./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor935552279
<...>
Warning: Permanently added '10.128.0.65' (ED25519) to the list of known hosts.
execve("./syz-executor935552279", ["./syz-executor935552279"], 0x7ffc096f9500 /* 10 vars */) = 0
brk(NULL) = 0x55558fea8000
brk(0x55558fea8d00) = 0x55558fea8d00
arch_prctl(ARCH_SET_FS, 0x55558fea8380) = 0
set_tid_address(0x55558fea8650) = 5833
set_robust_list(0x55558fea8660, 24) = 0
rseq(0x55558fea8ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor935552279", 4096) = 27
getrandom("\xa4\xd4\x6e\xe3\x5d\xe0\xe6\x92", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55558fea8d00
brk(0x55558fec9d00) = 0x55558fec9d00
brk(0x55558feca000) = 0x55558feca000
mprotect(0x7f0581db5000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558fea8650) = 5834
./strace-static-x86_64: Process 5834 attached
[pid 5834] set_robust_list(0x55558fea8660, 24) = 0
[pid 5834] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5834] setpgid(0, 0) = 0
[pid 5834] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5834] write(3, "1000", 4) = 4
[pid 5834] close(3) = 0
executing program
[pid 5834] write(1, "executing program\n", 18) = 18
[pid 5834] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
[pid 5834] socket(AF_INET6, SOCK_DGRAM, IPPROTO_IP) = 4
[pid 5834] ioctl(4, SIOCGIFINDEX, {ifr_name="lo", ifr_ifindex=1}) = 0
[pid 5834] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x74\x00\x00\x00\x24\x00\x41\x65\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00\x00\x00\x00\x0a\x00\x01\x00\x6e\x65\x74\x65\x6d\x00\x00\x00\x44\x00\x02\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfd\xff\xff\xff\x00\x00\x00\x00\x1c\x00\x05\x80\x18\x00\x01\x00\xff\xff\xff\x7f\x00\x00\x00\x00\xfd\xff\xff\xff\x00\x00\x00\x00"..., iov_len=116}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 116
[pid 5834] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 5
[pid 5834] bind(5, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("224.0.0.1")}, 16) = 0
[pid 5834] sendto(5, NULL, 0, MSG_DONTROUTE|MSG_EOR|MSG_SENDPAGE_NOTLAST|MSG_FASTOPEN, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
[pid 5834] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_SK_SKB, insn_cnt=4, insns=0x20000b80, license="GPL", log_level=4, log_size=64912, log_buf="", kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS}, 72) = 6
[pid 5834] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKMAP, key_size=4, value_size=4, max_entries=18, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 7
[pid 5834] bpf(BPF_PROG_ATTACH, {target_fd=7, attach_bpf_fd=6, attach_type=BPF_SK_SKB_STREAM_VERDICT, attach_flags=0}, 16) = 0
[pid 5834] bpf(BPF_MAP_UPDATE_ELEM, {map_fd=7, key=0x20000340, value=0x20000040, flags=BPF_ANY}, 32) = 0
[pid 5834] sendto(5, "\x2b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x07\x00\x00\x00\x00\x00\x00\x00\x40\x03\x00\x20\x00\x00\x00\x00\x40\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 18446744073709551456, MSG_OOB|MSG_DONTROUTE|MSG_SYN|MSG_RST|MSG_ERRQUEUE|MSG_NOSIGNAL|MSG_MORE, NULL, 3846) = 16775414
[ 76.056116][ T5834] ------------[ cut here ]------------
[ 76.062144][ T5834] TCP recvmsg seq # bug 2: copied 384E239C, seq 38242C4E, rcvnxt 383E4E7F, fl 40
[ 76.072286][ T5834] WARNING: CPU: 0 PID: 5834 at net/ipv4/tcp.c:2650 tcp_recvmsg_locked+0x872/0x3c80
[ 76.081903][ T5834] Modules linked in:
[ 76.085936][ T5834] CPU: 0 UID: 0 PID: 5834 Comm: syz-executor935 Not tainted 6.13.0-rc2-syzkaller-00485-gc1bad69f8baf #0
[ 76.097194][ T5834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 76.107567][ T5834] RIP: 0010:tcp_recvmsg_locked+0x872/0x3c80
[ 76.113626][ T5834] Code: 48 c1 e8 03 42 0f b6 04 28 84 c0 0f 85 37 01 00 00 8b 0a 48 c7 c7 60 83 15 8d 44 89 fe 89 da 44 8b 44 24 3c e8 af 6b 36 f7 90 <0f> 0b 90 90 4c 8b 7c 24 48 e9 3d ff ff ff 44 89 e1 80 e1 07 80 c1
[ 76.133339][ T5834] RSP: 0018:ffffc90003587060 EFLAGS: 00010246
[ 76.139459][ T5834] RAX: c52c8fd1d143b800 RBX: 0000000038242c4e RCX: ffff888034e93c00
[ 76.147527][ T5834] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 76.155633][ T5834] RBP: ffffc90003587470 R08: ffffffff81600a42 R09: fffffbfff1cfa210
[ 76.163686][ T5834] R10: dffffc0000000000 R11: fffffbfff1cfa210 R12: 1ffff11006a5f545
[ 76.171866][ T5834] R13: dffffc0000000000 R14: ffff8880352faa28 R15: 00000000384e239c
[ 76.179854][ T5834] FS: 000055558fea8380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[ 76.188893][ T5834] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 76.195641][ T5834] CR2: 0000000021000000 CR3: 0000000035582000 CR4: 00000000003526f0
[ 76.203714][ T5834] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 76.211801][ T5834] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 76.219799][ T5834] Call Trace:
[ 76.223178][ T5834]
[ 76.226190][ T5834] ? __warn+0x165/0x4d0
[ 76.230359][ T5834] ? tcp_recvmsg_locked+0x872/0x3c80
[ 76.235770][ T5834] ? report_bug+0x2b3/0x500
[ 76.240381][ T5834] ? tcp_recvmsg_locked+0x872/0x3c80
[ 76.245810][ T5834] ? handle_bug+0x60/0x90
[ 76.250183][ T5834] ? exc_invalid_op+0x1a/0x50
[ 76.254957][ T5834] ? asm_exc_invalid_op+0x1a/0x20
[ 76.260000][ T5834] ? __warn_printk+0x292/0x360
[ 76.264927][ T5834] ? tcp_recvmsg_locked+0x872/0x3c80
[ 76.270328][ T5834] ? netem_dequeue+0x157c/0x15e0
[ 76.275523][ T5834] ? validate_chain+0x11e/0x5920
[ 76.280524][ T5834] ? __pfx_tcp_recvmsg_locked+0x10/0x10
[ 76.286201][ T5834] ? validate_chain+0x11e/0x5920
[ 76.291199][ T5834] ? validate_chain+0x11e/0x5920
[ 76.296285][ T5834] ? validate_chain+0x11e/0x5920
[ 76.301422][ T5834] ? __pfx_validate_chain+0x10/0x10
[ 76.306652][ T5834] ? __pfx_validate_chain+0x10/0x10
[ 76.311956][ T5834] ? validate_chain+0x11e/0x5920
[ 76.316941][ T5834] ? __pfx_validate_chain+0x10/0x10
[ 76.322275][ T5834] ? __dev_queue_xmit+0x1775/0x3f50
[ 76.327538][ T5834] ? validate_chain+0x11e/0x5920
[ 76.332602][ T5834] ? import_ubuf+0x97/0x1d0
[ 76.337182][ T5834] tcp_zerocopy_receive+0x824/0x25c0
[ 76.342553][ T5834] ? mark_lock+0x9a/0x360
[ 76.346933][ T5834] ? __pfx_tcp_zerocopy_receive+0x10/0x10
[ 76.352771][ T5834] ? mark_lock+0x9a/0x360
[ 76.357166][ T5834] ? do_tcp_getsockopt+0x2483/0x3570
[ 76.362570][ T5834] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 76.368357][ T5834] do_tcp_getsockopt+0x2491/0x3570
[ 76.373777][ T5834] ? __pfx_do_tcp_getsockopt+0x10/0x10
[ 76.379400][ T5834] ? __pfx_lock_acquire+0x10/0x10
[ 76.384532][ T5834] ? aa_label_sk_perm+0x4f3/0x6c0
[ 76.389635][ T5834] ? mark_lock+0x9a/0x360
[ 76.394122][ T5834] ? __lock_acquire+0x1397/0x2100
[ 76.399273][ T5834] ? __pfx___might_resched+0x10/0x10
[ 76.404769][ T5834] ? __might_fault+0xaa/0x120
[ 76.409500][ T5834] tcp_getsockopt+0xfb/0x1c0
[ 76.414232][ T5834] ? __pfx_tcp_getsockopt+0x10/0x10
[ 76.419492][ T5834] ? __might_fault+0xc6/0x120
[ 76.424278][ T5834] ? sock_common_getsockopt+0x2e/0xb0
[ 76.429706][ T5834] ? __pfx_sock_common_getsockopt+0x10/0x10
[ 76.435833][ T5834] do_sock_getsockopt+0x3c4/0x7e0
[ 76.440927][ T5834] ? __pfx_do_sock_getsockopt+0x10/0x10
[ 76.446794][ T5834] ? _raw_spin_unlock_irq+0x23/0x50
[ 76.452120][ T5834] __x64_sys_getsockopt+0x2a1/0x370
[ 76.457351][ T5834] ? __pfx___x64_sys_getsockopt+0x10/0x10
[ 76.463159][ T5834] ? do_syscall_64+0x100/0x230
[ 76.467972][ T5834] do_syscall_64+0xf3/0x230
[ 76.472586][ T5834] ? clear_bhb_loop+0x35/0x90
[ 76.477480][ T5834] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 76.483528][ T5834] RIP: 0033:0x7f0581d420f9
[ 76.488009][ T5834] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 76.507869][ T5834] RSP: 002b:00007fff81ee32a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 76.516383][ T5834] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0581d420f9
[ 76.524467][ T5834] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000005
[ 76.532545][ T5834] RBP: 0000000000000000 R08: 0000000020000380 R09: 0000000000000f06
[ 76.541093][ T5834] R10: 0000000020000340 R11: 0000000000000246 R12: 0000000000000000
[ 76.549202][ T5834] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 76.557272][ T5834]
[ 76.560310][ T5834] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 76.567627][ T5834] CPU: 0 UID: 0 PID: 5834 Comm: syz-executor935 Not tainted 6.13.0-rc2-syzkaller-00485-gc1bad69f8baf #0
[ 76.578842][ T5834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 76.588913][ T5834] Call Trace:
[ 76.592203][ T5834]
[ 76.595140][ T5834] dump_stack_lvl+0x241/0x360
[ 76.599853][ T5834] ? __pfx_dump_stack_lvl+0x10/0x10
[ 76.605076][ T5834] ? __pfx__printk+0x10/0x10
[ 76.609770][ T5834] ? _printk+0xd5/0x120
[ 76.613941][ T5834] ? __init_begin+0x41000/0x41000
[ 76.618992][ T5834] ? vscnprintf+0x5d/0x90
[ 76.623335][ T5834] panic+0x349/0x880
[ 76.627262][ T5834] ? __warn+0x174/0x4d0
[ 76.631555][ T5834] ? __pfx_panic+0x10/0x10
[ 76.636022][ T5834] __warn+0x344/0x4d0
[ 76.640050][ T5834] ? tcp_recvmsg_locked+0x872/0x3c80
[ 76.645375][ T5834] report_bug+0x2b3/0x500
[ 76.649825][ T5834] ? tcp_recvmsg_locked+0x872/0x3c80
[ 76.655185][ T5834] handle_bug+0x60/0x90
[ 76.659463][ T5834] exc_invalid_op+0x1a/0x50
[ 76.663987][ T5834] asm_exc_invalid_op+0x1a/0x20
[ 76.668856][ T5834] RIP: 0010:tcp_recvmsg_locked+0x872/0x3c80
[ 76.674775][ T5834] Code: 48 c1 e8 03 42 0f b6 04 28 84 c0 0f 85 37 01 00 00 8b 0a 48 c7 c7 60 83 15 8d 44 89 fe 89 da 44 8b 44 24 3c e8 af 6b 36 f7 90 <0f> 0b 90 90 4c 8b 7c 24 48 e9 3d ff ff ff 44 89 e1 80 e1 07 80 c1
[ 76.694499][ T5834] RSP: 0018:ffffc90003587060 EFLAGS: 00010246
[ 76.700597][ T5834] RAX: c52c8fd1d143b800 RBX: 0000000038242c4e RCX: ffff888034e93c00
[ 76.708579][ T5834] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 76.716684][ T5834] RBP: ffffc90003587470 R08: ffffffff81600a42 R09: fffffbfff1cfa210
[ 76.724684][ T5834] R10: dffffc0000000000 R11: fffffbfff1cfa210 R12: 1ffff11006a5f545
[ 76.732770][ T5834] R13: dffffc0000000000 R14: ffff8880352faa28 R15: 00000000384e239c
[ 76.740952][ T5834] ? __warn_printk+0x292/0x360
[ 76.745765][ T5834] ? netem_dequeue+0x157c/0x15e0
[ 76.750730][ T5834] ? validate_chain+0x11e/0x5920
[ 76.755692][ T5834] ? __pfx_tcp_recvmsg_locked+0x10/0x10
[ 76.761255][ T5834] ? validate_chain+0x11e/0x5920
[ 76.766496][ T5834] ? validate_chain+0x11e/0x5920
[ 76.771470][ T5834] ? validate_chain+0x11e/0x5920
[ 76.776526][ T5834] ? __pfx_validate_chain+0x10/0x10
[ 76.781925][ T5834] ? __pfx_validate_chain+0x10/0x10
[ 76.787144][ T5834] ? validate_chain+0x11e/0x5920
[ 76.792101][ T5834] ? __pfx_validate_chain+0x10/0x10
[ 76.797331][ T5834] ? __dev_queue_xmit+0x1775/0x3f50
[ 76.802549][ T5834] ? validate_chain+0x11e/0x5920
[ 76.807514][ T5834] ? import_ubuf+0x97/0x1d0
[ 76.812175][ T5834] tcp_zerocopy_receive+0x824/0x25c0
[ 76.817590][ T5834] ? mark_lock+0x9a/0x360
[ 76.821946][ T5834] ? __pfx_tcp_zerocopy_receive+0x10/0x10
[ 76.827701][ T5834] ? mark_lock+0x9a/0x360
[ 76.832246][ T5834] ? do_tcp_getsockopt+0x2483/0x3570
[ 76.837658][ T5834] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 76.843409][ T5834] do_tcp_getsockopt+0x2491/0x3570
[ 76.848553][ T5834] ? __pfx_do_tcp_getsockopt+0x10/0x10
[ 76.854235][ T5834] ? __pfx_lock_acquire+0x10/0x10
[ 76.859276][ T5834] ? aa_label_sk_perm+0x4f3/0x6c0
[ 76.864348][ T5834] ? mark_lock+0x9a/0x360
[ 76.868698][ T5834] ? __lock_acquire+0x1397/0x2100
[ 76.873765][ T5834] ? __pfx___might_resched+0x10/0x10
[ 76.879090][ T5834] ? __might_fault+0xaa/0x120
[ 76.883801][ T5834] tcp_getsockopt+0xfb/0x1c0
[ 76.888415][ T5834] ? __pfx_tcp_getsockopt+0x10/0x10
[ 76.893660][ T5834] ? __might_fault+0xc6/0x120
[ 76.898358][ T5834] ? sock_common_getsockopt+0x2e/0xb0
[ 76.903850][ T5834] ? __pfx_sock_common_getsockopt+0x10/0x10
[ 76.909946][ T5834] do_sock_getsockopt+0x3c4/0x7e0
[ 76.915012][ T5834] ? __pfx_do_sock_getsockopt+0x10/0x10
[ 76.920598][ T5834] ? _raw_spin_unlock_irq+0x23/0x50
[ 76.925827][ T5834] __x64_sys_getsockopt+0x2a1/0x370
[ 76.931041][ T5834] ? __pfx___x64_sys_getsockopt+0x10/0x10
[ 76.936801][ T5834] ? do_syscall_64+0x100/0x230
[ 76.941600][ T5834] do_syscall_64+0xf3/0x230
[ 76.946137][ T5834] ? clear_bhb_loop+0x35/0x90
[ 76.950831][ T5834] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 76.956737][ T5834] RIP: 0033:0x7f0581d420f9
[ 76.961164][ T5834] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 76.980780][ T5834] RSP: 002b:00007fff81ee32a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 76.989209][ T5834] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0581d420f9
[ 76.997369][ T5834] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000005
[ 77.005353][ T5834] RBP: 0000000000000000 R08: 0000000020000380 R09: 0000000000000f06
[ 77.013444][ T5834] R10: 0000000020000340 R11: 0000000000000246 R12: 0000000000000000
[ 77.021514][ T5834] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 77.029508][ T5834]
[ 77.033495][ T5834] Kernel Offset: disabled
[ 77.037884][ T5834] Rebooting in 86400 seconds..