./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4127288846 <...> Warning: Permanently added '10.128.1.35' (ED25519) to the list of known hosts. execve("./syz-executor4127288846", ["./syz-executor4127288846"], 0x7ffff4cb36a0 /* 10 vars */) = 0 brk(NULL) = 0x555585cc3000 brk(0x555585cc3e00) = 0x555585cc3e00 arch_prctl(ARCH_SET_FS, 0x555585cc3480) = 0 set_tid_address(0x555585cc3750) = 5834 set_robust_list(0x555585cc3760, 24) = 0 rseq(0x555585cc3da0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor4127288846", 4096) = 28 getrandom("\xe8\xdd\x6e\xb9\xae\x17\x0e\x00", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555585cc3e00 brk(0x555585ce4e00) = 0x555585ce4e00 brk(0x555585ce5000) = 0x555585ce5000 mprotect(0x7f382a43b000, 16384, PROT_READ) = 0 mmap(0x3ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3ffffffff000 mmap(0x400000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400000000000 mmap(0x400001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400001000000 rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {sa_handler=0x7f382a398340, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f382a39f500}, NULL, 8) = 0 rt_sigaction(SIGBUS, {sa_handler=0x7f382a398340, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f382a39f500}, NULL, 8) = 0 executing program write(1, "executing program\n", 18) = 18 socket(AF_INET6, SOCK_STREAM, IPPROTO_IP) = 3 setsockopt(3, SOL_TCP, TCP_REPAIR, [1], 4) = 0 connect(3, {sa_family=AF_INET6, sin6_port=htons(0), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::1", &sin6_addr), sin6_scope_id=0}, 28) = 0 setsockopt(3, SOL_TCP, TCP_ULP, [7564404], 4) = 0 setsockopt(3, SOL_TCP, TCP_REPAIR_QUEUE, [1], 4) = 0 setsockopt(3, SOL_TLS, TLS_TX, "\x03\x03\x33\x00\xb3\x91\x62\xa1\xdc\x8b\x4c\x3f\x7e\xa8\xf8\x6a\xc3\x96\x96\xdc\xed\xdf\x8c\x42\x1b\xbd\xcc\x0f\x00\x00\x00\x00\xf9\x80\x9f\xe3\x9a\x1d\xaf\xc9", 40) = 0 sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="n7", iov_len=2}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 2 setsockopt(3, SOL_TLS, TLS_RX, "\x03\x03\x33\x00\x00\x00\x37\xd7\x00\x94\x00\x00\xc0\xb6\xc5\xb2\x9c\xa2\xb8\x38\xd4\x1a\xc2\xfc\x7d\xdf\x97\x2d\xe9\xbe\x1e\xae\xbb\x10\x00\x00\x00\x00\x00\x01", 40) = 0 mmap(0x400000000000, 9814016, PROT_READ|PROT_GROWSDOWN, MAP_SHARED|MAP_FIXED|MAP_ANONYMOUS|MAP_NORESERVE|MAP_POPULATE|MAP_NONBLOCK|MAP_HUGETLB|0x600280|21< 0b 90 eb 84 e8 a8 b8 31 f7 90 0f 0b 90 e9 8c fe ff ff 89 d9 80 [ 77.603606][ T5834] RSP: 0018:ffffc90003e7f700 EFLAGS: 00010293 [ 77.609746][ T5834] RAX: ffffffff8a90068d RBX: ffff88802a9f24dc RCX: ffff888034e0bc00 [ 77.617832][ T5834] RDX: 0000000000000000 RSI: 000000000000001f RDI: 0000000000000000 [ 77.625848][ T5834] RBP: ffffc90003e7f7f0 R08: ffffffff8a9002fe R09: 1ffff110062bf36c [ 77.633930][ T5834] R10: dffffc0000000000 R11: ffffed10062bf36d R12: ffff88802a9f24d0 [ 77.642004][ T5834] R13: dffffc0000000000 R14: 0000000000000000 R15: 000000000000001f [ 77.650094][ T5834] FS: 0000555585cc3480(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 77.659174][ T5834] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.665799][ T5834] CR2: 0000400000000218 CR3: 00000000347a8000 CR4: 00000000003526f0 [ 77.673903][ T5834] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 77.682024][ T5834] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 77.690068][ T5834] Call Trace: [ 77.693371][ T5834] [ 77.696315][ T5834] ? __warn+0x165/0x4d0 [ 77.700580][ T5834] ? tls_strp_msg_load+0x72e/0xa80 [ 77.705732][ T5834] ? report_bug+0x2b3/0x500 [ 77.710322][ T5834] ? tls_strp_msg_load+0x72e/0xa80 [ 77.715478][ T5834] ? handle_bug+0x60/0x90 [ 77.719942][ T5834] ? exc_invalid_op+0x1a/0x50 [ 77.724665][ T5834] ? asm_exc_invalid_op+0x1a/0x20 [ 77.729886][ T5834] ? tls_strp_msg_load+0x39e/0xa80 [ 77.735029][ T5834] ? tls_strp_msg_load+0x72d/0xa80 [ 77.740268][ T5834] ? tls_strp_msg_load+0x72e/0xa80 [ 77.745435][ T5834] ? __pfx_tls_strp_msg_load+0x10/0x10 [ 77.750978][ T5834] ? __pfx_lock_acquire+0x10/0x10 [ 77.756056][ T5834] tls_rx_rec_wait+0x280/0xa60 [ 77.760953][ T5834] ? __pfx_tls_rx_rec_wait+0x10/0x10 [ 77.766275][ T5834] ? sk_psock_get+0x408/0x520 [ 77.771023][ T5834] ? __pfx_woken_wake_function+0x10/0x10 [ 77.776698][ T5834] ? __pfx_sk_psock_get+0x10/0x10 [ 77.781847][ T5834] tls_sw_recvmsg+0x85c/0x1c30 [ 77.786760][ T5834] ? __pfx_tls_sw_recvmsg+0x10/0x10 [ 77.792045][ T5834] ? aa_sk_perm+0x96d/0xab0 [ 77.796604][ T5834] ? __pfx_tls_sw_recvmsg+0x10/0x10 [ 77.801901][ T5834] inet6_recvmsg+0x2c9/0x730 [ 77.806532][ T5834] ? do_raw_spin_lock+0x14f/0x370 [ 77.811646][ T5834] ? __pfx_inet6_recvmsg+0x10/0x10 [ 77.816796][ T5834] ? aa_sock_msg_perm+0x91/0x160 [ 77.821845][ T5834] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 77.827227][ T5834] sock_recvmsg+0x109/0x280 [ 77.831773][ T5834] __sys_recvfrom+0x202/0x380 [ 77.836467][ T5834] ? __pfx___sys_recvfrom+0x10/0x10 [ 77.841795][ T5834] ? _raw_spin_unlock_irq+0x2e/0x50 [ 77.847089][ T5834] ? ptrace_notify+0x27f/0x380 [ 77.851983][ T5834] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 77.858442][ T5834] __x64_sys_recvfrom+0xde/0x100 [ 77.863406][ T5834] do_syscall_64+0xf3/0x230 [ 77.868016][ T5834] ? clear_bhb_loop+0x35/0x90 [ 77.872752][ T5834] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.878753][ T5834] RIP: 0033:0x7f382a3c83a9 [ 77.883206][ T5834] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 77.902978][ T5834] RSP: 002b:00007ffe3fe269d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 77.911490][ T5834] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f382a3c83a9 [ 77.919572][ T5834] RDX: 0000000000001ff4 RSI: 0000400000000100 RDI: 0000000000000003 [ 77.927636][ T5834] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 77.935640][ T5834] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000000 [ 77.943716][ T5834] R13: 00007ffe3fe26c58 R14: 0000000000000001 R15: 0000000000000001 [ 77.951791][ T5834] [ 77.954844][ T5834] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 77.962141][ T5834] CPU: 0 UID: 0 PID: 5834 Comm: syz-executor412 Not tainted 6.14.0-rc4-syzkaller-00210-gccc2f5a436fb #0 [ 77.973246][ T5834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 77.983322][ T5834] Call Trace: [ 77.986624][ T5834] [ 77.989557][ T5834] dump_stack_lvl+0x241/0x360 [ 77.994242][ T5834] ? __pfx_dump_stack_lvl+0x10/0x10 [ 77.999443][ T5834] ? __pfx__printk+0x10/0x10 [ 78.004055][ T5834] ? _printk+0xd5/0x120 [ 78.008215][ T5834] ? __init_begin+0x41000/0x41000 [ 78.013248][ T5834] ? vscnprintf+0x5d/0x90 [ 78.017692][ T5834] panic+0x349/0x880 [ 78.021604][ T5834] ? __warn+0x174/0x4d0 [ 78.025767][ T5834] ? __pfx_panic+0x10/0x10 [ 78.030207][ T5834] __warn+0x344/0x4d0 [ 78.034195][ T5834] ? tls_strp_msg_load+0x72e/0xa80 [ 78.039309][ T5834] report_bug+0x2b3/0x500 [ 78.043641][ T5834] ? tls_strp_msg_load+0x72e/0xa80 [ 78.048751][ T5834] handle_bug+0x60/0x90 [ 78.052912][ T5834] exc_invalid_op+0x1a/0x50 [ 78.057421][ T5834] asm_exc_invalid_op+0x1a/0x20 [ 78.062278][ T5834] RIP: 0010:tls_strp_msg_load+0x72e/0xa80 [ 78.068027][ T5834] Code: 5c 24 18 e9 72 fc ff ff e8 cf b8 31 f7 90 0f 0b 90 e9 91 f9 ff ff e8 c1 b8 31 f7 90 0f 0b 90 e9 be f9 ff ff e8 b3 b8 31 f7 90 <0f> 0b 90 eb 84 e8 a8 b8 31 f7 90 0f 0b 90 e9 8c fe ff ff 89 d9 80 [ 78.087651][ T5834] RSP: 0018:ffffc90003e7f700 EFLAGS: 00010293 [ 78.093717][ T5834] RAX: ffffffff8a90068d RBX: ffff88802a9f24dc RCX: ffff888034e0bc00 [ 78.101689][ T5834] RDX: 0000000000000000 RSI: 000000000000001f RDI: 0000000000000000 [ 78.109656][ T5834] RBP: ffffc90003e7f7f0 R08: ffffffff8a9002fe R09: 1ffff110062bf36c [ 78.117627][ T5834] R10: dffffc0000000000 R11: ffffed10062bf36d R12: ffff88802a9f24d0 [ 78.125595][ T5834] R13: dffffc0000000000 R14: 0000000000000000 R15: 000000000000001f [ 78.133570][ T5834] ? tls_strp_msg_load+0x39e/0xa80 [ 78.138682][ T5834] ? tls_strp_msg_load+0x72d/0xa80 [ 78.143801][ T5834] ? __pfx_tls_strp_msg_load+0x10/0x10 [ 78.149260][ T5834] ? __pfx_lock_acquire+0x10/0x10 [ 78.154292][ T5834] tls_rx_rec_wait+0x280/0xa60 [ 78.159089][ T5834] ? __pfx_tls_rx_rec_wait+0x10/0x10 [ 78.164373][ T5834] ? sk_psock_get+0x408/0x520 [ 78.169048][ T5834] ? __pfx_woken_wake_function+0x10/0x10 [ 78.174686][ T5834] ? __pfx_sk_psock_get+0x10/0x10 [ 78.179715][ T5834] tls_sw_recvmsg+0x85c/0x1c30 [ 78.184499][ T5834] ? __pfx_tls_sw_recvmsg+0x10/0x10 [ 78.189704][ T5834] ? aa_sk_perm+0x96d/0xab0 [ 78.194211][ T5834] ? __pfx_tls_sw_recvmsg+0x10/0x10 [ 78.199414][ T5834] inet6_recvmsg+0x2c9/0x730 [ 78.204186][ T5834] ? do_raw_spin_lock+0x14f/0x370 [ 78.209218][ T5834] ? __pfx_inet6_recvmsg+0x10/0x10 [ 78.214335][ T5834] ? aa_sock_msg_perm+0x91/0x160 [ 78.219281][ T5834] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 78.224575][ T5834] sock_recvmsg+0x109/0x280 [ 78.229096][ T5834] __sys_recvfrom+0x202/0x380 [ 78.233811][ T5834] ? __pfx___sys_recvfrom+0x10/0x10 [ 78.239028][ T5834] ? _raw_spin_unlock_irq+0x2e/0x50 [ 78.244229][ T5834] ? ptrace_notify+0x27f/0x380 [ 78.249010][ T5834] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 78.255348][ T5834] __x64_sys_recvfrom+0xde/0x100 [ 78.260312][ T5834] do_syscall_64+0xf3/0x230 [ 78.264820][ T5834] ? clear_bhb_loop+0x35/0x90 [ 78.269516][ T5834] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.275416][ T5834] RIP: 0033:0x7f382a3c83a9 [ 78.279856][ T5834] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 78.299463][ T5834] RSP: 002b:00007ffe3fe269d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 78.307878][ T5834] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f382a3c83a9 [ 78.315868][ T5834] RDX: 0000000000001ff4 RSI: 0000400000000100 RDI: 0000000000000003 [ 78.323840][ T5834] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 78.331811][ T5834] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000000 [ 78.339783][ T5834] R13: 00007ffe3fe26c58 R14: 0000000000000001 R15: 0000000000000001 [ 78.347765][ T5834] [ 78.351142][ T5834] Kernel Offset: disabled [ 78.355514][ T5834] Rebooting in 86400 seconds..