./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3462991397
<...>
Warning: Permanently added '10.128.0.194' (ED25519) to the list of known hosts.
execve("./syz-executor3462991397", ["./syz-executor3462991397"], 0x7ffd70cc3310 /* 10 vars */) = 0
brk(NULL) = 0x5555860e1000
brk(0x5555860e1d00) = 0x5555860e1d00
arch_prctl(ARCH_SET_FS, 0x5555860e1380) = 0
set_tid_address(0x5555860e1650) = 5833
set_robust_list(0x5555860e1660, 24) = 0
rseq(0x5555860e1ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3462991397", 4096) = 28
getrandom("\x2f\x30\x0b\x48\x57\x34\x78\x42", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x5555860e1d00
brk(0x555586102d00) = 0x555586102d00
brk(0x555586103000) = 0x555586103000
mprotect(0x7f37e0055000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
write(1, "executing program\n", 18executing program
) = 18
[ 84.342980][ T5833] ------------[ cut here ]------------
[ 84.348597][ T5833] verifier bug: REG INVARIANTS VIOLATION (false_reg1): range bounds violation u64=[0x0, 0x0] s64=[0x0, 0x0] u32=[0x1, 0x0] s32=[0x0, 0x0] var_off=(0x0, 0x0)(1)
[ 84.364947][ T5833] WARNING: CPU: 1 PID: 5833 at kernel/bpf/verifier.c:2688 reg_bounds_sanity_check+0x6e6/0xc20
[ 84.375281][ T5833] Modules linked in:
[ 84.379312][ T5833] CPU: 1 UID: 0 PID: 5833 Comm: syz-executor346 Not tainted 6.16.0-rc3-syzkaller-gcce3fee729ee #0 PREEMPT(full)
[ 84.391261][ T5833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 84.401397][ T5833] RIP: 0010:reg_bounds_sanity_check+0x6e6/0xc20
[ 84.407680][ T5833] Code: 24 20 4c 8b 44 24 60 4c 8b 4c 24 58 41 ff 75 00 53 41 57 55 ff 74 24 38 ff 74 24 70 ff 74 24 40 e8 8f 86 aa ff 48 83 c4 38 90 <0f> 0b 90 90 48 bb 00 00 00 00 00 fc ff df 4d 89 f7 4c 8b 74 24 08
[ 84.427791][ T5833] RSP: 0018:ffffc90003f6ec08 EFLAGS: 00010282
[ 84.433935][ T5833] RAX: 2c2acf8a45b1bf00 RBX: 0000000000000000 RCX: ffff888029235a00
[ 84.441992][ T5833] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[ 84.450026][ T5833] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000004
[ 84.458016][ T5833] R10: dffffc0000000000 R11: fffffbfff1bfaa04 R12: ffff888025056000
[ 84.466046][ T5833] R13: ffff888025056020 R14: ffff888025056038 R15: 0000000000000000
[ 84.474097][ T5833] FS: 00005555860e1380(0000) GS:ffff888125d4d000(0000) knlGS:0000000000000000
[ 84.483352][ T5833] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 84.490012][ T5833] CR2: 00002000002a1000 CR3: 00000000749a0000 CR4: 00000000003526f0
[ 84.498027][ T5833] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 84.506067][ T5833] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 84.514091][ T5833] Call Trace:
[ 84.517377][ T5833]
[ 84.520389][ T5833] reg_set_min_max+0x264/0x300
[ 84.525188][ T5833] check_cond_jmp_op+0x159b/0x2910
[ 84.530359][ T5833] ? lockdep_hardirqs_on+0x9c/0x150
[ 84.535603][ T5833] ? __pfx_check_cond_jmp_op+0x10/0x10
[ 84.541137][ T5833] ? push_jmp_history+0x1dd/0x6f0
[ 84.546221][ T5833] do_check+0x665b/0xe080
[ 84.550623][ T5833] ? lockdep_hardirqs_on+0x9c/0x150
[ 84.555856][ T5833] ? __pfx__raw_spin_lock_bh+0x10/0x10
[ 84.561430][ T5833] ? bpf_prog_load+0x1318/0x1930
[ 84.566417][ T5833] ? __x64_sys_bpf+0x7c/0x90
[ 84.571093][ T5833] ? do_syscall_64+0xfa/0x3b0
[ 84.575840][ T5833] ? __pfx_do_check+0x10/0x10
[ 84.580629][ T5833] ? __asan_memset+0x22/0x50
[ 84.585424][ T5833] ? init_func_state+0x1ddf/0x2d20
[ 84.590614][ T5833] do_check_common+0x188f/0x23f0
[ 84.595737][ T5833] bpf_check+0x10252/0x1a5d0
[ 84.600461][ T5833] ? __lock_acquire+0xab9/0xd20
[ 84.605404][ T5833] ? __lock_acquire+0xab9/0xd20
[ 84.610336][ T5833] ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 84.616295][ T5833] ? lockdep_hardirqs_on+0x9c/0x150
[ 84.621556][ T5833] ? __pfx_bpf_check+0x10/0x10
[ 84.626354][ T5833] ? __lock_acquire+0xab9/0xd20
[ 84.631280][ T5833] ? __pfx___mutex_trylock_common+0x10/0x10
[ 84.637208][ T5833] ? pcpu_block_update+0x1b5/0x8d0
[ 84.642426][ T5833] ? __lock_acquire+0xab9/0xd20
[ 84.647322][ T5833] ? ktime_get_with_offset+0x8c/0x2a0
[ 84.652768][ T5833] ? seqcount_lockdep_reader_access+0x123/0x1c0
[ 84.659088][ T5833] ? lockdep_hardirqs_on+0x9c/0x150
[ 84.664297][ T5833] ? ktime_get_with_offset+0x8c/0x2a0
[ 84.669715][ T5833] ? seqcount_lockdep_reader_access+0x175/0x1c0
[ 84.675983][ T5833] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[ 84.682659][ T5833] ? bpf_obj_name_cpy+0x194/0x1e0
[ 84.687723][ T5833] ? bpf_lsm_bpf_prog_load+0x9/0x20
[ 84.692982][ T5833] ? security_bpf_prog_load+0x7f/0x310
[ 84.698526][ T5833] bpf_prog_load+0x1318/0x1930
[ 84.703335][ T5833] ? __pfx_bpf_prog_load+0x10/0x10
[ 84.708528][ T5833] ? bpf_lsm_bpf+0x9/0x20
[ 84.712883][ T5833] ? security_bpf+0x7e/0x300
[ 84.717485][ T5833] __sys_bpf+0x5f1/0x860
[ 84.721818][ T5833] ? __pfx___sys_bpf+0x10/0x10
[ 84.726667][ T5833] __x64_sys_bpf+0x7c/0x90
[ 84.731158][ T5833] do_syscall_64+0xfa/0x3b0
[ 84.735696][ T5833] ? lockdep_hardirqs_on+0x9c/0x150
[ 84.741097][ T5833] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.747263][ T5833] ? clear_bhb_loop+0x60/0xb0
[ 84.752027][ T5833] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.757964][ T5833] RIP: 0033:0x7f37dffe23a9
[ 84.762478][ T5833] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 84.782321][ T5833] RSP: 002b:00007fff6bb80468 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 84.790788][ T5833] RAX: ffffffffffffffda RBX: 00007fff6bb80648 RCX: 00007f37dffe23a9
[ 84.798996][ T5833] RDX: 0000000000000045 RSI: 00002000002a0fb8 RDI: 0000000000000005
[ 84.806982][ T5833] RBP: 00007f37e0055610 R08: 0000000000000000 R09: 0000000000000000
[ 84.815039][ T5833] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 84.823118][ T5833] R13: 00007fff6bb80638 R14: 0000000000000001 R15: 0000000000000001
[ 84.831182][ T5833]
[ 84.834246][ T5833] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 84.841600][ T5833] CPU: 1 UID: 0 PID: 5833 Comm: syz-executor346 Not tainted 6.16.0-rc3-syzkaller-gcce3fee729ee #0 PREEMPT(full)
[ 84.853522][ T5833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 84.863601][ T5833] Call Trace:
[ 84.866903][ T5833]
[ 84.869854][ T5833] dump_stack_lvl+0x99/0x250
[ 84.874475][ T5833] ? __asan_memcpy+0x40/0x70
[ 84.879096][ T5833] ? __pfx_dump_stack_lvl+0x10/0x10
[ 84.884327][ T5833] ? __pfx__printk+0x10/0x10
[ 84.888958][ T5833] panic+0x2db/0x790
[ 84.892917][ T5833] ? __pfx_panic+0x10/0x10
[ 84.897367][ T5833] ? show_trace_log_lvl+0x4fb/0x550
[ 84.902619][ T5833] __warn+0x31b/0x4b0
[ 84.906638][ T5833] ? reg_bounds_sanity_check+0x6e6/0xc20
[ 84.912308][ T5833] ? reg_bounds_sanity_check+0x6e6/0xc20
[ 84.917972][ T5833] report_bug+0x2be/0x4f0
[ 84.922330][ T5833] ? reg_bounds_sanity_check+0x6e6/0xc20
[ 84.927990][ T5833] ? reg_bounds_sanity_check+0x6e6/0xc20
[ 84.933646][ T5833] ? reg_bounds_sanity_check+0x6e8/0xc20
[ 84.939301][ T5833] handle_bug+0x84/0x160
[ 84.943559][ T5833] exc_invalid_op+0x1a/0x50
[ 84.948089][ T5833] asm_exc_invalid_op+0x1a/0x20
[ 84.953046][ T5833] RIP: 0010:reg_bounds_sanity_check+0x6e6/0xc20
[ 84.959314][ T5833] Code: 24 20 4c 8b 44 24 60 4c 8b 4c 24 58 41 ff 75 00 53 41 57 55 ff 74 24 38 ff 74 24 70 ff 74 24 40 e8 8f 86 aa ff 48 83 c4 38 90 <0f> 0b 90 90 48 bb 00 00 00 00 00 fc ff df 4d 89 f7 4c 8b 74 24 08
[ 84.978935][ T5833] RSP: 0018:ffffc90003f6ec08 EFLAGS: 00010282
[ 84.985021][ T5833] RAX: 2c2acf8a45b1bf00 RBX: 0000000000000000 RCX: ffff888029235a00
[ 84.993006][ T5833] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[ 85.000990][ T5833] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000004
[ 85.008973][ T5833] R10: dffffc0000000000 R11: fffffbfff1bfaa04 R12: ffff888025056000
[ 85.016959][ T5833] R13: ffff888025056020 R14: ffff888025056038 R15: 0000000000000000
[ 85.024991][ T5833] reg_set_min_max+0x264/0x300
[ 85.029777][ T5833] check_cond_jmp_op+0x159b/0x2910
[ 85.034913][ T5833] ? lockdep_hardirqs_on+0x9c/0x150
[ 85.040140][ T5833] ? __pfx_check_cond_jmp_op+0x10/0x10
[ 85.045624][ T5833] ? push_jmp_history+0x1dd/0x6f0
[ 85.050674][ T5833] do_check+0x665b/0xe080
[ 85.055022][ T5833] ? lockdep_hardirqs_on+0x9c/0x150
[ 85.060234][ T5833] ? __pfx__raw_spin_lock_bh+0x10/0x10
[ 85.065739][ T5833] ? bpf_prog_load+0x1318/0x1930
[ 85.070696][ T5833] ? __x64_sys_bpf+0x7c/0x90
[ 85.075300][ T5833] ? do_syscall_64+0xfa/0x3b0
[ 85.080037][ T5833] ? __pfx_do_check+0x10/0x10
[ 85.084763][ T5833] ? __asan_memset+0x22/0x50
[ 85.089392][ T5833] ? init_func_state+0x1ddf/0x2d20
[ 85.094548][ T5833] do_check_common+0x188f/0x23f0
[ 85.099539][ T5833] bpf_check+0x10252/0x1a5d0
[ 85.104176][ T5833] ? __lock_acquire+0xab9/0xd20
[ 85.109076][ T5833] ? __lock_acquire+0xab9/0xd20
[ 85.113969][ T5833] ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 85.119891][ T5833] ? lockdep_hardirqs_on+0x9c/0x150
[ 85.125125][ T5833] ? __pfx_bpf_check+0x10/0x10
[ 85.129917][ T5833] ? __lock_acquire+0xab9/0xd20
[ 85.134800][ T5833] ? __pfx___mutex_trylock_common+0x10/0x10
[ 85.140718][ T5833] ? pcpu_block_update+0x1b5/0x8d0
[ 85.145857][ T5833] ? __lock_acquire+0xab9/0xd20
[ 85.150735][ T5833] ? ktime_get_with_offset+0x8c/0x2a0
[ 85.156133][ T5833] ? seqcount_lockdep_reader_access+0x123/0x1c0
[ 85.162388][ T5833] ? lockdep_hardirqs_on+0x9c/0x150
[ 85.167597][ T5833] ? ktime_get_with_offset+0x8c/0x2a0
[ 85.172985][ T5833] ? seqcount_lockdep_reader_access+0x175/0x1c0
[ 85.179254][ T5833] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[ 85.185887][ T5833] ? bpf_obj_name_cpy+0x194/0x1e0
[ 85.190927][ T5833] ? bpf_lsm_bpf_prog_load+0x9/0x20
[ 85.196147][ T5833] ? security_bpf_prog_load+0x7f/0x310
[ 85.201634][ T5833] bpf_prog_load+0x1318/0x1930
[ 85.206436][ T5833] ? __pfx_bpf_prog_load+0x10/0x10
[ 85.211588][ T5833] ? bpf_lsm_bpf+0x9/0x20
[ 85.215931][ T5833] ? security_bpf+0x7e/0x300
[ 85.220537][ T5833] __sys_bpf+0x5f1/0x860
[ 85.224801][ T5833] ? __pfx___sys_bpf+0x10/0x10
[ 85.229609][ T5833] __x64_sys_bpf+0x7c/0x90
[ 85.234053][ T5833] do_syscall_64+0xfa/0x3b0
[ 85.238577][ T5833] ? lockdep_hardirqs_on+0x9c/0x150
[ 85.243787][ T5833] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.249869][ T5833] ? clear_bhb_loop+0x60/0xb0
[ 85.254565][ T5833] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.260476][ T5833] RIP: 0033:0x7f37dffe23a9
[ 85.264900][ T5833] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 85.284519][ T5833] RSP: 002b:00007fff6bb80468 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 85.292946][ T5833] RAX: ffffffffffffffda RBX: 00007fff6bb80648 RCX: 00007f37dffe23a9
[ 85.300931][ T5833] RDX: 0000000000000045 RSI: 00002000002a0fb8 RDI: 0000000000000005
[ 85.308913][ T5833] RBP: 00007f37e0055610 R08: 0000000000000000 R09: 0000000000000000
[ 85.316893][ T5833] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 85.324872][ T5833] R13: 00007fff6bb80638 R14: 0000000000000001 R15: 0000000000000001
[ 85.332904][ T5833]
[ 85.336249][ T5833] Kernel Offset: disabled
[ 85.340605][ T5833] Rebooting in 86400 seconds..