./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2455172545
<...>
Warning: Permanently added '10.128.0.179' (ED25519) to the list of known hosts.
execve("./syz-executor2455172545", ["./syz-executor2455172545"], 0x7fff5658ff40 /* 10 vars */) = 0
brk(NULL) = 0x555556ba0000
brk(0x555556ba0d00) = 0x555556ba0d00
arch_prctl(ARCH_SET_FS, 0x555556ba0380) = 0
set_tid_address(0x555556ba0650) = 5065
set_robust_list(0x555556ba0660, 24) = 0
rseq(0x555556ba0ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2455172545", 4096) = 28
getrandom("\x17\x8b\x36\x08\x61\xde\x13\x82", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x555556ba0d00
brk(0x555556bc1d00) = 0x555556bc1d00
brk(0x555556bc2000) = 0x555556bc2000
mprotect(0x7f3f5a0bd000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5066 attached
, child_tidptr=0x555556ba0650) = 5066
[pid 5066] set_robust_list(0x555556ba0660, 24) = 0
[pid 5066] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5066] setpgid(0, 0) = 0
[pid 5066] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5066] write(3, "1000", 4) = 4
[pid 5066] close(3) = 0
[ 79.315766][ T5066] ------------[ cut here ]------------
[ 79.321377][ T5066] verifier backtracking bug (stack slot out of bounds)
[ 79.321450][ T5066] WARNING: CPU: 0 PID: 5066 at kernel/bpf/verifier.c:4266 __mark_chain_precision+0x2a84/0x4d60
[ 79.338713][ T5066] Modules linked in:
[ 79.342604][ T5066] CPU: 0 PID: 5066 Comm: syz-executor245 Not tainted 6.7.0-rc4-next-20231206-syzkaller #0
[ 79.352610][ T5066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[ 79.362714][ T5066] RIP: 0010:__mark_chain_precision+0x2a84/0x4d60
[ 79.369438][ T5066] Code: ff 89 de e8 8e e5 ec ff 84 db 0f 85 2c e1 ff ff e8 51 ea ec ff c6 05 60 54 88 0d 01 90 48 c7 c7 a0 4b d4 8a e8 2d d9 b2 ff 90 <0f> 0b 90 90 e9 09 e1 ff ff e8 2e ea ec ff 48 8d 7b 04 48 b8 00 00
[ 79.389191][ T5066] RSP: 0018:ffffc90003abf2e8 EFLAGS: 00010282
[ 79.395275][ T5066] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff814e05d9
[ 79.403304][ T5066] RDX: ffff888024c3bb80 RSI: ffffffff814e05e6 RDI: 0000000000000001
[ 79.411300][ T5066] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[ 79.419318][ T5066] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88801b2e0000
[ 79.427323][ T5066] R13: 0000000000000000 R14: 0000000000000001 R15: dffffc0000000000
[ 79.435292][ T5066] FS: 0000555556ba0380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[ 79.444366][ T5066] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 79.451012][ T5066] CR2: 00007f6c37df1b10 CR3: 0000000074a2e000 CR4: 00000000003506f0
[ 79.459263][ T5066] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 79.467291][ T5066] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 79.475258][ T5066] Call Trace:
[ 79.478578][ T5066]
[ 79.481515][ T5066] ? show_regs+0x8e/0xa0
[ 79.485757][ T5066] ? __warn+0xe5/0x390
[ 79.489883][ T5066] ? __mark_chain_precision+0x2a84/0x4d60
[ 79.495631][ T5066] ? report_bug+0x3bc/0x580
[ 79.500220][ T5066] ? handle_bug+0x3d/0x70
[ 79.504574][ T5066] ? exc_invalid_op+0x17/0x40
[ 79.509299][ T5066] ? asm_exc_invalid_op+0x1a/0x20
[ 79.514369][ T5066] ? __warn_printk+0x199/0x350
[ 79.519198][ T5066] ? __warn_printk+0x1a6/0x350
[ 79.523981][ T5066] ? __mark_chain_precision+0x2a84/0x4d60
[ 79.529776][ T5066] ? __mark_chain_precision+0x2a83/0x4d60
[ 79.535532][ T5066] ? check_cfg+0x840/0x840
[ 79.539999][ T5066] ? find_good_pkt_pointers+0x690/0x690
[ 79.545567][ T5066] ? add_subprog_and_kfunc+0x1b10/0x1b10
[ 79.551248][ T5066] ? tnum_sbin+0x2e0/0x2e0
[ 79.555688][ T5066] ? __check_reg_arg+0x323/0x410
[ 79.560681][ T5066] check_cond_jmp_op+0xea0/0x72b0
[ 79.565769][ T5066] ? jit_subprogs+0x2ff0/0x2ff0
[ 79.570692][ T5066] ? krealloc+0xbc/0x100
[ 79.574959][ T5066] ? push_jmp_history+0x163/0x4a0
[ 79.580039][ T5066] do_check_common+0x8cbc/0xe8e0
[ 79.585015][ T5066] ? check_helper_call.isra.0+0xab50/0xab50
[ 79.590959][ T5066] ? kvfree+0x47/0x50
[ 79.594959][ T5066] ? check_cfg+0x405/0x840
[ 79.599436][ T5066] bpf_check+0x5129/0xa420
[ 79.603887][ T5066] ? bpf_get_btf_vmlinux+0x20/0x20
[ 79.609047][ T5066] ? find_held_lock+0x2d/0x110
[ 79.613839][ T5066] ? bpf_prog_load+0x1472/0x2200
[ 79.619964][ T5066] ? reacquire_held_locks+0x4c0/0x4c0
[ 79.625360][ T5066] ? preempt_count_sub+0x160/0x160
[ 79.630515][ T5066] ? read_tsc+0x9/0x20
[ 79.634601][ T5066] ? ktime_get_with_offset+0x306/0x520
[ 79.640119][ T5066] ? bpf_obj_name_cpy+0x14a/0x1a0
[ 79.645178][ T5066] bpf_prog_load+0x1533/0x2200
[ 79.650013][ T5066] ? map_create+0x1b90/0x1b90
[ 79.654711][ T5066] ? find_held_lock+0x2d/0x110
[ 79.659526][ T5066] ? reacquire_held_locks+0x4c0/0x4c0
[ 79.665007][ T5066] ? bpf_lsm_bpf+0x9/0x10
[ 79.669385][ T5066] __sys_bpf+0xbf7/0x49d0
[ 79.673761][ T5066] ? bpf_perf_link_attach+0x540/0x540
[ 79.679171][ T5066] ? cgroup_update_frozen+0x144/0x6b0
[ 79.684573][ T5066] ? ptrace_stop.part.0+0x722/0x930
[ 79.689812][ T5066] ? find_held_lock+0x2d/0x110
[ 79.694609][ T5066] ? _raw_spin_unlock_irq+0x23/0x50
[ 79.699862][ T5066] ? lockdep_hardirqs_on+0x7c/0x110
[ 79.705082][ T5066] ? _raw_spin_unlock_irq+0x2e/0x50
[ 79.710333][ T5066] ? ptrace_notify+0xf1/0x130
[ 79.715117][ T5066] __x64_sys_bpf+0x78/0xc0
[ 79.719575][ T5066] ? syscall_enter_from_user_mode+0xf5/0x110
[ 79.725577][ T5066] do_syscall_64+0x40/0x110
[ 79.730142][ T5066] entry_SYSCALL_64_after_hwframe+0x62/0x6a
[ 79.736074][ T5066] RIP: 0033:0x7f3f5a049af9
[ 79.740550][ T5066] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 79.760224][ T5066] RSP: 002b:00007ffcd0ae5d58 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 79.768703][ T5066] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3f5a049af9
[ 79.776728][ T5066] RDX: 0000000000000048 RSI: 00000000200017c0 RDI: 0000000000000005
[ 79.784717][ T5066] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000006
[ 79.792728][ T5066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 79.800743][ T5066] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001
[ 79.808849][ T5066]
[ 79.811965][ T5066] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 79.819232][ T5066] CPU: 0 PID: 5066 Comm: syz-executor245 Not tainted 6.7.0-rc4-next-20231206-syzkaller #0
[ 79.829114][ T5066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[ 79.839162][ T5066] Call Trace:
[ 79.842433][ T5066]
[ 79.845363][ T5066] dump_stack_lvl+0xd9/0x1b0
[ 79.850147][ T5066] panic+0x6dc/0x790
[ 79.854057][ T5066] ? panic_smp_self_stop+0xa0/0xa0
[ 79.859167][ T5066] ? show_trace_log_lvl+0x363/0x4f0
[ 79.864369][ T5066] ? check_panic_on_warn+0x1f/0xb0
[ 79.869480][ T5066] ? __mark_chain_precision+0x2a84/0x4d60
[ 79.875201][ T5066] check_panic_on_warn+0xab/0xb0
[ 79.880137][ T5066] __warn+0xf1/0x390
[ 79.884028][ T5066] ? __mark_chain_precision+0x2a84/0x4d60
[ 79.889758][ T5066] report_bug+0x3bc/0x580
[ 79.894101][ T5066] handle_bug+0x3d/0x70
[ 79.898264][ T5066] exc_invalid_op+0x17/0x40
[ 79.902775][ T5066] asm_exc_invalid_op+0x1a/0x20
[ 79.907639][ T5066] RIP: 0010:__mark_chain_precision+0x2a84/0x4d60
[ 79.913985][ T5066] Code: ff 89 de e8 8e e5 ec ff 84 db 0f 85 2c e1 ff ff e8 51 ea ec ff c6 05 60 54 88 0d 01 90 48 c7 c7 a0 4b d4 8a e8 2d d9 b2 ff 90 <0f> 0b 90 90 e9 09 e1 ff ff e8 2e ea ec ff 48 8d 7b 04 48 b8 00 00
[ 79.933598][ T5066] RSP: 0018:ffffc90003abf2e8 EFLAGS: 00010282
[ 79.939682][ T5066] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff814e05d9
[ 79.947668][ T5066] RDX: ffff888024c3bb80 RSI: ffffffff814e05e6 RDI: 0000000000000001
[ 79.955656][ T5066] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[ 79.963637][ T5066] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88801b2e0000
[ 79.971612][ T5066] R13: 0000000000000000 R14: 0000000000000001 R15: dffffc0000000000
[ 79.979594][ T5066] ? __warn_printk+0x199/0x350
[ 79.984371][ T5066] ? __warn_printk+0x1a6/0x350
[ 79.989149][ T5066] ? __mark_chain_precision+0x2a83/0x4d60
[ 79.994897][ T5066] ? check_cfg+0x840/0x840
[ 79.999331][ T5066] ? find_good_pkt_pointers+0x690/0x690
[ 80.004886][ T5066] ? add_subprog_and_kfunc+0x1b10/0x1b10
[ 80.010531][ T5066] ? tnum_sbin+0x2e0/0x2e0
[ 80.015396][ T5066] ? __check_reg_arg+0x323/0x410
[ 80.020346][ T5066] check_cond_jmp_op+0xea0/0x72b0
[ 80.025405][ T5066] ? jit_subprogs+0x2ff0/0x2ff0
[ 80.030279][ T5066] ? krealloc+0xbc/0x100
[ 80.034535][ T5066] ? push_jmp_history+0x163/0x4a0
[ 80.039574][ T5066] do_check_common+0x8cbc/0xe8e0
[ 80.044558][ T5066] ? check_helper_call.isra.0+0xab50/0xab50
[ 80.050468][ T5066] ? kvfree+0x47/0x50
[ 80.054465][ T5066] ? check_cfg+0x405/0x840
[ 80.058902][ T5066] bpf_check+0x5129/0xa420
[ 80.063350][ T5066] ? bpf_get_btf_vmlinux+0x20/0x20
[ 80.068478][ T5066] ? find_held_lock+0x2d/0x110
[ 80.073260][ T5066] ? bpf_prog_load+0x1472/0x2200
[ 80.078211][ T5066] ? reacquire_held_locks+0x4c0/0x4c0
[ 80.083595][ T5066] ? preempt_count_sub+0x160/0x160
[ 80.088719][ T5066] ? read_tsc+0x9/0x20
[ 80.092795][ T5066] ? ktime_get_with_offset+0x306/0x520
[ 80.098351][ T5066] ? bpf_obj_name_cpy+0x14a/0x1a0
[ 80.103384][ T5066] bpf_prog_load+0x1533/0x2200
[ 80.108165][ T5066] ? map_create+0x1b90/0x1b90
[ 80.112844][ T5066] ? find_held_lock+0x2d/0x110
[ 80.117624][ T5066] ? reacquire_held_locks+0x4c0/0x4c0
[ 80.123039][ T5066] ? bpf_lsm_bpf+0x9/0x10
[ 80.127403][ T5066] __sys_bpf+0xbf7/0x49d0
[ 80.131775][ T5066] ? bpf_perf_link_attach+0x540/0x540
[ 80.137167][ T5066] ? cgroup_update_frozen+0x144/0x6b0
[ 80.142565][ T5066] ? ptrace_stop.part.0+0x722/0x930
[ 80.147773][ T5066] ? find_held_lock+0x2d/0x110
[ 80.152561][ T5066] ? _raw_spin_unlock_irq+0x23/0x50
[ 80.157781][ T5066] ? lockdep_hardirqs_on+0x7c/0x110
[ 80.162991][ T5066] ? _raw_spin_unlock_irq+0x2e/0x50
[ 80.168201][ T5066] ? ptrace_notify+0xf1/0x130
[ 80.172888][ T5066] __x64_sys_bpf+0x78/0xc0
[ 80.177313][ T5066] ? syscall_enter_from_user_mode+0xf5/0x110
[ 80.183304][ T5066] do_syscall_64+0x40/0x110
[ 80.187831][ T5066] entry_SYSCALL_64_after_hwframe+0x62/0x6a
[ 80.193738][ T5066] RIP: 0033:0x7f3f5a049af9
[ 80.198163][ T5066] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 80.217778][ T5066] RSP: 002b:00007ffcd0ae5d58 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 80.226203][ T5066] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3f5a049af9
[ 80.234181][ T5066] RDX: 0000000000000048 RSI: 00000000200017c0 RDI: 0000000000000005
[ 80.242157][ T5066] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000006
[ 80.250129][ T5066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 80.258115][ T5066] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001
[ 80.266121][ T5066]
[ 80.269330][ T5066] Kernel Offset: disabled
[ 80.273713][ T5066] Rebooting in 86400 seconds..