./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3667586942 <...> Warning: Permanently added '10.128.1.107' (ED25519) to the list of known hosts. execve("./syz-executor3667586942", ["./syz-executor3667586942"], 0x7ffece51f3e0 /* 10 vars */) = 0 brk(NULL) = 0x555580ab6000 brk(0x555580ab6e00) = 0x555580ab6e00 arch_prctl(ARCH_SET_FS, 0x555580ab6480) = 0 set_tid_address(0x555580ab6750) = 5833 set_robust_list(0x555580ab6760, 24) = 0 rseq(0x555580ab6da0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3667586942", 4096) = 28 getrandom("\x48\xd0\x39\x09\x6e\xbc\x68\xce", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555580ab6e00 brk(0x555580ad7e00) = 0x555580ad7e00 brk(0x555580ad8000) = 0x555580ad8000 mprotect(0x7fd3a61d5000, 16384, PROT_READ) = 0 mmap(0x3ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3ffffffff000 mmap(0x400000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400000000000 mmap(0x400001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400001000000 rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {sa_handler=0x7fd3a6132340, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7fd3a6139500}, NULL, 8) = 0 rt_sigaction(SIGBUS, {sa_handler=0x7fd3a6132340, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7fd3a6139500}, NULL, 8) = 0 executing program write(1, "executing program\n", 18) = 18 socket(AF_INET6, SOCK_STREAM, IPPROTO_IP) = 3 setsockopt(3, SOL_TCP, TCP_REPAIR, [1], 4) = 0 connect(3, {sa_family=AF_INET6, sin6_port=htons(0), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::1", &sin6_addr), sin6_scope_id=0}, 28) = 0 setsockopt(3, SOL_TCP, TCP_ULP, [7564404], 4) = 0 setsockopt(3, SOL_TCP, TCP_REPAIR_QUEUE, [1], 4) = 0 setsockopt(3, SOL_TLS, TLS_TX, "\x03\x03\x33\x00\xb3\x91\x62\xa1\xdc\x8b\x4c\x3f\x7e\xa8\xf8\x6a\xc3\x96\x96\xdc\xed\xdf\x8c\x42\x1b\xbd\xcc\x0f\x00\x00\x00\x00\xf9\x80\x9f\xe3\x9a\x1d\xaf\xc9", 40) = 0 sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="n7", iov_len=2}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 2 setsockopt(3, SOL_TLS, TLS_RX, "\x03\x03\x33\x00\x00\x00\x37\xd7\x00\x94\x00\x00\xc0\xb6\xc5\xb2\x9c\xa2\xb8\x38\xd4\x1a\xc2\xfc\x7d\xdf\x97\x2d\xe9\xbe\x1e\xae\xbb\x10\x00\x00\x00\x00\x00\x01", 40) = 0 mmap(0x400000000000, 9814016, PROT_READ|PROT_GROWSDOWN, MAP_SHARED|MAP_FIXED|MAP_ANONYMOUS|MAP_NORESERVE|MAP_POPULATE|MAP_NONBLOCK|MAP_HUGETLB|0x600280|21< 0b 90 eb 84 e8 a8 b8 31 f7 90 0f 0b 90 e9 8c fe ff ff 89 d9 80 [ 62.304702][ T5833] RSP: 0018:ffffc900040ff700 EFLAGS: 00010293 [ 62.310821][ T5833] RAX: ffffffff8a90068d RBX: ffff888033a21cdc RCX: ffff88807d520000 [ 62.318826][ T5833] RDX: 0000000000000000 RSI: 000000000000001f RDI: 0000000000000000 [ 62.326847][ T5833] RBP: ffffc900040ff7f0 R08: ffffffff8a9002fe R09: 1ffff11029ba61bc [ 62.334872][ T5833] R10: dffffc0000000000 R11: ffffed1029ba61bd R12: ffff888033a21cd0 [ 62.342859][ T5833] R13: dffffc0000000000 R14: 0000000000000000 R15: 000000000000001f [ 62.350911][ T5833] FS: 0000555580ab6480(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 62.359929][ T5833] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 62.366622][ T5833] CR2: 0000400000000218 CR3: 000000007a03a000 CR4: 00000000003526f0 [ 62.374616][ T5833] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 62.382635][ T5833] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 62.390671][ T5833] Call Trace: [ 62.393943][ T5833] [ 62.396910][ T5833] ? __warn+0x165/0x4d0 [ 62.401081][ T5833] ? tls_strp_msg_load+0x72e/0xa80 [ 62.406267][ T5833] ? report_bug+0x2b3/0x500 [ 62.410781][ T5833] ? tls_strp_msg_load+0x72e/0xa80 [ 62.415950][ T5833] ? handle_bug+0x60/0x90 [ 62.420293][ T5833] ? exc_invalid_op+0x1a/0x50 [ 62.425067][ T5833] ? asm_exc_invalid_op+0x1a/0x20 [ 62.430113][ T5833] ? tls_strp_msg_load+0x39e/0xa80 [ 62.435324][ T5833] ? tls_strp_msg_load+0x72d/0xa80 [ 62.440453][ T5833] ? tls_strp_msg_load+0x72e/0xa80 [ 62.445670][ T5833] ? __pfx_tls_strp_msg_load+0x10/0x10 [ 62.451141][ T5833] ? __pfx_lock_acquire+0x10/0x10 [ 62.456212][ T5833] tls_rx_rec_wait+0x280/0xa60 [ 62.460997][ T5833] ? __pfx_tls_rx_rec_wait+0x10/0x10 [ 62.466347][ T5833] ? sk_psock_get+0x408/0x520 [ 62.471029][ T5833] ? __pfx_woken_wake_function+0x10/0x10 [ 62.476717][ T5833] ? __pfx_sk_psock_get+0x10/0x10 [ 62.481755][ T5833] tls_sw_recvmsg+0x85c/0x1c30 [ 62.486630][ T5833] ? __pfx_tls_sw_recvmsg+0x10/0x10 [ 62.491874][ T5833] ? aa_sk_perm+0x96d/0xab0 [ 62.496479][ T5833] ? __pfx_tls_sw_recvmsg+0x10/0x10 [ 62.501708][ T5833] inet6_recvmsg+0x2c9/0x730 [ 62.506382][ T5833] ? do_raw_spin_lock+0x14f/0x370 [ 62.511416][ T5833] ? __pfx_inet6_recvmsg+0x10/0x10 [ 62.516593][ T5833] ? aa_sock_msg_perm+0x91/0x160 [ 62.521551][ T5833] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 62.526907][ T5833] sock_recvmsg+0x109/0x280 [ 62.531421][ T5833] __sys_recvfrom+0x202/0x380 [ 62.536227][ T5833] ? __pfx___sys_recvfrom+0x10/0x10 [ 62.541447][ T5833] ? _raw_spin_unlock_irq+0x2e/0x50 [ 62.546706][ T5833] ? ptrace_notify+0x27f/0x380 [ 62.551508][ T5833] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 62.557917][ T5833] __x64_sys_recvfrom+0xde/0x100 [ 62.562905][ T5833] do_syscall_64+0xf3/0x230 [ 62.567497][ T5833] ? clear_bhb_loop+0x35/0x90 [ 62.572188][ T5833] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.578119][ T5833] RIP: 0033:0x7fd3a61623a9 [ 62.582560][ T5833] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 62.602242][ T5833] RSP: 002b:00007ffdbeb27018 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 62.610708][ T5833] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd3a61623a9 [ 62.618753][ T5833] RDX: 0000000000001ff4 RSI: 0000400000000100 RDI: 0000000000000003 [ 62.626774][ T5833] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 62.634757][ T5833] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000000 [ 62.642827][ T5833] R13: 00007ffdbeb27298 R14: 0000000000000001 R15: 0000000000000001 [ 62.650877][ T5833] [ 62.653913][ T5833] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 62.661206][ T5833] CPU: 0 UID: 0 PID: 5833 Comm: syz-executor366 Not tainted 6.14.0-rc4-syzkaller-00210-gccc2f5a436fb #0 [ 62.672311][ T5833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 62.682374][ T5833] Call Trace: [ 62.685641][ T5833] [ 62.688556][ T5833] dump_stack_lvl+0x241/0x360 [ 62.693217][ T5833] ? __pfx_dump_stack_lvl+0x10/0x10 [ 62.698418][ T5833] ? __pfx__printk+0x10/0x10 [ 62.702985][ T5833] ? _printk+0xd5/0x120 [ 62.707125][ T5833] ? __init_begin+0x41000/0x41000 [ 62.712146][ T5833] ? vscnprintf+0x5d/0x90 [ 62.716474][ T5833] panic+0x349/0x880 [ 62.720352][ T5833] ? __warn+0x174/0x4d0 [ 62.724491][ T5833] ? __pfx_panic+0x10/0x10 [ 62.728893][ T5833] __warn+0x344/0x4d0 [ 62.732858][ T5833] ? tls_strp_msg_load+0x72e/0xa80 [ 62.737965][ T5833] report_bug+0x2b3/0x500 [ 62.742275][ T5833] ? tls_strp_msg_load+0x72e/0xa80 [ 62.747372][ T5833] handle_bug+0x60/0x90 [ 62.751513][ T5833] exc_invalid_op+0x1a/0x50 [ 62.756029][ T5833] asm_exc_invalid_op+0x1a/0x20 [ 62.760876][ T5833] RIP: 0010:tls_strp_msg_load+0x72e/0xa80 [ 62.766588][ T5833] Code: 5c 24 18 e9 72 fc ff ff e8 cf b8 31 f7 90 0f 0b 90 e9 91 f9 ff ff e8 c1 b8 31 f7 90 0f 0b 90 e9 be f9 ff ff e8 b3 b8 31 f7 90 <0f> 0b 90 eb 84 e8 a8 b8 31 f7 90 0f 0b 90 e9 8c fe ff ff 89 d9 80 [ 62.786272][ T5833] RSP: 0018:ffffc900040ff700 EFLAGS: 00010293 [ 62.792334][ T5833] RAX: ffffffff8a90068d RBX: ffff888033a21cdc RCX: ffff88807d520000 [ 62.800296][ T5833] RDX: 0000000000000000 RSI: 000000000000001f RDI: 0000000000000000 [ 62.810083][ T5833] RBP: ffffc900040ff7f0 R08: ffffffff8a9002fe R09: 1ffff11029ba61bc [ 62.818048][ T5833] R10: dffffc0000000000 R11: ffffed1029ba61bd R12: ffff888033a21cd0 [ 62.826024][ T5833] R13: dffffc0000000000 R14: 0000000000000000 R15: 000000000000001f [ 62.834006][ T5833] ? tls_strp_msg_load+0x39e/0xa80 [ 62.839110][ T5833] ? tls_strp_msg_load+0x72d/0xa80 [ 62.844230][ T5833] ? __pfx_tls_strp_msg_load+0x10/0x10 [ 62.849681][ T5833] ? __pfx_lock_acquire+0x10/0x10 [ 62.854702][ T5833] tls_rx_rec_wait+0x280/0xa60 [ 62.859470][ T5833] ? __pfx_tls_rx_rec_wait+0x10/0x10 [ 62.864747][ T5833] ? sk_psock_get+0x408/0x520 [ 62.869415][ T5833] ? __pfx_woken_wake_function+0x10/0x10 [ 62.875043][ T5833] ? __pfx_sk_psock_get+0x10/0x10 [ 62.880066][ T5833] tls_sw_recvmsg+0x85c/0x1c30 [ 62.884842][ T5833] ? __pfx_tls_sw_recvmsg+0x10/0x10 [ 62.890039][ T5833] ? aa_sk_perm+0x96d/0xab0 [ 62.894541][ T5833] ? __pfx_tls_sw_recvmsg+0x10/0x10 [ 62.899821][ T5833] inet6_recvmsg+0x2c9/0x730 [ 62.904405][ T5833] ? do_raw_spin_lock+0x14f/0x370 [ 62.909427][ T5833] ? __pfx_inet6_recvmsg+0x10/0x10 [ 62.914530][ T5833] ? aa_sock_msg_perm+0x91/0x160 [ 62.919468][ T5833] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 62.924747][ T5833] sock_recvmsg+0x109/0x280 [ 62.929248][ T5833] __sys_recvfrom+0x202/0x380 [ 62.933922][ T5833] ? __pfx___sys_recvfrom+0x10/0x10 [ 62.939135][ T5833] ? _raw_spin_unlock_irq+0x2e/0x50 [ 62.944325][ T5833] ? ptrace_notify+0x27f/0x380 [ 62.949095][ T5833] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 62.955427][ T5833] __x64_sys_recvfrom+0xde/0x100 [ 62.960364][ T5833] do_syscall_64+0xf3/0x230 [ 62.964863][ T5833] ? clear_bhb_loop+0x35/0x90 [ 62.969534][ T5833] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.975419][ T5833] RIP: 0033:0x7fd3a61623a9 [ 62.979826][ T5833] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 62.999423][ T5833] RSP: 002b:00007ffdbeb27018 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 63.007832][ T5833] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd3a61623a9 [ 63.015794][ T5833] RDX: 0000000000001ff4 RSI: 0000400000000100 RDI: 0000000000000003 [ 63.023753][ T5833] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 63.031711][ T5833] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000000 [ 63.039671][ T5833] R13: 00007ffdbeb27298 R14: 0000000000000001 R15: 0000000000000001 [ 63.047643][ T5833] [ 63.050888][ T5833] Kernel Offset: disabled [ 63.055238][ T5833] Rebooting in 86400 seconds..