./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor519609307 <...> Warning: Permanently added '10.128.0.152' (ED25519) to the list of known hosts. execve("./syz-executor519609307", ["./syz-executor519609307"], 0x7ffde2e06080 /* 10 vars */) = 0 brk(NULL) = 0x555575dba000 brk(0x555575dbad00) = 0x555575dbad00 arch_prctl(ARCH_SET_FS, 0x555575dba380) = 0 set_tid_address(0x555575dba650) = 5862 set_robust_list(0x555575dba660, 24) = 0 rseq(0x555575dbaca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor519609307", 4096) = 27 getrandom("\xf3\x96\x53\xbe\xd0\x4b\x55\xe6", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555575dbad00 brk(0x555575ddbd00) = 0x555575ddbd00 brk(0x555575ddc000) = 0x555575ddc000 mprotect(0x7f28d995f000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5863 attached [pid 5863] set_robust_list(0x555575dba660, 24 [pid 5862] <... clone resumed>, child_tidptr=0x555575dba650) = 5863 [pid 5863] <... set_robust_list resumed>) = 0 [pid 5863] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5863] getppid() = 0 [pid 5863] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 5863] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 5863] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 5863] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 5863] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 5863] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 5863] unshare(CLONE_NEWNS) = 0 [pid 5863] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 5863] unshare(CLONE_NEWIPC) = 0 [pid 5863] unshare(CLONE_NEWCGROUP) = 0 [pid 5863] unshare(CLONE_NEWUTS) = 0 [pid 5863] unshare(CLONE_SYSVSEM) = 0 [pid 5863] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5863] write(3, "16777216", 8) = 8 [pid 5863] close(3) = 0 [pid 5863] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3 [pid 5863] write(3, "536870912", 9) = 9 [pid 5863] close(3) = 0 [pid 5863] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5863] write(3, "1024", 4) = 4 [pid 5863] close(3) = 0 [pid 5863] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5863] write(3, "8192", 4) = 4 [pid 5863] close(3) = 0 [pid 5863] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5863] write(3, "1024", 4) = 4 [pid 5863] close(3) = 0 [pid 5863] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 5863] write(3, "1024", 4) = 4 [pid 5863] close(3) = 0 [pid 5863] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3 [pid 5863] write(3, "1024 1048576 500 1024", 21) = 21 [pid 5863] close(3) = 0 [pid 5863] getpid() = 1 [pid 5863] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< 0b 90 e9 71 f5 ff ff e8 c1 db 80 f7 e9 d3 00 00 00 e8 b7 db 80 [ 108.757182][ T5863] RSP: 0018:ffffc9000402ed00 EFLAGS: 00010293 [ 108.763268][ T5863] RAX: ffffffff8a3f4d21 RBX: ffffffff8de66da0 RCX: ffff888025911e00 [ 108.771322][ T5863] RDX: 0000000000000000 RSI: 00000000000100f4 RDI: 0000000000010000 [ 108.779434][ T5863] RBP: ffffc9000402ee30 R08: ffffea0001de0240 R09: 0000013a000001a7 [ 108.787443][ T5863] R10: ffffea0001de0240 R11: 0000013a000001a7 R12: 1ffffffff1bccdb4 [ 108.795433][ T5863] R13: ffff888031264dc0 R14: 00000000000100f4 R15: ffff888031264e90 [ 108.803456][ T5863] FS: 0000555575dba380(0000) GS:ffff888125c23000(0000) knlGS:0000000000000000 [ 108.812422][ T5863] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.819046][ T5863] CR2: 0000200000010000 CR3: 000000007ed88000 CR4: 00000000003526f0 [ 108.827076][ T5863] Call Trace: [ 108.830344][ T5863] [ 108.833267][ T5863] ? __pfx_ipv6_gso_segment+0x10/0x10 [ 108.838677][ T5863] ? __pfx_ipv6_gso_segment+0x10/0x10 [ 108.844056][ T5863] skb_mac_gso_segment+0x31c/0x640 [ 108.849220][ T5863] ? skb_mac_gso_segment+0x17e/0x640 [ 108.854518][ T5863] ? __pfx_skb_mac_gso_segment+0x10/0x10 [ 108.860208][ T5863] ? __lock_acquire+0xab9/0xd20 [ 108.865065][ T5863] nsh_gso_segment+0x54a/0xe10 [ 108.869895][ T5863] ? __pfx_nsh_gso_segment+0x10/0x10 [ 108.875194][ T5863] skb_mac_gso_segment+0x31c/0x640 [ 108.880353][ T5863] ? skb_mac_gso_segment+0x17e/0x640 [ 108.885648][ T5863] ? __pfx_skb_mac_gso_segment+0x10/0x10 [ 108.891335][ T5863] __skb_gso_segment+0x342/0x510 [ 108.896314][ T5863] validate_xmit_skb+0x857/0x11b0 [ 108.901334][ T5863] ? __pfx_validate_xmit_skb+0x10/0x10 [ 108.906852][ T5863] validate_xmit_skb_list+0x84/0x120 [ 108.912144][ T5863] sch_direct_xmit+0xd3/0x4b0 [ 108.916866][ T5863] ? __pfx_sch_direct_xmit+0x10/0x10 [ 108.922165][ T5863] __dev_queue_xmit+0x17b6/0x3a70 [ 108.927230][ T5863] ? __dev_queue_xmit+0x27e/0x3a70 [ 108.932349][ T5863] ? __pskb_pull_tail+0xb59/0x15b0 [ 108.937494][ T5863] ? __asan_memcpy+0x40/0x70 [ 108.942107][ T5863] ? __pfx___dev_queue_xmit+0x10/0x10 [ 108.947523][ T5863] ? skb_partial_csum_set+0x107/0x360 [ 108.952910][ T5863] ? virtio_net_hdr_to_skb+0x9e1/0x1490 [ 108.958665][ T5863] ? packet_parse_headers+0x7ff/0xb60 [ 108.964062][ T5863] ? __pfx_virtio_net_hdr_to_skb+0x10/0x10 [ 108.969931][ T5863] ? packet_xmit+0x68/0x330 [ 108.974501][ T5863] packet_sendmsg+0x3e16/0x5060 [ 108.979438][ T5863] ? aa_bind_mount+0x140/0x590 [ 108.984251][ T5863] ? __pfx___might_resched+0x10/0x10 [ 108.989631][ T5863] ? cpuacct_charge+0x117/0x320 [ 108.994503][ T5863] ? xfd_validate_state+0x6d/0x150 [ 108.999685][ T5863] ? save_fpregs_to_fpstate+0xa3/0x210 [ 109.005161][ T5863] ? __pfx_packet_sendmsg+0x10/0x10 [ 109.010407][ T5863] ? aa_sk_perm+0x81e/0x950 [ 109.014923][ T5863] ? tomoyo_socket_sendmsg_permission+0x1e1/0x300 [ 109.021390][ T5863] ? __lock_acquire+0xab9/0xd20 [ 109.026290][ T5863] ? aa_sock_msg_perm+0x94/0x160 [ 109.031237][ T5863] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 109.036560][ T5863] ? __pfx_packet_sendmsg+0x10/0x10 [ 109.041775][ T5863] __sock_sendmsg+0x21c/0x270 [ 109.046491][ T5863] ____sys_sendmsg+0x505/0x830 [ 109.051274][ T5863] ? __pfx_____sys_sendmsg+0x10/0x10 [ 109.056625][ T5863] ? import_iovec+0x74/0xa0 [ 109.061140][ T5863] ___sys_sendmsg+0x21f/0x2a0 [ 109.065809][ T5863] ? __pfx____sys_sendmsg+0x10/0x10 [ 109.071052][ T5863] ? do_raw_spin_lock+0x121/0x290 [ 109.076140][ T5863] __x64_sys_sendmsg+0x19b/0x260 [ 109.081071][ T5863] ? _raw_spin_unlock_irq+0x2e/0x50 [ 109.086315][ T5863] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 109.091797][ T5863] ? rcu_is_watching+0x15/0xb0 [ 109.096610][ T5863] do_syscall_64+0xfa/0x3b0 [ 109.101121][ T5863] ? lockdep_hardirqs_on+0x9c/0x150 [ 109.106354][ T5863] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.112429][ T5863] ? clear_bhb_loop+0x60/0xb0 [ 109.117144][ T5863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.123044][ T5863] RIP: 0033:0x7f28d98e6859 [ 109.127512][ T5863] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 109.147164][ T5863] RSP: 002b:00007ffc860e99e8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 109.155567][ T5863] RAX: ffffffffffffffda RBX: 00007f28d99344ad RCX: 00007f28d98e6859 [ 109.163582][ T5863] RDX: 00000000200400c4 RSI: 0000200000000180 RDI: 0000000000000003 [ 109.171591][ T5863] RBP: 00007f28d993447d R08: 0000555500000000 R09: 0000555500000000 [ 109.179619][ T5863] R10: 0000200000000180 R11: 0000000000000246 R12: 00007f28d99343e5 [ 109.187629][ T5863] R13: 0000000000000001 R14: 00007ffc860e9a30 R15: 0000000000000003 [ 109.195600][ T5863] [ 109.198654][ T5863] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 109.205958][ T5863] CPU: 0 UID: 0 PID: 5863 Comm: syz-executor519 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full) [ 109.217848][ T5863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 109.227889][ T5863] Call Trace: [ 109.231152][ T5863] [ 109.234094][ T5863] dump_stack_lvl+0x99/0x250 [ 109.238672][ T5863] ? __asan_memcpy+0x40/0x70 [ 109.243247][ T5863] ? __pfx_dump_stack_lvl+0x10/0x10 [ 109.248429][ T5863] ? __pfx__printk+0x10/0x10 [ 109.253010][ T5863] panic+0x2db/0x790 [ 109.256905][ T5863] ? __pfx_panic+0x10/0x10 [ 109.261326][ T5863] ? show_trace_log_lvl+0x4fb/0x550 [ 109.266529][ T5863] __warn+0x31b/0x4b0 [ 109.270522][ T5863] ? ipv6_gso_segment+0x15e2/0x21e0 [ 109.275706][ T5863] ? ipv6_gso_segment+0x15e2/0x21e0 [ 109.280888][ T5863] report_bug+0x2be/0x4f0 [ 109.285201][ T5863] ? ipv6_gso_segment+0x15e2/0x21e0 [ 109.290400][ T5863] ? ipv6_gso_segment+0x15e2/0x21e0 [ 109.295579][ T5863] ? ipv6_gso_segment+0x15e4/0x21e0 [ 109.300776][ T5863] handle_bug+0x84/0x160 [ 109.305002][ T5863] exc_invalid_op+0x1a/0x50 [ 109.309493][ T5863] asm_exc_invalid_op+0x1a/0x20 [ 109.314333][ T5863] RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 [ 109.320121][ T5863] Code: ff ff e8 f1 db 80 f7 49 c7 c5 a3 ff ff ff e9 27 fe ff ff e8 e0 db 80 f7 49 c7 c5 a3 ff ff ff e9 16 fe ff ff e8 cf db 80 f7 90 <0f> 0b 90 e9 71 f5 ff ff e8 c1 db 80 f7 e9 d3 00 00 00 e8 b7 db 80 [ 109.339713][ T5863] RSP: 0018:ffffc9000402ed00 EFLAGS: 00010293 [ 109.345763][ T5863] RAX: ffffffff8a3f4d21 RBX: ffffffff8de66da0 RCX: ffff888025911e00 [ 109.353719][ T5863] RDX: 0000000000000000 RSI: 00000000000100f4 RDI: 0000000000010000 [ 109.361680][ T5863] RBP: ffffc9000402ee30 R08: ffffea0001de0240 R09: 0000013a000001a7 [ 109.369662][ T5863] R10: ffffea0001de0240 R11: 0000013a000001a7 R12: 1ffffffff1bccdb4 [ 109.377618][ T5863] R13: ffff888031264dc0 R14: 00000000000100f4 R15: ffff888031264e90 [ 109.385577][ T5863] ? ipv6_gso_segment+0x15e1/0x21e0 [ 109.390775][ T5863] ? __pfx_ipv6_gso_segment+0x10/0x10 [ 109.396134][ T5863] ? __pfx_ipv6_gso_segment+0x10/0x10 [ 109.401493][ T5863] skb_mac_gso_segment+0x31c/0x640 [ 109.406618][ T5863] ? skb_mac_gso_segment+0x17e/0x640 [ 109.411936][ T5863] ? __pfx_skb_mac_gso_segment+0x10/0x10 [ 109.417559][ T5863] ? __lock_acquire+0xab9/0xd20 [ 109.422394][ T5863] nsh_gso_segment+0x54a/0xe10 [ 109.427202][ T5863] ? __pfx_nsh_gso_segment+0x10/0x10 [ 109.432496][ T5863] skb_mac_gso_segment+0x31c/0x640 [ 109.437596][ T5863] ? skb_mac_gso_segment+0x17e/0x640 [ 109.442884][ T5863] ? __pfx_skb_mac_gso_segment+0x10/0x10 [ 109.448513][ T5863] __skb_gso_segment+0x342/0x510 [ 109.453440][ T5863] validate_xmit_skb+0x857/0x11b0 [ 109.458503][ T5863] ? __pfx_validate_xmit_skb+0x10/0x10 [ 109.463963][ T5863] validate_xmit_skb_list+0x84/0x120 [ 109.469260][ T5863] sch_direct_xmit+0xd3/0x4b0 [ 109.473962][ T5863] ? __pfx_sch_direct_xmit+0x10/0x10 [ 109.479242][ T5863] __dev_queue_xmit+0x17b6/0x3a70 [ 109.484274][ T5863] ? __dev_queue_xmit+0x27e/0x3a70 [ 109.489385][ T5863] ? __pskb_pull_tail+0xb59/0x15b0 [ 109.494492][ T5863] ? __asan_memcpy+0x40/0x70 [ 109.499081][ T5863] ? __pfx___dev_queue_xmit+0x10/0x10 [ 109.504436][ T5863] ? skb_partial_csum_set+0x107/0x360 [ 109.509804][ T5863] ? virtio_net_hdr_to_skb+0x9e1/0x1490 [ 109.515360][ T5863] ? packet_parse_headers+0x7ff/0xb60 [ 109.520816][ T5863] ? __pfx_virtio_net_hdr_to_skb+0x10/0x10 [ 109.526631][ T5863] ? packet_xmit+0x68/0x330 [ 109.531126][ T5863] packet_sendmsg+0x3e16/0x5060 [ 109.535971][ T5863] ? aa_bind_mount+0x140/0x590 [ 109.540729][ T5863] ? __pfx___might_resched+0x10/0x10 [ 109.545994][ T5863] ? cpuacct_charge+0x117/0x320 [ 109.550832][ T5863] ? xfd_validate_state+0x6d/0x150 [ 109.555927][ T5863] ? save_fpregs_to_fpstate+0xa3/0x210 [ 109.561413][ T5863] ? __pfx_packet_sendmsg+0x10/0x10 [ 109.566615][ T5863] ? aa_sk_perm+0x81e/0x950 [ 109.571102][ T5863] ? tomoyo_socket_sendmsg_permission+0x1e1/0x300 [ 109.577499][ T5863] ? __lock_acquire+0xab9/0xd20 [ 109.582345][ T5863] ? aa_sock_msg_perm+0x94/0x160 [ 109.587265][ T5863] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 109.592530][ T5863] ? __pfx_packet_sendmsg+0x10/0x10 [ 109.597712][ T5863] __sock_sendmsg+0x21c/0x270 [ 109.602378][ T5863] ____sys_sendmsg+0x505/0x830 [ 109.607140][ T5863] ? __pfx_____sys_sendmsg+0x10/0x10 [ 109.612429][ T5863] ? import_iovec+0x74/0xa0 [ 109.616927][ T5863] ___sys_sendmsg+0x21f/0x2a0 [ 109.621590][ T5863] ? __pfx____sys_sendmsg+0x10/0x10 [ 109.626780][ T5863] ? do_raw_spin_lock+0x121/0x290 [ 109.631825][ T5863] __x64_sys_sendmsg+0x19b/0x260 [ 109.636760][ T5863] ? _raw_spin_unlock_irq+0x2e/0x50 [ 109.641938][ T5863] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 109.647405][ T5863] ? rcu_is_watching+0x15/0xb0 [ 109.652170][ T5863] do_syscall_64+0xfa/0x3b0 [ 109.656679][ T5863] ? lockdep_hardirqs_on+0x9c/0x150 [ 109.661920][ T5863] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.667974][ T5863] ? clear_bhb_loop+0x60/0xb0 [ 109.672635][ T5863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.678514][ T5863] RIP: 0033:0x7f28d98e6859 [ 109.682934][ T5863] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 109.702541][ T5863] RSP: 002b:00007ffc860e99e8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 109.710946][ T5863] RAX: ffffffffffffffda RBX: 00007f28d99344ad RCX: 00007f28d98e6859 [ 109.718901][ T5863] RDX: 00000000200400c4 RSI: 0000200000000180 RDI: 0000000000000003 [ 109.726875][ T5863] RBP: 00007f28d993447d R08: 0000555500000000 R09: 0000555500000000 [ 109.734842][ T5863] R10: 0000200000000180 R11: 0000000000000246 R12: 00007f28d99343e5 [ 109.742806][ T5863] R13: 0000000000000001 R14: 00007ffc860e9a30 R15: 0000000000000003 [ 109.750773][ T5863] [ 109.754039][ T5863] Kernel Offset: disabled [ 109.758351][ T5863] Rebooting in 86400 seconds..