./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1829951947 <...> Warning: Permanently added '10.128.10.15' (ECDSA) to the list of known hosts. execve("./syz-executor1829951947", ["./syz-executor1829951947"], 0x7ffc7a86b5f0 /* 10 vars */) = 0 brk(NULL) = 0x555556538000 brk(0x555556538c40) = 0x555556538c40 arch_prctl(ARCH_SET_FS, 0x555556538300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor1829951947", 4096) = 28 brk(0x555556559c40) = 0x555556559c40 brk(0x55555655a000) = 0x55555655a000 mprotect(0x7fc3744fd000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 syzkaller login: [ 80.179281][ T5081] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN [ 80.191268][ T5081] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] [ 80.199705][ T5081] CPU: 1 PID: 5081 Comm: syz-executor182 Not tainted 6.2.0-syzkaller-13084-g226bc6ae6405 #0 [ 80.209876][ T5081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 80.219938][ T5081] RIP: 0010:bpf_struct_ops_link_create+0xb1/0x390 [ 80.226400][ T5081] Code: 95 81 eb ff 48 85 c0 48 89 c5 0f 84 9e 02 00 00 e8 24 27 dd ff 48 8d 7d 18 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 60 02 00 00 44 8b 65 18 bf 1a [ 80.246105][ T5081] RSP: 0018:ffffc90003b8fc38 EFLAGS: 00010203 [ 80.252211][ T5081] RAX: dffffc0000000000 RBX: 1ffff92000771f87 RCX: 0000000000000000 [ 80.260261][ T5081] RDX: 0000000000000001 RSI: ffffffff81a7dc8c RDI: 000000000000000f [ 80.268331][ T5081] RBP: fffffffffffffff7 R08: 0000000000000007 R09: 0000000000000000 [ 80.276319][ T5081] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 80.284301][ T5081] R13: 000000000000002c R14: ffffc90003b8fde8 R15: 0000000000000000 [ 80.292289][ T5081] FS: 0000555556538300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 80.301246][ T5081] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.307861][ T5081] CR2: 0000000000eaa388 CR3: 00000000206d2000 CR4: 00000000003506e0 [ 80.315854][ T5081] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 80.323845][ T5081] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 80.331827][ T5081] Call Trace: [ 80.335114][ T5081] [ 80.338074][ T5081] ? bpf_struct_ops_put+0x20/0x20 [ 80.343416][ T5081] ? bpf_lsm_bpf+0x9/0x10 [ 80.347922][ T5081] ? security_bpf+0x87/0xb0 [ 80.352557][ T5081] __sys_bpf+0x3b77/0x53b0 [ 80.357010][ T5081] ? lock_release+0x780/0x780 [ 80.362154][ T5081] ? bpf_perf_link_attach+0x520/0x520 [ 80.368031][ T5081] ? do_raw_spin_lock+0x124/0x2b0 [ 80.373084][ T5081] ? spin_bug+0x1c0/0x1c0 [ 80.377437][ T5081] ? find_held_lock+0x2d/0x110 [ 80.382222][ T5081] ? _raw_spin_unlock_irq+0x23/0x50 [ 80.387582][ T5081] ? lockdep_hardirqs_on+0x7d/0x100 [ 80.392834][ T5081] __x64_sys_bpf+0x79/0xc0 [ 80.397292][ T5081] do_syscall_64+0x39/0xb0 [ 80.401748][ T5081] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 80.407666][ T5081] RIP: 0033:0x7fc374490ae9 [ 80.412109][ T5081] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 80.431755][ T5081] RSP: 002b:00007fffe2184578 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 80.440193][ T5081] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc374490ae9 [ 80.448187][ T5081] RDX: 0000000000000010 RSI: 0000000020001340 RDI: 000000000000001c [ 80.456175][ T5081] RBP: 00007fc374454c90 R08: 0000000000000000 R09: 0000000000000000 [ 80.464154][ T5081] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fc374454d20 [ 80.472134][ T5081] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 80.480136][ T5081] [ 80.483157][ T5081] Modules linked in: [ 80.489233][ T5081] ---[ end trace 0000000000000000 ]--- [ 80.494830][ T5081] RIP: 0010:bpf_struct_ops_link_create+0xb1/0x390 [ 80.501471][ T5081] Code: 95 81 eb ff 48 85 c0 48 89 c5 0f 84 9e 02 00 00 e8 24 27 dd ff 48 8d 7d 18 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 60 02 00 00 44 8b 65 18 bf 1a [ 80.521414][ T5081] RSP: 0018:ffffc90003b8fc38 EFLAGS: 00010203 [ 80.527712][ T5081] RAX: dffffc0000000000 RBX: 1ffff92000771f87 RCX: 0000000000000000 [ 80.535807][ T5081] RDX: 0000000000000001 RSI: ffffffff81a7dc8c RDI: 000000000000000f [ 80.543835][ T5081] RBP: fffffffffffffff7 R08: 0000000000000007 R09: 0000000000000000 [ 80.552018][ T5081] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 80.560053][ T5081] R13: 000000000000002c R14: ffffc90003b8fde8 R15: 0000000000000000 [ 80.568140][ T5081] FS: 0000555556538300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 80.577185][ T5081] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.583785][ T5081] CR2: 0000000000eaa388 CR3: 00000000206d2000 CR4: 00000000003506e0 [ 80.591887][ T5081] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 80.600184][ T5081] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 80.608479][ T5081] Kernel panic - not syncing: Fatal exception [ 80.615101][ T5081] Kernel Offset: disabled [ 80.619459][ T5081] Rebooting in 86400 seconds..