./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3597439069

<...>
Warning: Permanently added '10.128.0.229' (ECDSA) to the list of known hosts.
execve("./syz-executor3597439069", ["./syz-executor3597439069"], 0x7ffeace5f150 /* 10 vars */) = 0
brk(NULL)                               = 0x55555738f000
brk(0x55555738fc40)                     = 0x55555738fc40
arch_prctl(ARCH_SET_FS, 0x55555738f300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor3597439069", 4096) = 28
brk(0x5555573b0c40)                     = 0x5555573b0c40
brk(0x5555573b1000)                     = 0x5555573b1000
mprotect(0x7faa6958d000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/dev/kvm", O_RDONLY)  = 3
ioctl(3, KVM_CREATE_VM, 0)              = 4
userfaultfd(UFFD_USER_MODE_ONLY)        = 5
ioctl(5, UFFDIO_API, {api=0xaa, features=0 => features=UFFD_FEATURE_PAGEFAULT_FLAG_WP|UFFD_FEATURE_EVENT_FORK|UFFD_FEATURE_EVENT_REMAP|UFFD_FEATURE_EVENT_REMOVE|UFFD_FEATURE_MISSING_HUGETLBFS|UFFD_FEATURE_MISSING_SHMEM|UFFD_FEATURE_EVENT_UNMAP|UFFD_FEATURE_SIGBUS|UFFD_FEATURE_THREAD_ID|UFFD_FEATURE_MINOR_HUGETLBFS|UFFD_FEATURE_MINOR_SHMEM|UFFD_FEATURE_EXACT_ADDRESS, ioctls=1<<_UFFDIO_REGISTER|1<<_UFFDIO_UNREGISTER|1<<_UFFDIO_API}) = 0
ioctl(5, UFFDIO_REGISTER, {range={start=0x200e2000, len=0xc00000}, mode=UFFDIO_REGISTER_MODE_MISSING, ioctls=1<<_UFFDIO_WAKE|1<<_UFFDIO_COPY|1<<_UFFDIO_ZEROPAGE}) = 0
ioctl(4, KVM_CREATE_VCPU, 0)            = 6
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=0, flags=0, guest_phys_addr=0, memory_size=4096, userspace_addr=0x20b7a000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=1, flags=0, guest_phys_addr=0x1000, memory_size=4096, userspace_addr=0x20b7b000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=2, flags=0, guest_phys_addr=0x2000, memory_size=4096, userspace_addr=0x20b7c000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=3, flags=0, guest_phys_addr=0x3000, memory_size=4096, userspace_addr=0x20b7d000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=4, flags=0, guest_phys_addr=0x4000, memory_size=4096, userspace_addr=0x20b7e000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=5, flags=0, guest_phys_addr=0x5000, memory_size=4096, userspace_addr=0x20b7f000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=6, flags=0, guest_phys_addr=0x6000, memory_size=4096, userspace_addr=0x20b80000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=7, flags=0, guest_phys_addr=0x7000, memory_size=4096, userspace_addr=0x20b81000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=8, flags=0, guest_phys_addr=0x8000, memory_size=4096, userspace_addr=0x20b82000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=9, flags=0, guest_phys_addr=0x9000, memory_size=4096, userspace_addr=0x20b83000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=10, flags=0, guest_phys_addr=0xfec00000, memory_size=4096, userspace_addr=0x20b84000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=11, flags=0, guest_phys_addr=0xb000, memory_size=4096, userspace_addr=0x20b85000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=12, flags=0, guest_phys_addr=0xc000, memory_size=4096, userspace_addr=0x20b86000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=13, flags=0, guest_phys_addr=0xd000, memory_size=4096, userspace_addr=0x20b87000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=14, flags=0, guest_phys_addr=0xe000, memory_size=4096, userspace_addr=0x20b88000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=15, flags=0, guest_phys_addr=0xf000, memory_size=4096, userspace_addr=0x20b89000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=16, flags=0, guest_phys_addr=0x10000, memory_size=4096, userspace_addr=0x20b8a000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=17, flags=0, guest_phys_addr=0x11000, memory_size=4096, userspace_addr=0x20b8b000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=18, flags=0, guest_phys_addr=0x12000, memory_size=4096, userspace_addr=0x20b8c000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=19, flags=0, guest_phys_addr=0x13000, memory_size=4096, userspace_addr=0x20b8d000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=20, flags=0, guest_phys_addr=0x14000, memory_size=4096, userspace_addr=0x20b8e000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=21, flags=0, guest_phys_addr=0x15000, memory_size=4096, userspace_addr=0x20b8f000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=22, flags=0, guest_phys_addr=0x16000, memory_size=4096, userspace_addr=0x20b90000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=23, flags=0, guest_phys_addr=0x17000, memory_size=4096, userspace_addr=0x20b91000}) = -1 EBADF (Bad file descriptor)
ioctl(-1, KVM_SET_USER_MEMORY_REGION, {slot=65537, flags=0, guest_phys_addr=0x30000, memory_size=65536, userspace_addr=0x20b7a000}) = -1 EBADF (Bad file descriptor)
ioctl(6, KVM_GET_SREGS, {cs={base=0xffff0000, limit=65535, selector=61440, type=11, present=1, dpl=0, db=0, s=1, l=0, g=0, avl=0}, ...}) = 0
openat(AT_FDCWD, "/dev/kvm", O_RDWR)    = 7
ioctl(7, KVM_GET_SUPPORTED_CPUID, {nent=31, entries=[...]}) = 0
ioctl(6, KVM_SET_CPUID2, {nent=31, entries=[...]}) = 0
close(7)                                = 0
ioctl(6, KVM_SET_MSRS, 0x7ffefcb0d870)  = 5
[   77.399634][ T5028] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   77.442302][ T5028] ------------[ cut here ]------------
[   77.448047][ T5028] WARNING: CPU: 0 PID: 5028 at include/linux/mmap_lock.h:71 handle_userfault+0x149b/0x27a0
[   77.458208][ T5028] Modules linked in:
[   77.462304][ T5028] CPU: 0 PID: 5028 Comm: syz-executor359 Not tainted 6.4.0-next-20230705-syzkaller #0
[   77.472125][ T5028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[   77.482475][ T5028] RIP: 0010:handle_userfault+0x149b/0x27a0
[   77.488344][ T5028] Code: ff 49 8d bc 24 a0 01 00 00 31 f6 e8 2f b9 23 08 31 ff 41 89 c5 89 c6 e8 c3 a2 87 ff 45 85 ed 0f 85 83 ed ff ff e8 95 a6 87 ff <0f> 0b e9 77 ed ff ff e8 89 a6 87 ff 49 8d bc 24 a0 01 00 00 be ff
[   77.508086][ T5028] RSP: 0000:ffffc90003a4fb68 EFLAGS: 00010293
[   77.514232][ T5028] RAX: 0000000000000000 RBX: ffffc90003a4fd88 RCX: 0000000000000000
[   77.522378][ T5028] RDX: ffff8880133bbb80 RSI: ffffffff81fd6ddb RDI: 0000000000000005
[   77.530384][ T5028] RBP: 0000000000000200 R08: 0000000000000005 R09: 0000000000000000
[   77.538424][ T5028] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88807d8e4280
[   77.546493][ T5028] R13: 0000000000000000 R14: ffff888021cb9110 R15: ffff888021cb9100
[   77.554544][ T5028] FS:  000055555738f300(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[   77.563566][ T5028] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   77.570160][ T5028] CR2: 0000000020b7d800 CR3: 0000000029d0e000 CR4: 00000000003526f0
[   77.578317][ T5028] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   77.586738][ T5028] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   77.594780][ T5028] Call Trace:
[   77.598093][ T5028]  <TASK>
[   77.601129][ T5028]  ? __warn+0xe6/0x390
[   77.605260][ T5028]  ? handle_userfault+0x149b/0x27a0
[   77.610581][ T5028]  ? report_bug+0x2da/0x500
[   77.615142][ T5028]  ? handle_bug+0x3c/0x70
[   77.619524][ T5028]  ? exc_invalid_op+0x18/0x50
[   77.624320][ T5028]  ? asm_exc_invalid_op+0x1a/0x20
[   77.629396][ T5028]  ? handle_userfault+0x149b/0x27a0
[   77.634690][ T5028]  ? handle_userfault+0x149b/0x27a0
[   77.639936][ T5028]  ? handle_userfault+0x149b/0x27a0
[   77.645238][ T5028]  ? find_held_lock+0x2d/0x110
[   77.650051][ T5028]  ? free_unref_page+0x199/0x370
[   77.655094][ T5028]  ? userfaultfd_wp_unpopulated+0xb0/0xb0
[   77.660915][ T5028]  ? __drain_all_pages+0x450/0x450
[   77.666061][ T5028]  ? do_raw_spin_unlock+0x175/0x230
[   77.671341][ T5028]  ? _raw_spin_unlock+0x28/0x40
[   77.676322][ T5028]  ? free_unref_page+0x1a3/0x370
[   77.681382][ T5028]  __handle_mm_fault+0x35ff/0x3cc0
[   77.686569][ T5028]  ? vm_iomap_memory+0x190/0x190
[   77.691606][ T5028]  ? mas_walk+0x5c7/0x7c0
[   77.696002][ T5028]  ? lock_mm_and_find_vma+0x770/0x770
[   77.701490][ T5028]  handle_mm_fault+0x3c2/0xa20
[   77.706318][ T5028]  do_user_addr_fault+0x2ed/0x13a0
[   77.711505][ T5028]  ? rcu_is_watching+0x12/0xb0
[   77.716395][ T5028]  exc_page_fault+0x98/0x170
[   77.721123][ T5028]  asm_exc_page_fault+0x26/0x30
[   77.726030][ T5028] RIP: 0033:0x7faa694e34d5
[   77.730495][ T5028] Code: 52 89 c2 01 f6 29 f2 83 fa 05 0f 87 0a 02 00 00 48 63 14 97 48 01 fa ff e2 0f 1f 40 00 4c 89 d2 66 c1 e9 03 83 c0 01 0f b7 c9 <48> 89 14 cd 00 d8 b7 20 83 f8 20 75 b6 48 8b 84 24 f0 00 00 00 f3
[   77.750345][ T5028] RSP: 002b:00007ffefcb0d8e0 EFLAGS: 00010202
[   77.756657][ T5028] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000000
[   77.764720][ T5028] RDX: 0000860000109120 RSI: 0000000000000000 RDI: 00007faa69564020
[   77.772845][ T5028] RBP: 0000000000000006 R08: 0000830000789120 R09: 00000000aaaaaaab
[   77.780992][ T5028] R10: 0000870000109120 R11: 00008f0000309120 R12: 00008b0000889120
[   77.789079][ T5028] R13: 0000000000000000 R14: 00008e0000309120 R15: 00007ffefcb0de40
[   77.797135][ T5028]  </TASK>
[   77.800185][ T5028] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   77.807467][ T5028] CPU: 0 PID: 5028 Comm: syz-executor359 Not tainted 6.4.0-next-20230705-syzkaller #0
[   77.817018][ T5028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[   77.827106][ T5028] Call Trace:
[   77.830396][ T5028]  <TASK>
[   77.833338][ T5028]  dump_stack_lvl+0xd9/0x150
[   77.838035][ T5028]  panic+0x686/0x730
[   77.841950][ T5028]  ? panic_smp_self_stop+0xa0/0xa0
[   77.847079][ T5028]  ? show_trace_log_lvl+0x284/0x390
[   77.852354][ T5028]  ? handle_userfault+0x149b/0x27a0
[   77.857588][ T5028]  check_panic_on_warn+0xb1/0xc0
[   77.862561][ T5028]  __warn+0xf2/0x390
[   77.866492][ T5028]  ? handle_userfault+0x149b/0x27a0
[   77.871720][ T5028]  report_bug+0x2da/0x500
[   77.876082][ T5028]  handle_bug+0x3c/0x70
[   77.880265][ T5028]  exc_invalid_op+0x18/0x50
[   77.884800][ T5028]  asm_exc_invalid_op+0x1a/0x20
[   77.889682][ T5028] RIP: 0010:handle_userfault+0x149b/0x27a0
[   77.895522][ T5028] Code: ff 49 8d bc 24 a0 01 00 00 31 f6 e8 2f b9 23 08 31 ff 41 89 c5 89 c6 e8 c3 a2 87 ff 45 85 ed 0f 85 83 ed ff ff e8 95 a6 87 ff <0f> 0b e9 77 ed ff ff e8 89 a6 87 ff 49 8d bc 24 a0 01 00 00 be ff
[   77.915154][ T5028] RSP: 0000:ffffc90003a4fb68 EFLAGS: 00010293
[   77.921244][ T5028] RAX: 0000000000000000 RBX: ffffc90003a4fd88 RCX: 0000000000000000
[   77.929237][ T5028] RDX: ffff8880133bbb80 RSI: ffffffff81fd6ddb RDI: 0000000000000005
[   77.937418][ T5028] RBP: 0000000000000200 R08: 0000000000000005 R09: 0000000000000000
[   77.945439][ T5028] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88807d8e4280
[   77.953449][ T5028] R13: 0000000000000000 R14: ffff888021cb9110 R15: ffff888021cb9100
[   77.961456][ T5028]  ? handle_userfault+0x149b/0x27a0
[   77.966695][ T5028]  ? handle_userfault+0x149b/0x27a0
[   77.971925][ T5028]  ? find_held_lock+0x2d/0x110
[   77.976726][ T5028]  ? free_unref_page+0x199/0x370
[   77.981703][ T5028]  ? userfaultfd_wp_unpopulated+0xb0/0xb0
[   77.987477][ T5028]  ? __drain_all_pages+0x450/0x450
[   77.992716][ T5028]  ? do_raw_spin_unlock+0x175/0x230
[   77.997983][ T5028]  ? _raw_spin_unlock+0x28/0x40
[   78.002879][ T5028]  ? free_unref_page+0x1a3/0x370
[   78.007876][ T5028]  __handle_mm_fault+0x35ff/0x3cc0
[   78.013420][ T5028]  ? vm_iomap_memory+0x190/0x190
[   78.018415][ T5028]  ? mas_walk+0x5c7/0x7c0
[   78.023061][ T5028]  ? lock_mm_and_find_vma+0x770/0x770
[   78.028494][ T5028]  handle_mm_fault+0x3c2/0xa20
[   78.033315][ T5028]  do_user_addr_fault+0x2ed/0x13a0
[   78.038456][ T5028]  ? rcu_is_watching+0x12/0xb0
[   78.043252][ T5028]  exc_page_fault+0x98/0x170
[   78.047881][ T5028]  asm_exc_page_fault+0x26/0x30
[   78.052763][ T5028] RIP: 0033:0x7faa694e34d5
[   78.057284][ T5028] Code: 52 89 c2 01 f6 29 f2 83 fa 05 0f 87 0a 02 00 00 48 63 14 97 48 01 fa ff e2 0f 1f 40 00 4c 89 d2 66 c1 e9 03 83 c0 01 0f b7 c9 <48> 89 14 cd 00 d8 b7 20 83 f8 20 75 b6 48 8b 84 24 f0 00 00 00 f3
[   78.077089][ T5028] RSP: 002b:00007ffefcb0d8e0 EFLAGS: 00010202
[   78.083278][ T5028] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000000
[   78.091272][ T5028] RDX: 0000860000109120 RSI: 0000000000000000 RDI: 00007faa69564020
[   78.099264][ T5028] RBP: 0000000000000006 R08: 0000830000789120 R09: 00000000aaaaaaab
[   78.107255][ T5028] R10: 0000870000109120 R11: 00008f0000309120 R12: 00008b0000889120
[   78.115244][ T5028] R13: 0000000000000000 R14: 00008e0000309120 R15: 00007ffefcb0de40
[   78.123251][ T5028]  </TASK>
[   78.126542][ T5028] Kernel Offset: disabled
[   78.131004][ T5028] Rebooting in 86400 seconds..