./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3066566042 <...> Warning: Permanently added '10.128.0.152' (ED25519) to the list of known hosts. execve("./syz-executor3066566042", ["./syz-executor3066566042"], 0x7ffdf369b490 /* 10 vars */) = 0 brk(NULL) = 0x55555632b000 brk(0x55555632bd00) = 0x55555632bd00 arch_prctl(ARCH_SET_FS, 0x55555632b380) = 0 set_tid_address(0x55555632b650) = 290 set_robust_list(0x55555632b660, 24) = 0 rseq(0x55555632bca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3066566042", 4096) = 28 getrandom("\xcf\x9f\xeb\x65\x59\xf6\x23\xb4", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555632bd00 brk(0x55555634cd00) = 0x55555634cd00 brk(0x55555634d000) = 0x55555634d000 mprotect(0x7f69f7980000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555632b650) = 291 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555632b650) = 292 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555632b650) = 293 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555632b650) = 294 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555632b650) = 295 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555632b650) = 296 ./strace-static-x86_64: Process 296 attached [pid 296] set_robust_list(0x55555632b660, 24) = 0 [pid 296] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555632b650) = 297 ./strace-static-x86_64: Process 291 attached [pid 291] set_robust_list(0x55555632b660, 24) = 0 [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 292 attached ./strace-static-x86_64: Process 293 attached , child_tidptr=0x55555632b650) = 298 ./strace-static-x86_64: Process 294 attached ./strace-static-x86_64: Process 298 attached ./strace-static-x86_64: Process 297 attached ./strace-static-x86_64: Process 295 attached [pid 294] set_robust_list(0x55555632b660, 24 [pid 293] set_robust_list(0x55555632b660, 24 [pid 292] set_robust_list(0x55555632b660, 24 [pid 295] set_robust_list(0x55555632b660, 24 [pid 294] <... set_robust_list resumed>) = 0 [pid 293] <... set_robust_list resumed>) = 0 [pid 292] <... set_robust_list resumed>) = 0 [pid 295] <... set_robust_list resumed>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 298] set_robust_list(0x55555632b660, 24) = 0 [pid 297] set_robust_list(0x55555632b660, 24./strace-static-x86_64: Process 299 attached [pid 298] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 297] <... set_robust_list resumed>) = 0 [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 301 attached ./strace-static-x86_64: Process 300 attached [pid 298] <... prctl resumed>) = 0 [pid 293] <... clone resumed>, child_tidptr=0x55555632b650) = 300 [pid 298] setpgid(0, 0) = 0 [pid 298] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 302 attached [pid 301] set_robust_list(0x55555632b660, 24 [pid 300] set_robust_list(0x55555632b660, 24 [pid 299] set_robust_list(0x55555632b660, 24 [pid 297] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 294] <... clone resumed>, child_tidptr=0x55555632b650) = 299 [pid 292] <... clone resumed>, child_tidptr=0x55555632b650) = 301 [pid 302] set_robust_list(0x55555632b660, 24 [pid 301] <... set_robust_list resumed>) = 0 [pid 300] <... set_robust_list resumed>) = 0 [pid 299] <... set_robust_list resumed>) = 0 [pid 298] <... openat resumed>) = 3 [pid 297] <... prctl resumed>) = 0 [pid 295] <... clone resumed>, child_tidptr=0x55555632b650) = 302 [pid 298] write(3, "1000", 4) = 4 [pid 298] close(3 [pid 297] setpgid(0, 0) = 0 [pid 298] <... close resumed>) = 0 [pid 297] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 298] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 297] <... openat resumed>) = 3 [pid 297] write(3, "1000", 4) = 4 [pid 297] close(3) = 0 [pid 297] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 300] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 301] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 300] <... prctl resumed>) = 0 [pid 300] setpgid(0, 0 [pid 301] setpgid(0, 0 [pid 300] <... setpgid resumed>) = 0 [pid 301] <... setpgid resumed>) = 0 [pid 301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 301] <... openat resumed>) = 3 [pid 301] write(3, "1000", 4) = 4 [pid 301] close(3 [pid 300] write(3, "1000", 4 [pid 301] <... close resumed>) = 0 [pid 300] <... write resumed>) = 4 [pid 300] close(3 [pid 301] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 300] <... close resumed>) = 0 [pid 300] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 302] <... set_robust_list resumed>) = 0 [pid 299] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 302] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 302] setpgid(0, 0 [pid 299] <... prctl resumed>) = 0 [pid 299] setpgid(0, 0 [pid 302] <... setpgid resumed>) = 0 [pid 299] <... setpgid resumed>) = 0 [pid 302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 299] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 302] <... openat resumed>) = 3 [pid 299] <... openat resumed>) = 3 [pid 299] write(3, "1000", 4) = 4 [pid 302] write(3, "1000", 4 [pid 299] close(3 [pid 302] <... write resumed>) = 4 [pid 299] <... close resumed>) = 0 [pid 302] close(3) = 0 [pid 299] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [ 20.286213][ T30] audit: type=1400 audit(1703934134.066:66): avc: denied { execmem } for pid=290 comm="syz-executor306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 20.298905][ T30] audit: type=1400 audit(1703934134.076:67): avc: denied { prog_load } for pid=298 comm="syz-executor306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 20.302352][ T30] audit: type=1400 audit(1703934134.076:68): avc: denied { bpf } for pid=298 comm="syz-executor306" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 20.305816][ T30] audit: type=1400 audit(1703934134.076:69): avc: denied { perfmon } for pid=297 comm="syz-executor306" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [pid 302] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 301] <... bpf resumed>) = 3 [pid 297] <... bpf resumed>) = 3 [pid 300] <... bpf resumed>) = 3 [pid 297] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 302] <... bpf resumed>) = 3 [pid 301] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 300] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 299] <... bpf resumed>) = 3 [pid 297] <... bpf resumed>) = 4 [pid 301] <... bpf resumed>) = 4 [pid 300] <... bpf resumed>) = 4 [pid 299] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 298] <... bpf resumed>) = 3 [pid 301] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 300] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 299] <... bpf resumed>) = 4 [pid 302] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 301] <... bpf resumed>) = 5 [pid 300] <... bpf resumed>) = 5 [pid 298] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 297] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 302] <... bpf resumed>) = 4 [pid 298] <... bpf resumed>) = 4 [pid 297] <... bpf resumed>) = 5 [pid 302] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 298] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 297] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 302] <... bpf resumed>) = 5 [pid 298] <... bpf resumed>) = 5 [pid 297] <... bpf resumed>) = 0 [pid 302] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 298] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 297] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 302] <... bpf resumed>) = 0 [pid 299] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 298] <... bpf resumed>) = 0 [pid 297] <... bpf resumed>) = 6 [ 20.455229][ T30] audit: type=1400 audit(1703934134.236:70): avc: denied { prog_run } for pid=301 comm="syz-executor306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 20.477876][ T30] audit: type=1400 audit(1703934134.256:71): avc: denied { map_create } for pid=301 comm="syz-executor306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [pid 302] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 301] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 300] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 298] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 302] <... bpf resumed>) = 6 [pid 301] <... bpf resumed>) = 0 [pid 300] <... bpf resumed>) = 0 [pid 299] <... bpf resumed>) = 5 [ 20.497945][ T30] audit: type=1400 audit(1703934134.256:72): avc: denied { map_read map_write } for pid=301 comm="syz-executor306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 20.520554][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000102, exited with 00000101? [ 20.531980][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 20.539351][ T287] Modules linked in: [ 20.543023][ T287] Preemption disabled at: [ 20.543033][ T287] [] remove_wait_queue+0x26/0x140 [ 20.553701][ T287] CPU: 0 PID: 287 Comm: strace-static-x Not tainted 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 20.563682][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 20.573569][ T287] Call Trace: [ 20.576695][ T287] [ 20.579483][ T287] dump_stack_lvl+0x151/0x1b7 [ 20.583983][ T287] ? remove_wait_queue+0x26/0x140 [ 20.588843][ T287] ? remove_wait_queue+0x26/0x140 [ 20.593729][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 20.599211][ T287] ? remove_wait_queue+0x26/0x140 [ 20.604042][ T287] dump_stack+0x15/0x17 [ 20.608030][ T287] __schedule_bug+0x195/0x260 [ 20.612541][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 20.617744][ T287] ? kernel_waitid+0x520/0x520 [ 20.622348][ T287] __schedule+0xd0b/0x1580 [ 20.626600][ T287] ? __x64_sys_wait4+0x181/0x1e0 [ 20.631460][ T287] ? bpf_trace_run2+0xf1/0x210 [ 20.635985][ T287] ? __sched_text_start+0x8/0x8 [ 20.640663][ T287] schedule+0x11f/0x1e0 [ 20.644652][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 20.649695][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 20.654995][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 20.660370][ T287] do_syscall_64+0x49/0xb0 [ 20.664612][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 20.670347][ T287] RIP: 0033:0x4d49a6 [ 20.674080][ T287] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24 [ 20.693524][ T287] RSP: 002b:00007ffdf369b1a8 EFLAGS: 00000246 ORIG_RAX: 000000000000003d [pid 297] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 302] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 301] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 300] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 299] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 298] <... bpf resumed>) = 6 [pid 297] <... bpf resumed>) = 7 [pid 301] <... bpf resumed>) = 6 [pid 300] <... bpf resumed>) = 6 [pid 299] <... bpf resumed>) = 0 [pid 298] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 297] exit_group(0 [pid 301] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 300] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 299] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 297] <... exit_group resumed>) = ? [pid 302] <... bpf resumed>) = 7 [pid 301] <... bpf resumed>) = 7 [pid 300] <... bpf resumed>) = 7 [pid 299] <... bpf resumed>) = 6 [pid 298] <... bpf resumed>) = 7 [pid 302] exit_group(0 [ 20.701765][ T287] RAX: 0000000000000123 RBX: 000000000000000b RCX: 00000000004d49a6 [ 20.709841][ T287] RDX: 0000000040000001 RSI: 00007ffdf369b1cc RDI: 00000000ffffffff [ 20.717655][ T287] RBP: 0000000000a90e40 R08: 0000000000000000 R09: 0000000000000000 [ 20.725467][ T287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a95850 [ 20.733277][ T287] R13: 0000000000000124 R14: 00007ffdf369b1cc R15: 0000000000617180 [ 20.741088][ T287] [ 20.751137][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 20.762583][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 20.770211][ T287] Modules linked in: [ 20.773920][ T287] Preemption disabled at: [ 20.773930][ T287] [] pipe_write+0x1429/0x1930 [ 20.784234][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 20.795755][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 20.805742][ T287] Call Trace: [ 20.809002][ T287] [ 20.811787][ T287] dump_stack_lvl+0x151/0x1b7 [ 20.816290][ T287] ? pipe_write+0x1429/0x1930 [ 20.820901][ T287] ? pipe_write+0x1429/0x1930 [ 20.825408][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 20.830873][ T287] ? pipe_write+0x1429/0x1930 [ 20.835447][ T287] dump_stack+0x15/0x17 [ 20.839390][ T287] __schedule_bug+0x195/0x260 [ 20.843889][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 20.849013][ T287] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 20.854651][ T287] ? bpf_bprintf_cleanup+0x3f/0x60 [ 20.859598][ T287] ? wait_task_inactive+0x2cd/0x4f0 [ 20.864634][ T287] __schedule+0xd0b/0x1580 [ 20.868892][ T287] ? __kasan_check_read+0x11/0x20 [ 20.873745][ T287] ? __fdget_pos+0x209/0x3a0 [ 20.878297][ T287] ? __sched_text_start+0x8/0x8 [ 20.882979][ T287] ? ksys_write+0x24f/0x2c0 [ 20.887304][ T287] schedule+0x11f/0x1e0 [ 20.891303][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 20.896343][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 20.901627][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 20.907006][ T287] do_syscall_64+0x49/0xb0 [ 20.911275][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 20.916995][ T287] RIP: 0033:0x4e5c73 [ 20.920734][ T287] Code: c7 c0 b8 ff ff ff 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18 [ 20.940357][ T287] RSP: 002b:00007ffdf369b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 20.948594][ T287] RAX: 0000000000000018 RBX: 0000000000000018 RCX: 00000000004e5c73 [pid 301] exit_group(0 [pid 300] exit_group(0 [pid 299] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 298] exit_group(0 [pid 297] +++ exited with 0 +++ [pid 302] <... exit_group resumed>) = ? [pid 301] <... exit_group resumed>) = ? [pid 300] <... exit_group resumed>) = ? [pid 299] <... bpf resumed>) = 7 [pid 298] <... exit_group resumed>) = ? [pid 302] +++ exited with 0 +++ [pid 299] exit_group(0) = ? [pid 301] +++ exited with 0 +++ [pid 299] +++ exited with 0 +++ [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=302, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [ 20.956409][ T287] RDX: 0000000000000018 RSI: 0000000000a92000 RDI: 0000000000000002 [ 20.964218][ T287] RBP: 0000000000a92000 R08: 0000000000000000 R09: 0000000000000001 [ 20.972200][ T287] R10: 00007ffdf369afb7 R11: 0000000000000246 R12: 0000000000000018 [ 20.980131][ T287] R13: 0000000000617480 R14: 0000000000000018 R15: 0000000000617180 [ 20.987939][ T287] [ 20.994745][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [pid 296] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=297, si_uid=0, si_status=0, si_utime=0, si_stime=18} --- [ 21.006312][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 21.013681][ T287] Modules linked in: [ 21.017426][ T287] Preemption disabled at: [ 21.017433][ T287] [] remove_wait_queue+0x26/0x140 [ 21.027948][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 21.039432][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 21.049432][ T287] Call Trace: [ 21.052546][ T287] [ 21.055316][ T287] dump_stack_lvl+0x151/0x1b7 [ 21.059834][ T287] ? remove_wait_queue+0x26/0x140 [ 21.064686][ T287] ? remove_wait_queue+0x26/0x140 [ 21.069547][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 21.075015][ T287] ? remove_wait_queue+0x26/0x140 [ 21.079876][ T287] dump_stack+0x15/0x17 [ 21.083867][ T287] __schedule_bug+0x195/0x260 [ 21.088382][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 21.093500][ T287] ? kernel_waitid+0x520/0x520 [ 21.098132][ T287] ? bpf_bprintf_cleanup+0x3f/0x60 [ 21.103052][ T287] ? wait_task_inactive+0x2cd/0x4f0 [ 21.108186][ T287] __schedule+0xd0b/0x1580 [ 21.112427][ T287] ? __kasan_check_read+0x11/0x20 [ 21.121904][ T287] ? __fdget_pos+0x209/0x3a0 [ 21.126324][ T287] ? __sched_text_start+0x8/0x8 [ 21.131168][ T287] ? ksys_write+0x24f/0x2c0 [ 21.135513][ T287] schedule+0x11f/0x1e0 [ 21.139505][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 21.144513][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 21.149812][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 21.155208][ T287] do_syscall_64+0x49/0xb0 [ 21.159456][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 21.165168][ T287] RIP: 0033:0x4e5c73 [ 21.168942][ T287] Code: c7 c0 b8 ff ff ff 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18 [ 21.188356][ T287] RSP: 002b:00007ffdf369b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 21.196708][ T287] RAX: 000000000000007f RBX: 000000000000007f RCX: 00000000004e5c73 [pid 296] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=299, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=301, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 294] restart_syscall(<... resuming interrupted clone ...> [pid 292] restart_syscall(<... resuming interrupted clone ...> [pid 296] <... clone resumed>, child_tidptr=0x55555632b650) = 304 [pid 294] <... restart_syscall resumed>) = 0 [pid 292] <... restart_syscall resumed>) = 0 [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 295] <... clone resumed>, child_tidptr=0x55555632b650) = 305 [pid 294] <... clone resumed>, child_tidptr=0x55555632b650) = 306 [pid 292] <... clone resumed>, child_tidptr=0x55555632b650) = 307 ./strace-static-x86_64: Process 307 attached [pid 307] set_robust_list(0x55555632b660, 24) = 0 [pid 307] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 307] setpgid(0, 0) = 0 [pid 307] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 ./strace-static-x86_64: Process 306 attached [ 21.204517][ T287] RDX: 000000000000007f RSI: 0000000000a92000 RDI: 0000000000000002 [ 21.212321][ T287] RBP: 0000000000a92000 R08: 0000000000000001 R09: 0000000000000002 [ 21.220131][ T287] R10: 00007ffdf369afc6 R11: 0000000000000246 R12: 000000000000007f [ 21.228079][ T287] R13: 0000000000617480 R14: 000000000000007f R15: 0000000000000001 [ 21.235888][ T287] [ 21.241716][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 21.249392][ C1] softirq: huh, entered softirq 6 TASKLET ffffffff8142f2c0 with preempt_count 00000103, exited with 00000102? [ 21.253174][ T81] BUG: scheduling while atomic: syslogd/81/0x00000002 [ 21.264648][ T285] BUG: scheduling while atomic: sshd/285/0x00000002 [ 21.264668][ T285] Modules linked in: [ 21.264677][ T285] Preemption disabled at: [ 21.264680][ T285] [] __set_current_blocked+0x11b/0x2f0 [ 21.264709][ T285] CPU: 1 PID: 285 Comm: sshd Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 21.264729][ T285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 21.264737][ T285] Call Trace: [ 21.264741][ T285] [ 21.264748][ T285] dump_stack_lvl+0x151/0x1b7 [ 21.264774][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 21.264790][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 21.264804][ T285] ? io_uring_drop_tctx_refs+0x190/0x190 [ 21.264822][ T285] ? trace_save_cmdline+0x339/0x510 [ 21.264840][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 21.264854][ T285] dump_stack+0x15/0x17 [ 21.264868][ T285] __schedule_bug+0x195/0x260 [ 21.264883][ T285] ? ttwu_queue_wakelist+0x510/0x510 [ 21.264899][ T285] __schedule+0xd0b/0x1580 [ 21.264919][ T285] ? __sched_text_start+0x8/0x8 [ 21.264937][ T285] schedule+0x11f/0x1e0 [ 21.264954][ T285] schedule_hrtimeout_range_clock+0x1ef/0x360 [ 21.264972][ T285] ? hrtimer_nanosleep_restart+0x170/0x170 [ 21.264989][ T285] ? add_wait_queue+0x189/0x1c0 [ 21.265006][ T285] ? __remove_hrtimer+0x4d0/0x4d0 [ 21.265022][ T285] ? __pollwait+0x2f5/0x3f0 [ 21.265042][ T285] ? poll_initwait+0x160/0x160 [ 21.265060][ T285] schedule_hrtimeout_range+0x2a/0x40 [ 21.265078][ T285] do_sys_poll+0xe20/0x12d0 [ 21.265097][ T285] ? poll_select_finish+0x7b0/0x7b0 [ 21.265110][ T285] ? __x64_compat_sys_ppoll_time64+0xd0/0xd0 [ 21.265125][ T285] ? __x64_compat_sys_ppoll_time64+0xd0/0xd0 [ 21.265139][ T285] ? __x64_compat_sys_ppoll_time64+0xd0/0xd0 [ 21.265153][ T285] ? __x64_compat_sys_ppoll_time64+0xd0/0xd0 [ 21.265173][ T285] ? _raw_spin_lock_irqsave+0x210/0x210 [ 21.265189][ T285] ? __kasan_check_write+0x14/0x20 [ 21.271897][ T81] Modules linked in: [ 21.278179][ T285] ? recalc_sigpending+0x1a5/0x230 [ 21.282033][ T81] [ 21.286067][ T285] ? _raw_spin_unlock_irq+0x4e/0x70 [ 21.292999][ T81] Preemption disabled at: [ 21.303428][ T285] ? sigprocmask+0x280/0x280 [ 21.303448][ T285] ? set_current_blocked+0x40/0x40 [ 21.313364][ T81] [] is_module_text_address+0x1a/0x140 [ 21.316500][ T285] __se_sys_ppoll+0x29c/0x330 [ 21.498165][ T285] ? __x64_sys_ppoll+0xd0/0xd0 [ 21.502770][ T285] ? __bpf_trace_sys_enter+0x62/0x70 [ 21.507869][ T285] __x64_sys_ppoll+0xbf/0xd0 [ 21.512353][ T285] do_syscall_64+0x3d/0xb0 [ 21.516730][ T285] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 21.522370][ T285] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 21.528108][ T285] RIP: 0033:0x7f87d1201ad5 [ 21.532354][ T285] Code: 85 d2 74 0d 0f 10 02 48 8d 54 24 20 0f 11 44 24 20 64 8b 04 25 18 00 00 00 85 c0 75 27 41 b8 08 00 00 00 b8 0f 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 75 48 8b 15 24 73 0d 00 f7 d8 64 89 02 48 83 [ 21.552312][ T285] RSP: 002b:00007ffdd8e89020 EFLAGS: 00000246 ORIG_RAX: 000000000000010f [ 21.560561][ T285] RAX: ffffffffffffffda RBX: 00000000000668a0 RCX: 00007f87d1201ad5 [ 21.568361][ T285] RDX: 00007ffdd8e89040 RSI: 0000000000000004 RDI: 00005576ccc6fb20 [ 21.576191][ T285] RBP: 00005576ccc6e5e0 R08: 0000000000000008 R09: 0000000000000000 [ 21.584078][ T285] R10: 00007ffdd8e89128 R11: 0000000000000246 R12: 00005576cb662aa4 [ 21.591905][ T285] R13: 0000000000000001 R14: 00005576cb6633e8 R15: 00007ffdd8e890a8 [ 21.599707][ T285] [ 21.602561][ T81] CPU: 0 PID: 81 Comm: syslogd Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 21.613240][ T81] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 21.623134][ T81] Call Trace: [ 21.626263][ T81] [ 21.629032][ T81] dump_stack_lvl+0x151/0x1b7 [ 21.633550][ T81] ? is_module_text_address+0x1a/0x140 [ 21.638844][ T81] ? is_module_text_address+0x1a/0x140 [ 21.644143][ T81] ? io_uring_drop_tctx_refs+0x190/0x190 [ 21.649608][ T81] ? is_module_text_address+0x1a/0x140 [ 21.654893][ T81] dump_stack+0x15/0x17 [ 21.658884][ T81] __schedule_bug+0x195/0x260 [ 21.663397][ T81] ? ttwu_queue_wakelist+0x510/0x510 [ 21.668516][ T81] __schedule+0xd0b/0x1580 [ 21.672770][ T81] ? __kasan_check_read+0x11/0x20 [ 21.677629][ T81] ? __fdget_pos+0x2ee/0x3a0 [ 21.682071][ T81] ? __sched_text_start+0x8/0x8 [ 21.686744][ T81] ? ksys_write+0x24f/0x2c0 [ 21.691100][ T81] schedule+0x11f/0x1e0 [ 21.695164][ T81] exit_to_user_mode_loop+0x4d/0xe0 [ 21.700205][ T81] exit_to_user_mode_prepare+0x5a/0xa0 [ 21.705506][ T81] syscall_exit_to_user_mode+0x26/0x160 [ 21.710873][ T81] do_syscall_64+0x49/0xb0 [ 21.715124][ T81] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 21.720860][ T81] RIP: 0033:0x7fcf6f042bf2 [ 21.725110][ T81] Code: 89 c7 48 89 44 24 08 e8 7b 34 fa ff 48 8b 44 24 08 48 83 c4 28 c3 c3 64 8b 04 25 18 00 00 00 85 c0 75 20 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 6f 48 8b 15 07 a2 0d 00 f7 d8 64 89 02 48 83 [ 21.744557][ T81] RSP: 002b:00007ffe96bf0d28 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 21.752802][ T81] RAX: 000000000000004c RBX: 0000000000000003 RCX: 00007fcf6f042bf2 ./strace-static-x86_64: Process 304 attached [pid 307] write(3, "1000", 4) = 4 [pid 306] set_robust_list(0x55555632b660, 24 [pid 304] set_robust_list(0x55555632b660, 24 [pid 307] close(3 [pid 306] <... set_robust_list resumed>) = 0 [pid 304] <... set_robust_list resumed>) = 0 [pid 307] <... close resumed>) = 0 [pid 306] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 304] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 307] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 306] <... prctl resumed>) = 0 [pid 304] <... prctl resumed>) = 0 [pid 306] setpgid(0, 0) = 0 [pid 306] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 306] write(3, "1000", 4 [pid 304] setpgid(0, 0 [pid 307] <... bpf resumed>) = 3 [pid 307] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 306] <... write resumed>) = 4 [pid 304] <... setpgid resumed>) = 0 [pid 306] close(3 [pid 304] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 305 attached [pid 306] <... close resumed>) = 0 [pid 304] <... openat resumed>) = 3 [pid 306] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 304] write(3, "1000", 4 [pid 306] <... bpf resumed>) = 3 [pid 305] set_robust_list(0x55555632b660, 24 [pid 304] <... write resumed>) = 4 [pid 306] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 305] <... set_robust_list resumed>) = 0 [pid 304] close(3 [pid 305] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 304] <... close resumed>) = 0 [pid 305] <... prctl resumed>) = 0 [pid 304] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 305] setpgid(0, 0) = 0 [pid 305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 305] write(3, "1000", 4) = 4 [pid 305] close(3 [pid 304] <... bpf resumed>) = 3 [pid 305] <... close resumed>) = 0 [pid 304] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 305] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 300] +++ exited with 0 +++ [pid 298] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=300, si_uid=0, si_status=0, si_utime=0, si_stime=18} --- [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=298, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 305] <... bpf resumed>) = 3 [pid 293] <... clone resumed>, child_tidptr=0x55555632b650) = 309 ./strace-static-x86_64: Process 310 attached [pid 291] <... clone resumed>, child_tidptr=0x55555632b650) = 310 ./strace-static-x86_64: Process 309 attached [pid 310] set_robust_list(0x55555632b660, 24 [pid 305] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 310] <... set_robust_list resumed>) = 0 [pid 309] set_robust_list(0x55555632b660, 24 [pid 310] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 309] <... set_robust_list resumed>) = 0 [pid 310] <... prctl resumed>) = 0 [pid 309] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 310] setpgid(0, 0 [pid 309] <... prctl resumed>) = 0 [pid 310] <... setpgid resumed>) = 0 [pid 310] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 309] setpgid(0, 0 [pid 310] <... openat resumed>) = 3 [pid 309] <... setpgid resumed>) = 0 [pid 310] write(3, "1000", 4) = 4 [pid 310] close(3) = 0 [pid 309] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 310] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 309] <... openat resumed>) = 3 [pid 310] <... bpf resumed>) = 3 [pid 309] write(3, "1000", 4 [pid 310] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 309] <... write resumed>) = 4 [pid 309] close(3) = 0 [pid 309] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 309] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 310] <... bpf resumed>) = 4 [pid 309] <... bpf resumed>) = 4 [pid 307] <... bpf resumed>) = 4 [pid 306] <... bpf resumed>) = 4 [pid 305] <... bpf resumed>) = 4 [pid 304] <... bpf resumed>) = 4 [pid 310] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 309] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 307] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 306] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 305] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 304] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 310] <... bpf resumed>) = 5 [pid 309] <... bpf resumed>) = 5 [pid 307] <... bpf resumed>) = 5 [pid 306] <... bpf resumed>) = 5 [pid 305] <... bpf resumed>) = 5 [pid 304] <... bpf resumed>) = 5 [pid 310] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 309] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 307] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 306] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 305] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 304] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 310] <... bpf resumed>) = 0 [pid 309] <... bpf resumed>) = 0 [pid 307] <... bpf resumed>) = 0 [pid 306] <... bpf resumed>) = 0 [pid 305] <... bpf resumed>) = 0 [pid 304] <... bpf resumed>) = 0 [pid 310] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 309] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 307] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 306] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 305] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 304] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 310] <... bpf resumed>) = 6 [pid 309] <... bpf resumed>) = 6 [pid 307] <... bpf resumed>) = 6 [pid 306] <... bpf resumed>) = 6 [pid 310] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 307] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [ 21.760602][ T81] RDX: 000000000000004c RSI: 0000561060b2c600 RDI: 0000000000000003 [ 21.768423][ T81] RBP: 0000561060b2c600 R08: 0000000000000001 R09: 0000000000000000 [ 21.776228][ T81] R10: 00007fcf6f1e13a3 R11: 0000000000000246 R12: 000000000000004c [ 21.784046][ T81] R13: 00007fcf6eeee300 R14: 0000000000000004 R15: 0000561060b2c410 [ 21.791851][ T81] [ 21.831525][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 21.842951][ T285] BUG: scheduling while atomic: sshd/285/0x00000002 [ 21.849395][ T285] Modules linked in: [ 21.853077][ T285] Preemption disabled at: [ 21.853087][ T285] [] __set_current_blocked+0x11b/0x2f0 [ 21.868683][ T285] CPU: 0 PID: 285 Comm: sshd Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 21.879128][ T285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 21.889082][ T285] Call Trace: [ 21.892206][ T285] [ 21.894987][ T285] dump_stack_lvl+0x151/0x1b7 [ 21.899499][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 21.904788][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 21.910086][ T285] ? io_uring_drop_tctx_refs+0x190/0x190 [ 21.915571][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 21.920854][ T285] dump_stack+0x15/0x17 [ 21.924846][ T285] __schedule_bug+0x195/0x260 [ 21.929354][ T285] ? __kasan_check_write+0x14/0x20 [ 21.934300][ T285] ? ttwu_queue_wakelist+0x510/0x510 [ 21.939435][ T285] ? __set_current_blocked+0x2a5/0x2f0 [ 21.944729][ T285] __schedule+0xd0b/0x1580 [ 21.948974][ T285] ? __kasan_check_read+0x11/0x20 [ 21.953831][ T285] ? _copy_to_user+0x78/0x90 [ 21.958263][ T285] ? __sched_text_start+0x8/0x8 [ 21.962940][ T285] ? __se_sys_rt_sigprocmask+0x311/0x380 [ 21.968424][ T285] ? __x64_sys_rt_sigprocmask+0xb0/0xb0 [ 21.973805][ T285] schedule+0x11f/0x1e0 [ 21.977792][ T285] exit_to_user_mode_loop+0x4d/0xe0 [ 21.982830][ T285] exit_to_user_mode_prepare+0x5a/0xa0 [ 21.988111][ T285] syscall_exit_to_user_mode+0x26/0x160 [ 21.993490][ T285] do_syscall_64+0x49/0xb0 [ 21.997742][ T285] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 22.003479][ T285] RIP: 0033:0x7f87d11aa773 [ 22.007729][ T285] Code: 00 f3 a5 48 8d 74 24 88 48 b9 ff ff ff 7f fe ff ff ff 48 21 c8 48 89 44 24 88 41 ba 08 00 00 00 44 89 c7 b8 0e 00 00 00 0f 05 <45> 31 c0 3d 00 f0 ff ff 76 06 41 89 c0 41 f7 d8 44 89 c0 5a c3 41 [pid 306] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 304] <... bpf resumed>) = 6 [pid 305] <... bpf resumed>) = 6 [pid 309] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 310] <... bpf resumed>) = 7 [pid 307] <... bpf resumed>) = 7 [pid 309] <... bpf resumed>) = 7 [pid 306] <... bpf resumed>) = 7 [pid 305] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 304] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 310] exit_group(0 [pid 306] exit_group(0 [pid 310] <... exit_group resumed>) = ? [pid 306] <... exit_group resumed>) = ? [pid 310] +++ exited with 0 +++ [pid 306] +++ exited with 0 +++ [pid 309] exit_group(0 [pid 307] exit_group(0 [pid 305] <... bpf resumed>) = 7 [pid 304] <... bpf resumed>) = 7 [pid 309] <... exit_group resumed>) = ? [pid 307] <... exit_group resumed>) = ? [pid 305] exit_group(0 [pid 304] exit_group(0 [pid 309] +++ exited with 0 +++ [pid 307] +++ exited with 0 +++ [pid 305] <... exit_group resumed>) = ? [pid 304] <... exit_group resumed>) = ? [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=309, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=306, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 294] restart_syscall(<... resuming interrupted clone ...> [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=307, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=310, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 291] restart_syscall(<... resuming interrupted clone ...> [pid 294] <... restart_syscall resumed>) = 0 [pid 291] <... restart_syscall resumed>) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 293] <... clone resumed>, child_tidptr=0x55555632b650) = 311 [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 294] <... clone resumed>, child_tidptr=0x55555632b650) = 312 [pid 292] <... clone resumed>, child_tidptr=0x55555632b650) = 313 [pid 291] <... clone resumed>, child_tidptr=0x55555632b650) = 314 ./strace-static-x86_64: Process 313 attached [pid 313] set_robust_list(0x55555632b660, 24) = 0 [pid 313] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 313] setpgid(0, 0) = 0 [pid 313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 313] write(3, "1000", 4) = 4 [pid 313] close(3) = 0 [pid 313] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 305] +++ exited with 0 +++ [pid 304] +++ exited with 0 +++ [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=305, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555632b650) = 315 ./strace-static-x86_64: Process 315 attached [pid 315] set_robust_list(0x55555632b660, 24) = 0 [pid 315] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 315] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 314 attached ./strace-static-x86_64: Process 311 attached ./strace-static-x86_64: Process 312 attached [pid 314] set_robust_list(0x55555632b660, 24 [pid 311] set_robust_list(0x55555632b660, 24 [pid 314] <... set_robust_list resumed>) = 0 [pid 312] set_robust_list(0x55555632b660, 24 [pid 311] <... set_robust_list resumed>) = 0 [pid 313] <... bpf resumed>) = 3 [pid 314] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 312] <... set_robust_list resumed>) = 0 [pid 313] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 311] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 312] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 314] <... prctl resumed>) = 0 [pid 312] <... prctl resumed>) = 0 [pid 311] <... prctl resumed>) = 0 [pid 314] setpgid(0, 0 [pid 312] setpgid(0, 0 [pid 314] <... setpgid resumed>) = 0 [pid 311] setpgid(0, 0 [pid 312] <... setpgid resumed>) = 0 [pid 311] <... setpgid resumed>) = 0 [pid 314] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 311] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 315] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 312] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 315] <... openat resumed>) = 3 [pid 311] <... openat resumed>) = 3 [pid 312] <... openat resumed>) = 3 [pid 296] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=304, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 314] <... openat resumed>) = 3 [pid 312] write(3, "1000", 4 [pid 311] write(3, "1000", 4 [pid 314] write(3, "1000", 4 [pid 312] <... write resumed>) = 4 [pid 311] <... write resumed>) = 4 [pid 314] <... write resumed>) = 4 [pid 312] close(3 [pid 311] close(3 [pid 314] close(3 [pid 312] <... close resumed>) = 0 [pid 311] <... close resumed>) = 0 [pid 314] <... close resumed>) = 0 [pid 312] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 314] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 311] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 315] write(3, "1000", 4) = 4 [pid 315] close(3) = 0 [pid 296] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 312] <... bpf resumed>) = 3 [pid 315] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 312] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 314] <... bpf resumed>) = 3 [pid 296] <... clone resumed>, child_tidptr=0x55555632b650) = 316 [pid 314] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 315] <... bpf resumed>) = 3 [pid 315] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 311] <... bpf resumed>) = 3 [pid 311] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16./strace-static-x86_64: Process 316 attached [pid 316] set_robust_list(0x55555632b660, 24) = 0 [pid 316] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 316] setpgid(0, 0) = 0 [pid 316] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 316] write(3, "1000", 4) = 4 [pid 316] close(3) = 0 [pid 316] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 316] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 313] <... bpf resumed>) = 4 [pid 312] <... bpf resumed>) = 4 [pid 312] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 5 [pid 312] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4) = 0 [pid 312] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 314] <... bpf resumed>) = 4 [pid 313] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 314] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 313] <... bpf resumed>) = 5 [pid 316] <... bpf resumed>) = 4 [pid 315] <... bpf resumed>) = 4 [pid 314] <... bpf resumed>) = 5 [pid 313] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 312] <... bpf resumed>) = 6 [pid 311] <... bpf resumed>) = 4 [pid 316] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 315] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 314] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 313] <... bpf resumed>) = 0 [pid 312] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 311] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 316] <... bpf resumed>) = 5 [pid 315] <... bpf resumed>) = 5 [pid 314] <... bpf resumed>) = 0 [pid 313] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 312] <... bpf resumed>) = 7 [pid 311] <... bpf resumed>) = 5 [pid 316] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 315] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 314] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 316] <... bpf resumed>) = 0 [pid 315] <... bpf resumed>) = 0 [pid 313] <... bpf resumed>) = 6 [pid 312] exit_group(0 [pid 311] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [ 22.027257][ T285] RSP: 002b:00007ffdd8e89040 EFLAGS: 00000246 ORIG_RAX: 000000000000000e [ 22.035497][ T285] RAX: 0000000000000000 RBX: 0000000000060000 RCX: 00007f87d11aa773 [ 22.043307][ T285] RDX: 00007ffdd8e89128 RSI: 00007ffdd8e890a8 RDI: 0000000000000001 [ 22.051132][ T285] RBP: 00005576ccc6e5e0 R08: 0000000000000001 R09: 0000000000000000 [ 22.058952][ T285] R10: 0000000000000008 R11: 0000000000000246 R12: 00005576cb662aa4 [ 22.066742][ T285] R13: 0000000000000015 R14: 00005576cb6633e8 R15: 00007ffdd8e890a8 [ 22.074578][ T285] [pid 316] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [ 22.106476][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 22.118066][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 22.125394][ T287] Modules linked in: [ 22.129228][ T287] Preemption disabled at: [ 22.129240][ T287] [] pipe_write+0x1429/0x1930 [ 22.139732][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 22.151209][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 22.161117][ T287] Call Trace: [ 22.164237][ T287] [ 22.167006][ T287] dump_stack_lvl+0x151/0x1b7 [ 22.171515][ T287] ? pipe_write+0x1429/0x1930 [ 22.176031][ T287] ? pipe_write+0x1429/0x1930 [ 22.180551][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 22.186019][ T287] ? pipe_write+0x1429/0x1930 [ 22.190540][ T287] dump_stack+0x15/0x17 [ 22.194530][ T287] __schedule_bug+0x195/0x260 [ 22.199033][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 22.204150][ T287] __schedule+0xd0b/0x1580 [ 22.208437][ T287] ? __sched_text_start+0x8/0x8 [ 22.213178][ T287] ? ksys_write+0x24f/0x2c0 [ 22.217516][ T287] schedule+0x11f/0x1e0 [ 22.221508][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 22.226542][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 22.231841][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 22.237219][ T287] do_syscall_64+0x49/0xb0 [ 22.241471][ T287] ? sysvec_call_function_single+0x52/0xb0 [ 22.247115][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 22.252839][ T287] RIP: 0033:0x4e815a [ 22.256574][ T287] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 78 0c 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 36 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 b8 ff ff ff f7 [ 22.276136][ T287] RSP: 002b:00007ffdf369aff8 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 22.284374][ T287] RAX: 0000000000001000 RBX: 0000000020000000 RCX: 00000000004e815a [ 22.292176][ T287] RDX: 0000000000000001 RSI: 00007ffdf369b020 RDI: 000000000000013b [pid 315] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 314] <... bpf resumed>) = 6 [pid 313] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 312] <... exit_group resumed>) = ? [pid 311] <... bpf resumed>) = 0 [pid 316] <... bpf resumed>) = 6 [pid 314] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 313] <... bpf resumed>) = 7 [pid 311] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 313] exit_group(0 [pid 315] <... bpf resumed>) = 6 [pid 311] <... bpf resumed>) = 6 [pid 313] <... exit_group resumed>) = ? [pid 315] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 316] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [ 22.299986][ T287] RBP: 000000000063c8a0 R08: 0000000000000001 R09: 0000000000000000 [ 22.307913][ T287] R10: 00007ffdf369b030 R11: 0000000000000246 R12: 0000000000000000 [ 22.315725][ T287] R13: 00000000200004c0 R14: 0000000000a93010 R15: 0000000000a958f0 [ 22.323668][ T287] [ 22.333380][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 22.344967][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 22.352423][ T287] Modules linked in: [ 22.356102][ T287] Preemption disabled at: [ 22.356111][ T287] [] __se_sys_ptrace+0x229/0x400 [ 22.366684][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 22.378138][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 22.388039][ T287] Call Trace: [ 22.391154][ T287] [ 22.393931][ T287] dump_stack_lvl+0x151/0x1b7 [ 22.398447][ T287] ? __se_sys_ptrace+0x229/0x400 [ 22.403308][ T287] ? __se_sys_ptrace+0x229/0x400 [ 22.408188][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 22.413646][ T287] ? __se_sys_ptrace+0x229/0x400 [ 22.418430][ T287] dump_stack+0x15/0x17 [ 22.422410][ T287] __schedule_bug+0x195/0x260 [ 22.427008][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 22.432255][ T287] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 22.437889][ T287] ? wait_task_inactive+0x2cd/0x4f0 [ 22.442922][ T287] __schedule+0xd0b/0x1580 [ 22.447162][ T287] ? _raw_spin_lock_irqsave+0x210/0x210 [ 22.452564][ T287] ? bpf_trace_run2+0xf1/0x210 [ 22.457144][ T287] ? __sched_text_start+0x8/0x8 [ 22.461828][ T287] ? ptrace_check_attach+0x323/0x420 [ 22.466974][ T287] schedule+0x11f/0x1e0 [ 22.470976][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 22.475979][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 22.481273][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 22.486666][ T287] do_syscall_64+0x49/0xb0 [ 22.490918][ T287] ? sysvec_call_function_single+0x52/0xb0 [ 22.496556][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 22.502275][ T287] RIP: 0033:0x4e6c1a [ 22.506047][ T287] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c [ 22.525485][ T287] RSP: 002b:00007ffdf369b090 EFLAGS: 00000206 ORIG_RAX: 0000000000000065 [ 22.533874][ T287] RAX: 0000000000000000 RBX: 0000000000a8f2f8 RCX: 00000000004e6c1a [ 22.541675][ T287] RDX: 0000000000000000 RSI: 0000000000000125 RDI: 0000000000000018 [ 22.549487][ T287] RBP: 0000000000000018 R08: 0000000000000017 R09: 0000000000000000 [pid 311] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 316] <... bpf resumed>) = 7 [pid 315] <... bpf resumed>) = 7 [pid 314] <... bpf resumed>) = 7 [pid 313] +++ exited with 0 +++ [pid 312] +++ exited with 0 +++ [pid 311] <... bpf resumed>) = 7 [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=312, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 315] exit_group(0 [ 22.557310][ T287] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000a90f90 [ 22.565108][ T287] R13: 0000000000000000 R14: 000000000000857f R15: 0000000000617180 [ 22.573183][ T287] [ 22.578088][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 22.589505][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 22.596839][ T287] Modules linked in: [ 22.600693][ T287] Preemption disabled at: [ 22.600701][ T287] [] remove_wait_queue+0x26/0x140 [ 22.611316][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 22.622730][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 22.632626][ T287] Call Trace: [ 22.635746][ T287] [ 22.638517][ T287] dump_stack_lvl+0x151/0x1b7 [ 22.643030][ T287] ? remove_wait_queue+0x26/0x140 [ 22.648061][ T287] ? remove_wait_queue+0x26/0x140 [ 22.652952][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 22.658416][ T287] ? remove_wait_queue+0x26/0x140 [ 22.663258][ T287] dump_stack+0x15/0x17 [ 22.667246][ T287] __schedule_bug+0x195/0x260 [ 22.671889][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 22.677108][ T287] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 22.682743][ T287] ? wait_task_inactive+0x2cd/0x4f0 [ 22.687782][ T287] __schedule+0xd0b/0x1580 [ 22.692174][ T287] ? _raw_spin_lock_irqsave+0x210/0x210 [ 22.697655][ T287] ? __sched_text_start+0x8/0x8 [ 22.702325][ T287] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 22.707282][ T287] ? _raw_spin_lock_irqsave+0x210/0x210 [ 22.712656][ T287] ? ptrace_check_attach+0x323/0x420 [ 22.717777][ T287] schedule+0x11f/0x1e0 [ 22.721775][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 22.726803][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 22.732096][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 22.737478][ T287] do_syscall_64+0x49/0xb0 [ 22.741729][ T287] ? sysvec_call_function_single+0x52/0xb0 [ 22.747379][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 22.753112][ T287] RIP: 0033:0x4e6c1a [ 22.756837][ T287] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c [ 22.776395][ T287] RSP: 002b:00007ffdf369b140 EFLAGS: 00000212 ORIG_RAX: 0000000000000065 [ 22.784629][ T287] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 00000000004e6c1a [ 22.792450][ T287] RDX: 0000000000000000 RSI: 0000000000000124 RDI: 0000000000004202 [ 22.800256][ T287] RBP: 0000000000a90e40 R08: 0000000000004201 R09: 0000000000000000 [pid 311] exit_group(0 [ 22.808084][ T287] R10: 0000000000a96ac0 R11: 0000000000000212 R12: 0000000000a96ab0 [ 22.815886][ T287] R13: 0000000000000124 R14: 00007ffdf369b1cc R15: 0000000000617180 [ 22.823692][ T287] [ 22.827328][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000102, exited with 00000101? [ 22.838899][ T285] BUG: scheduling while atomic: sshd/285/0x00000002 [ 22.845312][ T285] Modules linked in: [ 22.849081][ T285] Preemption disabled at: [ 22.849093][ T285] [] __set_current_blocked+0x11b/0x2f0 [ 22.860079][ T285] CPU: 0 PID: 285 Comm: sshd Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 22.870647][ T285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 22.880539][ T285] Call Trace: [ 22.883659][ T285] [ 22.886458][ T285] dump_stack_lvl+0x151/0x1b7 [ 22.891213][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 22.896506][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 22.901801][ T285] ? io_uring_drop_tctx_refs+0x190/0x190 [ 22.907385][ T285] ? fsnotify_perm+0x470/0x5d0 [ 22.911984][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 22.917273][ T285] dump_stack+0x15/0x17 [ 22.921262][ T285] __schedule_bug+0x195/0x260 [ 22.925783][ T285] ? ttwu_queue_wakelist+0x510/0x510 [ 22.930897][ T285] ? bpf_bprintf_cleanup+0x3f/0x60 [ 22.935841][ T285] ? __set_current_blocked+0x2a5/0x2f0 [ 22.941136][ T285] __schedule+0xd0b/0x1580 [ 22.945392][ T285] ? __kasan_check_read+0x11/0x20 [ 22.950251][ T285] ? __fdget_pos+0x209/0x3a0 [ 22.954676][ T285] ? __sched_text_start+0x8/0x8 [ 22.959362][ T285] ? ksys_read+0x24f/0x2c0 [ 22.963620][ T285] ? __x64_sys_rt_sigprocmask+0xb0/0xb0 [ 22.969032][ T285] schedule+0x11f/0x1e0 [ 22.972998][ T285] exit_to_user_mode_loop+0x4d/0xe0 [ 22.978022][ T285] exit_to_user_mode_prepare+0x5a/0xa0 [ 22.983331][ T285] syscall_exit_to_user_mode+0x26/0x160 [ 22.988699][ T285] do_syscall_64+0x49/0xb0 [ 22.992951][ T285] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 22.998678][ T285] RIP: 0033:0x7f87d11feb6a [ 23.002935][ T285] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83 [ 23.022466][ T285] RSP: 002b:00007ffdd8e84ef8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 23.030705][ T285] RAX: 000000000000002c RBX: 0000000000000000 RCX: 00007f87d11feb6a [ 23.038580][ T285] RDX: 0000000000004000 RSI: 00007ffdd8e84f18 RDI: 0000000000000009 [ 23.046335][ T285] RBP: 00005576ccc76390 R08: 0000000000000000 R09: 0000000000000000 [pid 315] <... exit_group resumed>) = ? [pid 311] <... exit_group resumed>) = ? [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=313, si_uid=0, si_status=0, si_utime=0, si_stime=21} --- [pid 316] exit_group(0 [ 23.054253][ T285] R10: 00007ffdd8e84f18 R11: 0000000000000246 R12: 00005576ccc6e5e0 [ 23.062080][ T285] R13: 00005576cb66b937 R14: 00005576cb66e480 R15: 00005576ccc6e5e0 [ 23.069871][ T285] [ 23.074081][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 23.085567][ T88] BUG: scheduling while atomic: klogd/88/0x00000002 [ 23.091991][ T88] Modules linked in: [ 23.095709][ T88] Preemption disabled at: [ 23.095720][ T88] [] unix_dgram_sendmsg+0xd62/0x2090 [ 23.111461][ T88] CPU: 0 PID: 88 Comm: klogd Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 23.126641][ T88] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 23.136540][ T88] Call Trace: [ 23.139655][ T88] [ 23.142451][ T88] dump_stack_lvl+0x151/0x1b7 [ 23.146945][ T88] ? unix_dgram_sendmsg+0xd62/0x2090 [ 23.152075][ T88] ? unix_dgram_sendmsg+0xd62/0x2090 [ 23.157386][ T88] ? io_uring_drop_tctx_refs+0x190/0x190 [ 23.162824][ T88] ? unix_dgram_sendmsg+0xd62/0x2090 [ 23.167956][ T88] dump_stack+0x15/0x17 [ 23.172214][ T88] __schedule_bug+0x195/0x260 [ 23.176710][ T88] ? __sys_sendto+0x5a2/0x720 [ 23.181221][ T88] ? ttwu_queue_wakelist+0x510/0x510 [ 23.186340][ T88] ? __ia32_sys_getpeername+0x90/0x90 [ 23.191549][ T88] __schedule+0xd0b/0x1580 [ 23.195804][ T88] ? bpf_trace_run2+0xf1/0x210 [ 23.200404][ T88] ? __sched_text_start+0x8/0x8 [ 23.205103][ T88] schedule+0x11f/0x1e0 [ 23.209082][ T88] exit_to_user_mode_loop+0x4d/0xe0 [ 23.214122][ T88] exit_to_user_mode_prepare+0x5a/0xa0 [ 23.219415][ T88] syscall_exit_to_user_mode+0x26/0x160 [ 23.224804][ T88] do_syscall_64+0x49/0xb0 [ 23.229041][ T88] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 23.234700][ T88] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 23.240421][ T88] RIP: 0033:0x7f878e7949b5 [ 23.244670][ T88] Code: 8b 44 24 08 48 83 c4 28 48 98 c3 48 98 c3 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 26 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 7a 48 8b 15 44 c4 0c 00 f7 d8 64 89 02 48 83 [ 23.264113][ T88] RSP: 002b:00007ffd533d3558 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 23.272362][ T88] RAX: 0000000000000052 RBX: 0000000000000000 RCX: 00007f878e7949b5 [ 23.280268][ T88] RDX: 0000000000000052 RSI: 0000555e22000130 RDI: 0000000000000003 [ 23.288088][ T88] RBP: 0000555e21ffa2c0 R08: 0000000000000000 R09: 0000000000000000 [ 23.295895][ T88] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000013 [ 23.303825][ T88] R13: 00007f878e922212 R14: 00007ffd533d3658 R15: 0000000000000000 [pid 314] exit_group(0 [pid 316] <... exit_group resumed>) = ? [pid 315] +++ exited with 0 +++ [pid 314] <... exit_group resumed>) = ? [pid 311] +++ exited with 0 +++ [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=315, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 294] <... clone resumed>, child_tidptr=0x55555632b650) = 318 [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=311, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 292] <... clone resumed>, child_tidptr=0x55555632b650) = 319 [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 295] <... clone resumed>, child_tidptr=0x55555632b650) = 320 [pid 293] <... clone resumed>, child_tidptr=0x55555632b650) = 321 ./strace-static-x86_64: Process 321 attached [pid 321] set_robust_list(0x55555632b660, 24) = 0 [pid 321] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 321] setpgid(0, 0./strace-static-x86_64: Process 319 attached ) = 0 [pid 319] set_robust_list(0x55555632b660, 24) = 0 [pid 321] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 319] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 319] setpgid(0, 0 [pid 321] <... openat resumed>) = 3 [pid 319] <... setpgid resumed>) = 0 [pid 319] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 321] write(3, "1000", 4) = 4 [pid 319] <... openat resumed>) = 3 [pid 321] close(3 [pid 319] write(3, "1000", 4 [pid 321] <... close resumed>) = 0 [pid 319] <... write resumed>) = 4 [pid 321] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 319] close(3) = 0 [pid 319] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73./strace-static-x86_64: Process 320 attached ./strace-static-x86_64: Process 318 attached [pid 320] set_robust_list(0x55555632b660, 24 [pid 318] set_robust_list(0x55555632b660, 24 [pid 314] +++ exited with 0 +++ [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=314, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 291] restart_syscall(<... resuming interrupted clone ...> [pid 316] +++ exited with 0 +++ [pid 296] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=316, si_uid=0, si_status=0, si_utime=0, si_stime=22} --- [pid 291] <... restart_syscall resumed>) = 0 [pid 296] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555632b650) = 322 [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555632b650) = 323 [pid 320] <... set_robust_list resumed>) = 0 [pid 318] <... set_robust_list resumed>) = 0 [pid 320] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 318] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 320] setpgid(0, 0 [pid 318] <... prctl resumed>) = 0 [pid 319] <... bpf resumed>) = 3 [pid 320] <... setpgid resumed>) = 0 [pid 318] setpgid(0, 0 [pid 319] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 320] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 318] <... setpgid resumed>) = 0 [pid 321] <... bpf resumed>) = 3 [pid 320] <... openat resumed>) = 3 [pid 321] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 320] write(3, "1000", 4) = 4 [pid 320] close(3 [pid 318] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 320] <... close resumed>) = 0 [pid 320] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73./strace-static-x86_64: Process 323 attached ./strace-static-x86_64: Process 322 attached [pid 318] <... openat resumed>) = 3 [pid 318] write(3, "1000", 4) = 4 [pid 318] close(3) = 0 [pid 318] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 322] set_robust_list(0x55555632b660, 24) = 0 [pid 323] set_robust_list(0x55555632b660, 24 [pid 322] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 323] <... set_robust_list resumed>) = 0 [pid 323] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 323] setpgid(0, 0 [pid 322] <... prctl resumed>) = 0 [pid 323] <... setpgid resumed>) = 0 [pid 323] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 322] setpgid(0, 0 [pid 319] <... bpf resumed>) = 4 [pid 322] <... setpgid resumed>) = 0 [pid 319] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 5 [pid 321] <... bpf resumed>) = 4 [pid 319] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 321] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 319] <... bpf resumed>) = 0 [pid 321] <... bpf resumed>) = 5 [pid 319] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 323] write(3, "1000", 4 [pid 322] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 321] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 320] <... bpf resumed>) = 3 [pid 319] <... bpf resumed>) = 6 [pid 318] <... bpf resumed>) = 3 [pid 319] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 321] <... bpf resumed>) = 0 [pid 323] <... write resumed>) = 4 [pid 322] <... openat resumed>) = 3 [pid 321] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 319] <... bpf resumed>) = 7 [pid 323] close(3 [pid 322] write(3, "1000", 4 [pid 320] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 319] exit_group(0 [pid 318] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 323] <... close resumed>) = 0 [pid 322] <... write resumed>) = 4 [pid 321] <... bpf resumed>) = 6 [ 23.311645][ T88] [pid 320] <... bpf resumed>) = 4 [pid 319] <... exit_group resumed>) = ? [ 23.334567][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 23.346066][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 23.353613][ T287] Modules linked in: [ 23.357328][ T287] Preemption disabled at: [ 23.357335][ T287] [] try_to_wake_up+0x86/0x1150 [ 23.367862][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 23.379318][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 23.389365][ T287] Call Trace: [ 23.392446][ T287] [ 23.395219][ T287] dump_stack_lvl+0x151/0x1b7 [ 23.399728][ T287] ? try_to_wake_up+0x86/0x1150 [ 23.404416][ T287] ? try_to_wake_up+0x86/0x1150 [ 23.409107][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 23.414582][ T287] ? try_to_wake_up+0x86/0x1150 [ 23.419264][ T287] dump_stack+0x15/0x17 [ 23.423248][ T287] __schedule_bug+0x195/0x260 [ 23.427764][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 23.432905][ T287] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 23.438543][ T287] ? bpf_bprintf_cleanup+0x1a/0x60 [ 23.443582][ T287] ? wait_task_inactive+0x2cd/0x4f0 [ 23.448627][ T287] __schedule+0xd0b/0x1580 [ 23.452875][ T287] ? __kasan_check_read+0x11/0x20 [ 23.457727][ T287] ? __fdget_pos+0x209/0x3a0 [ 23.462195][ T287] ? __sched_text_start+0x8/0x8 [ 23.466856][ T287] ? ksys_write+0x24f/0x2c0 [ 23.471203][ T287] schedule+0x11f/0x1e0 [ 23.475194][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 23.480213][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 23.485502][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 23.490906][ T287] do_syscall_64+0x49/0xb0 [ 23.495142][ T287] ? sysvec_call_function_single+0x52/0xb0 [ 23.500790][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 23.506507][ T287] RIP: 0033:0x4e5c73 [ 23.510238][ T287] Code: c7 c0 b8 ff ff ff 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18 [pid 318] <... bpf resumed>) = 4 [pid 323] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 322] close(3 [pid 321] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 320] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 322] <... close resumed>) = 0 [pid 319] +++ exited with 0 +++ [pid 320] <... bpf resumed>) = 5 [pid 318] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 322] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 320] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 318] <... bpf resumed>) = 5 [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=319, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 320] <... bpf resumed>) = 0 [pid 318] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 320] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 318] <... bpf resumed>) = 0 [pid 292] <... clone resumed>, child_tidptr=0x55555632b650) = 324 [pid 318] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 320] <... bpf resumed>) = 6 [pid 320] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 318] <... bpf resumed>) = 6 [pid 318] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 323] <... bpf resumed>) = 3 [pid 322] <... bpf resumed>) = 3 [pid 322] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 323] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16./strace-static-x86_64: Process 324 attached [pid 324] set_robust_list(0x55555632b660, 24) = 0 [pid 324] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 324] setpgid(0, 0) = 0 [pid 324] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 324] write(3, "1000", 4) = 4 [pid 324] close(3) = 0 [pid 324] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 324] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 321] <... bpf resumed>) = 7 [pid 324] <... bpf resumed>) = 4 [pid 323] <... bpf resumed>) = 4 [pid 322] <... bpf resumed>) = 4 [ 23.529867][ T287] RSP: 002b:00007ffdf369b048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 23.538096][ T287] RAX: 000000000000002c RBX: 000000000000002c RCX: 00000000004e5c73 [ 23.545921][ T287] RDX: 000000000000002c RSI: 0000000000a92000 RDI: 0000000000000002 [ 23.553863][ T287] RBP: 0000000000a92000 R08: 0000000000000002 R09: 0000000000000018 [ 23.561657][ T287] R10: 0000000000548960 R11: 0000000000000246 R12: 000000000000002c [ 23.569581][ T287] R13: 0000000000617480 R14: 000000000000002c R15: 0000000000000001 [ 23.577398][ T287] [ 23.600780][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 23.612258][ T285] BUG: scheduling while atomic: sshd/285/0x00000002 [ 23.618735][ T285] Modules linked in: [ 23.622467][ T285] Preemption disabled at: [ 23.622477][ T285] [] __set_current_blocked+0x11b/0x2f0 [ 23.633512][ T285] CPU: 0 PID: 285 Comm: sshd Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 23.643979][ T285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 23.653867][ T285] Call Trace: [ 23.656994][ T285] [ 23.659770][ T285] dump_stack_lvl+0x151/0x1b7 [ 23.664279][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 23.669570][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 23.674867][ T285] ? io_uring_drop_tctx_refs+0x190/0x190 [ 23.680335][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 23.685639][ T285] dump_stack+0x15/0x17 [ 23.689621][ T285] __schedule_bug+0x195/0x260 [ 23.694132][ T285] ? __kasan_check_write+0x14/0x20 [ 23.699176][ T285] ? ttwu_queue_wakelist+0x510/0x510 [ 23.704288][ T285] ? __set_current_blocked+0x2a5/0x2f0 [ 23.709582][ T285] __schedule+0xd0b/0x1580 [ 23.713846][ T285] ? __kasan_check_read+0x11/0x20 [ 23.718708][ T285] ? _copy_to_user+0x78/0x90 [ 23.723121][ T285] ? __sched_text_start+0x8/0x8 [ 23.727806][ T285] ? __se_sys_rt_sigprocmask+0x311/0x380 [ 23.733294][ T285] ? __x64_sys_rt_sigprocmask+0xb0/0xb0 [ 23.738673][ T285] schedule+0x11f/0x1e0 [ 23.742660][ T285] exit_to_user_mode_loop+0x4d/0xe0 [ 23.747778][ T285] exit_to_user_mode_prepare+0x5a/0xa0 [ 23.753078][ T285] syscall_exit_to_user_mode+0x26/0x160 [ 23.758446][ T285] do_syscall_64+0x49/0xb0 [ 23.762707][ T285] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 23.768431][ T285] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 23.774170][ T285] RIP: 0033:0x7f87d11aa773 [ 23.778427][ T285] Code: 00 f3 a5 48 8d 74 24 88 48 b9 ff ff ff 7f fe ff ff ff 48 21 c8 48 89 44 24 88 41 ba 08 00 00 00 44 89 c7 b8 0e 00 00 00 0f 05 <45> 31 c0 3d 00 f0 ff ff 76 06 41 89 c0 41 f7 d8 44 89 c0 5a c3 41 [ 23.797852][ T285] RSP: 002b:00007ffdd8e89040 EFLAGS: 00000246 ORIG_RAX: 000000000000000e [ 23.806104][ T285] RAX: 0000000000000000 RBX: 0000000000060000 RCX: 00007f87d11aa773 [ 23.813904][ T285] RDX: 00007ffdd8e89128 RSI: 00007ffdd8e890a8 RDI: 0000000000000001 [ 23.821716][ T285] RBP: 00005576ccc6e5e0 R08: 0000000000000001 R09: 0000000000000000 [ 23.829531][ T285] R10: 0000000000000008 R11: 0000000000000246 R12: 00005576cb662aa4 [ 23.837350][ T285] R13: 0000000000000017 R14: 00005576cb6633e8 R15: 00007ffdd8e890a8 [ 23.845158][ T285] [ 23.848819][ C1] softirq: huh, entered softirq 9 RCU ffffffff815c95e0 with preempt_count 00000103, exited with 00000102? [ 23.861950][ T81] BUG: scheduling while atomic: syslogd/81/0x00000002 [ 23.868540][ T81] Modules linked in: [ 23.872315][ T81] Preemption disabled at: [ 23.872322][ T81] [] is_module_text_address+0x1a/0x140 [ 23.883397][ T81] CPU: 1 PID: 81 Comm: syslogd Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 23.894050][ T81] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 23.903942][ T81] Call Trace: [ 23.907068][ T81] [ 23.909842][ T81] dump_stack_lvl+0x151/0x1b7 [ 23.914363][ T81] ? is_module_text_address+0x1a/0x140 [ 23.919651][ T81] ? is_module_text_address+0x1a/0x140 [ 23.924944][ T81] ? io_uring_drop_tctx_refs+0x190/0x190 [ 23.930412][ T81] ? is_module_text_address+0x1a/0x140 [ 23.935710][ T81] dump_stack+0x15/0x17 [ 23.939698][ T81] __schedule_bug+0x195/0x260 [ 23.944210][ T81] ? xas_create+0x1437/0x15d0 [ 23.948723][ T81] ? ttwu_queue_wakelist+0x510/0x510 [ 23.953846][ T81] __schedule+0xd0b/0x1580 [ 23.958099][ T81] ? __this_cpu_preempt_check+0x13/0x20 [ 23.963480][ T81] ? __sched_text_start+0x8/0x8 [ 23.968166][ T81] ? xas_nomem+0x19a/0x1d0 [ 23.972429][ T81] schedule+0x11f/0x1e0 [ 23.976411][ T81] schedule_timeout+0xa9/0x370 [ 23.981019][ T81] ? __kasan_check_write+0x14/0x20 [ 23.985963][ T81] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 23.991253][ T81] ? console_conditional_schedule+0x30/0x30 [ 23.996981][ T81] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 24.002624][ T81] ? prepare_to_wait_exclusive+0x1ac/0x1f0 [ 24.008263][ T81] __skb_wait_for_more_packets+0x394/0x5f0 [ 24.013918][ T81] ? skb_checksum_setup_ip+0xaf0/0xaf0 [ 24.019204][ T81] ? mutex_unlock+0xb2/0x260 [ 24.023626][ T81] ? __skb_wait_for_more_packets+0x5f0/0x5f0 [ 24.029466][ T81] ? __mutex_lock_slowpath+0x10/0x10 [ 24.034559][ T81] ? avc_has_perm+0x16f/0x260 [ 24.039100][ T81] __unix_dgram_recvmsg+0x34f/0x1260 [ 24.044283][ T81] ? selinux_socket_recvmsg+0x243/0x340 [ 24.049681][ T81] ? unix_unhash+0x10/0x10 [ 24.053960][ T81] ? file_has_perm+0x508/0x6c0 [ 24.058514][ T81] unix_dgram_recvmsg+0xc4/0xe0 [ 24.063201][ T81] ? unix_dgram_sendmsg+0x2090/0x2090 [ 24.068409][ T81] sock_read_iter+0x353/0x480 [ 24.073050][ T81] ? kernel_sock_ip_overhead+0x280/0x280 [ 24.078521][ T81] ? iov_iter_init+0x53/0x190 [ 24.083022][ T81] vfs_read+0xa7e/0xd40 [ 24.087007][ T81] ? kernel_read+0x1f0/0x1f0 [ 24.091433][ T81] ? bpf_bprintf_cleanup+0x3f/0x60 [ 24.096382][ T81] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 24.102044][ T81] ? __kasan_check_read+0x11/0x20 [ 24.111830][ T81] ? __fdget_pos+0x209/0x3a0 [ 24.116269][ T81] ksys_read+0x199/0x2c0 [ 24.120335][ T81] ? vfs_write+0x1110/0x1110 [ 24.124759][ T81] ? __bpf_trace_sys_enter+0x62/0x70 [ 24.129883][ T81] __x64_sys_read+0x7b/0x90 [ 24.134349][ T81] do_syscall_64+0x3d/0xb0 [ 24.138590][ T81] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 24.144251][ T81] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 24.149971][ T81] RIP: 0033:0x7fcf6f042b6a [ 24.154222][ T81] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83 [ 24.173669][ T81] RSP: 002b:00007ffe96bf0e98 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 24.182070][ T81] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fcf6f042b6a [ 24.189882][ T81] RDX: 00000000000000ff RSI: 0000561060b2c300 RDI: 0000000000000000 [pid 321] exit_group(0 [pid 320] <... bpf resumed>) = 7 [pid 318] <... bpf resumed>) = 7 [pid 324] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 323] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 322] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 321] <... exit_group resumed>) = ? [pid 320] exit_group(0 [pid 318] exit_group(0 [pid 323] <... bpf resumed>) = 5 [pid 321] +++ exited with 0 +++ [pid 318] <... exit_group resumed>) = ? [pid 323] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4) = 0 [pid 323] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 323] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 324] <... bpf resumed>) = 5 [pid 324] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4) = 0 [pid 324] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 324] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 322] <... bpf resumed>) = 5 [pid 322] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4) = 0 [pid 322] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 322] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 320] <... exit_group resumed>) = ? [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=321, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555632b650) = 325 ./strace-static-x86_64: Process 325 attached [pid 325] set_robust_list(0x55555632b660, 24) = 0 [pid 325] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 325] setpgid(0, 0) = 0 [pid 325] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 325] write(3, "1000", 4) = 4 [pid 325] close(3) = 0 [pid 325] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 323] <... bpf resumed>) = 7 [pid 323] exit_group(0) = ? [pid 324] <... bpf resumed>) = 7 [pid 323] +++ exited with 0 +++ [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=323, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 291] restart_syscall(<... resuming interrupted clone ...> [pid 324] exit_group(0) = ? [pid 291] <... restart_syscall resumed>) = 0 [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555632b650) = 327 ./strace-static-x86_64: Process 327 attached [pid 327] set_robust_list(0x55555632b660, 24) = 0 [pid 327] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 327] setpgid(0, 0) = 0 [pid 327] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 325] <... bpf resumed>) = 3 [pid 327] <... openat resumed>) = 3 [pid 325] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 327] write(3, "1000", 4) = 4 [pid 327] close(3) = 0 [pid 327] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 327] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 322] <... bpf resumed>) = 7 [pid 322] exit_group(0) = ? [ 24.197703][ T81] RBP: 0000561060b2c2c0 R08: 0000000000000001 R09: 0000000000000000 [ 24.205505][ T81] R10: 00007fcf6f1e13a3 R11: 0000000000000246 R12: 0000561060b2c399 [ 24.213477][ T81] R13: 0000561060b2c300 R14: 0000000000000000 R15: 00007fcf6f21fa80 [ 24.221283][ T81] [ 24.238833][ C1] softirq: huh, entered softirq 9 RCU ffffffff815c95e0 with preempt_count 00000103, exited with 00000102? [ 24.250234][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 24.257864][ T287] Modules linked in: [ 24.261661][ T287] Preemption disabled at: [ 24.261669][ T287] [] try_to_wake_up+0x86/0x1150 [ 24.272048][ T287] CPU: 1 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 24.283448][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 24.293344][ T287] Call Trace: [ 24.296477][ T287] [ 24.299250][ T287] dump_stack_lvl+0x151/0x1b7 [ 24.303765][ T287] ? try_to_wake_up+0x86/0x1150 [ 24.308447][ T287] ? try_to_wake_up+0x86/0x1150 [ 24.313307][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 24.318859][ T287] ? try_to_wake_up+0x86/0x1150 [ 24.323544][ T287] dump_stack+0x15/0x17 [ 24.327537][ T287] __schedule_bug+0x195/0x260 [ 24.332063][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 24.337172][ T287] ? kernel_waitid+0x520/0x520 [ 24.341777][ T287] ? wait_task_inactive+0x2cd/0x4f0 [ 24.347483][ T287] __schedule+0xd0b/0x1580 [ 24.351714][ T287] ? __x64_sys_wait4+0x181/0x1e0 [ 24.356484][ T287] ? bpf_trace_run2+0xf1/0x210 [ 24.361082][ T287] ? __sched_text_start+0x8/0x8 [ 24.365770][ T287] schedule+0x11f/0x1e0 [ 24.369909][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 24.374948][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 24.380340][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 24.385813][ T287] do_syscall_64+0x49/0xb0 [ 24.390052][ T287] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 24.395696][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 24.401429][ T287] RIP: 0033:0x4d49a6 [ 24.405152][ T287] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24 [ 24.424688][ T287] RSP: 002b:00007ffdf369b1a8 EFLAGS: 00000246 ORIG_RAX: 000000000000003d [ 24.432933][ T287] RAX: 0000000000000124 RBX: 0000000000a8f2f8 RCX: 00000000004d49a6 [ 24.440735][ T287] RDX: 0000000040000000 RSI: 00007ffdf369b1cc RDI: 00000000ffffffff [pid 327] <... bpf resumed>) = 4 [pid 325] <... bpf resumed>) = 4 [pid 324] +++ exited with 0 +++ [pid 322] +++ exited with 0 +++ [pid 320] +++ exited with 0 +++ [pid 318] +++ exited with 0 +++ [pid 327] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 325] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 296] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=322, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=320, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=318, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 327] <... bpf resumed>) = 5 [pid 325] <... bpf resumed>) = 5 [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=324, si_uid=0, si_status=0, si_utime=0, si_stime=34} --- [pid 327] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 325] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 329 attached [pid 327] <... bpf resumed>) = 0 [pid 325] <... bpf resumed>) = 0 [pid 296] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 331 attached ./strace-static-x86_64: Process 332 attached ./strace-static-x86_64: Process 330 attached [pid 329] set_robust_list(0x55555632b660, 24 [pid 327] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 325] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 292] <... clone resumed>, child_tidptr=0x55555632b650) = 329 [pid 332] set_robust_list(0x55555632b660, 24 [pid 331] set_robust_list(0x55555632b660, 24 [pid 330] set_robust_list(0x55555632b660, 24 [pid 329] <... set_robust_list resumed>) = 0 [pid 327] <... bpf resumed>) = 6 [pid 296] <... clone resumed>, child_tidptr=0x55555632b650) = 330 [pid 295] <... clone resumed>, child_tidptr=0x55555632b650) = 331 [pid 294] <... clone resumed>, child_tidptr=0x55555632b650) = 332 [pid 330] <... set_robust_list resumed>) = 0 [pid 329] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 327] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 325] <... bpf resumed>) = 6 [pid 331] <... set_robust_list resumed>) = 0 [pid 332] <... set_robust_list resumed>) = 0 [pid 330] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 329] <... prctl resumed>) = 0 [pid 325] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 331] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 332] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 331] <... prctl resumed>) = 0 [pid 330] <... prctl resumed>) = 0 [pid 329] setpgid(0, 0 [pid 331] setpgid(0, 0 [pid 330] setpgid(0, 0 [pid 329] <... setpgid resumed>) = 0 [pid 331] <... setpgid resumed>) = 0 [pid 330] <... setpgid resumed>) = 0 [pid 332] <... prctl resumed>) = 0 [pid 330] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 329] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 331] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 332] setpgid(0, 0 [pid 330] <... openat resumed>) = 3 [pid 329] <... openat resumed>) = 3 [pid 331] <... openat resumed>) = 3 [pid 332] <... setpgid resumed>) = 0 [pid 330] write(3, "1000", 4 [pid 329] write(3, "1000", 4 [pid 332] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 331] write(3, "1000", 4 [pid 330] <... write resumed>) = 4 [pid 329] <... write resumed>) = 4 [pid 332] <... openat resumed>) = 3 [pid 331] <... write resumed>) = 4 [pid 330] close(3 [pid 329] close(3 [pid 327] <... bpf resumed>) = 7 [pid 325] <... bpf resumed>) = 7 [ 24.448546][ T287] RBP: 0000000000000000 R08: 0000000000000017 R09: 0000000000000000 [ 24.456358][ T287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a96900 [ 24.464255][ T287] R13: 0000000000000000 R14: 00007ffdf369b1cc R15: 0000000000617180 [ 24.472072][ T287] [ 24.489689][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 24.501132][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 24.508448][ T287] Modules linked in: [ 24.512356][ T287] Preemption disabled at: [ 24.512361][ T287] [] try_to_wake_up+0x86/0x1150 [ 24.522815][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 24.534247][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 24.544140][ T287] Call Trace: [ 24.548742][ T287] [ 24.551521][ T287] dump_stack_lvl+0x151/0x1b7 [ 24.556033][ T287] ? try_to_wake_up+0x86/0x1150 [ 24.560720][ T287] ? try_to_wake_up+0x86/0x1150 [ 24.565405][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 24.570875][ T287] ? try_to_wake_up+0x86/0x1150 [ 24.575560][ T287] dump_stack+0x15/0x17 [ 24.579554][ T287] __schedule_bug+0x195/0x260 [ 24.584068][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 24.589706][ T287] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 24.595347][ T287] ? wait_task_inactive+0x2cd/0x4f0 [ 24.600468][ T287] __schedule+0xd0b/0x1580 [ 24.604724][ T287] ? _raw_spin_lock_irqsave+0x210/0x210 [ 24.610101][ T287] ? __sched_text_start+0x8/0x8 [ 24.614809][ T287] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 24.619736][ T287] ? _raw_spin_lock_irqsave+0x210/0x210 [ 24.625118][ T287] ? ptrace_check_attach+0x323/0x420 [ 24.630237][ T287] schedule+0x11f/0x1e0 [ 24.634228][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 24.639264][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 24.644557][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 24.649940][ T287] do_syscall_64+0x49/0xb0 [ 24.654277][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 24.660006][ T287] RIP: 0033:0x4e6c1a [ 24.663739][ T287] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c [ 24.683530][ T287] RSP: 002b:00007ffdf369b010 EFLAGS: 00000206 ORIG_RAX: 0000000000000065 [ 24.692031][ T287] RAX: 0000000000000050 RBX: 0000000000a90e40 RCX: 00000000004e6c1a [pid 332] write(3, "1000", 4 [pid 331] close(3 [pid 330] <... close resumed>) = 0 [pid 329] <... close resumed>) = 0 [pid 327] exit_group(0 [pid 325] exit_group(0 [pid 332] <... write resumed>) = 4 [pid 327] <... exit_group resumed>) = ? [pid 332] close(3 [pid 330] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 329] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 325] <... exit_group resumed>) = ? [pid 332] <... close resumed>) = 0 [pid 332] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 330] <... bpf resumed>) = 3 [ 24.699931][ T287] RDX: 0000000000000058 RSI: 0000000000000124 RDI: 000000000000420e [ 24.707828][ T287] RBP: 00007ffdf369b110 R08: 000000000000420d R09: 0000000000000003 [ 24.715769][ T287] R10: 000000000063c820 R11: 0000000000000206 R12: 0000000000a90e40 [ 24.723574][ T287] R13: 00007ffdf369b16c R14: 000000000000857f R15: 0000000000617180 [ 24.731403][ T287] [ 24.738100][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 24.749527][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 24.757365][ T287] Modules linked in: [ 24.761214][ T287] Preemption disabled at: [ 24.761222][ T287] [] remove_wait_queue+0x26/0x140 [ 24.771834][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 24.783248][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 24.793141][ T287] Call Trace: [ 24.796280][ T287] [ 24.799048][ T287] dump_stack_lvl+0x151/0x1b7 [ 24.803557][ T287] ? remove_wait_queue+0x26/0x140 [ 24.808416][ T287] ? remove_wait_queue+0x26/0x140 [ 24.813296][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 24.818743][ T287] ? remove_wait_queue+0x26/0x140 [ 24.823701][ T287] dump_stack+0x15/0x17 [ 24.827681][ T287] __schedule_bug+0x195/0x260 [ 24.832198][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 24.837331][ T287] ? kernel_waitid+0x520/0x520 [ 24.841939][ T287] ? wait_task_inactive+0x2cd/0x4f0 [ 24.846972][ T287] __schedule+0xd0b/0x1580 [ 24.851216][ T287] ? __x64_sys_wait4+0x181/0x1e0 [ 24.855978][ T287] ? bpf_trace_run2+0xf1/0x210 [ 24.860839][ T287] ? __sched_text_start+0x8/0x8 [ 24.865526][ T287] schedule+0x11f/0x1e0 [ 24.869629][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 24.874895][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 24.880383][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 24.885742][ T287] do_syscall_64+0x49/0xb0 [ 24.890330][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 24.896034][ T287] RIP: 0033:0x4d49a6 [ 24.899767][ T287] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24 [ 24.919476][ T287] RSP: 002b:00007ffdf369b1a8 EFLAGS: 00000246 ORIG_RAX: 000000000000003d [ 24.927725][ T287] RAX: 0000000000000126 RBX: 0000000000000005 RCX: 00000000004d49a6 [ 24.935526][ T287] RDX: 0000000040000001 RSI: 00007ffdf369b1cc RDI: 00000000ffffffff [ 24.943476][ T287] RBP: 0000000000a90f90 R08: 0000000000000000 R09: 0000000000000000 [pid 332] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 331] <... close resumed>) = 0 [pid 329] <... bpf resumed>) = 3 [pid 332] <... bpf resumed>) = 4 [pid 330] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 327] +++ exited with 0 +++ [pid 332] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 331] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 329] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 332] <... bpf resumed>) = 5 [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=327, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 332] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 331] <... bpf resumed>) = 3 [pid 332] <... bpf resumed>) = 0 [pid 331] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 332] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 332] <... bpf resumed>) = 6 [pid 291] <... clone resumed>, child_tidptr=0x55555632b650) = 333 ./strace-static-x86_64: Process 333 attached [pid 332] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 333] set_robust_list(0x55555632b660, 24) = 0 [pid 333] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 333] setpgid(0, 0) = 0 [pid 333] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 333] write(3, "1000", 4) = 4 [pid 333] close(3) = 0 [pid 333] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 333] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 325] +++ exited with 0 +++ [pid 330] <... bpf resumed>) = 4 [pid 331] <... bpf resumed>) = 4 [pid 332] <... bpf resumed>) = 7 [pid 330] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 329] <... bpf resumed>) = 4 [pid 332] exit_group(0 [pid 331] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 330] <... bpf resumed>) = 5 [ 24.951456][ T287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a96b40 [ 24.960308][ T287] R13: 0000000000000125 R14: 00007ffdf369b1cc R15: 0000000000617180 [ 24.968295][ T287] [ 24.990458][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 25.002076][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 25.009586][ T287] Modules linked in: [ 25.013315][ T287] Preemption disabled at: [ 25.013321][ T287] [] up_read+0x16/0x170 [ 25.023134][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 25.034665][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 25.044668][ T287] Call Trace: [ 25.047767][ T287] [ 25.050708][ T287] dump_stack_lvl+0x151/0x1b7 [ 25.055340][ T287] ? up_read+0x16/0x170 [ 25.059338][ T287] ? up_read+0x16/0x170 [ 25.063398][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 25.068870][ T287] ? up_read+0x16/0x170 [ 25.072857][ T287] dump_stack+0x15/0x17 [ 25.076982][ T287] __schedule_bug+0x195/0x260 [ 25.082662][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 25.087755][ T287] __schedule+0xd0b/0x1580 [ 25.091999][ T287] ? __sched_text_start+0x8/0x8 [ 25.096689][ T287] ? task_work_add+0x1b0/0x1d0 [ 25.101284][ T287] schedule+0x11f/0x1e0 [ 25.105275][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 25.110311][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 25.115604][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 25.121356][ T287] do_syscall_64+0x49/0xb0 [ 25.125601][ T287] ? sysvec_call_function_single+0x52/0xb0 [ 25.131327][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 25.137061][ T287] RIP: 0033:0x4e65f7 [ 25.140800][ T287] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 [ 25.160384][ T287] RSP: 002b:00007ffdf369afb8 EFLAGS: 00000286 ORIG_RAX: 0000000000000003 [ 25.169220][ T287] RAX: 0000000000000000 RBX: 00000000ffffffff RCX: 00000000004e65f7 [ 25.177114][ T287] RDX: 00007ffdf369afc0 RSI: 0000000000008910 RDI: 0000000000000003 [ 25.184935][ T287] RBP: 0000000000000003 R08: 00000000ffffffff R09: 000000000000000c [ 25.192735][ T287] R10: 0000000000554612 R11: 0000000000000286 R12: 00007ffdf369b020 [pid 329] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 333] <... bpf resumed>) = 4 [pid 332] <... exit_group resumed>) = ? [pid 331] <... bpf resumed>) = 5 [pid 330] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 331] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 329] <... bpf resumed>) = 5 [pid 332] +++ exited with 0 +++ [pid 331] <... bpf resumed>) = 0 [pid 329] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 330] <... bpf resumed>) = 0 [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=332, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=325, si_uid=0, si_status=0, si_utime=0, si_stime=20} --- [pid 331] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 330] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 329] <... bpf resumed>) = 0 [pid 293] restart_syscall(<... resuming interrupted clone ...> [pid 333] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 331] <... bpf resumed>) = 6 [pid 330] <... bpf resumed>) = 6 [pid 329] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 293] <... restart_syscall resumed>) = 0 [pid 333] <... bpf resumed>) = 5 [pid 331] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 330] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 329] <... bpf resumed>) = 6 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 333] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 329] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16./strace-static-x86_64: Process 334 attached [pid 333] <... bpf resumed>) = 0 [pid 333] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 294] <... clone resumed>, child_tidptr=0x55555632b650) = 334 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 334] set_robust_list(0x55555632b660, 24 [pid 333] <... bpf resumed>) = 6 ./strace-static-x86_64: Process 335 attached [pid 334] <... set_robust_list resumed>) = 0 [pid 333] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 293] <... clone resumed>, child_tidptr=0x55555632b650) = 335 [pid 334] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 335] set_robust_list(0x55555632b660, 24 [pid 334] <... prctl resumed>) = 0 [pid 335] <... set_robust_list resumed>) = 0 [pid 334] setpgid(0, 0 [pid 335] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 334] <... setpgid resumed>) = 0 [pid 335] <... prctl resumed>) = 0 [pid 334] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 335] setpgid(0, 0) = 0 [pid 334] <... openat resumed>) = 3 [pid 334] write(3, "1000", 4 [pid 335] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 334] <... write resumed>) = 4 [pid 335] <... openat resumed>) = 3 [pid 334] close(3 [pid 335] write(3, "1000", 4 [pid 334] <... close resumed>) = 0 [pid 335] <... write resumed>) = 4 [pid 334] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 335] close(3) = 0 [pid 335] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 334] <... bpf resumed>) = 3 [ 25.200648][ T287] R13: 00007ffdf369afc0 R14: 0000000000423160 R15: 0000000000617180 [ 25.208549][ T287] [ 25.229890][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 25.241412][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 25.249431][ T287] Modules linked in: [ 25.253116][ T287] Preemption disabled at: [ 25.253125][ T287] [] remove_wait_queue+0x26/0x140 [ 25.263731][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 25.275146][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 25.285195][ T287] Call Trace: [ 25.288417][ T287] [ 25.291293][ T287] dump_stack_lvl+0x151/0x1b7 [ 25.295798][ T287] ? remove_wait_queue+0x26/0x140 [ 25.301609][ T287] ? remove_wait_queue+0x26/0x140 [ 25.306472][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 25.311940][ T287] ? remove_wait_queue+0x26/0x140 [ 25.316811][ T287] dump_stack+0x15/0x17 [ 25.320821][ T287] __schedule_bug+0x195/0x260 [ 25.325307][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 25.330427][ T287] ? kernel_waitid+0x520/0x520 [ 25.335028][ T287] ? wait_task_inactive+0x2cd/0x4f0 [ 25.340148][ T287] __schedule+0xd0b/0x1580 [ 25.344401][ T287] ? __x64_sys_wait4+0x181/0x1e0 [ 25.349183][ T287] ? bpf_trace_run2+0xf1/0x210 [ 25.353786][ T287] ? __sched_text_start+0x8/0x8 [ 25.358464][ T287] schedule+0x11f/0x1e0 [ 25.362453][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 25.367575][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 25.372870][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 25.378361][ T287] do_syscall_64+0x49/0xb0 [ 25.382690][ T287] ? sysvec_call_function_single+0x52/0xb0 [ 25.388504][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 25.394318][ T287] RIP: 0033:0x4d49a6 [ 25.398300][ T287] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24 [ 25.417765][ T287] RSP: 002b:00007ffdf369b1a8 EFLAGS: 00000246 ORIG_RAX: 000000000000003d [pid 334] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 335] <... bpf resumed>) = 3 [pid 334] <... bpf resumed>) = 4 [ 25.426078][ T287] RAX: 0000000000000149 RBX: 0000000000000005 RCX: 00000000004d49a6 [ 25.433973][ T287] RDX: 0000000040000001 RSI: 00007ffdf369b1cc RDI: 00000000ffffffff [ 25.441881][ T287] RBP: 0000000000a91a10 R08: 0000000000000000 R09: 0000000000000000 [ 25.449677][ T287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a96b40 [ 25.457500][ T287] R13: 000000000000014a R14: 00007ffdf369b1cc R15: 0000000000617180 [ 25.465349][ T287] [ 25.468832][ C1] softirq: huh, entered softirq 9 RCU ffffffff815c95e0 with preempt_count 00000102, exited with 00000101? [pid 333] <... bpf resumed>) = 7 [ 25.470023][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 25.480287][ T88] BUG: scheduling while atomic: klogd/88/0x00000002 [ 25.492064][ T285] BUG: scheduling while atomic: sshd/285/0x00000002 [ 25.498013][ T88] Modules linked in: [ 25.498029][ T88] Preemption disabled at: [ 25.498032][ T88] [] unix_dgram_sendmsg+0xd62/0x2090 [ 25.498061][ T88] CPU: 1 PID: 88 Comm: klogd Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 25.498078][ T88] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 25.498086][ T88] Call Trace: [ 25.498090][ T88] [ 25.498096][ T88] dump_stack_lvl+0x151/0x1b7 [ 25.498114][ T88] ? unix_dgram_sendmsg+0xd62/0x2090 [ 25.498134][ T88] ? unix_dgram_sendmsg+0xd62/0x2090 [ 25.498148][ T88] ? io_uring_drop_tctx_refs+0x190/0x190 [ 25.504466][ T285] Modules linked in: [ 25.508161][ T88] ? unix_dgram_sendmsg+0xd62/0x2090 [ 25.512340][ T285] [ 25.519020][ T88] dump_stack+0x15/0x17 [ 25.519051][ T88] __schedule_bug+0x195/0x260 [ 25.519068][ T88] ? __sys_sendto+0x5a2/0x720 [ 25.529662][ T285] Preemption disabled at: [ 25.539691][ T88] ? ttwu_queue_wakelist+0x510/0x510 [ 25.539723][ T88] ? __ia32_sys_getpeername+0x90/0x90 [ 25.542798][ T285] [] __set_current_blocked+0x11b/0x2f0 [ 25.545578][ T88] __schedule+0xd0b/0x1580 [ 25.615549][ T88] ? bpf_trace_run2+0xf1/0x210 [ 25.620132][ T88] ? __sched_text_start+0x8/0x8 [ 25.624823][ T88] schedule+0x11f/0x1e0 [ 25.628813][ T88] exit_to_user_mode_loop+0x4d/0xe0 [ 25.633845][ T88] exit_to_user_mode_prepare+0x5a/0xa0 [ 25.639312][ T88] syscall_exit_to_user_mode+0x26/0x160 [ 25.644697][ T88] do_syscall_64+0x49/0xb0 [ 25.648945][ T88] ? sysvec_call_function_single+0x52/0xb0 [ 25.654599][ T88] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 25.660317][ T88] RIP: 0033:0x7f878e7949b5 [ 25.664587][ T88] Code: 8b 44 24 08 48 83 c4 28 48 98 c3 48 98 c3 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 26 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 7a 48 8b 15 44 c4 0c 00 f7 d8 64 89 02 48 83 [ 25.684103][ T88] RSP: 002b:00007ffd533d3558 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 25.692359][ T88] RAX: 0000000000000054 RBX: 0000000000000000 RCX: 00007f878e7949b5 [ 25.700244][ T88] RDX: 0000000000000054 RSI: 0000555e22000130 RDI: 0000000000000003 [ 25.708067][ T88] RBP: 0000555e21ffa2c0 R08: 0000000000000000 R09: 0000000000000000 [ 25.715876][ T88] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000013 [ 25.723799][ T88] R13: 00007f878e922212 R14: 00007ffd533d3658 R15: 0000000000000000 [ 25.731606][ T88] [ 25.734579][ T285] CPU: 0 PID: 285 Comm: sshd Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 25.745053][ T285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 25.754961][ T285] Call Trace: [ 25.758074][ T285] [ 25.760857][ T285] dump_stack_lvl+0x151/0x1b7 [ 25.765373][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 25.770655][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 25.775953][ T285] ? io_uring_drop_tctx_refs+0x190/0x190 [ 25.781851][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 25.787143][ T285] dump_stack+0x15/0x17 [ 25.791149][ T285] __schedule_bug+0x195/0x260 [ 25.795654][ T285] ? ttwu_queue_wakelist+0x510/0x510 [ 25.800776][ T285] ? bpf_bprintf_cleanup+0x3f/0x60 [ 25.805720][ T285] ? __set_current_blocked+0x2a5/0x2f0 [ 25.811013][ T285] __schedule+0xd0b/0x1580 [ 25.815354][ T285] ? __kasan_check_read+0x11/0x20 [ 25.820215][ T285] ? __fdget_pos+0x209/0x3a0 [ 25.824636][ T285] ? __sched_text_start+0x8/0x8 [ 25.829328][ T285] ? ksys_write+0x24f/0x2c0 [ 25.833669][ T285] ? __x64_sys_rt_sigprocmask+0xb0/0xb0 [ 25.839052][ T285] schedule+0x11f/0x1e0 [ 25.843038][ T285] exit_to_user_mode_loop+0x4d/0xe0 [ 25.848072][ T285] exit_to_user_mode_prepare+0x5a/0xa0 [ 25.853472][ T285] syscall_exit_to_user_mode+0x26/0x160 [ 25.859921][ T285] do_syscall_64+0x49/0xb0 [ 25.864266][ T285] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 25.869932][ T285] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 25.875790][ T285] RIP: 0033:0x7f87d11febf2 [ 25.880062][ T285] Code: 89 c7 48 89 44 24 08 e8 7b 34 fa ff 48 8b 44 24 08 48 83 c4 28 c3 c3 64 8b 04 25 18 00 00 00 85 c0 75 20 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 6f 48 8b 15 07 a2 0d 00 f7 d8 64 89 02 48 83 [ 25.899578][ T285] RSP: 002b:00007ffdd8e89038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 25.907900][ T285] RAX: 0000000000000054 RBX: 0000000000000054 RCX: 00007f87d11febf2 [ 25.915710][ T285] RDX: 0000000000000054 RSI: 00005576ccc7d020 RDI: 0000000000000004 [ 25.923520][ T285] RBP: 00005576ccc6e290 R08: 0000000000000000 R09: 0000000000000000 [pid 331] <... bpf resumed>) = 7 [pid 330] <... bpf resumed>) = 7 [pid 329] <... bpf resumed>) = 7 [pid 335] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 334] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 333] exit_group(0 [pid 331] exit_group(0 [pid 330] exit_group(0 [pid 329] exit_group(0 [pid 335] <... bpf resumed>) = 4 [pid 334] <... bpf resumed>) = 5 [pid 333] <... exit_group resumed>) = ? [pid 331] <... exit_group resumed>) = ? [pid 330] <... exit_group resumed>) = ? [pid 329] <... exit_group resumed>) = ? [pid 335] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 334] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 335] <... bpf resumed>) = 5 [pid 333] +++ exited with 0 +++ [pid 335] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4) = 0 [pid 335] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 334] <... bpf resumed>) = 0 [pid 331] +++ exited with 0 +++ [pid 335] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 334] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=333, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 334] <... bpf resumed>) = 6 [ 25.931326][ T285] R10: 0000000000000000 R11: 0000000000000246 R12: 00005576cb662aa4 [ 25.939136][ T285] R13: 0000000000000019 R14: 00005576cb6633e8 R15: 00007ffdd8e890a8 [ 25.947347][ T285] [ 25.955869][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 25.967410][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 25.974887][ T287] Modules linked in: [ 25.978598][ T287] Preemption disabled at: [ 25.978607][ T287] [] pipe_write+0x1429/0x1930 [ 25.989196][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 26.000723][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 26.010785][ T287] Call Trace: [ 26.013904][ T287] [ 26.016673][ T287] dump_stack_lvl+0x151/0x1b7 [ 26.021184][ T287] ? pipe_write+0x1429/0x1930 [ 26.025697][ T287] ? pipe_write+0x1429/0x1930 [ 26.030210][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 26.035695][ T287] ? pipe_write+0x1429/0x1930 [ 26.040193][ T287] dump_stack+0x15/0x17 [ 26.044183][ T287] __schedule_bug+0x195/0x260 [ 26.048709][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 26.053820][ T287] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 26.059458][ T287] ? wait_task_inactive+0x2cd/0x4f0 [ 26.064539][ T287] __schedule+0xd0b/0x1580 [ 26.068762][ T287] ? _raw_spin_lock_irqsave+0x210/0x210 [ 26.074144][ T287] ? bpf_trace_run2+0xf1/0x210 [ 26.078726][ T287] ? __sched_text_start+0x8/0x8 [ 26.083416][ T287] ? ptrace_check_attach+0x323/0x420 [ 26.088533][ T287] schedule+0x11f/0x1e0 [ 26.092546][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 26.097560][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 26.102958][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 26.108331][ T287] do_syscall_64+0x49/0xb0 [ 26.112599][ T287] ? sysvec_call_function_single+0x52/0xb0 [ 26.118222][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 26.124119][ T287] RIP: 0033:0x4e6c1a [ 26.127857][ T287] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c [ 26.147392][ T287] RSP: 002b:00007ffdf369b090 EFLAGS: 00000206 ORIG_RAX: 0000000000000065 [ 26.155628][ T287] RAX: 0000000000000000 RBX: 0000000000a8f2f8 RCX: 00000000004e6c1a [ 26.163446][ T287] RDX: 0000000000000000 RSI: 000000000000014e RDI: 0000000000000018 [ 26.171248][ T287] RBP: 0000000000000018 R08: 0000000000000017 R09: 0000000000000001 [pid 334] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=331, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 295] <... clone resumed>, child_tidptr=0x55555632b650) = 337 ./strace-static-x86_64: Process 337 attached ./strace-static-x86_64: Process 338 attached [pid 291] <... clone resumed>, child_tidptr=0x55555632b650) = 338 [pid 338] set_robust_list(0x55555632b660, 24 [pid 337] set_robust_list(0x55555632b660, 24 [pid 338] <... set_robust_list resumed>) = 0 [pid 338] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 338] setpgid(0, 0) = 0 [pid 337] <... set_robust_list resumed>) = 0 [pid 338] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 337] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 337] setpgid(0, 0) = 0 [pid 338] write(3, "1000", 4) = 4 [pid 338] close(3) = 0 [pid 338] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 337] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 337] write(3, "1000", 4 [pid 335] <... bpf resumed>) = 7 [pid 337] <... write resumed>) = 4 [pid 335] exit_group(0 [pid 338] <... bpf resumed>) = 3 [ 26.179070][ T287] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000a91230 [ 26.186869][ T287] R13: 0000000000000000 R14: 000000000000857f R15: 0000000000617180 [ 26.194687][ T287] [ 26.209815][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 26.221254][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 26.229010][ T287] Modules linked in: [ 26.232798][ T287] Preemption disabled at: [ 26.232807][ T287] [] __se_sys_ptrace+0x229/0x400 [ 26.243248][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 26.254671][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 26.264566][ T287] Call Trace: [ 26.268294][ T287] [ 26.271245][ T287] dump_stack_lvl+0x151/0x1b7 [ 26.276370][ T287] ? __se_sys_ptrace+0x229/0x400 [ 26.281142][ T287] ? __se_sys_ptrace+0x229/0x400 [ 26.285913][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 26.291380][ T287] ? __se_sys_ptrace+0x229/0x400 [ 26.296325][ T287] dump_stack+0x15/0x17 [ 26.300312][ T287] __schedule_bug+0x195/0x260 [ 26.304804][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 26.309923][ T287] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 26.315579][ T287] ? bpf_bprintf_cleanup+0x1a/0x60 [ 26.320598][ T287] ? wait_task_inactive+0x2cd/0x4f0 [ 26.325643][ T287] __schedule+0xd0b/0x1580 [ 26.329898][ T287] ? __kasan_check_read+0x11/0x20 [ 26.334754][ T287] ? __fdget_pos+0x209/0x3a0 [ 26.339182][ T287] ? __sched_text_start+0x8/0x8 [ 26.343868][ T287] ? ksys_write+0x24f/0x2c0 [ 26.348209][ T287] schedule+0x11f/0x1e0 [ 26.352216][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 26.357233][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 26.362528][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 26.367918][ T287] do_syscall_64+0x49/0xb0 [ 26.372164][ T287] ? sysvec_call_function_single+0x52/0xb0 [ 26.377804][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 26.383620][ T287] RIP: 0033:0x4e5c73 [ 26.387350][ T287] Code: c7 c0 b8 ff ff ff 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18 [ 26.407313][ T287] RSP: 002b:00007ffdf369b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 26.415568][ T287] RAX: 0000000000000013 RBX: 0000000000000013 RCX: 00000000004e5c73 [ 26.424236][ T287] RDX: 0000000000000013 RSI: 0000000000a92000 RDI: 0000000000000002 [pid 337] close(3 [pid 335] <... exit_group resumed>) = ? [pid 338] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 337] <... close resumed>) = 0 [pid 334] <... bpf resumed>) = 7 [pid 330] +++ exited with 0 +++ [pid 329] +++ exited with 0 +++ [ 26.432049][ T287] RBP: 0000000000a92000 R08: 0000000000000000 R09: 0000000000000001 [ 26.439858][ T287] R10: 00007ffdf369afa7 R11: 0000000000000246 R12: 0000000000000013 [ 26.447677][ T287] R13: 0000000000617480 R14: 0000000000000013 R15: 0000000000617180 [ 26.456106][ T287] [ 26.462239][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 26.473671][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 26.481133][ T287] Modules linked in: [ 26.484833][ T287] Preemption disabled at: [ 26.484843][ T287] [] up_read+0x16/0x170 [ 26.494559][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 26.506111][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 26.516012][ T287] Call Trace: [ 26.519133][ T287] [ 26.521909][ T287] dump_stack_lvl+0x151/0x1b7 [ 26.526420][ T287] ? up_read+0x16/0x170 [ 26.530410][ T287] ? up_read+0x16/0x170 [ 26.534406][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 26.539872][ T287] ? up_read+0x16/0x170 [ 26.543867][ T287] dump_stack+0x15/0x17 [ 26.547856][ T287] __schedule_bug+0x195/0x260 [ 26.552373][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 26.557493][ T287] __schedule+0xd0b/0x1580 [ 26.561743][ T287] ? __sched_text_start+0x8/0x8 [ 26.566429][ T287] ? task_work_add+0x1b0/0x1d0 [ 26.571030][ T287] schedule+0x11f/0x1e0 [ 26.575021][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 26.580056][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 26.585351][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 26.590733][ T287] do_syscall_64+0x49/0xb0 [ 26.594985][ T287] ? sysvec_call_function_single+0x52/0xb0 [ 26.600637][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 26.606357][ T287] RIP: 0033:0x4e65f7 [ 26.610089][ T287] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 [pid 337] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 338] <... bpf resumed>) = 4 [pid 337] <... bpf resumed>) = 3 [pid 335] +++ exited with 0 +++ [pid 334] exit_group(0 [pid 296] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=330, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [ 26.629790][ T287] RSP: 002b:00007ffdf369af88 EFLAGS: 00000286 ORIG_RAX: 0000000000000003 [ 26.638145][ T287] RAX: 0000000000000000 RBX: 00000000ffffffff RCX: 00000000004e65f7 [ 26.645933][ T287] RDX: 00007ffdf369af90 RSI: 0000000000008910 RDI: 0000000000000003 [ 26.653759][ T287] RBP: 0000000000000003 R08: 00000000ffffffff R09: 000000000000000d [ 26.661639][ T287] R10: 00000000005549d3 R11: 0000000000000286 R12: 00007ffdf369aff0 [ 26.669508][ T287] R13: 00007ffdf369af90 R14: 0000000000427210 R15: 0000000000617180 [ 26.677273][ T287] [ 26.682602][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 26.694577][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 26.701957][ T287] Modules linked in: [ 26.705754][ T287] Preemption disabled at: [ 26.705762][ T287] [] is_module_text_address+0x1a/0x140 [ 26.716714][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 26.728165][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 26.738058][ T287] Call Trace: [ 26.741191][ T287] [ 26.743965][ T287] dump_stack_lvl+0x151/0x1b7 [ 26.748476][ T287] ? is_module_text_address+0x1a/0x140 [ 26.753773][ T287] ? is_module_text_address+0x1a/0x140 [ 26.759065][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 26.764530][ T287] ? is_module_text_address+0x1a/0x140 [ 26.769830][ T287] dump_stack+0x15/0x17 [ 26.773870][ T287] __schedule_bug+0x195/0x260 [ 26.778471][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 26.783558][ T287] ? bpf_bprintf_cleanup+0x3f/0x60 [ 26.788514][ T287] __schedule+0xd0b/0x1580 [ 26.792763][ T287] ? __kasan_check_read+0x11/0x20 [ 26.797746][ T287] ? __fdget_pos+0x209/0x3a0 [ 26.802169][ T287] ? __sched_text_start+0x8/0x8 [ 26.806845][ T287] ? ksys_write+0x24f/0x2c0 [ 26.811192][ T287] ? unlock_page_memcg+0x160/0x160 [ 26.816144][ T287] schedule+0x11f/0x1e0 [ 26.820264][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 26.825290][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 26.831227][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 26.836600][ T287] do_syscall_64+0x49/0xb0 [ 26.840869][ T287] ? sysvec_call_function_single+0x52/0xb0 [ 26.846509][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 26.852305][ T287] RIP: 0033:0x4e5c73 [ 26.856040][ T287] Code: c7 c0 b8 ff ff ff 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18 [ 26.875567][ T287] RSP: 002b:00007ffdf369b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [pid 338] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 337] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16) = 4 [pid 334] <... exit_group resumed>) = ? [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=335, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=329, si_uid=0, si_status=0, si_utime=0, si_stime=20} --- [pid 337] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 338] <... bpf resumed>) = 5 [pid 337] <... bpf resumed>) = 5 [pid 337] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4) = 0 [pid 337] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 338] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 337] <... bpf resumed>) = 6 [pid 334] +++ exited with 0 +++ [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 337] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 338] <... bpf resumed>) = 0 [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=334, si_uid=0, si_status=0, si_utime=0, si_stime=23} --- ./strace-static-x86_64: Process 340 attached [pid 338] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 294] restart_syscall(<... resuming interrupted clone ...> [pid 292] <... clone resumed>, child_tidptr=0x55555632b650) = 340 [pid 340] set_robust_list(0x55555632b660, 24 [pid 338] <... bpf resumed>) = 6 [pid 294] <... restart_syscall resumed>) = 0 [pid 340] <... set_robust_list resumed>) = 0 [pid 338] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 296] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 341 attached [pid 340] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 341] set_robust_list(0x55555632b660, 24 [pid 340] <... prctl resumed>) = 0 [pid 296] <... clone resumed>, child_tidptr=0x55555632b650) = 341 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 342 attached ./strace-static-x86_64: Process 343 attached [pid 341] <... set_robust_list resumed>) = 0 [pid 340] setpgid(0, 0 [pid 343] set_robust_list(0x55555632b660, 24 [pid 342] set_robust_list(0x55555632b660, 24 [pid 341] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 340] <... setpgid resumed>) = 0 [pid 294] <... clone resumed>, child_tidptr=0x55555632b650) = 343 [pid 293] <... clone resumed>, child_tidptr=0x55555632b650) = 342 [pid 343] <... set_robust_list resumed>) = 0 [pid 342] <... set_robust_list resumed>) = 0 [pid 341] <... prctl resumed>) = 0 [pid 340] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 343] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 342] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 341] setpgid(0, 0 [pid 340] <... openat resumed>) = 3 [pid 343] <... prctl resumed>) = 0 [pid 342] <... prctl resumed>) = 0 [pid 341] <... setpgid resumed>) = 0 [pid 340] write(3, "1000", 4 [pid 343] setpgid(0, 0 [pid 342] setpgid(0, 0 [pid 341] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 340] <... write resumed>) = 4 [pid 343] <... setpgid resumed>) = 0 [pid 342] <... setpgid resumed>) = 0 [pid 341] <... openat resumed>) = 3 [ 26.883808][ T287] RAX: 0000000000000111 RBX: 0000000000000111 RCX: 00000000004e5c73 [ 26.891888][ T287] RDX: 0000000000000111 RSI: 0000000000a92000 RDI: 0000000000000002 [ 26.899797][ T287] RBP: 0000000000a92000 R08: 0000000000000000 R09: 0000000000000002 [ 26.907686][ T287] R10: 00007ffdf369afa6 R11: 0000000000000246 R12: 0000000000000111 [ 26.915582][ T287] R13: 0000000000617480 R14: 0000000000000111 R15: 0000000000617180 [ 26.923398][ T287] [ 26.939184][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 26.950692][ T285] BUG: scheduling while atomic: sshd/285/0x00000002 [ 26.957180][ T285] Modules linked in: [ 26.960956][ T285] Preemption disabled at: [ 26.960964][ T285] [] touch_atime+0x36c/0x500 [ 26.971111][ T285] CPU: 0 PID: 285 Comm: sshd Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 26.981577][ T285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 26.991489][ T285] Call Trace: [ 26.994603][ T285] [ 26.997458][ T285] dump_stack_lvl+0x151/0x1b7 [ 27.001973][ T285] ? touch_atime+0x36c/0x500 [ 27.006482][ T285] ? touch_atime+0x36c/0x500 [ 27.011110][ T285] ? io_uring_drop_tctx_refs+0x190/0x190 [ 27.016576][ T285] ? touch_atime+0x36c/0x500 [ 27.021001][ T285] dump_stack+0x15/0x17 [ 27.025028][ T285] __schedule_bug+0x195/0x260 [ 27.029686][ T285] ? bpf_bprintf_cleanup+0x3f/0x60 [ 27.035004][ T285] ? ttwu_queue_wakelist+0x510/0x510 [ 27.040330][ T285] ? bpf_bprintf_cleanup+0x3f/0x60 [ 27.045350][ T285] ? __set_current_blocked+0x2a5/0x2f0 [ 27.050664][ T285] __schedule+0xd0b/0x1580 [ 27.054939][ T285] ? bpf_trace_run2+0xf1/0x210 [ 27.059495][ T285] ? __sched_text_start+0x8/0x8 [ 27.064183][ T285] ? bpf_trace_run1+0x1c0/0x1c0 [ 27.068878][ T285] ? ksys_read+0x24f/0x2c0 [ 27.073131][ T285] ? __x64_sys_rt_sigprocmask+0xb0/0xb0 [ 27.078506][ T285] schedule+0x11f/0x1e0 [ 27.082508][ T285] exit_to_user_mode_loop+0x4d/0xe0 [ 27.087531][ T285] exit_to_user_mode_prepare+0x5a/0xa0 [ 27.092825][ T285] syscall_exit_to_user_mode+0x26/0x160 [ 27.098227][ T285] do_syscall_64+0x49/0xb0 [ 27.102470][ T285] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 27.108191][ T285] RIP: 0033:0x7f87d11e5587 [ 27.112462][ T285] Code: 41 5c 41 5d 41 5e 41 5f 5d c3 b9 01 00 00 00 e9 12 fe ff ff 31 c9 e9 0b fe ff ff 0f 1f 84 00 00 00 00 00 b8 27 00 00 00 0f 05 0f 1f 84 00 00 00 00 00 b8 6e 00 00 00 0f 05 c3 0f 1f 84 00 00 [pid 340] close(3 [pid 343] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 342] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 341] write(3, "1000", 4 [pid 340] <... close resumed>) = 0 [pid 343] <... openat resumed>) = 3 [pid 342] <... openat resumed>) = 3 [pid 341] <... write resumed>) = 4 [pid 340] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 338] <... bpf resumed>) = 7 [pid 337] <... bpf resumed>) = 7 [pid 343] write(3, "1000", 4 [pid 342] write(3, "1000", 4 [pid 341] close(3 [pid 343] <... write resumed>) = 4 [pid 342] <... write resumed>) = 4 [pid 341] <... close resumed>) = 0 [pid 343] close(3 [pid 342] close(3 [pid 341] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 343] <... close resumed>) = 0 [pid 342] <... close resumed>) = 0 [pid 343] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 342] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 343] <... bpf resumed>) = 3 [pid 342] <... bpf resumed>) = 3 [pid 341] <... bpf resumed>) = 3 [pid 343] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 342] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 341] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 343] <... bpf resumed>) = 4 [pid 342] <... bpf resumed>) = 4 [pid 341] <... bpf resumed>) = 4 [pid 343] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 342] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 341] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 343] <... bpf resumed>) = 5 [pid 342] <... bpf resumed>) = 5 [pid 341] <... bpf resumed>) = 5 [pid 343] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 342] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 341] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 343] <... bpf resumed>) = 0 [pid 342] <... bpf resumed>) = 0 [pid 341] <... bpf resumed>) = 0 [ 27.132085][ T285] RSP: 002b:00007ffdd8e88968 EFLAGS: 00000246 ORIG_RAX: 0000000000000027 [ 27.140326][ T285] RAX: 000000000000011d RBX: 0000000000000000 RCX: 00007f87d11e5587 [ 27.148139][ T285] RDX: 0000000000000b29 RSI: 00005576cb66dfe0 RDI: 00005576cb66b937 [ 27.155952][ T285] RBP: 00005576cb66ce06 R08: 0000000000000006 R09: 0000000000000000 [ 27.163862][ T285] R10: 00005576cb66ce06 R11: 0000000000000246 R12: 00005576cb66b937 [ 27.171667][ T285] R13: 00005576cb66dfe0 R14: 00005576ccc76390 R15: 00007ffdd8e88ef0 [ 27.179476][ T285] [pid 343] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 342] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [ 27.183912][ T30] audit: type=1400 audit(1703934140.966:73): avc: denied { remove_name } for pid=81 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 27.207936][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 27.219370][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 27.226893][ T287] Modules linked in: [ 27.226929][ T30] audit: type=1400 audit(1703934140.966:74): avc: denied { rename } for pid=81 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 27.230665][ T287] Preemption disabled at: [ 27.230676][ T287] [] remove_wait_queue+0x26/0x140 [ 27.263217][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 27.274941][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 27.284820][ T287] Call Trace: [ 27.287931][ T287] [ 27.290721][ T287] dump_stack_lvl+0x151/0x1b7 [ 27.295243][ T287] ? remove_wait_queue+0x26/0x140 [ 27.300093][ T287] ? remove_wait_queue+0x26/0x140 [ 27.304947][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 27.310424][ T287] ? remove_wait_queue+0x26/0x140 [ 27.315274][ T287] dump_stack+0x15/0x17 [ 27.319769][ T287] __schedule_bug+0x195/0x260 [ 27.324284][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 27.329425][ T287] ? kernel_waitid+0x520/0x520 [ 27.334076][ T287] ? wait_task_inactive+0x2cd/0x4f0 [ 27.339108][ T287] __schedule+0xd0b/0x1580 [ 27.343358][ T287] ? __x64_sys_wait4+0x181/0x1e0 [ 27.348147][ T287] ? bpf_trace_run2+0xf1/0x210 [ 27.352749][ T287] ? __sched_text_start+0x8/0x8 [ 27.357435][ T287] schedule+0x11f/0x1e0 [ 27.361420][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 27.366459][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 27.371749][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 27.377130][ T287] do_syscall_64+0x49/0xb0 [ 27.381700][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 27.387438][ T287] RIP: 0033:0x4d49a6 [ 27.391146][ T287] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24 [ 27.410590][ T287] RSP: 002b:00007ffdf369b1a8 EFLAGS: 00000246 ORIG_RAX: 000000000000003d [ 27.418830][ T287] RAX: 0000000000000151 RBX: 0000000000000002 RCX: 00000000004d49a6 [ 27.426639][ T287] RDX: 0000000040000001 RSI: 00007ffdf369b1cc RDI: 00000000ffffffff [pid 341] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 340] <... bpf resumed>) = 3 [pid 338] exit_group(0 [pid 337] exit_group(0 [pid 343] <... bpf resumed>) = 6 [pid 342] <... bpf resumed>) = 6 [pid 341] <... bpf resumed>) = 6 [ 27.434552][ T287] RBP: 0000000000a91770 R08: 0000000000000000 R09: 0000000000000000 [ 27.442490][ T287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a96990 [ 27.450289][ T287] R13: 0000000000000152 R14: 00007ffdf369b1cc R15: 0000000000617180 [ 27.458214][ T287] [ 27.464329][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 27.475783][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 27.483373][ T287] Modules linked in: [ 27.487079][ T287] Preemption disabled at: [ 27.487086][ T287] [] __se_sys_ptrace+0x229/0x400 [ 27.497576][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 27.509914][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 27.519810][ T287] Call Trace: [ 27.522926][ T287] [ 27.525706][ T287] dump_stack_lvl+0x151/0x1b7 [ 27.530219][ T287] ? __se_sys_ptrace+0x229/0x400 [ 27.534991][ T287] ? __se_sys_ptrace+0x229/0x400 [ 27.539772][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 27.545318][ T287] ? __se_sys_ptrace+0x229/0x400 [ 27.550102][ T287] dump_stack+0x15/0x17 [ 27.554099][ T287] __schedule_bug+0x195/0x260 [ 27.558726][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 27.563832][ T287] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 27.569470][ T287] ? wait_task_inactive+0x2cd/0x4f0 [ 27.574617][ T287] __schedule+0xd0b/0x1580 [ 27.578896][ T287] ? _raw_spin_lock_irqsave+0x210/0x210 [ 27.584248][ T287] ? bpf_trace_run2+0xf1/0x210 [ 27.588851][ T287] ? __sched_text_start+0x8/0x8 [ 27.593534][ T287] ? ptrace_check_attach+0x323/0x420 [ 27.598652][ T287] schedule+0x11f/0x1e0 [ 27.602650][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 27.607904][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 27.613204][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 27.618738][ T287] do_syscall_64+0x49/0xb0 [ 27.622944][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 27.628743][ T287] RIP: 0033:0x4e6c1a [ 27.632624][ T287] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c [ 27.652156][ T287] RSP: 002b:00007ffdf369b090 EFLAGS: 00000206 ORIG_RAX: 0000000000000065 [ 27.660504][ T287] RAX: 0000000000000000 RBX: 0000000000a8f2f8 RCX: 00000000004e6c1a [ 27.668390][ T287] RDX: 0000000000000000 RSI: 0000000000000127 RDI: 0000000000000018 [ 27.676225][ T287] RBP: 0000000000000018 R08: 0000000000000017 R09: 0000000000000001 [ 27.684012][ T287] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000a914d0 [pid 343] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 342] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 341] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 340] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 338] <... exit_group resumed>) = ? [pid 337] <... exit_group resumed>) = ? [pid 343] <... bpf resumed>) = 7 [pid 342] <... bpf resumed>) = 7 [pid 341] <... bpf resumed>) = 7 [pid 340] <... bpf resumed>) = 4 [pid 340] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 5 [pid 340] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 337] +++ exited with 0 +++ [pid 340] <... bpf resumed>) = 0 [pid 340] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 343] exit_group(0 [pid 342] exit_group(0 [pid 341] exit_group(0 [pid 340] <... bpf resumed>) = 6 [pid 338] +++ exited with 0 +++ [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=337, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 340] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16) = 7 [pid 340] exit_group(0) = ? [pid 343] <... exit_group resumed>) = ? [pid 342] <... exit_group resumed>) = ? [pid 341] <... exit_group resumed>) = ? [pid 340] +++ exited with 0 +++ [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=338, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 343] +++ exited with 0 +++ [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=340, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 291] restart_syscall(<... resuming interrupted clone ...> [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=343, si_uid=0, si_status=0, si_utime=0, si_stime=23} --- [pid 291] <... restart_syscall resumed>) = 0 [ 27.691826][ T287] R13: 0000000000000000 R14: 000000000000857f R15: 0000000000617180 [ 27.699640][ T287] [ 27.710672][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000102, exited with 00000101? [ 27.722276][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 27.729753][ T287] Modules linked in: [ 27.733432][ T287] Preemption disabled at: [ 27.733439][ T287] [] try_to_wake_up+0x86/0x1150 [ 27.743910][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 27.755403][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 27.765294][ T287] Call Trace: [ 27.768409][ T287] [ 27.771205][ T287] dump_stack_lvl+0x151/0x1b7 [ 27.775710][ T287] ? try_to_wake_up+0x86/0x1150 [ 27.780402][ T287] ? try_to_wake_up+0x86/0x1150 [ 27.785077][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 27.790646][ T287] ? try_to_wake_up+0x86/0x1150 [ 27.795329][ T287] dump_stack+0x15/0x17 [ 27.799456][ T287] __schedule_bug+0x195/0x260 [ 27.803966][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 27.809076][ T287] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 27.814891][ T287] ? wait_task_inactive+0x2cd/0x4f0 [ 27.819934][ T287] __schedule+0xd0b/0x1580 [ 27.824190][ T287] ? _raw_spin_lock_irqsave+0x210/0x210 [ 27.829640][ T287] ? __sched_text_start+0x8/0x8 [ 27.835452][ T287] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 27.840606][ T287] ? _raw_spin_lock_irqsave+0x210/0x210 [ 27.845978][ T287] ? ptrace_check_attach+0x323/0x420 [ 27.851110][ T287] schedule+0x11f/0x1e0 [ 27.855133][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 27.860134][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 27.865590][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 27.871173][ T287] do_syscall_64+0x49/0xb0 [ 27.875533][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 27.881259][ T287] RIP: 0033:0x4e6c1a [ 27.884984][ T287] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c [ 27.904681][ T287] RSP: 002b:00007ffdf369b010 EFLAGS: 00000206 ORIG_RAX: 0000000000000065 [ 27.912925][ T287] RAX: 0000000000000050 RBX: 0000000000a910e0 RCX: 00000000004e6c1a [ 27.920934][ T287] RDX: 0000000000000058 RSI: 0000000000000126 RDI: 000000000000420e [ 27.928803][ T287] RBP: 00007ffdf369b110 R08: 000000000000420d R09: 0000000000000000 [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 345 attached ./strace-static-x86_64: Process 346 attached [pid 345] set_robust_list(0x55555632b660, 24 [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 294] <... clone resumed>, child_tidptr=0x55555632b650) = 346 [pid 292] <... clone resumed>, child_tidptr=0x55555632b650) = 345 [ 27.936554][ T287] R10: 000000000063c820 R11: 0000000000000206 R12: 0000000000a910e0 [ 27.944454][ T287] R13: 00007ffdf369b16c R14: 000000000000857f R15: 0000000000617180 [ 27.952258][ T287] [ 27.957486][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 27.969108][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 27.976549][ T287] Modules linked in: [ 27.980436][ T287] Preemption disabled at: [ 27.980442][ T287] [] remove_wait_queue+0x26/0x140 [ 27.990953][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 28.002376][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 28.012273][ T287] Call Trace: [ 28.015388][ T287] [ 28.018167][ T287] dump_stack_lvl+0x151/0x1b7 [ 28.022689][ T287] ? remove_wait_queue+0x26/0x140 [ 28.027547][ T287] ? remove_wait_queue+0x26/0x140 [ 28.032511][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 28.038085][ T287] ? remove_wait_queue+0x26/0x140 [ 28.042933][ T287] dump_stack+0x15/0x17 [ 28.046953][ T287] __schedule_bug+0x195/0x260 [ 28.051469][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 28.056561][ T287] ? kernel_waitid+0x520/0x520 [ 28.061169][ T287] __schedule+0xd0b/0x1580 [ 28.065507][ T287] ? __x64_sys_wait4+0x181/0x1e0 [ 28.070384][ T287] ? bpf_trace_run2+0xf1/0x210 [ 28.074982][ T287] ? __sched_text_start+0x8/0x8 [ 28.079676][ T287] schedule+0x11f/0x1e0 [ 28.083858][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 28.088974][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 28.094254][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 28.099634][ T287] do_syscall_64+0x49/0xb0 [ 28.103894][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 28.109615][ T287] RIP: 0033:0x4d49a6 [ 28.113361][ T287] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24 [ 28.132794][ T287] RSP: 002b:00007ffdf369b1a8 EFLAGS: 00000246 ORIG_RAX: 000000000000003d [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 348 attached ./strace-static-x86_64: Process 347 attached [pid 346] set_robust_list(0x55555632b660, 24 [pid 345] <... set_robust_list resumed>) = 0 [pid 341] +++ exited with 0 +++ [pid 346] <... set_robust_list resumed>) = 0 [pid 342] +++ exited with 0 +++ [pid 346] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 346] setpgid(0, 0) = 0 [pid 346] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 345] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 296] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=341, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 295] <... clone resumed>, child_tidptr=0x55555632b650) = 347 [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=342, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 291] <... clone resumed>, child_tidptr=0x55555632b650) = 348 [pid 346] write(3, "1000", 4) = 4 [pid 346] close(3) = 0 [pid 346] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 345] <... prctl resumed>) = 0 [pid 348] set_robust_list(0x55555632b660, 24 [pid 347] set_robust_list(0x55555632b660, 24 [pid 346] <... bpf resumed>) = 3 [pid 348] <... set_robust_list resumed>) = 0 [pid 347] <... set_robust_list resumed>) = 0 [pid 346] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 345] setpgid(0, 0 [pid 347] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 348] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 348] setpgid(0, 0 [pid 347] <... prctl resumed>) = 0 [pid 345] <... setpgid resumed>) = 0 [pid 348] <... setpgid resumed>) = 0 [pid 348] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 347] setpgid(0, 0 [pid 345] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 348] write(3, "1000", 4 [pid 347] <... setpgid resumed>) = 0 [pid 348] <... write resumed>) = 4 [pid 345] <... openat resumed>) = 3 [pid 348] close(3 [pid 296] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] <... close resumed>) = 0 [pid 347] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 348] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73./strace-static-x86_64: Process 350 attached ./strace-static-x86_64: Process 349 attached [pid 347] <... openat resumed>) = 3 [pid 345] write(3, "1000", 4 [pid 350] set_robust_list(0x55555632b660, 24 [pid 349] set_robust_list(0x55555632b660, 24 [pid 348] <... bpf resumed>) = 3 [pid 347] write(3, "1000", 4 [pid 348] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 345] <... write resumed>) = 4 [pid 347] <... write resumed>) = 4 [pid 296] <... clone resumed>, child_tidptr=0x55555632b650) = 349 [pid 293] <... clone resumed>, child_tidptr=0x55555632b650) = 350 [pid 350] <... set_robust_list resumed>) = 0 [pid 349] <... set_robust_list resumed>) = 0 [pid 347] close(3 [pid 345] close(3 [pid 350] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 349] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 347] <... close resumed>) = 0 [pid 345] <... close resumed>) = 0 [pid 350] <... prctl resumed>) = 0 [pid 349] <... prctl resumed>) = 0 [pid 347] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 345] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 350] setpgid(0, 0 [pid 349] setpgid(0, 0 [pid 350] <... setpgid resumed>) = 0 [pid 347] <... bpf resumed>) = 3 [pid 349] <... setpgid resumed>) = 0 [pid 347] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 345] <... bpf resumed>) = 3 [pid 349] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 345] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 349] <... openat resumed>) = 3 [pid 349] write(3, "1000", 4 [pid 350] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 349] <... write resumed>) = 4 [pid 349] close(3) = 0 [pid 349] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 350] <... openat resumed>) = 3 [pid 350] write(3, "1000", 4) = 4 [pid 349] <... bpf resumed>) = 3 [pid 350] close(3) = 0 [pid 350] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 349] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 350] <... bpf resumed>) = 3 [pid 349] <... bpf resumed>) = 4 [pid 348] <... bpf resumed>) = 4 [pid 347] <... bpf resumed>) = 4 [pid 346] <... bpf resumed>) = 4 [pid 345] <... bpf resumed>) = 4 [pid 350] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 348] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 347] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 346] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 345] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 349] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 350] <... bpf resumed>) = 4 [pid 349] <... bpf resumed>) = 5 [pid 348] <... bpf resumed>) = 5 [pid 347] <... bpf resumed>) = 5 [pid 346] <... bpf resumed>) = 5 [pid 345] <... bpf resumed>) = 5 [pid 350] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 349] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 348] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 347] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 346] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 345] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 350] <... bpf resumed>) = 5 [pid 349] <... bpf resumed>) = 0 [pid 348] <... bpf resumed>) = 0 [pid 347] <... bpf resumed>) = 0 [pid 346] <... bpf resumed>) = 0 [pid 345] <... bpf resumed>) = 0 [pid 350] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 349] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 348] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 347] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 346] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 345] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 350] <... bpf resumed>) = 0 [pid 348] <... bpf resumed>) = 6 [pid 350] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 347] <... bpf resumed>) = 6 [pid 350] <... bpf resumed>) = 6 [pid 348] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 347] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 346] <... bpf resumed>) = 6 [pid 345] <... bpf resumed>) = 6 [ 28.141054][ T287] RAX: 000000000000015c RBX: 0000000000000001 RCX: 00000000004d49a6 [ 28.148848][ T287] RDX: 0000000040000001 RSI: 00007ffdf369b1cc RDI: 00000000ffffffff [ 28.156665][ T287] RBP: 0000000000a91620 R08: 0000000000000000 R09: 0000000000000000 [ 28.164814][ T287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a96900 [ 28.172810][ T287] R13: 000000000000015a R14: 00007ffdf369b1cc R15: 0000000000617180 [ 28.180708][ T287] [pid 350] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 349] <... bpf resumed>) = 6 [pid 348] <... bpf resumed>) = 7 [ 28.211353][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 28.222994][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 28.230697][ T287] Modules linked in: [ 28.234403][ T287] Preemption disabled at: [ 28.234411][ T287] [] __se_sys_ptrace+0x229/0x400 [ 28.245135][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 28.256709][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 28.266605][ T287] Call Trace: [ 28.269727][ T287] [ 28.272505][ T287] dump_stack_lvl+0x151/0x1b7 [ 28.277017][ T287] ? __se_sys_ptrace+0x229/0x400 [ 28.281783][ T287] ? __se_sys_ptrace+0x229/0x400 [ 28.286558][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 28.292039][ T287] ? __se_sys_ptrace+0x229/0x400 [ 28.296838][ T287] dump_stack+0x15/0x17 [ 28.300791][ T287] __schedule_bug+0x195/0x260 [ 28.305450][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 28.310517][ T287] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 28.316158][ T287] ? bpf_bprintf_cleanup+0x3f/0x60 [ 28.321109][ T287] ? wait_task_inactive+0x2cd/0x4f0 [ 28.326138][ T287] __schedule+0xd0b/0x1580 [ 28.330392][ T287] ? __kasan_check_read+0x11/0x20 [ 28.335268][ T287] ? __fdget_pos+0x209/0x3a0 [ 28.339676][ T287] ? __sched_text_start+0x8/0x8 [ 28.344461][ T287] ? ksys_write+0x24f/0x2c0 [ 28.348970][ T287] schedule+0x11f/0x1e0 [ 28.352964][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 28.357995][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 28.363448][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 28.368824][ T287] do_syscall_64+0x49/0xb0 [ 28.373155][ T287] ? sysvec_call_function_single+0x52/0xb0 [ 28.378797][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 28.384522][ T287] RIP: 0033:0x4e5c73 [ 28.388517][ T287] Code: c7 c0 b8 ff ff ff 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18 [pid 347] <... bpf resumed>) = 7 [pid 346] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 345] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 350] <... bpf resumed>) = 7 [pid 349] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 348] exit_group(0 [pid 350] exit_group(0) = ? [pid 350] +++ exited with 0 +++ [pid 349] <... bpf resumed>) = 7 [pid 347] exit_group(0 [pid 346] <... bpf resumed>) = 7 [pid 345] <... bpf resumed>) = 7 [pid 349] exit_group(0 [pid 348] <... exit_group resumed>) = ? [pid 347] <... exit_group resumed>) = ? [pid 346] exit_group(0 [pid 345] exit_group(0 [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=350, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [ 28.408403][ T287] RSP: 002b:00007ffdf369afe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 28.416642][ T287] RAX: 000000000000002c RBX: 000000000000002c RCX: 00000000004e5c73 [ 28.424533][ T287] RDX: 000000000000002c RSI: 0000000000a92000 RDI: 0000000000000002 [ 28.434090][ T287] RBP: 0000000000a92000 R08: 0000000000000000 R09: 0000000000000003 [ 28.442244][ T287] R10: 00007ffdf369afc7 R11: 0000000000000246 R12: 000000000000002c [ 28.450146][ T287] R13: 0000000000617480 R14: 000000000000002c R15: 0000000000000001 [ 28.457961][ T287] [ 28.465233][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 28.476766][ T81] BUG: scheduling while atomic: syslogd/81/0x00000002 [ 28.483434][ T81] Modules linked in: [ 28.487161][ T81] Preemption disabled at: [ 28.487170][ T81] [] vfs_write+0x94b/0x1110 [ 28.497265][ T81] CPU: 0 PID: 81 Comm: syslogd Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 28.507898][ T81] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 28.517950][ T81] Call Trace: [ 28.521025][ T81] [ 28.523913][ T81] dump_stack_lvl+0x151/0x1b7 [ 28.528413][ T81] ? vfs_write+0x94b/0x1110 [ 28.532742][ T81] ? vfs_write+0x94b/0x1110 [ 28.537089][ T81] ? io_uring_drop_tctx_refs+0x190/0x190 [ 28.542656][ T81] ? vfs_write+0x94b/0x1110 [ 28.546990][ T81] dump_stack+0x15/0x17 [ 28.550970][ T81] __schedule_bug+0x195/0x260 [ 28.555482][ T81] ? ttwu_queue_wakelist+0x510/0x510 [ 28.560690][ T81] ? __rcu_read_unlock+0xd0/0xd0 [ 28.565465][ T81] __schedule+0xd0b/0x1580 [ 28.569718][ T81] ? __kasan_check_read+0x11/0x20 [ 28.574574][ T81] ? __fdget_pos+0x209/0x3a0 [ 28.579198][ T81] ? __sched_text_start+0x8/0x8 [ 28.583861][ T81] ? ksys_read+0x24f/0x2c0 [ 28.588293][ T81] schedule+0x11f/0x1e0 [ 28.592531][ T81] exit_to_user_mode_loop+0x4d/0xe0 [ 28.597573][ T81] exit_to_user_mode_prepare+0x5a/0xa0 [ 28.602856][ T81] syscall_exit_to_user_mode+0x26/0x160 [ 28.608227][ T81] do_syscall_64+0x49/0xb0 [ 28.612477][ T81] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 28.618122][ T81] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 28.623942][ T81] RIP: 0033:0x7fcf6f042b6a [ 28.628196][ T81] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83 [ 28.647731][ T81] RSP: 002b:00007ffe96bf0e98 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 28.655994][ T81] RAX: 0000000000000053 RBX: 0000000000000002 RCX: 00007fcf6f042b6a [pid 349] <... exit_group resumed>) = ? [pid 348] +++ exited with 0 +++ [pid 347] +++ exited with 0 +++ [pid 346] <... exit_group resumed>) = ? [pid 345] <... exit_group resumed>) = ? [pid 293] restart_syscall(<... resuming interrupted clone ...> [pid 349] +++ exited with 0 +++ [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=347, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 293] <... restart_syscall resumed>) = 0 [pid 296] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=349, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 296] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 296] <... clone resumed>, child_tidptr=0x55555632b650) = 352 [pid 295] <... clone resumed>, child_tidptr=0x55555632b650) = 353 [pid 293] <... clone resumed>, child_tidptr=0x55555632b650) = 354 ./strace-static-x86_64: Process 354 attached [pid 354] set_robust_list(0x55555632b660, 24) = 0 [pid 354] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 354] setpgid(0, 0) = 0 [pid 354] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 354] write(3, "1000", 4) = 4 [pid 354] close(3) = 0 [pid 354] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73./strace-static-x86_64: Process 353 attached [pid 353] set_robust_list(0x55555632b660, 24) = 0 [pid 353] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 353] setpgid(0, 0) = 0 [pid 353] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 353] write(3, "1000", 4) = 4 [pid 353] close(3) = 0 [pid 353] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 354] <... bpf resumed>) = 3 [pid 353] <... bpf resumed>) = 3 [pid 354] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [ 28.663793][ T81] RDX: 00000000000000ff RSI: 0000561060b2c300 RDI: 0000000000000000 [ 28.671683][ T81] RBP: 0000561060b2c2c0 R08: 0000000000000001 R09: 0000000000000000 [ 28.679496][ T81] R10: 00007fcf6f1e13a3 R11: 0000000000000246 R12: 0000561060b2c352 [ 28.687305][ T81] R13: 0000561060b2c300 R14: 0000000000000000 R15: 00007fcf6f21fa80 [ 28.695652][ T81] [ 28.700786][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 28.712196][ T285] BUG: scheduling while atomic: sshd/285/0x00000002 [ 28.718932][ T285] Modules linked in: [ 28.723036][ T285] Preemption disabled at: [ 28.723046][ T285] [] pipe_read+0x5b3/0x1040 [ 28.733117][ T285] CPU: 0 PID: 285 Comm: sshd Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 28.743927][ T285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 28.753829][ T285] Call Trace: [ 28.756945][ T285] [ 28.759722][ T285] dump_stack_lvl+0x151/0x1b7 [ 28.764233][ T285] ? pipe_read+0x5b3/0x1040 [ 28.768569][ T285] ? pipe_read+0x5b3/0x1040 [ 28.772912][ T285] ? io_uring_drop_tctx_refs+0x190/0x190 [ 28.778380][ T285] ? pipe_read+0x5b3/0x1040 [ 28.782716][ T285] dump_stack+0x15/0x17 [ 28.786856][ T285] __schedule_bug+0x195/0x260 [ 28.791532][ T285] ? ttwu_queue_wakelist+0x510/0x510 [ 28.796822][ T285] ? __set_current_blocked+0x2a5/0x2f0 [ 28.802203][ T285] __schedule+0xd0b/0x1580 [ 28.806453][ T285] ? bpf_trace_run2+0xf1/0x210 [ 28.811052][ T285] ? __sched_text_start+0x8/0x8 [ 28.815739][ T285] ? bpf_trace_run1+0x1c0/0x1c0 [ 28.820426][ T285] ? ksys_read+0x24f/0x2c0 [ 28.825722][ T285] ? __x64_sys_rt_sigprocmask+0xb0/0xb0 [ 28.831121][ T285] schedule+0x11f/0x1e0 [ 28.835191][ T285] exit_to_user_mode_loop+0x4d/0xe0 [ 28.840226][ T285] exit_to_user_mode_prepare+0x5a/0xa0 [ 28.845534][ T285] syscall_exit_to_user_mode+0x26/0x160 [ 28.850907][ T285] do_syscall_64+0x49/0xb0 [ 28.855159][ T285] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 28.860885][ T285] RIP: 0033:0x7f87d11e5587 [ 28.865133][ T285] Code: 41 5c 41 5d 41 5e 41 5f 5d c3 b9 01 00 00 00 e9 12 fe ff ff 31 c9 e9 0b fe ff ff 0f 1f 84 00 00 00 00 00 b8 27 00 00 00 0f 05 0f 1f 84 00 00 00 00 00 b8 6e 00 00 00 0f 05 c3 0f 1f 84 00 00 [ 28.884669][ T285] RSP: 002b:00007ffdd8e88958 EFLAGS: 00000246 ORIG_RAX: 0000000000000027 [ 28.893087][ T285] RAX: 000000000000011d RBX: 0000000000000000 RCX: 00007f87d11e5587 [ 28.900900][ T285] RDX: 0000000000000b16 RSI: 00005576cb66dfe0 RDI: 00005576cb66b937 [pid 353] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=348, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- ./strace-static-x86_64: Process 352 attached [pid 352] set_robust_list(0x55555632b660, 24) = 0 [pid 352] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 352] setpgid(0, 0) = 0 [pid 352] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 352] write(3, "1000", 4) = 4 [pid 352] close(3) = 0 [pid 352] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555632b650) = 355 [pid 352] <... bpf resumed>) = 3 [pid 352] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16./strace-static-x86_64: Process 355 attached [pid 355] set_robust_list(0x55555632b660, 24) = 0 [pid 355] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 355] setpgid(0, 0) = 0 [pid 355] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 355] write(3, "1000", 4) = 4 [pid 355] close(3) = 0 [pid 355] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 355] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 346] +++ exited with 0 +++ [pid 345] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=346, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555632b650) = 356 [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=345, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- ./strace-static-x86_64: Process 356 attached [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 356] set_robust_list(0x55555632b660, 24) = 0 [pid 356] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 356] setpgid(0, 0) = 0 [pid 292] <... clone resumed>, child_tidptr=0x55555632b650) = 357 [pid 356] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 357 attached ) = 3 [pid 356] write(3, "1000", 4) = 4 [pid 356] close(3) = 0 [pid 356] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 357] set_robust_list(0x55555632b660, 24) = 0 [pid 357] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 357] setpgid(0, 0) = 0 [pid 357] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 357] write(3, "1000", 4) = 4 [pid 357] close(3) = 0 [pid 357] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 356] <... bpf resumed>) = 3 [pid 356] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 357] <... bpf resumed>) = 3 [pid 357] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 354] <... bpf resumed>) = 4 [pid 355] <... bpf resumed>) = 4 [pid 354] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 353] <... bpf resumed>) = 4 [pid 352] <... bpf resumed>) = 4 [pid 355] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 354] <... bpf resumed>) = 5 [pid 353] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 352] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 355] <... bpf resumed>) = 5 [pid 354] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 353] <... bpf resumed>) = 5 [pid 352] <... bpf resumed>) = 5 [pid 355] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 354] <... bpf resumed>) = 0 [pid 353] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 352] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 355] <... bpf resumed>) = 0 [pid 354] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 353] <... bpf resumed>) = 0 [pid 352] <... bpf resumed>) = 0 [pid 356] <... bpf resumed>) = 4 [pid 355] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 354] <... bpf resumed>) = 6 [pid 353] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [ 28.909922][ T285] RBP: 00005576cb66cdd0 R08: 0000000000000006 R09: 0000000000000000 [ 28.917739][ T285] R10: 00005576cb66cdd0 R11: 0000000000000246 R12: 00005576cb66b937 [ 28.925646][ T285] R13: 00005576cb66dfe0 R14: 00005576ccc76390 R15: 00007ffdd8e88ee0 [ 28.934063][ T285] [ 28.955859][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 28.967414][ T285] BUG: scheduling while atomic: sshd/285/0x00000002 [ 28.973924][ T285] Modules linked in: [ 28.977672][ T285] Preemption disabled at: [ 28.977686][ T285] [] __set_current_blocked+0x11b/0x2f0 [ 28.988941][ T285] CPU: 0 PID: 285 Comm: sshd Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 28.999394][ T285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 29.009375][ T285] Call Trace: [ 29.012497][ T285] [ 29.015278][ T285] dump_stack_lvl+0x151/0x1b7 [ 29.019782][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 29.025077][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 29.030373][ T285] ? io_uring_drop_tctx_refs+0x190/0x190 [ 29.035840][ T285] ? fsnotify_perm+0x470/0x5d0 [ 29.042002][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 29.047333][ T285] dump_stack+0x15/0x17 [ 29.051377][ T285] __schedule_bug+0x195/0x260 [ 29.055890][ T285] ? ttwu_queue_wakelist+0x510/0x510 [ 29.061009][ T285] ? bpf_bprintf_cleanup+0x3f/0x60 [ 29.065957][ T285] ? __set_current_blocked+0x2a5/0x2f0 [ 29.071252][ T285] __schedule+0xd0b/0x1580 [ 29.075511][ T285] ? __kasan_check_read+0x11/0x20 [ 29.080539][ T285] ? __fdget_pos+0x209/0x3a0 [ 29.084965][ T285] ? __sched_text_start+0x8/0x8 [ 29.089652][ T285] ? ksys_read+0x24f/0x2c0 [ 29.093904][ T285] ? __x64_sys_rt_sigprocmask+0xb0/0xb0 [ 29.099283][ T285] schedule+0x11f/0x1e0 [ 29.103282][ T285] exit_to_user_mode_loop+0x4d/0xe0 [ 29.108309][ T285] exit_to_user_mode_prepare+0x5a/0xa0 [ 29.113606][ T285] syscall_exit_to_user_mode+0x26/0x160 [ 29.118985][ T285] do_syscall_64+0x49/0xb0 [ 29.123237][ T285] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 29.128895][ T285] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 29.134611][ T285] RIP: 0033:0x7f87d11feb6a [ 29.138871][ T285] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83 [ 29.158428][ T285] RSP: 002b:00007ffdd8e84ef8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [pid 352] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 357] <... bpf resumed>) = 4 [pid 355] <... bpf resumed>) = 6 [pid 354] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 353] <... bpf resumed>) = 6 [pid 352] <... bpf resumed>) = 6 [pid 357] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 355] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 354] <... bpf resumed>) = 7 [ 29.166666][ T285] RAX: 00000000000002ee RBX: 0000000000000000 RCX: 00007f87d11feb6a [ 29.174501][ T285] RDX: 0000000000004000 RSI: 00007ffdd8e84f18 RDI: 0000000000000009 [ 29.182315][ T285] RBP: 00005576ccc76390 R08: 0000000000000000 R09: 0000000000000000 [ 29.190104][ T285] R10: 00007ffdd8e84f18 R11: 0000000000000246 R12: 00005576ccc6e5e0 [ 29.197910][ T285] R13: 00005576cb66b937 R14: 00005576cb66e480 R15: 00005576ccc6e5e0 [ 29.205730][ T285] [ 29.209740][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 29.221160][ T285] BUG: scheduling while atomic: sshd/285/0x00000002 [ 29.227546][ T285] Modules linked in: [ 29.231305][ T285] Preemption disabled at: [ 29.231313][ T285] [] __set_current_blocked+0x11b/0x2f0 [ 29.242316][ T285] CPU: 0 PID: 285 Comm: sshd Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 29.253008][ T285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 29.263009][ T285] Call Trace: [ 29.266124][ T285] [ 29.268900][ T285] dump_stack_lvl+0x151/0x1b7 [ 29.273410][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 29.278705][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 29.284011][ T285] ? io_uring_drop_tctx_refs+0x190/0x190 [ 29.290334][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 29.295640][ T285] dump_stack+0x15/0x17 [ 29.299626][ T285] __schedule_bug+0x195/0x260 [ 29.304132][ T285] ? __kasan_check_write+0x14/0x20 [ 29.309089][ T285] ? ttwu_queue_wakelist+0x510/0x510 [ 29.314205][ T285] ? __set_current_blocked+0x2a5/0x2f0 [ 29.319499][ T285] __schedule+0xd0b/0x1580 [ 29.323749][ T285] ? __kasan_check_read+0x11/0x20 [ 29.328606][ T285] ? _copy_to_user+0x78/0x90 [ 29.333034][ T285] ? __sched_text_start+0x8/0x8 [ 29.337738][ T285] ? __se_sys_rt_sigprocmask+0x311/0x380 [ 29.343192][ T285] ? __x64_sys_rt_sigprocmask+0xb0/0xb0 [ 29.348579][ T285] schedule+0x11f/0x1e0 [ 29.352567][ T285] exit_to_user_mode_loop+0x4d/0xe0 [ 29.357614][ T285] exit_to_user_mode_prepare+0x5a/0xa0 [ 29.362892][ T285] syscall_exit_to_user_mode+0x26/0x160 [ 29.368297][ T285] do_syscall_64+0x49/0xb0 [ 29.372707][ T285] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 29.378345][ T285] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 29.384066][ T285] RIP: 0033:0x7f87d11aa773 [ 29.388325][ T285] Code: 00 f3 a5 48 8d 74 24 88 48 b9 ff ff ff 7f fe ff ff ff 48 21 c8 48 89 44 24 88 41 ba 08 00 00 00 44 89 c7 b8 0e 00 00 00 0f 05 <45> 31 c0 3d 00 f0 ff ff 76 06 41 89 c0 41 f7 d8 44 89 c0 5a c3 41 [ 29.407766][ T285] RSP: 002b:00007ffdd8e89040 EFLAGS: 00000246 ORIG_RAX: 000000000000000e [pid 352] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 357] <... bpf resumed>) = 5 [pid 354] exit_group(0 [pid 352] <... bpf resumed>) = 7 [pid 357] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 354] <... exit_group resumed>) = ? [pid 357] <... bpf resumed>) = 0 [pid 357] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 357] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 352] exit_group(0) = ? [pid 356] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 5 [pid 356] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4) = 0 [pid 356] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 353] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 354] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=354, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555632b650) = 359 [pid 356] <... bpf resumed>) = 6 [pid 356] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16./strace-static-x86_64: Process 359 attached [pid 357] <... bpf resumed>) = 7 [ 29.416011][ T285] RAX: 0000000000000000 RBX: 0000000000060000 RCX: 00007f87d11aa773 [ 29.423819][ T285] RDX: 00007ffdd8e89128 RSI: 00007ffdd8e890a8 RDI: 0000000000000001 [ 29.431628][ T285] RBP: 00005576ccc6e5e0 R08: 0000000000000001 R09: 0000000000000000 [ 29.440136][ T285] R10: 0000000000000008 R11: 0000000000000246 R12: 00005576cb662aa4 [ 29.447947][ T285] R13: 000000000000001d R14: 00005576cb6633e8 R15: 00007ffdd8e890a8 [ 29.455761][ T285] [ 29.464705][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 29.476142][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 29.483599][ T287] Modules linked in: [ 29.487194][ T287] Preemption disabled at: [ 29.487199][ T287] [] try_to_wake_up+0x86/0x1150 [ 29.500074][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 29.512983][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 29.522966][ T287] Call Trace: [ 29.526087][ T287] [ 29.528866][ T287] dump_stack_lvl+0x151/0x1b7 [ 29.533379][ T287] ? try_to_wake_up+0x86/0x1150 [ 29.538064][ T287] ? try_to_wake_up+0x86/0x1150 [ 29.542839][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 29.548314][ T287] ? try_to_wake_up+0x86/0x1150 [ 29.552990][ T287] dump_stack+0x15/0x17 [ 29.557070][ T287] __schedule_bug+0x195/0x260 [ 29.561584][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 29.566705][ T287] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 29.572355][ T287] ? wait_task_inactive+0x2cd/0x4f0 [ 29.577386][ T287] __schedule+0xd0b/0x1580 [ 29.581635][ T287] ? _raw_spin_lock_irqsave+0x210/0x210 [ 29.587014][ T287] ? __sched_text_start+0x8/0x8 [ 29.591698][ T287] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 29.596647][ T287] ? _raw_spin_lock_irqsave+0x210/0x210 [ 29.602029][ T287] ? ptrace_check_attach+0x323/0x420 [ 29.607166][ T287] schedule+0x11f/0x1e0 [ 29.611155][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 29.616263][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 29.621568][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 29.626938][ T287] do_syscall_64+0x49/0xb0 [ 29.631188][ T287] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 29.637006][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 29.642731][ T287] RIP: 0033:0x4e6c1a [ 29.646467][ T287] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c [pid 359] set_robust_list(0x55555632b660, 24 [pid 357] exit_group(0 [pid 355] <... bpf resumed>) = 7 [pid 353] <... bpf resumed>) = 7 [pid 355] exit_group(0) = ? [ 29.665994][ T287] RSP: 002b:00007ffdf369b010 EFLAGS: 00000206 ORIG_RAX: 0000000000000065 [ 29.674237][ T287] RAX: 0000000000000050 RBX: 0000000000a914d0 RCX: 00000000004e6c1a [ 29.682050][ T287] RDX: 0000000000000058 RSI: 0000000000000127 RDI: 000000000000420e [ 29.689862][ T287] RBP: 00007ffdf369b110 R08: 000000000000420d R09: 0000000000000003 [ 29.697757][ T287] R10: 000000000063c820 R11: 0000000000000206 R12: 0000000000a914d0 [ 29.705570][ T287] R13: 00007ffdf369b16c R14: 000000000000857f R15: 0000000000617180 [ 29.713384][ T287] [ 29.718790][ C0] softirq: huh, entered softirq 9 RCU ffffffff815c95e0 with preempt_count 00000103, exited with 00000102? [ 29.729940][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 29.737285][ T287] Modules linked in: [ 29.741039][ T287] Preemption disabled at: [ 29.741045][ T287] [] remove_wait_queue+0x26/0x140 [ 29.751613][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 29.763048][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 29.772942][ T287] Call Trace: [ 29.776065][ T287] [ 29.778845][ T287] dump_stack_lvl+0x151/0x1b7 [ 29.783357][ T287] ? remove_wait_queue+0x26/0x140 [ 29.788251][ T287] ? remove_wait_queue+0x26/0x140 [ 29.793265][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 29.798903][ T287] ? remove_wait_queue+0x26/0x140 [ 29.803754][ T287] dump_stack+0x15/0x17 [ 29.807743][ T287] __schedule_bug+0x195/0x260 [ 29.812281][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 29.817380][ T287] ? kernel_waitid+0x520/0x520 [ 29.821981][ T287] __schedule+0xd0b/0x1580 [ 29.826233][ T287] ? __x64_sys_wait4+0x181/0x1e0 [ 29.831010][ T287] ? bpf_trace_run2+0xf1/0x210 [ 29.835605][ T287] ? __sched_text_start+0x8/0x8 [ 29.840311][ T287] schedule+0x11f/0x1e0 [ 29.844286][ T287] exit_to_user_mode_loop+0x4d/0xe0 [ 29.849317][ T287] exit_to_user_mode_prepare+0x5a/0xa0 [ 29.854612][ T287] syscall_exit_to_user_mode+0x26/0x160 [ 29.859993][ T287] do_syscall_64+0x49/0xb0 [ 29.864245][ T287] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 29.869890][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 29.875739][ T287] RIP: 0033:0x4d49a6 [ 29.879473][ T287] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24 [ 29.898913][ T287] RSP: 002b:00007ffdf369b1a8 EFLAGS: 00000246 ORIG_RAX: 000000000000003d [ 29.907155][ T287] RAX: 0000000000000124 RBX: 0000000000000009 RCX: 00000000004d49a6 [pid 359] <... set_robust_list resumed>) = 0 [pid 357] <... exit_group resumed>) = ? [pid 356] <... bpf resumed>) = 7 [ 29.914969][ T287] RDX: 0000000040000001 RSI: 00007ffdf369b1cc RDI: 00000000ffffffff [ 29.922781][ T287] RBP: 0000000000a90f90 R08: 0000000000000000 R09: 0000000000000000 [ 29.930711][ T287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a96d80 [ 29.938619][ T287] R13: 0000000000000125 R14: 00007ffdf369b1cc R15: 0000000000617180 [ 29.946565][ T287] [ 29.952423][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 29.964094][ T285] BUG: scheduling while atomic: sshd/285/0x00000002 [ 29.970552][ T285] Modules linked in: [ 29.974231][ T285] Preemption disabled at: [ 29.974242][ T285] [] __set_current_blocked+0x11b/0x2f0 [ 29.985412][ T285] CPU: 0 PID: 285 Comm: sshd Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 29.995943][ T285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 30.005837][ T285] Call Trace: [ 30.008954][ T285] [ 30.011742][ T285] dump_stack_lvl+0x151/0x1b7 [ 30.016261][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 30.021548][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 30.026837][ T285] ? io_uring_drop_tctx_refs+0x190/0x190 [ 30.032300][ T285] ? __set_current_blocked+0x11b/0x2f0 [ 30.037680][ T285] dump_stack+0x15/0x17 [ 30.041671][ T285] __schedule_bug+0x195/0x260 [ 30.046207][ T285] ? ttwu_queue_wakelist+0x510/0x510 [ 30.051577][ T285] __schedule+0xd0b/0x1580 [ 30.055824][ T285] ? __se_sys_ppoll+0x2b3/0x330 [ 30.060507][ T285] ? __sched_text_start+0x8/0x8 [ 30.065195][ T285] ? __x64_sys_ppoll+0xd0/0xd0 [ 30.069803][ T285] schedule+0x11f/0x1e0 [ 30.073791][ T285] exit_to_user_mode_loop+0x4d/0xe0 [ 30.078846][ T285] exit_to_user_mode_prepare+0x5a/0xa0 [ 30.084114][ T285] syscall_exit_to_user_mode+0x26/0x160 [ 30.089501][ T285] do_syscall_64+0x49/0xb0 [ 30.093762][ T285] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 30.099483][ T285] RIP: 0033:0x7f87d1201ad5 [ 30.103734][ T285] Code: 85 d2 74 0d 0f 10 02 48 8d 54 24 20 0f 11 44 24 20 64 8b 04 25 18 00 00 00 85 c0 75 27 41 b8 08 00 00 00 b8 0f 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 75 48 8b 15 24 73 0d 00 f7 d8 64 89 02 48 83 [ 30.123177][ T285] RSP: 002b:00007ffdd8e89020 EFLAGS: 00000246 ORIG_RAX: 000000000000010f [ 30.131523][ T285] RAX: 0000000000000002 RBX: 00000000000668a0 RCX: 00007f87d1201ad5 [ 30.139411][ T285] RDX: 00007ffdd8e89040 RSI: 0000000000000004 RDI: 00005576ccc6fb20 [ 30.147212][ T285] RBP: 00005576ccc6e5e0 R08: 0000000000000008 R09: 0000000000000000 [ 30.155031][ T285] R10: 00007ffdd8e89128 R11: 0000000000000246 R12: 00005576cb662aa4 [ 30.162834][ T285] R13: 0000000000000001 R14: 00005576cb6633e8 R15: 00007ffdd8e890a8 [pid 355] +++ exited with 0 +++ [pid 353] exit_group(0 [pid 352] +++ exited with 0 +++ [pid 359] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 357] +++ exited with 0 +++ [pid 356] exit_group(0 [pid 353] <... exit_group resumed>) = ? [pid 296] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=352, si_uid=0, si_status=0, si_utime=0, si_stime=25} --- [pid 359] <... prctl resumed>) = 0 [pid 356] <... exit_group resumed>) = ? [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=357, si_uid=0, si_status=0, si_utime=0, si_stime=23} --- [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=355, si_uid=0, si_status=0, si_utime=0, si_stime=20} --- [pid 359] setpgid(0, 0 [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 359] <... setpgid resumed>) = 0 [pid 359] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 291] <... clone resumed>, child_tidptr=0x55555632b650) = 360 [pid 359] <... openat resumed>) = 3 [pid 359] write(3, "1000", 4) = 4 [pid 359] close(3 [pid 296] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 359] <... close resumed>) = 0 [pid 359] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 296] <... clone resumed>, child_tidptr=0x55555632b650) = 361 [pid 292] <... clone resumed>, child_tidptr=0x55555632b650) = 362 [pid 359] <... bpf resumed>) = 3 [pid 359] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16./strace-static-x86_64: Process 361 attached [pid 361] set_robust_list(0x55555632b660, 24) = 0 [pid 361] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 361] setpgid(0, 0) = 0 [pid 361] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 361] write(3, "1000", 4) = 4 [pid 361] close(3) = 0 [pid 361] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73./strace-static-x86_64: Process 362 attached [pid 362] set_robust_list(0x55555632b660, 24) = 0 [pid 362] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 362] setpgid(0, 0) = 0 [pid 362] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 362] write(3, "1000", 4) = 4 [pid 361] <... bpf resumed>) = 3 [pid 362] close(3) = 0 [pid 362] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 361] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 362] <... bpf resumed>) = 3 [pid 362] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16./strace-static-x86_64: Process 360 attached [pid 360] set_robust_list(0x55555632b660, 24) = 0 [pid 360] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 360] setpgid(0, 0) = 0 [pid 360] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 360] write(3, "1000", 4) = 4 [ 30.170755][ T285] [ 30.178003][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 30.189998][ T287] BUG: scheduling while atomic: strace-static-x/287/0x00000002 [ 30.197542][ T287] Modules linked in: [ 30.201317][ T287] Preemption disabled at: [ 30.201332][ T287] [] remove_wait_queue+0x26/0x140 [ 30.211856][ T287] CPU: 0 PID: 287 Comm: strace-static-x Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0 [ 30.223282][ T287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 30.233177][ T287] Call Trace: [ 30.236299][ T287] [ 30.239081][ T287] dump_stack_lvl+0x151/0x1b7 [ 30.243589][ T287] ? remove_wait_queue+0x26/0x140 [ 30.248455][ T287] ? remove_wait_queue+0x26/0x140 [ 30.256635][ T287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 30.262103][ T287] ? remove_wait_queue+0x26/0x140 [ 30.267226][ T287] dump_stack+0x15/0x17 [ 30.271288][ T287] __schedule_bug+0x195/0x260 [ 30.275797][ T287] ? ttwu_queue_wakelist+0x510/0x510 [ 30.280918][ T287] __schedule+0xd0b/0x1580 [ 30.285350][ T287] ? _raw_spin_lock+0x1b0/0x1b0 [ 30.290755][ T287] ? __sched_text_start+0x8/0x8 [ 30.295480][ T287] ? child_wait_callback+0x200/0x200 [ 30.304643][ T287] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 30.313308][ T287] schedule+0x11f/0x1e0 [ 30.317283][ T287] do_wait+0x6e7/0xa10 [ 30.321189][ T287] kernel_wait4+0x29e/0x3d0 [ 30.325530][ T287] ? __ia32_sys_waitid+0xd0/0xd0 [ 30.330390][ T287] ? bpf_trace_printk+0x1be/0x300 [ 30.335258][ T287] ? kernel_waitid+0x520/0x520 [ 30.339846][ T287] ? wait_task_inactive+0x2cd/0x4f0 [ 30.344902][ T287] __x64_sys_wait4+0x130/0x1e0 [ 30.349492][ T287] ? kernel_wait+0x230/0x230 [ 30.354008][ T287] ? bpf_trace_run2+0xf1/0x210 [ 30.358610][ T287] ? __bpf_trace_sys_enter+0x62/0x70 [ 30.363732][ T287] ? __traceiter_sys_enter+0x2a/0x40 [ 30.369726][ T287] ? syscall_enter_from_user_mode+0x14d/0x1b0 [ 30.375621][ T287] do_syscall_64+0x3d/0xb0 [ 30.379862][ T287] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 30.385811][ T287] RIP: 0033:0x4d49a6 [ 30.389543][ T287] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24 [ 30.409632][ T287] RSP: 002b:00007ffdf369b1a8 EFLAGS: 00000246 ORIG_RAX: 000000000000003d [pid 360] close(3 [pid 359] <... bpf resumed>) = 4 [pid 353] +++ exited with 0 +++ [pid 360] <... close resumed>) = 0 [pid 359] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 360] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 359] <... bpf resumed>) = 5 [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=353, si_uid=0, si_status=0, si_utime=0, si_stime=19} --- [pid 360] <... bpf resumed>) = 3 [pid 359] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 360] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 359] <... bpf resumed>) = 0 [pid 359] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144./strace-static-x86_64: Process 365 attached [pid 295] <... clone resumed>, child_tidptr=0x55555632b650) = 365 [pid 359] <... bpf resumed>) = 6 [pid 365] set_robust_list(0x55555632b660, 24 [pid 359] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 365] <... set_robust_list resumed>) = 0 [pid 365] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 365] setpgid(0, 0) = 0 [pid 365] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 365] write(3, "1000", 4) = 4 [pid 365] close(3) = 0 [pid 365] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 365] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 356] +++ exited with 0 +++ [ 30.417862][ T287] RAX: ffffffffffffffda RBX: 0000000000a8f2f8 RCX: 00000000004d49a6 [ 30.425883][ T287] RDX: 0000000040000000 RSI: 00007ffdf369b1cc RDI: 00000000ffffffff [ 30.433782][ T287] RBP: 0000000000000000 R08: 0000000000000017 R09: 0000000000000003 [ 30.441981][ T287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a96c60 [ 30.450739][ T287] R13: 0000000000000000 R14: 00007ffdf369b1cc R15: 0000000000617180 [ 30.458986][ T287] [ 30.479788][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e7dad0 with preempt_count 00000103, exited with 00000102? [ 30.491323][ T285] BUG: scheduling while atomic: sshd/285/0x00000002 [ 30.497706][ T285] Modules linked in: [ 30.501448][ T285] Preemption disabled at: [ 30.501457][ T285] [] __set_current_blocked+0x11b/0x2f0 [ 30.512489][ T285] CPU: 0 PID: 285 Comm: sshd Tainted: G W 5.15.141-syzkaller-00899-g28e3f5851a99 #0