------------[ cut here ]------------ WARNING: kernel/bpf/verifier.c:2763 at reg_bounds_sanity_check+0x3c0/0x428 kernel/bpf/verifier.c:2763, CPU#0: syz.1.589/6142 verifier bug: REG INVARIANTS VIOLATION (true_reg1): range bounds violation u64=[0xffffdfcd, 0xffffffffffffdfcc] s64=[0x80000000ffffdfcd, 0x7fffffffffffdfcc] u32=[0xffffdfcd, 0xffffdfcc] s32=[0xffffdfcd, 0xffffdfcc] var_off=(0xffffdfcc, 0xffffffff00000000) Modules linked in: Kernel panic - not syncing: kernel: panic_on_warn set ... CPU: 0 UID: 0 PID: 6142 Comm: syz.1.589 Not tainted syzkaller #0 PREEMPT Hardware name: ARM-Versatile Express Call trace: [<802019e8>] (dump_backtrace) from [<80201adc>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:257) r7:8228d8f8 r6:00000000 r5:8229f228 r4:00000001 [<80201ac4>] (show_stack) from [<8021ee20>] (__dump_stack lib/dump_stack.c:94 [inline]) [<80201ac4>] (show_stack) from [<8021ee20>] (dump_stack_lvl+0x5c/0x70 lib/dump_stack.c:120) [<8021edc4>] (dump_stack_lvl) from [<8021ee4c>] (dump_stack+0x18/0x1c lib/dump_stack.c:129) r7:8228d8f8 r6:8393c800 r5:00000000 r4:82a7cd14 [<8021ee34>] (dump_stack) from [<8020256c>] (vpanic+0xe0/0x2e4 kernel/panic.c:490) [<8020248c>] (vpanic) from [<802027a4>] (trace_suspend_resume+0x0/0xd8 kernel/panic.c:627) r7:803db514 [<80202770>] (panic) from [<8025158c>] (check_panic_on_warn kernel/panic.c:377 [inline]) [<80202770>] (panic) from [<8025158c>] (get_taint+0x0/0x1c kernel/panic.c:372) r3:8280c544 r2:00000001 r1:82286078 r0:8228d8f8 [<80251514>] (check_panic_on_warn) from [<80251708>] (__warn+0x98/0x1a8 kernel/panic.c:902) [<80251670>] (__warn) from [<80251a00>] (warn_slowpath_fmt+0x1e8/0x1f4 kernel/panic.c:937) r8:00000009 r7:822a5ac4 r6:df9d98c4 r5:8393c800 r4:00000000 [<8025181c>] (warn_slowpath_fmt) from [<803db514>] (reg_bounds_sanity_check+0x3c0/0x428 kernel/bpf/verifier.c:2763) r10:85890000 r9:ffffdfcd r8:80000000 r7:ffffdfcd r6:ffffdfcc r5:822a6228 r4:85983230 [<803db154>] (reg_bounds_sanity_check) from [<803e8244>] (reg_set_min_max kernel/bpf/verifier.c:17104 [inline]) [<803db154>] (reg_bounds_sanity_check) from [<803e8244>] (reg_set_min_max+0x1c4/0x288 kernel/bpf/verifier.c:17071) r10:00000001 r9:00000010 r8:85890000 r7:8598c310 r6:85983310 r5:85983230 r4:8598c230 [<803e8080>] (reg_set_min_max) from [<803f8e88>] (check_cond_jmp_op+0xc7c/0x1980 kernel/bpf/verifier.c:17548) r10:85983000 r9:00000010 r8:866c4800 r7:ffffffff r6:80000000 r5:84c829c0 r4:dfa070c0 r3:8598c230 [<803f820c>] (check_cond_jmp_op) from [<803ff4f8>] (do_check_insn kernel/bpf/verifier.c:21103 [inline]) [<803f820c>] (check_cond_jmp_op) from [<803ff4f8>] (do_check kernel/bpf/verifier.c:21243 [inline]) [<803f820c>] (check_cond_jmp_op) from [<803ff4f8>] (do_check_common+0x259c/0x3228 kernel/bpf/verifier.c:24581) r10:85894000 r9:85890000 r8:dfa070c0 r7:85896000 r6:00000018 r5:dfa07078 r4:dfa07000 [<803fcf5c>] (do_check_common) from [<8040314c>] (do_check_main kernel/bpf/verifier.c:24664 [inline]) [<803fcf5c>] (do_check_common) from [<8040314c>] (bpf_check+0x22e4/0x2d30 kernel/bpf/verifier.c:25989) r10:85896000 r9:00000001 r8:85890000 r7:00000a7b r6:858908bc r5:00000000 r4:00000016 [<80400e68>] (bpf_check) from [<803d4864>] (bpf_prog_load+0x5b8/0xdec kernel/bpf/syscall.c:3088) r10:dfa07000 r9:8393c800 r8:8598bb30 r7:df9d9d18 r6:00000000 r5:00000000 r4:df9d9eb0 [<803d42ac>] (bpf_prog_load) from [<803d608c>] (__sys_bpf+0x2d8/0x2008 kernel/bpf/syscall.c:6228) r10:00000005 r9:00000000 r8:df9d9e50 r7:00000048 r6:8393c800 r5:200054c0 r4:00000000 [<803d5db4>] (__sys_bpf) from [<803d8354>] (__do_sys_bpf kernel/bpf/syscall.c:6341 [inline]) [<803d5db4>] (__sys_bpf) from [<803d8354>] (sys_bpf+0x2c/0x48 kernel/bpf/syscall.c:6339) r10:00000182 r9:8393c800 r8:8020029c r7:00000182 r6:003463b0 r5:00000000 r4:00000000 [<803d8328>] (sys_bpf) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:67) Exception stack(0xdf9d9fa8 to 0xdf9d9ff0) 9fa0: 00000000 00000000 00000005 200054c0 00000048 00000000 9fc0: 00000000 00000000 003463b0 00000182 00346378 00000000 00000001 76f7f0dc 9fe0: 76f7ee88 76f7ee78 00018734 0012fc20 Rebooting in 86400 seconds..