./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1310345570

<...>
Warning: Permanently added '10.128.0.164' (ECDSA) to the list of known hosts.
execve("./syz-executor1310345570", ["./syz-executor1310345570"], 0x7ffea6946c30 /* 10 vars */) = 0
brk(NULL)                               = 0x5555565d4000
brk(0x5555565d4c40)                     = 0x5555565d4c40
arch_prctl(ARCH_SET_FS, 0x5555565d4300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
set_tid_address(0x5555565d45d0)         = 3614
set_robust_list(0x5555565d45e0, 24)     = 0
rt_sigaction(SIGRTMIN, {sa_handler=0x7f1264205f50, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f1264206620}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=0x7f1264205ff0, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1264206620}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1310345570", 4096) = 28
brk(0x5555565f5c40)                     = 0x5555565f5c40
brk(0x5555565f6000)                     = 0x5555565f6000
mprotect(0x7f12642c6000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
futex(0x7f12642cc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f12641d6000
mprotect(0x7f12641d7000, 131072, PROT_READ|PROT_WRITE) = 0
clone(child_stack=0x7f12641f63f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3615], tls=0x7f12641f6700, child_tidptr=0x7f12641f69d0) = 3615
futex(0x7f12642cc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
futex(0x7f12642cc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3615 attached
 <unfinished ...>
[pid  3615] set_robust_list(0x7f12641f69e0, 24) = 0
[pid  3615] unshare(CLONE_FILES|CLONE_NEWIPC) = 0
[pid  3615] futex(0x7f12642cc3ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3614] <... futex resumed>)        = 0
[pid  3614] futex(0x7f12642cc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3614] futex(0x7f12642cc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3615] <... futex resumed>)        = 1
[pid  3615] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_PERCPU_HASH, key_size=1, value_size=9, max_entries=2, map_flags=BPF_F_NO_PREALLOC|BPF_F_ZERO_SEED|BPF_F_WRONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid  3615] futex(0x7f12642cc3ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3614] <... futex resumed>)        = 0
[pid  3614] futex(0x7f12642cc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3614] futex(0x7f12642cc3fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3614] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f12641b5000
[pid  3614] mprotect(0x7f12641b6000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3614] clone(child_stack=0x7f12641d53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3616], tls=0x7f12641d5700, child_tidptr=0x7f12641d59d0) = 3616
[pid  3614] futex(0x7f12642cc3f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3614] futex(0x7f12642cc3fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3615] <... futex resumed>)        = 1
[pid  3615] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address)
[pid  3615] futex(0x7f12642cc3ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3615] futex(0x7f12642cc3e8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 3616 attached
 <unfinished ...>
[pid  3616] set_robust_list(0x7f12641d59e0, 24) = 0
[pid  3616] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_LRU_PERCPU_HASH, key_size=22, value_size=8, max_entries=127, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid  3616] futex(0x7f12642cc3fc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3614] <... futex resumed>)        = 0
[pid  3614] futex(0x7f12642cc3e8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3614] futex(0x7f12642cc3ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
[pid  3615] <... futex resumed>)        = 0
[pid  3615] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=7, insns=0x200000c0, license="GPL", log_level=4, log_size=238, log_buf="", kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 128 <unfinished ...>
[pid  3616] <... futex resumed>)        = 1
syzkaller login: [   49.784459][ T3615] ------------[ cut here ]------------
[   49.790310][ T3615] trace type BPF program uses run-time allocation
[   49.796924][ T3615] WARNING: CPU: 0 PID: 3615 at kernel/bpf/verifier.c:12517 bpf_check+0xb1d9/0xbbc0
[   49.806575][ T3615] Modules linked in:
[   49.810600][ T3615] CPU: 1 PID: 3615 Comm: syz-executor131 Not tainted 5.19.0-rc8-syzkaller-00119-g5121db6afb99 #0
[   49.821388][ T3615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[   49.831596][ T3615] RIP: 0010:bpf_check+0xb1d9/0xbbc0
[   49.836840][ T3615] Code: ff ff e8 2a 65 38 00 8b 95 18 fe ff ff e9 83 cc ff ff e8 2a 87 eb ff 48 c7 c7 e0 4a d4 89 c6 05 f3 06 18 0c 01 e8 f6 ab a3 07 <0f> 0b e9 ac c3 ff ff 48 89 cf e8 88 64 38 00 e9 fe 72 ff ff e8 5e
[   49.856603][ T3615] RSP: 0018:ffffc90002fff8a8 EFLAGS: 00010286
[   49.862801][ T3615] RAX: 0000000000000000 RBX: 0000000000000011 RCX: 0000000000000000
[   49.870856][ T3615] RDX: ffff88801dd79d80 RSI: ffffffff8160d118 RDI: fffff520005fff07
[   49.878841][ T3615] RBP: ffffc90002fffb10 R08: 0000000000000005 R09: 0000000000000000
[   49.886863][ T3615] R10: 0000000080000000 R11: 0000000000000001 R12: ffff88807c925800
[   49.894984][ T3615] R13: dffffc0000000000 R14: ffffc90000ace058 R15: 0000000000000002
[   49.903003][ T3615] FS:  00007f12641f6700(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
[   49.911979][ T3615] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   49.918574][ T3615] CR2: 0000000000000000 CR3: 000000007cf7b000 CR4: 00000000003506f0
[   49.926588][ T3615] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   49.934618][ T3615] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   49.942668][ T3615] Call Trace:
[   49.945952][ T3615]  <TASK>
[   49.948992][ T3615]  ? bpf_get_btf_vmlinux+0x10/0x10
[   49.954144][ T3615]  ? lock_downgrade+0x6e0/0x6e0
[   49.959048][ T3615]  ? __might_fault+0xd1/0x170
[   49.963742][ T3615]  ? lock_downgrade+0x6e0/0x6e0
[   49.968614][ T3615]  ? ktime_get_with_offset+0x3f2/0x500
[   49.974515][ T3615]  ? memset+0x20/0x40
[   49.978524][ T3615]  ? bpf_obj_name_cpy+0x144/0x1a0
[   49.983601][ T3615]  bpf_prog_load+0xfb2/0x2250
[   49.988310][ T3615]  ? __bpf_prog_put.constprop.0+0x220/0x220
[   49.994266][ T3615]  ? find_held_lock+0x2d/0x110
[   49.999071][ T3615]  ? __might_fault+0xd1/0x170
[   50.003743][ T3615]  ? lock_downgrade+0x6e0/0x6e0
[   50.008595][ T3615]  ? bpf_lsm_bpf+0x5/0x10
[   50.012972][ T3615]  __sys_bpf+0x11a1/0x5700
[   50.017433][ T3615]  ? lock_release+0x780/0x780
[   50.022154][ T3615]  ? ptrace_stop.part.0+0x4f0/0xa80
[   50.027366][ T3615]  ? bpf_perf_link_attach+0x520/0x520
[   50.032780][ T3615]  ? do_raw_spin_lock+0x120/0x2a0
[   50.037841][ T3615]  ? rwlock_bug.part.0+0x90/0x90
[   50.042842][ T3615]  ? _raw_spin_lock_irq+0x41/0x50
[   50.047896][ T3615]  ? find_held_lock+0x2d/0x110
[   50.052738][ T3615]  ? _raw_spin_unlock_irq+0x1f/0x40
[   50.057953][ T3615]  ? _raw_spin_unlock_irq+0x1f/0x40
[   50.063214][ T3615]  ? lockdep_hardirqs_on+0x79/0x100
[   50.068427][ T3615]  __x64_sys_bpf+0x75/0xb0
[   50.072887][ T3615]  do_syscall_64+0x35/0xb0
[   50.077322][ T3615]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   50.083498][ T3615] RIP: 0033:0x7f1264243fb9
[   50.087941][ T3615] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   50.107631][ T3615] RSP: 002b:00007f12641f6318 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   50.116171][ T3615] RAX: ffffffffffffffda RBX: 00007f12642cc3e8 RCX: 00007f1264243fb9
[   50.124384][ T3615] RDX: 0000000000000080 RSI: 0000000020000440 RDI: 0000000000000005
[   50.132435][ T3615] RBP: 00007f12642cc3e0 R08: 0000000000000000 R09: 0000000000000000
[   50.140449][ T3615] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f126429a004
[   50.148420][ T3615] R13: 00007ffd266b27df R14: 00007f12641f6400 R15: 0000000000022000
[   50.156471][ T3615]  </TASK>
[   50.159534][ T3615] Kernel panic - not syncing: panic_on_warn set ...
[   50.166131][ T3615] CPU: 0 PID: 3615 Comm: syz-executor131 Not tainted 5.19.0-rc8-syzkaller-00119-g5121db6afb99 #0
[   50.176613][ T3615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[   50.186663][ T3615] Call Trace:
[   50.189949][ T3615]  <TASK>
[   50.192869][ T3615]  dump_stack_lvl+0xcd/0x134
[   50.197456][ T3615]  panic+0x2d7/0x636
[   50.201343][ T3615]  ? panic_print_sys_info.part.0+0x10b/0x10b
[   50.207317][ T3615]  ? __warn.cold+0x1d1/0x2c5
[   50.211895][ T3615]  ? bpf_check+0xb1d9/0xbbc0
[   50.216477][ T3615]  __warn.cold+0x1e2/0x2c5
[   50.220889][ T3615]  ? bpf_check+0xb1d9/0xbbc0
[   50.225475][ T3615]  report_bug+0x1bc/0x210
[   50.229807][ T3615]  handle_bug+0x3c/0x60
[   50.233956][ T3615]  exc_invalid_op+0x14/0x40
[   50.238453][ T3615]  asm_exc_invalid_op+0x16/0x20
[   50.243295][ T3615] RIP: 0010:bpf_check+0xb1d9/0xbbc0
[   50.248484][ T3615] Code: ff ff e8 2a 65 38 00 8b 95 18 fe ff ff e9 83 cc ff ff e8 2a 87 eb ff 48 c7 c7 e0 4a d4 89 c6 05 f3 06 18 0c 01 e8 f6 ab a3 07 <0f> 0b e9 ac c3 ff ff 48 89 cf e8 88 64 38 00 e9 fe 72 ff ff e8 5e
[   50.268183][ T3615] RSP: 0018:ffffc90002fff8a8 EFLAGS: 00010286
[   50.274235][ T3615] RAX: 0000000000000000 RBX: 0000000000000011 RCX: 0000000000000000
[   50.282192][ T3615] RDX: ffff88801dd79d80 RSI: ffffffff8160d118 RDI: fffff520005fff07
[   50.290201][ T3615] RBP: ffffc90002fffb10 R08: 0000000000000005 R09: 0000000000000000
[   50.298160][ T3615] R10: 0000000080000000 R11: 0000000000000001 R12: ffff88807c925800
[   50.306117][ T3615] R13: dffffc0000000000 R14: ffffc90000ace058 R15: 0000000000000002
[   50.314085][ T3615]  ? vprintk+0x88/0x90
[   50.318156][ T3615]  ? bpf_check+0xb1d9/0xbbc0
[   50.322752][ T3615]  ? bpf_get_btf_vmlinux+0x10/0x10
[   50.327856][ T3615]  ? lock_downgrade+0x6e0/0x6e0
[   50.332699][ T3615]  ? __might_fault+0xd1/0x170
[   50.337371][ T3615]  ? lock_downgrade+0x6e0/0x6e0
[   50.342213][ T3615]  ? ktime_get_with_offset+0x3f2/0x500
[   50.347665][ T3615]  ? memset+0x20/0x40
[   50.351637][ T3615]  ? bpf_obj_name_cpy+0x144/0x1a0
[   50.356656][ T3615]  bpf_prog_load+0xfb2/0x2250
[   50.361328][ T3615]  ? __bpf_prog_put.constprop.0+0x220/0x220
[   50.367214][ T3615]  ? find_held_lock+0x2d/0x110
[   50.371970][ T3615]  ? __might_fault+0xd1/0x170
[   50.376635][ T3615]  ? lock_downgrade+0x6e0/0x6e0
[   50.381484][ T3615]  ? bpf_lsm_bpf+0x5/0x10
[   50.385804][ T3615]  __sys_bpf+0x11a1/0x5700
[   50.390210][ T3615]  ? lock_release+0x780/0x780
[   50.394873][ T3615]  ? ptrace_stop.part.0+0x4f0/0xa80
[   50.400063][ T3615]  ? bpf_perf_link_attach+0x520/0x520
[   50.405430][ T3615]  ? do_raw_spin_lock+0x120/0x2a0
[   50.410442][ T3615]  ? rwlock_bug.part.0+0x90/0x90
[   50.415368][ T3615]  ? _raw_spin_lock_irq+0x41/0x50
[   50.420388][ T3615]  ? find_held_lock+0x2d/0x110
[   50.425152][ T3615]  ? _raw_spin_unlock_irq+0x1f/0x40
[   50.430338][ T3615]  ? _raw_spin_unlock_irq+0x1f/0x40
[   50.435524][ T3615]  ? lockdep_hardirqs_on+0x79/0x100
[   50.440712][ T3615]  __x64_sys_bpf+0x75/0xb0
[   50.445121][ T3615]  do_syscall_64+0x35/0xb0
[   50.449530][ T3615]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   50.455413][ T3615] RIP: 0033:0x7f1264243fb9
[   50.459818][ T3615] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   50.479414][ T3615] RSP: 002b:00007f12641f6318 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   50.487813][ T3615] RAX: ffffffffffffffda RBX: 00007f12642cc3e8 RCX: 00007f1264243fb9
[   50.495777][ T3615] RDX: 0000000000000080 RSI: 0000000020000440 RDI: 0000000000000005
[   50.503737][ T3615] RBP: 00007f12642cc3e0 R08: 0000000000000000 R09: 0000000000000000
[   50.511693][ T3615] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f126429a004
[   50.519654][ T3615] R13: 00007ffd266b27df R14: 00007f12641f6400 R15: 0000000000022000
[   50.527624][ T3615]  </TASK>
[   50.530877][ T3615] Kernel Offset: disabled
[   50.535271][ T3615] Rebooting in 86400 seconds..