x1, 0x8}], 0x1) ioctl$KVM_SET_DEVICE_ATTR_vcpu(r14, 0x4018aee1, &(0x7f0000000340)=@attr_pmu_init) ioctl$KVM_RUN(r14, 0xae80, 0x0) r15 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) r16 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x4) ioctl$KVM_ARM_VCPU_INIT(r16, 0x4020aeae, &(0x7f0000000080)={0x4, 0x1e}) 21.109022879s ago: executing program 0 (id=1080): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2b) ioctl$KVM_RESET_DIRTY_RINGS(r0, 0xaec7) (async) ioctl$KVM_RESET_DIRTY_RINGS(r0, 0xaec7) syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000600)={0x0, &(0x7f0000000000)=[@msr={0x14, 0x20, {0x603000000013f2b0, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013e6d4}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x3, 0x2, 0x4, 0x6d, 0x3}}, @code={0xa, 0x84, {"007008d5007008d580458ad200a0b8f2a10180d2420180d2a30080d2640180d2020000d40090200e0060bf0d409588d20020b0f2810180d2220180d2a30080d2240080d2020000d400e0e00d009986d200e0b8f2e10180d2420180d2c30080d2440180d2020000d4000080f2000028d5"}}, @svc={0x122, 0x40, {0x4, [0x80000000, 0xfffffffffffffffa, 0x5, 0x4, 0x9]}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x353}}, @msr={0x14, 0x20, {0x603000000013c119, 0x9}}, @smc={0x1e, 0x40, {0x4000000, [0x0, 0x6, 0xf, 0x9, 0xd8b]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x0, 0x0, 0xfffffffb, 0x0, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x3, 0x7, 0x2, 0x7, 0x4}}, @uexit={0x0, 0x18, 0xfffffffffffffa52}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0xa, 0x1b, 0x200, 0x3}}, @smc={0x1e, 0x40, {0x20, [0x0, 0x3, 0x1, 0xfffffffffffffff7, 0x2]}}, @msr={0x14, 0x20, {0x603000000013ff12, 0x7}}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x1d9}}, @mrs={0xbe, 0x18, {0x603000000013c00b}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x20020, 0x6, 0x3}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x0, 0x5416da49, 0x3}}, @eret={0xe6, 0x18, 0x80000000}, @code={0xa, 0x9c, {"801496d20000b8f2c10180d2020180d2c30080d2e40180d2020000d4000028d5000028d5007008d540f48dd200a0b8f2c10080d2820180d2230080d2440080d2020000d440d48bd20020b0f2410080d2020180d2a30080d2240180d2020000d4007008d5800194d20080b8f2410080d2c20080d2430080d2c40080d2020000d4007008d50000800c"}}, @svc={0x122, 0x40, {0x8600ff01, [0x8, 0x8, 0x24d, 0x6, 0x9]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x8000, 0xf476, 0x6}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffd0, 0x115f3925, 0x2}}, @irq_setup={0x46, 0x18, {0x0, 0x264}}, @code={0xa, 0x9c, {"000028d540e491d200e0b0f2610180d2020180d2630080d2a40080d2020000d40000691e00004048c0dc9ed20080b0f2610080d2e20080d2c30180d2a40180d2020000d400c88ed200a0b8f2810080d2220080d2430080d2840080d2020000d4007008d5000028d5008008d5c08f96d200e0b8f2c10080d2a20180d2c30080d2840080d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x3, 0xb, 0x8, 0x400, 0x3}}, @hvc={0x32, 0x40, {0x80007fff, [0x8, 0x0, 0xa11d, 0x9, 0x3]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x0, 0x9, 0x1}}], 0x5dc}, &(0x7f0000000640)=[@featur1={0x1, 0x80}], 0x1) (async) r1 = syz_kvm_add_vcpu$arm64(0x0, &(0x7f0000000600)={0x0, &(0x7f0000000000)=[@msr={0x14, 0x20, {0x603000000013f2b0, 0x4}}, @mrs={0xbe, 0x18, {0x603000000013e6d4}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x0, 0x3, 0x2, 0x4, 0x6d, 0x3}}, @code={0xa, 0x84, {"007008d5007008d580458ad200a0b8f2a10180d2420180d2a30080d2640180d2020000d40090200e0060bf0d409588d20020b0f2810180d2220180d2a30080d2240080d2020000d400e0e00d009986d200e0b8f2e10180d2420180d2c30080d2440180d2020000d4000080f2000028d5"}}, @svc={0x122, 0x40, {0x4, [0x80000000, 0xfffffffffffffffa, 0x5, 0x4, 0x9]}}, @its_setup={0x82, 0x28, {0x0, 0x2, 0x353}}, @msr={0x14, 0x20, {0x603000000013c119, 0x9}}, @smc={0x1e, 0x40, {0x4000000, [0x0, 0x6, 0xf, 0x9, 0xd8b]}}, @its_send_cmd={0xaa, 0x28, {0xa, 0x1, 0x0, 0x0, 0xfffffffb, 0x0, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x1, 0x0, 0x3, 0x7, 0x2, 0x7, 0x4}}, @uexit={0x0, 0x18, 0xfffffffffffffa52}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x0, 0xa, 0x1b, 0x200, 0x3}}, @smc={0x1e, 0x40, {0x20, [0x0, 0x3, 0x1, 0xfffffffffffffff7, 0x2]}}, @msr={0x14, 0x20, {0x603000000013ff12, 0x7}}, @its_setup={0x82, 0x28, {0x2, 0x2, 0x1d9}}, @mrs={0xbe, 0x18, {0x603000000013c00b}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x20020, 0x6, 0x3}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x0, 0x5416da49, 0x3}}, @eret={0xe6, 0x18, 0x80000000}, @code={0xa, 0x9c, {"801496d20000b8f2c10180d2020180d2c30080d2e40180d2020000d4000028d5000028d5007008d540f48dd200a0b8f2c10080d2820180d2230080d2440080d2020000d440d48bd20020b0f2410080d2020180d2a30080d2240180d2020000d4007008d5800194d20080b8f2410080d2c20080d2430080d2c40080d2020000d4007008d50000800c"}}, @svc={0x122, 0x40, {0x8600ff01, [0x8, 0x8, 0x24d, 0x6, 0x9]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x8000, 0xf476, 0x6}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xffd0, 0x115f3925, 0x2}}, @irq_setup={0x46, 0x18, {0x0, 0x264}}, @code={0xa, 0x9c, {"000028d540e491d200e0b0f2610180d2020180d2630080d2a40080d2020000d40000691e00004048c0dc9ed20080b0f2610080d2e20080d2c30180d2a40180d2020000d400c88ed200a0b8f2810080d2220080d2430080d2840080d2020000d4007008d5000028d5008008d5c08f96d200e0b8f2c10080d2a20180d2c30080d2840080d2020000d4"}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x0, 0x3, 0xb, 0x8, 0x400, 0x3}}, @hvc={0x32, 0x40, {0x80007fff, [0x8, 0x0, 0xa11d, 0x9, 0x3]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80a0000, 0x0, 0x9, 0x1}}], 0x5dc}, &(0x7f0000000640)=[@featur1={0x1, 0x80}], 0x1) ioctl$KVM_SET_REGS(r1, 0x4360ae82, &(0x7f0000000680)={[0x7fffffffffffffff, 0x78f, 0x2, 0xfff, 0x80000001, 0x4, 0xcd, 0x7fff, 0x6, 0x8, 0x1, 0x0, 0x8001, 0x6, 0x9f7a, 0xa4a], 0xeeee8000, 0x410}) ioctl$KVM_RESET_DIRTY_RINGS(r0, 0xaec7) ioctl$KVM_ARM_SET_DEVICE_ADDR(r1, 0x4010aeab, &(0x7f0000000740)={0x6, 0x5000}) r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r0, 0xc040aed4, &(0x7f0000000780)={0x1}) ioctl$KVM_SET_USER_MEMORY_REGION2(r0, 0x40a0ae49, &(0x7f00000007c0)={0x5, 0x1, 0xffff1000, 0x2000, &(0x7f0000ffe000/0x2000)=nil, 0xffffffffffff6709, r2}) (async) ioctl$KVM_SET_USER_MEMORY_REGION2(r0, 0x40a0ae49, &(0x7f00000007c0)={0x5, 0x1, 0xffff1000, 0x2000, &(0x7f0000ffe000/0x2000)=nil, 0xffffffffffff6709, r2}) syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil) (async) r3 = syz_kvm_setup_syzos_vm$arm64(r0, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000bc0)={0x0, &(0x7f0000000880)=[@eret={0xe6, 0x18, 0x8000000000000000}, @code={0xa, 0x3c, {"007008d50000003d000000a9007008d500b8217e000028d500d8210e00804048000028d50040e00d"}}, @smc={0x1e, 0x40, {0x8400000e, [0x82b, 0x0, 0x80, 0x0, 0xd52]}}, @code={0xa, 0x6c, {"000028d5000000ca007008d50060400d000030d5008008d50070200e0000209b004e94d20020b8f2210180d2020080d2a30180d2040180d2020000d4c05886d20040b8f2e10180d2620080d2e30180d2c40080d2020000d4"}}, @code={0xa, 0x54, {"000cc09a007008d5a0fd9ed200e0b0f2410080d2a20180d2a30180d2e40180d2020000d4007008d5000028d500c4a00e008008d5007008d50080c048007008d5"}}, @uexit={0x0, 0x18, 0x3a}, @uexit={0x0, 0x18, 0x8001}, @smc={0x1e, 0x40, {0x84000001, [0x7, 0x4, 0x9, 0x8000, 0x10001]}}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x178}}, @uexit={0x0, 0x18, 0x4}, @smc={0x1e, 0x40, {0x84000012, [0x1, 0x7, 0x10001, 0x8, 0x200]}}, @smc={0x1e, 0x40, {0xc4000010, [0x9, 0x8, 0x3, 0x35e]}}, @uexit={0x0, 0x18, 0x6b}, @its_setup={0x82, 0x28, {0x4, 0x4, 0x33f}}, @its_send_cmd={0xaa, 0x28, {0xc, 0x0, 0x0, 0x0, 0x3, 0x9, 0x2}}, @msr={0x14, 0x20, {0x4744a7761f3864eb, 0xdab}}], 0x30c}, &(0x7f0000000c00)=[@featur1={0x1, 0xc4}], 0x1) ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0xa5) (async) ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0xa5) ioctl$KVM_CAP_PTP_KVM(r0, 0x4068aea3, &(0x7f0000000c40)) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000e40)={0x0, &(0x7f0000000cc0)=[@hvc={0x32, 0x40, {0xc0007fe7, [0x0, 0xfffffffffffff10b, 0xa10, 0x9, 0x5b]}}, @msr={0x14, 0x20, {0x603000000013e518, 0x7}}, @hvc={0x32, 0x40, {0x80000002, [0x100000001, 0x100000001, 0xaa, 0xfff, 0x3]}}, @eret={0xe6, 0x18, 0x8}, @smc={0x1e, 0x40, {0x80000000, [0x2, 0x3, 0x3, 0x1, 0xffffffffffff7fff]}}, @hvc={0x32, 0x40, {0x0, [0x32, 0x3, 0xf, 0x3b4, 0x1]}}, @memwrite={0x6e, 0x30, @vgic_gicd={0x8000000, 0x2000, 0xffffffffffffffff, 0x7}}], 0x168}, &(0x7f0000000e80)=[@featur2={0x1, 0x5}], 0x1) ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f0000000ec0)={0x3, 0x0, &(0x7f0000ffc000/0x1000)=nil}) (async) ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f0000000ec0)={0x3, 0x0, &(0x7f0000ffc000/0x1000)=nil}) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x4) (async) r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x4) ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f0000000f00)={0x2, 0x0, &(0x7f0000eb4000/0x1000)=nil}) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3e) (async) r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3e) ioctl$KVM_SET_DEVICE_ATTR_vm(r6, 0x4018aee1, &(0x7f0000000f80)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000f40)={0x1e0a, 0x7, 0x1}}) syz_kvm_vgic_v3_setup(r5, 0x1, 0x20) (async) syz_kvm_vgic_v3_setup(r5, 0x1, 0x20) r7 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x25) ioctl$KVM_SIGNAL_MSI(r7, 0x4020aea5, &(0x7f0000000fc0)={0x1000, 0x10000, 0x37}) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f0000001000)=0x3) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001040), 0x200000, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04) (async) ioctl$KVM_GET_VCPU_MMAP_SIZE(r8, 0xae04) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x28) ioctl$KVM_CREATE_IRQCHIP(r9, 0xae60) syz_kvm_setup_syzos_vm$arm64(r9, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000001080)={0x7, 0xffffffffffffffff, 0x1}) ioctl$KVM_CAP_PTP_KVM(r7, 0x4068aea3, &(0x7f00000010c0)) ioctl$KVM_GET_VCPU_EVENTS(r1, 0x8040ae9f, &(0x7f0000001140)) 20.549248776s ago: executing program 1 (id=1081): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = syz_kvm_setup_syzos_vm$arm64(r2, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) (async) r5 = syz_kvm_add_vcpu$arm64(r3, &(0x7f0000000100)={0x0, &(0x7f00000001c0)=ANY=[], 0x18}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r2, 0x2, 0x100) ioctl$KVM_RUN(r5, 0xae80, 0x0) (async) ioctl$KVM_RUN(r4, 0xae80, 0x0) r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) ioctl$KVM_ARM_VCPU_INIT(r7, 0x4020aeae, &(0x7f0000000080)={0x5}) ioctl$KVM_SET_ONE_REG(r5, 0x4010aeac, &(0x7f0000000140)=@arm64_sve={0x6080000000150025, &(0x7f00000001c0)=0xee}) r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000eb4000/0x3000)=nil, 0x930, 0x200000c, 0x28031, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_ONE_REG(r9, 0x4010aeab, &(0x7f00000002c0)=@arm64_ccsidr={0x6020000000110011, 0x0}) r10 = mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x40000, 0x0) r12 = ioctl$KVM_GET_STATS_FD_cpu(r7, 0xaece) ioctl$KVM_CREATE_DEVICE(r12, 0xc00caee0, &(0x7f0000000180)={0x6}) ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r10, 0x20, &(0x7f0000000240)="fb4149dd033be3ac3bc4a22332fdaa8de0518df242008031d1dfd92f0000000001fff9ffdc9610fbff77521ce30d8f00", 0x0, 0xfcf7) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 14.440155401s ago: executing program 0 (id=1082): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x3, 0x0) ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r2 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece) syz_kvm_setup_cpu$arm64(r2, r1, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000380)=[{0x0, &(0x7f0000000040)=[@code={0xa, 0x84, {"000008d5000008d50000c02c007008d520ee8fd20020b8f2a10180d2820180d2c30080d2640080d2020000d400679bd20020b0f2a10080d2e20180d2c30180d2c40180d2020000d400348ed20020b0f2210080d2020180d2430080d2840180d2020000d4007008d5007008d5000c4078"}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0x20020, 0xb7, 0x10}}, @eret={0xe6, 0x18, 0x18d0}, @smc={0x1e, 0x40, {0x6000000, [0xfffffffffffeffff, 0xffa3, 0x1, 0xfffffffffffffff7, 0x6]}}, @its_setup={0x82, 0x28, {0x3, 0x2, 0xfd}}, @uexit={0x0, 0x18, 0xfff}, @memwrite={0x6e, 0x30, @generic={0x1, 0x173, 0x5400000000000000, 0x6}}, @its_send_cmd={0xaa, 0x28, {0x3, 0x1, 0x0, 0xd, 0x53a, 0x1, 0x3}}, @mrs={0xbe, 0x18, {0x603000000013c112}}, @irq_setup={0x46, 0x18, {0x3, 0x5b}}, @memwrite={0x6e, 0x30, @generic={0xf000, 0x9b2, 0x4, 0xc}}, @its_setup={0x82, 0x28, {0x1, 0x4, 0x3d2}}, @hvc={0x32, 0x40, {0x80008000, [0x7fe, 0x9, 0x8, 0x4, 0x25266442]}}, @msr={0x14, 0x20, {0x6030000000138067, 0x8000}}, @uexit={0x0, 0x18, 0x1}, @code={0xa, 0x6c, {"a0059ad20060b0f2810180d2420180d2a30080d2c40080d2020000d4204a8ed200a0b0f2610180d2420080d2630080d2240180d2020000d4000008d500000036000008d50074000f0070204e00fc40d3007008d500802088"}}], 0x310}], 0x1, 0x0, &(0x7f00000003c0)=[@featur2={0x1, 0xc0}], 0x1) r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) mmap$KVM_VCPU(&(0x7f0000e53000/0x4000)=nil, r3, 0x3000000, 0x10010, r2, 0x0) ioctl$KVM_ARM_VCPU_INIT(r1, 0x4020aeae, &(0x7f0000000400)={0x5, 0x1}) syz_kvm_vgic_v3_setup(r2, 0x3, 0x100) r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0xe) ioctl$KVM_HAS_DEVICE_ATTR_vm(r4, 0x4018aee3, &(0x7f0000000480)=@attr_other={0x0, 0xd7, 0xfffffffffffffffe, &(0x7f0000000440)=0xffffffff}) r5 = ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, &(0x7f00000004c0)={0x13f, 0x7ff}) ioctl$KVM_SET_USER_MEMORY_REGION2(r2, 0x40a0ae49, &(0x7f0000000500)={0x10002, 0x5, 0xeeef0000, 0x2000, &(0x7f0000f83000/0x2000)=nil, 0x1, r5}) ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f00000005c0)={0x8, 0xf000, 0x8, r2, 0x1}) ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000000600)=0x82) r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, &(0x7f0000000640)={0x2, [0xfffffffffffff3f2, 0x5]}) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000680)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) ioctl$KVM_CAP_ARM_USER_IRQ(r2, 0x4068aea3, &(0x7f00000006c0)) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000740)={0x2, 0xa000, 0x1}) mmap$KVM_VCPU(&(0x7f0000d08000/0x3000)=nil, r3, 0x1, 0x4000010, r6, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x8) r7 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0xd) ioctl$KVM_GET_DEVICE_ATTR_vm(r7, 0x4018aee2, &(0x7f00000007c0)=@attr_other={0x0, 0x8, 0x7, &(0x7f0000000780)=0xfffffffffffffffd}) ioctl$KVM_CAP_HALT_POLL(r4, 0x4068aea3, &(0x7f0000000800)={0xb6, 0x0, 0x7}) ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r7, 0x4068aea3, &(0x7f0000000880)={0xdf, 0x0, 0x10000}) ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000000900)={0x0, 0x7}) ioctl$KVM_RUN(r1, 0xae80, 0x0) syz_kvm_setup_cpu$arm64(r7, r2, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000000c40)=[{0x0, &(0x7f0000000940)=[@its_send_cmd={0xaa, 0x28, {0x5, 0x1, 0x3, 0x8, 0xfff, 0x6, 0x2}}, @hvc={0x32, 0x40, {0x8400000f, [0x800, 0x9d, 0x0, 0x8000, 0x532]}}, @msr={0x14, 0x20, {0x603000000013df66, 0x5}}, @msr={0x14, 0x20, {0x603000000013e536, 0x3}}, @irq_setup={0x46, 0x18, {0x4, 0x1f5}}, @smc={0x1e, 0x40, {0x8400000e, [0x1540, 0x5, 0x10001, 0x4, 0x3]}}, @hvc={0x32, 0x40, {0x84000002, [0x6, 0x0, 0x10, 0x1c4b96e2, 0x5]}}, @its_setup={0x82, 0x28, {0x1, 0x3, 0x3ce}}, @its_send_cmd={0xaa, 0x28, {0x9, 0x0, 0x4, 0xd, 0xf70, 0x0, 0x2}}, @code={0xa, 0x9c, {"0000005cc0c594d20020b8f2e10180d2820080d2430080d2440180d2020000d4000008d50000199e00000088808294d200c0b0f2e10080d2820080d2630080d2a40180d2020000d4e0b287d20020b8f2a10080d2220080d2030180d2640180d2020000d4007008d5c0a18dd200a0b8f2010080d2420180d2230080d2c40080d2020000d40000006c"}}, @memwrite={0x6e, 0x30, @vgic_gits={0x8080000, 0xfff8, 0xfffffffffffffff9, 0xe}}, @hvc={0x32, 0x40, {0x4000000, [0x2, 0x5, 0x100000001, 0x1, 0x2]}}, @memwrite={0x6e, 0x30, @vgic_gicr={0x80c0000, 0x10, 0x89d, 0x2}}], 0x2cc}], 0x1, 0x0, &(0x7f0000000c80)=[@featur1={0x1, 0x40}], 0x1) 7.564916185s ago: executing program 0 (id=1083): openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = mmap$KVM_VCPU(&(0x7f0000c8d000/0x4000)=nil, 0x930, 0x3, 0x11, r2, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f00000002c0)="fb0149dd033be3ac2cc4a29ea6ab8031d1dfd92f00000000010000005a9610fbff67521cd66f8f1f447d3570707cd24b7eebb20700000000000000000000000100", 0x0, 0xffffffffffffffa7) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = syz_kvm_setup_syzos_vm$arm64(r5, &(0x7f0000c00000/0x400000)=nil) r7 = syz_kvm_add_vcpu$arm64(r6, &(0x7f0000000080)={0x0, 0x0}, 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, 0x0) ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000040)=@arm64_sys={0x603000000013e090, 0x0}) r8 = eventfd2(0x101, 0x0) r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f831, 0xffffffffffffffff, 0x0) (async) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x4f831, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1) (async) ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1) close(0x5) syz_kvm_vgic_v3_setup(r10, 0x0, 0xa0) (async) syz_kvm_vgic_v3_setup(r10, 0x0, 0xa0) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) close(r11) close(0x4) close(r8) openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa00f2, 0x0) write$eventfd(r8, &(0x7f0000000000), 0xfffffe1e) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x100b31, 0x0) (async) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x100b31, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) 4.529108336s ago: executing program 1 (id=1084): ioctl$KVM_GET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee2, &(0x7f0000000340)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000240)}) r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x3}}], 0x68}, 0x0, 0x0) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_kvm_setup_cpu$arm64(r1, r3, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000280)=[@hvc={0x32, 0x40, {0xc400000c, [0x3ff, 0x6, 0xa7d, 0x400, 0x9]}}, @uexit={0x0, 0x18}, @svc={0x122, 0x40, {0xc4000005, [0x401, 0xffffffffffffffe1, 0x5800000000000, 0x1ff, 0x5]}}], 0x98}], 0x1, 0x0, &(0x7f0000000040)=[@featur1={0x1, 0x64}], 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_GET_DEVICE_ATTR_vcpu(0xffffffffffffffff, 0x4018aee2, &(0x7f0000000340)=@attr_pmu_irq={0x0, 0x0, 0x0, &(0x7f0000000240)}) (async) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) syz_kvm_setup_syzos_vm$arm64(r1, &(0x7f0000c00000/0x400000)=nil) (async) syz_kvm_add_vcpu$arm64(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@irq_setup={0x46, 0x18, {0x1, 0x20}}, @its_setup={0x82, 0x28, {0x1, 0x1, 0x1}}, @its_send_cmd={0xaa, 0x28, {0x3}}], 0x68}, 0x0, 0x0) (async) syz_kvm_vgic_v3_setup(r1, 0x1, 0x100) (async) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x8}) (async) ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f00000001c0)=@attr_arm64={0x0, 0x0, 0x4, &(0x7f0000000200)=0x8080000}) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) syz_kvm_setup_cpu$arm64(r1, r3, &(0x7f0000bfe000/0x400000)=nil, &(0x7f0000000000)=[{0x0, &(0x7f0000000280)=[@hvc={0x32, 0x40, {0xc400000c, [0x3ff, 0x6, 0xa7d, 0x400, 0x9]}}, @uexit={0x0, 0x18}, @svc={0x122, 0x40, {0xc4000005, [0x401, 0xffffffffffffffe1, 0x5800000000000, 0x1ff, 0x5]}}], 0x98}], 0x1, 0x0, &(0x7f0000000040)=[@featur1={0x1, 0x64}], 0x1) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) 0s ago: executing program 0 (id=1085): mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x300000c, 0x4f832, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000cdd000/0x4000)=nil, 0x4000) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x4}) close(0x5) mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x6, 0x8032, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): [ 364.686861][ T25] audit: type=1400 audit(363.700:59): avc: denied { read } for pid=3131 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 378.958410][ T3131] 8021q: adding VLAN 0 to HW filter on device bond0 [ 428.222047][ T3131] eql: remember to turn off Van-Jacobson compression on your slave devices Warning: Permanently added '[localhost]:19307' (ED25519) to the list of known hosts. [ 580.670949][ T25] audit: type=1400 audit(579.780:60): avc: denied { name_bind } for pid=3283 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 581.626939][ T25] audit: type=1400 audit(580.730:61): avc: denied { execute } for pid=3284 comm="sh" name="syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 581.652350][ T25] audit: type=1400 audit(580.750:62): avc: denied { execute_no_trans } for pid=3284 comm="sh" path="/syz-executor" dev="vda" ino=1867 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 603.682171][ T25] audit: type=1400 audit(602.790:63): avc: denied { mounton } for pid=3284 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 603.717226][ T25] audit: type=1400 audit(602.820:64): avc: denied { mount } for pid=3284 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 603.798544][ T3284] cgroup: Unknown subsys name 'net' [ 603.847490][ T25] audit: type=1400 audit(602.950:65): avc: denied { unmount } for pid=3284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 604.232030][ T3284] cgroup: Unknown subsys name 'cpuset' [ 604.337284][ T3284] cgroup: Unknown subsys name 'rlimit' [ 605.239997][ T25] audit: type=1400 audit(604.350:66): avc: denied { setattr } for pid=3284 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 605.266751][ T25] audit: type=1400 audit(604.370:67): avc: denied { mounton } for pid=3284 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 605.285368][ T25] audit: type=1400 audit(604.390:68): avc: denied { mount } for pid=3284 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 606.528321][ T3287] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 606.549647][ T25] audit: type=1400 audit(605.650:69): avc: denied { relabelto } for pid=3287 comm="mkswap" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 606.576208][ T25] audit: type=1400 audit(605.680:70): avc: denied { write } for pid=3287 comm="mkswap" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 606.739241][ T25] audit: type=1400 audit(605.850:71): avc: denied { read } for pid=3284 comm="syz-executor" name="swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 606.762519][ T25] audit: type=1400 audit(605.860:72): avc: denied { open } for pid=3284 comm="syz-executor" path="/swap-file" dev="vda" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 606.800688][ T3284] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 655.274591][ T25] audit: type=1400 audit(654.320:73): avc: denied { execmem } for pid=3289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 660.429408][ T25] audit: type=1400 audit(659.540:74): avc: denied { read } for pid=3295 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 660.446681][ T25] audit: type=1400 audit(659.550:75): avc: denied { open } for pid=3295 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 660.540931][ T25] audit: type=1400 audit(659.650:76): avc: denied { mounton } for pid=3295 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 660.807176][ T25] audit: type=1400 audit(659.910:78): avc: denied { module_request } for pid=3296 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 660.834430][ T25] audit: type=1400 audit(659.900:77): avc: denied { module_request } for pid=3295 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 661.946444][ T25] audit: type=1400 audit(661.050:79): avc: denied { sys_module } for pid=3295 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 685.788344][ T3295] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 686.020430][ T3295] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 686.080634][ T3296] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 686.448229][ T3296] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 703.021494][ T3295] hsr_slave_0: entered promiscuous mode [ 703.078784][ T3295] hsr_slave_1: entered promiscuous mode [ 704.368301][ T3296] hsr_slave_0: entered promiscuous mode [ 704.408208][ T3296] hsr_slave_1: entered promiscuous mode [ 704.439182][ T3296] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 704.444755][ T3296] Cannot create hsr debugfs directory [ 709.785619][ T25] audit: type=1400 audit(708.890:80): avc: denied { create } for pid=3295 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 709.840649][ T25] audit: type=1400 audit(708.950:81): avc: denied { write } for pid=3295 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 709.905378][ T25] audit: type=1400 audit(709.010:82): avc: denied { read } for pid=3295 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 710.045486][ T3295] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 710.339425][ T3295] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 710.631408][ T3295] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 710.954515][ T3295] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 712.187705][ T3296] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 712.577072][ T3296] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 712.799468][ T3296] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 712.972213][ T3296] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 725.608884][ T3295] 8021q: adding VLAN 0 to HW filter on device bond0 [ 727.459296][ T3296] 8021q: adding VLAN 0 to HW filter on device bond0 [ 782.912097][ T3295] veth0_vlan: entered promiscuous mode [ 783.490451][ T3295] veth1_vlan: entered promiscuous mode [ 784.937788][ T3296] veth0_vlan: entered promiscuous mode [ 785.652317][ T3295] veth0_macvtap: entered promiscuous mode [ 785.831552][ T3296] veth1_vlan: entered promiscuous mode [ 786.040134][ T3295] veth1_macvtap: entered promiscuous mode [ 788.072852][ T3295] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 788.102795][ T3295] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 788.139837][ T3295] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 788.149141][ T3295] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 788.720490][ T3296] veth0_macvtap: entered promiscuous mode [ 789.217777][ T3296] veth1_macvtap: entered promiscuous mode [ 790.754574][ T25] audit: type=1400 audit(789.860:83): avc: denied { mount } for pid=3295 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 790.895128][ T25] audit: type=1400 audit(789.980:84): avc: denied { mounton } for pid=3295 comm="syz-executor" path="/syzkaller.Bhuaud/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 791.108615][ T25] audit: type=1400 audit(790.210:85): avc: denied { mount } for pid=3295 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 791.400908][ T25] audit: type=1400 audit(790.510:86): avc: denied { mounton } for pid=3295 comm="syz-executor" path="/syzkaller.Bhuaud/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 791.540347][ T25] audit: type=1400 audit(790.650:87): avc: denied { mounton } for pid=3295 comm="syz-executor" path="/syzkaller.Bhuaud/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3228 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 791.695886][ T3296] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 791.724848][ T3296] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 791.738125][ T3296] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 791.748173][ T3296] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 792.182406][ T25] audit: type=1400 audit(791.290:88): avc: denied { unmount } for pid=3295 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 792.418610][ T25] audit: type=1400 audit(791.500:89): avc: denied { mounton } for pid=3295 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 792.515300][ T25] audit: type=1400 audit(791.620:90): avc: denied { mount } for pid=3295 comm="syz-executor" name="/" dev="gadgetfs" ino=3237 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 792.777052][ T25] audit: type=1400 audit(791.880:91): avc: denied { mount } for pid=3295 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 792.829604][ T25] audit: type=1400 audit(791.940:92): avc: denied { mounton } for pid=3295 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 794.291679][ T3295] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 798.306017][ T25] kauditd_printk_skb: 4 callbacks suppressed [ 798.315698][ T25] audit: type=1400 audit(797.410:97): avc: denied { read } for pid=3447 comm="syz.1.2" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 798.360678][ T25] audit: type=1400 audit(797.470:98): avc: denied { open } for pid=3447 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 799.009940][ T25] audit: type=1400 audit(798.120:99): avc: denied { ioctl } for pid=3447 comm="syz.1.2" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 800.155835][ T25] audit: type=1400 audit(799.220:100): avc: denied { execute } for pid=3447 comm="syz.1.2" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=3321 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 800.278633][ T25] audit: type=1400 audit(799.340:101): avc: denied { write } for pid=3449 comm="syz.0.1" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 812.800226][ T25] audit: type=1400 audit(811.910:102): avc: denied { append } for pid=3458 comm="syz.1.5" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 834.584700][ T25] audit: type=1400 audit(833.680:103): avc: denied { map } for pid=3477 comm="syz.1.9" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 863.777412][ T3503] debugfs: File 'vgic-its-state@0' in directory '3503-6' already present! [ 1130.066704][ T25] audit: type=1400 audit(1129.160:104): avc: denied { setattr } for pid=3701 comm="syz.1.75" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1130.339536][ T3704] kvm [3703]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 1130.339536][ T3704] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1130.412428][ T3704] kvm [3703]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1130.412428][ T3704] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1130.471785][ T3704] kvm [3703]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1130.471785][ T3704] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1130.567328][ T3704] kvm [3703]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1130.567328][ T3704] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1130.638310][ T3704] kvm [3703]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1130.638310][ T3704] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1130.758110][ T3704] kvm [3703]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1130.758110][ T3704] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1130.877360][ T3704] kvm [3703]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1130.877360][ T3704] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1130.978610][ T3704] kvm [3703]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1130.978610][ T3704] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1131.080236][ T3704] kvm [3703]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1131.080236][ T3704] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1131.149318][ T3704] kvm [3703]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1131.149318][ T3704] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1149.141316][ T3716] kvm [3716]: Failed to find VMA for hva 0x20e8a000 [ 1166.835531][ T3727] kvm [3727]: Failed to find VMA for hva 0x20c01000 [ 1166.919609][ T3727] kvm [3727]: Failed to find VMA for hva 0x20c01000 [ 1173.351625][ T25] audit: type=1400 audit(1172.460:105): avc: denied { ioctl } for pid=3732 comm="syz.1.86" path="net:[4026532626]" dev="nsfs" ino=4026532626 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 1542.757724][ T3987] kvm [3987]: Failed to find VMA for hva 0x208a1000 [ 1542.872513][ T3987] kvm [3987]: Failed to find VMA for hva 0x208a1000 [ 1543.149501][ T3987] kvm [3987]: Failed to find VMA for hva 0x208a1000 [ 1568.292077][ T4010] kvm [4010]: Failed to find VMA for hva 0x20d8d000 [ 1665.476938][ T4090] KVM: debugfs: duplicate directory 4090-5 [ 1820.561329][ T4203] kvm [4203]: Failed to find VMA for hva 0x20abe000 [ 1820.618029][ T4204] kvm [4204]: Failed to find VMA for hva 0x20abe000 [ 1878.731491][ T4243] print_sys_reg_msg: 8 callbacks suppressed [ 1878.768909][ T4243] kvm [4242]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 1878.768909][ T4243] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1878.787338][ T4243] kvm [4242]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1878.787338][ T4243] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1878.817970][ T4243] kvm [4242]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1878.817970][ T4243] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1878.867497][ T4243] kvm [4242]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1878.867497][ T4243] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1878.890547][ T4243] kvm [4242]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1878.890547][ T4243] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1878.930784][ T4243] kvm [4242]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1878.930784][ T4243] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1878.968462][ T4243] kvm [4242]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1878.968462][ T4243] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1879.021403][ T4243] kvm [4242]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1879.021403][ T4243] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1879.051731][ T4243] kvm [4242]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1879.051731][ T4243] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1879.129719][ T4243] kvm [4242]: Unsupported guest CP15 access at: 00000100 [000001db] [ 1879.129719][ T4243] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 1882.063084][ T4243] kvm [4243]: Failed to find VMA for hva 0x20000000 [ 2328.758103][ T4558] kvm [4558]: Failed to find VMA for hva 0x204b3000 [ 2446.810068][ T4651] print_sys_reg_msg: 296 callbacks suppressed [ 2446.865003][ T4651] kvm [4649]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 2446.865003][ T4651] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2446.930409][ T4651] kvm [4649]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2446.930409][ T4651] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2446.951246][ T4651] kvm [4649]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2446.951246][ T4651] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2447.038446][ T4651] kvm [4649]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2447.038446][ T4651] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2447.090710][ T4651] kvm [4649]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2447.090710][ T4651] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2447.138409][ T4651] kvm [4649]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2447.138409][ T4651] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2447.177033][ T4651] kvm [4649]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2447.177033][ T4651] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2447.329769][ T4651] kvm [4649]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2447.329769][ T4651] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2447.428205][ T4651] kvm [4649]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2447.428205][ T4651] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2447.545949][ T4651] kvm [4649]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2447.545949][ T4651] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2451.826857][ T4651] print_sys_reg_msg: 332 callbacks suppressed [ 2451.833150][ T4651] kvm [4649]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2451.833150][ T4651] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2451.927762][ T4651] kvm [4649]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2451.927762][ T4651] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2452.068855][ T4651] kvm [4649]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2452.068855][ T4651] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2452.167568][ T4651] kvm [4649]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2452.167568][ T4651] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2452.227894][ T4651] kvm [4649]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2452.227894][ T4651] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2452.267691][ T4651] kvm [4649]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2452.267691][ T4651] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2452.345898][ T4651] kvm [4649]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2452.345898][ T4651] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2452.428989][ T4651] kvm [4649]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2452.428989][ T4651] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2452.527819][ T4651] kvm [4649]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2452.527819][ T4651] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2653.642283][ T4795] kvm [4794]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 2653.642283][ T4795] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2653.690538][ T4795] kvm [4794]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2653.690538][ T4795] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2653.711337][ T4795] kvm [4794]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2653.711337][ T4795] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2653.749202][ T4795] kvm [4794]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2653.749202][ T4795] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2653.789237][ T4795] kvm [4794]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2653.789237][ T4795] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2653.836005][ T4795] kvm [4794]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2653.836005][ T4795] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2653.861203][ T4795] kvm [4794]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2653.861203][ T4795] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2653.898451][ T4795] kvm [4794]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2653.898451][ T4795] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2653.958281][ T4795] kvm [4794]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2653.958281][ T4795] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2653.977504][ T4795] kvm [4794]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2653.977504][ T4795] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2658.668487][ T4795] print_sys_reg_msg: 501 callbacks suppressed [ 2658.751212][ T4795] kvm [4794]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2658.751212][ T4795] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2658.797163][ T4795] kvm [4794]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2658.797163][ T4795] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2658.876646][ T4795] kvm [4794]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2658.876646][ T4795] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2658.908760][ T4795] kvm [4794]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2658.908760][ T4795] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2658.971433][ T4795] kvm [4794]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2658.971433][ T4795] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2659.069772][ T4795] kvm [4794]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2659.069772][ T4795] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2659.121089][ T4795] kvm [4794]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2659.121089][ T4795] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2659.141161][ T4795] kvm [4794]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2659.141161][ T4795] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2659.246235][ T4795] kvm [4794]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2659.246235][ T4795] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 2659.375086][ T4795] kvm [4794]: Unsupported guest CP15 access at: 00000100 [000001db] [ 2659.375086][ T4795] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 3412.592314][ T5305] kvm [5304]: Unsupported guest access at: eeef0000 [ 3412.592314][ T5305] { Op0( 2), Op1( 0), CRn( 0), CRm( 0), Op2( 2), func_read }, [ 3548.272995][ T5399] KVM: debugfs: duplicate directory 5399-5 [ 3720.796952][ T5524] kvm [5524]: Failed to find VMA for hva 0x21016000 [ 3729.751033][ T5531] kvm [5531]: Failed to find VMA for hva 0x208a1000 [ 3729.948797][ T5531] kvm [5531]: Failed to find VMA for hva 0x208a1000 [ 3730.028377][ T5531] kvm [5531]: Failed to find VMA for hva 0x208a1000 [ 3730.080337][ T5531] kvm [5531]: Failed to find VMA for hva 0x208a1000 [ 3730.311131][ T5531] kvm [5531]: Failed to find VMA for hva 0x208a1000 [ 3730.557430][ T5531] kvm [5531]: Failed to find VMA for hva 0x208a1000 [ 3730.679534][ T5531] kvm [5531]: Failed to find VMA for hva 0x208a1000 [ 3730.719036][ T5531] kvm [5531]: Failed to find VMA for hva 0x208a1000 [ 3730.906843][ T5531] kvm [5531]: Failed to find VMA for hva 0x208a1000 [ 3731.158608][ T5531] kvm [5531]: Failed to find VMA for hva 0x208a1000 [ 3731.178646][ T5531] kvm [5531]: Failed to find VMA for hva 0x208a1000 [ 3731.351870][ T5531] kvm [5531]: Failed to find VMA for hva 0x208a1000 [ 3987.831222][ T5727] kvm [5727]: Failed to find VMA for hva 0x20b64000 [ 4836.536808][ T6333] kvm [6333]: Failed to find VMA for hva 0x20c01000 [ 4985.948480][ T6445] print_sys_reg_msg: 179 callbacks suppressed [ 4986.002081][ T6445] kvm [6444]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 4986.002081][ T6445] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 4986.032541][ T6445] kvm [6444]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4986.032541][ T6445] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 4986.082728][ T6445] kvm [6444]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4986.082728][ T6445] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 4986.109348][ T6445] kvm [6444]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4986.109348][ T6445] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 4986.166563][ T6445] kvm [6444]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4986.166563][ T6445] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 4986.192051][ T6445] kvm [6444]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4986.192051][ T6445] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 4986.231354][ T6445] kvm [6444]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4986.231354][ T6445] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 4986.258894][ T6445] kvm [6444]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4986.258894][ T6445] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 4986.311014][ T6445] kvm [6444]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4986.311014][ T6445] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 4986.330305][ T6445] kvm [6444]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4986.330305][ T6445] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 4990.996202][ T6445] print_sys_reg_msg: 363 callbacks suppressed [ 4991.095755][ T6445] kvm [6444]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4991.095755][ T6445] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 4991.106668][ T6445] kvm [6444]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4991.106668][ T6445] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 4991.140484][ T6445] kvm [6444]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4991.140484][ T6445] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 4991.271616][ T6445] kvm [6444]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4991.271616][ T6445] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 4991.310580][ T6445] kvm [6444]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4991.310580][ T6445] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 4991.376509][ T6445] kvm [6444]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4991.376509][ T6445] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 4991.458225][ T6445] kvm [6444]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4991.458225][ T6445] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 4991.512852][ T6445] kvm [6444]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4991.512852][ T6445] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 4991.562513][ T6445] kvm [6444]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4991.562513][ T6445] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 4991.627633][ T6445] kvm [6444]: Unsupported guest CP15 access at: 00000100 [000001db] [ 4991.627633][ T6445] { Op0( 0), Op1( 7), CRn(15), CRm(12), Op2( 7), func_read }, [ 5013.216274][ T25] audit: type=1400 audit(5012.310:106): avc: denied { map } for pid=6463 comm="syz.1.896" path="pipe:[2387]" dev="pipefs" ino=2387 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 5036.529490][ T6481] kvm [6481]: Failed to find VMA for hva 0x20c01000 [ 5331.163019][ T6688] kvm [6688]: Failed to find VMA for hva 0x20c01000 [ 5373.637064][ T6718] kvm [6718]: Failed to find VMA for hva 0x20d8d000 [ 5463.298282][ T6783] print_sys_reg_msg: 88 callbacks suppressed [ 5463.338411][ T6783] kvm [6782]: Unsupported guest CP15 access at: 00000100 [000001d3] [ 5463.338411][ T6783] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 5463.376597][ T6783] kvm [6782]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5463.376597][ T6783] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 5463.409402][ T6783] kvm [6782]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5463.409402][ T6783] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 5463.505952][ T6783] kvm [6782]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5463.505952][ T6783] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 5463.529114][ T6783] kvm [6782]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5463.529114][ T6783] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 5463.558926][ T6783] kvm [6782]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5463.558926][ T6783] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 5463.625686][ T6783] kvm [6782]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5463.625686][ T6783] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 5463.681880][ T6783] kvm [6782]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5463.681880][ T6783] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 5463.776948][ T6783] kvm [6782]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5463.776948][ T6783] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 5463.876856][ T6783] kvm [6782]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5463.876856][ T6783] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 5468.338807][ T6783] print_sys_reg_msg: 363 callbacks suppressed [ 5468.420826][ T6783] kvm [6782]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5468.420826][ T6783] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 5468.501841][ T6783] kvm [6782]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5468.501841][ T6783] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 5468.606760][ T6783] kvm [6782]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5468.606760][ T6783] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 5468.687574][ T6783] kvm [6782]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5468.687574][ T6783] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 5468.788846][ T6783] kvm [6782]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5468.788846][ T6783] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 5468.851235][ T6783] kvm [6782]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5468.851235][ T6783] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 5468.890608][ T6783] kvm [6782]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5468.890608][ T6783] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 5468.988011][ T6783] kvm [6782]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5468.988011][ T6783] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 5469.017852][ T6783] kvm [6782]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5469.017852][ T6783] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 5469.076071][ T6783] kvm [6782]: Unsupported guest CP15 access at: 00000100 [000001db] [ 5469.076071][ T6783] { Op0( 0), Op1( 7), CRn(15), CRm(13), Op2( 7), func_read }, [ 5735.248475][ T6994] kvm [6994]: Failed to find VMA for hva 0x21016000 [ 5735.289805][ T6995] kvm [6995]: Failed to find VMA for hva 0x21016000 [ 5898.847106][ T7117] [ 5898.848230][ T7117] ============================= [ 5898.848973][ T7117] [ BUG: Invalid wait context ] [ 5898.850329][ T7117] 6.16.0-rc3-syzkaller-g7b8346bd9fce #0 Not tainted [ 5898.851815][ T7117] ----------------------------- [ 5898.852536][ T7117] syz.1.1084/7117 is trying to lock: [ 5898.853513][ T7117] 61ff8000a8de6e18 (&xa->xa_lock#20){....}-{3:3}, at: vgic_put_irq+0xb4/0x190 [ 5898.857538][ T7117] other info that might help us debug this: [ 5898.858322][ T7117] context-{5:5} [ 5898.859083][ T7117] 3 locks held by syz.1.1084/7117: [ 5898.859941][ T7117] #0: 61ff8000a8de60a8 (&kvm->slots_lock){+.+.}-{4:4}, at: kvm_vgic_destroy+0x50/0x624 [ 5898.862285][ T7117] #1: 61ff8000a8de6fa0 (&kvm->arch.config_lock){+.+.}-{4:4}, at: kvm_vgic_destroy+0x5c/0x624 [ 5898.864329][ T7117] #2: 12f00000177e6ca8 (&vgic_cpu->ap_list_lock){....}-{2:2}, at: vgic_flush_pending_lpis+0x3c/0x31c [ 5898.866561][ T7117] stack backtrace: [ 5898.867716][ T7117] CPU: 0 UID: 0 PID: 7117 Comm: syz.1.1084 Not tainted 6.16.0-rc3-syzkaller-g7b8346bd9fce #0 PREEMPT [ 5898.869019][ T7117] Hardware name: linux,dummy-virt (DT) [ 5898.870071][ T7117] Call trace: [ 5898.870922][ T7117] show_stack+0x2c/0x3c (C) [ 5898.871977][ T7117] __dump_stack+0x30/0x40 [ 5898.872776][ T7117] dump_stack_lvl+0xd8/0x12c [ 5898.873557][ T7117] dump_stack+0x1c/0x28 [ 5898.874280][ T7117] __lock_acquire+0x978/0x299c [ 5898.875156][ T7117] lock_acquire+0x14c/0x2e0 [ 5898.875985][ T7117] _raw_spin_lock_irqsave+0x5c/0x7c [ 5898.876798][ T7117] vgic_put_irq+0xb4/0x190 [ 5898.877504][ T7117] vgic_flush_pending_lpis+0x24c/0x31c [ 5898.878387][ T7117] __kvm_vgic_vcpu_destroy+0x44/0x500 [ 5898.879299][ T7117] kvm_vgic_destroy+0x100/0x624 [ 5898.880096][ T7117] kvm_arch_destroy_vm+0x80/0x138 [ 5898.880941][ T7117] kvm_put_kvm+0x800/0xff8 [ 5898.881606][ T7117] kvm_vm_release+0x58/0x78 [ 5898.882327][ T7117] __fput+0x4ac/0x980 [ 5898.883103][ T7117] ____fput+0x20/0x58 [ 5898.883847][ T7117] task_work_run+0x1bc/0x254 [ 5898.884559][ T7117] do_exit+0x7f0/0x2360 [ 5898.885313][ T7117] do_group_exit+0x1d4/0x2ac [ 5898.885983][ T7117] get_signal+0x1440/0x1554 [ 5898.886841][ T7117] do_signal+0x23c/0x4dd4 [ 5898.887635][ T7117] do_notify_resume+0xac/0x270 [ 5898.888482][ T7117] el0_svc+0xb4/0x160 [ 5898.889147][ T7117] el0t_64_sync_handler+0x78/0x108 [ 5898.889971][ T7117] el0t_64_sync+0x198/0x19c SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 5903.519787][ T6074] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5903.936703][ T6074] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5904.246897][ T6074] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5904.595135][ T6074] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5910.921853][ T6074] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 5911.010290][ T6074] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 5911.109123][ T6074] bond0 (unregistering): Released all slaves [ 5911.625438][ T6074] hsr_slave_0: left promiscuous mode [ 5911.665385][ T6074] hsr_slave_1: left promiscuous mode [ 5911.823887][ T6074] veth1_macvtap: left promiscuous mode [ 5911.836501][ T6074] veth0_macvtap: left promiscuous mode [ 5911.842363][ T6074] veth1_vlan: left promiscuous mode [ 5911.851767][ T6074] veth0_vlan: left promiscuous mode [ 5919.691182][ T6074] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5919.989998][ T6074] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5920.338082][ T6074] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5920.698487][ T6074] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 5926.557162][ T6074] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 5926.649212][ T6074] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 5926.717483][ T6074] bond0 (unregistering): Released all slaves [ 5927.340628][ T6074] hsr_slave_0: left promiscuous mode [ 5927.384377][ T6074] hsr_slave_1: left promiscuous mode [ 5927.558149][ T6074] veth1_macvtap: left promiscuous mode [ 5927.574514][ T6074] veth0_macvtap: left promiscuous mode [ 5927.578505][ T6074] veth1_vlan: left promiscuous mode [ 5927.592013][ T6074] veth0_vlan: left promiscuous mode VM DIAGNOSIS: 07:44:03 Registers: info registers vcpu 0 CPU#0 PC=ffff8000864f4be8 X00=0000000000000001 X01=0000000000000001 X02=0000000000000001 X03=ffff80008045d404 X04=0000000000000001 X05=0000000000000000 X06=ffff8000864e6d94 X07=ffff8000802174b8 X08=00000000000000c0 X09=ffffffffffffffff X10=0000000000000000 X11=00000000000000e3 X12=0000000100000004 X13=fff0000014ba0008 X14=0000000000000000 X15=0000000000000000 X16=00000000000000fe X17=0000000000000072 X18=00000000000000ff X19=efff800000000000 X20=00000000000000c0 X21=ffff800087796640 X22=00000000000000c0 X23=ffff8000a8d57338 X24=00000000ffffffff X25=0000000000000000 X26=00000000ffffffff X27=000000000000068e X28=0000000000000001 X29=ffff8000a8d571f0 X30=ffff8000864f4bd4 SP=ffff8000a8d571f0 PSTATE=614020c9 -ZC- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000 P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000 FFR=0000 Z00=0a00000000000000:0a00000000000000 Z01=0000000a00000000:0000000000000000 Z02=000000000000000a:0000000000000000 Z03=00d000a800000000:0000000000000000 Z04=0000000000000000:0000000000000002 Z05=000000000000000a:0000000000000002 Z06=6edc4d3a2914b135:d8e9c869e2695c88 Z07=b20fae707afde253:388e9c6c4fa85ca0 Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000 Z16=0000ffffc564bd10:0000ffffc564bd10 Z17=ffffff80ffffffd0:0000ffffc564bce0 Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000