./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2449944735
<...>
Warning: Permanently added '10.128.1.103' (ED25519) to the list of known hosts.
execve("./syz-executor2449944735", ["./syz-executor2449944735"], 0x7ffd0fa42a70 /* 10 vars */) = 0
brk(NULL) = 0x55557d82d000
brk(0x55557d82dd00) = 0x55557d82dd00
arch_prctl(ARCH_SET_FS, 0x55557d82d380) = 0
set_tid_address(0x55557d82d650) = 296
set_robust_list(0x55557d82d660, 24) = 0
rseq(0x55557d82dca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2449944735", 4096) = 28
getrandom("\x7e\x00\x4d\x50\xd2\xe6\x18\x49", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55557d82dd00
brk(0x55557d84ed00) = 0x55557d84ed00
brk(0x55557d84f000) = 0x55557d84f000
mprotect(0x7faabe0e0000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 297
./strace-static-x86_64: Process 297 attached
[pid 297] set_robust_list(0x55557d82d660, 24) = 0
[pid 297] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 297] setpgid(0, 0) = 0
[pid 297] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 297] write(3, "1000", 4executing program
) = 4
[pid 297] close(3) = 0
[pid 297] write(1, "executing program\n", 18) = 18
[pid 297] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[ 24.287871][ T36] audit: type=1400 audit(1755420837.530:64): avc: denied { execmem } for pid=296 comm="syz-executor244" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 24.302640][ T297] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[pid 297] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 297] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 297] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 297] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 297] exit_group(0) = ?
[ 24.307643][ T36] audit: type=1400 audit(1755420837.550:65): avc: denied { read } for pid=297 comm="syz-executor244" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 24.347409][ T36] audit: type=1400 audit(1755420837.550:66): avc: denied { open } for pid=297 comm="syz-executor244" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[pid 297] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=297, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[ 24.370810][ T36] audit: type=1400 audit(1755420837.550:67): avc: denied { ioctl } for pid=297 comm="syz-executor244" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 299 attached
, child_tidptr=0x55557d82d650) = 299
[pid 299] set_robust_list(0x55557d82d660, 24) = 0
[pid 299] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 299] setpgid(0, 0) = 0
[pid 299] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 299] write(3, "1000", 4) = 4
[pid 299] close(3executing program
) = 0
[pid 299] write(1, "executing program\n", 18) = 18
[pid 299] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 299] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 299] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 299] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 299] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 299] exit_group(0) = ?
[ 24.474085][ T299] ------------[ cut here ]------------
[ 24.479597][ T299] WARNING: CPU: 0 PID: 299 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 24.489421][ T299] Modules linked in:
[ 24.493408][ T299] CPU: 0 UID: 0 PID: 299 Comm: syz-executor244 Not tainted 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 24.507315][ T299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 24.517427][ T299] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 24.523319][ T299] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 24.542996][ T299] RSP: 0018:ffffc9000127faa8 EFLAGS: 00010202
[ 24.549116][ T299] RAX: 1ffffd1ffff80e22 RBX: ffffc9000128a8e8 RCX: ffffffff816dc249
[ 24.557199][ T299] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc07110
[ 24.565200][ T299] RBP: ffffc9000127fb10 R08: ffffe8ffffc07117 R09: 1ffffd1ffff80e22
[ 24.573169][ T299] R10: dffffc0000000000 R11: fffff91ffff80e23 R12: dffffc0000000000
[ 24.581170][ T299] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc07110
[ 24.589185][ T299] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 24.598273][ T299] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 24.604876][ T299] CR2: 00007fff46882778 CR3: 00000001212e8000 CR4: 00000000003526b0
[ 24.612843][ T299] Call Trace:
[ 24.616133][ T299]
[ 24.619071][ T299] kvm_put_kvm+0x1100/0x12b0
[ 24.623674][ T299] ? __cfi_kvm_vm_release+0x10/0x10
[ 24.628936][ T299] kvm_vm_release+0x47/0x70
[ 24.633434][ T299] __fput+0x1fb/0xa00
[ 24.637433][ T299] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 24.643082][ T299] ____fput+0x20/0x30
[ 24.647131][ T299] task_work_run+0x1e0/0x250
[ 24.651837][ T299] ? __cfi_task_work_run+0x10/0x10
[ 24.657160][ T299] ? __kasan_check_write+0x18/0x20
[ 24.662340][ T299] do_exit+0x9bc/0x2630
[ 24.666550][ T299] ? __cfi_do_exit+0x10/0x10
[ 24.671254][ T299] ? __kasan_check_write+0x18/0x20
[ 24.676413][ T299] ? _raw_spin_lock_irq+0x8d/0x120
[ 24.681622][ T299] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 24.687184][ T299] ? zap_other_threads+0x334/0x370
[ 24.692306][ T299] do_group_exit+0x22a/0x300
[ 24.696907][ T299] __x64_sys_exit_group+0x43/0x50
[ 24.701964][ T299] x64_sys_call+0x2ed2/0x2ee0
[ 24.706673][ T299] do_syscall_64+0x58/0xf0
[ 24.711094][ T299] ? clear_bhb_loop+0x50/0xa0
[ 24.715819][ T299] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 24.721723][ T299] RIP: 0033:0x7faabe06bc49
[ 24.726198][ T299] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 24.733267][ T299] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 24.741704][ T299] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 24.749729][ T299] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 24.757814][ T299] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[ 24.765856][ T299] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[pid 299] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=299, si_uid=0, si_status=0, si_utime=0, si_stime=28} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 300
./strace-static-x86_64: Process 300 attached
[pid 300] set_robust_list(0x55557d82d660, 24) = 0
[pid 300] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 300] setpgid(0, 0) = 0
[pid 300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 300] write(3, "1000", 4) = 4
[pid 300] close(3) = 0
executing program
[pid 300] write(1, "executing program\n", 18) = 18
[pid 300] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 300] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 300] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 300] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 300] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 300] exit_group(0) = ?
[ 24.773873][ T299] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 24.781963][ T299]
[ 24.785013][ T299] ---[ end trace 0000000000000000 ]---
[pid 300] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=300, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 301 attached
, child_tidptr=0x55557d82d650) = 301
[pid 301] set_robust_list(0x55557d82d660, 24) = 0
[pid 301] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 301] setpgid(0, 0) = 0
[pid 301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 301] write(3, "1000", 4) = 4
[pid 301] close(3) = 0
[pid 301] write(1, "executing program\n", 18executing program
) = 18
[pid 301] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 301] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 301] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 301] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 301] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 301] exit_group(0) = ?
[pid 301] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=301, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 302
./strace-static-x86_64: Process 302 attached
[pid 302] set_robust_list(0x55557d82d660, 24) = 0
[pid 302] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 302] setpgid(0, 0) = 0
[pid 302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 302] write(3, "1000", 4executing program
) = 4
[pid 302] close(3) = 0
[pid 302] write(1, "executing program\n", 18) = 18
[pid 302] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 302] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 302] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 302] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 302] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 302] exit_group(0) = ?
[ 24.934102][ T302] ------------[ cut here ]------------
[ 24.939690][ T302] WARNING: CPU: 0 PID: 302 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 24.949729][ T302] Modules linked in:
[ 24.953684][ T302] CPU: 0 UID: 0 PID: 302 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 24.969079][ T302] Tainted: [W]=WARN
[ 24.972899][ T302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 24.983055][ T302] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 24.989048][ T302] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 25.008772][ T302] RSP: 0018:ffffc9000125faa8 EFLAGS: 00010202
[ 25.015322][ T302] RAX: 1ffffd1ffff80e52 RBX: ffffc900012ab8e8 RCX: ffffffff816dc249
[ 25.023503][ T302] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc07290
[ 25.031480][ T302] RBP: ffffc9000125fb10 R08: ffffe8ffffc07297 R09: 1ffffd1ffff80e52
[ 25.039468][ T302] R10: dffffc0000000000 R11: fffff91ffff80e53 R12: dffffc0000000000
[ 25.047477][ T302] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc07290
[ 25.055478][ T302] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 25.064464][ T302] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 25.071050][ T302] CR2: 000055557d82d650 CR3: 0000000130130000 CR4: 00000000003526b0
[ 25.079139][ T302] Call Trace:
[ 25.082425][ T302]
[ 25.085581][ T302] kvm_put_kvm+0x1100/0x12b0
[ 25.090277][ T302] ? __cfi_kvm_vm_release+0x10/0x10
[ 25.095653][ T302] kvm_vm_release+0x47/0x70
[ 25.100381][ T302] __fput+0x1fb/0xa00
[ 25.104455][ T302] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 25.110221][ T302] ____fput+0x20/0x30
[ 25.114350][ T302] task_work_run+0x1e0/0x250
[ 25.118973][ T302] ? __cfi_task_work_run+0x10/0x10
[ 25.124139][ T302] ? __kasan_check_write+0x18/0x20
[ 25.129298][ T302] do_exit+0x9bc/0x2630
[ 25.133544][ T302] ? __cfi_do_exit+0x10/0x10
[ 25.138148][ T302] ? __kasan_check_write+0x18/0x20
[ 25.143305][ T302] ? _raw_spin_lock_irq+0x8d/0x120
[ 25.148550][ T302] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 25.154250][ T302] ? zap_other_threads+0x334/0x370
[ 25.159399][ T302] do_group_exit+0x22a/0x300
[ 25.164275][ T302] __x64_sys_exit_group+0x43/0x50
[ 25.169394][ T302] x64_sys_call+0x2ed2/0x2ee0
[ 25.174088][ T302] do_syscall_64+0x58/0xf0
[ 25.178628][ T302] ? clear_bhb_loop+0x50/0xa0
[ 25.183332][ T302] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 25.189359][ T302] RIP: 0033:0x7faabe06bc49
[ 25.193798][ T302] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 25.200927][ T302] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 25.209807][ T302] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 25.218017][ T302] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 25.226058][ T302] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[pid 302] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=302, si_uid=0, si_status=0, si_utime=0, si_stime=30} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 303 attached
, child_tidptr=0x55557d82d650) = 303
[pid 303] set_robust_list(0x55557d82d660, 24) = 0
[pid 303] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 303] setpgid(0, 0) = 0
[pid 303] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 303] write(3, "1000", 4) = 4
[pid 303] close(3) = 0
[pid 303] write(1, "executing program\n", 18executing program
) = 18
[pid 303] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 303] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 303] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 303] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 303] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 303] exit_group(0) = ?
[ 25.234359][ T302] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[ 25.242430][ T302] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 25.250589][ T302]
[ 25.253663][ T302] ---[ end trace 0000000000000000 ]---
[ 25.284247][ T303] ------------[ cut here ]------------
[ 25.289757][ T303] WARNING: CPU: 0 PID: 303 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 25.299852][ T303] Modules linked in:
[ 25.303885][ T303] CPU: 0 UID: 0 PID: 303 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 25.319514][ T303] Tainted: [W]=WARN
[ 25.323428][ T303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 25.333832][ T303] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 25.340275][ T303] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 25.360419][ T303] RSP: 0018:ffffc9000127faa8 EFLAGS: 00010202
[ 25.366678][ T303] RAX: 1ffffd1ffff80e82 RBX: ffffc900012b68e8 RCX: ffffffff816dc249
[ 25.374713][ T303] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc07410
[ 25.382968][ T303] RBP: ffffc9000127fb10 R08: ffffe8ffffc07417 R09: 1ffffd1ffff80e82
[ 25.390971][ T303] R10: dffffc0000000000 R11: fffff91ffff80e83 R12: dffffc0000000000
[ 25.398964][ T303] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc07410
[ 25.407399][ T303] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 25.416743][ T303] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 25.423458][ T303] CR2: 000055d0f0a83608 CR3: 00000001212e8000 CR4: 00000000003526b0
[ 25.431504][ T303] Call Trace:
[ 25.434818][ T303]
[ 25.437774][ T303] kvm_put_kvm+0x1100/0x12b0
[ 25.442352][ T303] ? __cfi_kvm_vm_release+0x10/0x10
[ 25.447600][ T303] kvm_vm_release+0x47/0x70
[ 25.452222][ T303] __fput+0x1fb/0xa00
[ 25.456263][ T303] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 25.461927][ T303] ____fput+0x20/0x30
[ 25.466108][ T303] task_work_run+0x1e0/0x250
[ 25.470725][ T303] ? __cfi_task_work_run+0x10/0x10
[ 25.475871][ T303] ? __kasan_check_write+0x18/0x20
[ 25.481084][ T303] do_exit+0x9bc/0x2630
[ 25.485417][ T303] ? __cfi_do_exit+0x10/0x10
[ 25.490116][ T303] ? __kasan_check_write+0x18/0x20
[ 25.495360][ T303] ? _raw_spin_lock_irq+0x8d/0x120
[ 25.500484][ T303] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 25.506156][ T303] ? zap_other_threads+0x334/0x370
[ 25.511293][ T303] do_group_exit+0x22a/0x300
[ 25.515955][ T303] __x64_sys_exit_group+0x43/0x50
[ 25.521034][ T303] x64_sys_call+0x2ed2/0x2ee0
[ 25.525766][ T303] do_syscall_64+0x58/0xf0
[ 25.530189][ T303] ? clear_bhb_loop+0x50/0xa0
[ 25.534912][ T303] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 25.540862][ T303] RIP: 0033:0x7faabe06bc49
[ 25.545314][ T303] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 25.552339][ T303] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 25.561049][ T303] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 25.569076][ T303] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 25.577294][ T303] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[pid 303] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=303, si_uid=0, si_status=0, si_utime=0, si_stime=29} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 304 attached
, child_tidptr=0x55557d82d650) = 304
[pid 304] set_robust_list(0x55557d82d660, 24) = 0
[pid 304] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 304] setpgid(0, 0) = 0
[pid 304] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 304] write(3, "1000", 4) = 4
[pid 304] close(3) = 0
executing program
[pid 304] write(1, "executing program\n", 18) = 18
[pid 304] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 304] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 304] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 304] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 304] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 304] exit_group(0) = ?
[ 25.585606][ T303] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[ 25.593625][ T303] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 25.601633][ T303]
[ 25.604684][ T303] ---[ end trace 0000000000000000 ]---
[pid 304] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=304, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 305
./strace-static-x86_64: Process 305 attached
[pid 305] set_robust_list(0x55557d82d660, 24) = 0
[pid 305] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 305] setpgid(0, 0) = 0
[pid 305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 305] write(3, "1000", 4) = 4
[pid 305] close(3) = 0
executing program
[pid 305] write(1, "executing program\n", 18) = 18
[pid 305] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 305] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 305] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 305] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 305] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 305] exit_group(0) = ?
[pid 305] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=305, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 306 attached
, child_tidptr=0x55557d82d650) = 306
[pid 306] set_robust_list(0x55557d82d660, 24) = 0
[pid 306] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 306] setpgid(0, 0) = 0
[pid 306] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 306] write(3, "1000", 4) = 4
[pid 306] close(3) = 0
executing program
[pid 306] write(1, "executing program\n", 18) = 18
[pid 306] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 306] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 306] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 306] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 306] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 306] exit_group(0) = ?
[pid 306] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=306, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 307
./strace-static-x86_64: Process 307 attached
[pid 307] set_robust_list(0x55557d82d660, 24) = 0
[pid 307] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 307] setpgid(0, 0) = 0
[pid 307] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 307] write(3, "1000", 4) = 4
[pid 307] close(3) = 0
executing program
[pid 307] write(1, "executing program\n", 18) = 18
[pid 307] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 307] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 307] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 307] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 307] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 307] exit_group(0) = ?
[pid 307] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=307, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 308
./strace-static-x86_64: Process 308 attached
[pid 308] set_robust_list(0x55557d82d660, 24) = 0
[pid 308] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 308] setpgid(0, 0) = 0
[pid 308] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 308] write(3, "1000", 4) = 4
[pid 308] close(3) = 0
[pid 308] write(1, "executing program\n", 18executing program
) = 18
[pid 308] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 308] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 308] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 308] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 308] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 308] exit_group(0) = ?
[pid 308] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=308, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 309 attached
, child_tidptr=0x55557d82d650) = 309
[pid 309] set_robust_list(0x55557d82d660, 24) = 0
[pid 309] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 309] setpgid(0, 0) = 0
[pid 309] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 309] write(3, "1000", 4) = 4
[pid 309] close(3) = 0
executing program
[pid 309] write(1, "executing program\n", 18) = 18
[pid 309] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 309] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 309] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 309] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 309] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 309] exit_group(0) = ?
[pid 309] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=309, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 310 attached
, child_tidptr=0x55557d82d650) = 310
[pid 310] set_robust_list(0x55557d82d660, 24) = 0
[pid 310] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 310] setpgid(0, 0) = 0
[pid 310] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 310] write(3, "1000", 4) = 4
[pid 310] close(3) = 0
[pid 310] write(1, "executing program\n", 18executing program
) = 18
[pid 310] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 310] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 310] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 310] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 310] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 310] exit_group(0) = ?
[pid 310] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=310, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 311
./strace-static-x86_64: Process 311 attached
[pid 311] set_robust_list(0x55557d82d660, 24) = 0
[pid 311] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 311] setpgid(0, 0) = 0
[pid 311] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 311] write(3, "1000", 4) = 4
[pid 311] close(3executing program
) = 0
[pid 311] write(1, "executing program\n", 18) = 18
[pid 311] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 311] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 311] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 311] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 311] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 311] exit_group(0) = ?
[pid 311] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=311, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 312
./strace-static-x86_64: Process 312 attached
[pid 312] set_robust_list(0x55557d82d660, 24) = 0
[pid 312] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 312] setpgid(0, 0) = 0
[pid 312] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 312] write(3, "1000", 4) = 4
[pid 312] close(3) = 0
[pid 312] write(1, "executing program\n", 18executing program
) = 18
[pid 312] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 312] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 312] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 312] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 312] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 312] exit_group(0) = ?
[pid 312] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=312, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 313 attached
, child_tidptr=0x55557d82d650) = 313
[pid 313] set_robust_list(0x55557d82d660, 24) = 0
[pid 313] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 313] setpgid(0, 0) = 0
[pid 313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 313] write(3, "1000", 4) = 4
[pid 313] close(3executing program
) = 0
[pid 313] write(1, "executing program\n", 18) = 18
[pid 313] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 313] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 313] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 313] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 313] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 313] exit_group(0) = ?
[ 26.204308][ T313] ------------[ cut here ]------------
[ 26.209780][ T313] WARNING: CPU: 0 PID: 313 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 26.219542][ T313] Modules linked in:
[ 26.223532][ T313] CPU: 0 UID: 0 PID: 313 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 26.238871][ T313] Tainted: [W]=WARN
[ 26.242693][ T313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 26.252793][ T313] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 26.258724][ T313] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 26.278349][ T313] RSP: 0018:ffffc9000127faa8 EFLAGS: 00010202
[ 26.284617][ T313] RAX: 1ffffd1ffff80eb2 RBX: ffffc900013248e8 RCX: ffffffff816dc249
[ 26.292591][ T313] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc07590
[ 26.300601][ T313] RBP: ffffc9000127fb10 R08: ffffe8ffffc07597 R09: 1ffffd1ffff80eb2
[ 26.308602][ T313] R10: dffffc0000000000 R11: fffff91ffff80eb3 R12: dffffc0000000000
[ 26.317043][ T313] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc07590
[ 26.325134][ T313] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 26.334199][ T313] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 26.340792][ T313] CR2: 000055a3ee892e28 CR3: 00000001212e8000 CR4: 00000000003526b0
[ 26.348789][ T313] Call Trace:
[ 26.352281][ T313]
[ 26.355308][ T313] kvm_put_kvm+0x1100/0x12b0
[ 26.359915][ T313] ? __cfi_kvm_vm_release+0x10/0x10
[ 26.365150][ T313] kvm_vm_release+0x47/0x70
[ 26.369666][ T313] __fput+0x1fb/0xa00
[ 26.373687][ T313] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 26.379245][ T313] ____fput+0x20/0x30
[ 26.383294][ T313] task_work_run+0x1e0/0x250
[ 26.387933][ T313] ? __cfi_task_work_run+0x10/0x10
[ 26.393052][ T313] ? __kasan_check_write+0x18/0x20
[ 26.398319][ T313] do_exit+0x9bc/0x2630
[ 26.402488][ T313] ? __cfi_do_exit+0x10/0x10
[ 26.407194][ T313] ? __kasan_check_write+0x18/0x20
[ 26.412431][ T313] ? _raw_spin_lock_irq+0x8d/0x120
[ 26.417591][ T313] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 26.423184][ T313] ? zap_other_threads+0x334/0x370
[ 26.428406][ T313] do_group_exit+0x22a/0x300
[ 26.433006][ T313] __x64_sys_exit_group+0x43/0x50
[ 26.438056][ T313] x64_sys_call+0x2ed2/0x2ee0
[ 26.442746][ T313] do_syscall_64+0x58/0xf0
[ 26.447245][ T313] ? clear_bhb_loop+0x50/0xa0
[ 26.452036][ T313] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 26.458236][ T313] RIP: 0033:0x7faabe06bc49
[ 26.462776][ T313] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 26.469866][ T313] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 26.479116][ T313] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 26.487132][ T313] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 26.495139][ T313] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[pid 313] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=313, si_uid=0, si_status=0, si_utime=0, si_stime=30} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 314 attached
, child_tidptr=0x55557d82d650) = 314
[pid 314] set_robust_list(0x55557d82d660, 24) = 0
[pid 314] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 314] setpgid(0, 0) = 0
[pid 314] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 314] write(3, "1000", 4) = 4
[pid 314] close(3) = 0
executing program
[pid 314] write(1, "executing program\n", 18) = 18
[pid 314] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 314] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 314] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 314] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 314] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 314] exit_group(0) = ?
[ 26.503112][ T313] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[ 26.511119][ T313] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 26.519136][ T313]
[ 26.522141][ T313] ---[ end trace 0000000000000000 ]---
[ 26.564041][ T314] ------------[ cut here ]------------
[ 26.569522][ T314] WARNING: CPU: 1 PID: 314 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 26.579285][ T314] Modules linked in:
[ 26.583182][ T314] CPU: 1 UID: 0 PID: 314 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 26.598655][ T314] Tainted: [W]=WARN
[ 26.602553][ T314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 26.612726][ T314] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 26.618696][ T314] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 26.638531][ T314] RSP: 0018:ffffc9000125faa8 EFLAGS: 00010202
[ 26.644741][ T314] RAX: 1ffffd1ffff80ee2 RBX: ffffc9000132f8e8 RCX: ffffffff816dc249
[ 26.652826][ T314] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc07710
[ 26.660849][ T314] RBP: ffffc9000125fb10 R08: ffffe8ffffc07717 R09: 1ffffd1ffff80ee2
[ 26.668850][ T314] R10: dffffc0000000000 R11: fffff91ffff80ee3 R12: dffffc0000000000
[ 26.676842][ T314] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc07710
[ 26.684854][ T314] FS: 0000000000000000(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 26.693846][ T314] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 26.700434][ T314] CR2: 000055557d82d650 CR3: 0000000130130000 CR4: 00000000003526b0
[ 26.708461][ T314] Call Trace:
[ 26.711745][ T314]
[ 26.714788][ T314] kvm_put_kvm+0x1100/0x12b0
[ 26.719565][ T314] ? __cfi_kvm_vm_release+0x10/0x10
[ 26.724817][ T314] kvm_vm_release+0x47/0x70
[ 26.729332][ T314] __fput+0x1fb/0xa00
[ 26.733300][ T314] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 26.738966][ T314] ____fput+0x20/0x30
[ 26.742957][ T314] task_work_run+0x1e0/0x250
[ 26.747575][ T314] ? __cfi_task_work_run+0x10/0x10
[ 26.752687][ T314] ? __kasan_check_write+0x18/0x20
[ 26.757923][ T314] do_exit+0x9bc/0x2630
[ 26.762080][ T314] ? __cfi_do_exit+0x10/0x10
[ 26.766703][ T314] ? __kasan_check_write+0x18/0x20
[ 26.771852][ T314] ? _raw_spin_lock_irq+0x8d/0x120
[ 26.776990][ T314] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 26.782539][ T314] ? zap_other_threads+0x334/0x370
[ 26.787668][ T314] do_group_exit+0x22a/0x300
[ 26.792380][ T314] __x64_sys_exit_group+0x43/0x50
[ 26.797426][ T314] x64_sys_call+0x2ed2/0x2ee0
[ 26.802156][ T314] do_syscall_64+0x58/0xf0
[ 26.806610][ T314] ? clear_bhb_loop+0x50/0xa0
[ 26.811283][ T314] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 26.817300][ T314] RIP: 0033:0x7faabe06bc49
[ 26.821804][ T314] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 26.828968][ T314] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 26.837614][ T314] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 26.845737][ T314] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 26.853828][ T314] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[pid 314] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=314, si_uid=0, si_status=0, si_utime=0, si_stime=30} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 315 attached
, child_tidptr=0x55557d82d650) = 315
[pid 315] set_robust_list(0x55557d82d660, 24) = 0
[pid 315] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 315] setpgid(0, 0) = 0
[pid 315] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 315] write(3, "1000", 4) = 4
[pid 315] close(3) = 0
[pid 315] write(1, "executing program\n", 18executing program
) = 18
[pid 315] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 315] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 315] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 315] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 315] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 315] exit_group(0) = ?
[ 26.861830][ T314] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[ 26.869942][ T314] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 26.877969][ T314]
[ 26.880980][ T314] ---[ end trace 0000000000000000 ]---
[pid 315] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=315, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 316
./strace-static-x86_64: Process 316 attached
[pid 316] set_robust_list(0x55557d82d660, 24) = 0
[pid 316] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 316] setpgid(0, 0) = 0
[pid 316] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 316] write(3, "1000", 4) = 4
[pid 316] close(3) = 0
executing program
[pid 316] write(1, "executing program\n", 18) = 18
[pid 316] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 316] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 316] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 316] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 316] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 316] exit_group(0) = ?
[pid 316] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=316, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 317 attached
, child_tidptr=0x55557d82d650) = 317
[pid 317] set_robust_list(0x55557d82d660, 24) = 0
[pid 317] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 317] setpgid(0, 0) = 0
[pid 317] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 317] write(3, "1000", 4) = 4
[pid 317] close(3) = 0
executing program
[pid 317] write(1, "executing program\n", 18) = 18
[pid 317] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 317] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 317] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 317] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 317] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 317] exit_group(0) = ?
[ 27.024119][ T317] ------------[ cut here ]------------
[ 27.029594][ T317] WARNING: CPU: 0 PID: 317 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 27.039373][ T317] Modules linked in:
[ 27.043277][ T317] CPU: 0 UID: 0 PID: 317 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 27.058575][ T317] Tainted: [W]=WARN
[ 27.062401][ T317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 27.072501][ T317] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 27.078444][ T317] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 27.098102][ T317] RSP: 0018:ffffc9000125faa8 EFLAGS: 00010202
[ 27.104224][ T317] RAX: 1ffffd1ffff80f12 RBX: ffffc900013508e8 RCX: ffffffff816dc249
[ 27.112217][ T317] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc07890
[ 27.120263][ T317] RBP: ffffc9000125fb10 R08: ffffe8ffffc07897 R09: 1ffffd1ffff80f12
[ 27.128300][ T317] R10: dffffc0000000000 R11: fffff91ffff80f13 R12: dffffc0000000000
[ 27.136313][ T317] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc07890
[ 27.144541][ T317] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 27.153552][ T317] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 27.160228][ T317] CR2: 000055557d82d650 CR3: 0000000130130000 CR4: 00000000003526b0
[ 27.168330][ T317] Call Trace:
[ 27.171635][ T317]
[ 27.174675][ T317] kvm_put_kvm+0x1100/0x12b0
[ 27.179278][ T317] ? __cfi_kvm_vm_release+0x10/0x10
[ 27.184543][ T317] kvm_vm_release+0x47/0x70
[ 27.189061][ T317] __fput+0x1fb/0xa00
[ 27.193042][ T317] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 27.198630][ T317] ____fput+0x20/0x30
[ 27.202654][ T317] task_work_run+0x1e0/0x250
[ 27.207299][ T317] ? __cfi_task_work_run+0x10/0x10
[ 27.212455][ T317] ? __kasan_check_write+0x18/0x20
[ 27.217624][ T317] do_exit+0x9bc/0x2630
[ 27.221786][ T317] ? __cfi_do_exit+0x10/0x10
[ 27.226408][ T317] ? __kasan_check_write+0x18/0x20
[ 27.231529][ T317] ? _raw_spin_lock_irq+0x8d/0x120
[ 27.236686][ T317] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 27.242233][ T317] ? zap_other_threads+0x334/0x370
[ 27.247418][ T317] do_group_exit+0x22a/0x300
[ 27.252024][ T317] __x64_sys_exit_group+0x43/0x50
[ 27.257086][ T317] x64_sys_call+0x2ed2/0x2ee0
[ 27.261775][ T317] do_syscall_64+0x58/0xf0
[ 27.266228][ T317] ? clear_bhb_loop+0x50/0xa0
[ 27.270911][ T317] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 27.276893][ T317] RIP: 0033:0x7faabe06bc49
[ 27.281313][ T317] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 27.288355][ T317] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 27.296808][ T317] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 27.305129][ T317] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 27.313199][ T317] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[pid 317] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=317, si_uid=0, si_status=0, si_utime=0, si_stime=30} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 318 attached
, child_tidptr=0x55557d82d650) = 318
[pid 318] set_robust_list(0x55557d82d660, 24) = 0
[pid 318] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 318] setpgid(0, 0) = 0
[pid 318] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 318] write(3, "1000", 4) = 4
[pid 318] close(3) = 0
executing program
[pid 318] write(1, "executing program\n", 18) = 18
[pid 318] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 318] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 318] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 318] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 318] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 318] exit_group(0) = ?
[ 27.321188][ T317] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[ 27.329467][ T317] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 27.337491][ T317]
[ 27.340534][ T317] ---[ end trace 0000000000000000 ]---
[pid 318] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=318, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 319 attached
, child_tidptr=0x55557d82d650) = 319
[pid 319] set_robust_list(0x55557d82d660, 24) = 0
[pid 319] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 319] setpgid(0, 0) = 0
[pid 319] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 319] write(3, "1000", 4) = 4
[pid 319] close(3) = 0
executing program
[pid 319] write(1, "executing program\n", 18) = 18
[pid 319] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 319] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 319] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 319] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 319] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 319] exit_group(0) = ?
[pid 319] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=319, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 320 attached
, child_tidptr=0x55557d82d650) = 320
[pid 320] set_robust_list(0x55557d82d660, 24) = 0
[pid 320] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 320] setpgid(0, 0) = 0
[pid 320] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 320] write(3, "1000", 4) = 4
[pid 320] close(3) = 0
executing program
[pid 320] write(1, "executing program\n", 18) = 18
[pid 320] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 320] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 320] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 320] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 320] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 320] exit_group(0) = ?
[pid 320] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=320, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 321
./strace-static-x86_64: Process 321 attached
[pid 321] set_robust_list(0x55557d82d660, 24) = 0
[pid 321] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 321] setpgid(0, 0) = 0
[pid 321] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 321] write(3, "1000", 4) = 4
[pid 321] close(3) = 0
[pid 321] write(1, "executing program\n", 18executing program
) = 18
[pid 321] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 321] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 321] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 321] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 321] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 321] exit_group(0) = ?
[pid 321] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=321, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 322
./strace-static-x86_64: Process 322 attached
[pid 322] set_robust_list(0x55557d82d660, 24) = 0
[pid 322] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 322] setpgid(0, 0) = 0
[pid 322] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 322] write(3, "1000", 4) = 4
[pid 322] close(3) = 0
[pid 322] write(1, "executing program\n", 18executing program
) = 18
[pid 322] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 322] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 322] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 322] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 322] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 322] exit_group(0) = ?
[pid 322] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=322, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 323
./strace-static-x86_64: Process 323 attached
[pid 323] set_robust_list(0x55557d82d660, 24) = 0
[pid 323] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 323] setpgid(0, 0) = 0
[pid 323] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 323] write(3, "1000", 4) = 4
[pid 323] close(3) = 0
executing program
[pid 323] write(1, "executing program\n", 18) = 18
[pid 323] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 323] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 323] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 323] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 323] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 323] exit_group(0) = ?
[ 27.714095][ T323] ------------[ cut here ]------------
[ 27.719572][ T323] WARNING: CPU: 0 PID: 323 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 27.729345][ T323] Modules linked in:
[ 27.733343][ T323] CPU: 0 UID: 0 PID: 323 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 27.748924][ T323] Tainted: [W]=WARN
[ 27.752816][ T323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 27.763103][ T323] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 27.769052][ T323] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 27.789280][ T323] RSP: 0018:ffffc9000127faa8 EFLAGS: 00010202
[ 27.795404][ T323] RAX: 1ffffd1ffff80f42 RBX: ffffc900013928e8 RCX: ffffffff816dc249
[ 27.803788][ T323] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc07a10
[ 27.812089][ T323] RBP: ffffc9000127fb10 R08: ffffe8ffffc07a17 R09: 1ffffd1ffff80f42
[ 27.820187][ T323] R10: dffffc0000000000 R11: fffff91ffff80f43 R12: dffffc0000000000
[ 27.828208][ T323] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc07a10
[ 27.836226][ T323] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 27.845342][ T323] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 27.852074][ T323] CR2: 00007faabe0b601d CR3: 0000000130130000 CR4: 00000000003526b0
[ 27.860079][ T323] Call Trace:
[ 27.863546][ T323]
[ 27.866473][ T323] kvm_put_kvm+0x1100/0x12b0
[ 27.871160][ T323] ? __cfi_kvm_vm_release+0x10/0x10
[ 27.876398][ T323] kvm_vm_release+0x47/0x70
[ 27.880907][ T323] __fput+0x1fb/0xa00
[ 27.884927][ T323] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 27.890510][ T323] ____fput+0x20/0x30
[ 27.894526][ T323] task_work_run+0x1e0/0x250
[ 27.899128][ T323] ? __cfi_task_work_run+0x10/0x10
[ 27.904273][ T323] ? __kasan_check_write+0x18/0x20
[ 27.909478][ T323] do_exit+0x9bc/0x2630
[ 27.913664][ T323] ? __cfi_do_exit+0x10/0x10
[ 27.918262][ T323] ? __kasan_check_write+0x18/0x20
[ 27.923365][ T323] ? _raw_spin_lock_irq+0x8d/0x120
[ 27.928502][ T323] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 27.934079][ T323] ? zap_other_threads+0x334/0x370
[ 27.939191][ T323] do_group_exit+0x22a/0x300
[ 27.943817][ T323] __x64_sys_exit_group+0x43/0x50
[ 27.948861][ T323] x64_sys_call+0x2ed2/0x2ee0
[ 27.953610][ T323] do_syscall_64+0x58/0xf0
[ 27.958065][ T323] ? clear_bhb_loop+0x50/0xa0
[ 27.962769][ T323] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 27.968723][ T323] RIP: 0033:0x7faabe06bc49
[ 27.973148][ T323] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 27.980316][ T323] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 27.988772][ T323] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 27.997133][ T323] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 28.005227][ T323] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[pid 323] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=323, si_uid=0, si_status=0, si_utime=0, si_stime=29} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 324
./strace-static-x86_64: Process 324 attached
[pid 324] set_robust_list(0x55557d82d660, 24) = 0
[pid 324] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 324] setpgid(0, 0) = 0
[pid 324] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 324] write(3, "1000", 4) = 4
[pid 324] close(3) = 0
executing program
[pid 324] write(1, "executing program\n", 18) = 18
[pid 324] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 324] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 324] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 324] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 324] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 324] exit_group(0) = ?
[ 28.013193][ T323] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[ 28.021246][ T323] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 28.029275][ T323]
[ 28.032285][ T323] ---[ end trace 0000000000000000 ]---
[pid 324] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=324, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 325 attached
, child_tidptr=0x55557d82d650) = 325
[pid 325] set_robust_list(0x55557d82d660, 24) = 0
[pid 325] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 325] setpgid(0, 0) = 0
[pid 325] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 325] write(3, "1000", 4) = 4
[pid 325] close(3) = 0
executing program
[pid 325] write(1, "executing program\n", 18) = 18
[pid 325] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 325] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 325] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 325] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 325] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 325] exit_group(0) = ?
[pid 325] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=325, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 326 attached
, child_tidptr=0x55557d82d650) = 326
[pid 326] set_robust_list(0x55557d82d660, 24) = 0
[pid 326] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 326] setpgid(0, 0) = 0
[pid 326] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 326] write(3, "1000", 4executing program
) = 4
[pid 326] close(3) = 0
[pid 326] write(1, "executing program\n", 18) = 18
[pid 326] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 326] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 326] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 326] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 326] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 326] exit_group(0) = ?
[pid 326] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=326, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 327
./strace-static-x86_64: Process 327 attached
[pid 327] set_robust_list(0x55557d82d660, 24) = 0
[pid 327] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 327] setpgid(0, 0) = 0
[pid 327] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
executing program
[pid 327] write(3, "1000", 4) = 4
[pid 327] close(3) = 0
[pid 327] write(1, "executing program\n", 18) = 18
[pid 327] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 327] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 327] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 327] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 327] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 327] exit_group(0) = ?
[ 28.264062][ T327] ------------[ cut here ]------------
[ 28.269613][ T327] WARNING: CPU: 0 PID: 327 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 28.279652][ T327] Modules linked in:
[ 28.283583][ T327] CPU: 0 UID: 0 PID: 327 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 28.299294][ T327] Tainted: [W]=WARN
[ 28.303105][ T327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 28.313368][ T327] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 28.319421][ T327] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 28.339252][ T327] RSP: 0018:ffffc9000127faa8 EFLAGS: 00010202
[ 28.345354][ T327] RAX: 1ffffd1ffff80f72 RBX: ffffc900013be8e8 RCX: ffffffff816dc249
[ 28.353405][ T327] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc07b90
[ 28.361454][ T327] RBP: ffffc9000127fb10 R08: ffffe8ffffc07b97 R09: 1ffffd1ffff80f72
[ 28.369489][ T327] R10: dffffc0000000000 R11: fffff91ffff80f73 R12: dffffc0000000000
[ 28.377926][ T327] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc07b90
[ 28.385932][ T327] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 28.394986][ T327] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 28.401870][ T327] CR2: 00007faabe0b601d CR3: 00000001212e8000 CR4: 00000000003526b0
[ 28.409887][ T327] Call Trace:
[ 28.413182][ T327]
[ 28.416139][ T327] kvm_put_kvm+0x1100/0x12b0
[ 28.420741][ T327] ? __cfi_kvm_vm_release+0x10/0x10
[ 28.425970][ T327] kvm_vm_release+0x47/0x70
[ 28.430488][ T327] __fput+0x1fb/0xa00
[ 28.434532][ T327] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 28.440086][ T327] ____fput+0x20/0x30
[ 28.444098][ T327] task_work_run+0x1e0/0x250
[ 28.448690][ T327] ? __cfi_task_work_run+0x10/0x10
[ 28.453840][ T327] ? __kasan_check_write+0x18/0x20
[ 28.459048][ T327] do_exit+0x9bc/0x2630
[ 28.463237][ T327] ? __cfi_do_exit+0x10/0x10
[ 28.467850][ T327] ? __kasan_check_write+0x18/0x20
[ 28.473006][ T327] ? _raw_spin_lock_irq+0x8d/0x120
[ 28.478128][ T327] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 28.483714][ T327] ? zap_other_threads+0x334/0x370
[ 28.489054][ T327] do_group_exit+0x22a/0x300
[ 28.493691][ T327] __x64_sys_exit_group+0x43/0x50
[ 28.498749][ T327] x64_sys_call+0x2ed2/0x2ee0
[ 28.503419][ T327] do_syscall_64+0x58/0xf0
[ 28.507873][ T327] ? clear_bhb_loop+0x50/0xa0
[ 28.512573][ T327] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 28.518490][ T327] RIP: 0033:0x7faabe06bc49
[ 28.522921][ T327] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 28.529944][ T327] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 28.538412][ T327] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 28.546404][ T327] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 28.554402][ T327] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[pid 327] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=327, si_uid=0, si_status=0, si_utime=0, si_stime=31} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 328
./strace-static-x86_64: Process 328 attached
[pid 328] set_robust_list(0x55557d82d660, 24) = 0
[pid 328] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 328] setpgid(0, 0) = 0
[pid 328] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 328] write(3, "1000", 4) = 4
[pid 328] close(3) = 0
executing program
[pid 328] write(1, "executing program\n", 18) = 18
[pid 328] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 328] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 328] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 328] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 328] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 328] exit_group(0) = ?
[ 28.562388][ T327] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[ 28.570388][ T327] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 28.578426][ T327]
[ 28.581448][ T327] ---[ end trace 0000000000000000 ]---
[pid 328] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=328, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 329 attached
, child_tidptr=0x55557d82d650) = 329
[pid 329] set_robust_list(0x55557d82d660, 24) = 0
[pid 329] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 329] setpgid(0, 0) = 0
executing program
[pid 329] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 329] write(3, "1000", 4) = 4
[pid 329] close(3) = 0
[pid 329] write(1, "executing program\n", 18) = 18
[pid 329] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 329] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 329] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 329] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 329] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 329] exit_group(0) = ?
[ 28.684196][ T329] ------------[ cut here ]------------
[ 28.689681][ T329] WARNING: CPU: 0 PID: 329 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 28.699435][ T329] Modules linked in:
[ 28.703435][ T329] CPU: 0 UID: 0 PID: 329 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 28.718832][ T329] Tainted: [W]=WARN
[ 28.722629][ T329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 28.732702][ T329] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 28.738641][ T329] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 28.758374][ T329] RSP: 0018:ffffc9000127faa8 EFLAGS: 00010202
[ 28.764465][ T329] RAX: 1ffffd1ffff80fa2 RBX: ffffc900013d48e8 RCX: ffffffff816dc249
[ 28.772425][ T329] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc07d10
[ 28.780427][ T329] RBP: ffffc9000127fb10 R08: ffffe8ffffc07d17 R09: 1ffffd1ffff80fa2
[ 28.788440][ T329] R10: dffffc0000000000 R11: fffff91ffff80fa3 R12: dffffc0000000000
[ 28.796464][ T329] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc07d10
[ 28.804481][ T329] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 28.813428][ T329] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 28.820067][ T329] CR2: 000055d0f0aa1028 CR3: 0000000130130000 CR4: 00000000003526b0
[ 28.828147][ T329] Call Trace:
[ 28.831421][ T329]
[ 28.834388][ T329] kvm_put_kvm+0x1100/0x12b0
[ 28.838995][ T329] ? __cfi_kvm_vm_release+0x10/0x10
[ 28.844220][ T329] kvm_vm_release+0x47/0x70
[ 28.848729][ T329] __fput+0x1fb/0xa00
[ 28.852786][ T329] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 28.858408][ T329] ____fput+0x20/0x30
[ 28.862419][ T329] task_work_run+0x1e0/0x250
[ 28.867056][ T329] ? __cfi_task_work_run+0x10/0x10
[ 28.872169][ T329] ? __kasan_check_write+0x18/0x20
[ 28.877334][ T329] do_exit+0x9bc/0x2630
[ 28.881507][ T329] ? __cfi_do_exit+0x10/0x10
[ 28.886124][ T329] ? __kasan_check_write+0x18/0x20
[ 28.891246][ T329] ? _raw_spin_lock_irq+0x8d/0x120
[ 28.896404][ T329] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 28.902056][ T329] ? zap_other_threads+0x334/0x370
[ 28.907203][ T329] do_group_exit+0x22a/0x300
[ 28.911792][ T329] __x64_sys_exit_group+0x43/0x50
[ 28.916851][ T329] x64_sys_call+0x2ed2/0x2ee0
[ 28.921552][ T329] do_syscall_64+0x58/0xf0
[ 28.926007][ T329] ? clear_bhb_loop+0x50/0xa0
[ 28.930694][ T329] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 28.936626][ T329] RIP: 0033:0x7faabe06bc49
[ 28.941039][ T329] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 28.948089][ T329] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 28.956650][ T329] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 28.964671][ T329] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 28.972651][ T329] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[pid 329] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=329, si_uid=0, si_status=0, si_utime=0, si_stime=29} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 330
./strace-static-x86_64: Process 330 attached
[pid 330] set_robust_list(0x55557d82d660, 24) = 0
[pid 330] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 330] setpgid(0, 0) = 0
[pid 330] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 330] write(3, "1000", 4) = 4
[pid 330] close(3) = 0
executing program
[pid 330] write(1, "executing program\n", 18) = 18
[pid 330] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 330] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 330] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 330] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 330] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 330] exit_group(0) = ?
[ 28.980669][ T329] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[ 28.988677][ T329] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 28.996677][ T329]
[ 28.999700][ T329] ---[ end trace 0000000000000000 ]---
[pid 330] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=330, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 331
./strace-static-x86_64: Process 331 attached
[pid 331] set_robust_list(0x55557d82d660, 24) = 0
[pid 331] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 331] setpgid(0, 0) = 0
[pid 331] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 331] write(3, "1000", 4) = 4
[pid 331] close(3) = 0
[pid 331] write(1, "executing program\n", 18executing program
) = 18
[pid 331] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 331] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 331] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 331] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 331] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 331] exit_group(0) = ?
[pid 331] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=331, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 332
./strace-static-x86_64: Process 332 attached
[pid 332] set_robust_list(0x55557d82d660, 24) = 0
[pid 332] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 332] setpgid(0, 0) = 0
[pid 332] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 332] write(3, "1000", 4) = 4
[pid 332] close(3) = 0
executing program
[pid 332] write(1, "executing program\n", 18) = 18
[pid 332] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 332] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 332] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 332] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 332] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 332] exit_group(0) = ?
[pid 332] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=332, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 333
./strace-static-x86_64: Process 333 attached
[pid 333] set_robust_list(0x55557d82d660, 24) = 0
[pid 333] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 333] setpgid(0, 0) = 0
[pid 333] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 333] write(3, "1000", 4) = 4
[pid 333] close(3) = 0
[pid 333] write(1, "executing program\n", 18executing program
) = 18
[pid 333] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 333] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 333] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 333] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 333] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 333] exit_group(0) = ?
[pid 333] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=333, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 334
./strace-static-x86_64: Process 334 attached
[pid 334] set_robust_list(0x55557d82d660, 24) = 0
[pid 334] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 334] setpgid(0, 0) = 0
[pid 334] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 334] write(3, "1000", 4) = 4
[pid 334] close(3) = 0
[pid 334] write(1, "executing program\n", 18executing program
) = 18
[pid 334] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 334] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 334] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 334] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 334] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 334] exit_group(0) = ?
[ 29.314166][ T334] ------------[ cut here ]------------
[ 29.319639][ T334] WARNING: CPU: 0 PID: 334 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 29.329521][ T334] Modules linked in:
[ 29.333443][ T334] CPU: 0 UID: 0 PID: 334 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 29.348900][ T334] Tainted: [W]=WARN
[ 29.352701][ T334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 29.363068][ T334] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 29.369001][ T334] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 29.388760][ T334] RSP: 0018:ffffc9000125faa8 EFLAGS: 00010202
[ 29.394863][ T334] RAX: 1ffffd1ffff80fd2 RBX: ffffc9000140b8e8 RCX: ffffffff816dc249
[ 29.403100][ T334] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc07e90
[ 29.411152][ T334] RBP: ffffc9000125fb10 R08: ffffe8ffffc07e97 R09: 1ffffd1ffff80fd2
[ 29.419454][ T334] R10: dffffc0000000000 R11: fffff91ffff80fd3 R12: dffffc0000000000
[ 29.427470][ T334] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc07e90
[ 29.435541][ T334] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 29.445391][ T334] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 29.452020][ T334] CR2: 0000200000000180 CR3: 0000000130130000 CR4: 00000000003526b0
[ 29.460057][ T334] Call Trace:
[ 29.463342][ T334]
[ 29.466326][ T334] kvm_put_kvm+0x1100/0x12b0
[ 29.470934][ T334] ? __cfi_kvm_vm_release+0x10/0x10
[ 29.476175][ T334] kvm_vm_release+0x47/0x70
[ 29.480688][ T334] __fput+0x1fb/0xa00
[ 29.484694][ T334] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 29.490337][ T334] ____fput+0x20/0x30
[ 29.494374][ T334] task_work_run+0x1e0/0x250
[ 29.498969][ T334] ? __cfi_task_work_run+0x10/0x10
[ 29.504654][ T334] ? __kasan_check_write+0x18/0x20
[ 29.509776][ T334] do_exit+0x9bc/0x2630
[ 29.514073][ T334] ? __cfi_do_exit+0x10/0x10
[ 29.518926][ T334] ? __kasan_check_write+0x18/0x20
[ 29.524114][ T334] ? _raw_spin_lock_irq+0x8d/0x120
[ 29.529236][ T334] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 29.534828][ T334] ? zap_other_threads+0x334/0x370
[ 29.540050][ T334] do_group_exit+0x22a/0x300
[ 29.544694][ T334] __x64_sys_exit_group+0x43/0x50
[ 29.549723][ T334] x64_sys_call+0x2ed2/0x2ee0
[ 29.554441][ T334] do_syscall_64+0x58/0xf0
[ 29.558873][ T334] ? clear_bhb_loop+0x50/0xa0
[ 29.563587][ T334] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 29.569574][ T334] RIP: 0033:0x7faabe06bc49
[ 29.574004][ T334] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 29.581015][ T334] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 29.589538][ T334] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 29.597530][ T334] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 29.605524][ T334] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[pid 334] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=334, si_uid=0, si_status=0, si_utime=0, si_stime=30} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 335
./strace-static-x86_64: Process 335 attached
[pid 335] set_robust_list(0x55557d82d660, 24) = 0
[pid 335] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 335] setpgid(0, 0) = 0
[pid 335] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 335] write(3, "1000", 4) = 4
[pid 335] close(3) = 0
executing program
[pid 335] write(1, "executing program\n", 18) = 18
[pid 335] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 335] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 335] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 335] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 335] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 335] exit_group(0) = ?
[ 29.613520][ T334] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[ 29.621492][ T334] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 29.629515][ T334]
[ 29.632538][ T334] ---[ end trace 0000000000000000 ]---
[pid 335] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=335, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 336
./strace-static-x86_64: Process 336 attached
[pid 336] set_robust_list(0x55557d82d660, 24) = 0
[pid 336] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 336] setpgid(0, 0) = 0
[pid 336] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
executing program
[pid 336] write(3, "1000", 4) = 4
[pid 336] close(3) = 0
[pid 336] write(1, "executing program\n", 18) = 18
[pid 336] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 336] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 336] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 336] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 336] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 336] exit_group(0) = ?
[pid 336] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=336, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 337
./strace-static-x86_64: Process 337 attached
[pid 337] set_robust_list(0x55557d82d660, 24) = 0
[pid 337] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 337] setpgid(0, 0) = 0
[pid 337] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 337] write(3, "1000", 4) = 4
[pid 337] close(3) = 0
[pid 337] write(1, "executing program\n", 18executing program
) = 18
[pid 337] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 337] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 337] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 337] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 337] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 337] exit_group(0) = ?
[pid 337] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=337, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 338
./strace-static-x86_64: Process 338 attached
[pid 338] set_robust_list(0x55557d82d660, 24) = 0
[pid 338] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 338] setpgid(0, 0) = 0
[pid 338] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 338] write(3, "1000", 4) = 4
[pid 338] close(3) = 0
[pid 338] write(1, "executing program\n", 18) = 18
executing program
[pid 338] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 338] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 338] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 338] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 338] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 338] exit_group(0) = ?
[pid 338] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=338, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 339
./strace-static-x86_64: Process 339 attached
[pid 339] set_robust_list(0x55557d82d660, 24) = 0
[pid 339] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 339] setpgid(0, 0) = 0
[pid 339] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 339] write(3, "1000", 4) = 4
[pid 339] close(3) = 0
[pid 339] write(1, "executing program\n", 18executing program
) = 18
[pid 339] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 339] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 339] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 339] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 339] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 339] exit_group(0) = ?
[pid 339] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=339, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 340
./strace-static-x86_64: Process 340 attached
[pid 340] set_robust_list(0x55557d82d660, 24) = 0
[pid 340] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 340] setpgid(0, 0) = 0
[pid 340] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 340] write(3, "1000", 4) = 4
[pid 340] close(3) = 0
[pid 340] write(1, "executing program\n", 18executing program
) = 18
[pid 340] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 340] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 340] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 340] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 340] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 340] exit_group(0) = ?
[ 29.944236][ T340] ------------[ cut here ]------------
[ 29.949834][ T340] WARNING: CPU: 0 PID: 340 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 29.960102][ T340] Modules linked in:
[ 29.964075][ T340] CPU: 0 UID: 0 PID: 340 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 29.979504][ T340] Tainted: [W]=WARN
[ 29.983349][ T340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 29.993523][ T340] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 29.999433][ T340] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 30.019603][ T340] RSP: 0018:ffffc9000125faa8 EFLAGS: 00010202
[ 30.025832][ T340] RAX: 1ffffd1ffff81002 RBX: ffffc9000144d8e8 RCX: ffffffff816dc249
[ 30.033931][ T340] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc08010
[ 30.041958][ T340] RBP: ffffc9000125fb10 R08: ffffe8ffffc08017 R09: 1ffffd1ffff81002
[ 30.050004][ T340] R10: dffffc0000000000 R11: fffff91ffff81003 R12: dffffc0000000000
[ 30.058014][ T340] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc08010
[ 30.066039][ T340] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 30.075004][ T340] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 30.081665][ T340] CR2: 000055557d82d650 CR3: 0000000130130000 CR4: 00000000003526b0
[ 30.089666][ T340] Call Trace:
[ 30.092949][ T340]
[ 30.095897][ T340] kvm_put_kvm+0x1100/0x12b0
[ 30.100683][ T340] ? __cfi_kvm_vm_release+0x10/0x10
[ 30.105924][ T340] kvm_vm_release+0x47/0x70
[ 30.110456][ T340] __fput+0x1fb/0xa00
[ 30.114657][ T340] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 30.120247][ T340] ____fput+0x20/0x30
[ 30.124286][ T340] task_work_run+0x1e0/0x250
[ 30.128921][ T340] ? __cfi_task_work_run+0x10/0x10
[ 30.134068][ T340] ? __kasan_check_write+0x18/0x20
[ 30.139191][ T340] do_exit+0x9bc/0x2630
[ 30.143545][ T340] ? __cfi_do_exit+0x10/0x10
[ 30.148134][ T340] ? __kasan_check_write+0x18/0x20
[ 30.153238][ T340] ? _raw_spin_lock_irq+0x8d/0x120
[ 30.158391][ T340] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 30.163966][ T340] ? zap_other_threads+0x334/0x370
[ 30.169078][ T340] do_group_exit+0x22a/0x300
[ 30.173681][ T340] __x64_sys_exit_group+0x43/0x50
[ 30.178737][ T340] x64_sys_call+0x2ed2/0x2ee0
[ 30.183428][ T340] do_syscall_64+0x58/0xf0
[ 30.187890][ T340] ? clear_bhb_loop+0x50/0xa0
[ 30.192603][ T340] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 30.198580][ T340] RIP: 0033:0x7faabe06bc49
[ 30.203010][ T340] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 30.210066][ T340] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 30.218557][ T340] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 30.226608][ T340] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 30.234609][ T340] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[pid 340] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=340, si_uid=0, si_status=0, si_utime=0, si_stime=29} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 341
./strace-static-x86_64: Process 341 attached
[pid 341] set_robust_list(0x55557d82d660, 24) = 0
[pid 341] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 341] setpgid(0, 0) = 0
[pid 341] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 341] write(3, "1000", 4) = 4
[pid 341] close(3) = 0
executing program
[pid 341] write(1, "executing program\n", 18) = 18
[pid 341] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 341] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 341] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 341] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 341] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 341] exit_group(0) = ?
[ 30.242593][ T340] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[ 30.250607][ T340] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 30.258802][ T340]
[ 30.261823][ T340] ---[ end trace 0000000000000000 ]---
[ 30.294150][ T341] ------------[ cut here ]------------
[ 30.299643][ T341] WARNING: CPU: 0 PID: 341 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 30.309419][ T341] Modules linked in:
[ 30.313314][ T341] CPU: 0 UID: 0 PID: 341 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 30.328705][ T341] Tainted: [W]=WARN
[ 30.332523][ T341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 30.343575][ T341] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 30.350381][ T341] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 30.370019][ T341] RSP: 0018:ffffc9000127faa8 EFLAGS: 00010202
[ 30.376299][ T341] RAX: 1ffffd1ffff81032 RBX: ffffc900014588e8 RCX: ffffffff816dc249
[ 30.384411][ T341] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc08190
[ 30.392396][ T341] RBP: ffffc9000127fb10 R08: ffffe8ffffc08197 R09: 1ffffd1ffff81032
[ 30.400390][ T341] R10: dffffc0000000000 R11: fffff91ffff81033 R12: dffffc0000000000
[ 30.408421][ T341] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc08190
[ 30.416445][ T341] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 30.425404][ T341] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 30.432175][ T341] CR2: 000055557d82d650 CR3: 0000000130130000 CR4: 00000000003526b0
[ 30.440287][ T341] Call Trace:
[ 30.443594][ T341]
[ 30.446515][ T341] kvm_put_kvm+0x1100/0x12b0
[ 30.451101][ T341] ? __cfi_kvm_vm_release+0x10/0x10
[ 30.456349][ T341] kvm_vm_release+0x47/0x70
[ 30.460887][ T341] __fput+0x1fb/0xa00
[ 30.465004][ T341] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 30.470579][ T341] ____fput+0x20/0x30
[ 30.474594][ T341] task_work_run+0x1e0/0x250
[ 30.479187][ T341] ? __cfi_task_work_run+0x10/0x10
[ 30.484317][ T341] ? __kasan_check_write+0x18/0x20
[ 30.489531][ T341] do_exit+0x9bc/0x2630
[ 30.493729][ T341] ? __cfi_do_exit+0x10/0x10
[ 30.498345][ T341] ? __kasan_check_write+0x18/0x20
[ 30.503597][ T341] ? _raw_spin_lock_irq+0x8d/0x120
[ 30.508717][ T341] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 30.514292][ T341] ? zap_other_threads+0x334/0x370
[ 30.519446][ T341] do_group_exit+0x22a/0x300
[ 30.524073][ T341] __x64_sys_exit_group+0x43/0x50
[ 30.529107][ T341] x64_sys_call+0x2ed2/0x2ee0
[ 30.533841][ T341] do_syscall_64+0x58/0xf0
[ 30.538312][ T341] ? clear_bhb_loop+0x50/0xa0
[ 30.543063][ T341] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 30.548999][ T341] RIP: 0033:0x7faabe06bc49
[ 30.553413][ T341] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 30.560474][ T341] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 30.568959][ T341] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 30.576996][ T341] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 30.586274][ T341] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[pid 341] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=341, si_uid=0, si_status=0, si_utime=0, si_stime=28} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 342 attached
, child_tidptr=0x55557d82d650) = 342
[pid 342] set_robust_list(0x55557d82d660, 24) = 0
[pid 342] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 342] setpgid(0, 0) = 0
[pid 342] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 342] write(3, "1000", 4) = 4
executing program
[pid 342] close(3) = 0
[pid 342] write(1, "executing program\n", 18) = 18
[pid 342] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 342] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 342] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 342] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 342] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 342] exit_group(0) = ?
[ 30.594290][ T341] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[ 30.602446][ T341] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 30.610472][ T341]
[ 30.613545][ T341] ---[ end trace 0000000000000000 ]---
[ 30.644192][ T342] ------------[ cut here ]------------
[ 30.649684][ T342] WARNING: CPU: 0 PID: 342 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 30.659449][ T342] Modules linked in:
[ 30.663345][ T342] CPU: 0 UID: 0 PID: 342 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 30.678663][ T342] Tainted: [W]=WARN
[ 30.682538][ T342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 30.692624][ T342] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 30.698672][ T342] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 30.718425][ T342] RSP: 0018:ffffc9000125faa8 EFLAGS: 00010202
[ 30.724552][ T342] RAX: 1ffffd1ffff81062 RBX: ffffc900014638e8 RCX: ffffffff816dc249
[ 30.732522][ T342] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc08310
[ 30.740525][ T342] RBP: ffffc9000125fb10 R08: ffffe8ffffc08317 R09: 1ffffd1ffff81062
[ 30.748524][ T342] R10: dffffc0000000000 R11: fffff91ffff81063 R12: dffffc0000000000
[ 30.756515][ T342] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc08310
[ 30.764517][ T342] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 30.773431][ T342] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 30.780040][ T342] CR2: 000055557d82d650 CR3: 0000000130130000 CR4: 00000000003526b0
[ 30.788469][ T342] Call Trace:
[ 30.791741][ T342]
[ 30.794712][ T342] kvm_put_kvm+0x1100/0x12b0
[ 30.799377][ T342] ? __cfi_kvm_vm_release+0x10/0x10
[ 30.804604][ T342] kvm_vm_release+0x47/0x70
[ 30.809209][ T342] __fput+0x1fb/0xa00
[ 30.813217][ T342] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 30.818824][ T342] ____fput+0x20/0x30
[ 30.822840][ T342] task_work_run+0x1e0/0x250
[ 30.827958][ T342] ? __cfi_task_work_run+0x10/0x10
[ 30.833135][ T342] ? __kasan_check_write+0x18/0x20
[ 30.838344][ T342] do_exit+0x9bc/0x2630
[ 30.842595][ T342] ? __cfi_do_exit+0x10/0x10
[ 30.847207][ T342] ? __kasan_check_write+0x18/0x20
[ 30.852328][ T342] ? _raw_spin_lock_irq+0x8d/0x120
[ 30.857453][ T342] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 30.863120][ T342] ? zap_other_threads+0x334/0x370
[ 30.868262][ T342] do_group_exit+0x22a/0x300
[ 30.872859][ T342] __x64_sys_exit_group+0x43/0x50
[ 30.877899][ T342] x64_sys_call+0x2ed2/0x2ee0
[ 30.882589][ T342] do_syscall_64+0x58/0xf0
[ 30.887033][ T342] ? clear_bhb_loop+0x50/0xa0
[ 30.891723][ T342] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 30.897646][ T342] RIP: 0033:0x7faabe06bc49
[ 30.902099][ T342] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 30.909135][ T342] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 30.917564][ T342] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 30.925744][ T342] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 30.933769][ T342] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[pid 342] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=342, si_uid=0, si_status=0, si_utime=0, si_stime=29} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 343
./strace-static-x86_64: Process 343 attached
[pid 343] set_robust_list(0x55557d82d660, 24) = 0
[pid 343] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 343] setpgid(0, 0) = 0
[pid 343] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 343] write(3, "1000", 4) = 4
[pid 343] close(3) = 0
executing program
[pid 343] write(1, "executing program\n", 18) = 18
[pid 343] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 343] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 343] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 343] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 343] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 343] exit_group(0) = ?
[ 30.942173][ T342] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[ 30.950342][ T342] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 30.958350][ T342]
[ 30.961388][ T342] ---[ end trace 0000000000000000 ]---
[pid 343] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=343, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 344
./strace-static-x86_64: Process 344 attached
[pid 344] set_robust_list(0x55557d82d660, 24) = 0
[pid 344] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 344] setpgid(0, 0) = 0
[pid 344] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 344] write(3, "1000", 4) = 4
[pid 344] close(3) = 0
executing program
[pid 344] write(1, "executing program\n", 18) = 18
[pid 344] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 344] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 344] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 344] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 344] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 344] exit_group(0) = ?
[pid 344] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=344, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 345
./strace-static-x86_64: Process 345 attached
[pid 345] set_robust_list(0x55557d82d660, 24) = 0
[pid 345] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 345] setpgid(0, 0) = 0
[pid 345] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 345] write(3, "1000", 4) = 4
[pid 345] close(3) = 0
[pid 345] write(1, "executing program\n", 18executing program
) = 18
[pid 345] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 345] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 345] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 345] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 345] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 345] exit_group(0) = ?
[ 31.094140][ T345] ------------[ cut here ]------------
[ 31.099624][ T345] WARNING: CPU: 0 PID: 345 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 31.109406][ T345] Modules linked in:
[ 31.113304][ T345] CPU: 0 UID: 0 PID: 345 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 31.128680][ T345] Tainted: [W]=WARN
[ 31.132479][ T345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 31.142587][ T345] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 31.148904][ T345] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 31.169685][ T345] RSP: 0018:ffffc9000127faa8 EFLAGS: 00010202
[ 31.175812][ T345] RAX: 1ffffd1ffff81092 RBX: ffffc900014848e8 RCX: ffffffff816dc249
[ 31.183874][ T345] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc08490
[ 31.192050][ T345] RBP: ffffc9000127fb10 R08: ffffe8ffffc08497 R09: 1ffffd1ffff81092
[ 31.200485][ T345] R10: dffffc0000000000 R11: fffff91ffff81093 R12: dffffc0000000000
[ 31.208497][ T345] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc08490
[ 31.216519][ T345] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 31.225487][ T345] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 31.232075][ T345] CR2: 000055557d82d650 CR3: 00000001212e8000 CR4: 00000000003526b0
[ 31.240156][ T345] Call Trace:
[ 31.243443][ T345]
[ 31.246488][ T345] kvm_put_kvm+0x1100/0x12b0
[ 31.251279][ T345] ? __cfi_kvm_vm_release+0x10/0x10
[ 31.256510][ T345] kvm_vm_release+0x47/0x70
[ 31.261057][ T345] __fput+0x1fb/0xa00
[ 31.265141][ T345] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 31.270707][ T345] ____fput+0x20/0x30
[ 31.274705][ T345] task_work_run+0x1e0/0x250
[ 31.279485][ T345] ? __cfi_task_work_run+0x10/0x10
[ 31.284717][ T345] ? __kasan_check_write+0x18/0x20
[ 31.290007][ T345] do_exit+0x9bc/0x2630
[ 31.294205][ T345] ? __cfi_do_exit+0x10/0x10
[ 31.298797][ T345] ? __kasan_check_write+0x18/0x20
[ 31.303939][ T345] ? _raw_spin_lock_irq+0x8d/0x120
[ 31.309174][ T345] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 31.314838][ T345] ? zap_other_threads+0x334/0x370
[ 31.319965][ T345] do_group_exit+0x22a/0x300
[ 31.324616][ T345] __x64_sys_exit_group+0x43/0x50
[ 31.329643][ T345] x64_sys_call+0x2ed2/0x2ee0
[ 31.334352][ T345] do_syscall_64+0x58/0xf0
[ 31.338779][ T345] ? clear_bhb_loop+0x50/0xa0
[ 31.343570][ T345] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 31.349470][ T345] RIP: 0033:0x7faabe06bc49
[ 31.353910][ T345] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 31.361063][ T345] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 31.369496][ T345] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 31.377496][ T345] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 31.385494][ T345] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[pid 345] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=345, si_uid=0, si_status=0, si_utime=0, si_stime=29} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 346 attached
[pid 346] set_robust_list(0x55557d82d660, 24
[pid 296] <... clone resumed>, child_tidptr=0x55557d82d650) = 346
[pid 346] <... set_robust_list resumed>) = 0
[pid 346] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 346] setpgid(0, 0) = 0
[pid 346] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 346] write(3, "1000", 4) = 4
[pid 346] close(3) = 0
executing program
[pid 346] write(1, "executing program\n", 18) = 18
[pid 346] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 346] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 346] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 346] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 346] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 346] exit_group(0) = ?
[ 31.393521][ T345] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[ 31.401516][ T345] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 31.409597][ T345]
[ 31.412611][ T345] ---[ end trace 0000000000000000 ]---
[pid 346] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=346, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 347
./strace-static-x86_64: Process 347 attached
[pid 347] set_robust_list(0x55557d82d660, 24) = 0
[pid 347] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 347] setpgid(0, 0) = 0
[pid 347] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 347] write(3, "1000", 4) = 4
[pid 347] close(3) = 0
executing program
[pid 347] write(1, "executing program\n", 18) = 18
[pid 347] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 347] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 347] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 347] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 347] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 347] exit_group(0) = ?
[pid 347] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=347, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 348 attached
, child_tidptr=0x55557d82d650) = 348
[pid 348] set_robust_list(0x55557d82d660, 24) = 0
[pid 348] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 348] setpgid(0, 0) = 0
[pid 348] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 348] write(3, "1000", 4) = 4
[pid 348] close(3executing program
) = 0
[pid 348] write(1, "executing program\n", 18) = 18
[pid 348] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 348] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 348] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 348] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 348] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 348] exit_group(0) = ?
[pid 348] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=348, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 349
./strace-static-x86_64: Process 349 attached
[pid 349] set_robust_list(0x55557d82d660, 24) = 0
[pid 349] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 349] setpgid(0, 0) = 0
[pid 349] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 349] write(3, "1000", 4) = 4
[pid 349] close(3) = 0
[pid 349] write(1, "executing program\n", 18executing program
) = 18
[pid 349] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 349] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 349] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 349] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 349] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 349] exit_group(0) = ?
[pid 349] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=349, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 350
./strace-static-x86_64: Process 350 attached
[pid 350] set_robust_list(0x55557d82d660, 24) = 0
[pid 350] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 350] setpgid(0, 0) = 0
[pid 350] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 350] write(3, "1000", 4) = 4
[pid 350] close(3) = 0
[pid 350] write(1, "executing program\n", 18executing program
) = 18
[pid 350] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 350] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 350] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 350] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 350] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 350] exit_group(0) = ?
[pid 350] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=350, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 351
./strace-static-x86_64: Process 351 attached
[pid 351] set_robust_list(0x55557d82d660, 24) = 0
[pid 351] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 351] setpgid(0, 0) = 0
[pid 351] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 351] write(3, "1000", 4) = 4
executing program
[pid 351] close(3) = 0
[pid 351] write(1, "executing program\n", 18) = 18
[pid 351] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 351] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 351] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 351] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 351] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 351] exit_group(0) = ?
[ 31.754114][ T351] ------------[ cut here ]------------
[ 31.759600][ T351] WARNING: CPU: 0 PID: 351 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 31.769486][ T351] Modules linked in:
[ 31.773388][ T351] CPU: 0 UID: 0 PID: 351 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 31.788911][ T351] Tainted: [W]=WARN
[ 31.792720][ T351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 31.803185][ T351] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 31.809138][ T351] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 31.828966][ T351] RSP: 0018:ffffc9000125faa8 EFLAGS: 00010202
[ 31.835064][ T351] RAX: 1ffffd1ffff810c2 RBX: ffffc900014c68e8 RCX: ffffffff816dc249
[ 31.843900][ T351] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc08610
[ 31.851982][ T351] RBP: ffffc9000125fb10 R08: ffffe8ffffc08617 R09: 1ffffd1ffff810c2
[ 31.860036][ T351] R10: dffffc0000000000 R11: fffff91ffff810c3 R12: dffffc0000000000
[ 31.868073][ T351] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc08610
[ 31.876061][ T351] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 31.885056][ T351] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 31.891634][ T351] CR2: 000055557d82d650 CR3: 0000000130130000 CR4: 00000000003526b0
[ 31.899717][ T351] Call Trace:
[ 31.903096][ T351]
[ 31.906050][ T351] kvm_put_kvm+0x1100/0x12b0
[ 31.910681][ T351] ? __cfi_kvm_vm_release+0x10/0x10
[ 31.915923][ T351] kvm_vm_release+0x47/0x70
[ 31.920454][ T351] __fput+0x1fb/0xa00
[ 31.924496][ T351] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 31.930112][ T351] ____fput+0x20/0x30
[ 31.934328][ T351] task_work_run+0x1e0/0x250
[ 31.938931][ T351] ? __cfi_task_work_run+0x10/0x10
[ 31.944079][ T351] ? __kasan_check_write+0x18/0x20
[ 31.949232][ T351] do_exit+0x9bc/0x2630
[ 31.953374][ T351] ? __cfi_do_exit+0x10/0x10
[ 31.957994][ T351] ? __kasan_check_write+0x18/0x20
[ 31.963119][ T351] ? _raw_spin_lock_irq+0x8d/0x120
[ 31.968433][ T351] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 31.974225][ T351] ? zap_other_threads+0x334/0x370
[ 31.979340][ T351] do_group_exit+0x22a/0x300
[ 31.983991][ T351] __x64_sys_exit_group+0x43/0x50
[ 31.989026][ T351] x64_sys_call+0x2ed2/0x2ee0
[ 31.993833][ T351] do_syscall_64+0x58/0xf0
[ 31.998274][ T351] ? clear_bhb_loop+0x50/0xa0
[ 32.002967][ T351] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 32.008963][ T351] RIP: 0033:0x7faabe06bc49
[ 32.013407][ T351] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 32.020449][ T351] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 32.028950][ T351] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 32.037070][ T351] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 32.045097][ T351] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[pid 351] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=351, si_uid=0, si_status=0, si_utime=0, si_stime=29} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 352
./strace-static-x86_64: Process 352 attached
[pid 352] set_robust_list(0x55557d82d660, 24) = 0
[pid 352] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 352] setpgid(0, 0) = 0
[pid 352] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
executing program
[pid 352] write(3, "1000", 4) = 4
[pid 352] close(3) = 0
[pid 352] write(1, "executing program\n", 18) = 18
[pid 352] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 352] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 352] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 352] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 352] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 352] exit_group(0) = ?
[ 32.053065][ T351] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[ 32.061064][ T351] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 32.069067][ T351]
[ 32.072111][ T351] ---[ end trace 0000000000000000 ]---
[ 32.104018][ T352] ------------[ cut here ]------------
[ 32.109490][ T352] WARNING: CPU: 0 PID: 352 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 32.119255][ T352] Modules linked in:
[ 32.123257][ T352] CPU: 0 UID: 0 PID: 352 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 32.139169][ T352] Tainted: [W]=WARN
[ 32.143008][ T352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 32.153072][ T352] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 32.159008][ T352] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 32.178770][ T352] RSP: 0018:ffffc9000122faa8 EFLAGS: 00010202
[ 32.184892][ T352] RAX: 1ffffd1ffff810f2 RBX: ffffc900014d18e8 RCX: ffffffff816dc249
[ 32.192868][ T352] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc08790
[ 32.200937][ T352] RBP: ffffc9000122fb10 R08: ffffe8ffffc08797 R09: 1ffffd1ffff810f2
[ 32.209101][ T352] R10: dffffc0000000000 R11: fffff91ffff810f3 R12: dffffc0000000000
[ 32.217190][ T352] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc08790
[ 32.225211][ T352] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 32.234178][ T352] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 32.240761][ T352] CR2: 00007faabe0b601d CR3: 0000000130130000 CR4: 00000000003526b0
[ 32.248773][ T352] Call Trace:
[ 32.252141][ T352]
[ 32.255107][ T352] kvm_put_kvm+0x1100/0x12b0
[ 32.259717][ T352] ? __cfi_kvm_vm_release+0x10/0x10
[ 32.264974][ T352] kvm_vm_release+0x47/0x70
[ 32.269505][ T352] __fput+0x1fb/0xa00
[ 32.273547][ T352] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 32.279101][ T352] ____fput+0x20/0x30
[ 32.283090][ T352] task_work_run+0x1e0/0x250
[ 32.288024][ T352] ? __cfi_task_work_run+0x10/0x10
[ 32.293164][ T352] ? __kasan_check_write+0x18/0x20
[ 32.298313][ T352] do_exit+0x9bc/0x2630
[ 32.302590][ T352] ? __cfi_do_exit+0x10/0x10
[ 32.307207][ T352] ? __kasan_check_write+0x18/0x20
[ 32.312346][ T352] ? _raw_spin_lock_irq+0x8d/0x120
[ 32.317484][ T352] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 32.323082][ T352] ? zap_other_threads+0x334/0x370
[ 32.328251][ T352] do_group_exit+0x22a/0x300
[ 32.332982][ T352] __x64_sys_exit_group+0x43/0x50
[ 32.338211][ T352] x64_sys_call+0x2ed2/0x2ee0
[ 32.343006][ T352] do_syscall_64+0x58/0xf0
[ 32.347475][ T352] ? clear_bhb_loop+0x50/0xa0
[ 32.352263][ T352] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 32.358201][ T352] RIP: 0033:0x7faabe06bc49
[ 32.362670][ T352] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 32.369800][ T352] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 32.378250][ T352] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 32.386242][ T352] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 32.394239][ T352] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[pid 352] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=352, si_uid=0, si_status=0, si_utime=0, si_stime=29} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 353
./strace-static-x86_64: Process 353 attached
[pid 353] set_robust_list(0x55557d82d660, 24) = 0
[pid 353] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 353] setpgid(0, 0) = 0
[pid 353] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 353] write(3, "1000", 4) = 4
[pid 353] close(3) = 0
[pid 353] write(1, "executing program\n", 18executing program
) = 18
[pid 353] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 353] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 353] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 353] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 353] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 353] exit_group(0) = ?
[ 32.402316][ T352] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[ 32.410400][ T352] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 32.418775][ T352]
[ 32.421852][ T352] ---[ end trace 0000000000000000 ]---
[ 32.454052][ T353] ------------[ cut here ]------------
[ 32.459690][ T353] WARNING: CPU: 0 PID: 353 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 32.469740][ T353] Modules linked in:
[ 32.473894][ T353] CPU: 0 UID: 0 PID: 353 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 32.489310][ T353] Tainted: [W]=WARN
[ 32.493206][ T353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 32.503349][ T353] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 32.509323][ T353] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 32.529229][ T353] RSP: 0018:ffffc9000125faa8 EFLAGS: 00010202
[ 32.535495][ T353] RAX: 1ffffd1ffff81122 RBX: ffffc900014dc8e8 RCX: ffffffff816dc249
[ 32.543593][ T353] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc08910
[ 32.551579][ T353] RBP: ffffc9000125fb10 R08: ffffe8ffffc08917 R09: 1ffffd1ffff81122
[ 32.559618][ T353] R10: dffffc0000000000 R11: fffff91ffff81123 R12: dffffc0000000000
[ 32.567633][ T353] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc08910
[ 32.575679][ T353] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 32.584661][ T353] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 32.591334][ T353] CR2: 000055557d82d650 CR3: 0000000130130000 CR4: 00000000003526b0
[ 32.599327][ T353] Call Trace:
[ 32.602605][ T353]
[ 32.605647][ T353] kvm_put_kvm+0x1100/0x12b0
[ 32.610335][ T353] ? __cfi_kvm_vm_release+0x10/0x10
[ 32.615578][ T353] kvm_vm_release+0x47/0x70
[ 32.620111][ T353] __fput+0x1fb/0xa00
[ 32.624265][ T353] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 32.629912][ T353] ____fput+0x20/0x30
[ 32.633944][ T353] task_work_run+0x1e0/0x250
[ 32.638625][ T353] ? __cfi_task_work_run+0x10/0x10
[ 32.643762][ T353] ? __kasan_check_write+0x18/0x20
[ 32.648893][ T353] do_exit+0x9bc/0x2630
[ 32.653043][ T353] ? __cfi_do_exit+0x10/0x10
[ 32.657752][ T353] ? __kasan_check_write+0x18/0x20
[ 32.662879][ T353] ? _raw_spin_lock_irq+0x8d/0x120
[ 32.668022][ T353] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 32.673621][ T353] ? zap_other_threads+0x334/0x370
[ 32.678759][ T353] do_group_exit+0x22a/0x300
[ 32.683350][ T353] __x64_sys_exit_group+0x43/0x50
[ 32.688421][ T353] x64_sys_call+0x2ed2/0x2ee0
[ 32.693107][ T353] do_syscall_64+0x58/0xf0
[ 32.697571][ T353] ? clear_bhb_loop+0x50/0xa0
[ 32.702277][ T353] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 32.708341][ T353] RIP: 0033:0x7faabe06bc49
[ 32.712771][ T353] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 32.719897][ T353] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 32.728467][ T353] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 32.736571][ T353] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 32.744676][ T353] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[pid 353] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=353, si_uid=0, si_status=0, si_utime=0, si_stime=31} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 354
./strace-static-x86_64: Process 354 attached
[pid 354] set_robust_list(0x55557d82d660, 24) = 0
[pid 354] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 354] setpgid(0, 0) = 0
[pid 354] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 354] write(3, "1000", 4) = 4
[pid 354] close(3) = 0
executing program
[pid 354] write(1, "executing program\n", 18) = 18
[pid 354] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 354] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 354] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 354] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 354] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 354] exit_group(0) = ?
[ 32.752663][ T353] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[ 32.760799][ T353] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 32.768816][ T353]
[ 32.771845][ T353] ---[ end trace 0000000000000000 ]---
[ 32.804194][ T354] ------------[ cut here ]------------
[ 32.809772][ T354] WARNING: CPU: 0 PID: 354 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 32.819702][ T354] Modules linked in:
[ 32.823644][ T354] CPU: 0 UID: 0 PID: 354 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 32.839675][ T354] Tainted: [W]=WARN
[ 32.843534][ T354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 32.853662][ T354] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 32.859594][ T354] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 32.880303][ T354] RSP: 0018:ffffc9000127faa8 EFLAGS: 00010202
[ 32.886435][ T354] RAX: 1ffffd1ffff81152 RBX: ffffc900014e78e8 RCX: ffffffff816dc249
[ 32.894447][ T354] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc08a90
[ 32.902511][ T354] RBP: ffffc9000127fb10 R08: ffffe8ffffc08a97 R09: 1ffffd1ffff81152
[ 32.910524][ T354] R10: dffffc0000000000 R11: fffff91ffff81153 R12: dffffc0000000000
[ 32.918538][ T354] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc08a90
[ 32.926538][ T354] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 32.935531][ T354] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 32.942203][ T354] CR2: 000055557d82d650 CR3: 00000001212e8000 CR4: 00000000003526b0
[ 32.950224][ T354] Call Trace:
[ 32.953573][ T354]
[ 32.956510][ T354] kvm_put_kvm+0x1100/0x12b0
[ 32.961236][ T354] ? __cfi_kvm_vm_release+0x10/0x10
[ 32.966497][ T354] kvm_vm_release+0x47/0x70
[ 32.971015][ T354] __fput+0x1fb/0xa00
[ 32.975014][ T354] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 32.980564][ T354] ____fput+0x20/0x30
[ 32.984793][ T354] task_work_run+0x1e0/0x250
[ 32.989432][ T354] ? __cfi_task_work_run+0x10/0x10
[ 32.994719][ T354] ? __kasan_check_write+0x18/0x20
[ 32.999923][ T354] do_exit+0x9bc/0x2630
[ 33.004112][ T354] ? __cfi_do_exit+0x10/0x10
[ 33.008708][ T354] ? __kasan_check_write+0x18/0x20
[ 33.013979][ T354] ? _raw_spin_lock_irq+0x8d/0x120
[ 33.019124][ T354] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 33.024734][ T354] ? zap_other_threads+0x334/0x370
[ 33.029863][ T354] do_group_exit+0x22a/0x300
[ 33.034763][ T354] __x64_sys_exit_group+0x43/0x50
[ 33.039891][ T354] x64_sys_call+0x2ed2/0x2ee0
[ 33.044638][ T354] do_syscall_64+0x58/0xf0
[ 33.049070][ T354] ? clear_bhb_loop+0x50/0xa0
[ 33.053908][ T354] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 33.059808][ T354] RIP: 0033:0x7faabe06bc49
[ 33.064263][ T354] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 33.071284][ T354] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 33.079798][ T354] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 33.087815][ T354] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 33.095944][ T354] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[pid 354] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=354, si_uid=0, si_status=0, si_utime=0, si_stime=30} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 355
./strace-static-x86_64: Process 355 attached
[pid 355] set_robust_list(0x55557d82d660, 24) = 0
[pid 355] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 355] setpgid(0, 0) = 0
[pid 355] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 355] write(3, "1000", 4) = 4
[pid 355] close(3) = 0
executing program
[pid 355] write(1, "executing program\n", 18) = 18
[pid 355] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 355] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 355] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 355] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 355] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 355] exit_group(0) = ?
[ 33.103949][ T354] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[ 33.111925][ T354] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 33.120308][ T354]
[ 33.123410][ T354] ---[ end trace 0000000000000000 ]---
[pid 355] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=355, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 356 attached
, child_tidptr=0x55557d82d650) = 356
[pid 356] set_robust_list(0x55557d82d660, 24) = 0
[pid 356] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 356] setpgid(0, 0) = 0
[pid 356] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 356] write(3, "1000", 4) = 4
[pid 356] close(3) = 0
[pid 356] write(1, "executing program\n", 18executing program
) = 18
[pid 356] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 356] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 356] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 356] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 356] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 356] exit_group(0) = ?
[ 33.234078][ T356] ------------[ cut here ]------------
[ 33.239547][ T356] WARNING: CPU: 0 PID: 356 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 33.249390][ T356] Modules linked in:
[ 33.253510][ T356] CPU: 0 UID: 0 PID: 356 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 33.269171][ T356] Tainted: [W]=WARN
[ 33.272970][ T356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 33.283151][ T356] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 33.289173][ T356] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 33.308907][ T356] RSP: 0018:ffffc9000125faa8 EFLAGS: 00010202
[ 33.315032][ T356] RAX: 1ffffd1ffff81182 RBX: ffffc900014fd8e8 RCX: ffffffff816dc249
[ 33.323032][ T356] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc08c10
[ 33.331055][ T356] RBP: ffffc9000125fb10 R08: ffffe8ffffc08c17 R09: 1ffffd1ffff81182
[ 33.339063][ T356] R10: dffffc0000000000 R11: fffff91ffff81183 R12: dffffc0000000000
[ 33.347080][ T356] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc08c10
[ 33.355079][ T356] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 33.364161][ T356] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 33.370750][ T356] CR2: 00007faabe095290 CR3: 0000000130130000 CR4: 00000000003526b0
[ 33.378841][ T356] Call Trace:
[ 33.382142][ T356]
[ 33.385125][ T356] kvm_put_kvm+0x1100/0x12b0
[ 33.389774][ T356] ? __cfi_kvm_vm_release+0x10/0x10
[ 33.394997][ T356] kvm_vm_release+0x47/0x70
[ 33.399505][ T356] __fput+0x1fb/0xa00
[ 33.403521][ T356] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 33.409078][ T356] ____fput+0x20/0x30
[ 33.413050][ T356] task_work_run+0x1e0/0x250
[ 33.417662][ T356] ? __cfi_task_work_run+0x10/0x10
[ 33.422780][ T356] ? __kasan_check_write+0x18/0x20
[ 33.428083][ T356] do_exit+0x9bc/0x2630
[ 33.432366][ T356] ? __cfi_do_exit+0x10/0x10
[ 33.436987][ T356] ? __kasan_check_write+0x18/0x20
[ 33.442211][ T356] ? _raw_spin_lock_irq+0x8d/0x120
[ 33.447371][ T356] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 33.452924][ T356] ? zap_other_threads+0x334/0x370
[ 33.458085][ T356] do_group_exit+0x22a/0x300
[ 33.462679][ T356] __x64_sys_exit_group+0x43/0x50
[ 33.467773][ T356] x64_sys_call+0x2ed2/0x2ee0
[ 33.472454][ T356] do_syscall_64+0x58/0xf0
[ 33.477236][ T356] ? clear_bhb_loop+0x50/0xa0
[ 33.482021][ T356] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 33.487953][ T356] RIP: 0033:0x7faabe06bc49
[ 33.492456][ T356] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 33.499511][ T356] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 33.508045][ T356] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 33.516144][ T356] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 33.524185][ T356] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[pid 356] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=356, si_uid=0, si_status=0, si_utime=0, si_stime=30} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 357
./strace-static-x86_64: Process 357 attached
[pid 357] set_robust_list(0x55557d82d660, 24) = 0
[pid 357] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 357] setpgid(0, 0) = 0
[pid 357] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 357] write(3, "1000", 4) = 4
[pid 357] close(3) = 0
[pid 357] write(1, "executing program\n", 18executing program
) = 18
[pid 357] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 357] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 357] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 357] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 357] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 357] exit_group(0) = ?
[ 33.532252][ T356] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[ 33.540398][ T356] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 33.548433][ T356]
[ 33.551444][ T356] ---[ end trace 0000000000000000 ]---
[ 33.594100][ T357] ------------[ cut here ]------------
[ 33.599575][ T357] WARNING: CPU: 1 PID: 357 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 33.609603][ T357] Modules linked in:
[ 33.613544][ T357] CPU: 1 UID: 0 PID: 357 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 33.628903][ T357] Tainted: [W]=WARN
[ 33.632714][ T357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 33.643150][ T357] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 33.649198][ T357] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 33.668856][ T357] RSP: 0018:ffffc9000122faa8 EFLAGS: 00010202
[ 33.674994][ T357] RAX: 1ffffd1ffff811b2 RBX: ffffc900015088e8 RCX: ffffffff816dc249
[ 33.682965][ T357] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc08d90
[ 33.690952][ T357] RBP: ffffc9000122fb10 R08: ffffe8ffffc08d97 R09: 1ffffd1ffff811b2
[ 33.699038][ T357] R10: dffffc0000000000 R11: fffff91ffff811b3 R12: dffffc0000000000
[ 33.707088][ T357] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc08d90
[ 33.715146][ T357] FS: 0000000000000000(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 33.724304][ T357] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 33.730890][ T357] CR2: 000055557d82d650 CR3: 0000000130130000 CR4: 00000000003526b0
[ 33.738991][ T357] Call Trace:
[ 33.742356][ T357]
[ 33.745326][ T357] kvm_put_kvm+0x1100/0x12b0
[ 33.749935][ T357] ? __cfi_kvm_vm_release+0x10/0x10
[ 33.755190][ T357] kvm_vm_release+0x47/0x70
[ 33.759786][ T357] __fput+0x1fb/0xa00
[ 33.763805][ T357] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 33.769460][ T357] ____fput+0x20/0x30
[ 33.773447][ T357] task_work_run+0x1e0/0x250
[ 33.778092][ T357] ? __cfi_task_work_run+0x10/0x10
[ 33.783209][ T357] ? __kasan_check_write+0x18/0x20
[ 33.788386][ T357] do_exit+0x9bc/0x2630
[ 33.792544][ T357] ? __cfi_do_exit+0x10/0x10
[ 33.797169][ T357] ? __kasan_check_write+0x18/0x20
[ 33.802290][ T357] ? _raw_spin_lock_irq+0x8d/0x120
[ 33.807432][ T357] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 33.812998][ T357] ? zap_other_threads+0x334/0x370
[ 33.818140][ T357] do_group_exit+0x22a/0x300
[ 33.822738][ T357] __x64_sys_exit_group+0x43/0x50
[ 33.827784][ T357] x64_sys_call+0x2ed2/0x2ee0
[ 33.832463][ T357] do_syscall_64+0x58/0xf0
[ 33.836918][ T357] ? clear_bhb_loop+0x50/0xa0
[ 33.841593][ T357] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 33.847521][ T357] RIP: 0033:0x7faabe06bc49
[ 33.852022][ T357] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 33.859230][ T357] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 33.867694][ T357] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 33.875713][ T357] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 33.883743][ T357] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[pid 357] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=357, si_uid=0, si_status=0, si_utime=0, si_stime=30} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 358
./strace-static-x86_64: Process 358 attached
[pid 358] set_robust_list(0x55557d82d660, 24) = 0
[pid 358] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 358] setpgid(0, 0) = 0
[pid 358] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 358] write(3, "1000", 4) = 4
[pid 358] close(3) = 0
[pid 358] write(1, "executing program\n", 18executing program
) = 18
[pid 358] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 358] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 358] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 358] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 358] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 358] exit_group(0) = ?
[ 33.891985][ T357] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[ 33.899998][ T357] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 33.908039][ T357]
[ 33.911147][ T357] ---[ end trace 0000000000000000 ]---
[ 33.954086][ T358] ------------[ cut here ]------------
[ 33.959579][ T358] WARNING: CPU: 1 PID: 358 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 33.969387][ T358] Modules linked in:
[ 33.973302][ T358] CPU: 1 UID: 0 PID: 358 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 33.988642][ T358] Tainted: [W]=WARN
[ 33.992445][ T358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 34.002612][ T358] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 34.008550][ T358] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 34.028295][ T358] RSP: 0018:ffffc9000125faa8 EFLAGS: 00010202
[ 34.034407][ T358] RAX: 1ffffd1ffff811e2 RBX: ffffc900015138e8 RCX: ffffffff816dc249
[ 34.042554][ T358] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc08f10
[ 34.050567][ T358] RBP: ffffc9000125fb10 R08: ffffe8ffffc08f17 R09: 1ffffd1ffff811e2
[ 34.058575][ T358] R10: dffffc0000000000 R11: fffff91ffff811e3 R12: dffffc0000000000
[ 34.066581][ T358] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc08f10
[ 34.074696][ T358] FS: 0000000000000000(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 34.084043][ T358] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 34.091254][ T358] CR2: 00007faabe0e7110 CR3: 00000001212e8000 CR4: 00000000003526b0
[ 34.099477][ T358] Call Trace:
[ 34.102772][ T358]
[ 34.105771][ T358] kvm_put_kvm+0x1100/0x12b0
[ 34.110556][ T358] ? __cfi_kvm_vm_release+0x10/0x10
[ 34.115778][ T358] kvm_vm_release+0x47/0x70
[ 34.120304][ T358] __fput+0x1fb/0xa00
[ 34.124404][ T358] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 34.130656][ T358] ____fput+0x20/0x30
[ 34.134680][ T358] task_work_run+0x1e0/0x250
[ 34.139288][ T358] ? __cfi_task_work_run+0x10/0x10
[ 34.144425][ T358] ? __kasan_check_write+0x18/0x20
[ 34.149546][ T358] do_exit+0x9bc/0x2630
[ 34.153770][ T358] ? __cfi_do_exit+0x10/0x10
[ 34.158395][ T358] ? __kasan_check_write+0x18/0x20
[ 34.163571][ T358] ? _raw_spin_lock_irq+0x8d/0x120
[ 34.168691][ T358] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 34.174279][ T358] ? zap_other_threads+0x334/0x370
[ 34.179929][ T358] do_group_exit+0x22a/0x300
[ 34.184623][ T358] __x64_sys_exit_group+0x43/0x50
[ 34.189793][ T358] x64_sys_call+0x2ed2/0x2ee0
[ 34.194541][ T358] do_syscall_64+0x58/0xf0
[ 34.198981][ T358] ? clear_bhb_loop+0x50/0xa0
[ 34.203753][ T358] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 34.209780][ T358] RIP: 0033:0x7faabe06bc49
[ 34.214308][ T358] Code: Unable to access opcode bytes at 0x7faabe06bc1f.
[ 34.221434][ T358] RSP: 002b:00007fff46882818 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 34.229972][ T358] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faabe06bc49
[ 34.237975][ T358] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 34.246076][ T358] RBP: 00007faabe0e62b0 R08: ffffffffffffffb8 R09: 0000000000000006
[pid 358] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=358, si_uid=0, si_status=0, si_utime=0, si_stime=29} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557d82d650) = 359
./strace-static-x86_64: Process 359 attached
[pid 359] set_robust_list(0x55557d82d660, 24) = 0
[pid 359] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 359] setpgid(0, 0) = 0
[pid 359] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 359] write(3, "1000", 4) = 4
[pid 359] close(3) = 0
executing program
[pid 359] write(1, "executing program\n", 18) = 18
[pid 359] openat(AT_FDCWD, "/dev/kvm", O_RDONLY) = 3
[pid 359] ioctl(3, KVM_CREATE_VM, 0) = 4
[pid 359] eventfd2(6, EFD_CLOEXEC|EFD_NONBLOCK) = 5
[pid 359] ioctl(4, KVM_HYPERV_EVENTFD, 0) = -1 EFAULT (Bad address)
[pid 359] ioctl(4, KVM_IOEVENTFD, 0x200000000040) = 0
[pid 359] exit_group(0) = ?
[ 34.254103][ T358] R10: 0000000000000006 R11: 0000000000000246 R12: 00007faabe0e62b0
[ 34.262151][ T358] R13: 0000000000000000 R14: 00007faabe0e6d00 R15: 00007faabe03ce90
[ 34.270209][ T358]
[ 34.273228][ T358] ---[ end trace 0000000000000000 ]---
[ 34.314091][ T359] ------------[ cut here ]------------
[ 34.319568][ T359] WARNING: CPU: 0 PID: 359 at kernel/rcu/srcutree.c:664 cleanup_srcu_struct+0x3e9/0x4c0
[ 34.329458][ T359] Modules linked in:
[ 34.333365][ T359] CPU: 0 UID: 0 PID: 359 Comm: syz-executor244 Tainted: G W 6.12.38-syzkaller-g3f3a5c5e782d #0 c9247809a66a5ebb3467d1c2e99b1dedbd707993
[ 34.348723][ T359] Tainted: [W]=WARN
[ 34.352539][ T359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 34.362727][ T359] RIP: 0010:cleanup_srcu_struct+0x3e9/0x4c0
[ 34.368740][ T359] Code: 00 48 8b 5d a0 74 08 48 89 df e8 12 43 6e 00 48 c7 03 00 00 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b eb e8 0f 0b eb e4 0f 0b eb e0 0f 0b eb 0e 0f 0b 4c 8b 75 d0
[ 34.388878][ T359] RSP: 0018:ffffc9000125faa8 EFLAGS: 00010202
[ 34.395278][ T359] RAX: 1ffffd1ffff81212 RBX: ffffc9000151e8e8 RCX: ffffffff816dc249
[ 34.403378][ T359] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffe8ffffc09090
[ 34.411949][ T359] RBP: ffffc9000125fb10 R08: ffffe8ffffc09097 R09: 1ffffd1ffff81212
[ 34.420140][ T359] R10: dffffc0000000000 R11: fffff91ffff81213 R12: dffffc0000000000
[ 34.428334][ T359] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffe8ffffc09090
[ 34.436733][ T359] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 34.445756][ T359] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 34.452462][ T359] CR2: 00007faabe0b601d CR3: 0000000130130000 CR4: 00000000003526b0
[ 34.460514][ T359] Call Trace:
[ 34.463845][ T359]
[ 34.466772][ T359] kvm_put_kvm+0x1100/0x12b0
[ 34.471365][ T359] ? __cfi_kvm_vm_release+0x10/0x10
[ 34.477188][ T359] kvm_vm_release+0x47/0x70
[ 34.481706][ T359] __fput+0x1fb/0xa00
[ 34.485887][ T359] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 34.491458][ T359] ____fput+0x20/0x30
[ 34.495559][ T359] task_work_run+0x1e0/0x250
[ 34.500272][ T359] ? __cfi_task_work_run+0x10/0x10
[ 34.505434][ T359] ? __kasan_check_write+0x18/0x20
[ 34.510568][ T359] do_exit+0x9bc/0x2630