------------[ cut here ]------------ WARNING: kernel/bpf/verifier.c:2742 at reg_bounds_sanity_check+0x394/0x460 kernel/bpf/verifier.c:2742, CPU#0: syz.8.1531/11428 verifier bug: REG INVARIANTS VIOLATION (false_reg1): range bounds violation u64=[0xfffffffefffff630, 0xffffffff00000000] s64=[0xfffffffefffff630, 0xffffffff00000000] u32=[0x30, 0x8000050] s32=[0x30, 0x0] var_off=(0xfffffffe00000030, 0x10fffffc0) Modules linked in: Kernel panic - not syncing: kernel: panic_on_warn set ... CPU: 0 UID: 0 PID: 11428 Comm: syz.8.1531 Tainted: G L syzkaller #0 PREEMPT Tainted: [L]=SOFTLOCKUP Hardware name: ARM-Versatile Express Call trace: [<80201a74>] (dump_backtrace) from [<80201b70>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:257) r7:82283bb8 r6:84f6bc00 r5:00000000 r4:8229596c [<80201b58>] (show_stack) from [<8021ee18>] (__dump_stack lib/dump_stack.c:94 [inline]) [<80201b58>] (show_stack) from [<8021ee18>] (dump_stack_lvl+0x54/0x7c lib/dump_stack.c:120) [<8021edc4>] (dump_stack_lvl) from [<8021ee58>] (dump_stack+0x18/0x1c lib/dump_stack.c:129) r5:00000000 r4:82a7bd14 [<8021ee40>] (dump_stack) from [<80202648>] (vpanic+0xe0/0x2e8 kernel/panic.c:489) [<80202568>] (vpanic) from [<80202884>] (trace_suspend_resume+0x0/0xd8 kernel/panic.c:626) r7:803dd5b0 [<80202850>] (panic) from [<802520b0>] (check_panic_on_warn kernel/panic.c:376 [inline]) [<80202850>] (panic) from [<802520b0>] (get_taint+0x0/0x1c kernel/panic.c:371) r3:8280c704 r2:00000001 r1:8227c120 r0:82283bb8 [<80252038>] (check_panic_on_warn) from [<80252228>] (__warn+0x94/0x1a4 kernel/panic.c:901) [<80252194>] (__warn) from [<80252520>] (warn_slowpath_fmt+0x1e8/0x1f4 kernel/panic.c:936) r8:00000009 r7:8229c2d8 r6:dfb8d8ec r5:84f6bc00 r4:00000000 [<8025233c>] (warn_slowpath_fmt) from [<803dd5b0>] (reg_bounds_sanity_check+0x394/0x460 kernel/bpf/verifier.c:2742) r10:86ab0000 r9:fffff630 r8:fffffffe r7:00000030 r6:00000000 r5:8229cafc r4:86b27950 [<803dd21c>] (reg_bounds_sanity_check) from [<803e9e54>] (reg_set_min_max kernel/bpf/verifier.c:16572 [inline]) [<803dd21c>] (reg_bounds_sanity_check) from [<803e9e54>] (reg_set_min_max+0x1fc/0x280 kernel/bpf/verifier.c:16537) r10:00000001 r9:00000020 r8:86ab0000 r7:86b27800 r6:8707e800 r5:8707e950 r4:86b27950 [<803e9c58>] (reg_set_min_max) from [<803fa4e8>] (check_cond_jmp_op+0x9b0/0x1940 kernel/bpf/verifier.c:17005) r10:86b27800 r9:8707e800 r8:08000050 r7:86167980 r6:84e1d9c0 r5:86ab0000 r4:dfb43078 r3:86b27950 [<803f9b38>] (check_cond_jmp_op) from [<80401a8c>] (do_check_insn kernel/bpf/verifier.c:20441 [inline]) [<803f9b38>] (check_cond_jmp_op) from [<80401a8c>] (do_check kernel/bpf/verifier.c:20581 [inline]) [<803f9b38>] (check_cond_jmp_op) from [<80401a8c>] (do_check_common+0x2208/0x317c kernel/bpf/verifier.c:23865) r10:0000000f r9:dfb43000 r8:86ab6000 r7:dfb43078 r6:86ab0000 r5:dfb43030 r4:86167e58 [<803ff884>] (do_check_common) from [<804060e8>] (do_check_main kernel/bpf/verifier.c:23948 [inline]) [<803ff884>] (do_check_common) from [<804060e8>] (bpf_check+0x2998/0x2ebc kernel/bpf/verifier.c:25255) r10:fffffff0 r9:86ab6000 r8:86ab0000 r7:00000a7b r6:86ab08bc r5:00000001 r4:0000000e [<80403750>] (bpf_check) from [<803d684c>] (bpf_prog_load+0x654/0xdf4 kernel/bpf/syscall.c:3088) r10:dfb8dd90 r9:84f6bc00 r8:00000000 r7:dfb8dd50 r6:00000000 r5:00000000 r4:dfb8deb0 [<803d61f8>] (bpf_prog_load) from [<803d8614>] (__sys_bpf+0x9ac/0x2228 kernel/bpf/syscall.c:6164) r10:84f6bc00 r9:dfb8dea8 r8:00000000 r7:00000005 r6:dfb8de88 r5:00000048 r4:00000000 [<803d7c68>] (__sys_bpf) from [<803da440>] (__do_sys_bpf kernel/bpf/syscall.c:6274 [inline]) [<803d7c68>] (__sys_bpf) from [<803da440>] (sys_bpf+0x2c/0x48 kernel/bpf/syscall.c:6272) r10:00000182 r9:84f6bc00 r8:8020029c r7:00000182 r6:00316310 r5:00000000 r4:00000000 [<803da414>] (sys_bpf) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:67) Exception stack(0xdfb8dfa8 to 0xdfb8dff0) dfa0: 00000000 00000000 00000005 200017c0 00000048 00000000 dfc0: 00000000 00000000 00316310 00000182 00300000 00000000 00006364 76fed0bc dfe0: 76fecec0 76feceb0 0001929c 00132320 Rebooting in 86400 seconds..