./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3024161956
<...>
Warning: Permanently added '10.128.0.42' (ED25519) to the list of known hosts.
execve("./syz-executor3024161956", ["./syz-executor3024161956"], 0x7fff061c1a80 /* 10 vars */) = 0
brk(NULL) = 0x55556efa0000
brk(0x55556efa0d00) = 0x55556efa0d00
arch_prctl(ARCH_SET_FS, 0x55556efa0380) = 0
set_tid_address(0x55556efa0650) = 5849
set_robust_list(0x55556efa0660, 24) = 0
rseq(0x55556efa0ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3024161956", 4096) = 28
getrandom("\x23\x81\xfe\x99\x57\x79\xea\xd1", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55556efa0d00
brk(0x55556efc1d00) = 0x55556efc1d00
brk(0x55556efc2000) = 0x55556efc2000
mprotect(0x7f0e791ae000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
write(1, "executing program\n", 18executing program
) = 18
openat(AT_FDCWD, "/dev/kvm", O_RDWR) = 3
ioctl(3, KVM_CREATE_VM, 0) = 4
ioctl(4, KVM_CREATE_VCPU, 7) = 5
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=0, flags=0, guest_phys_addr=0, memory_size=4096, userspace_addr=0x200000fe8000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=1, flags=0, guest_phys_addr=0x1000, memory_size=4096, userspace_addr=0x200000fe9000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=2, flags=0, guest_phys_addr=0x2000, memory_size=4096, userspace_addr=0x200000fea000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=3, flags=0, guest_phys_addr=0x3000, memory_size=4096, userspace_addr=0x200000feb000}) = 0
[ 88.504160][ T5849] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=4, flags=0, guest_phys_addr=0x4000, memory_size=4096, userspace_addr=0x200000fec000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=5, flags=0, guest_phys_addr=0x5000, memory_size=4096, userspace_addr=0x200000fed000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=6, flags=0, guest_phys_addr=0x6000, memory_size=4096, userspace_addr=0x200000fee000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=7, flags=0, guest_phys_addr=0x7000, memory_size=4096, userspace_addr=0x200000fef000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=8, flags=0, guest_phys_addr=0x8000, memory_size=4096, userspace_addr=0x200000ff0000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=9, flags=0, guest_phys_addr=0x9000, memory_size=4096, userspace_addr=0x200000ff1000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=10, flags=0, guest_phys_addr=0xfec00000, memory_size=4096, userspace_addr=0x200000ff2000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=11, flags=0, guest_phys_addr=0xb000, memory_size=4096, userspace_addr=0x200000ff3000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=12, flags=0, guest_phys_addr=0xc000, memory_size=4096, userspace_addr=0x200000ff4000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=13, flags=0, guest_phys_addr=0xd000, memory_size=4096, userspace_addr=0x200000ff5000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=14, flags=0, guest_phys_addr=0xe000, memory_size=4096, userspace_addr=0x200000ff6000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=15, flags=0, guest_phys_addr=0xf000, memory_size=4096, userspace_addr=0x200000ff7000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=16, flags=0, guest_phys_addr=0x10000, memory_size=4096, userspace_addr=0x200000ff8000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=17, flags=0, guest_phys_addr=0x11000, memory_size=4096, userspace_addr=0x200000ff9000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=18, flags=0, guest_phys_addr=0x12000, memory_size=4096, userspace_addr=0x200000ffa000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=19, flags=0, guest_phys_addr=0x13000, memory_size=4096, userspace_addr=0x200000ffb000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=20, flags=0, guest_phys_addr=0x14000, memory_size=4096, userspace_addr=0x200000ffc000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=21, flags=0, guest_phys_addr=0x15000, memory_size=4096, userspace_addr=0x200000ffd000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=22, flags=0, guest_phys_addr=0x16000, memory_size=4096, userspace_addr=0x200000ffe000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=23, flags=0, guest_phys_addr=0x17000, memory_size=4096, userspace_addr=0x200000fff000}) = 0
ioctl(4, KVM_SET_USER_MEMORY_REGION, {slot=65537, flags=0, guest_phys_addr=0x30000, memory_size=65536, userspace_addr=0x200000fe8000}) = -1 EINVAL (Invalid argument)
ioctl(5, KVM_GET_SREGS, {cs={base=0xffff0000, limit=65535, selector=61440, type=11, present=1, dpl=0, db=0, s=1, l=0, g=0, avl=0}, ...}) = 0
openat(AT_FDCWD, "/dev/kvm", O_RDWR) = 6
ioctl(6, KVM_GET_SUPPORTED_CPUID, {nent=31, entries=[...]}) = 0
ioctl(5, KVM_SET_CPUID2, {nent=31, entries=[...]}) = 0
close(6) = 0
ioctl(5, KVM_SET_MSRS, 0x7ffef21f9910) = 5
ioctl(5, KVM_SET_SREGS, {cs={base=0, limit=1048575, selector=48, type=11, present=1, dpl=0, db=1, s=1, l=0, g=0, avl=0}, ...}) = 0
ioctl(5, KVM_SET_REGS, {rax=0, ..., rsp=0xf80, rbp=0, ..., rip=0, rflags=0x2}) = 0
ioctl(5, KVM_SET_REGS, {rax=0x3, ..., rsp=0x8000000000000001, rbp=0x80000001, ..., rip=0, rflags=0x2280}) = 0
ioctl(5, KVM_RUN, 0) = 0
socket(AF_PACKET, SOCK_RAW, htons(0 /* ETH_P_??? */)) = 6
mmap(0x200000fe8000, 8192, PROT_READ|PROT_EXEC, MAP_SHARED_VALIDATE|MAP_FIXED, 6, 0x836f3000) = -1 EINVAL (Invalid argument)
ioctl(5, KVM_RUN, 0) = 0
[ 88.664845][ T5849] ------------[ cut here ]------------
[ 88.670515][ T5849] WARNING: arch/x86/kvm/x86.c:11551 at kvm_arch_vcpu_ioctl_run+0x1212/0x1940, CPU#1: syz-executor302/5849
[ 88.682113][ T5849] Modules linked in:
[ 88.686174][ T5849] CPU: 1 UID: 0 PID: 5849 Comm: syz-executor302 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full)
[ 88.698169][ T5849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 88.708287][ T5849] RIP: 0010:kvm_arch_vcpu_ioctl_run+0x1212/0x1940
[ 88.715074][ T5849] Code: 10 45 85 f6 7e 3a e8 fd 44 79 00 49 bd 00 00 00 00 00 fc ff df 4c 8b 64 24 08 4c 8b 7c 24 28 e9 6e fd ff ff e8 df 44 79 00 90 <0f> 0b 90 e9 2a fd ff ff e8 d1 44 79 00 90 0f 0b 90 e9 52 fd ff ff
[ 88.734777][ T5849] RSP: 0018:ffffc90003f979e0 EFLAGS: 00010293
[ 88.740907][ T5849] RAX: ffffffff8146bc31 RBX: ffff88807cf48000 RCX: ffff888030c79e00
[ 88.748982][ T5849] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 88.757016][ T5849] RBP: ffffc90003f97c90 R08: 0000000000000000 R09: ffffffff8146ac13
[ 88.765072][ T5849] R10: dffffc0000000000 R11: fffff91ffffa438d R12: ffff88807cf480d8
[ 88.773097][ T5849] R13: dffffc0000000000 R14: 0000000000000001 R15: ffff88807461a000
[ 88.781158][ T5849] FS: 000055556efa0380(0000) GS:ffff8881258ab000(0000) knlGS:0000000000000000
[ 88.790141][ T5849] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 88.796777][ T5849] CR2: 000000000066c7e0 CR3: 0000000073cf2000 CR4: 00000000003526f0
[ 88.805344][ T5849] Call Trace:
[ 88.808634][ T5849]
[ 88.811571][ T5849] ? __mutex_trylock_common+0x153/0x260
[ 88.817207][ T5849] ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[ 88.822973][ T5849] ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[ 88.829059][ T5849] ? rcu_is_watching+0x15/0xb0
[ 88.833863][ T5849] ? trace_contention_end+0x39/0x120
[ 88.839228][ T5849] ? __mutex_lock+0x335/0x1360
[ 88.844049][ T5849] ? kasan_quarantine_put+0xdd/0x220
[ 88.849384][ T5849] ? kvm_vcpu_ioctl+0x22e/0xe90
[ 88.854270][ T5849] ? __pfx___mutex_lock+0x10/0x10
[ 88.859368][ T5849] ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 88.865100][ T5849] ? do_vfs_ioctl+0xbe8/0x1430
[ 88.870009][ T5849] ? __pfx_do_vfs_ioctl+0x10/0x10
[ 88.875115][ T5849] kvm_vcpu_ioctl+0x95c/0xe90
[ 88.879832][ T5849] ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 88.885128][ T5849] ? __pfx_ptrace_notify+0x10/0x10
[ 88.890294][ T5849] ? bpf_lsm_file_ioctl+0x9/0x20
[ 88.895306][ T5849] ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 88.900541][ T5849] __se_sys_ioctl+0xf9/0x170
[ 88.905214][ T5849] do_syscall_64+0xfa/0x3b0
[ 88.909756][ T5849] ? lockdep_hardirqs_on+0x9c/0x150
[ 88.915039][ T5849] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.921135][ T5849] ? clear_bhb_loop+0x60/0xb0
[ 88.925873][ T5849] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.931792][ T5849] RIP: 0033:0x7f0e7913b439
[ 88.936291][ T5849] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 88.956001][ T5849] RSP: 002b:00007ffef21fb468 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 88.964488][ T5849] RAX: ffffffffffffffda RBX: 00007ffef21fb648 RCX: 00007f0e7913b439
[ 88.972551][ T5849] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 88.980578][ T5849] RBP: 00007f0e791ae610 R08: 00000000836f3000 R09: 00000000836f3000
[ 88.988611][ T5849] R10: 00000000836f3000 R11: 0000000000000246 R12: 0000000000000001
[ 88.996633][ T5849] R13: 00007ffef21fb638 R14: 0000000000000001 R15: 0000000000000001
[ 89.004627][ T5849]
[ 89.007698][ T5849] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 89.015008][ T5849] CPU: 1 UID: 0 PID: 5849 Comm: syz-executor302 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full)
[ 89.026927][ T5849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 89.036988][ T5849] Call Trace:
[ 89.040277][ T5849]
[ 89.043213][ T5849] dump_stack_lvl+0x99/0x250
[ 89.047827][ T5849] ? __asan_memcpy+0x40/0x70
[ 89.052480][ T5849] ? __pfx_dump_stack_lvl+0x10/0x10
[ 89.057692][ T5849] ? __pfx__printk+0x10/0x10
[ 89.062309][ T5849] vpanic+0x281/0x750
[ 89.066306][ T5849] ? __pfx_vpanic+0x10/0x10
[ 89.070831][ T5849] ? is_bpf_text_address+0x292/0x2b0
[ 89.076134][ T5849] ? is_bpf_text_address+0x26/0x2b0
[ 89.081355][ T5849] panic+0xb9/0xc0
[ 89.085089][ T5849] ? __pfx_panic+0x10/0x10
[ 89.089550][ T5849] __warn+0x334/0x4c0
[ 89.093549][ T5849] ? kvm_arch_vcpu_ioctl_run+0x1212/0x1940
[ 89.099374][ T5849] ? kvm_arch_vcpu_ioctl_run+0x1212/0x1940
[ 89.105198][ T5849] report_bug+0x2be/0x4f0
[ 89.109546][ T5849] ? kvm_arch_vcpu_ioctl_run+0x1212/0x1940
[ 89.115400][ T5849] ? kvm_arch_vcpu_ioctl_run+0x1212/0x1940
[ 89.121231][ T5849] ? kvm_arch_vcpu_ioctl_run+0x1214/0x1940
[ 89.127071][ T5849] handle_bug+0x84/0x160
[ 89.131324][ T5849] exc_invalid_op+0x1a/0x50
[ 89.135838][ T5849] asm_exc_invalid_op+0x1a/0x20
[ 89.140702][ T5849] RIP: 0010:kvm_arch_vcpu_ioctl_run+0x1212/0x1940
[ 89.147136][ T5849] Code: 10 45 85 f6 7e 3a e8 fd 44 79 00 49 bd 00 00 00 00 00 fc ff df 4c 8b 64 24 08 4c 8b 7c 24 28 e9 6e fd ff ff e8 df 44 79 00 90 <0f> 0b 90 e9 2a fd ff ff e8 d1 44 79 00 90 0f 0b 90 e9 52 fd ff ff
[ 89.166848][ T5849] RSP: 0018:ffffc90003f979e0 EFLAGS: 00010293
[ 89.172941][ T5849] RAX: ffffffff8146bc31 RBX: ffff88807cf48000 RCX: ffff888030c79e00
[ 89.180926][ T5849] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 89.188910][ T5849] RBP: ffffc90003f97c90 R08: 0000000000000000 R09: ffffffff8146ac13
[ 89.196981][ T5849] R10: dffffc0000000000 R11: fffff91ffffa438d R12: ffff88807cf480d8
[ 89.204972][ T5849] R13: dffffc0000000000 R14: 0000000000000001 R15: ffff88807461a000
[ 89.212972][ T5849] ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[ 89.218829][ T5849] ? kvm_arch_vcpu_ioctl_run+0x1211/0x1940
[ 89.224665][ T5849] ? __mutex_trylock_common+0x153/0x260
[ 89.230232][ T5849] ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[ 89.235971][ T5849] ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[ 89.241982][ T5849] ? rcu_is_watching+0x15/0xb0
[ 89.246763][ T5849] ? trace_contention_end+0x39/0x120
[ 89.252073][ T5849] ? __mutex_lock+0x335/0x1360
[ 89.256860][ T5849] ? kasan_quarantine_put+0xdd/0x220
[ 89.262157][ T5849] ? kvm_vcpu_ioctl+0x22e/0xe90
[ 89.267035][ T5849] ? __pfx___mutex_lock+0x10/0x10
[ 89.272077][ T5849] ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 89.277721][ T5849] ? do_vfs_ioctl+0xbe8/0x1430
[ 89.282513][ T5849] ? __pfx_do_vfs_ioctl+0x10/0x10
[ 89.287551][ T5849] kvm_vcpu_ioctl+0x95c/0xe90
[ 89.292248][ T5849] ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 89.297474][ T5849] ? __pfx_ptrace_notify+0x10/0x10
[ 89.302769][ T5849] ? bpf_lsm_file_ioctl+0x9/0x20
[ 89.307706][ T5849] ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 89.312920][ T5849] __se_sys_ioctl+0xf9/0x170
[ 89.317533][ T5849] do_syscall_64+0xfa/0x3b0
[ 89.322050][ T5849] ? lockdep_hardirqs_on+0x9c/0x150
[ 89.327261][ T5849] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.333418][ T5849] ? clear_bhb_loop+0x60/0xb0
[ 89.338191][ T5849] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.344095][ T5849] RIP: 0033:0x7f0e7913b439
[ 89.348523][ T5849] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 89.368139][ T5849] RSP: 002b:00007ffef21fb468 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 89.376565][ T5849] RAX: ffffffffffffffda RBX: 00007ffef21fb648 RCX: 00007f0e7913b439
[ 89.384590][ T5849] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 89.392743][ T5849] RBP: 00007f0e791ae610 R08: 00000000836f3000 R09: 00000000836f3000
[ 89.400721][ T5849] R10: 00000000836f3000 R11: 0000000000000246 R12: 0000000000000001
[ 89.408701][ T5849] R13: 00007ffef21fb638 R14: 0000000000000001 R15: 0000000000000001
[ 89.416784][ T5849]
[ 89.420214][ T5849] Kernel Offset: disabled
[ 89.424551][ T5849] Rebooting in 86400 seconds..