./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2743911769

<...>
Warning: Permanently added '10.128.0.254' (ECDSA) to the list of known hosts.
execve("./syz-executor2743911769", ["./syz-executor2743911769"], 0x7fffd82ec180 /* 10 vars */) = 0
brk(NULL)                               = 0x555556e49000
brk(0x555556e49c40)                     = 0x555556e49c40
arch_prctl(ARCH_SET_FS, 0x555556e49300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
set_tid_address(0x555556e495d0)         = 3611
set_robust_list(0x555556e495e0, 24)     = 0
rt_sigaction(SIGRTMIN, {sa_handler=0x7f35c2d7df50, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f35c2d7e620}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=0x7f35c2d7dff0, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f35c2d7e620}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2743911769", 4096) = 28
brk(0x555556e6ac40)                     = 0x555556e6ac40
brk(0x555556e6b000)                     = 0x555556e6b000
mprotect(0x7f35c2e3e000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
futex(0x7f35c2e443ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f35c2d4e000
mprotect(0x7f35c2d4f000, 131072, PROT_READ|PROT_WRITE) = 0
clone(child_stack=0x7f35c2d6e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3612], tls=0x7f35c2d6e700, child_tidptr=0x7f35c2d6e9d0) = 3612
futex(0x7f35c2e443e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
futex(0x7f35c2e443ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3612 attached
 <unfinished ...>
[pid  3612] set_robust_list(0x7f35c2d6e9e0, 24) = 0
[pid  3612] unshare(CLONE_FILES|CLONE_NEWIPC) = 0
[pid  3612] futex(0x7f35c2e443ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3611] <... futex resumed>)        = 0
[pid  3611] futex(0x7f35c2e443e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3611] futex(0x7f35c2e443ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3612] <... futex resumed>)        = 1
[pid  3612] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_PERCPU_HASH, key_size=1, value_size=9, max_entries=2, map_flags=BPF_F_NO_PREALLOC|BPF_F_ZERO_SEED|BPF_F_WRONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid  3612] futex(0x7f35c2e443ec, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  3611] <... futex resumed>)        = 0
[pid  3611] futex(0x7f35c2e443e8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3611] futex(0x7f35c2e443fc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3611] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f35c2d2d000
[pid  3611] mprotect(0x7f35c2d2e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3611] clone(child_stack=0x7f35c2d4d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3613], tls=0x7f35c2d4d700, child_tidptr=0x7f35c2d4d9d0) = 3613
[pid  3611] futex(0x7f35c2e443f8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3611] futex(0x7f35c2e443fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3612] <... futex resumed>)        = 1
[pid  3612] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address)
[pid  3612] futex(0x7f35c2e443ec, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3612] futex(0x7f35c2e443e8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 3613 attached
 <unfinished ...>
[pid  3613] set_robust_list(0x7f35c2d4d9e0, 24) = 0
[pid  3613] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_LRU_PERCPU_HASH, key_size=22, value_size=8, max_entries=127, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid  3613] futex(0x7f35c2e443fc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3611] <... futex resumed>)        = 0
[pid  3611] futex(0x7f35c2e443e8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3613] futex(0x7f35c2e443f8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3612] <... futex resumed>)        = 0
[pid  3611] futex(0x7f35c2e443ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} <unfinished ...>
syzkaller login: [   43.566536][ T3612] ------------[ cut here ]------------
[   43.572054][ T3612] trace type BPF program uses run-time allocation
[   43.578501][ T3612] WARNING: CPU: 1 PID: 3612 at kernel/bpf/verifier.c:12623 bpf_check+0xb09a/0xb8e0
[   43.587833][ T3612] Modules linked in:
[   43.591753][ T3612] CPU: 1 PID: 3612 Comm: syz-executor274 Not tainted 5.19.0-syzkaller-13930-g7ebfc85e2cd7 #0
[   43.602278][ T3612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[   43.612459][ T3612] RIP: 0010:bpf_check+0xb09a/0xb8e0
[   43.617692][ T3612] Code: e9 09 a1 ff ff 4c 89 ef e8 e3 7b 37 00 e9 8e 64 ff ff e8 89 24 eb ff 48 c7 c7 e0 86 f4 89 c6 05 87 9d 38 0c 01 e8 03 da a8 07 <0f> 0b e9 51 a0 ff ff 4c 8b bd 88 fe ff ff e8 63 24 eb ff 48 c7 c6
[   43.637416][ T3612] RSP: 0018:ffffc9000392f8b0 EFLAGS: 00010286
[   43.643547][ T3612] RAX: 0000000000000000 RBX: 0000000000000011 RCX: 0000000000000000
[   43.651665][ T3612] RDX: ffff8880263cbb00 RSI: ffffffff8161f148 RDI: fffff52000725f08
[   43.659742][ T3612] RBP: ffffc9000392fb10 R08: 0000000000000005 R09: 0000000000000000
[   43.667707][ T3612] R10: 0000000080000000 R11: 0000000000000000 R12: ffff888075e4b800
[   43.675722][ T3612] R13: dffffc0000000000 R14: ffffc90000b2e058 R15: 0000000000000002
[   43.683812][ T3612] FS:  00007f35c2d6e700(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000
[   43.692874][ T3612] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   43.699481][ T3612] CR2: 00007f0d5c1f5a70 CR3: 000000007a591000 CR4: 0000000000350ee0
[   43.707439][ T3612] Call Trace:
[   43.710918][ T3612]  <TASK>
[   43.713861][ T3612]  ? bpf_get_btf_vmlinux+0x10/0x10
[   43.719242][ T3612]  ? lock_downgrade+0x6e0/0x6e0
[   43.724108][ T3612]  ? __might_fault+0xd1/0x170
[   43.728860][ T3612]  ? lock_downgrade+0x6e0/0x6e0
[   43.733830][ T3612]  ? ktime_get_with_offset+0x3f2/0x500
[   43.739363][ T3612]  ? memset+0x20/0x40
[   43.743706][ T3612]  ? bpf_obj_name_cpy+0x144/0x1a0
[   43.748758][ T3612]  bpf_prog_load+0x13cb/0x2230
[   43.753535][ T3612]  ? __bpf_prog_put.constprop.0+0x220/0x220
[   43.759622][ T3612]  ? find_held_lock+0x2d/0x110
[   43.764392][ T3612]  ? __might_fault+0xd1/0x170
[   43.769094][ T3612]  ? lock_downgrade+0x6e0/0x6e0
[   43.773959][ T3612]  ? bpf_lsm_bpf+0x5/0x10
[   43.778309][ T3612]  __sys_bpf+0x1e7e/0x6130
[   43.782925][ T3612]  ? lock_release+0x780/0x780
[   43.787615][ T3612]  ? bpf_perf_link_attach+0x520/0x520
[   43.793009][ T3612]  ? do_raw_spin_lock+0x120/0x2a0
[   43.798043][ T3612]  ? rwlock_bug.part.0+0x90/0x90
[   43.803009][ T3612]  ? _raw_spin_lock_irq+0x41/0x50
[   43.808061][ T3612]  ? find_held_lock+0x2d/0x110
[   43.812858][ T3612]  ? _raw_spin_unlock_irq+0x1f/0x40
[   43.818070][ T3612]  ? _raw_spin_unlock_irq+0x1f/0x40
[   43.823288][ T3612]  ? lockdep_hardirqs_on+0x79/0x100
[   43.828587][ T3612]  __x64_sys_bpf+0x75/0xb0
[   43.833040][ T3612]  do_syscall_64+0x35/0xb0
[   43.837466][ T3612]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   43.843832][ T3612] RIP: 0033:0x7f35c2dbbfb9
[   43.848257][ T3612] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   43.867921][ T3612] RSP: 002b:00007f35c2d6e318 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   43.876392][ T3612] RAX: ffffffffffffffda RBX: 00007f35c2e443e8 RCX: 00007f35c2dbbfb9
[   43.884402][ T3612] RDX: 0000000000000080 RSI: 0000000020000440 RDI: 0000000000000005
[   43.892393][ T3612] RBP: 00007f35c2e443e0 R08: 0000000000000000 R09: 0000000000000000
[   43.900388][ T3612] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35c2e12004
[   43.908367][ T3612] R13: 00007ffd0c8f7c7f R14: 00007f35c2d6e400 R15: 0000000000022000
[   43.916565][ T3612]  </TASK>
[   43.919606][ T3612] Kernel panic - not syncing: panic_on_warn set ...
[   43.926168][ T3612] CPU: 1 PID: 3612 Comm: syz-executor274 Not tainted 5.19.0-syzkaller-13930-g7ebfc85e2cd7 #0
[   43.936316][ T3612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[   43.946365][ T3612] Call Trace:
[   43.949659][ T3612]  <TASK>
[   43.952573][ T3612]  dump_stack_lvl+0xcd/0x134
[   43.957153][ T3612]  panic+0x2c8/0x627
[   43.961030][ T3612]  ? panic_print_sys_info.part.0+0x10b/0x10b
[   43.966995][ T3612]  ? __warn.cold+0x248/0x2c4
[   43.971744][ T3612]  ? bpf_check+0xb09a/0xb8e0
[   43.976318][ T3612]  __warn.cold+0x259/0x2c4
[   43.980716][ T3612]  ? __wake_up_klogd.part.0+0x99/0xf0
[   43.986073][ T3612]  ? bpf_check+0xb09a/0xb8e0
[   43.990643][ T3612]  report_bug+0x1bc/0x210
[   43.994954][ T3612]  handle_bug+0x3c/0x60
[   43.999268][ T3612]  exc_invalid_op+0x14/0x40
[   44.003752][ T3612]  asm_exc_invalid_op+0x16/0x20
[   44.008583][ T3612] RIP: 0010:bpf_check+0xb09a/0xb8e0
[   44.013762][ T3612] Code: e9 09 a1 ff ff 4c 89 ef e8 e3 7b 37 00 e9 8e 64 ff ff e8 89 24 eb ff 48 c7 c7 e0 86 f4 89 c6 05 87 9d 38 0c 01 e8 03 da a8 07 <0f> 0b e9 51 a0 ff ff 4c 8b bd 88 fe ff ff e8 63 24 eb ff 48 c7 c6
[   44.033463][ T3612] RSP: 0018:ffffc9000392f8b0 EFLAGS: 00010286
[   44.039521][ T3612] RAX: 0000000000000000 RBX: 0000000000000011 RCX: 0000000000000000
[   44.047483][ T3612] RDX: ffff8880263cbb00 RSI: ffffffff8161f148 RDI: fffff52000725f08
[   44.055435][ T3612] RBP: ffffc9000392fb10 R08: 0000000000000005 R09: 0000000000000000
[pid  3612] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=7, insns=0x200000c0, license="GPL", log_level=4, log_size=238, log_buf="", kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 128 <unfinished ...>
[pid  3611] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[   44.063398][ T3612] R10: 0000000080000000 R11: 0000000000000000 R12: ffff888075e4b800
[   44.071356][ T3612] R13: dffffc0000000000 R14: ffffc90000b2e058 R15: 0000000000000002
[   44.079318][ T3612]  ? vprintk+0x88/0x90
[   44.083386][ T3612]  ? bpf_get_btf_vmlinux+0x10/0x10
[   44.088487][ T3612]  ? lock_downgrade+0x6e0/0x6e0
[   44.093319][ T3612]  ? __might_fault+0xd1/0x170
[   44.097979][ T3612]  ? lock_downgrade+0x6e0/0x6e0
[   44.102813][ T3612]  ? ktime_get_with_offset+0x3f2/0x500
[   44.108261][ T3612]  ? memset+0x20/0x40
[   44.112227][ T3612]  ? bpf_obj_name_cpy+0x144/0x1a0
[   44.117239][ T3612]  bpf_prog_load+0x13cb/0x2230
[   44.122003][ T3612]  ? __bpf_prog_put.constprop.0+0x220/0x220
[   44.127898][ T3612]  ? find_held_lock+0x2d/0x110
[   44.132660][ T3612]  ? __might_fault+0xd1/0x170
[   44.137332][ T3612]  ? lock_downgrade+0x6e0/0x6e0
[   44.142180][ T3612]  ? bpf_lsm_bpf+0x5/0x10
[   44.146506][ T3612]  __sys_bpf+0x1e7e/0x6130
[   44.150923][ T3612]  ? lock_release+0x780/0x780
[   44.155602][ T3612]  ? bpf_perf_link_attach+0x520/0x520
[   44.160971][ T3612]  ? do_raw_spin_lock+0x120/0x2a0
[   44.166030][ T3612]  ? rwlock_bug.part.0+0x90/0x90
[   44.170953][ T3612]  ? _raw_spin_lock_irq+0x41/0x50
[   44.175971][ T3612]  ? find_held_lock+0x2d/0x110
[   44.180742][ T3612]  ? _raw_spin_unlock_irq+0x1f/0x40
[   44.185957][ T3612]  ? _raw_spin_unlock_irq+0x1f/0x40
[   44.191145][ T3612]  ? lockdep_hardirqs_on+0x79/0x100
[   44.196337][ T3612]  __x64_sys_bpf+0x75/0xb0
[   44.200745][ T3612]  do_syscall_64+0x35/0xb0
[   44.205155][ T3612]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   44.211056][ T3612] RIP: 0033:0x7f35c2dbbfb9
[pid  3611] exit_group(0)               = ?
[pid  3613] <... futex resumed>)        = ?
[pid  3613] +++ exited with 0 +++
[   44.215480][ T3612] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   44.235094][ T3612] RSP: 002b:00007f35c2d6e318 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   44.243526][ T3612] RAX: ffffffffffffffda RBX: 00007f35c2e443e8 RCX: 00007f35c2dbbfb9
[   44.251499][ T3612] RDX: 0000000000000080 RSI: 0000000020000440 RDI: 0000000000000005
[   44.259497][ T3612] RBP: 00007f35c2e443e0 R08: 0000000000000000 R09: 0000000000000000
[   44.267801][ T3612] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35c2e12004
[   44.275769][ T3612] R13: 00007ffd0c8f7c7f R14: 00007f35c2d6e400 R15: 0000000000022000
[   44.283737][ T3612]  </TASK>
[   44.287534][ T3612] Kernel Offset: disabled
[   44.291897][ T3612] Rebooting in 86400 seconds..